Feeds

* Posts by Celtic Ferret

12 posts • joined 3 Oct 2007

Pro-Wikileaks hacktivistas in DDoS dustup with patriot contras

Celtic Ferret
Happy

Required information

What inquiring minds really need to know from WikiLeaks is the precise brand of prophylactic that failed; sort of a "Consumer Reports" function.

0
0

BOFH: Defiling the profile

Celtic Ferret
Thumb Up

Gaming the web 2.0 crowd...

This should be taught in schools...

Speaking of that...

RT@Ofsted: "Primary schools to teach Twitter and Wikipedia"

http://notnews.today.com/2009/03/26/rtofsted-primary-schools-to-teach-twitter-and-wikipedia/

0
0

Best Buy removes craplets for $30

Celtic Ferret
Thumb Up

The PC Decrapifier

http://pcdecrapifier.com/

0
0

Yahoo! opens search to all

Celtic Ferret
Boffin

Scroogle scraper

Pretty much gave up on Yahoo! when they acquired Claria's "database that should have been destroyed."

Here's a good read:

What Microsoft wants from Yahoo

http://www.techuser.net/microsoft-yahoo.html

See also

http://en.wikipedia.org/wiki/Talk:Claria_Corporation#Rise_of_the_dreaded_undead.21

But if you actually want to find something your best bet hands-down IMHO is

http://www.scroogle.org/

0
0

Consumer group slams 'unfair' software licenses

Celtic Ferret
Thumb Up

The Software Vendor License Agreement

The Software Vendor License Agreement - a counter-agreement for those shrink-wrap or "clickwrap" EULAs (End User License Agreements) software companies make you agree to. Highly recommended reading:

http://cexx.org/svla.htm

0
0

Dell tells customer 'Mac is good option'

Celtic Ferret
Unhappy

@Rich: Scroogle for "malware for Macs"

First rogue application for Macintosh system

http://www.f-secure.com/weblog/archives/00001362.html

Opener Malware, October 2004 (aka SH.Renepo.A / SH.Renepo.B)

http://www.macintouch.com/opener.html

Hackers debut Mac OS X adware

http://www.theregister.co.uk/2006/11/24/mac_os_x_adware/

Mac OS X malware latches onto Bluetooth vulnerability

http://www.theregister.co.uk/2006/02/17/macosx_bluetooth_worm/

Good read: "Detecting and avoiding malware and spyware"

http://www.thexlab.com/faqs/malspyware.html

They provide links to learn more about:

The OSX.Macarena virus

The kernel extensions of the Sony rootkit

OSX.Exploit.Launched (Trojan horse)

OSX.Inqtana.A, which propagates via Bluetooth®

OSX.Leap.A deletes, infects, or corrupts files and attempts to spread through iChat.

MacOS.MW2004.Trojan,

Spector commercial spyware

0
0

Browser vulns and botnets head threat list

Celtic Ferret
Alert

The devil IS the detail

Next it will be that your GPS can be used to unlock your car doors, or your X-Box can disable your home security system, or your pacemaker can be used to give you nightmares, or that RFID tag in your toothpaste tube can give you ED.

"We really must be able to depend on shrink-wrapped products to be malware-free."

Quite a few outfits have been shipping shrink-wrapped malware for years. Complete with EULAs that state that it is unfit for any purpose and limiting your legal recourse.

So far as I know, no malware to date is capable of causing real physical harm. That would be next. That ringtone synched to your theta waves. That subliminal message in that spam that makes you "buy our stuff" and then "assassinate this political figure."

Remember Queensryche's - Operation Mindcrime (1988)?

Precisely what is that image at the bottom of

http://www.johndiesattheend.com/jdate2/intro.html

?

0
0

Malware hitches a ride on digital devices

Celtic Ferret
Unhappy

Coming soon to a toaster near you...

"Consumers will have to be careful with any device that can be connected to a PC, including USB thumb drives, GPS devices, mobile phones, video players, set top boxes, portable hard drives, memory card readers, and eventually even microwave ovens and other appliances, he said."

"Kodak works very closely with our suppliers to see that they have the latest version of antivirus software on the manufacturing systems," Landry said. "We also ask that any PCs in the factory are not connected to the Internet."

Kodak is not among the manufacturers whose products were allegedly compromised by the Trojan horse program.

This appears to be BS ("Business-Speak" :)

The local CVS Pharmacy has a Kodak photo development kiosk. I use it because it accepts USB thumbdrives. When I first used it it was glacial slow, and the storeperson said it had become infected. Another issue was that it was out of a special paper it used in one bin, and I got to observe the boot process. Win2k with NO anti-virus!

My general comment at the time was to always scan your media (memory card, thumbdrive, whatever) when returning from a public kiosk. (I didn't consider Trojan Horses, actually. But that was before the Sony rootkit incident and most people didn't know what a rootkit was.)

I suppose microwaves, toaster ovens, coffee machines and even the lowly toaster will soon have "recipe cards" that can piggyback something that could give you a $30,000 phone bill. Imagine trying to explain that it was your toaster that made all those calls to AnalCreamPieCumFartCocktailAssault.com...

0
0

Microsoft spits out final XP service pack, beta version

Celtic Ferret
Boffin

WinXP SP3 ≠ WinVista

Like that "random number generator Microsoft is bundling with (Fistula) SP1 with the backdoor exploitable by the National Security Agency?

http://www.schneier.com/blog/archives/2007/12/dual_ec_drbg_ad.html

Or more "Digital Consumer Enablement?"

Actually, this is completely backwards. It should be

Review: Windows XP

http://dotnet.org.za/codingsanity/archive/2007/12/14/review-windows-xp.aspx

"I have finally decided to take the plunge. Last night I upgraded my Vista desktop machine to Windows XP, and this afternoon I will be doing the same to my laptop..."

0
0

Grisoft acquires LinkScanner

Celtic Ferret
Black Helicopters

Connection

I've no idea how LinkScanner does it, but I think there should be a big bat handle toggle switch on the front of the computer. Up - red light - network connected. Down - green light - ethernet clock pulse only; no external connection.

One switch for every NIC in the box. (Remember the reset switch? And how invaluable it was for software debugging? Sometimes the mobo circuitry is there but the box builder omitted the switch/wires/connector to cut costs.)

Anyway, LinkScanner could use multiple NICs paired with multiple web connections and multiple browser instances (even dial-up) to accomplish scanning in a honeypot. One issue is malware targeting specific countries that wouldn't be triggered if you were coming from the wrong country code, and I'm sure there are additional issues because several people think the current trend of these "safe site" apps are rather worthless.

0
0

Dutch Consumer Association declares war on Vista

Celtic Ferret
Unhappy

This should be an opportunity

One of our boxes got struck by lightning so we had to enter the new hardware fray. New (cheap & fast) business desktops are Vista preinstalled with maybe no XP drivers available anywhere. Things have gotten real ugly..

I cannot believe that there are no websites out there that give new hardware boxes that have XP drivers available. Take the Compaq Presario SRS5250NX in this weeks Staples advert for US$540 (before their @#$%& "easy rebates"). I should be able to plug "SRS5250NX" into a javascript and know if my XP will have video/audio/network. I did find one outfit that will make a new XP box (www.jncs.com) but there have to be hundreds. Anyone know?

0
0

UK police can now force you to reveal decryption keys

Celtic Ferret

To summarize:

1) Use Truecrypt to make multiple levels of encrypted drives WITHIN encrypted drives, that are invisible unless you attempt to open them with the right password. http://www.truecrypt.org/docs/plausible-deniability.php

2) As encryption is supposed to make encrypted data indistinguishable from random noise, claim that the media full of encrypted goodies is actually just a one-time encryption pad made for an exercise. Argument mode engage:

Monty Python Sketch - The Argument http://www.infidels.org/library/modern/mathew/sn-python.html

3) Encrypt the data with multi-part keys with the other key holders outside of jurisdictional reach... and these key holders are children. (Children are classified differently than adults in criminal proceedings because they don't have the capability to reason or understand the repercussions of their actions.)

4) Use AACS / DeCSS to encrypt the keys, dragging the DMCA into the mire...

For extra credit/fun: (Convict someone for non-possession of something!)

Construct an email from an IP-spoofed public access point to someone you wish to accuse of witchcraft, encrypt it, imply that the encrypted part contains state secrets and/or a terrorist plot. Then, construct a reply. Report said persons to the police. They will then demand the keys from the implicated people, but neither party will have access to the encrypted data since neither has ever had the key, however, they will still be guilty under the law for failing to disclose something that they never had, but cannot prove it. (Sink=Drown, Float=Burn-at-stake)

---

"Thank you for self-identifying yourself and those around you as Freedom Suspects. Rest assured, we are now forwarding your IP information and shoe size profile to a team of black hat pros at HQ. The 414s say hi."

0
0