I wound up not giving the whole presentation to the DC chapter of the Internet Society last week because the format got changed up at the last minute. But anyway, here is the presentation I would have given in PDF and OpenOffice Presentation formats.
It's been a really busy week or two so I haven't had time to write much. I realize that it's only common sense, but I still find it amusing that I have the least time to write about what's going on when the most is happening. Funny, how that happens. Anyway, once the opportunity presents itself I like sitting down to make an attempt at describing everything that's been happening. I've mostly been posting hit and run messages to Twitter lately (like everybody else on the planet these days) because I can do that without looking up from everything else …
Back in 2002, the desktop security company Symantecbought out Securityfocus, which at the time was one of the biggest clearinghouses of information security related information. Everything from mailing lists to archives of whitepapers can be found there, and for many years it was pretty much the first place to go if you wanted to monitor vulnerability reports and software releases. After Symantec bought them out there was some concern that Securityfocus would decline in quality as time and energy might no longer be spent maintaining and updating the website. That didn't happen, thankfully, but last week the other shoe …
Late last year, the bank account of an outfit in Texas called Hillary Machinery, Inc. was siphoned to the tune of $800kus after their online banking credentials were compromised. The bank they did business with, PlainsCapital, required customers to supply a username and passphrase and then enter a single-use passphrase e-mailed to a certain address a few minutes later to complete the authentication process. Investigation showed that IP addresses roughly corresponding to networks in Italy and Romania were used to initiate the transfer of funds to bank accounts in the Russian Federation and Eastern Europe. From this evidence, it seems …
When I first started driving I taught myself how to navigate Pittsburgh by filling up my car with gas, picking a direction to drive in for fifteen or twenty miles, and getting thoroughly lost. I’d then spend the evening trying to get back home, or failing that, someplace that I recognized and could navigate from. I was thinking about that this morning as I attached a GPS puck to the roof of my car and ran the interface cable through the window. It’s been a long and busy couple of weeks, so while Lyssa was out and about …
One of the most arcane yet commonly encountered pieces of equipment on the Net today are routers - devices (usually big, expensive devices) that look at the destination IP addresses of each packet they see and decide which port to throw them out of to help them on their way. Usually you don't see them up close because they tend to live in data centers or wiring closets (for smaller shops) in racks, safely locked away. While there are a couple of manufacturers out there who specialize in them, for people in the know the first thing they think of when …
Every once in a while a news article about attempts to crack US military and government systems coming out of China or the Middle East hits the 'wires; rumors of groups of systems crackers belonging to the Air Force/United Nations/Department of Homeland Security/Microsoft/the Illuminati regularly make their rounds at hacker conventions. Military data nets are increasingly becoming targets of crackers from abroad, safe from prosecution and extradition because it's so difficult to start legal proceedings against someone you don't even know, let alone can grab by the scruff of the neck (police dramas and MLATs to …
I know this is late in coming, but real life has a better framerate sometimes. Anyway, a security research outfit called Secure Medicine, following in the footsteps of security researcher Gadi Evron raised some interesting questions about the current generation of biomedical cardiac implants in use these days, such as pacemakers and LVADs (left ventricular assist devices). Due to the fact that these devices are remotely controllable to a certain extent via wireless data link they are vulnerable to compromise by attackers and may be manipulated. This sounds asanine, but LVADs are implanted …
The Washington Post ran an interesting article about the one-year anniversary of the release of the Storm Worm botnet agent about two weeks ago, possibly the most successful and virulent malware agent yet released on the Net. The Storm Worm beastie is unusual in that the botnet is a decentralized collective, i.e, all of the infections don't report into a single C&C channel but instead use a peer-to-peer networking protocol (a variant of the eDonkey protocol, specifically), so it can't be killed by taking down a single server. It is also interesting because updates are periodically released for …
Earlier this month, George W. Bush authorized a classified government directive that authorizes the National Security Agency to monitor the data networks of other US government agencies as well as monitoring the communications traffic of American citizens and foreign countries. The specifics can't be released due to the security classification but it is known that the US government is very concerned about its information security posture (no jokes, please) and their first remediation step involves understanding what's going on inside their networks. The Office of the Director of National Intelligence is charged with coordinating efforts to track down the sources …