Researcher Intercepts GSM Cell Phones During Defcon Demo
DEFCON18 — Las Vegas — A hardware hacking expert here at Defcon18 successfully faked several attendees’ cell phones into connecting to his phony GSM base station during a live demonstration that had initially raised concerns at the Federal Communications Commission (FCC). Read the full article – [Dark Reading]Video Streaming Feed at Black Hat Hacked
A security expert found a way to catch the talks at Black Hat for free, thanks to bugs in the video streaming service used by the security conference. Read the full article. [IDG News Service]
BSD Operating Systems. August issue is here!
I am happy to introduce you August issue. This time we will be mentioning Windows, Ubuntu in our magazine, but surely it will be more than connected to BSD.
Get yourself a copy and let us know if it was usefull and interesting.
We also have modified and have another survey for you, please find some time to fill it in.
And we are looking for authors, betatesters and proofreaders with russian as a native language.
Please contact olga.kartseva@bsdmag.org in case you want to contibute or have an idea where we should announce this news.
Please spread the word about it on your blogs, forums, websites!
Thank you!
Facebook Hacked or Not? – 100 Million User Profiles on Public Site
Recently in the media, there has been a big “commotion” about the 100 million Facebook profiles containing user IDs, names, URLs and other data that was obtained and place into a file and posted online by Ron Bowles a security consultant. The media and surprisingly many security professionals have been spinning this matter as massive hack on Facebook and its users, when it fact it really was not.
The data obtained by Bowles were publicly available information that can be acquired by conducting Internet searches using Google, Yahoo and Bing to name a few. Reports stated, Bowles implement a “scraper” which is a small program to collect data from Facebook’s website automatically and the result was a 2.8GB file that he later posted on a peer-to-peer site.
So the driving question is it a hack or not?
To best answer that questions here are some points:
When creating a Facebook account, the user is given many options to what information will be available to the public. The user has the option of sharing “nothing”, “everything” or “a little”. Depending on what was selected will depend on what others are able to view and if your information was obtained by Bowles.
Computer hacking usually involves a degree of infringement on the privacy of the victim or damage to computer-based property. Bowles legally scanned and placed the files in a database, but many feel their privacy was infringed on even though the information was already publicly available.
This event should raise the awareness of what people are doing on Facebook and if they are comfortable enough with the information, they are putting out there. Facebook users need to take stock of their conversations and what information they are posting to others. That information can be used to create a profile along with the publicly available data that can lead to identity theft.
What is your position on the Facebook event?
August Issue of Hakin9: Securing the Cloud – Free Download
• Prey: A New Hope
Misplaced your laptop or had it stolen? You are not alone.
– MERVYN HENG
• An introduction to Reverse Engineering: Flash, .NET
This article is about the demonstration of Reversing of Flash and .NETapplications. This is an introductory article showing basics of decompiling/ disassembling. In the first I have chosen to show reversing of Flash files and .NET files and how to patch them.
– NILESH KUMAR
• Web Malware – Part 1
The Internet has been plagued by a variety of Malware that use the Web for propagation and as these threats loom around in the Internet it can infect even the smartest and the most tech savvy computer users.
– Rajdeep Chakraborty
• Cyber warfare with DNSbotnets
Botnets aren’t just a fad or items being sold and purchased like items on ebay, but are becoming carefully designed tools used for cyber war. In this article we will discuss what a Botnet is, and the next generation of Botnets over DNS.
– Francisco Alonso
• Search Engine Security and Privacy
It’s no secret that search engines like Google, Yahoo, Bing (MSN) retain search data and metadata regarding searches. They are open about doing so. What’s unsure, though, is to what extent this creates a long-term threat to information security and privacy. This article briefly reviews what data is retained and stored by these search engines and what readers can do to protect their information.
– Rebecca Wynn
• Securing the Cloud: Is it a Paradigm Shift in Information Security?
First let me start by saying No. There’s really nothing new in the Cloud except where risk appears to shift. But does it really? I would argue that it increases your risk and there can be no shift of blame for a successful Cloud attack and breach of confidential data stored in the Cloud. You are ultimately responsible.
– Gary Miliefsky
• Radio Frequency-enabled Identity Theft
A discussion on how radio frequency-enabled technology could leave people vulnerable to identity theft and then potential identity fraud.
– JULIAN EVANS
• Intelligence Monopolies
In general a monopoly is bad for an industry. Prices invariably increase beyond reasonable production costs and innovation stops. It’s a natural law that competition brings about new advances and achievement.
– MATTHEW JONKMAN
• Capturing the New Frontier: How To Unlock the Power of Cloud Computing
So here’s a question: Which IT sector accounts for fully 25% of the industry’s year-over-year growth and, if the same growth trajectories continue, will generate about one-third of the IT industry’s net new growth by 2013?
– MIKE ARMISTEAD
iPhone Jailbreaking: Security Concern or Not?
Charlie Miller of Tipb.com stated, “Turns out that if you jailbreak your iPhone you remove most of the Apple’s security protections — 80% to be exact — and are vulnerable to attacks.”
That statement seems to resonate across the cell phone app community when discussing the adverse effects of jailbreaking Apple’s iPhones. In two recent articles, one by Terrance Gaines titled, “The Government Approves “Jailbreaking” of Mobile Devices” and the other by Nick Farrell titled, “Apple loses in Digital Millennium Copyright ruling” Congress deems jailbreaking and the unlocking of phones legal with stipulations.
For those who are not familiar with the term jailbreak, it is freeing a device from the constraints imposed by the vendor. It normally requires the installation of software on a computer that will allow it to be installed on the device thus breaking it wide open for access and full modification as well as access to third party non-approved software.
There seem to be two sides to the concept of jailbreaking when it comes to the iPhone. Many feel, by Apple controlling which apps are sold through their AppStore they can limit the amount malicious software by conducting internal reviews of the applications for operating safety and compliance.
While others contend, jailbreaking an iPhone is not dangerous or unsafe. Many feel if the user use common sense and review the applications before downloading it, that they should be fine and If something were to go adversely wrong, implement the factory reset procedures would revert the iPhone back to factory default and under Apple’s protection once again.
On a blog posting a user stated, “It’s frustrating to know that the device can do so much more and is only limited by Apple’s short sited administrative hold.”
Personally, if you are a tech savvy individual and understand what to out look for, then jailbreaking the iPhone maybe something you are comfortable with, but for those that are not as tech savvy or do not have a clue on what to look for, I would recommend that you do not jailbreak your phone. Once you jailbreak your iPhone, you are on your own and are outside of all of Apple’s security controls.
What are your feelings on the iPhone Jailbreaking matter?
