12/30/2009

Google Might Get Into Hosted Gaming Via YouTube

Filed under: — Aviran Mordo

There’s an interesting patent application from Google (GOOG) that was published earlier this month titled Web-Based System for Generation of Interactive Games Based on Digital Videos. Filed February 19, 2009 and published earlier this month, it describes a way to provide “the collaborative generation of interactive features for digital videos, and in particular to interactive video annotations enabling control of video playback locations and creation of interactive games.” And when you read through the description, it becomes clear that the games could be built atop videos submitted to a hosting site, which makes it sound as though Google plans to extend YouTube site into an associated gaming site

Microsoft rolls out Word patch

Filed under: — Aviran Mordo

Microsoft has begun offering what appears to be a patch for its popular Word software, allowing it to comply with a recent court ruling which has banned the software giant from selling copyright infringing versions of the word processing product.

In a statement last week, Microsoft’s director of public affairs, Kevin Kutz, said the firm had been preparing for the injunction decision handed down by the US Court of Appeals.

“With respect to Microsoft Word 2007 and Microsoft Office 2007, we have been preparing for this possibility since the District Court issued its injunction in August 2009 and have put the wheels in motion to remove this little-used feature from these products,” he explained.

Kutz said he expected to have copies of the software with the offending features removed available for sale by the injunction date, 11 January.

Now it appears that the patch is available on Microsoft’s OEM Partner Center Website, under the heading – “2007 Microsoft Office Supplement Release (October 2009)”.

“After this patch is installed, Word will no longer read the Custom XML elements contained within DOCX, DOCM, or XML files,” read the explanatory notes.

Hacker pleads guilty in Mass. to fraud case

Filed under: — Aviran Mordo

A computer hacker who helped orchestrate the theft of tens of millions of credit and debit card numbers from major retailers in one of the largest such thefts in U.S. history pleaded guilty Tuesday in the last of three cases brought by federal prosecutors.

Albert Gonzalez, a one-time federal informant from Miami, faces a prison sentence of up to 25 years under the terms of separate plea agreements. He is tentatively scheduled for sentencing in March.

“This is a young kid who did some reckless things and he’s going to pay a price for it,” said Gonzalez’s attorney, Martin Weinberg, after his 28-year-old client calmly answered guilty to charges of conspiracy and wire fraud.

Weinberg said Gonzalez was remorseful and that he would ask two federal judges hearing the cases to sentence Gonzalez to the lower end of the 17- to 25-year sentencing range spelled out in the plea agreements.

12/29/2009

Infamous Chinese pirates launch Ubuntu that looks just like Windows XP

Filed under: — Aviran Mordo

From the Chinese pirate masters of the non-sea-faring variety comes … Ylmf OS! Not happy with pirating Windows XP itself, these creative Chinese have gone one step further and hacked Ubuntu to look exactly like Windows XP. Why have they moved to Ubuntu? Because their previous release — a pirate version of Windows XP itself — is being cracked down on by Microsoft.

This isn’t the first time copycats or pirates have imitated a prevalent operating system. Cloned in China reported on the case of Tomato Garden Windows XP, another pirate distribution, where the creator was jailed for 4 years and fined $147,000. China has very lax piracy laws, but I would expect Microsoft to lean rather heavily on its friends there — if they have any — to make sure Ylmf OS is stamped out quickly. It might not be Windows itself, but you can sue for GUI copycatting too!

Good Guys Bring Down the Mega-D Botnet

Filed under: — Aviran Mordo

For two years as a researcher with security company FireEye, Atif Mushtaq worked to keep Mega-D bot malware from infecting clients’ networks. In the process, he learned how its controllers operated it. Last June, he began publishing his findings online. In November, he suddenly switched from de­­fense to offense. And Mega-D–a powerful, resilient botnet that had forced 250,000 PCs to do its bidding–went down.
Targeting Controllers

Mushtaq and two FireEye colleagues went after Mega-D’s command infrastructure. A botnet’s first wave of attack uses e-mail attachments, Web-based offensives, and other distribution methods to infect huge numbers of PCs with malicious bot programs.

The bots receive marching orders from online command and control (C&C) servers, but those servers are the botnet’s Achilles’ heel: Isolate them, and the undirected bots will sit idle. Mega-D’s controllers used a far-flung array of C&C servers, however, and every bot in its army had been assigned a list of additional destinations to try if it couldn’t reach its primary command server. So taking down Mega-D would require a carefully coordinated attack.

Mushtaq’s team first contacted Internet service providers that unwittingly hosted Mega-D control servers; his research showed that most of the servers were based in the United States, with one in Turkey and another in Israel.

The FireEye group received positive responses except from the overseas ISPs. The domestic C&C servers went down.

Next, Mushtaq and company contacted domain-name registrars holding records for the domain names that Mega-D used for its control servers. The registrars collaborated with FireEye to point Mega-D’s existing domain names to no­­where. By cutting off the botnet’s pool of domain names, the antibotnet operatives ensured that bots could not reach Mega-D-affiliated servers that the overseas ISPs had declined to take down.

Finally, FireEye and the registrars worked to claim spare domain names that Mega-D’s controllers listed in the bots’ programming. The controllers intended to register and use one or more of the spare do­­mains if the existing domains went down–so FireEye picked them up and pointed them to “sinkholes” (servers it had set up to sit quietly and log efforts by Mega-D bots to check in for orders). Using those logs, FireEye estimated that the botnet consisted of about 250,000 Mega-D-infected computers.

MessageLabs, a Symantec e-mail security subsidiary, reports that Mega-D had “consistently been in the top 10 spam bots” for the previous year (find.pcworld.com/64165). The botnet’s output fluctuated from day to day, but on November 1 Mega-D accounted for 11.8 percent of all spam that MessageLabs saw.
Three days later, FireEye’s action had reduced Mega-D’s market share of Internet spam to less than 0.1 percent, MessageLabs says.

FireEye plans to hand off the anti-Mega-D effort to ShadowServer.org, a volunteer group that will track the IP addresses of infected machines and contact affected ISPs and businesses. Business network or ISP administrators can register for the free notification service.

Mushtaq recognizes that FireEye’s successful offensive against Mega-D was just one battle in the war on malware. The criminals behind Mega-D may try to revive their botnet, he says, or they may abandon it and create a new one. But other botnets continue to thrive.

“FireEye did have a major victory,” says Joe Stewart, director of malware research with SecureWorks. “The question is, will it have a long-term impact?”

12/28/2009

Software fraudster ‘fooled CIA’ into terror alert

Filed under: — Aviran Mordo

A con man fooled US spooks into grounding international flights by selling them “technology” to decode al-Qaeda messages hidden in TV broadcasts, it’s claimed.

A long and highly entertaining Playboy article explains that in 2003, 50-year-old Dennis Montgomery was chief technology officer at Reno, Nevada-based eTreppid Technologies. The firm began as a video compression developer, but Montgomery took it in new and bizarre directions.

He reportedly convinced the CIA that he had software that could detect and decrypt “barcodes” in broadcasts by Al Jazeera, the Qatari news station.

The Company was apparently impressed enough to set up its own secure room at the firm to do what Montgomery called “noise filtering”. He somehow produced “reams of data” consisting of geographic coordinates and flight numbers.

In December 2003, it’s claimed CIA director George Tenet was sufficiently sold on Montgomery’s data to ground transatlantic flights, deploy heavily armed police on the streets of Manhattan and evacuate 5,000 people from the Metropolitan Museum of Art.

Homeland Security secretary Tom Ridge told the press the terror alert was the result of “credible sources - about near-term attacks that could either rival or exceed what we experienced on September 11″.

In fact, according to evidence from his former lawyer, Montgomery, the “credible source”, was a “habitual liar engaged in fraud”.

Inmate gets 18 months for thin client prison hack

Filed under: — Aviran Mordo

A former prison inmate has been ordered to serve 18 months for hacking the facility’s computer network, stealing personal details of more than 1,100 of its employees and making them available to other inmates.

Francis G. Janosko, 44, received the sentence earlier this week in federal court in Boston after pleading guilty to the hacking offenses in September.

In 2006, Janosko hacked a thin client that was connected to a prison server to access the employee database for the Plymouth County Correctional Facility in Massachusetts, prosecutors alleged. After obtaining the names, addresses, dates of birth, social security numbers and telephone numbers of the employees, he made them accessible to other inmates.

Although the machine was configured only to run a legal research program, the prisoner managed to use it to get free rein over a variety of unauthorized services. In addition to the employee database, Janosko was also able to access the internet to download videos and photographs of prison employees, inmates and aerial shots of the prison, according to court papers. The hacking took place between October 2006 and February 2007.

Microsoft IIS vuln leaves users open to remote attack

Filed under: — Aviran Mordo

A researcher has identified a vulnerability in the most recent version of Microsoft’s Internet Information Services that allows attackers to execute malicious code on machines running the popular webserver.

The bug stems from the way IIS parses file names with colons or semicolons in them, according to researcher Soroush Dalili. Many web applications are configured to reject uploads that contain executable files, such as active server pages, which often carry the extension “.asp.” By appending “;.jpg” or other benign file extensions to a malicious file, attackers can bypass such filters and potentially trick a server into running the malware.

There appears to be some disagreement over the severity of the bug, which Dalili said affects all versions of IIS. While he rated it “highly critical,” vulnerability tracker Secunia classified it as “less critical,” which is only the second notch on its five-tier severity rating scale.

370 Passwords You Shouldn’t (And Can’t) Use On Twitter

Filed under: — Aviran Mordo

As you may know, Twitter prevents people from doing just that by indicating that certain passwords such as ‘password’ (cough cough) and ‘123456′ are too obvious to be picked.

It just so happens that Twitter has hard-coded all banned passwords on the sign-up page. All you need to do to retrieve the full list of unwelcome passwords is take a look at the source code of that page.

Do a simple search for ‘twttr.BANNED_PASSWORDS’ and voilà, there they are, all 370 of them.

This isn’t a security issue, of course, and in fact it’s helpful to distribute the list so you can check if your favorite password that you use for other services might not be as fail-proof as you’d like to think. For the full list, simply download this TXT file, but here are a couple:

- password
- testing
- naked
- stupid
- twitter
- 123456
- secret
- please
- beavis
- butthead
- internet
- hooters

12/24/2009

DDoS attack hobbles major sites, including Amazon

Filed under: — Aviran Mordo

An attack directed at the DNS provider for some of the Internet’s larger e-commerce companies–including Amazon, Wal-Mart, and Expedia–took several Internet shopping sites offline Wednesday evening, two days before Christmas.

Neustar, the company that provides DNS services under the UltraDNS brand name, confirmed an attack took place Wednesday afternoon, taking out sites or rendering them extremely sluggish for about an hour. A representative who answered the customer support line said the attacks were directed against Neustar facilities in Palo Alto and San Jose, Calif., and Allen Goldberg, vice president of corporate communications for Neustar, confirmed that at about 4:45 p.m. PST, “our alarms went off.”

Goldberg said the company received a disproportionately high number of queries coming into the system, and analyzed it as an attack. Neustar deployed “a mitigation response” within minutes of the attack, he said, and brought matters under control within an hour. The response limited the problems to Northern California, he said.

In addition to the high-profile sites, dozens of smaller sites that rely upon Amazon for Web-hosting services were also taken down by the attack. Amazon’s S3 and EC2 services were affected by the problems, according to Jeff Barr, Amazon’s lead Web Evangelist, who retweeted a report to that effect without clarification and confirmed it in later tweets.

For a brief period Wednesday evening, “ultradns” was the top search term on Google, likely as frantic technicians at Web sites attempted to figure out what was going on with their sites.

12/23/2009

Amazon’s Kindle has copyright protection hacked

Filed under: — Aviran Mordo

An Israeli hacker claims to have broken the copyright protection on Amazon’s Kindle e-reader, reports say.

The hack will allow the ebooks stored on the reader to be transferred as pdf files to any other device.

The hacker, known as Labba, responded to a challenge posted on Israeli hacking forum, hacking.org.

It is the latest in a series of Digital Rights Management hacks, the most famous being the reverse engineering of iTunes.

The Kindle e-book reader has been very successful since it was launched in the US in 2007.

Amazon hopes to have sold a million devices by the end of the year.

It leaves it to individual publishers whether they want to apply DRM but books in its main proprietary format .azw, cannot be transferred to other devices.

It did not immediately respond to the news but it is likely it will attempt to patch its DRM software.

Mom calls cops for help with son’s gaming addiction

Filed under: — Aviran Mordo

A 14-year-old boy’s mother had enough with her son’s gaming over the weekend. After turning off the console hoping he would stop gaming, she called police to ask for their help in solving her son’s “addiction.”

Angela Mejia had enough with her son’s gaming when she found him playing Grand Theft Auto at 2:30 a.m. She told him to go to sleep, but he refused.

“Sometimes I want to run away, too,” Mejia told the Boston Herald. “I have support from my church, but I’m alone. I want to help my son, but I can’t find a way.”

After unplugging her son’s game console, she decided to call 911. Police came to Mejia’s home and coaxed the boy into going to sleep.

Powered by WordPress