The fragility of the Internets – as demonstrated by Pakistan / Youtube

I love how fragile the Internet really is.  This is demonstrated from time to time and when it is – I’m drawn to it like a police chase on live TV . . . sometimes the root name servers come under attack or someone figures out a neat way to poison DNS caches, or cuts 5 undersea…

1

Cold boot attacks on encryption keys

UPDATE 2/27/2008:  Douglas MacIver wrote an excellent and very authoritative blog post here on this topic – I highly recommend reading his blog post instead of mine. 🙂 http://blogs.msdn.com/si_team/archive/2008/02/25/protecting-bitLocker-from-cold-attacks-and-other-threats.aspx  ————————————————————————————–So last week some Princeton students released some information on research they had done in the area of data remnants in DRAM chips after power had been removed…

1

SWI Defense in the news

My boss is apparently allowed to speak to the press. 🙂 http://www.eweek.com/c/a/Security/Behind-the-Scenes-at-Microsofts-Secure-Windows-Initiative/


Blackhat Day 4 – DTrace and PINK

This morning I attended a session on DTrace which is a sort of tracing capability created by Sun for Solaris 10 that can be ported to other OS’s.  Some engineers from SAIC have figured out how to make this useful for reverse engineering, vuln discovery and even things like exploit prevention (HIPS) . . . the…


Blackhat Federal – Notes from Days 1-3

So I’m at Blackhat Federal this week – doing the training thing (IDA class with Chris Eagle – fairly good / broad intro to IDA and it’s capabilities) and today was the first day of the sessions.  It’s been a great con so far . . . Monday and Tuesday I got to have lunch with Dave…

1

Asus / Apple / Wii pwnage & The press starts to wonder if maybe it’s time to consider 3rd party apps dangerous?

Asus Eee PC owned out of the box (hint runs Linux): http://www.risesecurity.org/blog/entry/6/ Yet another Apple Quicktime 0-day posted 2 days ago: http://seclists.org/fulldisclosure/2008/Feb/0304.html The Wii has been pwn3d via a stack smash to run homebrew code – will Nintendo respond?  Do they have an easy way to update Wiis?: http://www.engadget.com/2008/02/13/wii-pong-the-twilight-princess-hack-evolves/ And finally Ars ponders whether or…

1

SecureWorks / Team Cymru solve the mystery of the Mega-D Trojan

Joe Stewart is the man . . . I have a ton of respect for him and everyone at Team Cymru.  They teamed up to find the C&C for the Mega-D trojan and Joe has done another one of his excellent write-ups here: http://www.secureworks.com/research/threats/ozdok/?threat=ozdok What I find interesting is: This malware appears to have been…

1

New measure of code quality

http://www.veracode.com/blog/?p=77Hilarious . . . I can finally explain what my team does to my less technical friends / family with that simple drawing.

2