Archive for November, 2007

Why Hackers Love Wi-Fi

Hackers love wireless networking. At DefCon 15, it was easy to predict which sessions would have lines running out the door and require getting there well in advance for a seat – it was the sessions with “wireless” or “Wi-Fi” in the title. The Wireless Village was very popular, and many of the hacking contests […]

anonymity, attacks, authentication, crypto, risk

SMB Reflection Made Way Too Easy

Windows file sharing operates via an old protocol called SMB (Server Message Block.) In modern Windows operating systems, it operates over TCP/445, though older versions of Windows also made use of NetBIOS (UDP/137, UDP/138, and TCP/139). Due to the ubiquity of Windows file shares on corporate Intranets, in general these ports are open to basically […]

attacks, authentication, crypto

Backdoored PNRGs from the NSA

Bruce Schneier has an article at about the new government-sponsored official standards for random number generators in NIST Special Publication 800-90.  Apparently, it’s possible that one of them contains a back-door for the NSA; depending on how the constants in the algorithm were chosen, the NSA may have another set of constants that let […]

crypto, legal, privacy, society

The Trouble with Copy Protection

SecurityFocus reports that a patch has been issued for a vulnerability in the Macrovision SafeDisc driver.  Apparently, due to a flaw in how the driver handles configuration parameters (which probably means a garden-variety buffer overflow), it’s possible for a local user to use the driver to elevate privilege all the way to the kernel. This […]

dmca, piracy, risk, trusted client

Social Engineering For Hire

There’s an article in PC Magazine about a company called TraceSecurity that performs audits of physical security via social engineering.  Essentially, companies hire them to steal data, and they do so by simply talking their way into the facility and getting unrestricted physical access to the servers. If a skilled attacker has unrestricted physical access […]

attacks, physical security, risk