Difference between revisions of "Episode43"

From Security Weekly Wiki
Jump to navigationJump to search
Line 19: Line 19:
  
 
[http://news.com.com/Websense+Samsung+site+hosts+Trojan/2100-7350_3-6113611.html?part=rss&tag=6113611&subj=news Samsung website hosting Trojan] - [Larry] - whoops, who missed this one?  Websesne found it, why didn't Samsung?  Why didn't the attacker modfy the Samsung pages to deply?  Click-kiddie?
 
[http://news.com.com/Websense+Samsung+site+hosts+Trojan/2100-7350_3-6113611.html?part=rss&tag=6113611&subj=news Samsung website hosting Trojan] - [Larry] - whoops, who missed this one?  Websesne found it, why didn't Samsung?  Why didn't the attacker modfy the Samsung pages to deply?  Click-kiddie?
 +
 +
[http://blog.facebook.com/blog.php?post=2208562130 Facebook introduces new feature, kids outraged at invasion of privacy] - [Joe] - Hey looks like facebook's privacy policy is finally getting a little bit of attention. Their new "feed" feature allows users to see what another user's detailed activity has been. Shockingly it shows activity logged since before the feature was introduced... ask Twitchy what facebook's log retention policy is....
  
 
== Stories of Interest ==
 
== Stories of Interest ==

Revision as of 17:22, 8 September 2006

Stories for Discusion

Wifi guidance becomes law in Cali - [PaulDotCom, Larry] - Check out Schenier's comments here. ...stickers need to be on wiresles devices (among other solutions) to warn end users. I like one of the comments: "By removing this sticker, you acknowledge this product does something you don't (and probably never will) understand.". I mean, stickers are not the way to secure a wireless network!

Mobile Spy Tool - [PaulDotCom] - Cool concept and demo video from F-Secure.

WiFi fingerprints could end MAC spoofing - [? and Larry] - fingerprint the radio (not the driver)

RFID Bugs found in British trash cans - [PaulDotCom] - Look, look, he's taking out the trash!

Kismet on a Nokia 770 - [PaulDotCom] - Yes, it is cool, and yes I bought one pretty much just so I can run kismet on it :)

Security "pro" pleads guilty in USC attack - [Larry] - Wierd, a "pro" hacking without permission, then performing appropriate disclosure, then pleading guilty. There were some apparent ulterior motives....

Disclosure Survey - [PaulDotCom] - "Federico Biancuzzi surveys statements from some of the world's largest software companies about vulnerability disclosure, interviews two security companies who pay for vulnerabilities, and then talks with three prominent, independent researchers about their thoughts on choosing a responsible disclosure process."

Boardroom Spying at HP - [Larry and ?] (slashdot)- Chairwoman Patricia Dunn utilizes communications spying and even pretexting to investigate an internal leak..of information. This could have an impact on pretexting legislation (apparently there already is some)

Building a Better BT Sniper Rifle - [PaulDotCom, Larry] - This link made an appearance in my presentation and certainly worth discussing. They used the rifle to snarf people in the next building over.

Samsung website hosting Trojan - [Larry] - whoops, who missed this one? Websesne found it, why didn't Samsung? Why didn't the attacker modfy the Samsung pages to deply? Click-kiddie?

Facebook introduces new feature, kids outraged at invasion of privacy - [Joe] - Hey looks like facebook's privacy policy is finally getting a little bit of attention. Their new "feed" feature allows users to see what another user's detailed activity has been. Shockingly it shows activity logged since before the feature was introduced... ask Twitchy what facebook's log retention policy is....

Stories of Interest

Stepper motor+ cantenna= OHH yeahhh - [Larry, Joe] (from hackaday) How about this attached to zoneminder for tracking a moving wifi target (car, plane, train, twitchy drinking red bull) --Jconlin 13:31, 1 September 2006 (EDT)

The Sleuth Kit for Windows - [Larry] - No more compiling, prebuilt windows binaries.

Hackers hit govt Wiki - [Larry] - When using new tech, make sure you understand it first! Secure your wiki!

Hackers go back to school - [Larry] - Most US hack attempts are against universities according to this study bu the AARP. AARP? The Americal Association or Retired Persons? What?

Insecure Mag 1.8 out - [Larry] - Some good reading, and free.