Credit and bank card numbers of as many as 240,000 subscribers of The Boston Globe and Worcester Telegram & Gazette were inadvertently distributed with bundles of T&G newspapers on Sunday, officials of the newspapers said yesterday.

HAHAHAHA

Subscriber credit data distributed by mistake - The Boston Globe

TinyDisk is a program from saving and retrieving files from TinyURL and TinyURL-like services such as Nanourl. It overlays a write-once-read-many anonymous, persistent and globally shared filesystem. Once something is uploaded, only the database admin can delete it. Everyone can read it. No one can know who created it. Think of it as a magical CD-R that gets burned and placed on a network.

This is a file system Acidus demoed at Phreaknic that runs on top of the link shortening service TinyURL. Its the perfect case study of how to write meaningful extensions on top of existing web applications, which was the topic of Acidus's presentation.

He's already uploaded some fun stuff into TinyURL, like The Adventures of Sherlock Holmes, and even TinyDisk itself. Thats right, the program to read and write to TinyURL is stored inside TinyURL! It was also very cool to see other people starting to use it.

I was doing some searching around yesterday, and it appears there is some interest in this tool coming from China.

TinyDisk - An anonymous shared file system on top of TinyURL

The carwhisperer project intends to sensibilise manufacturers of carkits and other Bluetooth appliances without display and keyboard for the possible security threat evolving from the use of standard passkeys.

...

Once the connection has been successfully established, the carwhisperer binary starts sending audio to, and recording audio from the headset. This allows attackers to inject audio data into the car. This could be fake
traffic announcements or nice words. Attackers are also able to eavesdrop conversations among people sitting in the car.

This could be fun. :)

trifinite.org - the home of the trifinite.group

Kudos to MemeStreams user Dagmar for putting together a post with breaks the technical aspects of Lynn's disclosure down in a way that non-technical people can understand. Be sure to click through and read his entire post.

Someone who takes the time to tie a few existing exploits together and utilize a technique similar to what Lynn discovered to make a worm that infects equipment, spends a small amount of time trying to infect other equipment, and then viciously puts the equipment out of commission in the aforementioned fashion, could in a very real sense turn off large chunks of the Internet.

No, I was not joking about the last sentence. If you work in an IT (Information Technology shop) take a moment to look around your office at all the very important equipment you have that just happens to have the Cisco logo on it. (I say "just happens to have the Cisco logo" because the root problem here has nothing to do with Cisco in particular, they're just the first company who have had this weakness uncovered--and as I said earlier, they were already in better shape than most.) Now imagine what would happen if that all that equipment just shut off, and you couldn't get it back up and running any time in the next twelve hours or so. You might think, "well, I will just go to their website and get the updates" but no, no... the Internet connection ran through one of the pieces of equipment that is now down so you can't do that. ...and even if it's not, there's a good chance that the people who your company connects to in order to reach the Internet has equipment that's has been effected, so you still can't get to the website with the updates you need. So you pick up the phone and call the manufacturer, and get to wait on hold for a very long time indeed, because many thousands of other people are just as stuck as you are. FedEx can get things out fast, but they're not nearly instantaneous, and hundreds of thousands of packages all marked "Red Tag, Highest Priority" at once are going to give them fits. Unless you know someone with magic powers of teleportation, you're looking at a very long wait for a package to be delivered by a truck that can fix your problem, and you're going to have to deal with all the upper-management types freaking out in the meantime. (Mind you, if you're lucky, your inter-office email system will also have been shut down by this, so they can only get to you through your cell phone and pager, which limits the number of panicked managers who can get to you at once.)

One message that Dagmar tries to get across in this, that should be spread and embraced, is that equipment (and software) mono-cultures are inherently dangerous. A post on the blog Art Of Noh... [ Read More (0.1k in body) ]

Non-Technical Explanation of Mike Lynn's Disclosure

Wired just posted the best article so far.. Here are some of the highlights:

Lynn likened IOS to Windows XP, for its ubiquity.

"But when there is a Windows XP bug, it's not really a big deal," Lynn said. "You can still ship (data through a network) because the routers will transmit (it). How do you ship (data) when the routers are dead?"

"Can anyone think why you would steal (the source code) if not to hack it?" Lynn asked the audience, noting that it took him six months to develop an attack to exploit the bug. "I'm probably about to be sued to oblivion. (But) the worst thing is to keep this stuff secret."

"There are people out there looking for it, there are people who have probably found it who could be using it against either national infrastructure or any enterprise," said Ali-Reza Anghaie, a senior security engineer with an aerospace firm, who was in the audience.

During his talk, Lynn demonstrated an attack in real time using his own router, but did not allow the audience to see the steps. The attack took less than a minute to execute.

"In large part I had to quit to give this presentation because ISS and Cisco would rather the world be at risk, I guess," Lynn said. "They had to do what's right for their shareholders; I understand that. But I figured I needed to do what's right for the country and for the national critical infrastructure."

Wired News: Cisco Security Hole a Whopper

UM, yeah, this is an autonomous robot that goes around cracking wifi passwords. Once it cracks a password it triangulates the person who is transmitting it, drives up to you, and shows you your password on a big LCD screen. Promptly you begin to kick it. Thats why these guys need to talk to the people at battlebots.

ToorCon Pics: Hackerbot

] WASHINGTON - The FBI has identified a teenager as the
] author of a damaging virus-like infection unleashed on
] the Internet and plans to arrest him early Friday, a U.S.
] official confirmed Thursday.
]
] The 18-year-old, whose name and hometown was not
] immediately available, was accused of writing one version
] of the damaging "Blaster" infection, which spread quickly
] across the Internet weeks ago, the official said,
] speaking on condition of anonymity.
]
] The official asked that further identifying information
] about the teenager not be disclosed until his arrest.

FBI to Arrest Teen in Internet Attack (TechNews.com)

Elonka wrote:
] More info about the fastest-spreading worm of all time, which
] enters a new phase today, trying to download unknown code to
] 20 specific home computers:

Turns out they may have failed here. From a post on Interesting People:

"All the experts were totally faked out. While everyone was concentrating
on getting the "magic 20" machines shut down, no one realized that
different copies of Sobig.f had different lists of servers to contact.

We put a block of udp port 8998 on our firewall this morning. We had 3
previously undetected infected machines on our network, each of which
tried to contact a different list of 20 machines. One of the lists
corresponds to the one that Sophos and others have published. The other
two lists have no addresses in common with the published list, or with
each other.

I wonder how many different sets of servers there were, how many
different variants of Sobig.f there were, and how many infected machines
now have some additional trojan, worm, or ddos code waiting for a
command to do something."

RE: New Phase of Sobig.F Set for 3 p.m. EST Friday 8/22/2003

From Decius:
"This case documents a real world use of stegonography and digital cash which allowed a blackmailer to anonymously collect payment for his victim."

Blackmail & steganography

] More info about the fastest-spreading worm of all time, which
] enters a new phase today, trying to download unknown code to 20
] specific home computers:

] The worm infected close to one million computers via
] e-mail attachments in e-mails with spoofed addresses
. . .
] Now, those infected
] computers are programmed to start to connect to machines
] found on an encrypted list hidden in the virus body.
] F-Secure said the list contains the address of 20
] computers located in United States, Canada and South
] Korea and is expected to start at 3:00 EST Friday.

I can't beleive they are unable to locate and turn off the servers! There are only 20. Also, if the "web address" in question is under the control of the attackers, then it was paid for by the attackers, and this is a very easy place to start a criminal investigation (possibly the web address was bought using a fake or stolen identity). However, claiming that this "must be the work of organized crime" is silly. Technical sophistication and criminal sophistication are not always directly proportional.

New Phase of Sobig.F Set for 3 p.m. EST Friday 8/22/2003