Please turn your attention to Rolling Stone, where an article about a blind, lonely phreaker is currently tearing up the charts. That is to say, it’s an article worth your time, and it’s certainly better than refreshing drudgereport.com for the thousandth time today.

The quick version, in case you can’t block off 15 minutes of your time to read the whole article, is that a blind kid named Matt was a great phreaker. He was handy with a telephone, able to recognize phone numbers by the tone alone, call up the phone company, impersonate a supervisor, and wreak havoc. He moonlighted as a swatter, someone who can call in a SWAT team to a person’s house in an act of revenge. (“You called me names? Have fun when the cops show up to your house, guns drawn, and drag your ass off to jail.) Lots of fun, in other words.

His progression was pretty predictable: the kid spent all day in his bedroom participating in telephone party lines; made friends, made enemies, swatted every now and then; helped take down someone for the FBI; got caught himself when he was over 18, and is now in prison in Dallas.

The lesson? Do all your phreaking before you turn 18.

Researchers from the University of California, Santa Barbara, have published a report after taking over a massive botnet called Torpig aka Sinowal. The malware network was able to collect 56,000 passwords and hour as well as 70GB of financial and personal data.

The researchers found that most users reused passwords for multiple sites and that the malware was able to steal credit card numbers and bank logins. They were able to control the system for ten days before the malware was updated.

To crack the malware, the researchers noticed that the program would search for domains to attack. Sometimes the domains would be unregistered and the researchers registered those domains and masqueraded as a control node.

via Ars

The targets are IE8, Chrome, and Firefox running on Windows 7, and Safari and Firefox on OS X. I’m guessing it’s not going to be Safari 4 since that’s probably a mess security-wise right now. For mobiles, it’s BlackBerry, Android, S60, WinMo, and an iPhone. Any browser bug/exploit wins $5000, and a mobile bug or exploit nets you the ten large — plus you get to keep the phone you cracked.

It’s up in Vancouver, BC, so although I can just drive up, doubtless many international men of hackery will be hopping a plane to take their shot in this lucrative contest.

[via Reg Hardware]

Wired’s Brian X. Chen twittered to the world that Apple was suing his publication over his video tutorial teaching us Luddites how to hack netbooks to run Mac OS X. As Giz points out, Apple isn’t likely to sue them, but, rather, send over a cease and desist order. It’s all pretty trivial if you ask me.

Just found out Apple is suing Wired for my video tutorial on hacking netbooks to run Mac OS X. One hell of a way to start off the day.

Update: “Update: Apple is not suing Wired over the Hackintosh tutorial. My misunderstanding.”

Datel and Sony Computer Entertainment Europe clearly don’t like each other very much. How do we know this? SCEE has taken Datel to court over its as yet unreleased “Lite Blue Tool,” which has been renamed the Max Power Digital. The device would let users hack, in a sense, the PSP. Sony didn’t care for this very much, and is now in lawsuit mode.

The device, which was first announced last year, would put the PSP, including the new PSP 3000 (but not really), into Service Mode. Once in Service Mode, the PSP could then be loaded up with custom firmware. And as we all know, once the PSP is running custom firmware is can run unofficial homebrew software as well as pirated games.

If you have an older, pre-PSP 3000 system, hacking the system is trivial; piracy is a bit of a problem for Sony here.

What’s weird is that Datel has changed the description of device, and says it only works on PSP 1000 and PSP 2000. So the original “selling point,” that it can hack the PSP 3000, turned out to be bunk.

In summation, Sony has sued Datel for a product that no longer does what gamers (well, would-be pirates) wanted: hack the PSP 3000.

The PSP gets too much hate, too, while we’re at it. WipeOut Pulse is pretty great, as is Jeanne D’Arc. Crisis Core, if you’re into JRPGs, is fun, too. Throw in some Lumines and, I don’t know, God of War if you don’t mind button mashing, and you have a fairly capable little system.

via Gamasutra

Photo: Flickr

My fellow Americans: tomorrow’s the big day, Election Day, wherein we are able to exercise our right to wait in line all day at a fire house or elementary school, rubbing shoulders with “neighbors” and trading pleasantries about what we think about that Obama fellow. It should be fun.

Yet, our voting system stinks. Not only that, but our voting system could be vulnerable to fraud, and not that theoretical ACORN nonsense. We’re talking about rigging electronic voting machines to affect the tally, much like what Homer Simpson experienced.

A compsci professor at Princetown has warned that electronic voting machines can be hacked in as little as six or seven minutes. (His name is Edward Felten, and he was on the D.L. Hughley show on CNN last night showing how the vote could be rigged.) The affected machines are made by Sequoia Voting Systems, which has threatened to sue the professor for besmirching their machines, violating license agreements, etc. That’s good—silence a whistleblower.

Expect allegations of fraud all around in the next few days.

Dear school administrators,

What’s the best way to ensure that your computer network remains riddled with security vulnerabilities that leave you, your personnel and [someone think of the] schoolchildren in danger? Why, to demonize the student who discovered the vulnerability and alerted you to it, of course. Have him charged with a felony while you’re at it.

A student in a Saratoga County (New York) school alerted his principal to a computer security vulnerability that could expose the names, social security numbers and addresses of school employees. While the student tried to do it anonymously, he was eventually tracked down. Then the school threw the book at him.

The student is now being charged with three felonies for his unauthorized use of the computer network. The best is this quote from a state trooper:

The kid committed an intentional criminal act. He deceitfully used someone else’s name and password so he would not get caught and was looking to profit from his criminal act.

The only thing we can take away from this is, even if you discover a security vulnerability, it’s completely in your best interest to keep it to yourself, otherwise you’ll be branded a criminal terrorist when you were merely trying to do a good deed. Or, if you insist on doing the right then, use Wikileaks.

The wizards at the iPhone-Dev Team have just about cracked the iPhone baseband which means carrier unlock is almost upon us. What does this mean? Sadly, not much. The iPhone is still physically – at least in theory – locked to purchase and activation at AT&T and Apple stores so those heady days of buying an iPhone to crack at home are long gone. It is my suspicion that lots of 3Gs will soon be falling off the back of trucks around the world, especially in Russia and Asia, as folks dedicated to one G.S.M. carrier or the other decide they don’t want to switch.

Baseband unlocks essentially cede control of the phone’s telecomm portions to hacked code. Usually it’s impossible to run hacked baseband code but the iPhone Dev folks have patched the baseband without alerting the phone itself, resulting in the Great iPhone Unlocking of 2007 and the future iPhone unlocking of 2008/2009.

Two doctoral students have produced what is probably the most fascinating hack (or whatever you want to call it) of the year. Using custom equipment and software, Messrs Martin Vuagnoux and Sylvain Pasini of the Swiss Ecole Polytechnique Federale de Lausanne are able to detect shifts in the magnetic field surrounding keyboards. By measuring and interpreting these shifts, the students are able to figure out what has been typed. There’s four such “attacks,” once of which can work from as far as 20 meters (65 feet).

While we’ll no doubt have to put up with ignorant “keyboard sniffers on the loose!” stories on your CNNs and whatnot, it’s important to understand what exactly this is. That is, research. These aren’t script kiddies looking to wreak havoc at a Starbucks or whatever, but scholars trying to figure out how things work.

via BBC News

Whoops. Fox News is reporting that the World Bank is smack-dab in the middle of what “may be the worst security breach ever at a global financial institution.” It’s not really clear what exactly has happened but it is clear that this isn’t the first time that the bank has had problems with its cyber security and that some of the more serious past intrusions have come from IP addresses inside China.

Says Fox News:

“It is still not known how much information was stolen. But sources inside the bank confirm that servers in the institution’s highly-restricted treasury unit were deeply penetrated with spy software last April. Invaders also had full access to the rest of the bank’s network for nearly a month in June and July.

In total, at least six major intrusions — two of them using the same group of IP addresses originating from China — have been detected at the World Bank since the summer of 2007, with the most recent breach occurring just last month.”

Internal memos are stating that at least 18 servers have been compromised this time around, while an unidentified World Bank director apparently told Fox News that it may be as many 40 servers that have been hit.

In regards to break-ins that happened back in June and July, a senior member of the World Bank’s IT department said "They had access to everything. They had the keys to every room at the bank. And we can’t say whether they still do or don’t until we fully and openly address what’s happening here."

That seems pretty serious, no? And now this instance that’s just happened is worse than having “the keys to every room at the bank”? Unprecedented crisis, indeed.

[Fox News via Slashdot]

Yes, that evil “hacker” who broke into Sarah Palin’s e-mail account was indicted yesterday. Politics aside, it was a pretty dumb thing to do, especially posting the e-mails online after the fact.

To that end, here’s renowned computer security consultant (and former HACKEROMG) Kevin Mitnick giving his opinion on the whole matter on G4’s Attack of the Show. Mitnick says he doesn’t think the kid should have his life ruined for what amounted to a harmless prank. That’s my opinion, the harmless prank part. You know, maybe spend a couple of weeks doing community service, picking up trash along the side of the road or something.

The host, Kevin Pereira, brings up another good point: why haven’t we seen more “cyber attacks” on politicians this election year?

Hey script kiddies, next time you steal some unsuspecting person’s password, you’d better be prepared to do five years in prison. That’s what the kid who “hacked” Sarah Palin’s Yahoo e-mail account faces, now that he’s been indicted by a federal grand jury.

The kid, now identified as David Kernell, a 20-year-old student at the University of Tennessee, has been accused of accessing Palin’s e-mail account without her authorization.

The kid is screwed, in other words.

If convicted, the kid faces five years in prison, a $250,000 and three years of “supervised release.” No Facebook for him, I’m guessing.

So, kids, let this be a warning to you: don’t try to impress your friends by reading powerful people’s e-mails. To quote Denzel Washington from Training Day, this kid is federally f*cked now.

I’m not the most informed guy on Linux boot processes, but it sounds like they really didn’t cut anything truly critical (that’s manifest of course because the system boots), and you’d be surprised how much time can be saved by customizing the boot process based on what the machine does and doesn’t use. Not running licensed drivers? Don’t need the license verification tool — 2.5 seconds saved. Only using web mail? Don’t need sendmail — 2 seconds saved. Then with more optimization (including a lot of hacking of the X Windows System) and a lot of elbow grease, they had it at a hair less than 5 seconds. The boot graphs are interesting and the article is informative even if you have interest in optimizing your Windows or OS X system, so check it out.

Beauty queen turned vice-presidenial nominee Sarah Palin had her Yahoo! e-mail account broken into last week. (Who uses Yahoo! e-mail?) It was a heinous crime, right up there with the Lindburg baby, and one that exposed her horribly boring personal life to the world. It was a political non-event: no saucy tidbits, no porno site passwords, no that-moose-deserved-its. But the likes of Fox News and Drudge used the opportunity to scare the pants off normal folks: “hackers!” “evil!” “danger!” And so on.

As a well-known security expert, I’m more than happy to offer a few tips and tricks to help prevent you from ending up like Palin over there.

Basically, keep your wits about you. Palin’s account was hacked, I think, because the dumb kid who hacked it—you just know it’s some dopey kid trying to impress his equally dopey friends—was able to use Yahoo’s “forgot your password?” feature. Here, Yahoo! asks you for something like your first pet’s name, your mother’s maiden name, etc. in order to retrieve your password. Now, the odds of a complete stranger guessing your e-mail account name and the corresponding password is pretty low. But, who’s to say That Jerk at the office, or perhaps your vindictive ex-wife’s hired gun, doesn’t already know your account name, needing only the password to get in? That’s the type of person you need to be on the lookout for.

Keep your wits about you? Don’t use the same password for all of your online accounts. I know you do—I do, too, but I usually use one of four different passwords per account—but you really shouldn’t. I’m not suggesting you use a random number generator for every forum or e-mail account you have, but at least keep a rolodex of a few different passwords handy.

Keep your wits about you? Don’t take those “forgot your password?” features seriously; answer them with nonsense. Back in 2000, one of my forum passwords was guessed, à la Palin, because someone deduced the answer to the question, “Who’s your favorite wrestler?” (It was a WWF message board.) The answer, Triple H, was easy to figure out, especially since my signature was something like, “Triple H rules!” The evildoer then proceeded to change my password and ruin my good name. It was a lesson learned, though, as I’ve never since taken one of those “forgot your password?” features seriously. Just remember your password. There are harder things in life.

Keep your wits about you? Try to limit the time you spend on public Internet connections. If I’ve said it once I’ve said it 1,000 times, all it takes is one script kiddy armed with a packet sniffer (like ettercap, which is the Swiss Army knife of network security tools) and all your data can be intercepted. This includes SSL-encrypted info, too, since programs like ettercap can completely defeat SSL. It goes without saying you don’t want to be doing any online banking at a Starbucks or at the airport, for example.

Keep your wits about you? I really cannot stress the importance of using common sense while online. What if some dude came up to you on the street claiming to be the wallet inspector? Would you give him your wallet? I should hope not. Be vigilant, use your better judgment and don’t claim to be against bridges to nowhere when the record shows that you were very much in favor of it.

Three French journalists were kicked out of the Black Hat security conference in Las Vegas yesterday. They were caught sniffing the press room’s Wi-Fi network.

The journalists were from the magazine Global Security, and said they’re hacking was merely a “joke.” They were able to obtain login information from several journalists, including one from eWeek.

I only mention this because it is so, so easy to steal information over a Wi-Fi network, secured or not. (Don’t bother using WEP, since it can be cracked in about 10 minutes with the proper tools. WPA is still somewhat of a pain to crack) Any kid can compile a copy of ettercap—before you know it, he’s reading your Facebook messages, your Gmail (SSL, what’s that?), and can do legitimate damage to your good name if he were so inclined.

That the French journalists didn’t think that sending a bunch of ARP requests over the network wouldn’t be noticed at a security conference borders on the ridiculous. Any IT guy worth a damn would notice it right away.

That DNS flaw that we mentioned a few days ago has been discovered by “hackers,” and is currently being “weaponized,” says a top Internet security expert.

The attack makes use of cache poisoning to re-direct traffic. Worst case scenario, you try going to yourbank.com, but instead are taken to a hacker’s phishing site. You put in your account details and bam, they now have your info. It’s potentially pretty serious.

Says the concerned security dude:

We are in a lot of trouble…. Everyone needs this patch, please. This is a big deal.

You can check to see if your ISP has applied the patch here, and if they haven’t—mine here in Spain hasn’t—you may want to use OpenDNS, which is safe as can be.

The hack revolves around the MiFare chip found in the smartcard. The researchers were prevented from publishing but, as Bruce Schneier, security expert, notes:

“As bad as the damage is from publishing – and there probably will be some – the damage is much, much worse by not disclosing.”

If a university doesn’t reveal the exploit, ensuring the company will fix it someone else will find it and then no one will be able to stop the exploit or others like it. As Schneier notes: “Assume organised crime knows about this, assume they will be selling it anyway.”

There seems to be a slight flaw in the way DNS works, leaving it vulnerable to cache poisoning. Such attacks aren’t new, but mention the words “Internet” and “hacking” and everyone freaks out.

The attack would let hackers re-direct traffic to whatever nefarious Web site they choose. For example, you type www.cnn.com but instead get re-directed to a site that looks like CNN, but is really just a phishing site. That’s the theoretical worst case scenario, but the odds of that actually happening are pretty small. Any competent sysadmin monitoring traffic should notice the irregular activity, and configure his firewall accordingly.

The fact is, though, that the vulnerability exists, but is being patched as we speak. Microsoft, Cisco and other such companies have been working on a patch for some time.

So yeah, it’s a problem, but not something you should be freaking out over.

The 0day trade is considered by security experts to be something akin to arms dealing. Stockpile enough 0day exploits – exploits that are completely unknown even to the companies they affect and, most importantly, have not been patched – and you have a collection of cyberwar tools unmatched in the industry.

Adam Penenberg at FastCompany interviewed Rigano and his story actually spurred HP to fire Rigano. This just goes to show you that even behemoths don’t know what’s going on in the back offices and that we should all be finding 0days to fund our start-ups.

UPDATE – Rigano writes:

I was never HP employee (but employee in an HP partner company). I never find / discover or sell any HP products bugs, neither HP partner’s bug (as SAP). I have taken legal action action against Fast Company for libelous things.
Moreover I stopped trading vulnerabilities since one year now (so before to work with HP)”

The EFiX site is dying right now from traffic, but today was the planned release for the EFiX USB dongle, which supposedly allows you to install OS X on your Intel-based PC with no muss, no fuss, and no BIOS flashing. You just plug the thing in and go like hell. The site’s been updated somewhat but I get the feeling their servers are half-melted at this point and it’s difficult to tell what else has been added other than a few features under the expanded view for the dongle.

There’s more details and video of an alleged install using the EFiX if you click below. [via Gizmodo]

From the site:

We are proud to present EFiX our wonderful work of art and function to the world.
EFiX is the best solution for running Mac OS X on PCs.
It allows the user to install Mac OS X straight from the original DVD without having to worry about patches, replacing files and anything like that.

That means you can buy a regular compatible PC, Mac OS X and EFiX and enjoy what the Mac users have always enjoyed:

# Ability to install Mac OS X Leopard and Leopard Server from original retail DVD.

# Average users can easily install Mac OSX without fear of needing professional knowledge.

# Update your system with official Apple Updates.

On top of the benefits seen by Mac users from the start, EFiX also brings some other advantages for users of standard PCs, such as:

# Online updates of EFiX firmware.

# EMI & RFI protection.

# An Interactive system boot selector.

# Working power management Features such as Shutdown, Reset, etc.