http://perimetergrid.com/wp Building Security in a Networked World en http://perimetergrid.com/wp/2008/08/24/defcon-16-day-1/ Having finished up with the BlackHat briefings, it was time to go on to DefCon.  While many of the speakers from BlackHat stay on for DefCon, there’s also a lot of DefCon-only presentations, usually with a more attack-oriented focus (in keeping with DefCon’s nature as a hacker convention rather than a security conference like BlackHat.) The [...] http://perimetergrid.com/wp/2008/08/13/blackhat-2008-day-2/ The second day of BlackHat 2008 began with a keynote speech by Rod Beckstrom, the director of NCSC (the National Cyber Security Center.) Most of this consisted of painfully strained Civil War analogies and the overuse of the word “Cyber” to describe absolutely everything. He made some good points — specifically, that in [...] http://perimetergrid.com/wp/2008/08/06/blackhat-2008-day-1/ Today was the first day of this year’s BlackHat Briefings in Las Vegas. The biggest security conference of the year, it’s always an interesting place to be and often involves the release of new and previously unknown exploits. The keynote speaker was Ian Angell, of the London School of Economics, who was speaking, ostensibly, about [...] http://perimetergrid.com/wp/2008/07/29/the-dns-exploit-revealed-and-used/ So, Dan Kaminsky’s DNS exploit I previously mentioned has been revealed. It turns out that what Kaminsky found was pretty much what I speculated — he just had it put together into a coherent attack, and fully recognized the implications. If I want to poison your DNS server, say, to redirect www.yourbank.com to my malicious [...] http://perimetergrid.com/wp/2008/07/17/the-mysterious-dns-exploit/ On Tuesday, July 8th, Microsoft’s usual package of patches seemed to end-users like every other Patch Tuesday — some security updates to various and sundry Windows files to patch security vulnerabilities unknown.  However, it contained something very unusual this time — a design change to DNS. DNS has been around since the 1970’s, so people don’t [...] http://perimetergrid.com/wp/2008/06/30/two-factor-auth-for-world-of-warcraft/ Blizzard Entertainment, makers of the phenomenally-successful multiplayer game World of Warcraft, have introduced two-factor authentication for logging into the game.  For $6.50, they’ll sell you a dynamic password keychain token called the Blizzard Authenticator, which looks much like the RSA keyfobs many in the IT industry use to log into their corporate VPNs. It may seem [...] http://perimetergrid.com/wp/2008/05/17/ubuntudebian-crng-cracked-ssh-vulnerable/ I don’t usually post about newly-discovered vulnerabilities, simply because there are so many of them — a dozen come out every day, especially in web applications.  However, this one has further-reaching consequences.  Security researcher HD Moore (of Metasploit fame) has discovered a vulnerability in the OpenSSL cryptographic random number generator used by Debian Linux, the [...] http://perimetergrid.com/wp/2008/05/16/the-black-hat-tax/ Auren Hoffman at Summation has an interesting post on the “black hat tax.”  Essentially, how much do hackers and other online criminals actually cost us?  He estimates it at 25% of time and resources, after taking into account not just hackers but also scammers, phishers, and responding to law enforcement requests.  According to James Currier [...] http://perimetergrid.com/wp/2008/05/16/charter-communications-using-ad-replacer/ A story in the New York Times tells us that Charter Communications (the United States’s fourth-largest cable company) is going to start tracking user behavior and using it to sell ads.  They spin this as a potential problem because of privacy implications — it means that the cable company is watching your web surfing so [...] http://perimetergrid.com/wp/2008/05/01/data-hiding-at-the-airport/ According to the EFF blog, customs has taken to randomly searching electronic devices for suspicious data.  It is somewhat mysterious what they are searching them for — given only a few minutes and a technically unskilled border guard doing the searching, it’s hard to imagine them actually finding anything better hidden than a file on [...] http://perimetergrid.com/wp/2008/04/23/ad-replacers-let-dan-kaminsky-rickroll-the-web/ I’ve talked before about ad replacers, where ISPs dynamically edit the contents of web traffic for their customers, replacing ads on web sites with ads of their own. This is a threat to the business model of the internet, as if done on a wide scale it would render small, advertiser-supported websites unable to [...] http://perimetergrid.com/wp/2008/04/10/surveillance-and-ubiquity/ HexView has an article about tracking vehicles with RFID tire pressure monitors. The devices are found in tires and transmit tire pressure to the engine control module, which sounds innocuous enough, but to prevent modules from reading neighboring cars’ tires by accident, they also transmit a unique ID. Thus, you can follow a [...] http://perimetergrid.com/wp/2008/04/08/blacklists-and-cross-site-scripting/ Microsoft gets a lot of criticism over Internet Explorer not being “standards-compliant.” However, it’s actually not so simple, for a variety of reasons. One of them is that the web itself is not very standards-compliant — while IE8 has a standards-compliant-browser mode, it has to offer an IE7 rendering fallback mode because most [...] http://perimetergrid.com/wp/2008/04/03/mom-lets-9-year-old-take-subway-home-alone/ The Today Show has a cover story today entitled “Mom lets 9-year-old take subway home alone.” The controversy over this — that is, the fact that there is any — is a wonderful example of how poorly people assess risk in modern society. What this woman, Lenore Skenazy, has done to stir up [...] http://perimetergrid.com/wp/2008/03/10/ad-replacers-and-the-future-of-the-internet/ A company named Phorm (formerly 121Media) has introduced a new product for ISPs.  The idea is that the ISP installs this product (basically a transparent proxy) on their network, and as their customers surf the web, the OIX  proxy replaces advertisements on web pages with advertisements on the Phorm network.  To make it more palatable, [...] http://perimetergrid.com/wp/2008/02/28/whole-disk-encryption-cracked/ Early this week, some researchers at Princeton University’s Center for Information Technology Policy released a fascinating video of whole-disk encryption being cracked quite quickly and easily. Whole-disk encryption products — such as PGP Whole Disk Encryption, TrueCrypt System Encryption, and Windows Vista’s BitLocker — work by encrypting the entire hard disk with a symmetric key, save [...] http://perimetergrid.com/wp/2008/02/18/deterring-the-internal-attacker/ On January 21st, 2008, the major French bank Société Générale lost $7.09 billion attempting to unwind unauthorized trading positions taken by Jérôme Kerviel, a futures trader with the bank. Kerviel had taken positions worth $73.3 billion, far above not only his trading limits but the bank’s entire market capitalization. The loss taken [...] http://perimetergrid.com/wp/2008/02/11/asus-eee-pc-and-linux-vmsplice-vulnerabilities/ It wasn’t a good weekend for Linux. The ultraportable ASUS Eee PC has seen quite a bit of publicity lately. With prices starting as low as $300, it’s about as cheap as laptops get, and runs on a solid-state drive instead of a hard disk. Of course, to get such a low price, it [...] http://perimetergrid.com/wp/2008/02/04/os-based-mitigations-against-common-attacks/ In my last post about finding a job in information security, when discussing application security, I off-handedly mentioned several mitigation technologies — GS, DEP, SAL, and ASLR. These are technologies developed by OS vendors to provide system-wide protection against common attacks, and are things every application developer should know about when dealing with native [...] http://perimetergrid.com/wp/2008/01/31/how-to-get-a-job-in-information-security/ Don Parker at SecurityFocus has an article called Skills for the Future about how to get a job in information security. He outlines one path, and while I don’t deny it’s a good one, and probably the most common, it’s not the only way, either. There are quite a few different areas of specialization within [...]