Sysmin

I have found an interesting tidbit. It seems there are some bare wires on the side of my house. This is causing problems with my phone and DSL. I never go over there and I surely would have noticed this. It seems as though the previous technician that came out didn’t seem to know you are not supposed to have bare telephone wires because when it rains, you might have problems

The auto-troubleshooting phone system sucks and is very irritating, especially if you know what the problem is. During this process I was losing my temper so during one of the questions it was asking me, I decided to scream f**k 5 times in to the phone. The automated system then responded with something like , “I believe you are asking for a customer service representative, Would you like me to transfer you?” Needless to say I was pleasantly surprised and was promptly transfered. Customer service through the F word, you gotta love that

So, Microsoft goes and releases Silverlight for Windows and OSX. Supposedly there is a version coming for Linux as well called Moonlight (cute huh?). Silverlight is a cross-platform browser plug-in that is supposed to directly complete with Adobe Flash. Naturally being the untrusting soul that I am, I decided to take a look at the at the license agreement. I trust these companies about as far as I can throw them when it comes to privacy, especially with a browser plug-in and especially Micro$oft. I went to the download page http://www.microsoft.com/silverlight/install.aspx and was greeted with a nice big install button.

I then located the link on the page that says: By clicking the “Install Now” button you accept the Silverlight License Agreement. So, when I clicked on the link for the license agreement, I got:

Now I know I am not the only one who finds it hilarious that you have to agree to something that isn’t even there. I wasn’t going to download it yet anyway, I was just trying to prepare myself for what may be coming down the road. We may have to do some analysis on this for the False Life Project. I also think it is funny that they add information about how important your privacy is to them under the section about it updating automatically. The link states “Learn More”. As they get things squared away, I am sure you will be hearing more about this.

So I am a big fan of the USA Network TV show Burn Notice. In the show Jeffery Donovan wears a pair of sunglasses. They are Oliver Peoples Victory sunglasses and currently they are not easy to get. Since I have been working in New York, I decided to be a total geek and take a look at the Oliver Peoples store today. Well, I kinda figured after walking all that way to look at them, if I even remotely liked them then I would probably buy them. Well, I did and I snapped a picture of them, just for you

The hacker community has always been a very tight community, with the exception of an occasional asshat or two. This year at Defcon I was a little surprised by some of the attitudes out there. These attitudes weren’t coming from the staff, but from some of the attendees. I was getting a too 1337 for everyone else vibe. It seems that some people were a little too cool for everyone else. I can’t stand that and it drives me nuts. It makes the community no better than any other community. I have a response, So What. It seems that people were more than happy to piss on people they didn’t think were on their level, which I find extremely funny. None of this happened to me, but I did see it happen to other people. Hell, if it would have happened to me I would have understood

I had a high school physics teacher who told this story about science conferences he would go to. He mentioned that he would go to these conferences and many of the mid to upper level science types wouldn’t talk to anyone they thought were beneath them. These individuals only wanted to talk to the experts. The experts on the other hand wanted to talk to everyone, because they knew there was always something to learn. The experts also understood that regardless of skill level, anyone can come up with a breakthrough idea. That story has always stuck with me and I think it holds a lot of truth.

A funny thing happened the other day, I got a Nigerian Scam Letter. Now a Nigerian scam letter on its own is no big deal, I can’t even recall the number of them I have received. What made this one unique is the fact that it appeared to be addressed specifically to hackers. Now, typically hackers would have more awareness on issues such as this. So, on the surface this appears to be a rather fruitless strategy as a scam letter by itself.

I was thinking about why they would target hackers and there are only a couple of conclusions that I can come up with.

• They are complete idiots and have no comprehension of what they are doing. Maybe they are trying to play to egos or something, but obviously it is still really stupid.
• They may be gunning for script kiddies. Maybe they hope that script kiddies would be dumb enough to fall for this. Although, extremely unlikely as well.
• They may be trying to get people to attack the domain of origin of the email.
• Maybe they are trying to get people to attack the email address that is specifically put in the message for a reply.

Out of all of these, the last two appear to be the only ones that could be of some possibility, although I have learned throughout my life never to doubt the extent of people’s stupidity.

A copy of the email is attached here:

——————–

Dear Hacker,

I am writing you this letter with due respect and heart full of tears I need
your help, I got your name and contact from a trust-worthy person Who
assured me of your integrity and that you will help me to transfer this
money.
I am the only Son of late Mr and Mrs KEREKU. My father was a very rich and
wealthy Gold Trader in Monrovia the Capital of republic of Liberia in West
Africa, I want to let you know that my father was poisoned by his business
Associates while my mother died when I am Little and my father took me so
special because I am his only son. Before the death of my father on 2nd July
2006 in a hospital here in Cotonou Republic of Benin, he told me that has
the sum of $3.5Million (Three Million, Five Hundred Thousand u.s dollars)
which he deposited In a bank here in Cotonou Republic of Benin.
He made this money from the sales of Gold, He also told me that it was
because of this money he was poisoned by his business partners while on a
business trip with them and he instructed me to look for a foreign partner
who will help me transfer this money out of Cotonou Republic of Benin and
invest it for me, my purpose of contacting you is for you to help transfer
this money to your country before this People Who kill my father will kill
me , this people who kill my father are after my life and they want to kill
me and collect the this money from me , that is why I’m now hiding my self
here in Cotonou Republic of Benin so that they will not see me, please
indeed.

Your urgent help, Tell me how much percentage you awill take in the total
Money of the Three, Million Five Hundred USA Dollars to help me in
Transferring this money to your bank but you has to assure me that you will
help me fully to transfer the money to your account, l hope you will not
betray the trust I have on you because this money is my only hope in this
life, and moreover you will also help me to come over to your country were I
will settle down for my life and invest this money for me. I can assure you
there is No regret in helping me, this money is an inheritance from my late
father,

I await your reply,
Greetings to you and your Family.
HaLima Kereku

PLEASE CONTACT ME WITH THIS MY PRIVATE
EMAIL;halimakereku2005@yahoo.com

Fake, Fake, Fake

There is this show on NBC called Star Tomorrow. It is set up like an American Idol for music groups. The funny part is they have fake people injected in to the contest to put on sensationally horrible performances. I can’t believe people are actually buying it. It is painfully obvious because their acting is so horrible. Do people just not care anymore? I mean are we just so gullible that we believe everything that is presented to us? Wow, that is really something to ponder.

One Weekend, New York City, and a ton of Jolt Cola

I really liked HOPE Number Six. First off the location is great, the Hotel Pennsylvania just blocks away from Times Square. I thought the conference offered a nice dose of both technology and politics. It was really nice seeing others with the same views and frustrations that I have. It appears that we get lost in everyday life and forget to stand up for what we believe in. HOPE is like a good swift kick in the ass to get us going again and remind us that our freedoms are important. Being ex-military I can definitely appreciate the boost.

Highlights

Two speakers that really stuck out in my mind were Robert Steele and Richard Stallman. Robert Steele gave two great talks pointed at intelligence. These talks basically pointed out where the problems lay with our current intelligence system and how we are not addressing them properly. His site is oss.net

Richard Stallman gave one of the Keynotes and talked about the importance of Free software and why DRM is a very bad thing. Stallman talked about how many people think Free software is about cost, and it is really not. There are certain freedoms the Free Software Foundation believes should be part of every piece of software. He also covered why closed source software is dangerous because people can not hold these companies in check and stop them from building in malicious features in to their software. Stallman also gave a healthy dose of why DRM (Digital Rights Management) is a very bad thing. He outlines this on the site Defectivebydesign.org. In a humorous fashion he put an old disk on his head, dawned a robe and claimed to be a saint in the Church of Emacs. I thought it was a nice way to end his talk.

Our Talk

Our talk was on future connected vulnerabilities. Vulnerabilities in these technologies could have a huge impact on our privacy and our lives. The talk went very well until the audio went out and we had no microphones. It was getting late in our presentation and we were trying to wrap things up. We ended up just shouting to finish our presentation. We think everyone got the point of our presentation. Technology is being created and forced down people’s throats without proper protection mechanisms installed or enabled. If you would like to download a copy of our presentation you may do so Here.

What Happened?

I recently discovered that the Lycos network had a popup ad with an embedded exploit in it. This was very worrisome to me that a company would allow that to happen, or that they were not secure enough to stop some unauthorized party from placing the ad there. In any case, I wanted to let them know about it, but they do not make it easy to contact them when there is a problem. I know from past experience that security@lycos.com does not work, so I tried a few more abuse@lycos.com, root@lycos.com, administrator@lycos.com, and webmaster@lycos.com. Needless to say most of them bounced but the abuse and webmaster accounts appeared to go through.

Analysis

When I hit the site with my Linux box using Mozilla Firefox. I got a message that stated I was not using a Win32 based operating system and could not continue. I knew this was very strange. When I analyzed where the link was coming from, it then prompted me to download a file called exp.wmf. The source of the popup was http://209.190.5.106/display/redo2.html. At that point, I had a pretty good idea of what was going on. I downloaded the exp.wmf file and examined it to figure out exactly what it did after exploiting a weakness in the target Windows operating system.

After a successful exploitation of the vulnerability it downloads an executable from http://www3.adoptium.com/jk/loader.exe, which I assume to be some form of spyware, and executes it on the target machine without the user’s knowledge.

I think we really need to send a message to the sites we visit and let them know, they need to be held responsible for allowing the running of malicious advertisements. I think of the countless people who visit these sites everyday and have no concept of what is happening.

I just thought I would post this right quick. There is a hosting company called TopHostingSolutions www.tophostingsolutions.com This company is an abomination. I have hosted a couple of my web sites with them for the past few years and I can tell you it has been painful.

Don’t ever plan on calling anyone on the phone. I am not talking about technical support, that includes billing, sales, or any other department you might want to talk to. Every single time your message goes to some answering machine black hole. They post this number on their front page too, touting it like they want you to call it.

They offer a 30 day money back guarantee, but what they don’t tell you is they have NO facility in place for you to cancel your subscription. Let me run that warning by everyone again, they have NO facility in place for you to cancel your subscription. They do, however, allow you to add more services to you account. How convenient is that? This was obviously done on purpose in order to get more money from customers who can’t cancel their accounts.

There were countless technical issues that had me seriously questioning their competence and their ability to secure their systems. I won’t get in to them all, but an obvious example would be their lack of ability to secure their mail servers. I started noticing I couldn’t send email to certain people. Upon further investigation I noticed they were a spam relay at one time and had gotten blocked by a few anti-spam services.

Save yourself some major headache and never, EVER use this company for any of your hosting needs. Avoid this company at all costs, you will regret it if you don’t.

This weekend I spoke at an information security conference called Outerz0ne. This conference was pulled off by a very small group of people whose fearless leader was SkyDog. I really liked the small con atmosphere. Outerz0ne is what a hacker conference should be, groups of people brought together by thirst for knowledge and mixed with a small amount of rebellion. Outerz0ne is only in its second year but appears to be making a mark. The con started as a spoof on the Interz0ne conference, but Interz0ne has been posting some falling numbers as of late. When walking around the Interz0ne area this year, people were pretty scarce. I saw maybe 30 people at most. That amount is pretty abysmal as far as cons are concerned. I can imagine that they took a little financial hit over that.

I know that some people started Outerz0ne because they do not like the organizer of Interz0ne, personally I have no problems with him. I spoke at Outerz0ne not to make a statement about the other con, but because I was asked to and I wanted to help support my friends and fellow Hacker Pimps.

It was a great little con, and I think is going to grow quite nicely. I think everyone involved in Outerz0ne did a great job. With numbers of Outerz0ne on the rise and numbers from Interz0ne falling, one has to wonder next year will Outerz0ne take over the space of Interz0ne? Everything seemed to go off without a hitch. Unfortunately, I had to leave the con early because I had not felt well all weekend and I had to get back to some research I was doing. I wish I had some better highlights, but as I mentioned I wasn’t feeling my best. Anyway, keep your eyes on Outerz0ne it is only going to grow.