Tuesday, December 21, 2004

EFF-sponsored anonymizer

According to this press release, The EFF is sponsoring the TOR project.

If you're not familiar with TOR, it uses a concept called "Onion Routing" to forward TCP traffic from your computer, though a complex series of semi-anonymous hops, and finally to the packet's ultimate destination. The idea is that you can run the TOR client on your computer, which exports a SOCKS proxy interface. Then any SOCKS-compatible application can use the proxy to route it's traffic through the onion network.

Check it out, it's super cool, and free (as in speech AND beer), so you have nothing to lose.

I love the EFF!

Monday, December 20, 2004

Spying on the Google desktop search tool

According to The New York Times a group of researchers from Rice University have discovered a method of spying on your Google desktop search results. Of course, being written for a general audience, the article is a little light on details, but it doesn't take too much reading between the lines to figure out what's going on.

Sheesh! Google employs about 50 gajillion PhDs and some of the best and brightest in the tech world, but somehow they seem to have failed to do even the most rudimentary security prep work on this software.

Thursday, December 16, 2004

Viral Spyware!

Ok, this is a blow too low. Viruslist.com is reporting a new variant of CoolWebSearch that actually infects executable files, causing ordinary programs to become new infection vectors for their spyware. Even if you clean the original spyware off your computer, you can still be re-infected just by running another infected program.

Spyware and viruses have finally started to really converge. I hope, then, that this means we can finally get some credible anti-spyware tools from the major anti-virus vendors. Where the hell have they been all this time?


Wednesday, December 15, 2004

Why you shouldn't trust cell phones

I saw this link today on one of the security lists I monitor. For a mere $1,800 you can own a modified Nokia cell phone that will appear to be turned off, but will in reality accept incoming calls from a number you specify, and turn on the speaker without giving any indication that the phone has been turned into a stealthy bugging device.

The same email also included this link, which has information about an Israeli company selling devices to alert you to just such an occurrence.

Tuesday, December 14, 2004

Cracking Windows passwords for free

I just sent the following to the pen-test mailing list, and I thought I should post it here for others to find as well. Someone on the list had asked whether it was possible to replicate LC5's functionality for free. Of course it is!

You can replicate most of the functionality (if not the ease of use) of LC5 with Open Source. For capturing hashes from remote registries, use pwdump3. Once you've got the hashes, feed them into John the Ripper to crack them. If you prefer, you can also use Rainbow Crack to recover the passwords more quickly, although this requires substantial pre-computation and a lot of storage space.

I've managed to get all of the above running under Linux. John and Rainbow Crack are native Unix applications (windows versions also exist), and pwdump3 is simple enough to run well under Wine.

Monday, December 13, 2004

Which nmap scan options are right for you?

skill2die4 has just published a blog thread entitledNMAP - Learn its strength. He's trying out all the different types of scans to see firsthand which are best for various circumstances. It's quite an interesting read.