* Posts by mdubh

11 publicly visible posts • joined 21 Apr 2006

Google leaves censorship to China's experts


Further reading


Feds quiz former worker over Texas power plant hack


Where's the hack?

"Texas utility provides disgruntled ex-employee with remote access to sensitive nuclear plant computers and files."


Missing: 1TB of Clinton White House data



Why bother offering a reward for its return? Why not bid for it on ebay like everyone else?

Hackers develop 'memory-scraping malware' to steal PINs


@AC: Memory scraping



VeriSign remedies massive SSL blunder (kinda, sorta)



Yet another case of foolishly continuing to use a known-broken technology because an easily workable attack, although foreseen and anticipated, has not yet been publicly announced.

Cryptographers have known about weaknesses in MD5 and recommended alternate hashing algorithms since 1996, yet Verisign only now discontinues use of MD5.

Serious DNS flaws have been known for many years, but only the Kaminsky disclosure has brought any real DNSSEC deployment efforts.

Likewise Microsoft and other developers sit on patches until an exploit has been publicly announced and is in the wild, and end users often hesitate to deploy patches that have been released.

Sure there are deployment challenges and costs, but simply doing nothing while vainly hoping that everything will be allright is an unacceptable option that saddles us all with an intolerable burden of risk.

New trojan in mass DNS hijack


@John Navas & Big Al

According to Wikipedia:

"As of August 2008, OpenDNS provides geographically distributed servers in Seattle, Palo Alto, New York, Washington, D.C., London, and Chicago."

Agency sues to stop Defcon speakers from revealing gaping holes


Why paint a target?


When will BlackHat presenters learn to conceal the identity of the organization whose dirty laundry they are about to expose, until they actually deliver the presentation?

No advance notice, no prior restraint.

Black hats attack gaping DNS hole


Re: gentoo portage up to date?


BIND 9.4.2-P1 should be immune to this issue:


Is your DNS server behind a proxy firewall or NAT device that is de-randomizing the source ports?


Excuse me sir: there's a rootkit in your master boot record


How it works / how to detect

More info on the operation and detection of this rootkit:


eBay employee 'torpedos' fraud trial


Rampant fraud

Just thought I'd add my name to the list of people who have been defrauded on eBay, and I would encourage everyone with a similar experience to do the same to help reveal the true scope of the problem.

In my case, the seller never shipped and was soon delisted, but neither eBay nor PayPal responded (beyond the initial acknowledgement) to my repeated requests for an update of the status/resolution of my claim. Fortunately the amount was small.

@Neil: Actually, if you check your passport, you will find that Northern Ireland is indeed part of the "United Kingdom of Great Britain and Northern Ireland". So UK yes, GB no.

We're winning the war against hackers


Sure we're winning

The number of security vulnerabilities being found, and the range of applications and platforms affected, is definitely not shrinking. The sophistication of organized criminals improves constantly. As the popularity of rootkit technology skyrockets, the total number of compromised computers is unknown but definitely growing.

So are we winning the war against hackers? Just as surely as we're winning the war in Iraq...