November 30, 2005
Hacking Wiretapping Systems
This is absolutely fastinating research by Matt Blaze on evading telephone wiretapping systems. Here's the paper. Here's a news article.
Podcast Chaos Be Gone
Podcast Chaos Be Gone
The anarchic state of audio on the internet is about to become more organized. A handful of new technologies scan entire podcasts for specific words. By Kim Zetter.
Multiple Web Browsers Handling of Back Ticks Cause Command Execution
Multiple Web Browsers Handling of Back Ticks Cause Command Execution
The web browsers Mozilla Firefox, Mozilla Suite and Opera are vulnerable to local program execution allowing remote attackers to cause the program to execute arbitrary programs.
Hacking Wiretapping Systems
This is absolutely fastinating research by Matt Blaze on evading telephone wiretapping systems. Here's the paper. Here's a news article.
QNX Realtime Operating System Local Buffer Overflow Vulnerability
QNX Realtime Operating System Local Buffer Overflow Vulnerability
A vulnerability has been identified in QNX Realtime Operating System (RTOS), which could be exploited by local attackers to execute arbitrary commands with elevated privileges...
November 29, 2005
A Sobering return from the holiday weekend
A Sobering return from the holiday weekend
AV firms are eyeing several new threats, including a Sober variant now responsible for one out of every 14 e-mails on the Net. This as many users fire up PCs after a four-day holiday break.
SANS Replaces Several Threat References in Top 20
SANS Replaces Several Threat References in Top 20...
SANS Replaces Several Threat References in Top 20
Last week I posted comments about several misuses of the word "threat" in the latest SANS twenty most critical Internet security vulnerabilities. After receiving an email from Alan Paller, I returned to the SANS site and saw many of my recommended changes were made. For example, you can now "Jump To Index of Top 20 Vulnerabilities", instead of "threats." I appreciate SANS taking my suggestions to heart.
free endpoint security beta sofware for windows
free endpoint security beta sofware for windows
Hi This was posted today to several security mailing lists. It may be of interest to people looking into securing Windows workstations. -ivan
-- ANN: Free endpoint security software released (Core FORCE 070.105) CoreLabs, the research arm of Core Security Technologies is pleased to announce the public release of Core FORCE, a free software endpoint security solution. Core FORCE, a fully functional endpoint protection software for Windows 2000 and Windows XP systems, is released under the Apache 2.0 license and is available now at http://force.coresecurity.com.
The release of Core FORCE 070.105 fixes several compatibility issues with AV software packages and includes changes to security configuration to allow its use in Windows environments that require users to logon to a Domain Controller.
This is part of an ongoing beta program for CoreLabs collaborative endpoint security project. The project seeks to foster the creation of a collaborative community of security practitioners as a way to achieve highly effective endpoint security protection. We believe that collaborative endpoint security, understood as a cooperating group of users and not just software components, could go a long way towards achieving this goal if equipped with proper tools.
Core FORCE offers state-of-the-art technology to protect you from todays most common and prevalent threats. Using Core FORCE you can:
- Protect your computer from compromise by worms, viruses and email-borne malware
- Prevent your computer from being used as a staging point to amplify attacks and compromise others
- Prevent exploitation of known bugs in the operating system and applications running on your computer
- Prevent exploitation of unknown bugs (0-day) in the operating system and applications running on your computer and,
- Detect and prevent execution of adware, spyware, trojan horses and other malware on you computer.
With Core FORCE, endpoint security can be enforced on a per application basis using Application Profiles that specify a programs network, file system and registry permissions with a significant level of granularity. All users of Core FORCE can create, peer-review and download Application Profiles from the Core FORCE Community site (Note: to submit profiles or join in discussions, users must first register).
Application Profiles submitted to the Core FORCE community are required to use the Creative Commons license, available at http://creativecommons.org/licenses/by-nc-sa/2.5/. The license guarantees that all users in the community will be able to use these profiles and create new ones based on any submissions.
You are invited to join the program and send us your feedback, comments and flames.
- The Core FORCE team @ CoreLabs
Study: Office likely location for laptop lifts
Study: Office likely location for laptop lifts
A recent study by Credant Technologies found the office to be the most common place for a laptop to be stolen, despite physical security measures. Of laptops that are filched, about 90% contain sensitive information.
Safecracking with Thermal Imaging
Cisco Security Agent (CSA) Local Privilege Escalation Vulnerability
Cisco Security Agent (CSA) Local Privilege Escalation Vulnerability
A vulnerability has been identified in Cisco Security Agent (CSA), which could be exploited by local attackers to obtain elevated privileges...
FireFox 1.5 Released - Get it here!!
FireFox 1.5 Released - Get it here!!
'Nuff Said
Firefox 1.5 to be released TODAY
Firefox 1.5 to be released TODAY
After a host of test releases and one false start, a new version of the Firefox browser will be ready on Tuesday, according to a media alert issued by the Mozilla Foundation. Firefox 1.5 will be available for download at http://www.getfirefox.com and http://www.mozilla.com on Tuesday afternoon (PST).
TiVo Beta pics leaked!
Can I get one today? Podcast support!
TiVo Beta pics leaked!
TiVo is beefing up their HME offerings by centrally hosting applications and partnering with Yahoo! Yahoo! weather, traffic, and photos are avalable - as is Internet radio (Live365) and a few new games. Also being tested is the podcaster application I previewed at Digital Life, Fandango movie tickets, and a few various games.
Synch Firefox Bookmarks On Multiple Computers
FTP? Damn.
Synch Firefox Bookmarks On Multiple Computers
This guide shows you how to setup an FTP account you can use to synchronize your Firefox bookmarks between your PC, Mac, Linux box, and more.
Microsoft Windows Metafile (WMF) Images Handling Remote Exploit (MS05-053)
November 28, 2005
Brief: Study suggests DMCA takedown regs abused
Tags Sort Out Music Mess
I need me some of this.
Tags Sort Out Music Mess
The need to organize thousands of MP3s on my hard drive turns me from a music lover into an unwilling librarian. Thankfully, tagging software can help out. Commentary by Dan Goodin.
Brief: Study suggests DMCA takedown regs abused
Cisco PIX TCP Connection DoS (Exploit)
I'll have to check this out. In the lab, of course....
Cisco PIX TCP Connection DoS (Exploit)
"The Cisco PIX Firewall delivers strong security and, with market-leading performance, creates little to no network performance impact."
November 22, 2005
My poor wife: Best Christmas Lights Ever
16,000 lights on our house last year. this year we're going for 24,000. This guy still has me beat by a million miles.
Video: Best Christmas Lights Ever
or: how to get your neighbors to hate you
Bump Bump - Extrusion Detection Shipping
Extrusion Detection ShippingGood news -- several...
Extrusion Detection Shipping
Good news -- several of you have reported receiving copies of my new book Extrusion Detection, ordered through regular online vendors. I'm happy to see Amazon.com finally listing the book as "Usually ships within 24 hours." It appears Buy.com has a great deal, with free shipping and a $29.69 price.
If you have any suggested changes, please let me know within the next 10 days. I owe corrections to my publisher for the second printing on 2 December. Thank you!
MT "video" iPod Silicone Skin for $9.99 shipped
MT "video" iPod Silicone Skin for $9.99 shipped
PC Micro Store offers the MT Silicone Skins for the "video" iPod 60GB for $9.99 each with free shipping, the lowest total price we've seen....(more)
November 21, 2005
wifi mapping maybe?
Phoogle Maps 2.0
Cool PHP Class that uses Google's Mapping API so that you can create your own customizable Google Maps using PHP
Time for the fecal matter to impact the rotating oscillator.
Oops. More of the same.
Microsoft Internet Explorer "window()" Code Execution Vulnerability
A critical vulnerability has been identified in Microsoft Internet Explorer, which could be exploited by remote attackers to execute arbitrary commands...
I don't think so. Education is Key.
Security Awareness Training: A Waste of Time?
Ext...
Security Awareness Training: A Waste of Time?
Extrusion Detection contributing author Rohyt Belani told me about his new SC Magazine article Changing End Users' Security Mindset. Here are some astonishing excerpts:
"[M]y company [Red Cliff Consulting] has conducted numerous social engineering exercises for Fortune 500 companies whose success relies heavily on the protection of intellectual property.
These exercises involved scripted telephone calls to the organizations' customer service departments and mass phishing emails targeting a randomly selected set of employees. The objective was to collect sensitive data, the results were astounding.
627 of the 1000 people targeted by 'spear phishing' emails (aimed at pilfering the employees' corporate VPN credentials) succumbed to the attack and only 4 of the 373 that did not respond reported the issue to information security staff.
It's not so much those statistics that made the results astounding; but the fact that all these organizations had recently conducted user awareness workshops that addressed the threats posed by social engineers."
Wow. Maybe their Human Firewall was down?
I crack myself up. Anyway, Rohyt mostly blames the staff who offer security awareness training:
"[T]he information security staff must assume the onus of taking the initiative of developing innovative user awareness programs that pique the employees' interest. The majority of the security awareness sessions I attended were unstimulating affairs couching the do's and don'ts of security."
I think it is time to face the fact that security awareness training is generally a waste of time. Trainers can stand on their heads and juggle flaming swords, and some attendees will take a nap. People who handle the most sensitive classified data in the world will happily click on the dancing donkey that appears in their inbox. All it takes to suffer an internal compromise is for one of Rohyt's 1000 respondents to provide their corporate VPN credentials.
In the remainder of Rohyt's article, he does provide good guidelines for improving the quality of security awareness training. However, there is no way to achieve 100% compliance with security policies and sound practices.
So what is my answer? The people with the best capability to address the problem must be given the authority and resources to do so. Those people are the information security staff. They should have the power to remove administrative accounts from normal desktop users. The should have the resources to deploy a proxy to filter and block malicious inbound and outbound traffic. Their concerns should not be sidelined in order to meet "business requirements."
Disagree with me? Well, there are many aspects of business that individual employees should care about. The quality of their work environment is important. I have worked in numerous buildings with asbestos and water problems (thanks .mil). Was it my job to become an environmental engineer? Corporate financial health is another important aspect of a business. Should employees receive accounting training?
Speaking of business concerns: am I the only person who is sick of hearing media pundits tell technical people we need to spend more time and effort understanding "the business?" There are only so many hours in the day. Who is supposed to understand the technical issues facing an organization if we are also tasked with making business decisions?
Why don't I read about business managers being advised to understand TCP/IP?
This is called division of labor, and it's what enables companies to scale to their present size. I am forced to perform business and technical functions by virtue of the size of my small company. As a person who enjoys technical issues, I am not pursuing business issues by choice!
What do you think?
Somewhere I read that this was only iTunes 5....
A good reason to raise Infocon to yellow
Sony has Ninjas. This is how they do it.
Sony mocked with $SYS$ camouflage T-shirts!
It's almost genius: A T-shirt with $SYS$ emblazoned on it in camo lettering, and the phrase: "Invisibility courtesy Sony corp." Now why didn't I think of that?
Now to make my TivoToGo work again.
TiVo adds Apple iPod support to TiVoToGo
TiVo Inc. is expanding its video recording service so users will be able to transfer recorded TV shows onto Apple Computer's iPods, according to an Associated Press report. By adding support for the MPEG-4 video format, TiVo hopes to capitalize on the immense popularity of Apple iPods.
2006 Lexus IS "hack" A
2006 Lexus IS "hack"
A "cheat code" has been discovered for the new Lexus IS that enables a massive burn out. I wonder if alot of computer-dependant cars have a similar thing...
Nintendo music in real life.
Mario Unleashed
This is a video of four people playing some Mario themes on the marimba
More Sony. this time good.
Piece of tape defeats any CD DRM
Sony's XCP digital rights management technology that was bundled on 52 audio CDs can be defeated with a piece of tape.
November 16, 2005
Testing ecto
...just like the title says.
November 15, 2005
We love Larry Ellison. Not.
Bugtraq: Three years and ten months without a patch
Three years and ten months without a patch
Time to find my old dish...
How-To: Build a WiFi biquad dish antenna
Wireless enthusiasts have been repurposing satellite dishes for a couple years now. This summer the longest link
ever was established over 125 miles using old 12 foot and 10 foot
satellite dishes. A dish that big is usually overkill for most people and modern mini-dishes work just as well. The
dish helps focus the radio waves onto a directional antenna feed. We're building a biquad antenna feed because it
offers very good performance and is pretty forgiving when it comes to assembly errors. Follow along as we assemble the
feed, attach it to a DirecTV dish and test out its performance.
Why? With just a handful of cheap parts, a salvaged DirecTV dish and a little soldering, we were able to detect
access points from over 8 miles away. Using consumer WiFi gear we picked up over 18 APs in an area with only 1 house
per square mile.
Building the antenna
Biquad antennas can be built from common materials, which is nice because you don't have to scrounge around for the perfectly-sized soup can. We did have to buy some specialized parts before getting started though.
The most important part here is the small silver panel mount N-connector in the center of the picture; the entire
antenna will be built on this. We purchased it from S.M. Electronics,
part# 1113-000-N331-011. The N-connector is
standard across the majority of commercial antennas and you can connect them to your wireless devices using pigtails.
The longer pigtail in the picture is a RP-TNC to N-Male
pigtail that we'll use to connect our antenna to a Linksys WRT54G access point. The short pigtail is a
RP-MMCX to N-Male pigtail so we can connect to our
Senao 2511CD PLUS EXT2 WiFi card which is pictured. We
also purchased 10 feet of WBC 400 coax cable so we
wouldn't have to sit with the dish in our lap. We got our surplus DirecTV dish from
Freecycle. We'll cover the reason for the mini butane torch later.
Trevor Marshall built one of the first biquad WiFi antennas
found on the internet. We followed the slightly more thorough instructions
found at martybugs.net. Here are the raw materials we started
with:
The wire is standard solid-core 3-conductor wire used for most house wiring. We didn't have any copper printed
circuit board material laying around so we used this thin sheet of copper and supported it using the 1/4-inch thick
black plastic pictured.
The first step in building the element was stripping and cutting a 244mm length of wire.
We marked the wire every 31mm with a permanent marker and began bending the wire into a double diamond shape. We
tried to make the length of each leg 30.5mm.
The easiest way to make really sharp bends in the solid copper wire is to use two pairs of pliers. With the pliers
held perpendicular to each other bend the wire against one of the sets of jaws.
The element with all bends completed:
Next we cut out a 110mm square of black plastic to use as a base for the reflector. We drilled a hole in the center
to clear our connector.
We then soldered a piece of copper wire to the center pin of our N-connector.
Next we soldered a piece of of wire to the outside of the connector. We ran into some trouble here. Our cheapy iron
was not capable of getting the connector's base hot enough to make a good solder joint. We bought a butane torch and
used that to heat up the surfaces. This worked pretty well except it desoldered our center pin. We recommend you solder
the outside piece of wire first before doing the center one.
After the connector had cooled it was attached to the black plastic base using epoxy. The thin copper sheet was
attached to the front with epoxy and trimmed to fit.
We let the epoxy cure for a while before proceeding. The next step was to solder our bow tie shaped element to the
vertical wires. The element was supported by two pieces of scrap copper trimmed to 15mm to ensure proper
positioning.
Then the extra wire was trimmed off and the outside wire was soldered to the ground plane to complete the
antenna.
To make mounting to the dish easy we modified the original feedhorn. Here is what it originally looked like.
After removing the housing, internal components and shortening the feedhorn looked like this.
The antenna is attached by inserting the N-connector into the tube and then connecting the coax cable.
Here is a picture of the final antenna assembly ready to be attached to the dish.
Since the satellite dish has an off-center feed it looks like it is pointed at the ground when it is level with the
horizon. Even though there are no angle markings for setting the dish at 0 degrees inclination we can still ensure that
the dish is pointing at the horizon by setting the dish angle to 45 degrees and mounting it on a tube with a 45 degree
angle.
Test results
The Engadget Corn Belt Testing Facility has broadband access provided by a local WISP. So we knew if we plugged in our antenna we were sure to pick up something in the area. We pointed the dish at the closest grain elevator, where the WISP mounts their antennas. We connected the dish feed to our Senao card and started up Kismet.
We expected to get one AP, but five is even better. Looking through the info strings we were able to determine where
the APs were since the WISP had named them according to the town they are in. The AP on channel 5 is the one we pointed
at in town A, 2.4 miles away. The AP on channel 6 is located in town B, 8.2 miles away. The two APs on channel 1 are a
bridge between town A and town C which is located 2.6 miles directly behind the dish.
Our next test was to hook our WRT54G up to the dish and point it at a hill 1 mile away. We drove to the top of the
hill and used an
omnidirectional mini whip antenna with our Senao card to detect it.
Our router was picked up easily. The found 14 other WISP APs including town D, 7.8 miles away. The WISP is
definitely using some high powered equipment if we're just picking this up with an omnidirectional antenna.
For a final test we put the dish on the roof rack and parked on top of the hill to see if we could pick up any more
APs.
Our final count is 18 APs, 17 of those belonging to the WISP. This was a pretty fun project and shows that you can
build decent wireless solutions using consumer gear.
For the curious: The WISP gives its subscribers a patch antenna with a built in power-over-ethernet access point.
Once the antenna is mounted to the roof they run a single ethernet cable into the house which means they don't have to
worry about signal loss from coax. These client boxes are manufactured by
Tranzeo.
Permalink | Email this | Linking Blogs | Comments
© 2005 Weblogs, Inc.
SPONSORED BY: Age of Empires III - Real-Time Strategy Game Control a European power on a quest to colonize and conquer the New World. AOE3 introduces new gameplay elements, as well as new civilizations, units, and technologies. http://www.ageofempires3.com/
...not just Cisco.
An open letter to Sony: WTF?
Sony Rootkit Allegedly Contains LGPL Software
Deaths Hand writes "According to this Dutch article the Sony DRM software (or rootkit, if you may prefer) contains code from the LAME MP3 encoder project, which is licensed under the LGPL. However, the source code has not also been distrbuted, hence breaching the license. Here is an english translation of the page." So apparently Sony violates your privacy to create a backdoor onto your machine using code that violates an Open Source license. This story just keeps getting stranger.
Man, how many times could I have used this...
Find any font with just an image!
Ever saw a font you wanted to use but couldnt fint the name?
Here is your solution...
Time to check your DNS cache
Sony infects more than 500k networks, including military and govt
Cory Doctorow:
Genius DNS hacker Dan Kaminsky designed a research project that has produced a count of the number of networks that have been infected with the malicious rootkit Sony distributed with its audio CDs: over 500,000 networks contain at least one infected machine. Many of these are governmental and military networks.
Sony has recalled some of the CDs in shops, but still has not offered an effective uninstaller for infected users. In fact, the installer they've shipped has been shown to create massive, dangerous security vulnerabilities in the PCs of users who run it.
More than half a million networks, including military and government sites, were likely infected by copy restriction software distributed by Sony on a handful of its CDs, according to a statistical analysis of domain servers conducted by a well-respected security researcher and confirmed by independent experts on Tuesday...Kaminsky asked over 3 million DNS servers across the net whether or not they knew the addresses associated with the Sony rootkit -- connected.sonymusic.com, updates.xcp-aurora.com, and license.suncom2.com. He uses a "non-recursive DNS query" which allows him to just peek into the cache of that server, and find out if anyone else has asked that particular machine for those addresses recently.
If the DNS server said yes, it had a cached copy of the address, which means that at least one of its client computers had used it to look up Sony's DRM site. If the DNS server said no, then Kaminsky knew for sure that no Sony-compromised machines existed behind it.
The results have surprised Kaminsky himself: 568,200 DNS servers knew about the Sony addresses. With no other reason for people to visit them, that points to one or more computers behind those DNS servers that are Sony-compromised. That's one in six DNS servers, across a statistical sampling of one third of the 9 million DNS servers Kaminsky estimates are on the net.
Link,
Link to November 14 time-line of Sony's misdeeds
(Thanks, Quinn!)
Hmmm, google maps...
[8Ball] was interested in building a Google Maps based service, but didn’t know where to start. Luckily he stumbled across Peter Rukavina's Charlottetown Transit Map. The project shows the bus routes and has schedule popups linked to each of the stops. Peter was nice enough to include full source code for how this was implemented in PHP and Javascript. He also describes setting up the necessary MySQL tables.
Read | Permalink | Email this | Linking Blogs | Comments
© 2005 Weblogs, Inc.
November 14, 2005
Those sneaky SOBs.
Here's a report that the CIA slipped software bugs to the Soviets in the 1980s:
In January 1982, President Ronald Reagan approved a CIA plan to sabotage the economy of the Soviet Union through covert transfers of technology that contained hidden malfunctions, including software that later triggered a huge explosion in a Siberian natural gas pipeline, according to a new memoir by a Reagan White House official.
A CIA article from 1996 also describes this.
November 10, 2005
Pot of gold at the end of the Rainbow
Rainbow warriors crack password hashes
Is it safe? Nope
A trio of entrepreneurial hackers hope to do for the business of password cracking what Google did for search and, in the process, may remove the last vestiges of security from many password systems.
Time to move to a cast iron hat.
Aluminum Foil Hats Will Not Stop "Them"
Otter writes "A study at MIT has found that aluminum foil headwear ("Among a fringe community of paranoids..the protective measure of choice against invasive radio signals") actually amplifies certain frequency bands allocated to the US government, as well as a mobile phone range, and is largely ineffective through the rest of the radio spectrum. But we can we trust the study, or are They controlling the researchers?"
Wireless anyone?
Upgrade the Linksys WRT54G with open source firmware
The Linksys WRT54G is a fairly typical WiFi router, able to connect your home network and work seamlessly with a broadband connection. But what makes the $60 router unique is the fact that its firmware is based on Linux. A couple of years ago, Linksys "under pressure from the open source community" released the firmware under the GPL, and since then, developers have taken it apart and put it back together again, adding new features, including the ability to run the WRT54G as a VPN or VoIP server, a RADIUS server, or even as a full-fledged (albeit very low-end) computer. WiFi Planet has a good rundown of the options available to WRT54G hackers, along with lots of warranty-voiding tips; the site estimates that by upgrading the firmware, you can turn the WRT54G into the equivalent of a $600 workhorse. Of course, all of this raises the question of what's really in all of those $600 routers powered by proprietary firmware. The answer, we assume, is pretty much the same guts as a $60 unit, and $540 of trademarked, patented, intellectual property. Thank goodness for open source!
Read | Permalink | Email this | Linking Blogs | Comments
© 2005 Weblogs, Inc.
SPONSORED BY: Age of Empires III - Real-Time Strategy Game Control a European power on a quest to colonize and conquer the New World. AOE3 introduces new gameplay elements, as well as new civilizations, units, and technologies. http://www.ageofempires3.com/
It is all Sony's Fault
First Trojan using Sony DRM spotted
Sony-BMG's rootkit DRM technology which masks files whose filenames start with "$sys$", has been taken advantage of. A newly-discovered variant of of the Breplibot Trojan is using the mask to hide the file "$sys$drv.exe" in the Windows system directory.
Buried Treasure!
Island with undiscovered treasure for sale
Mark Frauenfelder:
Ian Wallace says: "Oak Island, part of Nova Scotia, is home to the legendary 'Money Pit,' a pit supposed to contain buried treasure but also ingeniously booby-trapped to flood with sea water. The Money Pit site and history are famous amongst treasure buffs and cryptology buffs alike, because the site was famously discovered after some encoded maps and documents were deciphered. Lots of info out there, of course, but the new detail is that the current treasure hunters who own the site are selling it off."
Link (Good site about Oak Island here. Great article and Map by Boing Boing pal Joe Nickell here.) (thanks, Ian!)
I like paper airplanes.
Paper airplane - The best paper airplane in the world!
Build the best paper airplane in the world!
November 09, 2005
Dammit Microsoft!
Nice little USB oops
I was't able to see David Maynor'sYou are the Trojan (pdf) talk at Toorcon, but it is a really interesting subject. With such a large emphasis being placed on tightening perimeter security with firewalls and IDS systems how do attacks keep getting through? The user: bringing laptops on site, connecting home systems through a VPN, or just sacrificing security for speed.
Peripherals can also be a major threat. USB and other computer components use Direct Memory Access (DMA) to bypass the processor. This allows for high performance data transfers. The CPU is completely oblivious to the DMA activity. There is a lot of trust involved in this situation. Heres how this could be exploited: Like a diligent individual you've locked your Windows session. Someone walks in with their hacked USB key and plugs it into your computer. The USB key uses its DMA to kill the process locking your session. Voila! your terminal is now wide open and all they had to do was plug in their USB key, PSP, iPod... With the XBox 360's eagerness to work with your iPod, I'm guessing it is probably just vulnerable to this attack as anything else.
Has anyone done this? Maximillian Dornseif presented 0wn3d by an iPod at CanSecWest. The firewire protocol allows direct memory access and doesn't require a host which makes this attack even easier. He's got presentation materials and code for iPod Linux on his site. There are legitimate uses. If you were doing forensics you could copy the live memory contents of the machine with minimal effects.
Paul, dirty dirty!
Sexy Geek Calendar
The Geek Gorgeous 2006 Wall Calendar(www.geekgorgeous.com) was released on Nov 7th, 2005. The calendar showcases young ladies who are not only beautiful and stylish, but can also fix your computer, normalize your databases, discuss the advantages of polymorphism, and beat you at Doom 3.
Dammit Sony!
List of Sony CD's with root-kit
A list, albeit not a complete list, of CD's with the root-kit from Sony and BMG.
Top 10 Tips for Great
Top 10 Tips for Great Pictures
Do you wish you were a better photographer? All it takes is a little know-how and experience. Keep reading for some important picture-taking tips. Then grab your camera and start shooting your way to great pictures.