haxorthematrix

The latest flaw in the Diebold voting machines allows someone with malicious intenet to pwn a voting machine when left alone with it for a very short period of time. This "feature" is allegedly there to allow election officials to update the voting machines easily and potentialy an evil elections person could compromise a voting machine. A Diebold representative David Bear claims that "I don't believe these evil elections people exist."

WHAT?

Evil people exist everywhere, including elections officials I'm sure.

Oh yeah, and threat model? Remember it only takes a few moments to exploit a voting machien when left alone with it. Elections officials are the only ones left alone with the machines - remember those folks that go behind a little curtain alone for a few minutes with the voting machine? Yeah, they are called voters, and there are MILLIONS of them. Surely none of those millions of individuals have any evil intent, or would want to compromise an election.

Talk about missing the frigging boat on who the threats are. Hey Diebold, get your collective heads out of your asses and take the advice of the security people auditing your systems.

- L

Diebold Doesn't Get It

This quote sums up nicely why Diebold should not be trusted to secure election machines:

David Bear, a spokesman for Diebold Election Systems, said the potential risk existed because the company's technicians had intentionally built the machines in such a way that election officials would be able to update their systems in years ahead.

"For there to be a problem here, you're basically assuming a premise where you have some evil and nefarious election officials who would sneak in and introduce a piece of software," he said. "I don't believe these evil elections people exist."

If you can't get the threat model right, you can't hope to secure the system.

Posted by Larry at 11:44 AM | Permalink | Comments (0)

I'm unable to find patches/updates for the devices, as the advisory seems a little light. However, I have my own fix:

Turn off UPNP.

Don't use a protocol that can reconfigure your router that does not require authentication (UPNP reconfigures the router and does not requre authentication). No authentication is bad news - just think of what a malicious individual could do...

- L

Secunia: Linksys WRT54G UPnP Port Mapping Vulnerability

Secunia: Linksys WRT54G UPnP Port Mapping Vulnerability

Posted by Larry at 11:36 AM | Permalink | Comments (0)

- L

Metasploit Version 2.6 has been released

Posted by Larry at 11:35 AM | Permalink | Comments (0)

- L

Zone Labs loses wallets but finds (it hopes) some notoriety

Zone Labs is a security software vendor. The company's mission is battling viruses and spyware. Nonetheless, the company tried to raise awareness about identity theft--and, ...

Posted by Larry at 11:31 AM | Permalink | Comments (0)

A laptop form the VA was stolen, and it had 26 MILLION records on it, containing Names, DOB, and SSN for veterenas discharged after 1975. With that information, can you say identity theft - and lots of it. Hopefully the theif has no idea what he or she stole.

So I understand that the individual who copied the data to the laptop was in violation of VA policies (well, at least they have a policy). and they ere placed on administrative leave.

So, the VA is doing at least some things right: They have a policy, they are enforcing it when it is breached, and they are taking steps to resolve the problem.

It jsut goes to show, that if data is leaving a trusted space encryt the rive or the file! Encryption is your friend!

- L

VA data files on millions of veterans stolen

(Updated) The Veterans Affairs Department today revealed that a computer containing personal, identifying data for as many as 26 million American veterans was stolen from a VA employee's home in May.

Posted by Larry at 10:59 AM | Permalink | Comments (0)

My advice - be careful and choose wisely. Get references, and contact them - you'd be surprised how many don't make the call.

From a consultants perspective, the best thing that they can gain (and use to improve themselves) is to not use scare tactics as thier only sell. Use the scare tactics, after you've understood how a particlar threat will affect an organization, and help the customer understand the risk. Be the informer, not the scare monger.

This would also work for the "corporate" security guys. Just replace "customer" in the above paragraph with "boss", "team" or "organization" and so on.

My father used to say that you get more flies with honey then you do with shit.

- L

When a consultant isn't: A rogue's gallery

Columnist Jon Espenschied considers some of the curious characters in security consulting, and how to spot when the train's heading in the wrong direction.

Posted by Larry at 01:35 PM | Permalink | Comments (0)

Spammers = 1
Good Guys = 0

Blue Security decided to close up shop after being at the poop end of a stick of a massive DDoS by PharmaMaster (a spammer), in regards to thier business practies (spamming the spammers). The decided that they did not have the authority to start an all out cyber war, and that was not what thier customers signed up for.

I say they should have gone for it. I'd have paid good money!

It just seems like the Spammers have won. It is a shame that we all have to expend effort to deal with these messages. I think that the only way this will ever stop is if people STOP BUYING from the spam campaigns. If it isn;t profitable works they will allegedly stop.

Yeah, like that will happen.

- L

Blue Security quits after attack by renegade spammer

Spam fighter folds

Anti-spam firm Blue Security is to cease trading after deciding its escalating conflict with a renegade spammer was placing the internet as a whole in jeopardy.…

Posted by Larry at 11:12 AM | Permalink | Comments (2)

(See, I'm becoming more of a mac-head)

The patches were touted as fixing vulnerabilities for viewing movies, images, websites, zip files, flash content, and e-mail. That sounds like exactly wha I use my PC for every day. Good thing there are patches!

- L

Brief: Apple fixes 43 flaws

Apple fixes 43 flaws

Posted by Larry at 11:04 AM | Permalink | Comments (0)

The article discusses the lack of automated tools to accomplish vendor transition, and stated that it could take 6 months or more to convert a firewall with 500 rules.

My experience is signifigantly different. I've converted in the past and with about 500 rules, the conversion, build, extensive testing and implememtation took about 40 hours over a 3 week period.

I think anyone with half a brain and a text editor (god forbud basic text manupulation such as "cut" under unix) could get most of the way to automation.

- L

Love your firewall - changing is too painful

Few migration tools means that moving from one brand of gateway firewall to another can be a daunting task that can take six months or more.

Posted by Larry at 10:53 AM | Permalink | Comments (0)

Wireless. Is. Everywhere.

Now, wireless is great. However, the wireless vendors realy need to make security the default, and make it EASY for home users.

- L

The War Driver Returns

Computerworld's David Ramel hits the road again to check out the state of wireless security -- and comes up with some surprising conclusions.

Posted by Larry at 10:49 AM | Permalink | Comments (0)

- L

Hacker Con Wi-Fi Hijinx

Riscphree and I came up with a Tri-fold pamphlet to hand out at hacker and security conferences. We first released it at Notacon 2006. Feel free to use it at your con as long as you don't change the credit information. Download theHacker Con Wi-Fi Hijinx PDF here.

Posted by Larry at 02:44 PM | Permalink | Comments (0)

http://www.spycar.org

- L

Talented and Creative Group We Are, (Fri, May 5th)

Ok - We all know what a talented and creative group our Handlers are. Some of them may be the mos ...(more)...

Posted by Larry at 12:22 PM | Permalink | Comments (1)

- L

Email from Guy Rosen at Blue Security, (Fri, May 5th)

We just received an email from Guy Rosen at BlueSecurity outlining what they have been dealing with ...(more)...

Posted by Larry at 12:15 PM | Permalink | Comments (0)

Now, I'm not a huge fan of McAfee. Does any one have any suggetions on an alternative AV product that runs natively on the new Intel Macs (not via Rosetta, but a universal binary or standalone product)? I'd be interested in hearing about it, as I'm seiously contemplating a MacbookPro purchase.

- L

Well that explains it

Just the other day I noted that McAfee was claiming that Mac platform vulnerability discovery rates have rocketed in the past couple years. Then coincidentally [straight afterwards] the company launches its antivirus software for the Mac platform....

Posted by Larry at 12:07 PM | Permalink | Comments (1)

According to the article, there were an number of millitary computers touched by the same botherder. Oops. Again, do the computers need internet access?

At least Mr. Maxwell (the bot herder) plead guilty, and will make restitution to the hospital.

- L

Brief: Bot herder pleads guilty to hospital hack

Bot herder pleads guilty to hospital hack

Posted by Larry at 12:01 PM | Permalink | Comments (0)

I'm assuimng that the new BMW's have the ability to unlock the doors and start the vehicle (and apparently turn off the lojack as well), without the use of a key. Now I can understand the value and convenience, it has apparently made it that much easier to steal them. Now, I'm only under the assumption about being able to start the vehicle without a key, as I don't have enough l00t to be able to buy one - infact, they would probably chase me out of the dealership.

Now, I know how to make this more secure; two factor authentication. Guess what? I've just made this system more complicated, and possibly more of a hassle than the existing key. Now the keyless entry could be coupled with something convenient such as biometrics, but I'd argue that this would also be a step back from the convenience of no keys altogether.

It just goes to show that security is not always conveient.

- L

Check out the story here

Posted by Larry at 01:20 PM | Permalink | Comments (0)

I'm noticing the increase in exploits for Firefox. They seem to be approaching the level of IE. Now, I'm not going to say stop using Firefox! Keep in mind that I think that Firefox has a much better release schedule for fixes: Immediatley! Unlike Micosoft, who only patch once a month, and flatly refuse to patch out of cycle.

- L

Firefox fix 1.5.0.3, (Wed, May 3rd)

Firefox update 1.5 ...(more)...

Posted by Larry at 10:24 AM | Permalink | Comments (0)

Is anyone familiar with a similar concept (third party or otherwise) that will work with Windows XP?

- L

Microsoft's BitLocker

BitLocker Drive Encryption is a new security feature in Windows Vista, designed to work with the Trusted Platform Module (TPM). Basically, it encrypts the C drive with a computer-generated key.

Posted by Larry at 10:07 AM | Permalink | Comments (2)

Why do I think abdou this type of thing every time I pass those electronic construction signs onthe highway? Sounds like something Twitchy should do.

Now, this story is a perfect example of something fairly harmless that indicates a good point. Practice defense in depth - Good passwords, restrict access, and monitor: Then things like this wouldn;t happen.

- L

Hacker Hilariously Modifies LED Signboards In Canada

Posted by Larry at 10:01 AM | Permalink | Comments (0)

paul and I have been talking for a good 6 months on the next steps for botnets: Instead of using IRC for the Command and Control, what about http or even https? The challenge would be filtering all of the bad botnet traffic out from your legitimate websurfing. Not to mention the diffuculties of not being able to decrypt https traffic.

It is a scary world in which we live.

- L

AOL IM bot cloaked in encryption

The bot has the potential to infect upwards of a few tens of thousands of AIM users, according to the Sans Institute.

Posted by Larry at 09:41 AM | Permalink | Comments (0)