Interestingly, within days of it’s release Chrome has already been exploited. A simple exploit allows files, including executables, to be downloaded without any prompt. Milw0rm has provided the proof-of-concept for such an exploit.

Happy browsing!

In essence, Ion3 is screen… as a desktop manager. Based on PWM, Ion3 is meant to be a mouse-less window manager. After playing with it for a few days I was hooked. It’s interface is slim and sexy. It’s lightweight. Most importantly, it doesn’t remove the “command line” feel of screen. With hot-keys for changing desktops, moving and resizing windows, splitting upwards and down, and even hot-keys for launching applications.

The hot-keys for launching applications is really one of my favorite parts of Ion3. Using the F-keys, you can launch applications from a dynamic menu, open an ssh window, or create new desktops. Another great feature of Ion3 is that, while it feels like a command line, you still have full GUI. Firefox runs wonderfully under Ion3. Even flash videos play flawlessly.

I highly recommend trying Ion3. It’s installation is easy and quick. If you prefer a command line this is a great way to add some extra functionality to that command line.

Download: http://www.freshports.org/x11-wm/ion-3/

PWM Information: http://en.wikipedia.org/wiki/PWM_(window_manager)

Materials:

1 Cat5 cross-over cable

1 Windows XP machine with wireless and ethernet capabilities

1 Router (I used my LinkSys WRT54G)

Procedure:

1. Connect to the wireless network with your Windows XP machine

2. Open the network properties for that interface (Control Panel -> Network Connections -> (right click) Properties for the device)

3. Open the advanced tab and enable “Allow other users to connect through this computer’s internet connect”

4. Connect the cross-over cable to both the Windows XP machine’s NIC and the uplink on the router

5. Renew the router’s DHCP

At this point you should be able to plug into the router and use the internet as normal. If this setup doesn’t work, you may need to open the properties dialog for your Local Area Network connection and set it to use the wireless adapter as it’s internet source.

Using a combination of Javascript and CSS, it is possible to enumerate parts of a user’s history. This site demonstrates this with a “finding your gender” based on which sites you have viewed. http://www.mikeonads.com/2008/…-history-estimate-gender/

The following two links provide a breakdown of file systems based on capabilities (the wikipedia post) and performance (the linuxgazette post.) I’ve been using these lately while re-installing a few machines and have found them to be more than helpful.

http://linuxgazette.net/122/piszcz.html

http://en.wikipedia.org/wiki/Comparison_of_file_systems

Typo-squatting is a well known method of gathering data or presenting spam-sites. This article from TechRepublic gives a few methods for protecting against such a threat. http://blogs.techrepublic.com.com/security/?p=543&tag=nl.e036

This is a handy little web application that will generate your .htaccess file to restrict access based on what country the IP address is from. http://blockacountry.com/htaccess.php

If you are a programmer anything I like I am, you are constantly trying to find ways to better yourself or keep skills sharp. A friend of mine showed me this set of exercises designed to help keep things fresh. http://codekata.pragprog.com/2007/01/code_kata_backg.html

Many companies provide their employees with company cell phones. When text messaging is enabled a unique privacy issue develops regarding when the logs may be obtained. Techrepublic’s article explains how legality plays into this issue. http://blogs.techrepublic.com.com/security/?p=490&tag=nl.e036

Which browser is most secure? Which is best ‘out of the box’? This article goes through three popular browsers and discusses their security issues and strengths. http://itmanagement.earthweb.com/…E+vs.+Safari+vs.+Firefox.htm

I recently re-discovered this set of web-radio shows and thought I would post the link. They don’t have a huge selection of shows currently, but the 40 or so that are posted are really top notch. I have recently been working through the series on the Linux Boot Process and cannot recommend it highly enough. http://hackerpublicradio.org/

Quantum physics applied to security. That’s right. By keeping track of the quantum states of photons researchers have found a way to make a cryptographically secure transmission. Any eaves dropper would alter the current state and would therefor destroy the transmission. http://www.economist.com/sci…fm?story_id=11703138

Think you know everything there is to know about information security? This quiz is nowhere near comprehensive, but does ask a few interesting questions. http://www.newsfactor.com/…00Q2H0VF&page=5

Net Perspective has recently created a blog section for their developers and designers. As an ex-employee, I recommend keeping up with this set of blogs as these individuals are some of the top in the industry. http://blog.net-perspective.com/

RefControl

RefControl allows you to specify the referrer for a site when you view it. Accessed either from the Tools->RefControl options is the global list of all rules for all sites that you have set. Access from the right clicking menu are the current settings for the site you are visiting. If you have set no rules, you will be able to add in a new rule.

After selecting the RefControl options for the current site, you are able to add in your custom referer, send no referer, or have RefControl automatically send the root of the current site.

What use is this? With the tidal wave of CSRF exploits being found a tool that can help find these would be welcomed with open arms. This is where RefControl enters the domain. While referrer checking is not a hardened safe guard against CSRF many site still employ its use.  By setting RefControl’s custom referrer to an off-site referrer you are able to check forms and links with GET variables simply by interacting as you normally would. If the request goes through, that form or link should be inspected further. Sites using only Token Key Pairs might be vulnerable to this method of probing, but not vulnerable to CSRF itself. This is why it is important to continue inspecting after said vulnerability is found, rather than simply accepting it as a vulnerability.

Another interesting permutation of RefControl is setting the custom referrer to include SQL characters. Many sites check referrers and store then in a database for analytic purposes and this allows the penetration tester to check if those inputs are being validated also.

I apologize for missing this fact, however; the concept of P3P and third party cookies are still valid so I will leave the posting up.

In my continuing search for information pertaining to cyber warfare I have found the following two articles. The first describes why global hackers are so hard to detect and the problems both security related and political this creates. The second article shows that France is making an effort to join the “digital front line.” It explains France’s strategy to get into the cyber warfare game. http://www.livescience.com/technology/080619-chinese-hackers.html http://news.xinhuanet.com/english/2008-06/19/content_8402780.htm

This article lists 10 of the most infamous “black hat’s” over the years along with what they are known for doing. Interestingly enough, the fact that they are known shows they are not quite as good as people make them out to be. http://www.itpro.co.uk/603831/ten-of-the-most-infamous-black-hat-hackers

With anti-virus software and firewalls on the rise, virus writes have moved to targeting routers. By changing the DNS settings on a router the attacker gains control of all traffic the infected network has access too. Pointing sites to malware ridden pages or conducting man-in-the-middle attacks are only the beginning of this potential. http://www.itpro.co.uk/603852/new-trojan-threat-able-to-control-network-routers

“Be careful what you say” is something we’ve all heard, but in the current day and age perhaps “be careful what you email” is more relevant. Two Bear Stearns hedge fund managers have been brought up on charges for misleading investors. Part of the evidence are email records proving that these two knew the market was not where they claimed it to be. http://biz.yahoo.com/ap/080620/bear_stearns_investigation.html

MySQL may be partially going closed source thanks to Sun, but IBM is taking DB2 to the open source market. It is not directly going to be put out for all eyes, but according to Chris Livesey it is inevitable that DB2 will end up in the open source world. Read more here: http://news.cnet.com/IBM-to-open-source-DB…1694.html?tag=html.alert.hed

For those of you old enough to remember some of Blizzard’s classics: Diablo and Diablo II (and Lord of Destruction), it seems Blizzard is going to be blessing us with Diablo III. So far 2 character classes have been released, the barbarian and the witch doctor. http://www.blizzard.com/diablo3/

Spam trying to avoid spam filters with it’s 1337 5p34k is more annoying.

Idiotic spammers are the worst. I have been receiving spam from myself for quite some time, but only today did I actually think before simply clearing it out. Why would a spammer send me spam from a spoofed address that is mine? Obviously it would help to avoid certain filters, ones looking at allowed or disallowed email addresses. This method of filtration is extremely weak however and any decent spam filter would still block the email. I also verified these emails were infact spoofed and that my account had not been hijacked. They were indeed spoofed emails.

Beyond my confusion for the reasoning of using the rcpt address as the from address was one question: Who would open spam from themselves?

Here is a collection of subject lines I have received… from myself.

• Try these on the dirtiest surfaces in your home..
• Get up to 15OO USD by tomorrow..
• Vl@gra Cl@lis 72.5324% Save
• dirty teein stripping sincerode

Funny… I don’t remember sending any of these emails to myself.

Here’s a sneak peak at what’s in store:

• Backtrack2 Wireless Shell-script
• A continuation of the penetration testing series focusing on RefControl and the User Agent Switcher
• My commentary on the “hacker mindset”