Slashdot

Nurse Nasty writes "Scambaiting is a fun and relaxing full-contact email sport. It's all about baiting Internet and email scammers into exposing themselves and sharing that humiliation with the entire world. Recently I baited four different groups of Internet scammers into being comic book action super-heroes, and then giving them their own 10-page graphic novel. It's a bit of fun and eduction through entertainment." (Warning: The comic contains a bit of naughty language.)

SEWilco writes "You might want to check your spam folder, as SpamAssassin has a rule which is tending to mark email sent in 2010 as spam. There is some discussion in a bug report. The SpamAssassin Wiki FH_DATE_PAST_20XX page doesn't have discussion, but it was updated today with a different date rule."

An anonymous reader writes "Former Washington Post Security Fix blogger Brian Krebs has launched a new blog at krebsonsecurity.com, and his first story highlights a pair of underground antivirus scanning services that cater to virus writers. Scanning services like virustotal.com scan submitted files against dozens of antivirus products, and share the results with each of the vendors so that all benefit from learning about threats they don't yet detect. But there are number of budding online services that allow customers to pay per scan, and promise that the results will never get reported back to the antivirus companies. One service even tests how well web site 'exploit packs' are detected, while others promise additional layers of protection. 'The service claims that it will soon be rolling out advanced features, such as testing malware against anti-spyware and firewall programs, as well as a test to see whether the malware functions in a virtual machine.'"

Hugh Pickens writes "It seems like it was only yesterday when the entire world was abuzz about the looming catastrophe of Y2K that had us both panicked and prepared. Ten Years ago there were doomsday predictions that planes would fall from the sky and electric grids would go black, forced into obsolescence by the inability of computers to recognize the precise moment that 1999 rolled over to 2000 and for many it was a time to feel anxious about getting money out of bank accounts and fuel out of gas pumps. "Nobody really understood what impact it was going to have, when that clock rolled over and those digits went to zero. There was a lot of speculation they would reset back to 1900," says IT professional. Jake DeWoskin. The Y2K bug may have been IT's moment in the sun, but it also cast a long shadow in its wake as the years and months leading up to it were a hard slog for virtually everyone in IT, from project managers to programmers."

richrumble writes "The OISF has released the beta version of the Suricata IDS/IPS engine: The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. This new Engine supports Multi-Threading, Automatic Protocol Detection (IP, TCP, UDP, ICMP, HTTP, TLS, FTP and SMB! ), Gzip Decompression, Fast IP Matching and coming soon hardware acceleration on CUDA and OpenCL GPU cards."

Hugh Pickens writes "The NY Times reports that TSA special agents have served subpoenas to travel bloggers Steve Frischling and Chris Elliott demanding that they reveal who leaked a TSA directive outlining new screening measures that went into effect the same day as the Detroit airliner incident. Frischling said he met with two TSA special agents for about three hours and was forced to hand over his laptop computer after the agents threatened to interfere with his contract to write a blog for KLM Royal Dutch Airlines if he didn't cooperate and provide the name of the person who leaked the memo outlining new security measures that would be apparent to the traveling public. 'It literally showed up in my box,' Frischling told The Associated Press. 'I do not know who it came from.' Frischling says he provided the agents a signed statement to that effect. The leaked directive included measures such as screening at boarding gates, patting down the upper legs and torso, physically inspecting all travelers' belongings, looking carefully at syringes with powders and liquids, requiring that passengers remain in their seats one hour before landing, and disabling all onboard communications systems, including what is provided by the airline. In a December 29 posting on his blog, Elliott said he had told the TSA agents at his house that he would call his lawyer and get back to them."

plover writes "I work as a developer for a Very Large American Corporation. We are not an IT company, but have a large IT organization that does a lot of internal development. In my area, we do Windows development, which includes writing and maintaining code for various services and executables. A few years ago the Info Security group removed local administrator rights from most accounts and machines, but our area was granted exceptions for developers. My question is: do other developers in other large companies have local admin rights to their development environment? If not, how do you handle tasks like debugging, testing installations, or installing updated development tools that aren't a part of the standard corporate workstation?"

I Don't Believe in Imaginary Property writes "Professor Johannes Skaar's Quantum Hacking group at NTNU have found a new way to break quantum encryption. Even though quantum encryption is theoretically perfect, real hardware isn't, and they exploit these flaws. Their technique relies on a particular way of blinding the single photon detectors so that they're able to perform an intercept-resend attack and get a copy of the secret key without giving away the fact that someone is listening. This attack is not merely theoretical, either. They have built an eavesdropping device and successfully attacked their own quantum encryption hardware. More details can be found in their conference presentation."

Xcott Craver writes "The next Underhanded C Contest has begun, with a deadline of March 1st. The object of the contest is to write short, readable, clear and innocent C code that somehow commits an evil act. This year's challenge: write a luggage routing program that mysteriously misroutes a customer's bag if a check-in clerk places just the right kind of text in a comment field. The prize is a gift certificate to ThinkGeek.com."

miffo.swe writes "I'm trying to find the normal ratio of technicians/support tech per user or computer in your average IT-shop. When searching around, I can't find that many examples or any statistics. We manage around 900 computers (mostly Windows XP) and 25+ servers (mostly Linux). There are around 2600 users of varying knowledge, mostly pretty low. I can't find any statistics on this, so real-world examples are very welcome since we do this with one sysadmin (me) and two sneaker techs. Are we seriously understaffed, or is this normal?"

An anonymous reader writes "I am an IT worker in a mid sized company with approximately 500 employees. There are 30 people on the IT staff, 6 of whom are on the help desk. Our help desk does have significant visibility in the company, and most people know us by face (some by name). Recently the idea has been floated up the management chain to have these help desk workers wear IT department branded shirts. The idea is to promote visibility and unity. Wearing of these shirts would be mandatory Monday through Thursday. The shirts would not be identical (there would be several styles offered). We would be the only department with specific garments outside of the normal business casual dress code. Is management out of line with the industry in promoting this sort of policy change? Is the singling out of 6 employees as 'the IT guys' a step in the right direction, or does it detract from the professionalism that we are trying to display as a department?"

An anonymous reader writes "Adobe Systems' Flash and Acrobat Reader products will become the preferred targets for criminal hackers (PDF) in 2010, surpassing Microsoft Office applications, a security vendor predicted this week. 'Cybercriminals have long picked on Microsoft products due to their popularity. In 2010, we anticipate Adobe software, especially Acrobat Reader and Flash, will take the top spot,' security vendor McAfee said in its '2010 Threat Predictions' report. 'We have absolutely seen an increase in the number of attacks, around Reader in particular and also Flash Player to some extent,' CTO Kevin Lynch told reporters at the Adobe Max conference in October. 'We're working to decrease the amount of time between when we know about a problem and when we release a fix. That used to be a couple of months; now it's within two weeks for critical issues.'"

Hugh Pickens writes "The NY Times reports that German encryption expert Karsten Nohl says that he has deciphered and published the 21-year-old GSM algorithm, the secret code used to encrypt most of the world's digital mobile phone calls, in what he called an attempt to expose weaknesses in the security system used by about 3.5 billion of the 4.3 billion wireless connections across the globe. Others have cracked the A5/1 encryption technology used in GSM before, but their results have remained secret. 'This shows that existing GSM security is inadequate,' Nohl told about 600 people attending the Chaos Communication Congress. 'We are trying to push operators to adopt better security measures for mobile phone calls.' The GSM Association, the industry group based in London that devised the algorithm and represents wireless operators, called Mr. Nohl's efforts illegal and said they overstated the security threat to wireless calls. 'This is theoretically possible but practically unlikely,' says Claire Cranton, a GSM spokeswoman, noting that no one else had broken the code since its adoption. 'What he is doing would be illegal in Britain and the United States. To do this while supposedly being concerned about privacy is beyond me.' Simon Bransfield-Garth, the chief executive of Cellcrypt, says Nohl's efforts could put sophisticated mobile interception technology — limited to governments and intelligence agencies — within the reach of any reasonable well-funded criminal organization. 'This will reduce the time to break a GSM call from weeks to hours,' Bransfield-Garth says. 'We expect as this further develops it will be reduced to minutes.'"

nandemoari writes "When security officials decide to 'go after' computer malware, most conduct their actions from a defensive standpoint. For most of us, finding a way to rid a computer of the malware suffices — but for one computer researcher, however, the change from a defensive to an offensive mentality is what ended the two year chase of a sinister botnet once and for all. For two years, Atif Mushtaq had been keeping the notorious Mega-D bot malware from infecting computer networks. As of this past November, he suddenly switched from defense to offense. Mega-D had forced more than 250,000 PCs to do its bidding via botnet control."

blognoggle writes "Roger Sessions, a noted author and expert on complexity, developed a model for calculating the total global cost of IT failure. Roger describes his approach in a white paper titled The IT Complexity Crisis: Danger and Opportunity. He concludes that IT failure costs the global economy a staggering $6.2 trillion per year."

theodp writes "Technology Review's David Talbot says IT's next grand challenge will be to secure the cloud — and prove we can trust it. 'The focus of IT innovation has shifted from hardware to software applications,' says Harvard economist Dale Jorgenson. 'Many of these applications are going on at a blistering pace, and cloud computing is going to be a great facilitative technology for a lot of these people.' But there's one little catch. 'None of this can happen unless cloud services are kept secure,' notes Talbot. 'And they are not.' Fully ensuring the security of cloud computing, says Talbot, will inevitably fall to emerging encryption technologies."

hacker writes "I have a heavily-hit public server (web, mail, cvs/svn/git, dns, etc.) that runs a few dozen OSS project websites, as well as my own personal sites (gallery, blog, etc.). From time to time, the server has 'unexpected' outages, which I've determined to be the result of hardware, network and other issues on behalf of the provider. I run a lot of monitoring and logging on the server-side, so I see and graph every single bit and byte in and out of the server and applications, so I know it's not the OS itself. When I file 'WTF?'-style support tickets to the provider through their web-based ticketing system, I often get the response of: 'Please provide us with the root password to your server so we can analyze your logs for the cause of the outage.' Moments ago, there were three simultaneous outages while I was logged into the server working on some projects. Server-side, everything was fine. They asked me for the root password, which I flatly denied (as I always do), and then they rooted the server anyway, bringing it down and poking around through my logs. This is at least the third time they've done this without my approval or consent. Is it possible to create a minimal Linux boot that will allow me to reboot the server remotely, come back up with basic networking and ssh, and then from there, allow me to log in and mount the other application and data partitions under dm-crypt/loop-aes and friends?" Read on for a few more details of hacker's situation.

iago-vL writes "Security researchers at SkullSecurity have demonstrated how the NetBIOS protocol allows trivial hijacking due to its design, through the use of a tool called 'nbpoison' (in the package 'nbtool'). If a DNS lookup fails on Windows, the operating system will broadcast a NetBIOS lookup request that anybody can respond to. One vector of attack is against business workstations on an untrusted network, like a hotel; all DNS requests for internal resources can be redirected (Exchange, proxy, WPAD, etc). Other attack vectors are discussed in a related blog post. Although similar attacks exist against DHCP, ARP and many other LAN-based protocols, we all know that untrusted systems on a LAN means game over. NetBIOS poisoning is much quieter and less likely to break other things."

ARos writes "A holiday DDoS attack targeted a west-coast DNS provider, which is known for serving large-scale E-Commerce sites (including amazon.com and walmart.com). 'Neustar, which provides DNS services to high profile website addresses under the UltraDNS brand, said the flood of malicious traffic, just two days before Christmas, was directed at the company's facilities in San Jose and Palo Alto, and that the effects were mostly limited to California users.' CNet adds: 'In addition to the high-profile sites, dozens of smaller sites that rely upon Amazon for Web-hosting services were also taken down by the attack. Amazon's S3 and EC2 services were affected by the problems, according to Jeff Barr, Amazon's lead Web Evangelist, who retweeted a report to that effect without clarification and confirmed it in later tweets.'"

st1d writes to tell us that Wikileaks has put out a call for help. However, instead of just asking for money, they have also suggested technical and legal avenues for support. In the site's short life, Wikileaks has been at the center of many breaking scandals and investigations. "Wikileaks is currently overloaded by readers. This is a regular difficulty that can only be resolved by deploying additional resources. If you support our mission, you can help us by integrating new hardware into our project infrastructure or developing software for the project. Become patron of a WikiLeaks server or other parts of our technology, adding more pillars to the stability and balance of the WikiLeaks platform. Servers come trouble-free and legally fortified, software is uniquely challenging. If you can provide rackspace, power and an uplink, or a dedicated server or storage space, for at least 12 months, or software development work for WikiLeaks, please write to wl-supporters@sunshinepress.org."