Monthly ArchiveDecember 2006
Personal Opinions &Security News D1m on 28 Dec 2006
Strict Laws On DoS/DDoS Attacks + Personal Opinion
Since November 2006, in UK is an offense to launch DoS/DDoS attacks, which experts had previously called “a legal gray area.”
What follows is my brief personal view on this subject.
Such attacks should have been considered illegal for over 10 years now because they cause significant financial losses to businesses as they affect the availability of data and services – A very unethical thing to do…
Causing many problems for all the parties involved in the supply chain…
Personal Opinions &Security Articles D1m on 25 Dec 2006
The Trend That Young “Wannabe Hackers” Follow
Both Kevin Mitnick (http://www.defensivethinking.com ) and Kevin Poulsen (http://www.securityfocus.com & http://www.wired.com ) are currently successful in the Information Security field because of their past computer crimes [1] and the attention that they received through the news media. They are not the only ones though!
Their professional success that followed after serving jail time, created a trend that young “wannabe hackers” follow: They expect a bright future career and in order to achieve that, they hope to get busted for hacking.
Operating Systems &Security News D1m on 19 Dec 2006
Pretty But Buggy Vista – Most Secure OS?
In my opinion, Microsoft all the past years, since the first version of Windows until the latest Vista release [1], focuses mostly on adding new features than maintaining a secure kernel.
Microsoft is also the operating system (OS) market dominator, meaning that is the main target for crimeware/malware writers – responsible for a very big percent of worldwide cyber-crimes.
Which OS do you prefer for more security? Linux,Windows or any other? Continue Reading »
Personal Opinions &Phishing D1m on 08 Dec 2006
A Way To Fight Phishing Scams
I think one root of the problem is how fast scammers can register domain names and have the fake websites – e.g. for PayPal etc… – up and running in seconds. The root of the problem is the automated process of the domain name registrations.
The Internet Corporation for Assigned Names and Numbers (ICANN) and the registrars have to do something in order to protect the individuals from phishing scams. The current situation is: A complaint about a scammer’s domain – e.g. payppaal.com – has to be legally resolved and it takes ages until the court’s final decision to take the domain name down, while phishers need only a few minutes or hours to setup their scam websites and steal dozen of credit card details. Continue Reading »
Exploits &Security News D1m on 02 Dec 2006
Remote Root Exploit For Linux Kernel 2.6.x. At Auction!
It pays to get 0day remote root exploits for vulnerabilities! Digital Armaments Inc. – an IT security company based in the US – launched a hacking challenge on the 1st of November on the topic of “Remote Kernel Exploitation” . The challenge will end on the 31st of December and prizes will be given to the authors of the official advisory reporting the identified vulnerabilities which must result to remote code execution. The winning advisory will be then sold in an auction.
Although the official rules of the challenge forbid the disclosure of any vulnerability related information before the end of the challenge, according to the organizers, news information about important vulnerabilities that worth the early attention of the IT community should be made known before public disclosure of the related exploits. Continue Reading »