2
Security Views/Dr. BIll Hancock cool toys and that’s a given”, says Jeff Moss, the event’s main organizer, who also goes by the hacker handle Dark Tangent. “When I jumped jobs in the past it was to work with cool people and interesting stuff. I would take a $20 000 pay cut to be with an interest- ing group of people doing cool stuff.” Should the government be wary of hiring hackers? Probably not,at least not as long as they don’t have a conviction record, Moss says. He knows a thing or two about hiring hackers. He himself worked for Secure Computing until October 1999, when he devoted himself full time to putting on DefCon. “When I was at Secure Computing, we admitted that yes, we hire hackers, but we don’t hire computer criminals.We wanted smart, old-school hackers who knew what they were doing.” The heavy federal presence made the traditional ‘Spot the Fed’ contest almost pointless.The idea behind the contest has always been to ‘out’ a federal officer who may be quietly lurking at the convention.A suspected fed, sometimes spotted by his or her more conserva- tive dress, is quizzed by about his or her profession, and if they work for a federal or other government agency, they’re asked to produce a badge or official identification. Of course it’s all meant in good fun. The prizes? An ‘I Spotted the Fed’T-shirt for the spot- ter,and an ‘I Was the Fed’T-shirt for the spottee. For the past two years, hackers attending DefCon have looked forward most of all to the annual visit from the Cult of the Dead Cow (cDc), a hacker troupe with a 16-year history,known for its collection of interesting personalities and superior skills. DefCon has recently been the place where cDc releases its lat- est and most controversial software tools.At DefCon 6 in 1998, the group released Back Orifice, a network administration tool that would allow a user to remotely manage a Windows-based computer. It was also useful for some of the malicious hackers who used it — by sneaking a copy into a computer — as a way of monitoring the activity on a target computer without the knowledge of the computer’s owner. Computer security firms rushed to find ways to coun- teract the misuse of the program, many declaring it a Trojan horse. Then last year, at DefCon 7, cDc released a new version of the program, Back Orifice 2000, which was smaller, faster and more powerful than the original. So what did cDc have for the crowd at DefCon this year? A big show that included, among other things, a mock human sacrifice,but almost nothing else.“We’re not a software company, so people shouldn’t be expecting a new tool every year”, says a member of cDc who goes by the name of Tweety Fish.(“I want- ed a name so ridiculous that if I ever got arrested, a judge would laugh it out of court”, he says of the name.) Yet cDc, having recently released a software tool called NDNames, continues to be a thorn in the side of software giant Microsoft. The program takes advantage of an apparent weakness in the Windows operating system by blocking a computer’s ability to get a unique identifying name on a network, thereby interfering with its ability to talk to other machines on the network.The group told Microsoft about the weakness, and patch has been issued, but only for Windows 2000. Microsoft said in a security bulletin that the weakness lies not in Windows, but in the NetBIOS protocol. Another vulnerability was revealed at the conference in Lotus Notes, a Internet server platform sold by Lotus Development, a unit of IBM, by Chris Goggans, of Security Designs International, who used to go by his hacker handle Erik Bloodaxe and the Trust Factory, a Netherlands-based computer security firm. Essentially, the weakness could, Goggans says, in the most extreme cases, allow an attacker to usurp the identification information of a Notes user, gaining access to that server. Lotus has suggested ways to fend off such an attack, but Goggans says that while this is a good start,they still don’t cover all the ways it could be carried out. No word yet if Lotus plans to recruit at DefCon 9. Hacker Target: Mobile Phones Mobile phones have become the focus of attacks by virus writers and hackers, according to Russian anti- virus firm Kaspersky Lab. The Moscow-based com- pany said that in the past few months, mobile phones and their users have had increasing attention paid to 494

Hacker Target: Mobile Phones

Embed Size (px)

Citation preview

Page 1: Hacker Target: Mobile Phones

Security Views/Dr. BIll Hancock

cool toys and that’s a given”, says Jeff Moss, the event’smain organizer, who also goes by the hacker handleDark Tangent. “When I jumped jobs in the past it was to work with cool people and interesting stuff. Iwould take a $20 000 pay cut to be with an interest-ing group of people doing cool stuff.”

Should the government be wary of hiring hackers?Probably not, at least not as long as they don’t have aconviction record, Moss says. He knows a thing ortwo about hiring hackers. He himself worked forSecure Computing until October 1999, when hedevoted himself full time to putting on DefCon.“When I was at Secure Computing, we admitted thatyes, we hire hackers, but we don’t hire computercriminals. We wanted smart, old-school hackers whoknew what they were doing.”

The heavy federal presence made the traditional ‘Spotthe Fed’ contest almost pointless.The idea behind thecontest has always been to ‘out’ a federal officer whomay be quietly lurking at the convention.A suspectedfed, sometimes spotted by his or her more conserva-tive dress, is quizzed by about his or her profession,and if they work for a federal or other governmentagency, they’re asked to produce a badge or officialidentification. Of course it’s all meant in good fun.The prizes? An ‘I Spotted the Fed’T-shirt for the spot-ter, and an ‘I Was the Fed’T-shirt for the spottee.

For the past two years, hackers attending DefConhave looked forward most of all to the annual visitfrom the Cult of the Dead Cow (cDc), a hackertroupe with a 16-year history, known for its collectionof interesting personalities and superior skills. DefConhas recently been the place where cDc releases its lat-est and most controversial software tools. At DefCon6 in 1998, the group released Back Orifice, a networkadministration tool that would allow a user toremotely manage a Windows-based computer. It wasalso useful for some of the malicious hackers whoused it — by sneaking a copy into a computer — as away of monitoring the activity on a target computerwithout the knowledge of the computer’s owner.Computer security firms rushed to find ways to coun-teract the misuse of the program, many declaring it aTrojan horse. Then last year, at DefCon 7, cDc

released a new version of the program, Back Orifice2000, which was smaller, faster and more powerfulthan the original.

So what did cDc have for the crowd at DefCon thisyear? A big show that included, among other things, amock human sacrifice, but almost nothing else.“We’renot a software company, so people shouldn’t beexpecting a new tool every year”, says a member ofcDc who goes by the name of Tweety Fish. (“I want-ed a name so ridiculous that if I ever got arrested, ajudge would laugh it out of court”, he says of thename.) Yet cDc, having recently released a softwaretool called NDNames, continues to be a thorn in theside of software giant Microsoft. The program takesadvantage of an apparent weakness in the Windowsoperating system by blocking a computer’s ability toget a unique identifying name on a network, therebyinterfering with its ability to talk to other machineson the network.The group told Microsoft about theweakness, and patch has been issued, but only forWindows 2000. Microsoft said in a security bulletinthat the weakness lies not in Windows, but in theNetBIOS protocol.

Another vulnerability was revealed at the conferencein Lotus Notes, a Internet server platform sold byLotus Development, a unit of IBM, by ChrisGoggans, of Security Designs International, who usedto go by his hacker handle Erik Bloodaxe and theTrust Factory, a Netherlands-based computer securityfirm. Essentially, the weakness could, Goggans says, inthe most extreme cases, allow an attacker to usurp theidentification information of a Notes user, gainingaccess to that server. Lotus has suggested ways to fendoff such an attack, but Goggans says that while this isa good start, they still don’t cover all the ways it couldbe carried out. No word yet if Lotus plans to recruitat DefCon 9.

Hacker Target: Mobile PhonesMobile phones have become the focus of attacks byvirus writers and hackers, according to Russian anti-virus firm Kaspersky Lab. The Moscow-based com-pany said that in the past few months, mobile phonesand their users have had increasing attention paid to

494

COSEv19no6.qxd 9/11/00 9:43 AM Page 494

Page 2: Hacker Target: Mobile Phones

495

Computers & Security, Vol. 19, No. 6

them by virus writers who have found a new play-ground to create chaos. Kaspersky said that accordingto the existing information, someone with apseudonym of HSE has created a program called SMSFlooder.As the name implies, the software allows SMS(short message service) text messages to be sent in anyvolume to chosen numbers at any time.

According to the anti-virus firm, the hacking utility,which is coded in Visual Basic 5.0, uses some of themany Internet E-mail-to-SMS gateway services,including www.free-sms.com, sms-link.btn.de,www.nm-info.de, www.pcteam.de, www.mobidig.netand www.lycos.de. As a result of its research,Kaspersky said it classifies the program as a maliciouscode, although concedes that the program itself is notdangerous — just its potential results.

The slightly good news is that, so far, SMS Flooderhas been restricted to Germany, mainly because thegateways given with the software only allow SMSmessages to be sent to German mobile phone net-works.“Certain features of this program suggest how-ever, that this is just the first step towards the creationof a Trojan horse program capable of attacking mobilephones”, said the company in a customer advisory.Asa result of its findings, details for the detection andneutralization of SMS-Flooder have been added tothe latest Kaspersky Anti-virus daily database updateat http://www.avp.ru.

E-Mail Privacy Issues EscalateShould you worry about someone reading your pri-vate E-mail? Although there may not be much moti-vation for hiding your thank-you note to your sister-in-law, E-mail certainly has its dangers.Those dangersare especially obvious in the workplace, according toEmployment Law Learning Technologies. The com-pany, which advises businesses regarding the legal lia-bilities in daily business conduct, released a list of topE-mail no-no’s,“The Seven Most Common Miscon-ceptions About E-mail.”

The company cites actions against employees at DowChemical and The New York Times as examples ofthe risks employees take when they use the Internet

for Web browsing and E-mail.The list of misconcep-tions is based on cases handled by ELT’s parent com-pany, employment and labour law firm LittlerMendelson.

• E-mails can be deleted. Reality: by using utilitiesor by checking recipients’ workstations, they canalmost always be recovered.

• E-mails get ‘lost’ among the millions being sentaround the Internet. Reality: sophisticated searchtools, as the FBI’s Carnivore program illustrates, lettheir users find almost any E-mail from anyone.

• E-mails go to the people you address them to.Reality: E-mails are often distributed broadly to people you often don’t know because of forwarding.

• Comments made in E-mail aren’t that powerful.Reality: even if unintended by the sender, certaincomments or idle remarks can be perceived asthreats or harassment. For example, referring to acoworker as a “dinosaur” can become the basis foran age discrimination lawsuit.

• You can send E-mails from work in a personalcapacity. Reality: when sent over company sys-tems, the law recognizes E-mails as official compa-ny communications regardless of the content.Potential exposure is created each time an employ-ee uses corporate E-mail to send personal messagesto friends.

• Private E-mail messages are private. Reality:E-mails can be accessed as part of an investigationand cause liability for employers.

• Your identity is protected through E-mail com-munications. Reality: it is extremely easy to dupli-cate someone’s identity for the purpose of sendingfraudulent E-mail messages.

GeoCities Ordered to Report onInformation PosterA Yahoo! Inc. subsidiary must turn over to AppleComputer Inc. personal information on a customerwho allegedly posted Apple trade secrets on theInternet, a judge ordered. Superior Court JudgeGregory H. Ward recently issued a subpoena toYahoo!’s GeoCities site to turn over records of amember using the computer pseudonym ‘worker

COSEv19no6.qxd 9/11/00 9:43 AM Page 495


THE ORIGINAL HACKER - MCLIBRE · the original hacker software libre, hacking y programa-ciÓn, en un proyecto de eugenia bahit @eugeniabahit glamp hacker y programadora extrema hacker

THE ORIGINAL HACKER - MCLIBRE · the original hacker software libre, hacking y programa-ciÓn, en un proyecto de eugenia bahit @eugeniabahit glamp hacker y programadora extrema hacker

Documents
Apostilas Hacker

Apostilas Hacker

Documents
Hacker Carnival

Hacker Carnival

Documents
Appendix A: Transnational hacker debriefshacking forums. Once a target is selected, the hacker conducts thorough research into the victim organization and their network(s), often using

Appendix A: Transnational hacker debriefshacking forums. Once a target is selected, the hacker conducts thorough research into the victim organization and their network(s), often using

Documents
Become Hacker

Become Hacker

Documents
Ethical Hacker

Ethical Hacker

Documents
Universidade Hacker

Universidade Hacker

Documents
Hacker presentation

Hacker presentation

Documents
Hacker farm

Hacker farm

Education
THE ORIGINAL HACKER filethe original hacker software libre, hacking y programa-ciÓn, en un proyecto de eugenia bahit @eugeniabahit glamp hacker y programadora extrema hacker especializada

THE ORIGINAL HACKER filethe original hacker software libre, hacking y programa-ciÓn, en un proyecto de eugenia bahit @eugeniabahit glamp hacker y programadora extrema hacker especializada

Documents
Hacker Anis

Hacker Anis

Technology
Hacker Perspectives - Domůledvina/DHT/tugraz/Hacker Perspectives.pdf · ACN SS 07 - Hacker Perspectives Overview Definition of a Hacker History of Hacking How to get into Scene Information

Hacker Perspectives - Domůledvina/DHT/tugraz/Hacker Perspectives.pdf · ACN SS 07 - Hacker Perspectives Overview Definition of a Hacker History of Hacking How to get into Scene Information

Documents
Hacker Classic

Hacker Classic

Documents
Reality Hacker

Reality Hacker

Documents
Hxc1 hacker

Hxc1 hacker

Documents
Tutorial Hacker

Tutorial Hacker

Education
Hacker manual

Hacker manual

Documents
Love Hacker

Love Hacker

Documents
Hacker - Conrad Electronic...Bedienungsanleitung Instruction Manual Hacker Motor GmbH Schinderstraßl 32 D-84030 Ergolding Geschäftsführer: Rainer Hacker Registergericht: Amtsgericht

Hacker - Conrad Electronic...Bedienungsanleitung Instruction Manual Hacker Motor GmbH Schinderstraßl 32 D-84030 Ergolding Geschäftsführer: Rainer Hacker Registergericht: Amtsgericht

Documents
Hacker bootcamp

Hacker bootcamp

Presentations & Public Speaking
Hacker halted2

Hacker halted2

Technology
CERTIFIED ETHICAL HACKER Ethical Hacker Certified Ethical Hacker v10: Course Description The Certified Ethical Hacker program is a trusted and respected ethical hacking training Program

CERTIFIED ETHICAL HACKER Ethical Hacker Certified Ethical Hacker v10: Course Description The Certified Ethical Hacker program is a trusted and respected ethical hacking training Program

Documents
Hacker Tools

Hacker Tools

Documents
Hacker Methodology

Hacker Methodology

Documents
Hacker Systemat

Hacker Systemat

Documents
Data Gathering A hacker can’t do anything to you if they don’t know anything about you. The hacker requires: –A target –Your ip address –Your OS type –What

Data Gathering A hacker can’t do anything to you if they don’t know anything about you. The hacker requires: –A target –Your ip address –Your OS type –What

Documents
Semi Hacker

Semi Hacker

Documents
Monitoring Hacker Forums - Imperva, Inc. · Hacker Intelligence Summary Report – Monitoring Hacker Forums As a part of Imperva’s hacker intelligence initiative, we monitor hacker

Monitoring Hacker Forums - Imperva, Inc. · Hacker Intelligence Summary Report – Monitoring Hacker Forums As a part of Imperva’s hacker intelligence initiative, we monitor hacker

Documents
CERTIFIED ETHICAL HACKER - koenig-solutions.com · CERTIFIED ETHICAL HACER C E H TM Certified Ethical Hacker C E H TM Certified Ethical Hacker Target Audience Ethical hackers, System

CERTIFIED ETHICAL HACKER - koenig-solutions.com · CERTIFIED ETHICAL HACER C E H TM Certified Ethical Hacker C E H TM Certified Ethical Hacker Target Audience Ethical hackers, System

Documents
Bradley R Hacker - UC Santa Barbara · Bradley R Hacker Earth Science and Earth Research Institute University of California Santa Barbara, CA 93106–9630 hacker@geol.ucsb.edu hacker

Bradley R Hacker - UC Santa Barbara · Bradley R Hacker Earth Science and Earth Research Institute University of California Santa Barbara, CA 93106–9630 [email protected] hacker

Documents