Category: technology-and-computing

Steve Gibson says Windows Metafile was a backdoor

So while in the shower today I was listening to Leo Laporte and Steve Gibson's Security now number 22. I almost fell in the shower after hearing the possibility that Microsoft maybe covered up a backdoor in Windows. Simply put Steve Gibson is suggesting that Microsoft or some people involved in the code for the Windows Metafile (WMF) put in a backdoor. Aka it was not a flaw or vunerability, a backdoor! If this is true I'm speechless.

Its easy to think of this as a conspiracy and put on your foil hats now but this deadly serious. Even Steve has admitted if he's wrong he will be the first to admit he's wrong but he really doesnt believe this. He's actually put a lot on the line for this. Personally I think this is just a long line of the mainstream lying to us. Think about it Sony and there badly written DRM and worst still badly written Rootkit. Lies and more damm lies. Even when there pants were down they tried to cover it up by saying people didnt even know what a rootkit was so why tell them. I remember quoting Miles in my post about the Rootkit saying Apple and Microsoft must be pissing themselves with laughter. Well its now Microsoft's time and Apple are not getting away clean. Theres lots of talk about iTunes in the context of useage patterns feedback and the reduction of uses of the sharing feature across the versions. So Apple users don't even laugh because Apple are hardly saints either.

But back to this claim of a backdoor in Windows. If it turns out to be true (and honestly Steve's explaining actually makes a lot of sense I have to say). We have to wonder how many more there are? Who put this backdoor there and who actually knows about it? I expect by the time this gets out there it will make the large news sources quickly. I've not looked on Digg, slashdot, boingboing yet because I'm on the 10am train into London Bridge. Tell a lie, I just did a search through Digg on the my aggregator and this came up (which is close but not the same) this came up.. I'll digg it when I get back online in about 20mins. Looking at the date of the Digg story (7:30am) its still too early for most of the Western world and may not have had time to circlate yet. Steve did say this was a exclusive to Security now and he's only known about it for about a day at most. Anyhow, we shall see what happens. By the way the people who came out of this smelling pretty sweet has to be Hackers. If it wasn't for hackers and reverse engineering we would never know. This is critical to remember no matter how it turns out.

Comments [Comments]
Trackbacks [0]

Windows WMF Metafile Vulnerability fix from reverse engineer

Well is this is a good way to start 2006 Microsoft. A very serious exploit was found in Windows during last week, and this time its a 0day exploit which means there's no patch available from Microsoft yet. Actually Microsoft are advising people to unregister the shimgvw.dll which is not a fix in anyones wildest imagination.

But luckly some reverse engineer called Ilfak Guilfanov has reversed engineer the shimgvw.dll and written a patch which runs on all 32/64bit Windows (aka no 95, 98 or ME support). From what I've read, it sounds like the patch is pretty safe (llfak has actually open sourced the code I believe) so I would recommend you download this patch till Microsoft sort out an official patch. And honestly do it now as there are tons of worms written for this exploit and there coming from many different directions. IM, Email, Browser, etc, etc. Oh by the way theres a checker too.

Pass this information to as many people as you can…

Comments [Comments]
Trackbacks [0]

VPN tunnel your way to safe ground with Hamachi

Hamachi on windows

What is Hamachi?

Hamachi is a UDP-based virtual private networking system. Its peers utilize the help of a 3rd node called mediation server to locate each other and to boot strap the connection between themselves. The connection itself is direct and once it's established no traffic flows through our servers.

Hamachi is not just truly peer-to-peer, it is verifiably secure peer-to-peer.

Believe it or not, but we are able to successfully mediate p2p connections in roughly 97% of all cases we dealt with so far (few tens of thousands as of early March). This includes peers sitting behind different firewalls and/or broadband routers (aka NAT devices).

Oh my goodness, if you have not tried out Hamachi and want access to your home network from elsewhere. You need to try it out! I heard it about it ages ago but dismissed it because I didnt really see the need. Well that was before I learned about how insecure Wifi can be. So during hearing this week's Security Now podcast

I spent a hour checking out Hamachi. At the moment it runs on Windows and Linux but after verison 1.0 (there currently 0.99) it will be developed for the Mac too. I dont see why you cant run the Linux version on a Mac command line but I'm sure there is a reason. So anyhow once you got it installed you can follow the Wizard which is a little too simple but good for those not deeply into networking, its easy to escape at anytime.
Once your setup its just a matter of making a new network or joining another one. You can easily make one and the the security is then all hanged off your stupidly impossible to crack password. GRC recommends some 63 character password string which can be generated here at the High security password generator. I actually went for a stupid 96 ASCII character password with all types of characters. I'll switch it down to 63 because Hamachi uses a 256bit AES crypto for authentication. After setting the password and name of the network you can go to another machine and do the same but this time hit join and enter the same details.

Before you know it your on a new type of network. Actually a 5.x.x.x IP address. I didnt even know you could actually have one of those for a network, I always thought 10.x.x.x was the lowest things went. Ok so once you got two machines on the same p2p network your away. I was able to tunnel out of my work network and on my own computer at home and launch VNC and access the net and machines attached to the same physical network. Everything is accessable and the speed is amazing. Oh yeah by the way, I only had to open one port on Smoothwall for it to work, most firewalls and NAT environments can be traversed without opening ports and port forwarding according to the Hamachi creators. I did nothing to the work network, like Skype it just worked. Crazy but true. I also tried using Hamachi with some of the sniffing tools out there and glad to say it works perfectly. All traffic is secured and even insecure connections like POP3 retrivial can not be discovered as it all looks like normal web traffic. Honestly I cant wait for version 1.0 of Hamachi. Its solved so many of my problems its untrue.

Comments [Comments]
Trackbacks [0]

The Fall out over the Sony Rootkit/DRM

Sony BMG logo

The backlash against the SonyBMG rootkit and DRM has been one heck of a rollercoaster ride which doesnt seem to be ending anytime soon. Here's some highlights in case you have missed them. interlaced with some Cluetrains.

A couple of lawsuits have been filed against Sony for breaking there EULA.

Then Sony issued a patched which is impossible to find (everything sony is impossible to find on there site to be truthful) and does not actually remove the DRM, well what do you expect?

Talking about the EULA, some very interesting clauses and points to consider when buying your next CD

Sony's Exec, Thomas Hesse (President of Sony's Global Digital Business) replied to the whole issue of Rootkits and DRM by saying What users dont't know cant hurt them… (A must listen by the way!). And echoing Miles thoughts, Apple and Microsoft must be pissing themselves with laughter. Thomas Hesse has some balls saying what he said and the bloggers will have the last say about his ridiculous comment.

#14 Corporations do not speak in the same voice as these new networked conversations. To their intended online audiences, companies sound hollow, flat, literally inhuman.

New virus uses Sony BMG software, yep that very badly written code for the RootKit has been lerverged for a virus which hides via Sony's Rootkit.

The complete list of SonyBMG Rootkit CDs at the EFF

Apple Anti rip software found on the same Sony BMG CDs. Usual discussion on Slashdot about Mac users and will Sony bring DRM to linux too?

The power of the blog outlines what's been already seen by in other areas like the Kryptonite lock. When will the mainstream media actually pay attention to what there children are reading online?

#6 The Internet is enabling conversations among human beings that were simply not possible in the era of mass media.

#94 To traditional corporations, networked conversations may appear confused, may sound confusing. But we are organizing faster than they are. We have better tools, more new ideas, no rules to slow us down.

And of course some fun, Sony I download your music


At long last, Sony halts production of 'rootkit' CDs

Sony BMG Music Entertainment said Friday that it will suspend production of CDs with copy-protection technology that has been exploited by virus writers to try to hide their malicious code on PCs.

The decision by the music label comes after 10 days of controversy around the technology, which is designed to limit the number of copies that can be made of the CD and to prevent a computer user from making unprotected MP3s of the music.

Security experts blasted the technology because it uses “rootkit” techniques to hide itself on hard drives and could be used by virus writers to make their malicious code invisible. The first remote-control Trojan horses that took advantage of the cloak provided by Sony BMG surfaced this week.

“We are aware that a computer virus is circulating that may affect computers with XCP content protection software,” the record label said in a statement Friday. “We stand by content protection technology as an important tool to protect our intellectual property rights and those of our artists. Nonetheless, as a precautionary measure, Sony BMG is temporarily suspending the manufacture of CDs containing XCP technology.”

Lets hope thats the end of XCP and its rootkit. Somehow, I know it wont be.

Comments [Comments]
Trackbacks [0]

Messy haxoring with metasploit caught on iptv

Its not quite as cool as it may sound from the title. I just watched epioside 13 of my lame-ass iptv soap, The scene. yes everyones got there weakness but if you put this against other soaps like Hollyoaks then it comes out quite well. Anyhow, I got a real kick out of main character trying to get root on windows box hosting a FTP server. They used the well established metasploit to find a flaw and exploit it. To be fair its one step up from the hack in the matrix reloaded and they did do a little homework to use the nice opensource framework metasploit. Its certainly a fine line between security tester and exploiter but the best tools always are.

Talking of which if you didnt catch the Security now podcast number 9 about rootkits, please do as it will give you a good old wake up call. I've been personally aware of rootkits for quite a long time but I didnt know spyware, adware applications were starting to use them just so they cant be removed from a computer. Its crazy, but its true. Honestly I wouldnt wish a rootkit on my worst enemy, I just cant imagine anything worst. Anyhow, Steve and Leo do a great job explaining how rootkits work. It is however really good to know Microsoft and Sysinternals are working on the problem. I did try out SysInternal's Rootkit Revealer on all my machines and I'm clean as expected but its good to be sure. I suggest everyone should give it a try, at least till Microsoft add rootkit scanning to there malicious software removal tool. No one likes to be rooted…

Comments [Comments]
Trackbacks [0]

More than enough memory formats to ponder on?

Ok so correct me if I miss one.
CF, SD, SM, MMC, XD, RS-MMC, miniSD, MS, MS pro, MG, MG pro, ATA and of course MS duo. All make up the complex, confusing and nightmare eco-system of Flash memory.

I personally think Sony memory stick is the worst of all of them with 4 different types of Flash memory formats which seem largely incompatable with each other. The licencing also keeps Memory Stick(s) prices quite high and I believe there are only 4-6 makers which can actually legally make them. I like what Sony do sometimes (psp and playstation) but come on now, its time to let go of memory stick and let the market decide. Ok enough about Memory stick for now. MMC, ghezz dont start me off. Why didnt it just merge into SD? MMC looks the same, acts the same but has odd voltages which dont work with certain devices, SD just works plus it has IO capbilities. Honestly I dont care if its called SD or MMC but they should have sorted it out before the mini's were produced. MiniSD fits smoothly into SD but is the true of Reduced sized MMC? I've not seen any sign of such a smooth interchange. Oh well, at least Smart media is slowly going away but the very odd xD has replaced it. I dont know why xD is around, what advantage does it have over SD and MMC? Lower voltage? What's the point?

On a positive finishing, Flash memory is getting really cheap now. 1gig SD and CF is about 35 pounds now and USB thumb drives are really becoming ubiquious. The 4 gig Flash memory in the ipod nano sounds like a lot now, but Samsung have already showed off 4x the space (16gig). With all this in mind, 2-4gig could be just around the corner but I assume other formats are also just around the corner too. Some suggestions for new names. xD nano, SD micro, SD-MMC, Mini Micro MMC, reduced micro sized SD, Memory stick super duo magic gate pro. Nahh, it will never catch on.

Comments [Comments]
Trackbacks [0]

Do you Firefox beta or Deer Park alpha it?

I've been using Deer Park alpha 2 for quite sometime now, but recently with the Firefox 1.5 beta publicly available I've been tempted to change. So after reading Uche's review of Firefox 1.5 beta I decided to actually install both of them on my machine. I have not used SVG for quite some time, but svg plus xforms seems like a logical step forward for browser technology

I still have not got around to installing IE7 or even Opera 8.5 free edition. But I'm sure there time will come.

Comments [Comments]
Trackbacks [0]

Changing the small things in software

Influence can be such a subjective thing, but just recently I've been able to shape or even influence the things around me so much more. Maybe that influence has always been there, in each and everyone of us?

So talking about influence and shaping, here's some things which I would like to shape.

Fireant
I've been looking for something to replace Blogmatrix Jaeger for downloading rich media via RSS for quite some time and Fireant seemed to be it. However there are a range of things which I think Fireant should take from Jaeger.

When Jaeger downloads a piece of media it names the file the same as the enclosure. However when Fireant downloads a media file it makes up a random filename like 9CBF0ACB9207FD9079A0342FA98EC69764756802.mp3 which is no good if you want to transfer stuff to your mobile phone via traditional routes (copying a file). Jaeger actually allows you to choose what type of filename you want, say a sequence of numbers, a date and time or just a filename.

Also, Fireant has support for copying files to ipods and psp's but what about removable storage cards, pocketpc, smartphones, etc?

I can understand why Fireant supports Torrents directly, but how about a option to use an external torrent application? I mean how bad is it when you got two torrent applications running at the same time unaware of each other? Yeah a recipe for a lot of trouble. I suggest a simple option which sends the torrent url or file to the other specified torrent application.

OPML import needs work, PocketRSS has a really nice feature which I actually suggest a while ago. It will go and grab a OPML file from a preset URL every week, month or whatever. So this means you dont need to manage two or more subscription lists. See the problem which you realise after a while, is that any blogger can add enclosures to there RSS. This means unless you provide the same list to Fireant, you may miss out on something interesting. Jaeger would actually automaticly download any enclosures from any subscription, there was no distiction between podcasters and bloggers (which I think is the correct way to go about this).
Somewhat related, is the fact that Fireant can be used as a normal RSS reader. This is once again good in theory but its really terriable in practice. It would be great to turn off all subscriptions which dont have enclosures, you know just let Fireant monitor all the feeds but only shows media items.

Blogging applications
I dont know what happened to Flock, but I'm still using a combination of Blojsom's Bookmarklet and Wbloggar. I thought about buying Ecto but I'm wondering why none of the blogging applications support the range of Microformats? And futher to that, if I drag a calendar entry from outlook or sunbird into my blog application wouldnt it make it make logical sense to automaticly create a Hclaendar link? The same should be true of contacts?
Wouldnt it also be great to be able to define some of those meta elements for entries in the blogging application? Say this entry is a certain creative commons licence and uses these tags. This should be common like how you can set the category and define trackbacks in most modern blogging applications.

Social software
I've outlined all my ideas for change in the bank of ideas. Feel free to vote on my thoughts and others.

Comments [Comments]
Trackbacks [0]