Story of the First Internet Worm

When was first Internet worm launched? What did it do? What happened to author? (Hint: he became a multi-millionaire.) The answers might surprise you!

Car handle fingers criminals

Hitachi has developed a finger-vein-detecting security system for use on car door handles and steering wheels.

The biometric technique could provide drivers with a highly secure, keyless entry and ignition system.

A working version fitted to a vehicle is being displayed at this year’s Tokyo Motor Show. When a hand grips the car handle, the embedded unit emits light to capture a clear image of the dorsal vein patterns on the outside of the finger.

The results are compared to computerised records of vein patterns of registered vehicle users.

The Outing of Valerie Plame

60 Minutes did an extensive report on the damage and bad blood that was caused by the outing of Valerie Plame. The piece went on to give a brief history of her with the CIA and the outrage by former officers. Joseph Wilson speaks on behalf of Valerie who is not allowed to defend herself in this whole process.

Scooter Libby Indictment (PDF)

2005 Information Security Summit Presentations

Didn't make the 3rd annual Information Security Summit held near Cleveland, OH this year? The presentations are now posted.

Pumpkin PC

Just in time for Halloween, the staff at the computer store at the University of Arkansas have created a seasonally appropriate PC.

The Safe and Secure Future (ACLU Style)

Watch and listen to the sounds of ordering a pizza — in the safe and secure future.

Milworm.com - Open Source Exploits

This site promotes open source security by posting exploits found in popular programs. This site had a Firefox 1.0.7 exploit only a week or two after its release.

Spammers Peddle Drugs to Combat Bird Flu

GP, placed your order yet? Experts at SophosLabs™, Sophos's global network of virus, spyware and spam analysis centers, have warned internet users that spammers are putting the lives of innocent people at risk, by peddling drugs online that are said to combat bird flu.

Sophos's spamtraps are picking up an increasing number of junk messages which claim to sell Tamiflu, the drug believed most effective at protecting humans from the H5N1 strain of the bird flu virus. The drug is in high demand because of fears that the virus could become a pandemic, and spread further around the world after deaths in Asia.

The spam emails urge recipients to protect themselves and their families from the avian flu virus by purchasing Tamiflu from an online website. The website linked to also supposedly sells Viagra, and a number of other medications.

Money Laundering - 101

Money Laundering is a crime. "Money Laundering is also the world’s third largest industry by value".

Money laundering happens in almost every country in the world, and a single scheme typically involves transferring money through several countries in order to obscure its origins. In this article, you will learn exactly what money laundering is and why it's necessary, who launders money and how they do it and what steps the authorities are taking to try to foil money-laundering operations.

Microsoft Toughening IE7

Microsoft's making Internet Explorer (IE) 7 a tougher browser by giving the boot to Secure Sockets Layer (SSL) 2.0 and sliding Transport Layer Security (TLS) 1.0 into the slot. These changes will users a more secure environment to utilize the Internet. The biggest change is the switch to TLS 1.0. HTTPS utilizes one of two secure protocols to protect your data. Those protocols are the SSL or the stronger TLS. The changes they've incorporated will disable the SSL and enable the TLS. IE7 users will negotiate either through the SSL3.0 or the TLS1.0. In a nutshell, it means your Internet connection will be more secure for various things. IE7 will also block sites without digital certificates or expired or revoked digital certificates. The rules for this include certificates issued to a hostname other the current URL's hostname; certificates issued by an untrusted root; and then if the certificates are expired or revoked. What happens is when users get to sites that meet these criteria, they have the option to walk away or continue on to the untrusted sites. They did say on their IEBlog, "Generally, IE users will not notice any difference in the user-experience due to this change; it's a silent improvement in security."

Chronicles of a Wardriver

"Day 78 - 147 miles and 2,407 APs" - Here is someone with a lot more free time than me... But the site has lots of good stories, tips, links, etc.

The Story of Snort: Past, Present and Future

Martin Roesch, the creator of Snort, the de facto standard for intrusion detection/prevention, presents the story of Snort that covers seven years of development that made this tool one of the most important security software titles ever developed.

During his talk you'll get all the details on how Snort was initially conceived as well as how it is expected to develop further now after Check Point acquired Sourcefire. Among other things Martin talks about all the major Snort releases, the founding of Sourcefire, the enhancements added to the last versions of Snort, new technology that presents a self-tuning engine, and much more.

The article is located at:
http://www.net-security.org/article.php?id=860

Submitted by: Mirko Zorz

Personal Security - Web Spy and Cute Too!

Just what the Big O needs for keeping an eye on the old homestead! "Monitors your room while you are away, automatically takes snap shot of every movement that occurs in your room, you can even set the software to send you an email with attached picture snap shot of the intruder... with built in microphone... sharp video, high resolution."

Sniffer Wasps may Replace Dogs — Someday...

US boffins have come up with a device that uses trained sniffer wasps, rather than dogs, to detect chemicals such as explosives and illegal drugs.

The trained hymenoptera are held in a cup-sized device, called a 'Wasp Hound', developed by the University of Georgia and US Department of Agriculture (USDA).

Assessing Web App Security with Mozilla

Web application assessment is a challenging task for security analysts. Several products and tools are available, each claiming to perform automated analysis on entire applications. Their capabilities include obtaining data, corroborating it, and printing aesthetically appealing reports--all without user intervention.

The nature of web applications is very different from that of standard applications. Many times, these tools miss key vulnerabilities in the application. The best way to perform web application assessment is by using the unassailable combination of automated tools and human intellect. This article examines the LiveHTTPHeaders project, which fits seamlessly into Mozilla browser components to facilitate very effective web application assessment.

Security Awareness Posters

Strange and amusing tour of U.S. government security awareness posters.

Google Hacking Tips

This article gives an nice introduction on how to find new vulnerabilities and exploits and then use the google search engine to find sites that still are exploitable.

BAITCAR.com - Fridays Are For Fun!

A bait car is a vehicle owned by the police and is intended to be stolen. After a bait car is stolen, the location, speed, and direction of travel of the vehicle is monitored by police dispatchers at EComm through GPS tracking. Everything that takes place inside the bait car is caught on audio and video. The dispatcher will coordinate a police response and once officers are in position behind the bait car, the engine will be disabled at the click of a mouse button which allows for the quick arrest of the car thieves.

Personal Security - Dangerous Bugs Found in Water on US Planes

Look GP more good news!

Dangerous levels of bacteria have been found in drinking water aboard 15% of planes at US airports, an investigation carried out by the US Environmental Protection Agency has found.

Twenty-four US airlines have now agreed to routinely disinfect their water supplies and monitor water quality in response to the EPA study. "Passengers must feel confident of the water safety on an airplane," says Grant Nakayama of the EPA. "These new protocols will provide protection."

Ethereal 0.10.13 Released

Ethereal 0.10.13 has been released. Several security-related vulnerabilities have been fixed. Everyone is encouraged to upgrade.

For a complete list of changes, please refer to the 0.10.13 release notes.

Official releases can be found on the download page.

Metasploit Update - 2.5 Released

The Metasploit Framework is an advanced open-source exploit development platform. The 2.5 release includes three user interfaces, 105 exploits and 75 payloads.

The Framework will run on any modern operating system that has a working Perl interpreter. The Windows installer includes a slimmed-down version of the Cygwin environment.

This is a maintenance release - all updates to 2.4 have been rolled into 2.5, along with some new exploits and minor features.

This release is available from the Metasploit.com web site:
- Unix: http://metasploit.com/tools/framework-2.5.tar.gz
- Win32: http://metasploit.com/tools/framework-2.5.exe

A demonstration of the msfweb interface is running live from:
- http://metasploit.com:55555/

Information about version 3.0 has been posted online:
- http://metasploit.com/projects/Framework/msf3/

iPod Video paves way for Porncast Explosion

From cable television, to the VCR, and even the complexities of streaming media we enjoy on the web today. Porn has not only helped with tech advancements, it has been a very strong revenue generator along the way.

Sure, research has shown that if you want to have a successful podcast, just throw in a moan or two, but audio only tickles us a little bit (though it may be a bit better for women). But now with the iPod Video on the market, the Podfather Adam Curry predicts that porn is "going to be huge" (pun intended) in a recent Daily Source Code podcast.

Expect to see a huge jump in Vidcasting now that the iPod Video is on the market. And expect to see the real trailblazing in RSS media delivery to be made by the Porn Industry. The porn industry will take RSS with Enclosures to the next level, simplifying, improving - and yes - making a profit along the way.

How long will it be, before the first big iPod exploit?

Changing Environment?

I don't subscribe to the notion that the security environment is changing. There is nothing new about encryption, two-factor authentication, or even fraud prevention. The basic technologies being deployed now have been around for decades. The essential security tenet CIA (confidentiality, integrity, and availability) is just as applicable today as it was 25 years ago.

Then what has changed?

What has changed and/or is changing, is that because of external pressures (be it regulatory, customer, etc.) businesses are being forced to do what they should have been doing all along. Because in the past they weren’t force to do so (couldn’t find the magic ROI for security, etc.), folks are getting caught today with their pants down and paying the price.

Use encryption as an example: Many security pundits have promoted the encryption of “production data” for years because it was the right thing to do and until recently this idea was unwaveringly rejected by business management at many levels, including by some of the very same individuals that are promoting it today. Promoting it today why? Because it was the right thing to do or because of regulatory and industry pressure? Or is it due to some individuals practicing a little CYA?

Certainly there are always business implications, priorities, and risks to be considered and evaluated. However, today we need to be especially aware of doing things more securely from the start. To be forward thinking in evaluating the risks and ultimately the cost of doing so will be much less than trying to play catch-up later.

We don’t need to look at what is new as much as we need to get back to basics. We need to look at CIA first and a little less CYA after the fact. Often doing the right thing first isn’t always the easiest path, but it sure makes it easier to sleep at night in the long run.

Hacking Sleep - Or How to Get Thru the Weekly Maint. Window

Polyphasic Sleep, also know as the Uberman Sleep Cycle is a method in which one sleeps 6 times, every 4 hours, for 20 minutes, during every 24 hour period. Why? Well, only sleeping 2 hours a day instead of 7 or 8, give you 3 extra months of awake time each year! This Blog follows Nick Busey's attempt at trying to convert to, and live under this sleep schedule.

Microsoft Consults Ethical Hackers at Blue Hat

As part of its second "Blue Hat" conference, Microsoft invited white-hat hackers to campus to try their hand at cracking Microsoft's code. Six white hatters and more than 1,000 Softies were in attendance for the two-day confab.

Six ethical or "white hat" hackers attended, including noted security expert Dan Kaminsky, Brett Moore of Security-Assessment.com, and David Maynor, a researcher at ISS (Internet Security Systems) Inc., Toulouse said.

Maynor, who works for ISS' X-Force team in Atlanta, Ga., said he showed Microsoft developers and executives how an attacker could use a USB device to load attack code directly into the memory of Windows machine and force it to run by taking advantage of the DMA (Direct Memory Access) rights assigned by Windows.

"The DMA vector was the most devastating in my talk because it is hard for just Microsoft to address it. They need support from hardware vendors as well," he said.

Maynor said Microsoft is working on a more secure model for handling peripheral devices, and may add security checks as a component of the company's USB device driver signing program in the future.

Personal Security - Body Found After Crash

Places not to wreck your car...

The body of a Walton woman who died in her van as the result of an accident Sunday afternoon was not discovered until Monday morning, Delaware County Undersheriff Douglas Vredenburgh said.

Mary Ellen Martini-Butler, 38, was found under the dashboard on the passenger side of her van more than 18 hours after the accident, deputies said. The van had been towed to Fred'’s Body Shop in Walton.

On Sunday, authorities, relatives and residents were unsuccessful in a search for Martini-Butler in the vicinity of the crash on state Route 10, and deputies said it was believed she had left the site.

Deputies said her body was discovered after Fred Babcock, owner of the body shop, sent someone to retrieve the registration from the van at about 8:45 a.m. Monday. When the person moved a pile of boxes, he found the body.

Interview With Fyodor Creator Of NMAP

A Whitedust interview with Fyodor, the creator of one of the most famous (infamous) security tools in existence: NMAP

Open Source Digital Forensics

The Open Source Digital Forensics site is a reference for the use of open source software in digital forensics and incident response. Open source tools may have a legal benefit over closed source tools because they have a documented procedure and allow the investigator to verify that a tool does what it claims.

Personal Security - Pillows: A Hot Bed Of Fungal Spores

Damm GP look at this... Researchers at The University of Manchester funded by the Fungal Research Trust have discovered millions of fungal spores right under our noses -- in our pillows.

Aspergillus fumigatus, the species most commonly found in the pillows, is most likely to cause disease; and the resulting condition Aspergillosis has become the leading infectious cause of death in leukaemia and bone marrow transplant patients. Fungi also exacerbate asthma in adults.

The researchers dissected both feather and synthetic samples and identified several thousand spores of fungus per gram of used pillow - more than a million spores per pillow.

Google Earth: The Black Helicopters Have Landed

The results of The Register's "Spot the Black Helicopter" competition are in, but before announcing the winners, they thought it would be a lovely idea to have a look at some of the other entries which prove just why Google Earth will eventually provoke the complete collapse of Western civilization...

TSA for Fun!

Now you and/or your kids can re-enact the excitement of airline screening! Yes, the airline screening playset pictured here is real. But unfortunately, the toy is a far cry from reality, since it doesn’t appear that the passenger comes with removable shoes. And sadly, it doesn’t appear that the set comes with a No Fly list...

An Unusually Slick Phishing Attempt

This one's victim-bank is Halifax Bank in the UK. The subject line reads "URGENT ATTENTION - Halifax-Online Fraud Notice" and the body begins by advising of recent phishing attempts against Halifax customers (which, according to Halifax's own site, is even true) and then asks the customer to contact Halifax on receipt of such e-mails!! (The customer service phone number quoted is even the real one.)

The e-mail continues by advising that Halifax has updated their security system. They are proud of their new SSL servers "where there is no risk of fraud and your account details are kept encrypted at all times." Naturally, because of this update, you are....guess what?..... asked to log on to the system and "verify your account info at the following link"

Such link being of the usual format -- an IP address (211.35.64.201) hidden behind a reasonable-looking URL -- which points to a real page on Halifax's servers.

The e-mail is unusually slick, as well as being cheeky. It's almost devoid of spelling mistakes ("unauthorized" should be "unauthorised" since it purports to come from a British company) and likewise of grammar mistakes ("securer" instead of "more secure" and one missing "to"). It could easily have come from a real person at the bank.

The image at the top of the e-mail actually comes from the real Halifax servers; as mentioned, the phone number quoted will actually get you to Halifax customer service, and if the URL is typed in by hand to a browser it will get you to Halifax's own servers.

This phishing attempt is almost perfect, a great use of social engineering and professionally put together.

A Different Look at Bagle

F-Secure attempts a 3D animation that visualizes the structure and execution of the Bagle.AG@mm worm.

The boxes in the picture are functions of the worm. The one on the top is the 'main' where the execution starts. The first ring contains all the functions that 'main' calls. The second all the functions that the ones on the first ones call and so on. All connecting lines represent the calls from one function to the other. Red boxes belong to the virus code while the blue ones are API calls library code that do not belong to the malicious code.

For the curious minded, the animation was created using IDA Pro, IDAPython, Blender and some custom scripts.

The animations can be downloaded in the following formats:
Windows Media 9 (9.7 MiB)
Quicktime (9.3MiB)

How to Foil a Phish

What happens after phishers strike? This CSO article provides an inside look at one midsize bank's cutting-edge incident response plan.

The death of a phish doesn't need to be extraordinary. It's just in a day's work...

Secure Air?

A 22-year old Georgia man was arrested Wednesday, accused of stealing a Cessna Citation and taking it from St. Augustine, FL, to Gwinnett County Airport/Briscoe Field. Police described the incident as a "joy-ride."

A jet with a 6-ton capacity on a 350-400 mile flight and the FAA and Homeland Security never noticed...

Big Brother Awards Later This Month

At the end of October, activists in many countries will hand out Big Brother Awards to people who've undermined national privacy and freedom. Here's a schedule of upcoming events:

Switzerland Zurich 29 October 2005
Czech Republic Prague 28 October 2005
Germany Bielefeld 28 October 2005
Austria Vienna 25 October 2005
Australia Sydney ?? October 2005

EPIC Page Describes "Theme Parks and Privacy"

EPIC has developed an issue page on theme parks and privacy. The page is a single source of information for consumers to learn more about theme parks such as Walt Disney World that use fingerprint scans to control visitor access. In this instance, the unchecked broad adoption of biometrics such as fingerprint scans threatens the privacy rights of adults and children as young as 10 years of age. For more information on related issues, see EPIC's pages on Biometrics, Children and Privacy, and the DOD Recruiting Database.

Personal Security - Bear Farmer Eaten by Own Animals

Score one for the Da Bears!

A Chinese man who raised bears to tap them for their bile, prized as a traditional medicine in Asia, has been killed and eaten by his animals, Xinhua news agency said on Tuesday.

Six black bears attacked keeper Han Shigen as he was cleaning their pen in the northeastern province of Jilin on Monday, Xinhua said.

"The ill-fated man died on the spot and was eaten up by the ferocious bears," it said, citing a report in the Beijing News.

In practices decried by animal rights groups, bile is extracted through surgically implanted catheters in the bear's gall bladders, or by a "free-dripping" technique by which bile drips out through holes opened in the animals' abdomens.

More than 200 farms in China keep about 7,000 bears to tap their bile, which traditional Chinese medicine holds can cure fever, liver illness and sore eyes.

White Paper - SQL Injection Attack and Defense

This paper focuses on educating the security professionals with the risks associated with this situation and tries to give brief understanding of various kinds of attacks that attacker may launch and outline of various strategies that can be evaluated and adopted to protect the valuable information assets.

Personal Security - Police Tazer Video

In this video a lady gets a little crazy because she got pulled over. The officer was forced to used his tazer gun.

(Audio also could be used to emulate a night with The Jackhammer)

The 5th Annual Texas Bigfoot Conference

The 5th Annual Texas Bigfoot Conference will be in Jefferson, Texas, October 15-16, 2005.

Hey Kids... Maybe you should be looking in NJ...

CNN Interview with Kevin Mitnick

To many (not me), the name Kevin Mitnick is synonymous with hacking, the cinematic sort where a snot-nosed kid thumbs his nose at authority. But, Mitnick says, the characterization is a bit overdone and the legend untrue, if not libelous.

Ok Interview, but I think CNN asked some darn silly questions and Mr. Mitnick's 15 minutes were up a long time ago...

Hoodie Sweatshirts with Integrated Masks

Closed-circuit cameras (CCTV) are everywhere making it hard to keep a low profile. How about using one for that next data center audit? Stay warm and undercover!

These handy, masked French hoodies will help get the job done. Heck on the way home, knock-off the local 7-11 for a bonus...

It Never Ceases to Amaze Me... (California at its Best)

Not much to say about this except what are people thinking when they create websites like this?

Provides an easy way to make your very own fake VIN tags or...

Try a couple of vanity plates... Something like CISSP or MCSE or maybe one that might be owned by someone popularized by a TV show etc. Once you have the VIN go to carfax and get the complete history on the vehicle...

Fridays are for Fun!

Secure Manhood - Man dubbed "ball-less wonder" after losing matches to female

A male caddy who lost two golf matches to a female coworker was subjected to a barrage of insults questioning his manhood and sexual preference, according to a lawsuit filed against a New York country club by the federal Equal Employment Opportunity Commission. According to the EEOC complaint, a copy of which you'll find below, Eugene Palumbo was denigrated in newsletters distributed at Long Island's Tallgrass Golf Club, where he caddied. The newsletters mocked Palumbo as a "ball-less wonder" and recommended, the EEOC added, that he move to "a particular summer vacation spot that is generally known to have a large gay population." Oh, and there was a reference to Palumbo, 25, doing "lap dances" for unnamed "boys." The EEOC's September 30 complaint, which does not specify the monetary damages sought on Palumbo's behalf, seeks a permanent injunction barring Tallgrass from engaging in any future discriminatory employment practices. (5 pages)

Nessus 3 will be Available Free of Charge, but...

A few weeks away from releasing Nessus 3.0.0, they are looking for testers. They also announced that Nessus 3 will be available free of charge, including on the Windows platform, but will not be released under the GPL.

Bruce Schneier on Phishing

Financial companies have until now avoided taking on phishers in a serious way, because it's cheaper and simpler to pay the costs of fraud. That's unacceptable, however, because consumers who fall prey to these scams pay a price that goes beyond financial losses, in inconvenience, stress and, in some cases, blots on their credit reports that are hard to eradicate. As a result, lawmakers need to do more than create new punishments for wrongdoers -- they need to create tough new incentives that will effectively force financial companies to change the status quo and improve the way they protect their customers' assets.

The Internet is Broken — Weird Situation Evolving

It appears as of today that the Internet itself is now two separate networks and some parts of the Internet can not talk to other parts. This is not a temporary outage. A major communication company, Level 3 has cut all traffic with another major communication company Cogent Communications.

I’ll be surprised if someone isn’t in court today asking for an emergency injunction to get this fixed.

The bottom line is that for now people who get their service from providers using Level 3 can’t go to the web sites who get their service from Cogent and vice versa. This also affects peer to peer applications like Chat and some kinds of voice over IP connections between Level 3 and Cogent customers.

The decision to disconnect is that of Level 3. They are the ones who pulled the plug fracturing the internet.

Related links:
Slashdot

Cogent Website

C-Net story

UK Study Shows Security Consultants' Rates are Rocketing

A massive increase in demand has seen security consultants' pay rocket by 25 percent over the past year, according to research...

Pay for qualified security consultants has soared over the past year as budgets return and demand grows around the critical issues of application and system security.

On average, security consultants are currently charging 25 percent more year-on-year, cashing in on demand in areas such as application testing, compliance and mobile device management as well as emerging technologies such as VoIP and Wi-Fi.

Skills such as penetration testing, computer forensics and ethical hacking are also increasingly in demand. With too few qualified consultants and high demand for their time, it is a situation in which the lucky few can charge a premium for their services.

Iraq Security - TDS on Iraq and our Generals

There have been a lot of questions being asked about the state of the Iraqi forces and some of the answers have not meshed with the facts.

Stewart takes a look at John McCain's reaction to some of the things being said by Rumsfield and the top generals that just don't seem to jive.

Windows: (Cut and Paste)
http://movies.crooksandliars.com/TDS-Iraq-Generals-MCain-10-03-05.wmv

QuickTime: (Cut and Paste)
http://movies.crooksandliars.com/TDS-Iraq-Generals-MCain-10-03-05.mov

Turning Off the Cameras Down Under - Call for Ban on Worker Surveillance

A ban on surveillance in toilets, change rooms, showers and bathrooms? To heck with global warming and terrorism - this is atrocious!

The final report of the Law Reform Commission has called for a new regulator to oversee the covert and overt monitoring of employees in the workplace.

The report, released today, called for new laws which would require employers to seek the permission from the regulator to test workers for drugs and alcohol and to install intrusive surveillance devices.

The report also called for the regulator to issue mandatory codes of conduct to cover video surveillance and monitoring of worker's emails.

The chairman of the commission, Marcia Neave, said an outright ban on surveillance in toilets, change rooms, showers and bathrooms was also needed to protect the basic dignity of working people - even if employees agreed to such a move.

N.C. Troopers Catch Ambulance Thief Transporting Deer with IV

A man reported missing from a Florida hospital was found in North Carolina dressed like a doctor and driving a stolen ambulance with a dead deer wedged in the back, authorities said.

Leon Holliman Jr., 37, was reported missing from a River Region Human Services facility in Jacksonville last month. The North Carolina State Highway Patrol found him driving the ambulance with the deer on Sunday.

``I don't know how the man got it up in there,'' said Sgt. Robert Pearson. ``It was a six point buck.''

It wasn't known where Holliman got the deer, which had been dead for some time, Pearson said.

Authorities tracked the stolen ambulance through three rural North Carolina counties and one county in southern Virginia before its tires were punctured and it wound up in a ditch, Pearson said.

Holliman was admitted to a North Carolina hospital for a psychiatric evaluation. Police said they would decide whether to charge Holliman after that evaluation is complete.

Underwater Security - The Coast Guard's Integrated Anti-Swimmer System

The Coast Guard announces the availability of the Draft Programmatic Environmental Assessment (PEA) of the Integrated Anti-Swimmer System (IAS). The Coast Guard is proposing to deploy and operate the IAS for temporary periods at various U.S. ports throughout the U.S. Maritime Domain, when necessary. The purpose of the Proposed Action is to increase the Coast Guard's ability to detect, track, classify, and interdict, if necessary, potential underwater threats and as a result, protect personnel, ships, and property from sabotage and/or other subversive acts.

How Would You Respond to a Disaster?

As Michael Brown showed us (perhaps for different reasons) it ain’t easy running FEMA. Think you can do better? Try this interactive game created by the BBC for a TV show on supervolcanos.

Secure Handling (or what GP needs to know)

A study by the American Society for Microbiology has found, that one out of four men leave public rest rooms without washing their hands. Women are cleaner: Ninety percent wash their hands.

WHAX and Auditor = Backtrack

The folks over at Remote-Exploit were recently dropped from Google Adsense and need funding. Why should you be concerned? They’ve recently rolled the excellent Auditor and WHAX live cds into a new distro called Backtrack. Why be concerned? They were dropped for “Hacking/cracking content”.