Cell Gunphone

Here a one for the "What were they thinking file"...

At first sight it looks like a regular cell phone — same size, same shape, same overall appearance.

But beneath the digital face lies a .22-caliber pistol, a phone gun capable of firing four rounds in quick succession with a touch of the otherwise standard keypad.

The US Department of Homeland Security and the FBI are aware of the device and have instructed baggage screeners to be on the lookout for suspicious mobile phones. This is especially after 9/11.

European law enforcement officials — stunned by the discovery of these deadly decoys — say phone guns are changing the rules of engagement in Europe.

Airport authorities across Europe are implementing systems to X-ray all cell phones

“We find it very, very alarming,” says Wolfgang Dicke of the German Police union. “It means police will have to draw their weapons whenever a person being checked reaches for their mobile phone.”

The FBI, the Bureau of Alcohol, Tobacco and Firearms, and the U.S. Customs Service say they’ve been briefed on the new weapons.

“This criminal invention represents a potentially serious threat to law enforcement and the public,” said U.S. Customs Service Commissioner Raymond W. Kelly.
“We received word about these guns last month. We have since alerted our field personnel to be on the lookout for ‘cell phone guns’ at U.S. ports of entry.”

Full story and video here.

Rootkit Pharming

Haxdoor is one of the most advanced rootkit malware out there. A recent Secure Science paper has a good explanation for how and why Hoxdoor works.

E&Y Loses Four more Laptops

A group of Ernst and Young auditors took off for lunch on Feb. 9, leaving their laptops in an office building conference room. According to security footage, two men entered the conference room a couple of minutes after the Ernst and Young folks left and walked off with four Dell laptops valued at close to $8k the Miami Herald reported.

This theft follows a higher-profile incident earlier this month in which an Ernst and Young employee lost his laptop containing the social security numbers and other personal information of customers.

Ernst and Young appears set on establishing a laptop loss record in February...

Episode Six of the Sysadmin Sitcom The IT Crowd is now Downloadable

Episode six of Graham Linehan's wonderful, screamingly funny sysadmin sitcom, The IT Crowd, is online here.

DIY Hardware keylogger

Looking for that extra special DIY project this weekend? Here's how to make a PS/2 keyboard line keylogger, also provided - the software application with full source code to download the recorded data.

DoD Staffer's Notes from 9/11 Obtained Under FOIA

Hours after a commercial plane struck the Pentagon on September 11 2001 the US defence secretary, Donald Rumsfeld, was issuing rapid orders to his aides to look for evidence of Iraqi involvement, according to notes taken by one of them.

"Hard to get good case. Need to move swiftly," the notes say. "Near term target needs - go massive - sweep it all up, things related and not."

The handwritten notes, with some parts blanked out, were declassified this month in response to a request by a law student and blogger, Thad Anderson, under the US Freedom of Information Act. Anderson has posted them on his blog at outragedmoderates.org.

New technique uses Photons, Physics to Foil Codebreakers

For governments and corporations in the business of transmitting sensitive data such as banking records or personal information over fibre optic cables, a new system demonstrated by University of Toronto researchers offers the protective equivalent of a fire-breathing dragon.

“Quantum cryptography is trying to make all transmissions secure, so this could be very useful for online banking, for example,” says Professor Hoi-Kwong Lo, an expert in physics and electrical and computer engineering at U of T’s Centre for Quantum Information and Quantum Control and the senior author of a new study about the technique. “The idea can be implemented now, because we actually did the experiment with a commercial device.”

The study describes the first experimental proof of a quantum decoy technique to encrypt data over fibre optic cable. In quantum cryptography, laser light particles (photons) carry complex encryption keys through fibre optic cables, dramatically increasing the security of transmitted data. Conventional encryption is based on the assumed complexity of mathematical problems that traditional computers can solve. But quantum cryptography is based on fundamental laws of physics — specifically, Heisenberg’s Uncertainty Principle, which tells us that merely observing a quantum object alters it.

Taser Sets Florida Man On Fire

Sometimes you just can't wait for Fridays to have fun...

A man in Daytona Beach, Fla., was injured when a probe from a police Taser gun hit a butane lighter in his pocket and set him on fire, according to a Local 6 News report.

Police said Dennis Crouch, 54, apparently stabbed himself inside his home located in the 400 block of Grandview Avenue.

When officers arrived at the house, they found Crouch with a butcher knife threatening to kill himself.

Crouch apparently refused to comply with officers demands and was shot with a Taser gun.

A Taser probe hit a disposable butane lighter in his shirt pocket and ignited. Officers then rolled him to the ground to put out the flames.

Crouch was treated at Halifax Medical Center for burns and the stab wound.

The incident is under investigation to determine if additional safety requirements, Local 6 News reported.

[Full-disclosure] Gay Security Industry Experts Exposed!

I always thought JP was a bit of twit, but this? A rather bizarre, but kind of interesting read about antionline.com founder and former owner JP (john vranesevich).

Mini-Pentoo 2006.0 - Pentoo LiveCD Security Disk

This version is only 186 Mb fat and fits on mini-cd and 256 MB usb pen-drive.

It features the bare minimum tools for pentesting and support modules addition ala slax, allowing you to add some more stuff as you see fit.

You can also save your /etc, /root, ExploitTree and Nessus on a usb pen-drive, or anywhere else you want.

And last but not least, the Window Manager is the most sexiest available in the universe, providing you with genuine pen-testing pleasure.

DOWNLOAD

Download MPentoo LiveCD (HTTP).

Download MPentoo LiveCD (FTP).

Court Ruling Regarding Gramm-Leach-Bliley

This is somthing to think about...

In a legal decision that could have broad implications for financial institutions, a court has ruled recently that a student loan company was not negligent and did not have a duty under the Gramm-Leach-Bliley statute to encrypt a customer database on a laptop computer that fell into the wrong hands. Intrigued? Read on.

In a nut shell, an employee of Brazos Higher Education Service Corporation, Inc., had customer information on a laptop computer he was using at home. The computer was stolen, and a customer sued Brazos.

The judge dismissed the lawsuit. And then he noted...

Significantly, while recognizing that Gramm-Leach-Bliley does require financial institutions to protect against unauthorized access to customer records, Judge Kyle held that the statute "does not prohibit someone from working with sensitive data on a laptop computer in a home office," and does not require that "any nonpublic personal information stored on a laptop computer should be encrypted."

Secure Flying - Tuesdays Can Be For Fun Sometimes!

Simple but a tad addictive. You must carefully pilot the helicopter,
avoiding the obstacles...

Click on the pic to begin!

A True Story: "How we caught an Identity Thief"

A interesting story about how an Identity thief was trapped and captured.

It all started with a phone call. "Someone has the likeness of our site, on a very similar sounding domain!" This is the story of how igxglobal worked in conjunction with the client and the FBI to identify and stop a would be Identity thief.

Personal Security - Severed Arm Still Clutching Mobile Phone

A Letcher County woman suffered a horrible injury early Thursday when her arm was severed in a car crash on the Mountain Parkway in Clark County.

Jacqueline Dotson and her six-year-old daughter had to be cut out of their vehicle after the accident in which Dotson veered into the median and over-corrected, rolling her truck over the guardrail and landing upside down after flipping several times.

Several people stopped to help, and it turns out, the good samaritans may very well have saved Dotson's life. Sheila Vice, a nurse's aide, and an off-duty EMT from another county stopped to help, and put a tourniquet on Dotson's arm to stop the bleeding. Her arm was found near the accident still clutching a cell phone.

"Basically we stayed there and talked to them until the EMT drivers got there," said Vice.

Rescuers used the jaws of life to get the Dotson and her daughter out of the truck. Both were flown to hospitals, and Dotson is listed in serious condition at UK Hospital. Her daughter is not in the hospital, and sheriff's officials say they believe she's going to be fine.

Both were wearing seat belts.

New episode of The IT Crowd, Very Cool SysAdmin Sitcom

Episode 5 of Graham "Father Ted" Linehan's funny British nerd comedy series "The IT Crowd" is available here.

Building a Forensics Computer

Not a ton of info, but here is a link to an interesting article on building a 'forensics computer' used for analyzing compromised machines and security research. Fun Stuff...

Friday Fun - Video Game Nostalgia

If you're a 1980s game geek, you could easily spend an entire day at this website, which has a comprehensive history of video games, beginning in the years that preceded Pong, and heading all the way up to the Vectrex/Atari 7800 years. The whole site is wonderfully put together, with old adverts, screen shots, and pictures of consoles, machines and designers.

I have a Pong game like this. Ah the memories...

Personal Security - US and Canadian Skiers get Smart Armour

A futuristic flexible material that instantly hardens into armour upon impact will protect US and Canadian skiers from injury on the slalom runs at this year's Winter Olympics.

The lightweight bendable material, known as d3o, can be worn under normal ski clothing. It will provide protection for US and Canadian skiers taking part in slalom and giant slalom races in Turin, Italy. Skiers normally have to wear bulky arm and leg guards to protect themselves from poles placed along the slalom run.

Baby Hack

Todd Vanderlin documents an experiment: "I bought a $10 electronic baby in china town. I cracked it open and soldered a couple of switches to the the speaker. Now the baby is possessed and I have hacked a baby." Don't miss the video here.

Nmap 4.01 Released!

10 Days after the release of Nmap 4.0 and with over 100K downloads, 4.1 is released with even more improvements and some minor bug fixes.

You can find 4.01 at the normal location:
http://www.insecure.org/nmap/download.html