twistedmoney99 - Slashdot User

Submission + - The OLPC - Give One, Get Owned

Submitted by twistedmoney99 on Tuesday May 27, 2008 @09:15AM

twistedmoney99 writes: InformIT.com has a whimsical yet intriguing look at the OLPC in an article series titled "One Leet Pwning Child — Give one, Get Owned". Part one details how to upgrade the core system with some extras, but part two is where the fun begins as the author converts the OLPC into a lean green hacking machine to enable wireless sniffing, setup the OLPC for vulnerability assessments, and stage the device for a little autopwning with Metasploit. From the intro, "Who would have thought that the OLPC's goal of educating children in developing countries could empower them to become hackers?!"

Submission + - Owning a wireless camera, its user and its network (informit.com)

Submitted by twistedmoney99 on Saturday September 15, 2007 @09:54AM

twistedmoney99 writes: InformIT has posted a two part article by Seth Fogie that describes how a wireless IP camera can be owned and abused. The first part describes how the cameras feed can be sniffed, replaced, or even DoSed off the air by a PDA. The second part then takes a look at the web application interface of the camera (an Axis207W) and exposes numerous vulnerabilities that lead to exposed passwords, a software based DoS, global XSS — and the kicker — a CRSF attack that through which an attacker can remotely penetrate the network it is installed on.

Submission + - Full-Disclosure Wins Again - How patches are born (informit.com)

Submitted by twistedmoney99 on Wednesday August 15, 2007 @10:12AM

twistedmoney99 writes: The full-disclosure debate is a polarizing one. However, no one can argue that disclosing a vulnerability publicly often results in a patch — and InformIT just proved it again. In March, Seth Fogie found numerous bugs in EZPhotoSales and reported it to the vendor, but nothing was done. In August the problem was posted to Bugtraq, which pointed to a descriptive article outlining numerous bugs in the software — and guess what happens? Several days later a patch appears. Coincidence? Probably not considering the vendor stated "..I'm not sure we could fix it all anyway without a rewrite." Looks like they could fix it, but just needed a little full-disclosure motivation.

Submission + - Stealing Your Vacation: Memories of a media card

Submitted by twistedmoney99 on Tuesday January 02, 2007 @04:10PM

twistedmoney99 writes: Anyone who has upgraded their digital camera probably has a few older incompatible media cards lying around — so why not post them on Ebay? Well if you do, be sure to properly wipe them because the digital voyeurs are watching. Seth Fogie at InformIT.com purchased a bunch of used cards from Ebay and found recoverable data on most of them. Using the freely available PhotoRec, he was able to extract pictures, movies, and more from apparently formatted cards. The picture is clear — wipe anything that can store digital data before getting rid of it.

Slashdot Top Deals