header

root@server:~# dd if=/dev/hacking of=/dev/wired bs=1337k

Welcome
38.103.63.16
News
Index
Archive of 2008
Texts
Attack
Defense
Advisories
Malicious
Others
Releases
Hacking/Cracking
Administration/Defense
Malicious codes
Exploits
Others
Others
About
Staff
Imprint
Multimedia
Feed
RSS 2.0
Members blogs
SkyOut
Tatsumori
Komarov
Security news/vuln. alerts
Rootsecure
Securiteam
Secunia
Securitytracker
Securityfocus
Gnucitizen
Zone-H
Vuln./exploit databases
OSVDB
Milw0rm
Secwatch
Securityvulns
Packetstorm
Exploitsearch
Virus code databases
Netlux
VX Chaos
Trojanfrance
Blogs (AntiVirus/Security)
F-Secure
Symantec
Avertlabs
Viruslist
ESET
Ha.ckers
Offensive Computing
NewOrder
Rootkit
Electronical magazines
Phrack
(IN)SECURE
K_1ine
bUTCHERED fR0M iNSiDE
Die Datenschleuder
Commercial magazines
Hakin9
2600
Xakep
Affiliated pages
Perforin
SecuMania
Hosting provided by
Nexpa.de
07th - August - 2008 - 15:30 - #permalink

Apple iPhone "Backdoor"?

iphone

A researcher has found out, that the firmware of the Apple iPhone, one of the most hyped mobile phones of today, seems to have some kind of "backdoor" implemented. What does this "backdoor" do? Well, Apple included a feature, that the iPhone connects to a server controled by Apple, which consists of a list of forbidden applications, thus it might be possible for the company to automatically delete any programs on the users phones worldwide, which they do not want them to be there. It is unclear in which time phase the iPhone connects to the server and till now no applications are listed, that are forbidden.

If you connect to the address located at - https://iphone-services.apple.com/clbl/unauthorizedApps - you will only find the following string:

{ "Date Generated" = "2008-08-07 12:13:46 Etc/GMT";
"BlackListedApps" = { "com.mal.icious" =
{ "Description" = "Being really bad!";
"App Name" = "Malicious";
"Date Revoked" = "2004-02-01 08:00:00 Etc/GMT"; }; }; }

Looking at this code two ideas come to my mind. First one is that Apple might add whatever they want to that list, for example programs, that might be use to hack into features of the iPhone, what Apple might not want; that would be the bad way. But there is also a good way of using this feature. Apple is able to add malware to that list, that might come out in future more often (let's see) and make sure the users get their iPhones cleaned automatically. That of course would be a great benefit for the phones security.

What Apple will actually do with this feature is unsure, let's hope for the best...

06th - August - 2008 - 16:30 - #permalink

Hacking the Great Firewall of China

gifc

Perfectly for the olympic games a toolset has come to the media, that allows chinese people to hack around the Great Firewall of China to get uncensored access to the internet. The toolchain consists of five tools, that make it possible to circumvate the firewall, encrypt your traffic, hide your IP address and allow FTP downloads. About one million people are using those tools in China to get access to foreign countries media sites, says the Global Internet Freedom Consortium (GIFC).

I very much respect those projects, that help people in countries being censored very strictly, to break the chains. But just to make a number, one million people are using it, with about 200 million using the internet in China. That's only about 0.5%, a very small amount. Why is this so? Well, that can have multiple reasons. One might be, that people don't know about it. Another might be, that people use other techniques, such as TOR or other services. But what's also very typical might be, that people just accept the censorship or even worse just don't care.

I once watched a documentation about hackers in China and one scene in this documentation was somehow "funny", the speaker said something like "With the access to internet, the people have the ability to read the humans knowledge spread all over the worldwide web." and while saying so you could see some chinese guys playing Counter Strike or other online games... Hmm, no wonder, that the country does this censorship and people don't stand up against it, if most people just care for gaming, instead of getting informed.

The tools can be downloaded [here].

05th - August - 2008 - 15:00 - #permalink

It's time to be in Las Vegas

blackhat

This year I was not able to take a trip to Las Vegas for Black Hat or the Defcon following in some days, but next year I am planning to go there. To everyone, who is there and enjoying the speeches or doing an own one: Have a lot of fun and happy hacking the next two days! The homepage of the Black Hat conference is very informative and you should check it out for sure.

On Twitter you can find a [channel] for the event. To get to know what you'll miss or better: what you'll be part of: Check out the [schedule] and [Speakers List].

At least one person I know (sorry, can't tell who) is going there. I am excited for some feedback, when he comes back!

Copyright © 2008 by SkyOut (Marcell Dietl)