Ramblings & ephemera

Take over a computer network with an iPod or USB stick

From Bruce Schneier’s “Hacking Computers Over USB” (Crypto-Gram: 15 June 2005): From CSO Magazine: “Plug an iPod or USB stick into a PC running Windows and the device can literally take over the machine and search for confidential documents, copy them back to the iPod or USB’s internal storage, and hide them as “deleted” files. […]

Russian bot herders behind massive increase in spam

From Ryan Naraine’s “‘Pump-and-Dump’ Spam Surge Linked to Russian Bot Herders” (eWeek: 16 November 2006): The recent surge in e-mail spam hawking penny stocks and penis enlargement pills is the handiwork of Russian hackers running a botnet powered by tens of thousands of hijacked computers. Internet security researchers and law enforcement authorities have traced the […]

The HOLLYWOOD sign as multi-user access-control system

From Bruce Schneier’s “Hollywood Sign Security” (Crypto-Gram: 15 January 2005): In Los Angeles, the “HOLLYWOOD” sign is protected by a fence and a locked gate. Because several different agencies need access to the sign for various purposes, the chain locking the gate is formed by several locks linked together. Each of the agencies has the […]

A new way to steal from ATMs: blow ’em up

From Bruce Schneier’s “News” (Crypto-Gram Newsletter: 15 March 2006): In the Netherlands, criminals are stealing money from ATM machines by blowing them up. First, they drill a hole in an ATM and fill it with some sort of gas. Then, they ignite the gas — from a safe distance — and clean up the money […]

DIY worm kits

From Jose Nazario’s Anatomy of a worm (Computerworld: 15 September 2004): Now imagine a world where worm attacks frequently occur because hackers and rogue developers have access to “worm kits” or development tools that provide the basic building blocks for rapid worm development. Historically, worms were basic clones of one another that didn’t change after […]

Evil twin hot spots

From Dan Ilett’s Evil twin could pose Wi-Fi threat (CNET News.com: 21 January 2005): Researchers at Cranfield University are warning that “evil twin” hot spots, networks set up by hackers to resemble legitimate Wi-Fi hot spots, present the latest security threat to Web users. Attackers interfere with a connection to the legitimate network by sending […]

Virtual-machine based rootkits

From Samuel T. King, Peter M. Chen, Yi-Min Wang, Chad Verbowski, Helen J. Wang, & Jacob R. Lorch’s “SubVirt: Implementing malware with virtual machines ” [PDF] (: ): We evaluate a new type of malicious software that gains qualitatively more control over a system. This new type of malware, which we call a virtual-machine based […]

Search for “high score” told them who stole the PC

From Robert Alberti’s “more on Supposedly Destroyed Hard Drive Purchased In Chicago” (Interesting People mailing list: 3 June 2006): It would be interesting to analyze that drive to see if anyone else was using it during the period between when it went to Best Buy, and when it turned up at the garage sale. We […]

Google’s number tricks

From “Fuzzy maths” (The Economist: 11 May 2006): MATHEMATICALLY confident drivers stuck in the usual jam on highway 101 through Silicon Valley were recently able to pass time contemplating a billboard that read: “{first 10-digit prime found in consecutive digits of e}.com.” The number in question, 7427466391, is a sequence that starts at the 101st […]

iSee: online map of CCTVs in Manhattan

From Patrick Keefe’s “Camera Shy” (Legal Affairs: July/August 2003): One extralegal solution is a project called iSee. Launched several years ago, iSee is an online interactive map of the locations of surveillance cameras in Manhattan. To use iSee, you simply open the map of Manhattan and double-click on your point of departure and your destination. […]

The history of the Poison Pill

From Len Costa “The Perfect Pill” (Legal Affairs: March/April 2005): THE MODERN HISTORY OF MERGERS AND ACQUISITIONS divides neatly into two eras marked by a landmark ruling of the Delaware Supreme Court in 1985. Before then, financiers like T. Boone Pickens and Carl Icahn regularly struck terror in the hearts of corporate boards. If these […]

Even worse spam is coming

From Spam Daily News’s “Spam zombies from outer space“: Spammers could soon use zombie computers in a totally new way. Infected computers could run programs that spy into a person’s email, mine it for information, and generate realistic-looking replies. John Aycock, an assistant professor of computer science at the University of Calgary, and his student […]

3000 ravers, dancing in silence

From The Sydney Morning Herald‘s’ “Clubbers to get into the silent groove“: For those seeking tranquillity at Glastonbury Festival, a dance tent packed with clubbers is not an obvious sanctuary. But this will be the silent disco – 3000 festivalgoers are to be issued with headphones this year so they can turn up the volume […]

Projecting a murdered woman’s image on a building

From BBC News’ “Police go big with victim picture“: A 60ft high picture of a murdered prostitute has been projected onto a derelict block of flats in Glasgow. Detectives hope it will help to turn up clues about the death of Emma Caldwell, whose body was found in woods in South Lanarkshire on 8 May. […]

Israeli car theft scam

From Bruce Schneier’s “Automobile Identity Theft“: This scam was uncovered in Israel: 1. Thief rents a car. 2. An identical car, legitimately owned, is found and its “identity” stolen. 3. The stolen identity is applied to the rented car and is then offered for sale in a newspaper ad. 4. Innocent buyer purchases the car […]

The Sumitomo Mitsuibank bank heist

From Richard Stiennon’s “Lessons Learned from Biggest Bank Heist in History“: Last year’s news that thieves had managed to break in to Sumitomo Mitsui Bank’s branch in London and attempt to transfer almost $440 million to accounts in other countries should give CIO’s cause for concern. … First a recap. Last year it came to […]

The diamond scam

From The Atlantic‘s “Have You Ever Tried to Sell a Diamond?” (February 1982): The diamond invention – the creation of the idea that diamonds are rare and valuable, and are essential signs of esteem – is a relatively recent development in the history of the diamond trade. Until the late nineteenth century, diamonds were found […]

Word of the day: cunctative

Cunctative: Cunc’ta*tive, a. Slow; tardy; dilatory; causing delay. Cunctator: Cunc*ta’tor, n. [L., lit., a delayer; — applied as a surname to Q. Fabius Maximus.] One who delays or lingers. From Wikipedia’s “Fabius Maximus“: Quintus Fabius Maximus Verrucosus (c. 275 BC-203 BC), called Cunctator (the Delayer), was a Roman politician and soldier, born in Rome around […]

Russian anti-tank dogs

From Damn Interesting’s “Let Slip the Dogs of War“: Nary does a modern movie depict the way the Romans used mastiffs with razored collars in battle, nor the fully armored Death Hounds … that the medieval knights would loose on a field to snap at the legs of opponents and dispatch the wounded that littered […]

Phishing by altering the bank’s server

From Computerworld‘s “Florida banks hacked in new spoofing attack“: Three Florida banks have had their Web sites compromised by hackers in an attack that security experts are calling the first of its type. Earlier this month, attackers were able to hack servers run by the Internet service provider that hosted the three banks’ Web sites. […]