Eternal sunshine of the geeky mind

Eternal sunshine of the geeky mind http://www.somethingwith.be/ Can you imagine what I would do if I could do all I can? --Sun Tzu en Copyright 2011 Wed, 26 May 2010 14:16:07 +0100 http://www.sixapart.com/movabletype/ http://www.rssboard.org/rss-specification Google Analytics opt-out here!]]> http://www.somethingwith.be/2010/05/google-analytics-opt-out.html http://www.somethingwith.be/2010/05/google-analytics-opt-out.html infosec privacy Wed, 26 May 2010 14:16:07 +0100 Secure googling From now on, you can protect your Google searches from eavesdropping as Google enabled HTTPS on its search engine.

A few notes on their blog indicate that it is still a 'beta' option:

- only the web search is SSL encrypted (image or map searches, for example, are not)

- slightly slower loading times to set up encryption

- your data and searches are not hidden from Google (if you read between the lines, that means that if law enforcement requests information about your search behavior, Google can still provide it) only from others that might eavesdrop on your connections

]]> http://www.somethingwith.be/2010/05/secure-googling.html http://www.somethingwith.be/2010/05/secure-googling.html infosec Wed, 26 May 2010 13:49:44 +0100 IT Security for the Next Generation contest Kaspersky is organizing the IT Security for the Next Generation conference later this year, and is calling all students of European universities to submit their research papers for a contest to participate in the conference and have a chance to present their paper for a large audience. Students from any European university can participate, free of charge, by writing a research paper about one of these topics:

Technical nomination

- Trends in Anti-Spam Development � Techniques, Methods in the �Spam Arms Race� and new Innovations

- Dangers of an increasingly Networked World

- 'In the Cloud' Security

- Future Technologies for Detecting and Combating Malware (e.g. artificial intelligence, fuzzy systems, p2p networks)

Social, economic and legal nomination

- Emerging Threats (e.g. social network security, embedded systems security, mobile security, online banking security)

- Challenges and Opportunities for IT-Security Companies within the next 10 years

- Impact of technologies on Data Protection, Copy and Intellectual Property Rights and Jurisdiction

- Education in IT Security - Trends and Questions

More info here.

]]> http://www.somethingwith.be/2010/05/it-security-for-the-next-gener.html http://www.somethingwith.be/2010/05/it-security-for-the-next-gener.html conferences infosec Wed, 26 May 2010 13:47:50 +0100 Google to EU: Trust us excuse for data data protection? Nu-uh! ]]> http://www.somethingwith.be/2010/01/google-to-eu-trust-us.html http://www.somethingwith.be/2010/01/google-to-eu-trust-us.html infosec Wed, 20 Jan 2010 00:13:10 +0100 Naked elves steal login credentials shed some light on a new Trojan 'Troj/Lneage-A' that takes advantage of the cliche that all MMORPG'ers are lonely males, popping up naked elves on the screens of drooling nerds while their game login information is stolen.

I'm waiting for the female version! ]]> http://www.somethingwith.be/2009/12/naked-elves-steal-login-creden.html http://www.somethingwith.be/2009/12/naked-elves-steal-login-creden.html cybercrime infosec Tue, 15 Dec 2009 00:12:46 +0100 EnCase usage questioned in court discussed the interesting case of State v. Dingman, 149 Wash.App. 648, 202 P.3d 388 (Washington Court of Appeals 2009), in which the defense received evidence files in proprietary EnCase format, and was asked to provide the evidence in a different format as the defense did not have access to the EnCase software. Interestingly, the court decided in the end that a different format should be provided if asked for. ]]> http://www.somethingwith.be/2009/12/encase-usage-questioned-in-cou.html http://www.somethingwith.be/2009/12/encase-usage-questioned-in-cou.html cybercrime digital forensics Tue, 15 Dec 2009 00:12:04 +0100 COFEE vs DECAF website):

Contaminate MAC Addresses: Spoof MAC addresses of network adapters
Kill Processes: Quick shutdown of running processes
Shutdown Computer: On the fly machine power down
Disable network adapters
Disable USB ports
Disable Floppy drive
Disable CD-ROM
Disable Serial/Printer Ports
Erase Data: Quick file/folder removal (Basic Windows delete)
Clear Event Viewer: Remove logs from the Event Viewer
Remove Torrent Clients: Removes Azureus and BitTorrent clients
Clear Cache: Remove cookies, cache, and history

It reminds me a bit of Netbus from all those years ago. It makes the job more difficult, but I admit is clever at the same time.

Update: Apparently DECAF was only a media stunt to increase security awareness and to attract attention to the need for better forensics tools. ]]> http://www.somethingwith.be/2009/12/cofee-vs-decaf.html http://www.somethingwith.be/2009/12/cofee-vs-decaf.html cybercrime digital forensics Tue, 15 Dec 2009 00:11:36 +0100 More metadata criminal cases is metadata of great importance. As seen in a recent case against the City of Phoenix, a new Supreme Court decision overruled the Court of Appeals in saying that metadata is part of public records, and should be provided if requested for under the freedom of information act. ]]> http://www.somethingwith.be/2009/12/more-metadata.html http://www.somethingwith.be/2009/12/more-metadata.html digital forensics Thu, 10 Dec 2009 00:11:02 +0100 The importance of metadata in forensics discussed the case of U.S. v. Haymond, 2009 WL 3029592 (U.S. District Court for the Northern District of Oklahoma 2009), and the story is quite interesting in how it discusses the use and importance of metadata, and how a case can stand or fall with this information. ]]> http://www.somethingwith.be/2009/12/the-importance-of-metadata-in.html http://www.somethingwith.be/2009/12/the-importance-of-metadata-in.html cybercrime digital forensics Tue, 08 Dec 2009 00:10:29 +0100 New fingerprints, new identity
Source: http://thecybersleuth.blogspot.com/2009/12/plastic-surgery-changes-identity-by.html ]]> http://www.somethingwith.be/2009/12/new-fingerprints-new-identity.html http://www.somethingwith.be/2009/12/new-fingerprints-new-identity.html biometrics infosec Tue, 08 Dec 2009 00:09:54 +0100 WPA cracking for dummies online service for cracking WPA passwords in 20 minutes. For $34, his 'users' get access to a 400-node cluster specifically designed for cracking WPA passwords. Marlinspike's intention is to have this service available for ethical hackers and WIFI auditors, but I wonder how long it will take before it is abused by others. ]]> http://www.somethingwith.be/2009/12/wpa-cracking-for-dummies.html http://www.somethingwith.be/2009/12/wpa-cracking-for-dummies.html cybercrime infosec Tue, 08 Dec 2009 00:09:28 +0100 Data mining police databases a study was carried out in the Netherlands to find new links in the police databases through data mining. Some unexpected and previously unknown links were discovered:

* women in the database are significantly more often addicted to drugs than men
* people suspected of manslaughter are relatively often already convicted for racism
* joyriders often don't follow employment and alcohol regulations
* theft with violence is often linked with possession of weapons
* African origin and convictions for public security/safety
* criminals in the low lands also often don't follow traffic regulations

This sounds like a fun exercise to do in Belgium too!

Sources:
http://weblogs.nrc.nl/media/2009/12/07/datamining-politiedatabank-toont-onbehaaglijke-verbanden/
http://webwereld.nl/nieuws/64515/politie-test-datamining-criminelendatabank.html ]]> http://www.somethingwith.be/2009/12/data-mining-police-databases.html http://www.somethingwith.be/2009/12/data-mining-police-databases.html crime link analysis Mon, 07 Dec 2009 00:08:59 +0100 More infosec skills skills an information security professional should have. David Lacey listed his top 7 here. ]]> http://www.somethingwith.be/2009/12/more-infosec-skills.html http://www.somethingwith.be/2009/12/more-infosec-skills.html infosec Mon, 07 Dec 2009 00:08:19 +0100 SANS course on Information Reconnaissance
Information is power! Don't think so? Follow the course or read my paper. ]]> http://www.somethingwith.be/2009/12/sans-course-on-information-rec.html http://www.somethingwith.be/2009/12/sans-course-on-information-rec.html cybercrime infosec Fri, 04 Dec 2009 00:07:35 +0100 PayPal phishes own users Randy Abrams. He forwarded it to PayPal support, and they answered "You're right � it was a phishing attempt". Apparently PayPal support can't even tell a legitimate email from one phishing for information. ]]> http://www.somethingwith.be/2009/12/paypal-phishes-own-users.html http://www.somethingwith.be/2009/12/paypal-phishes-own-users.html cybercrime infosec Fri, 04 Dec 2009 00:06:57 +0100