Security News Media

Tcl Tutorial

2010-01-20T05:14:00.000-08:00

This is a very short introduction to the Tcl script language. If you just can’t wait, I hope this will make you able to read and to understand simple Tcl code.

In many points, Tcl is similar to C, especially for loop structures, function definitions and mathematical or conditional expressions. In other points, such as expression evaluation and list data structures, you will notice that Tcl has inherited from the benefits of the Scheme language.

In Tcl, all data is represented as strings.

Tcl Tutorial

FREE Advertising

2008-01-23T10:51:00.000-08:00

Apparently TheTAZZone.com will soon be offering FREE Advertising for 3 months beginning March 1st on 4 different domains. According to inside sources this offer will be open to both personal and commercial websites.
They have a forum thread at TAZForum where you can sign up for the FREE Advertising, or you can just e-mail their administration.

TAZ Forum :: A Computer, Gaming, and Social Network Community of Friends :: TAZForum :: View topic - Free Advertising Sign-ups

Sun Microsystems Announces Agreement to Acquire MySQL

2008-01-16T16:14:00.000-08:00

January 16, 2008 Sun Microsystems, Inc. (NASDAQ: JAVA) today announced it has entered into a definitive agreement to acquire MySQL AB, an open source icon and developer of one of the world's fastest growing open source databases for approximately $1 billion in total consideration. The acquisition accelerates Sun's position in enterprise IT to now include the $15 billion database market. Today's announcement reaffirms Sun's position as the leading provider of platforms for the Web economy and its role as the largest commercial open source contributor.

With millions of global deployments including Facebook, Google, Nokia, Baidu and China Mobile, MySQL will bring synergies to Sun that will change the landscape of the software industry by driving new adoption of MySQL's open source database in more traditional applications and enterprises. The integration with Sun will greatly extend the commercial appeal of MySQL's offerings and improve its value proposition with the addition of Sun's global services organization. MySQL will also gain new distribution through Sun's channels including its OEM relationships with Intel, IBM and Dell.

Sun Microsystems Announces Agreement to Acquire MySQL, Developer of the World's Most Popular Open Source Database

Teenager hacks Polish tram system

2008-01-12T05:30:00.000-08:00

A 14 year-old schoolboy hacked into a Polish tram system and used a remote control to change the direction of a number of vehicles.

Transport employees in Lodz immediately suspected outside interference when a driver who was trying to turn right found his tram veering to the left.

The tram's back wagon was derailed and hit a passing tram. Another derailment injured 12 passengers.

Teenager hacks Polish tram system - Personal Computer World

Hacking attack compromises thousands of sites

2008-01-08T04:21:00.001-08:00

Tens of thousands of Web sites have been compromised by an automated SQL injection attack, and although some have been cleaned, others continue to serve visitors a malicious script that tries to hijack their PCs using multiple exploits, security experts said this weekend.

Hacked sites included both .edu and .gov domains, the SANS Institute's Internet Storm Center (ISC) reported in a warning posted last Friday. The ISC also reported that several pages of security vendor CA Inc.'s Web site had been infected.

Grisoft's Thompson said that his research had identified a 15-month-old vulnerability as one of those exploited by the attack code. The exploit, he said, targeted the MDAC (Microsoft Data Access Components) bug patched in April 2006 with the MS06-014 security update. "They went to the trouble of preparing a good Web site exploit, and a good mass hack but then used a moldy old client exploit. It's almost a dichotomy," said Thompson.

IT Business

Sears puts customers' buying histories on the Web

2008-01-04T15:04:00.000-08:00

Sears Holdings Corp. has come under fire from privacy advocates for making the purchase history of its customers publicly available on its Managemyhome.com Web site.

Manage My Home is a community portal where Sears shoppers can download product manuals, find product tips and get home renovation ideas.

The Web site has a feature called "Find your products" that lets users look up past purchases. Ostensibly, this is designed to help customers keep track of items they've bought from the retailer, but the site also lets them look up the purchase histories of other people.

"Sears offers no security whatsoever to prevent a Manage My Home user from retrieving another person's purchase history by entering that person's name, phone number and address," wrote Ben Edelman, an assistant professor at Harvard Business School, in a blog posting.

Sears puts customers' buying histories on the Web

End of Support for Netscape web browsers

2007-12-29T09:19:00.001-08:00

AOL's focus on transitioning to an ad-supported web business leaves little room for the size of investment needed to get the Netscape browser to a point many of its fans expect it to be. Given AOL's current business focus and the success the Mozilla Foundation has had in developing critically-acclaimed products, we feel it's the right time to end development of Netscape branded browsers, hand the reins fully to Mozilla and encourage Netscape users to adopt Firefox.

Netscape Navigator until February 1, 2008. After February 1, there will be no more active product support for Navigator 9, or any previous Netscape Navigator browser

End of Support for Netscape web browsers - The Netscape Blog

Introducing Weave

2007-12-24T04:50:00.000-08:00

Introducing Weave

We’re now launching a new project within Mozilla Labs to formally explore this integration. This project will be known as Weave and it will focus on finding ways to enhance the Firefox user experience, increase user control over personal information, and provide new opportunities for developers to build innovative online experiences.

Just like Mozilla enables massive innovation by making Firefox open on many levels, we will aim to do the same with Weave by developing an open extensible framework for services integration.

Mozilla Labs » Blog Archive » Introducing Weave

Hackers launch major attack on US military labs

2007-12-09T13:58:00.000-08:00

Hackers have succeeded in breaking into the computer systems of two of the US' most important science labs, the Oak Ridge National Laboratory (ORNL) in Tennessee and Los Alamos National Laboratory in New Mexico.

In what a spokesperson for the Oak Ridge facility described as a "sophisticated cyber attack," it appears that intruders accessed a database of visitors to the Tennessee lab between 1990 and 2004, which included their social security numbers and dates of birth. Three thousand researchers reportedly visit the lab each year, a who's who of the science establishment in the US.

Computerworld > Hackers launch major attack on US military labs

Stolen laptop had IDs on 268,000 Minnesota blood donors

2007-12-07T13:42:00.000-08:00

A laptop stolen during a recent blood drive contained sensitive information on 268,000 Minnesota-region blood donors, Memorial Blood Centers said Wednesday.

The laptop was in a briefcase that was stolen just before 7 a.m. Nov. 28 as workers were setting up a blood drive, said Laura Kaplan, manager of marketing and communications with the blood center. "They were setting up for a blood drive and this was in a briefcase," she said. "The police have told us they believe it was a random crime."

Memorial Blood Centers is a nonprofit blood bank based in St. Paul, Minn. It operates 10 blood collection centers in northern Minnesota and Wisconsin and collects about 125,000 units of blood each year.

Stolen laptop had IDs on 268,000 Minnesota blood donors

Fasthosts customers blindsided by emergency password reset

2007-11-30T04:58:00.000-08:00

Fasthosts has announced that "a number" of its customers'* FTP spaces were raided as a result of the major hack that triggered a police investigation last month. It has applied a system-wide reset of thousands of passwords as a result.

The Gloucester-based webhosting firm yesterday performed the emergency reset of control panel, PCP, FTP and SQL passwords that were not changed by customers when the intrusion was revealed.

Fasthosts customers blindsided by emergency password reset | The Register

New Software Detects Web Interference

2007-11-29T03:21:00.000-08:00

Increasingly worried over Internet providers' behavior, a nonprofit has released software that helps determine whether online glitches are innocent hiccups or evidence of deliberate traffic tampering.

The San Francisco-based digital rights group Electronic Frontier Foundation hopes the program, released Wednesday, will help uncover "data discrimination" _ efforts by Internet providers to disrupt some uses of their services _ in addition to the cases reported separately by EFF, The Associated Press and other sources.

"People have all sorts of problems, and they don't know whether to attribute that to some sort of misconfiguration, or deliberate behavior by the ISP," said Seth Schoen, a staff technologist with EFF.

The new software compares lists of data packets sent and received by two different computers and looks for discrepancies between what one sent and the other actually received. Previously, the process had to be done manually.

Schoen compared the software to a spelling checker.

New Software Detects Web Interference | Chron.com - Houston Chronicle

United Airlines exploits tragedy in Brazil

2007-11-23T15:10:00.000-08:00

I'm sure you've all heard the tragic story of Tony Harris by now...the son/son-in-law of a loving wife, a soon to be born child, a devoted step-father and his wife... Tony Harris goes to Brazil to play basketball and life takes a tragic turn... But...is United Air Lines hospitable? Sympathetic? NO! instead of giving the grieving step-father...

Digg - United Airlines exploits tragedy in Brazil

16 year-old 'hacker' designs Internet policy

2007-11-21T13:51:00.000-08:00

A TEENAGE hacker who managed to get around the Aussie government's $84 million internet filter scheme has been recruited by the opposition Labor party to design its cyber safety policy.

Tom Wood has now become the subject of a slanging match between the Labor and Liberal parties.

Liberal Communications Minister, Helen Coonan, denies that Wood "hacked" the software filters, saying he bypassed them by gaining access to the administrator account on his computer.

16 year-old 'hacker' designs Internet policy - The INQUIRER

Did NSA Put a Secret Backdoor in New Encryption Standard?

2007-11-15T02:57:00.000-08:00

Random numbers are critical for cryptography: for encryption keys, random authentication challenges, initialization vectors, nonces, key-agreement schemes, generating prime numbers and so on. Break the random-number generator, and most of the time you break the entire security system. Which is why you should worry about a new random-number standard that includes an algorithm that is slow, badly designed and just might contain a backdoor for the National Security Agency.

But one of those generators -- the one based on elliptic curves -- is not like the others. Called Dual_EC_DRBG, not only is it a mouthful to say, it's also three orders of magnitude slower than its peers. It's in the standard only because it's been championed by the NSA, which first proposed it years ago in a related standardization project at the American National Standards Institute.

If this story leaves you confused, join the club. I don't understand why the NSA was so insistent about including Dual_EC_DRBG in the standard. It makes no sense as a trap door: It's public, and rather obvious. It makes no sense from an engineering perspective: It's too slow for anyone to willingly use it. And it makes no sense from a backwards-compatibility perspective: Swapping one random-number generator for another is easy.

TAZ Forum :: A Computer, Gaming, and Social Network Community of Friends :: TAZForum :: View topic - Did NSA Put a Secret Backdoor in New Encryption Standard?

Computer scientist fights threat of ‘botnets’

2007-11-10T03:53:00.000-08:00

Most network-intrusion systems today are comparing traffic against a database, collected by hand, of previously recognized attack signatures. The innovation with Nemean is a method to automatically generate intrusion signatures, making the detection process faster and more precise.

In a test comparing Nemean against a current technology on the market, both had a high detection rate of malicious signatures — 99.9 percent for Nemean and 99.7 for the comparison technology. However, Nemean had zero false positives, compared to 88,000 generated by the other technology.

“The technology we’re developing here really has the potential to transform the face of network security,” says Barford, whose research is supported by the National Science Foundation, the Army Research Office and the Department of Homeland Security. “Our objective is to build this company into a world leader in network securty solutions.”

Computer scientist fights threat of ‘botnets’ (Oct. 31, 2007)

The Opposite of Backup

2007-11-07T03:34:00.001-08:00

In the early 1980s, George C. was IT support on a team overseeing a large installation of workstations. At the time, this was a pretty novel concept. Several Unix site managers applied to help out but wanted "too much money," according to management. Instead, the IT manager rounded up a bunch of recent college graduates (who were much cheaper). Problem solved.

There were roughly 80 workstations that were being installed, each with two 70MB drives. One drive kept the operating system files (which the users couldn't modify), the other was the user drive for work files. Each system was backed up and updated nightly with a three step process:

Back up all files that have changed on each client's user drive.
Replace old files on each client's system drive.
Delete files that are no longer needed from each client's system drive. For this step it'd just remove any files from the system drive on the client's machine that didn't exist on the server so everyone had a consistent system drive.

The tech writers on...

The Opposite of Backup - Worse Than Failure

Cross-Selling Online Scams and Security Issues

2007-11-03T15:55:00.000-07:00

Remember that the code the cross-sell company added doesn’t link in the normal sense but just continues with the session in an attempt to sell you some useless crap. By continuing the session, the application running (the cross-sell application, not the original on-line store) has access to the card data in the cookie. Most legitimate companies don’t think this through — the money is too good.

Slashdot | Cross-Selling Online Scams and Security Issues

Caveat Emptor - Use of Credit Cards On-Line « The 12 Angry Men Blog

Blu-ray's BD+ Encryption Cracked

2007-10-31T03:22:00.000-07:00

Unsurprisingly, it is SlySoft who have had a hand in the cracking, so a new version of AnyDVD HD should be available before the new year. Said software will allow the backing up of Blu-ray movies to a hard drive or the direct copy of discs and other similarly nefarious activities.
Of course the $30 software does require a rather more expensive Blu-ray drive to be of any use and if you copy a film you'll pay more for a blank disc than for a 'real' version anyway. On that basis, this will probably stand more as an example of "we told you so" than a real threat to Blu-ray anti-piracy fanatics.

TrustedReviews - Blu-ray's BD+ Encryption Cracked

Storm worm strikes back at security pros

2007-10-25T14:11:00.001-07:00

The Storm worm is fighting back against security researchers that seek to destroy it and has them running scared, Interop New York show attendees heard this week.

The worm can figure out which users are trying to probe its command-and-control servers, and it retaliates by launching DDoS attacks against them, shutting down their internet access for days, says Josh Korman, host-protection architect for IBM ISS, who led a session on network threats.

"As you try to investigate [Storm], it knows, and it punishes," he says. "It fights back."

New Zealand PC World Magazine > Storm worm strikes back at security pros

Trojan imitates Skype, steals login credentials

2007-10-18T18:12:00.000-07:00

Security analysts are warning of another malicious software program masquerading as an installer file for Skype.

The program sends the victim's Skype credentials, as well as any other logins or passwords stored in Internet Explorer, to another server, writes Villu Arak, a Skype spokesman based in Tallinn, Estonia, on a Skype blog.

Skype, the VoIP (voice over internet protocol) program owned by eBay, is frequently targeted by malware writers because it is widely used. Other attacks have focused on sending links to malware via Skype's chat function as well as worms.

http://computerworld.co.nz/news.nsf/scrt/8BACC8844B734F9DCC2573780007D204
Computerworld > Trojan imitates Skype, steals login credentials

Secret Windows command line tools can boost security

2007-10-14T06:22:00.000-07:00

There's a much under-hyped and overlooked set of Windows security tools that you should be taking advantage of as a Windows administrator. You've already paid for them but may not realize that you have them. I'm talking about a handful of nifty command-line tools that are extremely powerful in practically any information security context. If your experience goes back to the good old DOS days, you'll feel right at home. And if the command line is a little outside your comfort zone, relax -- what you need to know is really straightforward.

Secret Windows command line tools can boost security

Mother of 14-Year-Old Suspected of Plotting School Attack Charged

2007-10-12T07:18:00.000-07:00

The mother of a 14-year-old home-schooled student who had a cache of guns, knives and explosive devices in his bedroom was charged Friday with six counts for buying him three weapons.

Michele Cossey bought her son a .22-caliber handgun, a .22-caliber rifle and a 9 mm semiautomatic rifle, authorities said.

The teenager felt bullied and tried to recruit another boy for the possible attack at Plymouth Whitemarsh High School, authorities said.

Police on Wednesday found the rifle, about 30 air-powered guns, swords, knives, a bomb-making book, videos of the 1999 Columbine attack in Colorado and violence-filled notebooks, Montgomery County District Attorney Bruce L. Castor Jr. said.

here

Hackers Could Shut Down Car Engines!

2007-10-11T03:22:00.000-07:00

I had mentioned this a while ago in a conversation with a friend that these computerized cars would eventually be the subject of some potentially serious problems

Hackers Could Shut Down Car Engines!

Some people just have no idea what they are doing. Here we go again – this is another case of overzealous security that can seriously end up in hurting the ones who should be protected!
General Motors is going to come up with a system to make car thefts history…

http://itexperts.thetazzone.com/viewtopic.php?p=1045#1045
TAZForum 2 :: Security Zone :: View topic - Hackers Could Shut Down Car Engines!

YouTube hijacked for Storm worm spam

2007-10-08T12:40:00.000-07:00

Spammers are exploiting YouTube's "Invite your Friends" facility to send spam containing a Storm Trojan from the video sharing site. Bradley Anstis, director of product management at security firm Marshal, said that YouTube users can invite their friends to view videos that they are looking at or have posted. Using the facility gives them the opportunity to e-mail any address from their account -- a feature the spammers are now exploiting.

MSFN - YouTube hijacked for Storm worm spam

Torrent Sites Blacklist North American Users

2007-10-01T08:18:00.000-07:00

Citing increased pressure from piracy enforcers, operators call it quits

Within the last week, two popular BitTorrent sites began blocking users located in North America: Isohunt.com’s trackers now block users in the United States; and Demonoid.com blocks users located in Canada.

Starting last week, Canada-based Isohunt posted a notice on its front page, stating that it has disabled access from users in the U.S. to the BitTorrent trackers at Torrentbox.com and Podtropolis.com, which are operated by Isohunt. Isohunt elaborates, “This is due to the U.S.'s hostility towards P2P technologies, and we feel with our current lawsuit brought by the MPAA, we can no longer ensure your security and privacy in the U.S.” Isohunt, which only indexes the torrents posted at other trackers like The Pirate Bay or TorrentBox, then asked U.S.-based users to add and use other, unrestricted trackers in its search results.

DailyTech - Torrent Sites Blacklist North American Users

E-Bay Hacked

2007-09-27T07:10:00.001-07:00

Very early this morning, a malicious fraudster posted on the Trust & Safety forum on eBay.com posing as approximately 1,200 eBay users. The fraudster made these posts in a way that was intended to appear as though he logged in with their accounts. The posts contained name and contact information, which appears to be valid, and could have been secured as part of an account take over.

The posts ALSO appeared to contain credit card information -- however, these credit cards are not associated with financial information on file for these users at eBay or PayPal. We're in the process of reaching out by phone to these members to, so that if the information is valid somehow -- regardless how this fraudster acquired the information -- these members can take the steps they need to take to protect themselves.

http://www.ebaychatter.com/the_chatter/2007/09/trust-safety-fo.html
eBay - The Chatter - Trust & Safety forums issue this morning

http://it.slashdot.org/article.pl?sid=07/09/26/144210&from=rss
Slashdot | Ebay Hacked, User Info Posted

E-Bay Hacked

2007-09-26T16:52:00.001-07:00

Find Out If Your Computer Is Secretly Connecting to the Web

2007-09-23T03:28:00.001-07:00

* Type cmd in your Windows Run box.
* Type "netstat -b 5 > activity.txt" and press enter.
* After say 2 minutes, press Ctrl+C.
* Type "activity.txt" on the command line to open the log file in notepad (or your default text editor)

Windows: Find Out If Your Computer Is Secretly Connecting to the Web - Lifehacker

Fight the U.S., al Qaeda's Zawahri tells Muslims in video

2007-09-20T03:55:00.000-07:00

Fight the U.S., al Qaeda's Zawahri tells Muslims in video

Al Qaeda's second-in-command Ayman al-Zawahri called on Muslims to fight the United States and its allies around the world and praised the operations of Islamist militants in a new video released on Thursday.

Separately, an Islamist Web site said it would carry a new video from al Qaeda chief Osama bin Laden in which he declares war on Pakistani President Pervez Musharraf and Pakistan's army. It gave no details and the footage was not available immediately on the site that carried the news.

In a video made to mark the sixth anniversary of the September 11 attacks, Zawahri said: "Stand, o nation of Islam under the victorious banner of the Prophet ... and campaign against the crusader banner of (U.S. President George W.) Bush.

Fight the U.S., al Qaeda's Zawahri tells Muslims in video | U.S. | Reuters

Microsoft Offers $59.95 Office Ultimate 2007 to Students

2007-09-14T03:24:00.001-07:00

Microsoft gets generous with Office Ultimate 2007

When it comes to productivity suites, Microsoft's long-running Office almost always gets top billing. Sure, there are alternatives like OpenOffice and StarOffice available to consumers, but Office sets the standard.

The latest version of the software suite, Office 2007, was released to OEMs on November 30, 2006. Retail customers were able to take possession of the software on January 30, 2007.

DailyTech - Microsoft Offers $59.95 Office Ultimate 2007 to Students

Mystery SNAFU exposes email logins for 100 foreign embassies (and counting)

2007-09-10T06:17:00.000-07:00

Mystery SNAFU exposes email logins for 100 foreign embassies (and counting)

Underscoring a major susceptibility threatening thousands of high-profile computer users across the world, a Swedish security consultant has published login credentials belonging to some 100 embassies.

The list contains the login credentials for official email addresses belonging to some 100 foreign embassies from countries including Russia, India, Japan and Iran. They are used to conduct official, sometimes confidential business, from sending ambassadors' schedules to transmitting information relating to lost passports.

Mystery SNAFU exposes email logins for 100 foreign embassies (and counting) | The Register

Only for the strong of heart!

2007-09-09T10:19:00.000-07:00

You may have watched shows like SciFi’s Ghost Hunter, but you’ve never seen anything like this. Everything you’ve seen up to now is either faked, misinterpreted or worse. But this, obviously, is real. You just can’t fake something this terrifying! People laughed at John’s famous Ghost Car video claiming it was fake. But this is not even in the same league.

Beware. Only for the strong of heart! Don’t try this at home!

Dvorak Uncensored » Astounding Video PROOF Ghosts Exist!!!!

British police closed at least 11 Tesco supermarkets

2007-07-15T05:41:00.000-07:00

British police closed at least 11 Tesco supermarkets

British police closed at least 11 Tesco supermarkets across the country Saturday because of a security alert, authorities said.

The manager at a Tesco in Barrhead, near Glasgow, told Britain's Press Association that staff were sent home around 12:30 p.m. (1330 GMT) after a power failure. But an unidentified employee at a neighboring shop said police had told him there had been a bomb threat.

Police in Hertfordshire, where Britain's largest supermarket has its headquarters, said no one had been hurt and that the move was a precaution. Police did not immediately give further details.

"Police are investigating a series of incidents in a number of locations across the country involving Tesco stores," a Hertfordshire police spokeswoman said on condition of anonymity in line with force police. "These stores have been temporarily closed as a precaution for public safety."

FOXNews.com - Police Shut Down Tesco Supermarkets Across UK in Safety Alert - International News | News of the World | Middle East News | Europe News

Did ya know? It's Fair Use Day: July 11, 2007

2007-07-11T04:07:00.001-07:00

Did ya know? It's Fair Use Day: July 11, 2007

July 11, 2007, will mark the third-annual global "Fair Use Day," but chances are this is the first you've heard of it. Started back in 2005, "Fair Use Day" (project website) was created by Eric Clifford to raise awareness of the shifting balance in copyright laws around the world. Clifford acknowledges that Fair Use Day hasn't become the biggest advocacy day in existence, but perhaps the third time is the charm, as the Pirate Party of the United States has announced its support of the effort to raise awareness about copyright issues. As Clifford says, "Garbage had a day, taxes have a day, why not fair use?"

Did ya know? It's Fair Use Day: July 11, 2007

Security company launches eBay for bugs

2007-07-06T05:24:00.000-07:00

Security company launches eBay for bugs

WabiSabiLabi argues that the computer industry's ethical disclosure policies have led to a raw deal for security researchers, who typically are not paid for disclosing vulnerabilities. "Nobody in the pharmaceutical industry is blackmailing researchers (or the companies that are financing the research), to force them to release the results for free under an ethical disclosure policy," the WabiSabiLabi Web site states. Representatives from WabiSabiLabi could not immediately be reached for comment.

The company bills its marketplace as a way for "security researchers to get a fair price for their findings and ensure that they will no longer be forced to give them away for free or sell them to cybercriminals."

But to David Perry at Trend Micro, it looks like something else. "It's going to be eBay for vulnerabilities," he said.

http://www.networkworld.com/news/2007/070607-security-company-launches-ebay-for.html?fsrc=netflash-rss
Security company launches eBay for bugs - Network World

Security start-up Untangle goes open-source

2007-06-25T21:36:00.001-07:00

Making the software open-source will help elevate the company's profile among new customers, improve quality through better debugging, help translate the software into new languages, and attract new software modules, said Chief Executive Bob Walters.

"We feel we'll get further, faster," he said. "We are betting this company on open source."

Untangle was founded in 2003, and Walters took over in 2006. The San Mateo, Calif.-based company has 25 employees and gears its products chiefly for smaller companies with 250 or fewer employees. The company's software will be released Tuesday under version 2 of the General Public License (GPL).

Security start-up Untangle goes open-source | CNET News.com

DUAL BOOTING WINDOWS XP AND BT2

2007-06-20T22:42:00.000-07:00

Cool little tutorial I found surfing around the net:

DUAL BOOTING WINDOWS XP AND BT2

This method of dual booting will not require you to format the windows part of your hard drive and should not corrupt your current installation in anway. It also presumes that you have one partiton with Windows installed.

Insert the backtrack CD, boot up, log on as normal and 'startx'

Once you are at the desktop open up a terminal window and 'word for word' complete the following (it should take around 30 minutes to complete)

**This will repartition the empty space on your hard drive, so backup your Windows data if you are worried about losing it**

Anything in between the '&' signs are explanations of what you are doing and obviously should not be entered into the command.

If you have SATA hard drives then you will have ‘sda’ in place of ‘hda’ so edit the commands accordingly.

the rest can be found here:

How to dual boot Windows XP and backtrack2

AT&T launches $10 DSL it hopes no one signs up for

2007-06-19T16:11:00.000-07:00

This is cool...everyone sign up fast ...

AT&T launches $10 DSL it hopes no one signs up for

AT&T has quietly begun offering DSL service for $10 per month for new customers. Offered as part of the concessions the telecom made to the Federal Communications Commission in order to gain approval for its merger with BellSouth, the speed is nothing to get excited about: 768Kbps down and 128Kbps up.

AT&T launches $10 DSL it hopes no one signs up for

I got whacked by Wikipedia twice

2007-06-18T06:27:00.000-07:00

I got whacked by Wikipedia twice

I HAVE NOW had the rare distinction of being nominated for deletion from Wikipedia twice which probably isn't that rare, nor a record but is definitely a laugh.
It's all to the good and you know it makes snese. Don't go anyone try and save me this time, OK? I can take the pain because I don't exist.

I got whacked by Wikipedia twice

After the surge, US controls just 40 per cent of Baghdad

2007-06-17T18:16:00.000-07:00

After the surge, US controls just 40 per cent of Baghdad

Security forces in Baghdad have full control in only 40 per cent of the city five months into the Bush administration's surge to pacify the capital, a top US general said yesterday as troops began an offensive against two al-Qa'ida strongholds on the city's southern outskirts.

With the surge of tens of thousands of additional US troops into Iraq complete, Lieutenant General Raymond Odierno said American troops had launched the offensive in Baghdad's Arab Jabour and Salman Pac neighbourhoods at the weekend. It was the first time in three years that US soldiers had entered those areas, where al-Qa'ida militants build car bombs and launch Katyusha rockets at American bases and Shia Muslim neighbourhoods.

US commander in Iraq General David Petraeus said at a news conference with visiting US Defence Secretary Robert Gates that the operation would put troops into key al-Qa'ida-held areas around Baghdad.

After the surge, US controls just 40 per cent of Baghdad | Defence | The Australian

Beware of emails that claim to be Microsoft Security Bulletins

2007-06-09T11:47:00.000-07:00

The SANS Institute is warning of a Fake Microsoft Security Bulletin that leads to the installation of a malicious browser add-on.

Microsoft issues patches on a regular monthly schedule and information is always available from the Microsoft Security site at http://www.microsoft.com/security/. This provides links to the latest security bulletins and to Windows Update.

Beware of emails that claim to be Microsoft Security Bulletins from Ask Jack

U.S. to temporarily relax new passport rules

2007-06-08T07:26:00.000-07:00

U.S. to temporarily relax new passport rules

The Bush administration on Friday suspended some of its new, post-Sept. 11 requirements for traveling abroad, hoping to placate Congress and irate summer travelers whose vacations have been thwarted by delays in processing their passports.

The proposal would temporarily lift a requirement that U.S. passports be used for citizens flying to and from Canada, Mexico, the Caribbean and Bermuda.

U.S. halts new passport rules - U.S. Security - MSNBC.com

NASA contractors raise concerns about looming security checks on workers

2007-06-06T17:07:00.000-07:00

NASA contractors raise concerns about looming security checks on workers

Dennis Byrnes, a veteran engineer at NASA's Jet Propulsion Laboratory, fired off a 1,300-word letter to his congressman in April complaining of "unwarranted intrusion" into his life.

Byrnes was disturbed by a new government requirement that workers at JPL and other NASA centres undergo background checks to get access to buildings and computers.

"I have now been at JPL for nearly 30 years, have never been accused of a crime, nor have I committed any," wrote the 64-year-old chief engineer of flight dynamics.

Byrnes is among some three dozen JPL workers who contacted Capitol Hill in recent months protesting the new security checks. Congress is taking notice, with several legislators complaining to U.S. administration officials that the checks could violate people's privacy and drive away talented employees.

Three years after the 2001 terrorist attacks, President George W. Bush signed an executive order requiring government agencies to beef up security through a new badge system for millions of civil servants and contractors. The program includes the issuing of "smart cards," ID badges with a photograph and fingerprints digitally embedded.

myTELUS - News

Hackers Blamed For Data Breach That Compromised 300,000

2007-06-05T17:47:00.000-07:00

The FBI's investigation into a data breach that compromised sensitive information on 300,000 people in Illinois is pointing to an outside hacker.

A hacker broke into the computer network at the Illinois Department of Financial and Professional Regulation this past January and accessed a server that held information on about 1,200,000 people who have licenses or applied for licenses with the department. Susan Hofer, spokeswoman for the department, said in an interview that about a quarter of the stored information was compromised.

The server, according to Hofer, held sensitive information -- names, addresses, Social Security numbers -- on people who hold or have applied for loan origination licenses or for real estate broker and agent licenses. The server also was being used to test new software.

The FBI and the Illinois State Police are investigating.

"The investigation seems to be pointing away from it being an inside job," said Hofer. "The investigation is ongoing, though."

Hackers Blamed For Data Breach That Compromised 300,000 -- Data Theft -- InformationWeek

Crack WEP with aircrack + inject packets (WINDOWS)

2007-06-04T23:16:00.000-07:00

Came across this tutorial the other day written by .Transmit...for a first tutorial the guy has some really good lay-out skills...I realize there's a lot of WEP cracking tutorials out there but very few of them are as well laid out as this one.

You can check it out here:

Crack WEP with aircrack + inject packets (WINDOWS)

Browsers spawn malware nightmare

2007-06-04T03:43:00.000-07:00

This brings us to the current state of malware. Google recently released a paper entitled " The Ghost in the Browser: Analysis of Web-based Malware." Researched for more than 12 months through May 2007 by a crack team of malware analysts, including Niels Provos of Honeyd fame, this is one of the best malware reporting papers I've ever read. It's a quick read and should be studied by anyone who has to protect computers.

In a nutshell, Google used all the Web page data collected by the Google search engine in indexing Web sites to look for malicious code. They searched more than 7 billion URLs and found 450,000 of them infected with malware designed to infect visitors' browsers (about 0.06 percent). When a suspicious Web page was found, it was then loaded using a virtual machined honey client (such as a honeypot mimicking an end-user's browsing actions). They then recorded the changes the suspicious Web site made to the visiting honey client. If the Web site installed software without the explicit permission of the mimicked end-user, the site was marked as malicious. Some Web sites installed up to 50 malicious programs from a single visit.

Techworld.com - Browsers spawn malware nightmare

Google revamps Summer of Code for 2007

2007-06-03T15:21:00.000-07:00

Google's Summer of Code (SOC) will be back again this year, and this time, Google plans to take advantage of lessons learned to improve the program for everyone involved.

Now in its third year, SOC is a program that pays students to code for free and open source software (FOSS) projects. Since the program started in 2005, more than 1,000 students have participated in more than 100 projects, and perhaps 10 times that many have applied to participate. About 80% of participants completed their projects in the previous two years, earning themselves $4,500 and the projects that mentor them $500.

Read more...

Security pros work to undo teacher's conviction

2007-06-03T15:20:00.000-07:00

Researchers led by the head of a Florida anti-spyware firm aim to recreate what caused a Connecticut school's classroom computer to start displaying pornographic pop-ups in October 2004, an incident that recently led to four felony convictions for the substitute teacher involved.
On January 5, a six-person jury found former Kelly Middle School substitute teacher Julie Amero guilty of four counts of risk of injury to a minor. The charges stem from an October 19, 2004 incident when the computer in the classroom in which Amero was teaching started displaying pornographic pop-up advertisements. Prosecutors argued that Amero surfed porn sites while in class, causing the pop-up advertisements, while the former teacher's defense attorney argued that spyware installed from a hairstyling Web site caused the deluge of digital smut.
more....

Hardware Versus Software Firewalls

2007-06-03T15:15:00.000-07:00

According to estimates, an unprotected Windows computer system connected to the Internet could be compromised within twelve minutes. In light of this, the need for computer security has expanded in the last few years. Today, it is just as necessary for home users to secure personal computers as it is for businesses to secure office computers. In order to gain security benefits like those many businesses possess, home network security often utilizes the same models. The difference, however, has been that most home users do not have the financial resources for top of the line security equipment. This has led many home users to begin using security tools such as freeware firewalls and over-the-counter hardware firewall solutions.

Read more...