This software helps you add a little more security to your desktop. It does so by detecting one of your bluetooth devices, most likely your mobile phone, and keeping track of its distance. If you move away from your computer and the distance is above a certain level (no measurement in meters is possible) for a given time, it automatically locks your desktop (or starts any other shell command you want).

On a related note, Iran has recently announced plans to move to trade oil with the Euro rather than the US dollar, which will cause further devaluing of the greenback. Saddam Hussein was in the process of doing the same before the US invasion, a decision reversed by the occupying force.

Some are interpreting this as signs of an “info war” […]

There’s also a Wikipedia page.

Russia has long had a strong system of math and science education, and until the relatively recent upturn in the economy, the multitudes of whiz kids who graduated from its schools often had poor job prospects.

At the same time, they were entering a society that for decades had built up a deep skepticism about the virtues of following the rules. Under Communism, the thicket of strictures that governed almost every aspect of life was considered so inane that only fools were thought to abide by them.

[…] One result was that corruption was rampant in Soviet times, and has endured, if not gotten worse.

About 140 foreign intelligence organizations are trying to hack into the computer networks of the U.S. government and U.S. companies, a top counterintelligence official said.

The nation’s electronic systems are too easy to hack, and the number of world-class hackers is “multiplying at bewildering speed,” he said at a symposium on cyber security Friday.

That, he said, has transformed the nature of counterintelligence: “If you can exfiltrate massive amounts of information electronically from the comfort of your own office on another continent, why incur the expense and risk of running a traditional espionage operation?”

An Nmap port scan is a common prelude to an intrusion attempt — a way of casing the joint, to find out if any vulnerable service are running.

That’s exactly how the fictional Trinity uses it. In a sequence that flashes on screen for a few scant seconds, the green phosphor text of Trinity’s computer clearly shows Nmap being run against the IP address 10.2.2.2, and finding an open port number 22, correctly identified as the SSH service used to log into computers remotely.

“I was definitely pretty excited when I saw it,” says “Fyodor,” the 25-year-old author of Nmap. “I think compared to previous movies that had any kind of hacking content, you could generally assume it’s going to be some kind of stupid 3D graphics show.”

Here’s an image of the scene.

Worms like Storm are written by hackers looking for profit, and they’re different. These worms spread more subtly, without making noise. Symptoms don’t appear immediately, and an infected computer can sit dormant for a long time. If it were a disease, it would be more like syphilis, whose symptoms may be mild or disappear altogether, but which will eventually come back years later and eat your brain.

This part is really scary.

We simply don’t know how to stop Storm, except to find the people controlling it and arrest them.

Unfortunately we have no idea who controls Storm, although there’s some speculation that they’re Russian. The programmers are obviously very skilled, and they’re continuing to work on their creation.

Oddly enough, Storm isn’t doing much, so far, except gathering strength.

The multi-platform password cracker Ophcrack is incredibly fast. How fast? It can crack the password “Fgpyyih804423” in 160 seconds. Most people would consider that password fairly secure.

This post is a nice introduction to the concept of “rainbow tables” and that they mean to security.

FBI agents trying to track the source of e-mailed bomb threats against a Washington high school last month sent the suspect a secret surveillance program designed to surreptitiously monitor him and report back to a government server, according to an FBI affidavit obtained by Wired News.

The court filing offers the first public glimpse into the bureau’s long-suspected spyware capability, in which the FBI adopts techniques more common to online criminals.

This morning we received a note to our security mailing address about unusual and highly exploitable code in WordPress. The issue was investigated, and it appeared that the 2.1.1 download had been modified from its original code. We took the website down immediately to investigate what happened.

It was determined that a cracker had gained user-level access to one of the servers that powers wordpress.org, and had used that access to modify the download file.

We knew of someone who had a directory on their site filled with the install files and license keys of all their software so it would be easy to find. In a cursory nod to security, they put a "disallow" rule for this folder in their robots.txt file to ensure it wasn't indexed. However, in doing this, they simply provided a handy record in a standardized location for anyone who was looking for something they were trying to hide.

How often does this happen, I wonder, and what does your robots.txt file reveal about your site? Yes, you can prevent search engines from indexing something (those that respect the file, anyway), but you're also announcing to the world that there's something there you don't want anyone poking around in. (Remember when the White House tried this?). You may as well put out a "Start Hacking Here" sign.

If you have a secure area on your site, perhaps you'd do better with META tags?

<meta name="robots" content="noindex"/>

Same effect, but the "don't index me" command is embedded in the page itself, which means you have to find it first.

Perhaps we should all go check our robots.txt files right now to see if there's anything incriminating in them? Mine's cool.

But there's a completely simple way to defeat them, based on the fact that a keylogger doesn't know where on the page the focus is when you're typing -- it has no context, it just has what is typed.

So, next time you login from a public internet terminal or somewhere else you want to make sure your keystrokes aren't being logged, do this --

Put the focus on the password field, and type one character. Then click somewhere else on the page -- open Notepad if you have to -- and type a bunch of random characters. Then, click back in the password field, and type another character. Repeat until your password is complete.

Extremely simple, extremely effective. Without the context of where the focus was when you were typing, the resulting string of characters is useless.

From this report at Alta Vista Security Group. Via Metafilter.

/phpgwapi/setup/tables_update.inc.php?appdir=[deleted]

"phpgwapi" is an open source groupware toolkit. It must have a recorded exploit, because the deleted part was a URL that someone was trying to get phpgwapi to remotely include and execute.

I visited the URL and found an unparsed PHP page called "Defacing Tool Pro 3.0," part of which is screencapped above (remember that it wasn't parsed or executed, so there's some random PHP code scattered around up there).

This baby has everything you could ever need to deface a Web site, including the ability to manipulate the file system, run interactive PHP, send arbitrary code through POST and GET, try common URLs for database administration tools, etc. Essentially, if you can get this to run on someone's machine, it's a control panel using which you can really screw with their Web site.

Today, pedophiles go online to seek tips for getting near children -- at camps, through foster care, at community gatherings and at countless other events. They swap stories about day-to-day encounters with minors. And they make use of technology to help take their arguments to others, like sharing online a printable booklet to be distributed to children that extols the benefits of sex with adults.

And at the risk of just trying to freak people out, this part made me a little ill:

[...] elsewhere in cyberspace, the second group celebrated the news that one of their own had been offered a job leading a boys’ cabin at a sleep-away camp.

But participants in the conversation did not focus on the work. "Hope you see some naked boys in your cabin," a man calling himself PPC responded. "And good luck while restraining yourself from doing anything."

By installing software keystroke loggers on the PCs that belonged to the bank personnel responsible for wire transfers over the SWIFT (Society for Worldwide Interbank Financial Telecommunication) network, the thieves captured credentials that were then used to transfer 220 million pounds (call it half-a-billion dollars).

Apparently, Sumitomo Mitsui now superglues their keyboards into the machines.

Bob, who has a cube across the hall, is the DBA. He could get in there, but how do you get his password? Your network is monitored and audited pretty closely. You can't do anything to steal his password "on the network" which might get logged and would be traceable to you.

Enter this little device:

This USB keyboard logger has a huge 2MB or 4MB memory capacity, organized into an advanced flash file system. Super fast data retrieve is achieved by switching into pendrive mode for download. Completely invisible for computer operation...

It comes in USB and PS/2 models and costs less than $100. (No link, lest I be accused of encouraging this. You can find these things easily enough if you want to.)

One night, you work late, then you unplug his keyboard, plug this device into his computer, then plug his keyboard into the device. His computer is way under his desk, so he'll never see it. You retrieve the device the next evening and download all his keyboard input for the entire day from the internal Flash memory. It wouldn't be hard to pick out his password, and now you're him.

This is unlike a software keyboard logger because there's no evidence left behind. No process that runs in the background, no need to install anything on his machine, etc. It's like stabbing someone with an icicle -- no evidence gets left behind.

All you security types out there -- how do you defend against this? Do they sell encrypting keyboards, which encrypt data sent down the keyboard cable and decrypt it on the machine?