Running a little late on the book but trying to push through to get it done. Might not be many updates to the blog this coming week.

Here is the list:

New resource for Reverse Engineering – Something to check out.

dELTA wrote to tell us about the release of “The Collaborative RCE Tool Library” which he explains as:
“In very few words, the design goal of this project is to leverage the advantages of the wiki architecture, where everybody can contribute, while at the same time ditching all the disadvantages of the wiki architecture, add just enough moderation, and finally bring the world one step closer to the nirvana of the semantic web.”

http://www.woodmann.com/collaborative/tools

The site is very cool and worth checking out. We’re also looking forward to the library of infosec tools that he says is going to be his project for 2008.

Ethical Conflict in the Webappsec Domain – Would you consider this a case of “the best defense is a good offense” or just a bad idea?

yes, folks… robert hansen (aka rsnake), the founder and ceo of sectheory, felt it would be a good idea to hold a contest to see who could create the smallest xss worm… ok, so there’s no money changing hands this time, but that doesn’t mean the winner isn’t getting rewarded – there are absolutely rewards to be had for the winner of a contest like this and that’s a big problem because lots of people want rewards and this kind of contest will make people think about and create xss worms when they wouldn’t have before…

dumpcrack1.2.py.txt – New version of the dumpcrack utility has been released.

dumpcrack is a utility that will take in a list of MD5 checksums from a database dump and attempts to crack them using a wordlist or milw0rm’s database.

Your InfoSec Dream Job? – I think I may have to participate in this little experiment 🙂

Assuming you were going to stay in the “Information Security” industry, what would you do if you could pack up your office tomorrow and move into shiny new digs in your dream job? What would that be? With whom? Doing what?

New articles from the SANS Information Security Reading Room:

• Web Based Attacks
• Analysis of a Browser Exploitation Attempt
• Configuring and Tuning Cisco CS-MARS
• Exploitation Kits Revealed – Mpack

Privacy: Comedian Tom Green Reveals Internals of House through Published Camera Test – I still remember the time I had the opportunity to push him down the stairs while drinking in a bar in Ottawa. One of my biggest regrets was not going through with it 😉

Here’s where we get to the fine line of privacy and what is considered private. Many people consider the inside of their home to be a private space. In fact in the US we often question the extent to which the law can or cannot dictate the actions we do in our homes. So is intentionally publishing this video a leakage of data? My vote is ‘Yes’ because the intent of the video was to demonstrate the wireless capabilities, not an internal view of his house. I admit that both sides may be argued convincingly.

chkrootkit-0.48.tar.gz – New version of chrootkit released.

This version includes new tests: common SSH brute force scanners, suspicious PHP files; enhanced tests: login, netstat, top, backdoor; and some minor bug fixes

The Case of the Missing AutoPlay – This was a cool and very informative post. I suggest you take a read through.

I’ve been presenting talks on Windows Vista kernel changes since TechEd US in the summer of 2006 and one of the features I cover in the session is ReadyBoost, a write-through disk caching technology that can potentially improve system performance by leveraging flash media as a disk cache. I explain ReadyBoost in depth in my TechNet Magazine article, “Inside the Windows Vista Kernel: Part 2”, but the basic idea is that, since flash has significantly better random access latency than disk, ReadyBoost intercepts disk accesses and directs random-access reads to its cache when the cache holds the data, but sends sequential access to directly to the disk. During my presentation, I insert a USB key, whereupon Windows displays an AutoPlay dialog that includes an option to configure the device for ReadyBoost caching…

Top 10 security headlines of 2007 – Good reference in case you need to put a presentation together on past threats.

IT professionals worried about new attack techniques in 2007 as well as potential data breaches and the growing likelihood that their most valuable security tools would pass from the management of one vendor to another. Here is an unscientific look at what we considered the biggest stories of 2007…

Unrealistic Uber-Hackers now portrayed as murders – I’ll probably go see the movie but the technology behind it couldn’t be as bad as the movie Hackers. On a side note I do believe that Hollywood is starting to hire better consultants to inject some “reality” into the technology that they’re trying to convey in their movies. The real question is…how does one get a gig like that? 🙂

The movie Untraceable is hinged upon a computer savvy hacker who murders people online using technology. Watch the trailer below for multiple “hacker” and cyber-crime references. It’s my belief that the evil computer hacker character is a trend we will see continue to multiply in frequency within Hollywood films however unrealistic.

openstego-0.3.0.zip – A new version of openstego has been released.

OpenStego v0.3.0 includes support for password-based encryption of the data. GUI also includes the corresponding changes. OpenStego is now more or less complete. Main thing remaining is addition of support for other file formats like JPG, BMP.

now….back to the book 🙂