Operation n

It looks like everyone is jumping on the home router attacks bandwagon. Zulfikar Ramzan restates his definition of drive-by pharming where it “It allows attackers to create a Web page that, simply when viewed, results in substantive configuration changes to your home broadband router or wireless access point.” There are some examples in there including attacks against the standard router used in Mexico. A combination of flaws in the router allow the reconfiguration of the router to point to a rogue DNS server, which can point to a popular/trusted website to an ip address of host of an attacker. All this comes with the recent findings that the BT home hubs had an authentication bypass vulnerability (requiring an user to click a malicious link) found by gnucitizen.

This highlights the need to be very weary off anything you can get free. Public terminals at Heathrow airport allowed attackers to install software (keyloggers, backdoors, trojans, etc). RedOracle were informed by an Italian hacker (prego) and passed it on to the terminals’ owners, Spectrum Interactive. They have provided full information advisory.

Anyone that is perceived in a bad way or are controversial in the public eye are more liable to attacked than anybody else. This is commonly known as ‘Hacktivism’.This is the case with both the RIAA and Church of Scientology. It doesn’t help that was a lack of security controls on the RIAA website, which allowed attackers to use SQL injection to wipe data off their website.

I’m looking for an artist or artists among you who want to get involved in the Michael Daw hacker cartoons. Let me know.

UK government have been trying to revamp computer crime laws. There are a number of issues discussed at theregister. One of which relates to the provision to ban development, ownership and distribution of “hacker tools”. But what are hacker tools? An example of a tool is a password recovery tool (good), which also happens to be also called password crackers (evil). As you can see hacker tools are a media. These tools are devices that can be used for good or evil. Examples include television and newspaper and of course money. As they say “money is root of all evil”. UK government at this stage don’t seem to be differentiating both angles, which has has caused some sharp criticism in industry.