Category: hacking

Development, hackingLeave a comment

MySQL Setup On OS X 10.5x – The Missing Procedures

SysRisk

This posting is basically to document the procedure for setup, so others do not have to go through the ordeal that I went through. I am not sure why more explicit instructions are available , since when I Googled for the run-time errors that were produced as a result of using the MySQL DMG package, there were a myriad of comment postings and forum postings but very few solution. First, download the DMG package and the tar file (both) from MySQL download site. DO NOT INSTALL THE DMG INSTALL PACKAGE. Unpack the tarball and move to /usr/local/yourMySQLVersionFolder (<-substitute with your … Continue reading MySQL Setup On OS X 10.5x – The Missing Procedures

Cybersecurity, hacking, SocialLeave a comment

Twitter Phishing Rampant – Today’s Flavor

SysRisk

The Twitter buzz (<- that’s funny) this morning were a bunch of postings about a phishing direct mail that would include a link which included a link to bzpharma.net (don’t click here if my blog software automatically links!!). When the end-user goes to the site, malicious software is executed that retrieves the user’s Twitter password, then spam direct messages all of their followers. Nasty and too bad. I have grown to like Twitter and other similar services as yet another networking medium. After seeing several hundred tweets (I’m up to 700-plus followers on @sysrisk), lo and behold, I received one … Continue reading Twitter Phishing Rampant – Today’s Flavor

Electronics, hackingLeave a comment

Old Ham Radio Movie – A video documentary gives a glimpse of history in ham radio.

SysRisk

This movie appeared on the MAKE page a couple weeks ago and I finally got around to watching all the way through. It’s a good watch and intriguing to see how tinkering is as old as humankind!! Check it out some time. 73 JG1FSZ/NH2GX Continue reading Old Ham Radio Movie – A video documentary gives a glimpse of history in ham radio.

Electronics, hackingLeave a comment

Tinkering In The Shack – Looking at Allstar Link

SysRisk

I spent a couple of hours today researching/working on an APRS setup. Came very close but no cigar… need to make a quick trip into Akihabara tomorrow to pickup some connector components and solder them together. THEN, I will finally have an APRS (packet radio) node going with GPS output. The cool thing about this technology, however, is that it’s not just GPS information, it’s not just weather information, but it can relay just about any information as long as it fits in the designated payload. Started thinking about hooking up an APRS-enabled transmitter with weather to a high-powered sub-orbit … Continue reading Tinkering In The Shack – Looking at Allstar Link

Cybersecurity, hackingLeave a comment

iPhone Security Becomes Topic At BlackHat

SysRisk

Too bad I wasn’t there right at the close of the presentation yesterday, but these days I can afford not to ride a plane 13 hours to Washington D.C. At work we performed some in-house reviews of iphone security about two years ago, accepting some risks over functionality. However, three different channels of information through personal contacts, web browsing, and work relationships have raised a flag about this research being performed on iphone security. The findings revealed in the papers dispute two tenets of iphone security that have been repeated throughout the past couple years: 1) sandboxing applications so that … Continue reading iPhone Security Becomes Topic At BlackHat

Cybersecurity, Governance, Risk, and Compliance, hacking, SocialLeave a comment

Facebook As Biggest Security Threat

SysRisk

Yes, I know… ‘Another Network World article’, you say. Yes, because lately they have been hitting trends fairly accurately…. read on!This article outlines a Sophos survey of businesses that  ranks Facebook as the biggest threat simply (at 60% surveyed) because it has become the biggest social network, followed by MySpace (t 18%, then Twitter at17%. Well, I tend to agree with that reasoning, but think the threat is somewhat limited on a couple of levels. In more secure environments in the financial industry, we have seen much broader implementation of Websense that keeps employees out of such sites through filtering … Continue reading Facebook As Biggest Security Threat

hackingLeave a comment

Helicopter Project – Eye In The Sky

SysRisk

This posting has nothing to do with security, but everything to do with electronics and building devices. If you’re looking for a fun personal project, read on! Helicopter flying skills required.A couple weeks ago, a friend called and said he was driving into Akihabara, Tokyo, and asked if I wanted to join for the ride. Akihabara is known as the ‘electric town’ within the Tokyo metropolis. In Aki (as we call it, short for Akihabara) you can find everything from good deals on normal consumer electronics to PIC micro controllers, components, and anything else, including toy guns, dolls, and English … Continue reading Helicopter Project – Eye In The Sky

hackingLeave a comment

God Mode – The Only Way To Admin Windows

SysRisk

Now people with alternative intentions in mind can get a promotion beyond administrator and become…. won’t say it to stay on good terms with …. This ZDNet Japanese article was released late last night, so don’t know if the English press caught on yet or not – here is the synopsis. In a nutshell, if you create a directory in Windows XP, Vista, and Win7 and name it “GodMode.{ED7BA470-8E54-465E-825C-99712043E01C}” without the quotes, then open that folder, all of the control panel, system admin tools, and everything you need to take control of a locked down system becomes available. We’ve tried … Continue reading God Mode – The Only Way To Admin Windows

Cybersecurity, hackingLeave a comment

Ubiquitous Security – 2010 Brings Focus To Mobile Issues

SysRisk

It’s no secret that I have been focusing on wireless security issues over the past two years, and I have been very vocal about how ‘wireless’ is not limited to wireless LAN. We are approaching a turning point where securing organizations will require even more emphasis on ID management and access control to establish accountability for effective monitoring, thereby establishing metrics based upon and sound measurement processes. Overall, the future challenge for governance will move from writing policy and pushing paper to sound statistical analysis (see more at securitymetrics.org), intricate log analysis, and stronger technical skills among security professionals. Introduction … Continue reading Ubiquitous Security – 2010 Brings Focus To Mobile Issues

Cybersecurity, hackingLeave a comment

German Researcher Cracks GSM Codes – Offensive Security Research Illegal?

SysRisk

This is big news, and falls in line with mobile security research to be executed during the first part of 2010. A German researcher has made eavesdropping on GSM phone conversations post-facto (not real time) as easy as a beefy computer and $3,000 of radio equipment. The key to all of this, however, is the code book that this German researcher has access to. Karsten Nohl, the German scientist, made his presentation available here. The beefy computer is to crack the GSM codes and create the lookup table. The radio equipment is for tracking the spread spectrum signal.The most interesting … Continue reading German Researcher Cracks GSM Codes – Offensive Security Research Illegal?