Thu, 10 Mar 2005
Duelling Banjos. But With cars. And no Banjos.
Walking around the back-streets near Oxford Street at night you often see
strange things but I saw one this week that gave me a chuckle. The first
car pulls up to the traffic lights, it's a shiny maroon Jaguar XK8 with
a white-guy decked out in gold sitting at the wheel. His head is bobbing
up and down and you can feel the base of Zed Bias "Neighbourhood", a
garage track that used to be very popular as a between song filler, from
across the street.
Suddenly the beat starts to feel subdued as you notice something else on the periphery of your hearing, an old white guy pulls up to the lights in a beaten up old Ford Escort and all you can hear is the conclusion of Tchaikovsky's 1812 being blasted out over who knows how much money worth of speakers. At least the young white guy had the sense to look embarrassed. I love this city.
Like this post? - Digg Me! | Add to del.icio.us! | reddit this!
Posted: 2005/03/10 21:18 | /nottech | Permanent link to this entry | This entry and same date
Easy Way to Collect Viruses
If you ever want to collect a cross-section of the more common Windows
email viruses then I've got a tip for you. Post a job advert on a couple of
the bigger jobsites (Jobserve, Monster etc.) and then wait a day for the
agents to start submitting CVs. Reply to them saying no thanks so you get
added to their local address books and then watch as every variant of
Bagel, Klez and all the other little bits of shite come flooding in to your
inbox. On the ironic side it does point out where to apply for if you're
after desktop support jobs :)
Like this post? - Digg Me! | Add to del.icio.us! | reddit this!
Posted: 2005/03/10 20:44 | /misctech | Permanent link to this entry | This entry and same date
Address Book Phishing and Information Leakage
Firstly let's define Phishing,
"The act of sending an e-mail to a user falsely claiming to be an
established legitimate enterprise in an attempt to scam the user into
surrendering private information that will be used for identity
theft." While most phishing attacks are done over the web consider
how they could be tailored to abuse email and local address books.
Lets consider a scenario, a non-technical (and busy) receptionist or assistant (Alice) sends a number of email's from her pet executive to certain people outside the company. Assume an accountant, insurance broker and some other highly paid but pointless consultant, you probably have about six names in your head right now :) For the sake of this example they are all public members of the company (AGM meetings, stockholders or even just pages showing previous customers).
The villain of our story, the dastardly Bob, purchases a domain similar to the one used by one of our external parties, Carol. He then sends an email to Alice (getting the name of the financial controllers PA isn't that hard...) from this dodgy domain with the name looking pretty much identical to Carols. Maybe an i is a 1 or something similar but awkward to notice. Bob then either plays it safe and just asks an innocuous question just to get a reply (wait for it :)) or tries to social engineer his way into having Carols original details removed. This is risky but makes the attack a lot more successful.
One day Alice takes some notes, types them in, cleans them up and then sends them to the external parties, including Carol. Since Alice has a nice, shiny and helpful mail client it added the address (which was received and replied to) to it's personal address book and offers it to her when she types in Car. In some cases it'll even hide the ones offered by the global address-book and allow you to get even nastier. The auto-complete will pop-up and most people will either select the top option out of habit or not even notice that their were multiple entries, muscle memory is a wonderful thing once you know how to exploit it.
Is this likely? Not really, it involves a lot of work for a difficult to execute attack. Could the local address book fiddling be added to an existing worm or malware to make it even worse? Quite easily. Still it was fun to think through; it's nice to be the (theoretical) attacker now and again.
Like this post? - Digg Me! | Add to del.icio.us! | reddit this!
Posted: 2005/03/10 20:37 | /security | Permanent link to this entry | This entry and same date
BT Eats Radianz Whole
You've probably seen it all over the news but Radianz has been
bought! For those that don't know of it, the Radianz network is an
extranet of financial institutions, it provides a fully redundant
infrastructure (if you want to join you are required to have dual lines
connecting you; each line has to be from a different approved supplier).
It's used for accessing financial applications where the unpredictable
nature of the Internet makes it undesirable but the commodity status of
it's applications and protocols make it the best alternative.
Radianz let you connect to their network and then provide all the infrastructure that net-users take for granted. It's basically a self contained Internet full of banks, insurance companies and financial institutes. BT buying them is interesting because it gives them control over a pretty locked in and wealthy market. I've dealt with a couple of Radianz people in the past and they were pretty clued up. For the sake of the UK job market lets hope BT don't start laying off techs...
Like this post? - Digg Me! | Add to del.icio.us! | reddit this!
Posted: 2005/03/10 19:53 | /misctech | Permanent link to this entry | This entry and same date
Copyright © 2000-2010 Dean Wilson
