Geek Bazaar

Deputy Director of Homeland Security, Dr. Kenneth Shoto today announces a
call to cyber-ninjas everywhere to sign up for his annual fight-to-the-death
qualifying competition for the Defcon Capture the Flag (CtF) contest. The
qualifying competition will start at 10PM on Friday, May 30th and end at
10PM on Sunday, June 1st.

More here… http://kenshoto.com/

Hail to ubersmart packager, who thinks to know cryptography…
http://it.slashdot.org/it/08/05/13/1533212.shtml
“Debian package maintainers tend to very often modify the source code of the package they are maintaining so that it better fits into the distribution itself. However, most of the time, their changes are not sent back to upstream for validation, which might cause some tension between upstream developers and Debian packagers. Today, a critical security advisory has been released: a Debian packager modified the source code of OpenSSL back in 2006 so as to remove the seeding of OpenSSL random number generator, which in turns makes cryptographic key material generated on a Debian system guessable. The solution? Upgrade OpenSSL and re-generate all your SSH and SSL keys. This problem not only affects Debian, but also all its derivatives, such as Ubuntu.”

Remove RNG seeding! WTF was he thinking!

If you want a super-light laptop, you have to pay for it, and you have to use Windows. That’s been the (frustrating) conventional wisdom—at least until late last year, when the Taiwanese company Asus rolled out the Eee PC (pronounced as though it were a single long “e”), a two-pound, seven-inch laptop starting at a mere $300. The tradeoff: It comes with just two to eight gigabytes of flash memory instead of a conventional, larger hard drive, and a simplified Linux operating system that essentially is usable only for e-mail, Web browsing and typing.

<edit> forgot to mention that Logicpass is advertising it on Bay Radio (2Gb Model €385 (€323.40 with Government subsidy) weighs in less than 1Kg

Source

Take a look at this demo called Phun — damn, I wish we had these learning tools when I was doing my O-level. By the way its a free download… physics lessons the best way possible!

SecurityFocus has an interesting article about SoBe, a juvenile who operated a botnet together with some others.

here

New Security Device Creates 10Mbps Connection by Using Body’s Aura

Japanese firm NTT has introduced a new security access system called Firmo, that can automatically create a 10Mbps connection between a portable device held on the user and a touch panel by using the body’s natural electromagnetic energy.

The system takes advantage of a weak, naturally-occurring electric field around the body. The name is short for “fairy motion” because of the aura that surrounds Tinkerbell. Although it uses ham radio frequencies, it is designed not to interfere.

It also works through clothing and shoes, but never actually penetrates the body. NTT says it offers better security over current access cards that can allow entrance to intruders many meters away by using a signal whose range is several centimeters.

Source…

Was checking out one of the latest advisories released by CoreLabs about Wonderware Suitelink DoS attack. This software:

“one third of the world’s plants run Wonderware software solutions. Having sold more than 500,000 software licenses in over 100,000 plants worldwide, Wonderware has customers in virtually every global industry - including Oil & Gas, Food & Beverage, Utilities, Pharmaceuticals, Electronics, Metals, Automotive and more”.

Some funny scary parts of this advisory:

• 2008-03-03: Core sends proof-of-concept code written in Python.
• 2008-03-05: Vendor asks for compiler tools required to use the PoC code.
• 2008-03-05: Core sends a link to http://www.python.org where a Python interpreter can be downloaded.

If you carry on looking at the advisory you’ll notice that the CoreLabs guys had quite a tough time on this one. Bet the tobacco and caffeine industries made quite a buck out of this as usual

Free download from Mr. Trent himself

There’s low quality mp3s and high quality wave files, FLAC and m4a formats, 100% DRM free. How’s that for breakfast?

Whoever said geeks can’t be sexy ???

Check out the article entitled 12 Reasons Why a Geek Will Steal Your Girlfriend in 2008

It got some media coverage on Dark Reading - house of hackers is an interesting idea by the GNUCITIZEN people. We’ll see how that goes …

http://conference.hitb.org/hitbsecconf2008dubai/materials/

The New Scientist has an article on the title above. With regards twitter - these two sites do very interesting stuff:

TweetStats

TwittEarth

I’m sure you got more .. so please post :-p

The sort of thing I really feel like playing atm !

Facebreakers

for the young at heart, and the rest who have soldering super powers

looks a bit pathetic IMHO.

btw guys .. how about we compile a list of “hacker” films / movies? Maybe list non-Hollywood ones as well. I previously enjoyed the german film 23.

Could also categorize them ..