Geek Bazaar

erm.

here

Wired is running a article and a video on Christopher Tarnovsky’s mad skills.

Seems like the waterfront website’s been hit with the SQL injection attacks that have been going around lately. Back in July 2007 we had reported the same website being defaced by some Turkish hacker group. Then later on there were other defacements, but we didn’t bother typing that one out. And finally poop hits the fan

Some complaints from a local forum here. Thanks to mr zero6 for the heads up.

I checked exploited flash files and  bug exloited (BugTraq ID:29386)  will attempt to download real malware to C:\6123t.exe and uses for it urlmon.dll

So Users of GFI WebMonitor 4 should be protected in most cases.

Good info about this vol. is at this blog: http://ddanchev.blogspot.com

It’s called Lion King 800, comes from China, has the 3D surround sound, TV and a camera, contains three sim and remains on stand-by one year. A dream phone for about 150 euros. But there’s a catch. The material with which it is built is not tested. The batteries can burst because they have a power ten times higher than standard. The police post has seized sixty from a merchant in Bordighera.

http://genova.repubblica.it/multimedia/home/2273906?ref=rephpsp5

This site is hosted with a provider called HostGator. This morning I got an email from them that was caught as spam since it looked like a phishing email, asking me to change my password. However it looks very legitimate . Take a look at the forum post to see why they are changing everyone’s passwords. There’s a hell lot of reasons .. so next thing, I’m changing this password.

Desktop 3D printers would be sweet

If you’re using Gmail a lot for work, you might realize how powerful the “archive” feature is. It takes existing emails out of your sight but keeps them there for later use. I also use the labels extensively together with the filters to automatically distinguish those email that come from some mailing lists from the emails that actually matter. If you’re not using all this, then you probably should.

If you are using these features, then GTDinbox seems to be the next best thing to try It makes it easier to sort out your stuff by applying a bit of the GTD (getting thing done) magic with Gmail, effectively turning it into a working machine rather than just an email service.

So for the next hour I’ll be sorting out my inbox and replying to those emails that i missed :-p
More can be found at GTDInbox.

From here:

“Of interest are any and all techniques to enable user and/or root level access to both fixed (PC) or mobile computing platforms. Robust methodologies to enable access to any and all operating systems, patch levels, applications and hardware are of interest. Also, we are interested in technology to provide the capability to maintain an active presence within the adversaries’ information infrastructure completely undetected. Of interest are any and all techniques to enable stealth and persistence capabilities on an adversaries infrastructure. This could be a combination of hardware and/or software focused development efforts.”

What do I do?
: Carry your towel with you throughout the day to show your participation and mourning.
When do I do it?
: May 25th.
Where do I do it?
: Everywhere.
Why a towel?
: Read here.

Seems like parallel programming is getting practical now. With 240 stream processors coming in new graphics cards… seems like programmers should start looking in this niche  programming as well.

More details: http://cudacontest.nvidia.com/index.cfm?action=contest.contest&contestid=2

If you are a security professional, it is about time that you start telling your bosses about the dangers of leaving teapots (and other shiny objects) lying around the office. Three students at the University of Saarland have released a paper detailing these attacks. El Reg coverage here.

Drawing taken from Natalie Dee. Funky doodles btw

http://www.slipperybrick.com/2008/05/iphone-runs-windows-vista-kinda/

Super Pii Pii Brothers of Japan have breached the gender barrier by introducing a new video game that allows anyone to strap on and control a never ending stream of urine with your Wii remote control.

Confused whether you’re gonna get a Wii or PS3? This will help you decide

Deputy Director of Homeland Security, Dr. Kenneth Shoto today announces a
call to cyber-ninjas everywhere to sign up for his annual fight-to-the-death
qualifying competition for the Defcon Capture the Flag (CtF) contest. The
qualifying competition will start at 10PM on Friday, May 30th and end at
10PM on Sunday, June 1st.

More here… http://kenshoto.com/

Hail to ubersmart packager, who thinks to know cryptography…
http://it.slashdot.org/it/08/05/13/1533212.shtml
“Debian package maintainers tend to very often modify the source code of the package they are maintaining so that it better fits into the distribution itself. However, most of the time, their changes are not sent back to upstream for validation, which might cause some tension between upstream developers and Debian packagers. Today, a critical security advisory has been released: a Debian packager modified the source code of OpenSSL back in 2006 so as to remove the seeding of OpenSSL random number generator, which in turns makes cryptographic key material generated on a Debian system guessable. The solution? Upgrade OpenSSL and re-generate all your SSH and SSL keys. This problem not only affects Debian, but also all its derivatives, such as Ubuntu.”

Remove RNG seeding! WTF was he thinking!

If you want a super-light laptop, you have to pay for it, and you have to use Windows. That’s been the (frustrating) conventional wisdom—at least until late last year, when the Taiwanese company Asus rolled out the Eee PC (pronounced as though it were a single long “e”), a two-pound, seven-inch laptop starting at a mere $300. The tradeoff: It comes with just two to eight gigabytes of flash memory instead of a conventional, larger hard drive, and a simplified Linux operating system that essentially is usable only for e-mail, Web browsing and typing.

<edit> forgot to mention that Logicpass is advertising it on Bay Radio (2Gb Model €385 (€323.40 with Government subsidy) weighs in less than 1Kg

Source