Geek Bazaar

Hackers, errrm, security researchers compete whose dick is bigger…
This time publicly, winner gets a blue rosette ribbon.
More here.

This site is hosted with a provider called HostGator. This morning I got an email from them that was caught as spam since it looked like a phishing email, asking me to change my password. However it looks very legitimate . Take a look at the forum post to see why they are changing everyone’s passwords. There’s a hell lot of reasons .. so next thing, I’m changing this password.

What do I do?
: Carry your towel with you throughout the day to show your participation and mourning.
When do I do it?
: May 25th.
Where do I do it?
: Everywhere.
Why a towel?
: Read here.

Deputy Director of Homeland Security, Dr. Kenneth Shoto today announces a
call to cyber-ninjas everywhere to sign up for his annual fight-to-the-death
qualifying competition for the Defcon Capture the Flag (CtF) contest. The
qualifying competition will start at 10PM on Friday, May 30th and end at
10PM on Sunday, June 1st.

More here… http://kenshoto.com/

Hail to ubersmart packager, who thinks to know cryptography…
http://it.slashdot.org/it/08/05/13/1533212.shtml
“Debian package maintainers tend to very often modify the source code of the package they are maintaining so that it better fits into the distribution itself. However, most of the time, their changes are not sent back to upstream for validation, which might cause some tension between upstream developers and Debian packagers. Today, a critical security advisory has been released: a Debian packager modified the source code of OpenSSL back in 2006 so as to remove the seeding of OpenSSL random number generator, which in turns makes cryptographic key material generated on a Debian system guessable. The solution? Upgrade OpenSSL and re-generate all your SSH and SSL keys. This problem not only affects Debian, but also all its derivatives, such as Ubuntu.”

Remove RNG seeding! WTF was he thinking!

It got some media coverage on Dark Reading - house of hackers is an interesting idea by the GNUCITIZEN people. We’ll see how that goes …

The New Scientist has an article on the title above. With regards twitter - these two sites do very interesting stuff:

TweetStats

TwittEarth

I’m sure you got more .. so please post :-p

Yes of course! These researchers are astounded to find out how often data is lost on the ‘net. But honestly, I’m usually astounded that the internet actually works and very rarely breaks down

Just as an update to my previous post HSBC, the world’s local secure bank after several emails I got contacted from the HSBC IT department group via phone.

First they asked me what is happening exactly to try and reproduce the issue themselves and they were surprised that such issue was being reproduces using Internet Explorer and XP, as XP is fully complaint but Vista is not, so they expect clients using Vista to have problems (another “latest” software not supported???).

When I asked them why they do not support the latest Internet Explorer, when they promote to users that they should always have the latest software and patches installed, they replied “As you might know yourself since you work in the software industry, new software and patches are being released every day and it is impossible to keep up with everything”. For God’s sake, you’re 1 and a half year late, as IE7 was released in Q4 of 2006. Even if it was released a couple of months ago, I do not think “it is impossible to keep up with everything” is not a valid excuse, I mean I do not care what is impossible or not, if you are offering a service to your clients, give them a decent service at least, especially when it is all about the clients’ money!!

Well, not worth hassling about it, it won’t take me anywhere. Just out of curiousity I asked them a question “Why don’t you support Opera as well?”, the answer was very clear (hope they were just fooling around and it wasn’t an honest answer) “Well, Opera runs on Linux and we do not support Linux”. Ok.. just FYI mate, Opera Download for Windows.

Enjoy e-banking with HSBC pals

http://0×000000.com/index.php?i=532

HSBC E-banking is cool and fast. You receive emails every day from banking companies not to trust spam emails, that people from banks won’t ask for passwords over e-mail (hope not even over the phone). Well, HSBC e-banking supports only LATEST Firefox and Internet Explorer, for SECURITY REASONS (as they say). I had a problem transacting some Euros at 1 go between 2 accounts I have. I sent an email to HSBC help desk and I got a sweet reply:

HSBC helpdesk
Dear Mr X

Kindly note that problem is related to your browser since you are using IE7. The last version is not supported by us.

You are kindly request to use IE 6 or else Firefox.

Internet Explorer 7 was released in Q4 of 2006 and security wise “should be” much better. It’s about time HSBC keeps up to date with these things!

Tired of your family running behind you to fix their home pc problems? Because I deleted this, I deleted that and this is not working? GOS looks very cool and OS + PC are being sold for $199. Haven’t read much about it but it seems good for most of my cousins and co., perhaps one day I’ll get rid of them! Anyone ever heard of GOS or tried it out?

http://funtasticus.com/20080314/new-googles-zurich-office-amazing/

http://torrentfreak.com/the-pirates-dilemma-080314/

The RIPE guys issued a case study and a lovely youtube video about what happened. Good stuff

Describes itself as “SurveillanceSaver is a screensaver for OS X and Windows that shows live images of over 400 network surveillance cameras worldwide. A haunting live soap opera.”

I’m the latest Mac OS X user Very interesting concept and on a dual screened mac you get to watch a different camera on each screen. voyeur w00t =)

Go get it

Hi guys - Rene (a colleague and a friend who gained respect for geekyness and other wizardry) just opened a new website where he’ll be dumping some tips and helpful resources on MySQL. The site is called “MySQL Geek” - check it out..

Can be useful: ItSecurityEvents.com