A wonderful NSA document called Untangling the Web, thanks to a FOIA request, is now available and free for all to download and use. Although dated, the book will prove highly useful. If you company or client is exposing data that it shouldn’t to the public Internet, this book will help you find it, so [...]
So, “Peggy” from “Computer Maintenance Department” called me again last night. This time I decided to mess with him a bit more. This is the second time. (No, “Peggy” wasn’t his real name, nor did he identify himself as “Peggy,” but that’s the name I’ll use, thanks to that old Discover commercial.)
Hacking vintage video games has been a popular trend this year, so I suppose it was only a matter of time before I saw this: A hobbyist spent a few weeks this year fixing the infamous E.T. cartridge for the Atari 2600, and kept a detailed analysis of the project. I found it interesting.
This week I posted a link to a video showing how to crack a WPS-enabled wifi network, and this week, Ars Technica wrote a firsthand account of cracking a password list. I’m sure this raises questions of ethics in some people’s minds. To be honest, spreading this kind of information makes me a little uncomfortable [...]
John C Dvorak is raving in PC Magazine about Netgear wireless routers and range extenders and how easy WPS makes it to set them up–and providing some very seriously flawed security advice along the way. “Note that WPS is crackable by serious hackers using brute-force attack, but any SOHO user not dealing with government secrets [...]
I read yet another anti-CISPA piece today. I’m not comfortable trying to read it and decide whether it’s a good or bad piece of legislation, but I do understand the problem it’s trying to solve. Those who have tried to paint CISPA as the new SOPA or PIPA are misunderstanding the problem CISPA is trying [...]
This week Cnet interviewed Phil Lapsley, the author of Exploding the Phone, a book about the early history of phone phreaking. Phone phreaking is absolutely fair game for the CISSP exam. I couldn’t tell you anymore how many phone phreaking questions I had to answer, but let me just say I’m glad I’d read those [...]
Longtime reader/commenter Joseph asked two questions yesterday: What’s the boundary between gray and black-hat hacking, and is it moral to pick and choose between moral and immoral laws? The first question is easier than the second. So I’ll tackle that one first.
I saw this on Slashdot today: A computer science student was expelled from a Canadian university for practicing what most people would call white-hat hacking. Their reasoning: “Schools are supposed to teach best practice, which includes ethics and adherence to reasonable laws.”
If one person uses a password, another will. That’s a popular hacking theory. If that’s true, then chances are if one person asks a question, another will. So here are three short questions (one completely unrelated to the others) I found in my logs over the weekend, and their answers.