http://www.technicalinfo.net Security thoughts and observations of Gunter Ollmann en-us Wed, 23 APR 2008 19:10:00 EST http://blogs.law.harvard.edu/tech/rss Copyright 2008, Gunter Ollmann After some time away, I'm back to writing for SC Magazine. This months article covers the problems in patching the embedded systems used in the heath care organizations. http://www.technicalinfo.net/blog/security/20080423_HealthCarePatching.html Gunter Ollmann Wed, 23 APR 2008 19:10:00 EST According to X-Force, there has been a 5.4 percent year-on-year decrease in the annual disclosure of new vulnerabilities. Why? In this blog entry I examine the probable influences in the decrease - decreasing vulnerability appeal, vendor security testing improvements, professional bug-hunters and vulnerability purchase programs... http://www.technicalinfo.net/blog/security/20080210_2007VulnerabilityCounts.html Gunter Ollmann Sun, 10 Feb 2008 17:50:00 EST The Pharming Guide provides detailed analysis of the pharming threat. This second part covers in detail the attack vectors used to conduct the attack and the protection elements needed to secure against the threat. http://www.technicalinfo.net/papers/Pharming2.html Gunter Ollmann Sun, 27 Jan 2008 19:00:00 EST The Pharming Guide provides detailed analysis of the pharming threat. This first part covers the nature of the threat and a detailed analysis of how DNS actually works in the real world. http://www.technicalinfo.net/papers/Pharming.html Gunter Ollmann Sat, 26 Jan 2008 18:00:00 EST How can you automatically 0wn a Web site the next time the administrator logs in? Through the User-Agent field of your Web browser of course! A fabulous example of second-order cross-site scripting. http://www.technicalinfo.net/blog/security/20080121_UserAgentAttacks.html Gunter Ollmann Mon, 21 Jan 2008 19:55:00 EST The FAA document entitled “Special Conditions: Boeing Model 787-8 Airplane; Systems and Data Networks Security--Isolation or Protection From Unauthorized Passenger Domain Systems Access” raises the possibility of mile-high hacking a fly-by-wire, multi-million dollar, aircraft. http://www.technicalinfo.net/blog/security/20080107_HackingBoeing787.html Gunter Ollmann Mon, 7 Jan 2008 19:15:00 GMT There's been a little fuss over a recent posting concerning the threat of WHOIS cross-site scripting. To get your attention, it starts with “This is massive.” Now don’t get me wrong, there is a threat, but it is marginal – and I’ll explain why in a little bit. What’s all the fuss about? http://www.technicalinfo.net/blog/security/20080104_WhoisXSS.html Gunter Ollmann Fri, 4 Jan 2008 08:45:00 GMT "Barcode systems susceptible to serious hacker attacks" - so says Heise Security, in their article posted yesterday concerning FX's presentation at this weeks 24th Chaos Communication Congress. The article describes a few of the threats to systems that rely upon barcodes (on and two dimensional) - in particular their ease of manipulation for scamming purposes and the possibilities for code injection attacks. http://www.technicalinfo.net/blog/security/20080101_HackingBarcodes.html Gunter Ollmann Tue, 1 Jan 2008 17:47:00 GMT Commercial keyloggers are designed for use by corporate IT/Security/Audit teams and law enforcement agencies, and they're way more advanced than their malware cousins. http://www.technicalinfo.net/blog/security/20071230_CommercialKeylogger.html Gunter Ollmann Sun, 30 Dec 2007 18:00:00 GMT Whether it's deployed in hardware or software formats, for as long as people rely upon password protected authentication processes, the keylogger will continue to be a reliable hacking tool. http://www.technicalinfo.net/blog/security/20071222_HardwareKeyloggers.html Gunter Ollmann Sat, 22 Dec 2007 18:00:00 GMT In short (pun intended), females suggest that Australian boy racers are somewhat lacking in the trouser department. Apparently the campaign has been a roaring success and has helped reduce speeding down under. http://www.technicalinfo.net/blog/security/20071016_LittlePinkie.html Gunter Ollmann Tue, 16 Oct 2007 20:00:00 GMT Whenever I have to resort to using some kind of physical-world analogy to explain an Internet security principle, I can't but feel that I'm doing a disservice to the people listening. Depending upon the audiences involved, my analogies have ranged far and wide. http://www.technicalinfo.net/blog/security/20070921_SecurityAnalogies.html Gunter Ollmann Fri, 21 Sep 2007 20:00:00 GMT