Unhandled Perception

AS the sun rose over the mountains circling Los Reyes, a town in the Mexican state of Michoacán, one morning in March 2009, a caravan of more than 300 heavily armed law enforcement agents set out on a raid.

All but the lead vehicle turned off their headlights to evade lookouts, called “falcons,” who work for La Familia Michoacana, the brutal Mexican cartel that controls the drug trade. This time, the police weren’t hunting for a secret stash of drugs, guns or money. Instead, they looked to crack down on La Familia’s growing counterfeit software ring.

Link: http://www.nytimes.com/…

Sam, it’s suitably anonymous – lives in a three-bedroom semi-detached house in London, drives a vintage Jaguar and runs his own company. But “it’s not not all rock and roll and big money”, says Sam. What isn’t? Spamming websites and blogs with text to pump up the search engine rankings of sites pushing PPC (pills, porn and casinos), that’s what.

Link: http://www.theregister.co.uk/…

More than 100 drivers in Austin, Texas found their cars disabled or the horns honking out of control, after an intruder ran amok in a web-based vehicle-immobilization system normally used to get the attention of consumers delinquent in their auto payments.

Kinda funny…

Link:
http://www.wired.com/threatlevel/…

Hackers have released an application designed to thwart a Microsoft-packaged forensic toolkit used by law enforcement agencies to examine a suspect’s hard drive during a raid.

The hacker tool, dubbed DECAF, is designed to counteract the Computer Online Forensic Evidence Extractor, aka COFEE. The latter is a suite of 150 bundled, off-the-shelf forensic tools that run from a script. Microsoft combined the programs into a portable tool that can be used by law enforcement agents in the field before they bring a computer back to their forensic lab. The script runs on a USB stick that agents plug into the machine.

Link:
http://www.wired.com/threatlevel/2009/12/decaf-cofee/

Wireshark is the world’s most popular network protocol analyzer. It is used for troubleshooting, analysis, development, and education.

Not sure I have a need for this but it good to know its around.

Link:
http://www.wireshark.org/

The best criminal hacker is the one that isn’t caught—or even identified. These are 10 of the most infamous unsolved computer crimes (that we know about).

Link:
http://www.pcmag.com/article2…

Using little more than book knowledge, experience from previous projects, and a healthy shot of elbow grease, a Kenyan kid has constructed a nifty (and perhaps just a little scary) box that attaches to your car to provide a number of unique remote-control features that you’re not going to find on your average OnStar setup. The flagship function seems to be the real-time lockout, which can call you as the car is being started; only if you confirm that it’s not some baddie trying to jack your ride will the ignition request be granted. That’s not all, though — it’ll also let you dial into the car and listen in on any conversations going on within.

Link:
http://www.engadgetmobile.com/…/

Kevin Mitnick knows that the weakest link in any security system is the person holding the information.

As a young fugitive hacker, he went to jail for breaking into computer networks, mostly by using his cunning and persuasion than his tech skills. He was an early master of the science of social engineering–manipulating people into doing what you want, such as giving out passwords and other information that unlocks sensitive information on networks.

For a good movie on the story of Kevin Mitnick then check out Track Down. A great movie.

Link:
http://news.cnet.com/8301-1009_3-9995253-83.html

In this practical introduction to the basics of securing your home wireless network, we’ll cover the important, high-level points that ordinary users need to know in order to secure a network of game consoles, phones, and PCs. Along the way, we’ll also recap some of the relevant information from the original wireless blackpaper…

Link:
http://arstechnica.com/…/wireless-security.ars

Knoppix STD is a Linux-based Security Tool. Actually, it is a collection of hundreds if not thousands of open source security tools. It’s a Live Linux Distro, which means it runs from a bootable CD in memory without changing the native operating system of the host computer. Its sole purpose in life is to put as many security tools at your disposal with as slick an interface as it can.

Knoppix STD doesn’t even have to be installed. Just burn it to a CD, place it in your CD drive, reboot the computer and let it boot from the CD. Knoppix STD will be setup for you. Couldn’t be easier to play around with a Linux distro or in this case test out some hacker tools. (built ontop of Knoppix)

Link:
http://www.knoppix-std.org/

Other distros to check out:

• Slax – Some cool custom distros, each for a certain purpose (all fits on a single CD)
• Helix – Used for computer forensics (built on Knoppix)

Was going to embed it here but they made it too wide for a standard Blogger template.

Link:
http://revision3.com/thebroken/ep1/