.:Computer Defense:.

I haven't been blogging much lately (hopefully that will change shortly). However, I wanted to make sure I mentioned this. Python 2.6 has been released. What's new in Python 2.6 can be found here.

Well it certainly didn't take long... I noticed this on milw0rm this morning. It seems that someone has found a DoS in Google Chrome. What's interesting is that one of the thngs that Chrome does is process separation between tabs (or so they claim), yet this DoS manages to take out all of Chrome, not just the tab you visit the page in.

Original Advisory with PoC (Note that you don't even have to click on the PoC link in the advisory. You can cause the crash simply by mouse overing it.)

So I finally got a ASUS EEE PC. I've wanted a small laptop for a while now, and there happened to be a great mail rebate option (valid in Canada until Aug 31st for anyone thinking about getting one).

I went with the 900 in Galaxy Black. The first thing I did was set it up to use Advanced Mode... the second thing I did was install nmap. It's quite a bit of fun... even in basic mode, I could see it being useful to a lot of people. I have a USB Enclosure and a spare DVD-RW, I'm going to assemble it and hook it up and see if it's detected. If it is, then it'll be perfect.

Attn Parents: If you're sending your kids away to college (it is that time of year), consider getting them one of these, and consider the Linux version. Really it has everything they need... it's nicely secured (compared to getting a full blown laptop)... In basic mode the ease of use is way up there and with a USB DVD-RW and maybe an external monitor, they have everything they need. Although the screen would be ok for watching DVDs.

I went with the solid state drives, but there is a option with a 80GB drive (I believe it was 80GB). Simply to play with solid state, and because it seems more logical for something that might get tossed around a bit.

Specs on mine:
8.9" Screen
900Mhz Celeron Processor
1GB RAM
4GB OS Drive (1.5GB seems to be used, with the remainder holding an image that I can restore to by holding F9 on boot (apparently)).
16GB Storage Drive (mounted as /home)
1.3M WebCam
3 x USB, 1xHeadphone, 1xMic, 1xVGA, 1xSD

Just a quick little note to share with people. In my efforts to add to the social activities associated with SecTor and to foster discussion, I've created a new website, SecTorAttendees.com. On the page you'll find a forum and a mailing list. I would invite everyone who is attending SecTor to join both and share in the discussion. For those of you that aren't quite sure yet, sign up and you'll most likely find a reason (hopefully in time to beat the end of August price increase)... and for those of you that can't make it to SecTor this year, you're all welcome as well, you'll see what's happening so that you can make it next year.

Hey All,

I wanted to do a brief repost over here to direct everyone to the 5-part non-technical blog series that I did on cons (for the most part) and con experiences. This was my contribution to blogging following Blackhat / DEFCON.

1. Being a Research Engineer at a Blackhat Booth
2. Competitors Can Be Civil
3. Why DEFCON Sucks
4. Why the Social Aspect of Cons is Important
5. What Can Be Done to Improve the Cons.

Enjoy!

I thought this was interesting... I don't seldom have emails that are this long, but since every survey submission is seen as part of the same resonse, I've been seeing it. It appears as though every 61 messages, the thread is cut and a new one is started. Has anyone else seen this and possibly experienced a different number? If everyone else is indeed seeing 61, does anyone know why?

Does anyone from Google read this? If so, why cut the threads at 61?

Side Note; Anyone know when Google Apps will be getting the 'Always use SSL' checkbox?

Hey All,

Thanks to everyone who's filled it out, for those of you that haven't... you still can (survey). A large number of people are prefering to stay anonymous, but I have gotten some rather interesting comments. To date 169 people have filled out the survey. If all goes well, I'm hoping to start analyising the results after about a week or so.

To clarify, for anyone who reads this first... When I say Denial of Service, I'm not considering packet flooding (these days you essentially need DDoS for that)... I'm thinking single packets that cause servers to crash, or malformed pages that cause browsers to crash. That being said, I don't want to influence anyones answers... that's why I provided plenty of places for notes. Feel free to tell me what you really think.

Lastly, in the goal of making an interesting whitepaper out of this, I've started contacting vendors. Currently I've contacted Adobe, Apple, Google, Microsoft, Red Hat and Sun. I've asked them to answer the survey (and provide me with unique information via email that they will put in the name, email and url portions (for proper identification)) and I've passed on a few vendor specific questions. I've taken the route of contacting their PR agencies, so we'll see what happens.

Hey All,

Quick post here as I'm trying to gather some statistics related to Denial of Service and people's perception related to it. I've posted a small survey @ http://tinyurl.com/dossurvey, if anyone is interested in filling it out.

Thanks,
Tyler

Hey Everyone,

So Blackhat/Defcon is behind us... Instead of blogging about the talks, I've taken a different approach and I've been doing some non-technical blogging. In the end it will be a 5-part series, but the first three are already up.

They are:

1. Being a Research Engineer at a Blackhat Booth
2. Competitors Can Be Civil
3. Why DEFCON Sucks

The last two will most likely appear early next week.

Also, now that Blackhat/ DEFCON are over... What's next? As far as I know the next Con I'll be attending is SecTor. Last year was the first SecTor and I had the opportunity to attend. SecTor will actually make it's way into my upcoming blog series (from above) on the VERT Blog. That being said, I wanted to remind people that it's coming up, after all... it's held in Toronto and I live in Toronto, so the more people that attend, the more people I get to meet.

For anyone who didn't get a chance to visit SecTor last year and is curious about the quality / style of the talks, I tried to write-up everything that I saw.

• Overview
• Growing the Security "Profession"
• TCP/IP Perversion
• Zen and the Art of Cybersecurity
• Web Application Works - The Future of Browser Insecurity
• Exploit-Me Series
• Defending Layer 8
• Black Ops 2007: DNS Rebinding Attacks
• Hacking Hollywood
• Modern Trends in Network Fingerprinting.

Of course, these are biased because they're all my opinion, but I do recommend the Con for anyone that can make it up this way. Let me know if you'll be coming up and we'll make arrangements to get together for a beer.

I learned something rather cool today, and whenever I learn something, I like to share it.

I'm sure everyone is aware of this and I'm the last one to learn about it, but it's cool anyways. Let's say your GMail (or Google Apps account) is example@gmail.com. You can create customized addresses for each mailing list, or page you sign up for (for separation, or to see if anyone is selling your address) by using + in your email.

Example:

example+computerdefense.org@gmail.com will still be delivered to example@gmail.com, however it will contain that unique identifier in the address. This allows you to identify spam that computerdefense.org may generate (of course, that would never happen), or to distinguish incoming email.

Another potential use (especially on the Google Apps side) is for a small business with a sales office. Let's say you have 20 customers, you could easily distinguish between mail from each customer by giving them the following addresses sales+customer1@mybusiness.com, sales+customer2@mybusiness.com, etc.

As I said, this is probably old news... but it's new to me, so I figured I'd share.