"cose" interessanti da leggere...
News/papers/cose varie sparse, molto interessanti dal mio punto di vista, magari lo sono pure per voi:
http://www.theregister.co.uk/2007/03/06/ebay_trojan/
eBay users are being targeted by an advanced Trojan that attempts to redirect traffic so it can silently bid on a car from the auction site's car section, Symantec is warning. It is the latest security headache for eBay, which has faced an onslaught of complaints from some users who say fraud on the site has increased to unacceptable levels over the past few months.
http://www.uninnovate.com/2006/11/23/early-christmas-present-now-its-legal-to-unlock-your-cellphone/
Most cell phones in the United States are purchased as part of a service plan. The phone itself is cheap or free, but it must be bought as part of a one-year or two-year service contract. Phones can also be purchased separately, but are often hundreds of dollars more expensive then the phones that come with service plans. This is because phone companies take a loss on the phone up front and hope to make up that loss over the life of the contract in monthy fees.
Nearly all of the phones purchased as part of a service plan (and even some that are purchased separately) are SIM locked to only work with that phone companies’ network. The phone’s software will reject SIM cards from competing phone networks. Phones bought from T-Mobile only work with T-Mobile, phones bought from Cingular only work with Cingular, etc. This way the phone company can be certain that a customer is stuck and they will make back their investment.
Ed ancora dallo stesso articolo:
Yesterday, the Library of Congress announced six new exceptions to DMCA rules. Among those was the declaration that breaking SIM locks will not be considered a DMCA violation starting on Monday:
5. Computer programs in the form of firmware that enable wireless telephone handsets to connect to a wireless telephone communication network, when circumvention is accomplished for the sole purpose of lawfully connecting to a wireless telephone communication network.
Library of Congress Rulemaking Statement
This has the potential to legitimize the shady market of cell phone unlockers. It also has the potential to change how cell phone companies do business. If awareness of these rules spreads and legitimate cell phone unlocker services appear, the current cell phone business model might not make as much sense. It is also likely to further frustrate “pay as you go” cell phone providers who have been trying to stop resellers who purchase their phones and then sell them overseas for a profit.
Quindi pare che sbloccare i cellulari non sia piu' una violazione delle regole DMCA.
Continuando...
RELRO is used on newer Linux distributions to place commonly exploited structures in ELF binaries to a quasi-readonly location. Especially the GOT, often used within heap
based exploits is made read-only after relocation by the dynamic linker. Today I analyzed how exploits could be done in future nevertheless of NX, ASLR, RELRO etc.
An ASCII-file describing exploitation via fini() can be found here:
http://www.suse.de/~krahmer/relro.txt
http://www.cybsec.com/upload/bh-eu-07-nunez-di-croce-WP_paper.pdf
Exploiting SAP Internals - A Security Analysis Of The RFC Interface Implementation.
SAP security is still a dark world. Very little information can be
found on the Net and almost every question related to security
assessment of these applications remains unanswered. This paper
has the intention of bringing some light into that world, providing
the results of a security analysis performed over the SAP RFC
interface implementation.
SAP RFC interface is the heart of communications between SAP
systems, and between SAP and external software. Almost every
system that wants to interact with SAP systems does so using the
RFC interface. As stated by SAP: "The RFC library is the most
commonly used and installed component of existing SAP
software".
This paper describes vulnerabilities discovered in the RFC Library
and their security impact. Furthermore, advanced attacks,
exploiting default mis-configurations and design flaws in the
interface implementation, are presented and explained. Finally, it
provides solutions and suggested configurations to protect from
described attacks and vulnerabilities.
Sempre su cybsec.com ho trovato altri interessanti papers, dateci un'occhiata.
Molti in spagnolo, ma con un po' di fantasia si capiscono.
E per la seria "database security" (argomento molto attuale da qualche tempo a questa parte) dei must:
Oracle Forensics Part 3: Isolating Evidence of Attacks Against the Authentication Mechanism
http://www.databasesecurity.com/dbsec/Investigating-Authentication-Attacks.pdf
Oracle Forensics Part 2: Locating Dropped Objects
http://www.databasesecurity.com/dbsec/Locating-Dropped-Objects.pdf
Oracle Forensics Part 1: Dissecting the Redo Logs
http://www.databasesecurity.com/dbsec/dissecting-the-redo-logs.pdf
