The Edge of I-Hacked

from Nintendo-Scene

Ski Freak wrote in to tell us of an interesting presentation that took place at the 24th Annual Chaos Communication Congress (24C3) right now; it would appear that a fully hacked Wii capable of running native homebrew with full hardware access has been presented.

From the report:

The guys over at 24C3 just demoed a Wii hack that is set to provide native wii
homebrew in the near future (not running in GC mode, and with full access to all the Wii hardware!)

They were able to find encryption and decryption keys by doing full memory
dumps at runtime over a custom serial interface. Using these keys, they were
able to create a Wii ‘game’ that ran their own code (their demo happened to show live sensor/Wiimote information, amongst a few other things).

Details are minimal and we’re waiting for additional conformation from additional sources. If you’re in attendance at the event and can provide us with additional information please let us know.

UPDATE: Thanks for the conformation we received from those in attendance at the confrence.  A youtube video has been posted with the Wii segment on “Why Silicon-Based Security is still that hard”. You can watch the complete inofficial recording if you wish, the Wii segments starts at 59 minutes. Thanks to atzplzw and xjw for the links.

from Arstechnica
Back in July, we covered the appearance of a sophisticated malware generator named Pinch Pro. Although not a Trojan itself, Pinch Pro provided a framework for malware authors to create and design their own worms and trojans, each of which could be specifically tailored to report certain data, zombiefy the PC, or kill certain commands/files. Imagine something like Build-A-Bear, but designed for malware rather than fuzzy bear creation, and you’ve got the right idea.

Pinch became popular in Russia, which meant is also became something of a headache for IT services generally and government services in particular. In effect, the malware-builder proved a bit too popular for its own good, and ultimately attracted the attention of Russian authorities. According to Kaspersky Lab, the Russian FSB (Federal Security Service) has identified the two authors of the program, Ermishkin and Farkhutdinov, and will soon take expose them to the cheery Russian legal system.

While the arrest and prosecution of the program’s authors is important, it won’t do much to solve the underlying problem Pinch has created. The program’s source code has been released into the wild—the authors only charged for customized software and support. As such, we can expect to see more variants of the malware creator program appear in the future. Kaspersky Lab has already identified over 4,000 variations of Pinch-created Trojans.

The customizations available to a Pinch designer speak to the tool’s features—with the click of a button, the designer can specify his creation to perform a number of specific tasks, including:

* SPY: Allows trojan to act as a keylogger, takes screenshots, capture IE data, and can search for certain files.
* NET: Turns the PC into a botnet zombie, and allows for the opening of specific ports, downloads and runs files, and can turn the system into a proxy.
* BD: Opens a backdoor on the infected system.
* KILL: Deactivates certain services or processes.

The more serious threat that Pinch Pro is only a visible symptom of, however, is the ongoing commercialization of malware. Using malware to collect system information or harvest e-mail addresses has always had some inherent value, but the creation of the infectious program itself wasn’t necessarily seen as a dependable profit source. Now apps like Pinch Pro, as well as open marketplaces for malware, are bringing the business-side of trojans and viruses to the fore.

from New Zealand PC World Magazine

The hacker who posted an exploit last week that threatened a large swath of Hewlett-Packard’s laptop lineup followed up with new attack code that can “brick” nearly every HP laptop.

In a post to the milw0rm.com Web site, a Polish security researcher who used the alias “porkythepig” spelled out a pair of vulnerabilities in an ActiveX control used by HP’s Software Update, the patch management program bundled with virtually every HP- and Compaq-branded laptop.

According porkythepig’s post, the Software Update bugs let an attacker corrupt Windows’ kernel files, making the laptop unbootable, or with a little more effort, allow hacks that would result in a PC hijack or malware infection. In either case, a drive-by attack could be conducted by feeding users an e-mail message with a link to a malicious Web site.

“Every HP notebook machine containing the HP Software Updates application is vulnerable,” claimed porkythepig. “It is possible that the vulnerable machine model list disclosed by the vendor as a confirmation to the previous issue concerning HP laptops, [the] HP Info Center case, will be similar in this case.”

Last week, porkythepig disclosed multiple flaws in other software included with HP’s portables. When the company patched the vulnerabilities a day later, it listed 83 affected laptops.

The scenario in which an attacker overwrites the kernel and thus “bricks” the HP or Compaq notebook, was out of the ordinary, since most hacks aim to snatch control of the machine or infect it with identity-stealing malware. But the crippling attack, said porkythepig, is actually the simpler of the two. “This attack vector doesn’t require any additional victim social engineering, because the system files are always placed in the predictable locations,” he said.

A drive-by attack that hopes to execute rogue code, however, requires more work. To successfully exploit the ActiveX bug in Software Update and compromise the computer, the hacker needs to know the location of certain files.

The researcher said he had tested the exploit code on Windows 2000, XP, Server 2003 and Vista, and that the vulnerabilities pose a risk to any user with either Internet Explorer 6 (IE6) or IE7 on the PC. Nor will HP be able to use the down-and-dirty fix it deployed last week, said porkythepig. After he revealed several bugs in HP’s Info Center a week ago, HP issued an update that simply disabled the vulnerable software.

“Simple disabling of the vulnerable control by the vendor’s patch, like in the other HP software vulnerability case, HP Info, [could still] result in the machine[’s] software update system [being] compromised, and would leave the user vulnerable to future security issues,” porkythepig said in the milw0rm.com write-up.

HP did not reply to e-mailed requests for confirmation and comment.

from Flickr

from iPodHacking.com -Forum
First and foremost, a shout out to the hard working developers:
bounci.rabbit.123, xxDriveNxx, MrMEC, H3X, supernatural, matthew98, Apocalyptic 0n3

So, what do we have here?
1. Redesigned main menu and now playing screen.
2. Music icons at the bottom of the music menu.

3. Rearranged menus.
4. Updated graphics.

Current version: 1.0
Grab the download at Driven Design, iPH, and The Bouncing Rabbit!
Thanks for all of your support and appreciation!

- iPod touch development team

Digg This!

Installation
IT IS CRUCIAL THAT YOU READ THIS BEFORE YOU INSTALL THIS HACK.
1. Before plugging your iPod into your computer, you must set the main menu settings. This is because the background used for the hack has these icons implemented, and if you do not have this exact configuration, your main menu will either malfunction or take you to the wrong menus.

• Music
• Photos
• Videos
• Extras
• Settings

2. Plug iPod into computer, and open iPodWizard.
3. Load the firmware binary. Please, LOAD THE CORRECT FIRMWARE.
4. Click “Write to iPod”.
5. When writing is done, click “Eject”, but DO NOT UNPLUG YOUR IPOD.
6. Your iPod will reboot. When it has successfully rebooted, your computer will redetected. Eject it again. Now you may unplug.
7. Enjoy your iPod.
8. If you would like to load extras, see the readme.txt in the Extras folder for specific directions.

Troubleshooting
If you have trouble installing this hack, these tips may help you.

- Make sure you have the correct firmware. Load a 5G firmware onto 5Gs and 5.5G firmware onto 5.5Gs.
- Make sure you are running the latest version of iPodWizard, which is 1.3.0.7.
- Make sure no other programs are accessing your iPod.
- Make sure you don’t unplug your iPod before it is ready.

If you have a reboot loop:

Go into disk mode by holding Center and Play until the Disk Mode screen appears. Connect to your computer and load a clean firmware.

If you are told to restore:
You loaded the wrong firmware. Make sure to load a 5G firmware onto 5Gs and 5.5G firmware onto 5.5Gs.

This firmware cannot, and will not, brick your iPod.

Enjoy!

Current bug list:

1. Search feature- final result screen.
2. Contacts titlebar missing.
3. Music icons don’t stretch full screen.
4. Menu transitions laggy on some menus.
5. Video loading screen.

If you would like to donate, please visit Driven Design for details.

from channel9.msdn.com


The IE team has been very hard at work on IE 8 for the past several months and they hit a huge milestone last Friday evening. The IE dev team checked in a bunch of code that included several new features implemented in the core rendering engine that enable IE to pass the ACID 2 test This is great news for web developers: IE 8 is going to be our most standards compliant browser to date. Passing ACID 2 is really a combined side effect of all the new features that have been developed for IE 8.

In this interview, I sit down with IE GM Dean Hachamovitch and Architect Chris Wilson to discuss this milestone and dig into compliance in general, lessons learned from IE 7 and discuss the IE teams ultimate goal of de facto interoperability. Of course, no Channel 9 interview is complete without meeting some of the devs who actually write technology so we take a walk from Deans office to super developer Alex Mogilevskys office to discuss whats been done to provide IE with the core rendering features that enable IE 8 to pass the ACID 2 test. We also chat with CSS guru Markus Mielke who was instrumental in identifying and planning the feature set required to pass ACID 2.

YES!

From remote-exploit.org
Remote Exploit has done it! Again! The best security Distro, in its leanest, meanest and sexiest form ever. An official announcement is due tomorrow, and until then, the ISO and USB images are available on torrent.
Site is getting killed, found a couple people hosting it off of digg.

Torrents:
ISO - http://www.offensive-security.com/bt3b141207.iso.torrent
USB/DVD - http://www.offensive-security.com/bt3b141207.rar.torrent

Thanks to LogicX
My FTP Mirror: ftp://rt:rt@mirror2.fpux.com/_BackTrack_3_Beta_
(thats user/pass: rt)
CD ISO: ftp://rt:rt@mirror2.fpux.com/_BackTrack_3_Beta_/bt3b141207.iso
USB ISO: ftp://rt:rt@mirror2.fpux.com/_BackTrack_3_Beta_/bt3b141207.rar

Addl Mirror: http://addis0n.com/bt/bt3b141207.iso

from insecure.org

December 13, 2007 — Insecure.Org is pleased to announce the immediate, free availability of the Nmap Security Scanner version 4.50 from http://insecure.org/nmap/. Nmap was first released in 1997, so this release celebrates our 10th anniversary.

This is the first stable release since 4.20 more than a year ago, and the first major release since 4.00 almost two years ago. Dozens of development releases led up to this. Major new features since 4.00 include the Zenmap cross-platform GUI, 2nd Generation OS Detection, the Nmap Scripting Engine, a rewritten host discovery system, performance optimization, advanced traceroute functionality, TCP and IP options support, and and nearly 1,500 new version detection signatures. More than 300 other improvements were made as well.

from Walyou

Why not save a little money this holiday season with a free download of Divx Pro?

Convert and compress your home movies, TV shows, and films library into Divx format easily with Divx Pro. Although this software usually costs only $20, it is always nice getting something for free.

For a limited time, Divx is offering a complimentary download of their Divx Pro software, which consists of both a converter and the Codec. The converter includes an easy to use drag-and-drop feature to make your conversion time simpler. This software is definitely a useful one to have available.

It is currently not mentioned when this free download ends, so if you are interested, make it quick.

from searchengineland.com

Ask.com has launched AskEraser, giving searchers the ability to search anonymously. Ask.com told us about this tool back in July, and six months later, it’s now live for all searchers to use.

When a searcher activates AskEraser, Ask will stop recording the searcher’s search queries and cookie information. This information includes IP address, User ID, Session ID, and the complete query text. AskEraser is available across many of Ask.com’s properties including Web search, image search, AskCity, news search, blog search, video search, and Maps & Directions.

How does it work?

At the top right of the Ask.com home page, you should see a link to “AskEraser.”

I got to tell you, Ask.com is after my business — if only they would offer more advanced search operators, I would be there.