The Edge of I-Hacked

via Slashdot
“Fedora 9 has been released as of 10 AM Eastern Time this morning. Release notes can be found here. Some of the more interesting new features include a new package management system, which can be used as an alternative to pup and pirut, known as PackageKit. This release also includes GNOME 2.22 and/or KDE 4.0.3, and Firefox 3 beta 5. Overall, there are a lot of improvements worth looking at, and the Bittorrent seeds are already feeding the release fairly effectively.”

from Iron Geek

A cryptographic hash function takes an input and returns a fixed size string that corresponds to it, called a hash. Cryptographic hashes have a lot of uses, some of which are: detecting data changes, storing or generating passwords, making unique keys in databases and ensuring message integrity. This video will mostly cover detecting file changes, but I hope it gets your mind going in the right direction for how hashes can be used. Specifically covered will be tools for creating MD5 hashes in Windows and Linux.

nin.com [download]- the slip

as a thank you to our fans for your continued support, we are giving away the new nine inch nails album one hundred percent free, exclusively via nin.com.

the music is available in a variety of formats including high-quality MP3, FLAC or M4A lossless at CD quality and even higher-than-CD quality 24/96 WAVE. your link will include all options - all free. all downloads include a PDF with artwork and credits.

for those of you interested in physical products, fear not. we plan to make a version of this release available on CD and vinyl in july. details coming soon.

from Slickdeals.net
PC Welt (German PC World magazine) is giving away free licenses for WinRAR 3.62 (supports multi-core CPUs and Windows Vista). Thanks avalon

1. Start here to request the license key file, enter your information, and select Anderes Land (Other Country)
2. Once you receive a confirmation email, click on the second link and download the key file
3. Download version 3.62 of the application and install
4. Copy the key file you received in step 1 in the folder you installed the apllication in step 2
   (most commonly, “C:\Program Files\WinRAR\”)

Note, registration site is under heavy traffic and may feel slow to respond. Please be patient.

 from arstechnica

As per the unofficial timeline, Windows XP Service Pack 3 (SP3) has been uploaded to Microsoft’s servers. Currently, the final build is only available on the download.windowsupdate domain in the following languages: Chinese (Hong Kong), Czech, English, French, German (Deutsch), Hebrew, Japanese, Polish, Russian, Simplified (Chinese), Spanish, and Traditional Chinese. According to Microsoft TechNet, the 300MB+ x86 standalone installer (build 5512) will not be available today on the Microsoft Download Center nor on Windows Update.

There will be no x64 version of SP3 released; Windows XP x64 will be updated at the same time Windows Server 2003 is updated, since it is derived from the codebase of the latter. Although Microsoft has still to confirm the date, SP3 should be rolled out via Automatic Updates on June 10, 2008.

(more…)

from Slashdot

“The Hardy Heron has taken flight: it’s the second LTS (Long Term Support) release of the world’s most popular distro. New features include the Wubi Windows installer and Firefox 3 beta 5. Grab a copy here, and check out Linux Format’s overview of the release.”

from lifehacker.com

The open-source-friendly folks at the FOSSwire blog have posted a PDF “Ubuntu Cheat Sheet,” covering the basic terminal commands one might have to use and, just as importantly, naming important programs and packages so you don’t end up deleting or messing with something that’ll cause headaches down the line. WIth the release of Hardy Heron one day away, adventurous newcomers might want to keep FOSSwire’s printed and handy for reference.

Ubuntu Cheat Sheet [FOSSwire]

from Darknet - The Darkside

WifiZoo is a tool to gather wifi information passively. It is created to be helpful in wifi pentesting and was inspired by ‘Ferret‘ from Errata Security.

The tool is intended to get all possible info from open wifi networks and possibly encrypted also in the future, at least with WEP without joining any network, and covering all wifi channels.

WifiZoo does the following:

gathers bssid->ssid information from beacons and probe responses
gathers list of unique SSIDS found on probe requests
gathers the list and graphs which SSIDS are being probed from what sources
gathers bssid->clients information and outputs it in a file that you can later use with graphviz and get a graph with “802.11 bssids->clients”.
gathers ‘useful’ information from unencrypted wifi traffic ala Ferret,and dsniff, etc; like pop3 credentials, smtp traffic, http cookies/authinfo, msn messages,ftp credentials, telnet network traffic, nbt, etc.

You can download WifiZoo v1.3 here:

wifizoo_v1.3.tgz

from Defcon Forums
Check out this new contest brewing for DEFCON 16!

From the DEFCON Forums:
The Race to Zero involves contestants being given a sample set of viruses and malcode to modify and upload through the contest portal. The portal passes the modified samples through a number of antivirus engines and determines if the sample is a known threat. The first team or individual to pass their sample past all antivirus engines undetected wins that round. Each round increases in complexity as the contest progresses.

Further details are available here: http://www.racetozero.net/

from securityfocus.com

Vancouver, CANADA — In the first attempted attack in the PWN2OWN contest, a security analyst breached the defenses of Apple’s Mac OS X using a bug in the Safari browser and won $10,000 as well as the computer that he compromised.

Charlie Miller, principal analyst with Independent Security Evaluators and the researcher who found some significant flaws in Apple’s iPhone last summer, compromised the Apple MacBook Air in less than a minute. While he refrained from describing the flaw, SecurityFocus learned that the issue affected the Safari browser. Contest officials said that the MacBook Air was running the latest version of Mac OS X, version 10.5.2 or “Leopard.”

Miller — and two colleagues from ISE, Jake Honoroff and Mark Daniel — worked on the code for exploiting the security issue for about three weeks, he told SecurityFocus.

“I was sort of looking for a while, but as soon as we started looking in a particular (code) area, it didn’t take too long,” Miller said.