Sunday, September 30, 2007
Tip of the day:How to Shotgun a Beer
How to Shotgun a Beer
Trying to impress those drinking buddies? Here's how to shotgun a beer from a can in less than 5 seconds.
Steps
*Hold the beer horizontal. If you don't do this, the next step is going to make a mess.
*Take the can opener and puncture a hole on the side of the can, near the bottom. NOTE: If you think about it, when holding the beer slightly horizontally, there will be a small air pocket near the corner of the can, if you can puncture the hole in the air pocket properly, no beer will shoot out...
*Quickly place your mouth over the hole, so that you don't spill any of the beer, and turn the can upright.
*Hold the can with your mouth on the recently made hole at the bottom, suck on the can until little or no more beer will come out and then open the can at the top.
*Start drinking as fast as you can.
*The ability for air to get in from the top of the can will force the beer out of the bottom at a very intense rate.
Tips
*Tip the beer at a 45% angle, so the top is facing down. Then poke your hole. This helps reduce most, if not all, of the spray when you first puncture the can.
*Alternatively, you can start sucking on the hole until you feel back pressure and THEN open the can.
Warnings
*Do this outside or over a sink, wouldn't want to ruin someones carpeting
*Drinking beer this way can get you more intoxicated faster. Drink responsibly.
Things You'll Need
*1 Can of Beer
*1 Can Opener, Pen, Knife, or any sharp object to puntcure the can.
Source : wikihow
Saturday, September 29, 2007
Friday, September 28, 2007
Nine die in Myanmar protest crackdown
Nine die in Myanmar protest crackdown
By Aung Hla Tun
YANGON (Reuters) - Troops cleared protesters from the streets of central Yangon on Thursday, giving them 10 minutes to leave or be shot before chasing them through the city, firing into crowds and beating people.
State television admitted nine people were killed in actions which stung an outraged Association of South East Asian Nations, one of the few international groupings which has isolated Myanmar as a member, into expressing its "revulsion".
Far fewer demonstrators took to the streets as the junta clamped down and soldiers raided monasteries in the middle of the night, rounding up hundreds of the monks who had been leading protests.
As international concern mounted, U.S. President George W. Bush called on all countries with influence over Myanmar to tell the junta to stop using force. He met with China's foreign minister to press the point.
"Every civilized nation has a responsibility to stand up for people suffering under a brutal military regime like the one that has ruled Burma for so long," he said in a statement.
China, which neighbors Myanmar and is one of the military-ruled country's few allies, is a key trading partner and arms supplier to Myanmar and is seen as the linchpin for any international effort to defuse the situation.
One of the dead was a Japanese photographer, shot when soldiers cleared the area near Sule Pagoda -- a focus of the protests -- as loudspeakers blared out warnings, ominous reminders of the crushing of a 1988 uprising in which more than 3,000 people were killed.
In another area of Yangon, soldiers opened fire into crowds after a military truck drove into protesters, onlookers said. Three people were killed on the spot.
The Association of Southeast Asian Nations (ASEAN), in an unusually blunt statement, demanded member Myanmar stop using violence and voiced "revulsion" at the killings.
At Yangon's Sule Pagoda, 200 soldiers marched toward the crowd and riot police clattered their shields with wooden batons. "It's a terrifying noise," one witness said.
The army moved in after 1,000 chanting protesters hurled stones and water bottles at troops, prompting a police charge in which shots were fired.
The crackdown in the country of 56 million people began on Wednesday when soldiers and police fired tear gas, clubbed protesters and arrested up to 200 monks in an attempt to quash the uprising.
MONASTERY RAIDS
Sporadic marches against fuel price hikes have swelled over the past month into mass demonstrations against 45 years of military rule in the former Burma. It is the worst unrest to hit the poor and isolated nation since the rebellion by students and monks in 1988.
Troops dispersing crowds on Thursday chased fleeing people, beating anybody they could catch, witnesses said.
Another Buddhist monk -- adding to the five reported killed Wednesday -- was killed during the midnight raids on monasteries, witnesses said.
Monks were kicked and beaten as soldiers rounded them up and shoved them onto trucks.
"Doors of the monasteries were broken, things were ransacked and taken away," a witness said. "It's like a living hell seeing the monasteries raided and the monks treated cruelly."
After darkness fell and curfew hour loomed, sporadic bursts of rifle fire echoed over Yangon, a city of 5 million.
The junta told diplomats summoned to its new jungle capital, Naypyidaw, "the government was committed to showing restraint in its response to the provocations," one of those present said.
In a sign the junta may be hearing the international outcry over its clampdown, Myanmar's rulers later in the day agreed to receive a U.N. envoy to discuss the crisis.
The United States announced sanctions against senior junta figures and sought to rally broad international condemnation.
Bush asked Chinese Foreign Minister Yang Jiechi "to help bring a peaceful transition to democracy in Burma," the White House said.
China has said it is "extremely concerned" about the situation and has urged all parties to "maintain restraint," but has not given any sign it is willing to go further in pressuring the Myanmar government.
Bush thanked China for helping to win Myanmar's consent to a visit by U.N. envoy Ibrahim Gambari, White House spokesman Gordon Johndroe told reporters.
ASEAN ministers, meeting on the sidelines of the U.N. General Assembly, "expressed their revulsion to Myanmar Foreign Minister Nyan Win over reports that the demonstrations in Myanmar are being suppressed by violent force."
All members except Myanmar issued the statement. The 10-member diplomatic and trade group holds as a core principle non-interference in one another's internal affairs.
ASEAN made no mention of punitive measures against the military government that has ruled Myanmar since 1962.
Source : Reuters.com
IT'S ABOUT TIME FOR THE UNITED NATIONS TO TAKE SOME ACTION!
Gmail's Zero-Day Flaw Allows Attackers to Steal Messages
Gmail can be easily hacked, allowing any past--and future e-mail messages--to be forwarded to the attacker's own in-box, a vulnerability researcher said Tuesday.
Gregg Keizer, Computerworld
Wednesday, September 26, 2007 4:00 PM PDT
Accounts on Google Inc.'s Gmail can be easily hacked, allowing any past -- and future e-mail messages -- to be forwarded to the attacker's own in-box, a vulnerability researcher said Tuesday.
Dubbed a "cross-site request forgery" (CSRF), the Gmail bug was disclosed Tuesday by Petko Petkov, a U.K.-based Web vulnerability penetration tester who has made a name for himself of late. In the past two weeks, Petkov has publicly posted information about critical, zero-day bugs in Apple Inc.'s QuickTime, Microsoft Corp.'s Windows Media Player and Adobe Systems Inc.'s Portable Document Format (PDF).
According to Petkov, who declined to release details about the vulnerability, attackers can use Gmail's filtering feature to exploit the bug. An attack, he said, would start with a victim visiting a malicious Web site while also still logged into his Gmail account. The malicious site would then perform what Petkov called a "multipart/form-date POST" -- an HTML command that can be used to upload files -- to one of the Gmail application programming interfaces, then inject a rogue filter into the user's filter list.
Petkov posted a series of screenshots on the Gnucitizen.org site that illustrated one possible attack. "In the example, the attacker writes a filter, which simply looks for e-mails with attachments and forwards them to an e-mail of their choice," Petkov said. "This filter will automatically transfer all e-mails matching the rule.
"Keep in mind that future e-mails will be forwarded as well. The attack will remain present for as long as the victim has the filter within their filter list, even if the initial vulnerability, which was the cause of the injection, is fixed by Google," he added.
Google did not immediately reply to questions about whether it had confirmed the vulnerability, and if so, when it would patch the problem.
At least one user commenting on Petkov's posting, however, claimed that a Firefox extension could block exploits of the Gmail bug. Giorgio Maone, the creator of the popular NoScript add-on, said that his extension blocks CSRF attacks from untrusted sites, which a malicious page likely would be. (NoScript blocks JavaScript, Java, other scripting and executable content from running from untrusted sites; Firefox users can download it from the Mozilla add-on site.)
As he did last week when he disclosed a major bug in Adobe's pervasive PDF file format, Petkov again defended his decision to post information about the Gmail flaw without first reporting the vulnerability to Google. The reasoning, however, was oblique: "Let's say that it is just one of my social experiments."
Jeremy Grossman, the chief technology officer at San Jose-based WhiteHat Security Inc., said that the Gmail flaw is "especially scary." In an entry to his blog, Grossman explained further: "Web mail accounts are in many ways more valuable than a banking account because they maintain access to many other online accounts (blog, banking, shopping, etc.). [Attacks exploiting this vulnerability would be] simple, silent and extremely clever."
Petkov added his own two cents on the bug's implications. "In an age where all the data is in the cloud, it makes no sense for the attackers to go after your box," he said. "It is a lot simpler to install one of these persistent backdoor/spyware filters. Game over! They don't own your box, but they have you, which is a lot better."
Source : pcworld.com
Five of the Dirtiest Malware Tricks
Five of the Dirtiest Malware Tricks
From disguising applets to look like part of Windows to co-opting security tools, Web crooks use a variety of methods to bypass your system's safeguards.
Erik Larkin
PC World
Thursday, September 27, 2007; 12:19 AM
If the crooks behind viruses, Trojan horses, and other malicious software were as stupid as they are scummy, we'd have a lot less to worry about. But as protective measures get better at stopping the obvious attacks, online creeps respond with underhanded moves to invade your PC. Here are five of their dirtiest tricks, all based on Trojan horses.
Don't mind me--I'm only here to break your PC: It's like sending in a different scout each time to open the gate for the rest of the invaders. The "Glieder Trojan" and many others use a multistage infection process whose first step is a tiny program that the crooks can change constantly so your antivirus watchdog is less likely to recognize it. Once it gets in, the downloader tries to disable your security before pulling down the real payload, which could be a data stealer or anything else the attacker wants.
Locked and encrypted Web sites? No problem: Web sites can and should use secure socket layer (SSL) to encrypt and protect sensitive data such as bank account log-ins. (When a lock icon appears in the address bar, that indicates the site is using SSL.) But the "Gozi Trojan" and its ilk evade SSL protections by making Windows think they're part of the process, so your data leaves IE and goes through Gozi before it's encrypted and sent out on the network. Instead of spying on your keyboard, which many security programs watch for, these apps roll into the OS as fake layered-service providers (LSPs).
The SpamThru, SpyAgent, and Jowspry Threats
Malware that scans your PC for malware: An extra antivirus scan can only be a good thing, right? Not when it just gets rid of rivals to the "SpamThru Trojan." This nasty introduced a pirated, pared-down version of Kaspersky AntiVirus (which Kaspersky has since shut down) to delete other malware so it could have the victim PC to itself to use as a spam sender. If the PC had a real antivirus app, SpamThru would attempt to block its updates, preventing it from identifying new threats.
Equal-opportunity encryption: Encrypting sensitive data and protecting it with a password helps shield it from prying eyes. But the "SpyAgent Trojan" enters the encryption game, too. When installed on a Windows PC with the Encrypting File System (which is included in Windows 2000, XP Pro, 2003 Server, and 2005 Media Center), SpyAgent establishes its own administrator-level user account and uses this account to encrypt its files. You--or your antivirus software--would have to guess the account's random password to decrypt and scan the malicious files to confirm they weren't supposed to be there.
Hi, firewall. I'm Windows Update. Honest: Firewalls protect computers and networks from bad guys' efforts to go in or out. So the "Jowspry Trojan" masquerades as something known and approved--Windows Update. The crafty malware makes its connections look like the Background Intelligent Transfer Service used by Windows Update, and unsuspecting firewalls let it download more attack programs to your PC.
To pull off these sneaky ploys, malware first has to get on your PC. If you keep Windows and other programs up-to-date, avoid opening attachments or clicking links in unsolicited e-mail, and use a good antivirus program, you won't give the crooks a chance to put their Trojan horses to work.
Descriptions based on research and analysis from Peter Gutmann at the University of Auckland, Craig Schmugar and Aditya Kapoor at McAfee's Avert Labs, and Joe Stewart at SecureWorks.
For an inside look at the way Internet attackers buy and sell their insidious tools, read "An Inside Look at Internet Attackers' Black Markets." To ensure that you've closed critical software holes, read "Close the Holes Targeted by the MPack Attack Kit."
Source : Washingtonpost.com
Thursday, September 27, 2007
Wednesday, September 26, 2007
Tip of the day:How to Convert an Old TV Into a Fish Tank
Have you discovered a dinosaur of a TV set in your attic? It sure can't compete with today's flat-panel units, but it doesn't have to head straight for the junk pile -- if you're creative. Here's how to make it do something those plasmas will never pull off: turn it into a fish tank!
Steps
1) Rebuild the cabinet out of MDF/Craftwood so that it allows for a flip lid.
2) Stain it with an acrylic estapol satin stain.
3) Attach the original legs to the finished cabinet.
4) Stain or lacquer all the surfaces multiple times to ward off any effects of condensation (the formation of water droplets) in the enclosed space.
5) Build in some ventilation at the back to discourage condensation within the cabinet.
6) Get a tank that is slightly wider and taller than the screen. If your T.V. console won't fit a standard tank size, you can have a custom one built to fit. Make sure that you leave enough room for the reflector/light (about 6 cm). A remote ballast light is a good idea, as it takes up very little room and you can get the tank and water level higher than the top of the screen.
7) Mount the powerboard outside the cabinet at the back (in case of water spillage or condensation issues).
8) Place the air pump inside the cabinet to suppress the noise. It can be mounted outside if there is not enough room.
9) Fill and cycle the tank properly and introduce the stars of your show -- the fish!
Tips
* Make sure you have finished building the cabinet before you start inserting the tank.
* Wire the light for the fish tank through one of the controls on the original television. This may require you to take out one of the original controls.
* Build the tank to exceed the width of the screen rather than just cover it, and you will have a larger volume of water and be able to hide the filter and heater.
* Use the extra space inside as storage space for the food and cleaning tools.
* Cool backgrounds are the key to a great T.V. aquarium. You can use an underwater scene (which can be found at most fish-pet stores), or you can make a custom one of a television show you like. (Get the measurements and the picture, then head to your nearest print shop and have them print it for you.)
* For colder areas, insulating the box is a good idea. This will help maintain a constant temperature.
Warnings
* You may want to take the old TV to a repairman and have him remove the CRT (Cathode Ray Tube). While the contents of the CRT are not normally dangerous, the air vacuum inside can cause shards of glass to fly if its glass skin gets cracked or breached in some way.
* If you use your existing TV stand, make sure it is strong enough to cope with the weight of the water.
* TV tubes up until about 1960 do not have integral implosion protection. These can be extremely dangerous, because they can implode very violently. You'll notice a label on all tubes that are less volatile that says something like, "This tube provides integral implosion protection." If you don't see that, don't mess with it.
* Be sure you are ready to take on the responsibility of owning fish. They are more work than you'd think!
Source : wikihow.com
C-level employees targeted in trojan attack
C-level employees targeted in trojan attack
Liam Tung, ZDNet Australia
25 September 2007 01:43 PM
C-level employees of publicly listed companies are being targeted by cybercriminals using malware-infected RTF (Rich Text File) documents disguised as recruitment letters.
Security vendor MesssageLabs reported that 1,100 e-mails containing malware-infected RTF attachments have been recorded over a 16-hour period this month. Four separate waves appeared between 13 and 14 September, the company said.
"All [the emails] were going after C-level management. The e-mails included the company name in subject field, purporting to be a recruitment company. What it had in the attachment is an executable RTF file," a MessageLabs spokesperson said.
Similar e-mails were noticed in June this year, he said.
The e-mail, which contained no body text, included an .SCR screen saver dummy file within an executable RTF file, the spokesperson said. When recipients attempt to open the file, a message is displayed stating: "Microsoft has encountered an error and had to close." The recipient is then advised: "To view this, double click on the message."
Once activated, the RTF file starts a chain of downloads which establish a secure connection between the attacker's server and the infected computer.
The C-level nature of the targets clearly indicates that the attackers are after information, MessageLabs spokesperson said, but the greater concern is the social engineering technique used to spread the trojan-harbouring e-mail.
"The way that this works has the potential to be so effective. You are getting that top down approach -- if they forward that e-mail on internally, that e-mail is coming from a trusted source," he said.
The spokesperson added that all the e-mails were addressed to a single person, which helps diminish their conspicuousness.
F-Secure security expert Patrik Runald recently postulated that the perfect attack would be a zero-day attack using a rootkit-cloaked trojan sent to an HR manager who, due to company policy, would be compelled to open the document.
He told ZDNet Australia: "These are scary cases because it's really hard to protect yourself against. We have to run Office and we have to allow Word, RTF, PowerPoint and Excel files through. It shows that signature based antivirus is not enough; you need more technology than that."
Runald said there is little organisations can do to protect against these threat types besides educating users of the risks because banning the receipt of common file types is impractical.
Heuristic or behavioural-based monitoring is proving to be more effective at blocking these attacks since the behaviour of the file remains the same despite different signatures being used, he said.
Source : zdnet.com.au
Tuesday, September 25, 2007
Monday, September 24, 2007
Bizarre Greek Signs (Part 3)
(Athens,El.Venizelos airport)
(Outside an Byzantine Monastery in Ithaki)
(Unknown location)
(Korinos)
(Inside Santorini's airport)
(...)
Drug Dealer calls cops after pot stash stolen
Drug Dealer calls cops after pot stash stolen
September 7th, 2007 by Nick
A marijuana dealer telephoned police after armed thieves stole his quarter-pound stash of pot. The 19-year-old Felton man told police that two men, one of them armed with a handgun, robbed him at gunpoint as he sat in his car on Tuesday night.
“It was unique to have people who were dealing drugs calling us when they’ve been ripped off,” police spokesman Zach Friend said.
After the thieves made off with his stash, the dealer telephoned police. When police arrived, the dealer’s story became progressively confused.
First he showed officers a medical marijuana card and told them he bought the pot at a medical marijuana dispensary. Then he said he got the pot from a friend. Eventually the dealer admitted he had arranged to sell the marijuana to the men who stole it from him, investigators said.
The Felton dealer wasn’t arrested.
“From our standpoint, it’s more important to address the fact there are individuals out there who are willing to use a weapon to commit robberies,” Friend said.
Source : wastednews.com
Police Taser Man With Chicken in Car
Police Taser Man With Chicken in Car
Sep 18, 6:18 PM (ET)
SHEBOYGAN, Wis. (AP) - A man faces a number of charges, including drug possession, after a traffic stop in which he was stunned several times with a Taser and police found a live chicken.
Richard D. Brown, 34, was charged with cocaine possession with intent to deliver, maintaining a drug trafficking place, resisting an officer, obstructing an officer, second-offense operating while intoxicated and operating after revocation.
According to Sheboygan police, the incident started about 2 a.m. Friday when an officer spotted Brown involved in a potential drug deal and tried to stop him. The man threw a pack of cigarettes out of his car window and tried to run. The pack was found to have contained more than an ounce of cocaine, authorities said.
An officer pursued Brown, caught him, punched him in the head and knocked him to the ground, authorities said, but he tried to run again. A second officer zapped both men with a stun gun as they were struggling, and Brown again before he was handcuffed.
Brown told the officers he got the fowl from a local fast food restaurant, police have said.
He was taken to a hospital, where he received six stitches for two cuts on his face. The chicken was taken to the Sheboygan County Humane Society.
He faces up to 26 years in jail if convicted on all charges.
Source : apnews.myway.com
Sunday, September 23, 2007
Bizarre Greek Signs (Part 2)
(Amorgos)
(Athens)
(Samos)
("Boxes for [human] bones on sale")
(A Butcher's sign : "By eating Basilis meat you don't get fatter,you get prettier")
(Crete)
Saturday, September 22, 2007
Accidents in Greece
Some really great videos...
When some kids are having fun...
When you're trying to impress...
When you don't pay attention...
...and the winner is...
When you must praise God for being lucky!
Friday, September 21, 2007
Chinese man dies after 3-day Internet gaming binge
Chinese man dies after 3-day Internet gaming binge
September 19th, 2007
BEIJING — A man in southern China appears to have died of exhaustion after a three-day Internet gaming binge, state media said today.
The 30-year-old man fainted at a cybercafe in the city of Guangzhou on Saturday afternoon after he had been playing games online for three days, the Beijing News reported.
Paramedics tried to revive him but failed and he was declared dead at the cafe, it said. The paper said that he may have died from exhaustion brought on by too many hours on the Internet.
The report did not say what the man, whose name was not given, was playing.
The report said that about 100 other Web surfers “left the cafe in fear after witnessing the man’s death.”
China has 140 million Internet users, second only to the United States. It is one of the world’s biggest markets for online games, with tens of millions of players, many of whom hunker down for hours in front of PCs in public Internet cafes.
Several cities have clinics to treat what psychiatrists have dubbed “Internet addiction” in users, many of them children and teenagers, who play online games or surf the Web for days at a time.
Source : papazoo.com
Thursday, September 20, 2007
New Sports Minister,Mr. Ioannis Ioannidis!
This is ILL_Natured_gr's team small tribute to Mr. Ioannis Ioannidis
,the (or pretending to be) new Greek Sports Minister
As every Greek knows,Mr. Ioannidis is a well known GENTLEMAN.
He's considered the best Greek basketball couch of all time,despite he hasn't ever won at least a SINGLE European title.
He's a good Christian,goes to church every Sunday and he NEVER swears.
As a good Christian,he's perhaps the only Greek without ANY superstitions.
After his first election at the Parliament three and a half years ago he's consistantly studying EVERY subject imaginable.
He's a good talker because he NEVER looses his temper.
All Greeks want his precious opinion about EVERY situation.
The list goes on and on...
ILL_Natured_gr's team discovered a lovely video back from 1989 which proves all the above and shuts up the mouths of Mr. Ioannidis enemies once and for all!
Bizarre Greek Signs
"Don't fly"
"Dance,music,hookers,drugs,shopping" (outside a bar at the Psyrri area)
"PC Learning Schools,Mr. Fatass"
Hackers welcome
Hackers welcome
Andy Greenberg, Forbes.com
Posted: 18 September 2007 1549 hrs
In the summer of 2005, Michael Lynn discovered a dangerously exploitable flaw in an older version of Cisco routers, one that could shut down or hijack wide swaths of the Internet if it fell into the wrong hands. Lynn, a researcher with Internet Security Systems, immediately told Cisco's security team about the bug.
But when Cisco showed no signs of informing customers who used the outdated hardware, Lynn put his discovery in front of a more responsive audience: the thousands of hackers attending the Black Hat security conference in Las Vegas.
Slideshow: Hackers Welcome at Software Companies
In Pictures: Hacking Outside the Box
In Pictures: America’s Hackable Backbone
In Pictures: Seven Habits Of Highly Insecure Employees
In Pictures: Software Bug Blowups
Cisco's next reaction was swift: It sued Lynn, even though his presentation hid details of his exploit. The episode became a public relations blow up for Cisco and a legal morass for Lynn.
That kind of stonewalling, enmity and miscommunication has long characterised relations between hackers and software developers, says Jennifer Granick, a cyber-law attorney who represented Lynn in his legal battles.
"There's been a lot of bad blood," she says. "Companies have a hard time acting grateful when some punk kid is lording over them that they found something wrong with their software."
But that attitude is now changing. Software developers are learning that cooperating with hackers is better than ignoring or attacking reports of exploitable holes in software.
At the same time, a growing number of security companies are willing to pay for information about software vulnerabilities. That has nudged more software makers to treat independent security less like bandits and more like helpful volunteers.
"Essentially, we're doing free quality assurance work for software vendors," says a hacker who goes by the handle "Dead Addict," and who spoke on unexpected bug disclosures at the DefCon hacker conference last month.
"Companies' first reaction is often: 'What can we do to stop this from going on?' But they're learning that that's counterproductive."
To the surprise of many, Microsoft has become one of the most hacker-friendly software developers, says Dead Addict, who also works for a major mobile hardware company. He recalled how several of his hacker friends were hired as contractors to test the security of Microsoft's Vista operating system in the months before it was released.
Microsoft is proving equally enthusiastic when it hears about hackable flaws in its software from people not on the software giant's payroll. "We've learned a lot about how to work with independent researchers, and we're always trying to make it easier," says Mark Miller, director of Microsoft's Security Response Team.
Miller says that 70 per cent of the security flaws discovered in Microsoft's products last year were reported directly to the company by "volunteers."
Cisco has also "moved on" since its highly publicised spat with Michael Lynn, says Mike Caudill, the company's product security incident manager. "We've worked with independent researchers for years, and we welcome them contacting us," he says.
Cisco has a 24/7 hotline and a secure system that hackers can use to send encrypted messages to the company about sensitive vulnerabilities.
But convincing hackers to give away information about bugs - some of which could easily help unscrupulous hackers spy, steal bank codes or hijack computers to issue spam or "malware" - is also getting trickier.
Companies, including 3Com's TippingPoint division and iDefense, offer to buy vulnerabilities from hackers for several thousand dollars apiece, promising to inform the vendor of exploitable flaws.
Other bug buyers, including Netragard and Immunity, pay hundreds of thousands of dollars for details of vulnerabilities that security researchers use to test how easily hackers can penetrate a system - and they don't always share the information immediately with the software's manufacturer.
In July, a Switzerland-based web site called Wabisabilabi began auctioning bugs in an eBay-style marketplace. Among the items up for bid were detailed descriptions of bugs in 3Com file transfer protocol servers, Wordpress software and SAP's graphical user interface. An unidentified bidder is currently offering 5,000 euros (about $6,900) for information about one SAP bug.
Software vendors have hesitated to offer money for vulnerabilities in their own software, for fear that such bounties would only attract attention to their products' flaws and invite extortion.
One rare exception was Netscape's bug bounty program in the late 1990s, which paid hackers $1,000 for significant discoveries.
Neither Microsoft nor Cisco offer bounties, but they do give credit in their security bulletins to hackers who offer up bugs.
Given that Netragard can pay hackers as much as $200,000 for information about vulnerabilities, Adriel Desaultels, the company's chief technology officer, says that the least software vendors can do is to avoid a hostile response to hackers.
"Vendors really can't compete with us in terms of paying for vulnerabilities," he says. "And when they try to quash research, it only takes a quick post to ruin their reputation as a company that makes secure software."
Some companies have yet to learn that lesson. Diebold Election Systems, recently renamed as Premier Election Solutions, unsuccessfully issued legal threats to dozens of individuals in 2003 for publicising security problems found in their voting machines.
Last year, Princeton University Professor Ed Felten and two of his graduate students found a method to infect Diebold voting machines with a virus that communicated from machine to machine via removable memory cards, potentially enabling the wholesale theft of votes.
Felten says Diebold ignored the academicians' entreaties to patch the flaw. A Premier spokesman denies that Felten's research pinpointed real vulnerabilities and says that the company is cooperating with all ongoing investigations and working to create a secure product.
In early August, however, the California secretary of state's office decertified electronic voting machines built by three companies - including Diebold - because of concerns about security vulnerabilities.
"Had (Diebold) engaged with us, they'd have a reasonably secure system," says Felten. "Instead, they stonewalled, and look where it got them."
But that hardliner attitude is increasingly becoming the exception rather than the typical corporate reaction, Felten says.
"Companies are already making sure that vulnerabilities get fixed and that hackers get credit," he says. "And now that there's competition from third parties who buy vulnerabilities, they'll have to move even faster."
Source : channelnewsasia.com
Wednesday, September 19, 2007
And Now For Something Completely Different
And now for something completely different
A tribute to Monty Python's (Flying Circus)
How Not To Be Seen
The Dead Parrot
ENJOY!
Malware becoming more sophisticated, warns IBM
Malware becoming more sophisticated, warns IBM
"Exploits as a service" industry continues to thrive
Computerworld UK staff (Computerworld UK) 18/09/2007 08:24:39
IBM has reported an increase in malware volume and sophistication as part of its security statistics report for the first half of the year.
So far this year, its X-Force research and development team has identified and analyzed more than 210,000 new malware samples, which is more than the total number of malware samples observed over the entirety of last year.
According to IBM, the "exploits as a service" industry continues to thrive, with the new practice of "exploit leasing" added to the repertoire of criminals. By leasing an exploit, attackers can now test exploitation techniques with a smaller initial investment, making this underground market an even more attractive option for malicious perpetrators.
According to the report, Trojans (seemingly legitimate files that are actually malware) are the most common form of malware this year, accounting for 28 percent of all malware. Last year, by contrast, Downloaders was the most common category -- a low-profile piece of malware that installs itself so that it can later download and install a more sophisticated malware agent.
"The X-Force security statistics report for 2006 predicted a continued rise in the sophistication of targeted, profit-motivated cyber attacks," said Kris Lamb, director of X-Force. "This directly correlates to the rise in popularity of Trojans that we are witnessing this year, as Trojans are often used by attackers to launch sustained, targeted attacks."
But running counter to historical trends, X-Force reports a slight decrease in the overall number of vulnerabilities uncovered in the first half of 2007 versus the first half of 2006. A total of 3,273 vulnerabilities were identified in the first half of this year, down 3.3 percent year-on-year. However, the percentage of high impact vulnerabilities has gone up since 2006 from 16 percent to 21 percent for the first half of 2007.
A similarly unexpected trend in the report is the decrease in spam message size. IBM said the fall corresponded with a decrease in image-based spam.
"The decrease in spam message size and image-based spam is a result of spammers adopting and experimenting with newer techniques, such as PDF- and Excel-based spam, as a means to more successfully evade detection by anti-spam technologies," said Lamb.
Source : computerworld.com.au
Tuesday, September 18, 2007
Vasilis Leventis Tribute
Unfortunately,Vasilis Leventis,the most honest and capable Greek politician,didn't make it to the Parliament...
This is ILL_Natured_gr's team Tribute to this great man...
A special thanks to Mr. Panos Fidis for the making of this video!
World's Most Bizarre Statues
In front of the Ernst & Young building (Los Angeles)
(Prague)
(Oslo, Norway)
(Potsdam, Germany)
(Springfield, Missouri)
"The Shark" (Headington, Oxford)
(Singapore)
In front of the Bukcheon Museum (Seoul, Korea)
A contemporary representation of Charles La Trobe in central Melbourne (This temporary installation was removed at the end of June 2006 and has been acquired by La Trobe University).
Statue of a giant piece of shit (Ponta Grossa, Brazil)
Source : oddee.com
How to Create Your Own Religion
How to Create Your Own Religion
Steps
1. Research to find problems in current religions. You'll need some backup when the critics pick apart your theology.
2. Have a moment of enlightenment (something supernatural that intervenes with your daily routine that is habitually unexplainable). This step is not necessary, but helpful.
3. Construct a thought system that is not explainable, it does not have to be characterized in human or animal form, but most are.
4. Set core values and doctrine for others to follow and read.
5. Make sure that your deity and your creed (core point to your religion) follow a few ostensibly moral beliefs (i.e. its not ok to kill, it's not ok to hit people looking in the other direction.)
6. Give an awesome name to your god/deity/spiritual guidance. No one wants to follow in the footsteps of someone named Doofy Fandangle.
7. Most modern religions are centred around a set of opposing forces and/or entities. Make sure that your set includes this sort of conflict along with a brief summary of the history of the conflict between each faction.
8. Create some medium of communication, preferably via a head spirtual advisor for your religion (prayer, sacrifice, etc.) Without guidance or enlightment, you lose the element of connectivity. Most modern people want a theistic deity to follow.
9. Bring all the set of principles to a written authoritative book created through divine inspiration. Make sure there are parts of it that are not so easily understood, this makes people feel there is something beyond and crutial in meaning. Include sayings and proverbs that are easy to memorize plus stories with characters people can identify with.
Tips
-If you choose a diety, your spirtuality motivator (god, deity, etc.) does not have to be all-powerful, just really smart.
-If you choose a diety, it's not necessary, but you can choose an attire that enhances the appeal of that who you serve.
-There should also be some sort of rewards/punishment system. These can be governed depending on the status of your religion.
-If you so desire, have some symbols in your religion that refer to your beliefs, its congregation, etc.
-People grant respect out of fear and/or love. Use these powerful subconcious desires to the advantage of your new religion.
-Remember, even science was a religion at one time, and now look how pervasive it is, do not be frustrated if you are punished for your beliefs.
Warnings
-If you choose a diety, Do not exploit your deity with door-to-door sales techniques. No one should have to "buy" into your religion, they should be "drawn" towards it.
-Do not structure your religion with too many parallels to already founded religions. Nobody likes a copycat.
-Avoid announcing a doomsday, its old news and has lost credibility. However, if unavoidable to gain quick support, make sure the dooms day in question is far away enough so you will not be lucky enough to witness it.
-Try to create your religion for no apparent reason. Religion is a sacred thing, and should be toyed with. If you make up a religion with no belief in it, it's sort of defiling the sacred part of religion, so it will be much stronger and spread quicker.
-If you make up a religion, then be sure to have faith in it.
-If you are doing this, make sure that you don't let it get past your own ability to stop it. Many people change their minds, but if it's you, you might want to make sure your followers aren't left going down a whim of your fancy.
-SPECIFY if your relegion is just for a story, or for actual use. It would be really embarrasing to have followers who come to you for answers to their numerous questions and you only went into enough depth for a short story.
Source : wikihow.com
List of unusual deaths in the 21st century
List of unusual deaths in the 21st century
2001: Bernd-Jürgen Brandes was stabbed repeatedly in the neck and then eaten by Armin Meiwes. Before the killing, both men dined on Brandes' severed penis. Brandes had answered an internet advertisement by Meiwes looking for someone for this purpose. Brandes explicitly stated in his will that he wished to be killed and eaten. This is referred to in the song "Mein Teil" ("My Part") by German NDH band Rammstein.2002: Richard Sumner, a British artist suffering from schizophrenia, disappeared and was not located again until three years later when his skeleton was discovered handcuffed to a tree in a remote forest in Wales. Police investigators determined the death was a suicide, with Sumner securing himself in the handcuffs and throwing the keys out of reach.
2003: Brian Wells, a pizza delivery man, was killed by a time bomb which was fastened around his neck. He was apprehended by the police after robbing a bank, and claimed he had been forced to do it by three people who had put the bomb around his neck and would kill him if he refused. The bomb later exploded, killing him. In 2007, police alleged Wells was involved in the robbery plot along with two other conspirators.
2003: Brandon Vedas died of a drug overdose while engaged in an Internet chat, as shown on his webcam.
2003: Timothy Treadwell, an American environmentalist who had lived in the wilderness among bears for thirteen summers in a remote region in Alaska, was killed and partially consumed by a bear, along with his girlfriend Amie Huguenard. The incident is described in Werner Herzog's documentary film Grizzly Man.
2004: Bobbi McKennon, a 16 year old teenager from Maryland was killed while imitating a stunt from MTV's Jackass. McKennon was on a Merry-go-round while one of her friends wrapped a rope around it and had it attached to a pickup truck, causing it to spin rapidly but McKennon lost her grip and was thrown into the street, she later died from her injuries.
2005: Kenneth Pinyan of Seattle died of acute peritonitis after submitting to anal intercourse with a stallion in the town of Enumclaw, Washington. Pinyan had done this before, and he delayed his visit to the hospital for several hours out of reluctance for official cognizance. The case led to the criminalization of bestiality in Washington. His story was recounted in the 2007 documentary film Zoo.
2005: 28-year-old South Korean, Lee Seung Seop, collapsed of fatigue and died after playing Starcraft for almost 50 consecutive hours in an Internet cafe.
2006: Steve Irwin, a television personality and naturalist known as The Crocodile Hunter, died when his heart was impaled by a short-tail stingray barb while filming a documentary entitled "Ocean's Deadliest" in Queensland's Great Barrier Reef. Ironically, the stingray was not the creature being filmed. It was deemed "not dangerous enough" to be featured in the documentary.
2006: Alexander Litvinenko, a former FSB operative and Russian expatriate who had been investigating the murder of Russian journalist Anna Politkovskaya, was intentionally poisoned with polonium-210, an extremely rare radioactive metalloid.
2006: Cheryl Sarate, a 16 year old student in the Philippines, died of severe burns suffered when her costume caught fire during a college beauty pageant.
2006: Mariesa Weber, a 5'3" Florida woman, fell behind a 6' tall bookcase in her family's home and suffocated. She was not discovered for 11 days; her family thought she had been kidnapped.
2006: Ohtaj Humbat ohli Makhmudov a 45 year old Azerbaijani man lowered himself by a rope into a lion enclosure at the Kyiv zoo and shouted to horrified zoo visitors, "God will save me, if he exists!" Moments later a lioness pounced on him, severing his carotid artery, killing him instantly.
2007: Jennifer Strange, a 28-year-old woman from Sacramento, died of water intoxication while trying to win a Wii console in a KDND 107.9 "The End" radio station's "Hold Your Wee for a Wii" contest, which involved drinking large quantities of water without urinating. She placed second in the contest.
2007: Kevin Whitrick, a 42-year-old man committed suicide by hanging himself live on a webcam during an internet chat session.
2007: A naked man and woman in Columbia, South Carolina, died after falling off the roof of a local restaurant during, apparently, a sexual encounter. Their bodies were found by a cab driver.
2007: An Australian woman was killed after her pet camel attempted to have sex with her.
Source : en.wikipedia.org
Monday, September 17, 2007
A great comment about the Elections
A great e-mail i got from some good friends concerning the elections
Για σας κιριε Ιλ!
Δεν εχουμε γνοριστι! ιμαστε ι παπιες του εθνικου κιπου! Ιδαμε τα ορεα πολιτικα σας σχολια στο πισι του Σπυρακι που ινε καλος μας φιλος κε μας αρεσαν! και πιραμε το θαρος να σας ενιμερωσουμε γιατι μαλον τορα θα ξηπνατε! εμις δεν ψιφισαμαι αλα πιγαμε μαζη με το σπιρακη για παρεα, ο οπιος τορα ινε μεσα και παρακολουθι τις εξελιξις τρογοντας. (....μα πως μπορει;;;)
Ειδαμε πολυ κοσμο να περιφερετε και να χαμογελα και καταλαβαμε οτι κατι καλο εγινε!
Απο οτι μαθαμαι, κερδισε η νεα δειμοκρατια, δεν ξεβρουμε τι κωμα ιστε εσις αλλα αν περιμενετε κανενα διορισμο κσεκινιστε πανηγηρισμους, στα τελεφτεα 3,5 χρονια διοριστηκαν 400.000 ατωμα απο οτι ακουσαμε.
Το ΠΑΣΟΚ καταποντιστηκε γιατι οι ανθρωπι δεν αντεχουν αλλα ψεματα κε ιδικα οσοι βολεφτικαν, δεν ανεχοντε πλεον το ρουσφετι κε την αναξιοκρατια κε μπραβο τους!
Τα αριστερα κοματα ανεβηκαν αρκετα, δεν καταλαβαινουμε γιατι... δεν πρεπει να ινε θεμα υδεολογηας (λογικα αν στις εκλογες επεζε ρολο η υδεολογηα, προτο κομα θα εβγενε το λεφκο) μαλον ινε μοδα ....κε πολυ φοβομαστε οτι σε λιγο κερο ο Ασλανις κι ο Κοστετσος θα ξεφουρνισουσι καμια κολεξιον με τσε γκεβαρα κε ψιλοτακουνες αρβυλες κε θα τρεχουν στο Κολονακι, και στην επαρχια, φισικα...
Ο Καρατζαφερις φενετε οτι θα μπι στι βουλι κι αν ολα πανε καλα ισος μπι κι η υποψηφυα με το κομα του "Εφι Σαρρη-ψωλεω σε ξεχασαμε", να σινε χυσι μεσα απο το κυνοβουλιο τον καλο της αγωνα για τιν ορθοδοξια.
Εμις ,αν ψιφιζαμε, θα ψιφιζαμε οικολογους μπας κε μας κοιταξει κανεις κι εμας τα ζωντανα, αλλα δυστυχως δεν μας επιτρεπετε.
Τι λετε;.... Δεν ινε κριμα;... ΖΩΑ ΔΕΝ ΙΜΑΣΤΕ ΚΙ ΕΜΙΣ ;;;
Greek Elections (in pictures!)
7:00am Elections begin...
Mr. Karamanlis is cheerful...
...and Mr Papandreou is cheerful too!
1pm Lunchtime
People are showing Mr. Karamanlis their love...
...and Mr. Karamanlis shows some love to his voters too!
7pm End of voting - Exit Polls
Both of them are watching tv & speaking on the phone...
11pm The election result is final
Mr. Karamanlis is full of joy!
Mr. Papandreou gets a nice present from his fans despite his loss!
Conclusion : As we said it yesterday...
Sunday, September 16, 2007
Subscribe to:
Posts (Atom)
