Hakiri

Badass looking suit stops bullets. Designed by Tim Smit, the USS is made of neoprene, though it’s also lined with body-molded Kevlar to ensure you can stop bullets while turning heads. (DVICE)

Yet another Microsoft ad on Security. Hey, they are good :)

For the next post, I’ve prepared one of my favorite Microsoft ads, but you have to wait to get it.

Dan Geer is one of a small number of pioneers in the security world that raised critical issues before others could see a risk emerge. He is most recently known to many as the chief architect for Verdasys, a data security software company that focuses on end point solutions. He published a 2003 paper arguing that Microsoft was a monoculture; he was fired the day the report was made public. In the following video, Dan Geer goes to a great extend comparing biology and information security science and draws some very intriguing and unique conclusions.

The full text of his speech can be found here. Very interesting if you are into these kind of stuff.

The New Face of Cybercrime is quite interesting and very inspirational video footage that may open up your eyes a little bit wider.

The video features several known security experts that will make you shake your head in disbelieve when you learn how easy is to pull most of the hacks that happen today.

The world is quickly going online. While I caution against online voting, it is clear that online gaming is taking the Internet by storm. In our new age where virtual items carry real dollar value, and fortunes are won and lost over items that do not really exist, the new threats to the intrepid gamer are all too real. To protect against these hazards, you must understand them, and this groundbreaking book is the only comprehensive source of information on how to exploit computer games. Every White Hat should read it. It’s their only hope of staying only one step behind the bad guys. Amazon

I did some research on online games as well and I must agree with both Greg Hoglund and Gary McGraw that this is very much unexplored hacking discipline when compared to the security industry as a whole.

The 24th Chaos Communication Congress (24C3) is the annual four-day conference organized by the Chaos Computer Club (CCC). It takes place at the bcc Berliner Congress Center in Berlin, Germany. The Congress offers lectures and workshops on a multitude of topics and attracts a diverse audience of thousands of hackers, scientists, artists, and utopians from all around the world. The 24C3s slogan is Volldampf voraus! the German equivalent of full steam ahead a particular request for talks and projects featuring forward looking hands-on topics. Chaos Communication Congress

The video above shows some highlights from last years event. If you have some spare days between XMas and New Year, you must check it out. CCC is considered as one of the best hacker events in Europe.

Alexander Sotirov, a.k.a Solar Eclipse, is a well known security researcher who specializes in buffer overflow exploit development and binary reverse engineering. In the following video, Solar gives a couple of simple advices which may come as a breakthrough for the readers who are new to the fields of binary software hacking.

To summarize his word, buffer overflow exploitation starts and finishes with a crash. The crash occurs due to the fact that the input supplied to the program hasn’t been correctly sanitized. In most cases, this results into overwriting a memory segment behind a buffer. This segment often contains data which is crucial to the program execution. If the corrupted buffer is in fact a local variable relative to a function (could be C/C++ main as well), then we are dealing with a stack-based buffer overflow which traditionally is very simple to exploit. In case the buffer is dynamically allocated at runtime (malloc and the rest of the family), we are dealing with heap-based buffer overflow which often is very hard to work with. There are other conditions we have to keep in mind although stack and heap overflows compose the majority of all bin software vulnerabilities.

No matter whether it is stack or heap based exploitable condition, the simple fact is that buffer overflow vulnerabilities are often very easy to locate, although they may require a bit of time to exploit. As long as you can supply data, which influences the EIP register at runtime, you are on the right path. The next step is to identify the type of vulnerability by tracking the execution path a couple of instructions back. From that you should be able to see whether the execution is caused by RET or some function pointer. And all in all, this is all what buffer overflows are. Of course, based on the circumstances, you might make use of several other techniques (nops, return to libc, exception handler overwrites, bla, bla), which help to bypass certain restrictions. However, the first step is always to find the crash.