Hackers exploit backup tool flaw
Firms told to use firewalls to limit connectivity

Roger Howorth, IT Week 13 Jul 2005
ADVERTISEMENTInternet security organisation the Cert Coordination Center have warned that hackers are exploiting flaws in Veritas Backup Exec software. Cert said firms should check their firewall configurations to ensure that only specified systems can connect to systems running the Veritas backup agent software on TCP port 10000. However, that port is also used by other popular apps, so extra care is needed.

"Specially crafted authentication messages can trigger [a] buffer overflow, making it possible for an unauthenticated attacker to exploit this vulnerability. Exploit code for this [flaw] is publicly available. In addition, we have received credible reports that this vulnerability is being actively exploited to execute arbitrary code with Local System privileges. We have also seen increased scanning activity on port 10000/tcp. This increase is believed to be attempts to locate vulnerable systems running the Veritas Backup Exec Remote Agent," said Cert.

The Backup Exec flaw is one of several publicised a week earlier by Veritas when it released patches for them. But firms need time to test patches before installing them, and are often slow to update vulnerable systems. This leaves a window of opportunity for hackers to break into servers and perhaps install trojan software or steal data.

The problem is particularly acute as this type of backup software is usually installed on critical systems rather than desktops and laptops that can be easily repaired using disk imaging software and remote management tools. "As the Backup Exec Remote Agent may be running on workstations as well as servers, [the remote agent buffer overflow] vulnerability may provide greater opportunity for attack than the other vulnerabilities," said Cert.

Cert advised firms to use firewalls to limit connectivity so only backup servers can connect to the systems being backed up. The standard port for this service is port 10000/tcp. "When developing rules for network traffic filters, realise that individual installations may operate on non-standard ports.
Hackers exploit backup tool flaw - vnunet.com

Rockstar Games blames Hot Coffee on hackers
Controversial publisher breaks silence, says San Andreas sex-minigame mod is the work of external parties.

Following nearly two weeks of building controversy, Take-Two Interactive subsidiary Rockstar Games today addressed charges that the PC version of its best-seller, Grand Theft Auto: San Andreas, contains sexually explicit minigames unlockable by a widely available mod.


In a statement, Rockstar claimed it is not responsible for the so-called "Hot Coffee" mod. Instead, the company said it was the result of "the work of a determined group of hackers who have gone to significant trouble to alter scenes in the official version of the game."

Two ongoing investigations--one by the US-based Entertainment Software Ratings Board (ESRB) and another by an arm of the Australian government--are examining the popular crime game. Specifically, they are looking at whether the sex minigames and nude models featured in them are based on preexisting code, accessed via the mod, or were introduced by the mod itself.

The publisher, which has a reputation for being reticent with the press, has said little since the "Hot Coffee" mod was uncovered. Since then, the debate over the mod's origin has prompted stories in the general media, enthusiast press, and major business and finance outlets.

Today's statement not only fingers hackers as creating the mod, but it also goes into some detail about their modus operandi: "Hackers created the 'Hot Coffee' modification by disassembling and then combining, recompiling and altering the game's source code."

Rockstar added it intends to take steps to ensure the Hot Coffee mod is neutralized. "Since the 'Hot Coffee' scenes cannot be created without intentional and significant technical modifications and reverse-engineering of the game's source code, we are currently investigating ways that we can increase the security protection of the source code."

In addition to addressing the mod's origin, Rockstar also updated the industry on its compliance with the ESRB investigation, saying it was doing all it could to aid the ratings board.

"We are continuing work diligently to assist the Entertainment Software Ratings Board (ESRB) as it investigates the circumstances surrounding the recently discovered "hot coffee" modification. ... We remain confident that the ESRB assigned Grand Theft Auto: San Andreas the correct rating, M (Mature 17+)."
Rockstar Games blames Hot Coffee on hackers - PC News at GameSpot

Death to Hackers!
It's an idea that Draco might have come up with: sentencing convicted hackers to death. But as crazy as it sounds, there's a case to be made for it, says Steven Landsburg, an adjunct associate professor of economics at the University of Rochester.

Interpreting studies about the death penalty's value in deterring crime, Mr. Landsburg estimates that executing a convicted murderer results in social benefits worth, at most, $100-million. Putting a hacker to death would save at least as much, he argues, because computer break-ins cost people about $50-billion annually and because a hacker is more likely to be deterred from committing crimes than a killer. (Slate)

John Tierney, the New York Times columnist, notes that 'practical difficulties' might keep hackers from facing the electric chair and proposes a less-extreme alternative: forcing offenders to work long days at a helpdesk for computer novices. (The New York Times)
The Chronicle: Wired Campus Blog: Death to Hackers!

Boingo Wireless to Offer Global Wi-Fi Access to Skype Customers
Skype Zones client is available for Windows and can be downloaded from the Skype store or the Boingo (www.boingo.com) web site. Skype users will be able to add around 18,000+ Boingo Hot Spots “Skype Zones via Boingo®” service.


Through its roaming system and software technology, Boingo® powers the wireless offerings of major carriers and ISPs, enabling their customers to connect in thousands of hot spots and to carrier 3G wireless systems, all from a single, powerful, carrier-branded software interface. Boingo can augment a carrier's existing Wi-Fi efforts or provide a complete, private-label, turnkey solution.

The combined Skype Zones service is available immediately. It is a beta service during which Skype will solicit feedback from users to ensure optimum service delivery and feature enhancements. The Skype Zones client is available for Windows computers and can be downloaded from the Skype store (www.skype.com) or the Boingo web site (www.boingo.com). Monthly access to Skype Zones is $7.95 per month for unlimited Skype access or $2.95 for a 2-hour connection.
Source: Skype.com

Skype maintains its commitment to user-controlled privacy settings with the ability to block SkypeIn numbers. SkypeIn and Skype Voicemail betas are available with the latest versions of Skype for Linux, Mac OS X, Pocket PC and Windows platforms. The new downloads also include enhanced user benefits such as remote access to their personal contact lists and the ability to import contact lists from other desktop applications.

About Boingo

Boingo provides software technology and roaming services that help bring the wireless Internet to the masses. The company has assembled a large and rapidly growing roaming system with over 18,000 Hot Spot locations under contract around the world. Boingo also invented the world's most powerful software for discovering and connecting to hot spots and 3G wireless networks.

About Skype™

Skype™ is the leading VOIP-category product worldwide, with more than 35 million registered users increasing by more than 150,000 new users per day.

All product names and trademarks belong to their respective owners.

Key hacker magazine faces closure
The in-house magazine of the digital underground, Phrack is closing after 20 years as its editorial team steps down.
As much manifesto as hacking handbook, the magazine was hugely influential in the early days of hacker culture.
It was very closely associated with legendary hacking groups such as the Legion of Doom that were the first serious explorers of cyberspace.
As hackers moved from dial-up bulletin boards on to the net, the magazine kept its place as a knowledgeable, and often
scurrilous, source of security information.
For instance, issue 62 of Phrack contained articles about getting round Windows buffer overflow protections, advances in Windows shellcode, attacking Apache and hijacking wireless base stations.
History lessons
'Phrack is still really well known,' said Ollie, current editor of the magazine. 'There are a lot of security magazines but no hacking magazines.'
Stan, a regular Phrack contributor, said the fact that it had survived for 20 years gave it a great deal of influence.
'There are a lot of groups that put out their own magazines and they usually last about three issues,' he said.

Ollie said that Phrack had evolved as hacking had changed and said that the basic skill level hackers need to build up was rising all the time.

"It's much harder to get to a point where you can actually do stuff," he said. "You have to learn much more and read many more books. The entry level of skills has been raised."

The deadline for sending in articles for the last issue is 10 July.

To commemorate Phrack's final appearance, issue 63 will be a hardback edition available at the Defcon and WhatTheHack2005 hacker conventions.

The first issue of Phrack was published on 11 November 1985 and much of the information it detailed was about phreaking - essentially hacking the phone system.

This was because in 1985 the only place hackers talked to each other was via dial-up bulletin board systems. At that time the net was almost an entirely academic, governmental and military network. Commercial use of it was prohibited.

Legal challenge

Phrack originated on a bulletin board known as Metal Shop but its issues were held by any board that wanted to consider itself part of the digital underground.

Phrack's main contributors, Taran King and Knight Lightning, boosted its popularity by writing profiles of well-known hackers, such as Erik Bloodaxe and The Mentor, and searching out articles that expanded people's knowledge of how telephone and computer networks worked

The magazine got caught up in the series of raids on hackers and hacker groups that took place in the late 1980s and early 1990s.

Phrack editor Knight Lightning, aka Craig Neidorf, was arrested, charged with fraud and tried before a grand jury for reprinting most of a confidential document, known as the E911 document, stolen from the Bell South telephone company. Bell South claimed that the confidential E911 document contained sensitive information and put its value at $80,000.

The case became a cause celebre for the digital underground and Mr Neidorf's defence was organised by the fledgling Electronic Frontier Foundation.

The case against Mr Neidorf collapsed when it was shown that the E911 paper could be ordered by phone from Bell South for only $13.

Bruce Sterling, author and digital lifestyle guru who wrote about Phrack in his 1992 book The Hacker Crackdown, thought it unlikely that the magazine would disappear for ever.

"I'd be surprised to see the thing stay dead," he told the BBC News website, "They've got no fixed address and anonymous contributors."

"Any set of unruly teenagers could start Phrack up because that's who started it in the first place."

Ollie from Phrack said that the team would be happy to hand it over to a new group that wanted to start it up again.
BBC NEWS | Technology | Key hacker magazine faces closure

A hacker penetrated a University of Southern California database, putting personal information of 270,000 applicants at risk
USC officials told the Los Angeles Times they believe the hacker looked at only a few files.

"All of our forensic analysis tells us that there was no massive download of data," said L. Katharine Harrington, dean of admission and financial aid.

Information security officer Robert Wood said the hacker was a prospective student who discovered the security flaw, looked at a few files and then notified an online security company of what he had done. That company notified USC.

The database was part of a Web site for online applicants and included names, addresses and social security numbers for applicants going back several years.

Wood said the FBI has been notified about the incident, but he said criminal charges are unlikely.

Hacker gets into USC data base