Networking

In a corner of a two-storey office
block in a modern business park
just off the motorway near
Gloucester in western England,
there is a room. Sealed off by
thick, floor-to-ceiling panes of
glass and a stout wooden door, it
looks like a scaled-down version
of the high-tech bunkers typecast
by Hollywood as the place from

The Register has posted a
story about some news that was
just published in BugTraq and
is really making a mountain
out of a molehill... Thomas
Greene elaborates "Some bright
empiricist from Root-Core has
discovered that anyone can log
into their Hotmail account and
then call messages from any

AirSnort is a wireless LAN (WLAN) tool which recovers encryption keys. AirSnort operates by passively monitoring transmissions, computing the encryption key when enough packets have been gathered. 802.11b, using the Wired Equivalent Protocol (WEP), is crippled with numerous security flaws. Most damning of these is the weakness described in "Weaknesses in the Key Scheduling Algorithm of RC4 " by Scott Fluhrer, Itsik Mantin and Adi Shamir. Adam Stubblefield was the first to implement this attack, but he has not made his software public.

When the Internet first surfaced to the general public in the early 90's everyone welcomed the beginning of a new era. Many hopes were floated and everyone seemed to be of the opinion that the Internet would change the standard of living for every individual. Of course, along with Internet came the blooming of on line credit cards and the convenience of Online Shopping coupled with a frenzy new products and loads of discount offers. Just when everything seemed to be "too good to be true" came the era of so called code breaker-crackers.

There's an extremely serious security problem with GroupWise that requires an immediate patch, but the problem is apparently so bad that Novell can't even bring itself to tell its users what it is.

LEE Alan Ashurst, who was convicted by a court in Dubai for misusing Etisalat equipment, says the prime motive of a hacker is to prove that any network or database can be hacked, thus gaining acceptance of his peers in the hacker sub-culture.

During an afternoon presentation at the Usenix Security conference on Thursday, a researcher at the U.S. Naval Research Laboratory described a technology known as "Onion Routing," which preserves anonymity by wrapping the identity of users in onion-like layers.

"Public networks are vulnerable to traffic analysis. Packet headers identify recipients, and packet routes can be tracked," said Paul Syverson, who works at the NRL's Center for High Assurance Computer Systems. "Even encrypted data exposes the identity of the communicating parties."

Scottish terrorist have threatened to kill England's Prince William and are claiming they have accessed top-secret security information by hijacking a government e-mail address. The Scottish National Liberation Army claims it has been using a hijacked Scottish Parliament e-mail address to correspond with New Scotland Yard on the measures to protect the Prince when he begins studying at St Andrews University, Fife, in a few weeks' time.

A computer student potentially saved businesses millions after he spotted a hacking program infecting their systems.

The "Trojan horse" had already affected at least 400 companies across the world when Matthew Hillman detected it on his home PC.

Mr Hillman, from the Isle of Wight, was using a global chatroom facility when the hacking program, which behaves like a virus, appeared on his machine.

The 18-year-old believes he would not have seen the program, which can wipe out a hard drive, had it not been for what he has learnt on his course.

Hackers will be challenged to penetrate a variety of computer networks early next month with no threat of punishment if they are successful, a network security firm said yesterday.

Parinya Homanek, managing director of Net En Tel Co Ltd, said the first hackers' conference in Thailand would be held on September 3 and 4 with a network of more than 50 powerful servers set up specially for them to try to hack into.