Skip to content

Posts tagged ‘video’

8
Jun

Steve Jobs Presents New Apple Campus to Cupertino Council [Updated]

Just a day after his keynote at the World Wide Developer Conference, Steve was giving a different kind of presentation… to the Cupertino Council.

Five years ago Apple purchased a large chunk of land from HP, and have been planning on building a new campus to house 12,000 employees. As Steve explained (and this guy can sell anything), the new campus will feature a beautiful circular building, to be set in a massive landscaped park. The picture below shows how close it’ll be to Apple’s headquarters at 1 Infinite Loop, and a mock-up of what it will look like from space (likely the setting of Apple’s new campus in 2098).

The campus will even feature its own natural gas power station, because it seems like Steve doesn’t trust the electricity company. The entire project is pegged for completion by 2015.

[Updated 9/06/2011] Steve has made his coucil presentation slides available (PDF). Details have emerged that the architect will probably be Norman Foster.

Hit the jump for a video of Steve’s pitch to the council. Read moreRead more

11
May

BackTrack 5 “Revolution” Released

The most popular security and penetration testing Linux distribution has been updated once again, this time built from scratch! BackTrack 5, codenamed “Revolution”, is based on Ubuntu Lucid LTS with kernel 2.6.38, and brings with it full 32 and 64-bit support, an ARM-compatible image, forensics and stealth modes, KDE (4.6) and Gnome (2.6) desktop environments, and (allegedly) over 350 updated security tools including Metasploit 3.7.0. Best of all it’s “aligned with industry methodologies”! Whatever that means ;)

It appears BackTrack 5 will only be available torrents for the time being. The torrents are available in the following flavours: Gnome ISO (32bit, 64bit, ARM img), Gnome 32-bit VMware Image, KDE ISO (32bit, 64bit). Here’s the BackTrack downloads page. Those of you wondering which flavour to get between Gnome and KDE, it’s largely dependent on one’s taste, but the BackTrack guys appear to be favouring Gnome (which was the default Ubuntu graphics environment). If you have no idea what to get, then grab the Gnome 32-bit ISO (or VMware image) using the links above. I recommend Transmission (Mac) or uTorrent (Mac/PC) for BitTorrent clients. For anyone who hasn’t used BT before, the default username and password is root/toor.

BackTrack is a great tool for network security specialists and penetration testers, but it’s an even more valuable resource for people looking at learning more about application and network security (and Linux). Although I do have an Ubuntu install, I tend to use BackTrack more often due to the convenience (when I’m not using OSX that is ;).

It’s not possible to upgrade from BT4r2 to BT5, so those of you with installations of BackTrack 4 will need to reinstall (or download the new VM).

Check out their shiny promotional video below!

[Updated] BackTrack 5 R2 is now available, and brings a new kernel and 42 new tools. You can update your existing BT5 (R1) installation by running:

echo “deb http://updates.repository.backtrack-linux.org revolution main microverse non-free testing” >> /etc/apt/sources.list

apt-get update

apt-get dist-upgrade

1
Apr

Portal 2 Will Be Awesome

The Fortuitous Day of Exalted Happiness – aka the release of Portal 2 – is fast approaching. Steam currently have the release pegged for the 21st of April. For those of you who have no idea what I’m talking about, or why I’m talking about games at all, Portal is a physics-based game where the player must use well-placed portals and other objects in order to escape from the level. In security terms (because that’s all some of you understand), you have to manipulate or bypass a variety of access control mechanisms through the clever use of basic objects and environmental features, in order to defeat physical security and get out. Failure to do so generally results in death by falling, drowning, squashing or other similarly unpleasant ends.

Although the original Portal was excellent, Portal 2 takes this to the next level with significantly improved graphics, much larger environments, new interactive elements and co-operative multiplayer. Thanks to Steam it will run on both Mac OS X and Windows.

I’ll stop talking now so you can watch the video below and then pre-order it… go on… I’ll wait here.

3
Mar

The Slippery Slope of Civil and Human Rights at Toronto’s G20 Protests

Every year, representatives from the G20 (top 20 economic countries) get together to discuss issues pertaining to international finance. Every year, people from all political and sociological beliefs get together to protest (most of them peacefully) for their particular cause. Last year, at Toronto’s G20 summit in June 2010, it all went horribly wrong; and for the first time that I can remember, a developed and democratic western country revealed just how easily civil and human rights can be swept away, and police be used to control innocent civilians.

The video below, entitled Under Occupation, provides real and shocking accounts of the events that transpired that week. Watch it.

27
Feb

New Mac OS X Backdoor Trojan (BlackHole RAT) in Development [Updated]

A ‘trojan’ targeting Mac OS X users, dubbed BlackHole RAT, appears to be in development. It’s a variant of a well-known series of malware called Remote Access Tools (RAT) that primarily targeted Windows. It should be noted that on its own, the trojan does not exploit OSX, instead relying on the user to unknowingly ‘install’ it. This is often done under the guise of pirated software, video plugins on porn sites, or from other non-reputable software sources. Although the details are not entirely clear, it appears like your computer needs to be directly accessible from the internet.

This ‘trojan’ (note the intended air quotes) has been blown out of proportion and does not pose a significant level of risk. Macs are not ‘less secure’ because of this tool, as it’s something that could be coded by any 14-year old with a relatively basic knowledge of programming. It’s essentially a normal application whose purpose is to accept connections from its owner, and allow them to perform actions on your computer, etc.

Hit the jump for the full details, a video and download link. Read moreRead more

25
Feb

Anonymous Deface Westboro Baptist Church Site Live On Air

Anonymous recently found themselves entangled with the Westboro Baptist Church (WBC) after the homophobic religious zealots published a taunt where they dared the hacktivist group to ‘bring it’. Anonymous quickly announced that they had never threatened the church in any way. I’m inclined to believe them because, as lame and hateful the church and their members are, Anonymous are busier fighting for freedom in North Africa and the Middle East than they are exposing ridiculous religious groups in Kansas. Instead, another hacktivist known as th3j35t3r (@th3j34t3r) joined in the fight, bringing down five of WBC’s hate-spewing websites.

Not happy to leave the matter alone, or rather perfectly happy for some more media whoring, Westboro decided to go on air and pour some fuel on the fire. In the interview Shirley Phelps-Roper, a ridiculously immature and inarticulate representative of WBC, faced off against a comparatively calm and bemused representative of Anonymous. Anon reiterated that they did not initially threaten WBC, and during the interview proceeded to deface one of the church’s sites with a message from the group. Excerpt:

Your continued biting of the Anonymous hand… has earned you a swift and emotionless bitchslap, in the form of this very message. […] For this unremitting display of overzealousness, we award you no points. Take this defacement as a simple warning: go away. The world (including Anonymous) disagrees with your hateful messages, but you have the right to voice them. This does not mean you can jump onto Anonymous for attention.

These WBC idiots really make me rage, and they make honest Christians look bad. Anonymous, th3j35t3r, I tip my hat to you on this one. Check out the video of the interview below.

11
Feb

Researchers Extract iPhone Data and Passwords in Minutes

A group of German security researchers from the Fraunhofer Institute for Secure Information Technology have discovered a way of extracting personal information and stored credentials from a locked iPhone, by way of a jailbreak. By gaining physical access to an iPhone (or iPad/iTouch), an attacker is able to reboot it into recovery mode, thus allowing them to upload their own jailbroken firmware onto the device. As part of this process SSH is enabled and a script can then be uploaded to the device which uses built-in system calls to extract encrypted data (including credentials in the keychain) from the device. See the video below for a demo of their attack, which can take as little as six minutes.

This attack would not be possible without existing jailbreak mechanisms, which effectively bypass the iPhone’s sandbox and allow unsigned code to be executed. The second issue is the way that iOS handles stored data and credentials, allowing any application to request the information. This is actually a prime example of the dangers of having a jailbroken iPhone or iPad, as it makes it much easier for an attacker to execute malicious code on your device.

These kinds of issues are not isolated to iOS devices, and the same would exist on other devices that could be made to run custom scripts. This will be a tricky issue for Apple to resolve, as much of its security relies on a strong sandbox. Their best chance is to try to identify and patch as many of the vulnerabilities that could be used for a jailbreak. They will also need to review the way iOS handles encrypted data, and ensure that data cannot be extracted by arbitrary applications.

Luckily there is not yet a publicly available automated tool to perform this attack, so it is unlikely that a random thief will be obtaining your data. If you’re really worried, you can use Apple’s free Find My iPhone service to remotely wipe your iOS device should it be lost or stolen. Check out my article on protecting and recovering your iPhone from loss and theft for more information.

The team’s original research paper is available here (PDF).

31
Jan

Phil Mocek Acquitted on TSA’s No-ID and Recording Charges

In November 2009, Phil Mocek (@pmocek) was arrested by Albuquerque Police at Albuquerque Airport for not providing a piece of identification, and recording the TSA process on camera (video below). In the US, one’s right to fly is guaranteed by Federal Laws and the Constitution, and as long as you do not break any other laws, local or state police cannot legally prevent you from flying.

Mocek was charged with things like criminal trespass, refusing to obey an officer, concealing his identity, and disorderly conduct. On 21 January 2011, he was acquitted on all charges by a jury without the defense having to call any witnesses or provide any evidence. The prosecution’s case simply did not stand up.

In a previous court case against another man who refused to show ID, the TSA admitted that there is actually no law that requires travelers to present ID in order to be able to fly. In the US, it is also perfectly legal to record video in public areas of the airport, despite what signs, staff or police may claim.

This case is reminiscent of John Tyner, who was thrown out of San Diego Airport for refusing the new TSA (grope) patdown. Note that you may want to familiarise yourself with the relevant laws regarding ID and recording in your own country.

Full details are available here. Well done to Phil for protecting his rights, and in the process, all of ours as well. Speaking of TSA security measures, I thought this recent Dilbert comic was particularly fitting.

28
Jan

OpenLeaks Website Goes Live

The website for the independent whistleblowing platform, OpenLeaks, has gone live. The concept behind OpenLeaks is to provide a secure document delivery dropbox and storage method for would-be whistleblowers. On the receiving end, news organisations, human rights groups, and others will be able to access the files and make them public should they feel it necessary.

Unlike Wikileaks, OpenLeaks plays no part in the actual editorial and publication process, it is a content distribution method that bridges the gap between leakers and publishers.

Check out the video below for their introduction to OpenLeaks:

26
Jan

Pic of the Week: Assange vs Zuckerberg

Stumbled across this picture this week, and although it’s quoting Bill Hader playing as Julian Assange in the Saturday Night Live skit below, I feel the message still makes a point. It’s probably worth reminding people that Assange was voted for Person of the Year by the readers of TIME magazine. In that same vote Zuckerberg came in at a lagging 10th place. I know… how Zuckerberg got it confused me too.

[Update] Here’s an Assange/Zuckerberg mashup picture of the quote above:

css.php