iTunes TOS lol
I went to download the Opera Mini web browser on my iPod Touch (quick review: nice, fast!) and it made me agree to the new iTunes/App Store terms of service. Times like this make me glad I don’t have a credit card associated with the iTunes account at the moment:
I’d love to see some statistics [...]
Interesting Reading, and Red Team Action
I’ve been busy this week teaching part of the intro series of courses we have at the National Forensics Training Center, but I still wanted to post a quick update. I figured I’d share a few interesting things I read this week, and talk a bit about some extracurricular activities going on in our lab [...]
ETA is Leaking, drops a few docs
Well, if you had any feelings that the Electronik Tribulation Army had turned over a new leaf, after declaring themselves to be a whitehat group, disavowing the alleged crimes of their former leader, and opening up their forums for public registration, then it is probably safe to put those feelings to rest. Old habits die [...]
Hold on to your butts
I am currently in the process of setting up a new host for mcgrewsecurity.com . This should be the last post on the old host. I’m just throwing this on here so by the time I switch (probably later today) this will already be in folks’ RSS readers to explain any (hopefully minimal) downtime or [...]
Electronik Tribulation Army gone white-hat(ish)?
If you took a look at the slides for Monday’s lecture (or were there in-person), you might recall that the last slide of content contained quotes from the ETA’s current site on the Internet, eoeta.com. The new leader, “Xon”, has disavowed the actions that led to the previous leader’s arrest, and is very firm [...]
If only we could find a big enough Care Bear…
This is really all you need to know from Dan Kaminsky’s talk, “Something About Network Security”. We got first dibs on it at Black Hat USA 2009:
“If only we could find a big enough Care Bear, we could totally ride this pony.”
I’ll have some slightly more useful Black Hat and Defcon posts once it’s over [...]
US Cyber Challenge: Positive Impact
Poking around on various “hacker” forums, this sort of thing is a common sight:
If I had the stamina and will to maintain a “skiddie clown quote of the day” for any length of time, this would be a prime candidate. Especially this part:
im sick of being hacked ive done nothing wrong expect steal about 200 [...]
Core Security Sends in the Schwag
I meant to post this a little more than a week ago, but all the GhostExodus stuff sort of bumped this up until now. If you’re new to the site because of all the recent action, here are the posts that lead up to this one:
Core Security: You Just Might Not Be Cool Enough For [...]
GhostExodus, the ETA, and a Control System Incident at Carrell Clinic (Part 4)
Previous posts:
Part 1 – Criminal Complaint
Part 2 – GhostExodus Videos
Part 3 – HVAC HMI Screenshots
Note: The language in the videos and quotes on this post have not been censored. This may be not-safe-for-work, for some definitions of work.
In this post, we’ll take a look at some members of the online community’s reactions to Jesse “GhostExodus” [...]
GhostExodus, the ETA, and a Control-Systems Incident at Carrell Clinic (Part 2)
If you haven’t read Part 1 of this story, then you really ought to take a look at it first. It serves as a good overview, and the criminal complaint filed by the FBI is a good read.
Yesterday afternoon was GhostExodus’ detention hearing. I’m not very familiar with the process one goes through after being [...]