Archive for the ‘The Red Pill’ Category

Vista has improved security!…or something

Thursday, February 1st, 2007

You just gotta love this.  All the ranting and raving about how great Vista is going to be has covered the industry rags for the last year and a half.  I’m sure that great strides have been taken to clean up the mess.  SecurityFocus ran an article earlier this week claiming “Vista raises the bar for flaw finders” touting the new OS.  This quote caught my eye:

“None of the features in Windows Vista, either individually or together, are meant to be bulletproof,” said Stephen Toulouse, senior product manager for Microsoft’s Security Technology Unit. “But the defense-in-depth will significantly raise the security level compared to Windows XP.”

It’s great that they recognize that the bad guys will certainly find holes somewhere.  Time is always on the attackers side.  Defense in Depth is the SOP for all security practices and Vista has gone along way to that end over it’s predecessor. So just when you think the boys and girls in Redmond are on the ball, this breaks on the DailyDave list yesterday from George Ou:

“I recorded a sound file that would engage speech command on Vista, then engaged the start button, and then I asked for the command prompt.  When I played back the sound file with the speakers turned up loud, it actually engaged the speech command system and fired up the start menu.  I had to try a few more times to get the audio recording quality high enough to get the exact commands I wanted but the shocking thing is that it worked!”

So LITERALLY right out of the box Vista is saying, quoting SecurityFocus, “PC, root thyself!”

I love it when a plan comes together.

Reality III

Tuesday, July 18th, 2006

I’ve written before on what Reality is. Basically, it’s the hard facts that we don’t really want to hear or read or experience. The fact we don’t want to face them doesn’t change the fact that it is reality. The best course of action is to face reality with resolve. It appears that the world at large isn’t willing to face the reality that is “the middle east crisis” or terrorism overall. Sadly, it appears now that the Bush Administration doesn’t want to face it either.

The Guardian of London is reporting that the Bush Administration is giving Israel one more week to destroy Hezbollah before weighing in on the “cease fire” side of the debate. One more week isn’t enough time for Israel to complete this particular task let alone hit at the REAL power behind Hezbollah which is Syria(Iran is pretty much beyond Israel’s reach). “One more week” gives Hezbollah a deadline. “One more week” is setting a date for withdrawal. “One more week” is what the “Cut and Run” crowd in the US Congress has been wanting in Iraq. “One more week” isn’t reality.

Reality is welcoming Israel into the Global War on Terror and reminding her neighbors that if they work with her this will all be over sooner. Israel has shown remarkable restraint over the past decade while Palestinians blowup discos, weddings, markets, buses, and restaurants all over the country. They have offered the Palestinians everything they have asked for in exchange for living peacefully with each other. At every turn they have returned to the slaughtering of Israel’s citizens. Hezbollah is no different. Both of them claim their ultimate goal to be the elimination of the “Zionist State”. The only concession they will take is if the entire country follows the lead of those in the fortress Masada. That is reality. Allow Hezbollah to return to their Masters(Syria and Iran) to regroup and refit and we will walk down this same path sooner rather than later. The objective SHOULD be to encourage Israel to continue on with their operations. Encourage the civilized people of Lebanon and Syria to join in the effort to rid their country of barbarians. Press on to Damascus and get this mess over with.

It’s going to happen. It HAS to happen if we are serious about this War on Terror.

Olmert Gets It

Monday, July 17th, 2006

2 hours ago PM Olmert said the following:

“Citizens of Israel, there are moments in the life of a nation, when it is compelled to look directly into the face of reality and say: no more,” he said.

“And I say to everyone: no more. Israel will not be held hostage – not by terror gangs or by a terrorist authority or by any sovereign state,”

“There is nothing we want more than peace on all of our borders,” Olmert told the Knesset. But he said, “Israel will not agree to live with rockets fired on its citizens, he added. “Only a nation that can protect its freedom deserves it,” he stated.

Amen Mr. Olmert. Amen. God Speed in your efforts and God Bless the IDF!

Doesn’t sound like a man who is going to cave to the “balanced response” crowd does it? Over at HotAir a commenter, Creed, offered up this phrase from Menachem Begin from the last Lebanon adventure in 1982:

The hour of decision has arrived. You know what I have done, and what all of us have done. To prevent war and bereavement. But our fate is that in the Land of Israel there is no escape from fighting in the spirit of self-sacrifice. Believe me, the alternative to fighting is Treblinka, and we have resolved that there would be no Treblinkas. This is the moment in which courageous choice has to be made. The criminal terrorists and the world must know that the Jewish people have a right to self-defense, just like any other people.

Begin Got It. Olmert Gets It. It’s not common for a Non-Kentuckian to get the Half Horse-Half Gator award but Mr. Olmert, This one’s for you.

CyberJihad target!

Monday, May 1st, 2006

There’s a difference between a victim and a target. Targets are the recipient of some kind of an attack. Victims are typically taken out of action by said attack. Aaron was a target but definately not a victim.
Ya just gotta go read this guy. Last week almost 100 blogs were taken off the air while Hosting Matters masterfully fended off a DDOS attack against Aaron’s site. Naturally I had to go see what all the fuss was about…I’m glad I did. The guy gets it.

This is sorta scary…

Monday, January 9th, 2006

This is sorta scary.

authored by none other than Mr. Metasploit his own self.

Q) Are there any other ways to obtain code execution besides via WMF files
viewed by PFV or Explorer?

A) Yes. Any application that accepts WMF files and calls PlayMetaFile with
the supplied data can be exploited. Some of these only recognize WMF
files with the placeable header, which may prevent the application from
reaching the SetAbortProc function. There are *many* other places where
standard (ie. included with the OS) applications call the PlayMetaFile
function, its just a matter of figuring out which ones can be used to
deliver the malicious WMF content. A potential vector includes the
display of icons stored inside of a standard executable. Viewing these
files in an Explorer directory listing could result in the execution of
code in an embedded WMF file. This has yet to be tested.

Office apps LIVE off WMF files. Think in “micro$oft” terms, I would bet that every application has different “playmetafile” functions. They are so married to the old school of coding, that is to say complete applications ready to stand on their own, that I would almost bet my check that at least SOME of the apps in Office have their own WMF players. You know, tools that aren’t that popular among malware writers…like Powerpoint, publisher, frontpage, and other apps where graphics are used extensively.

Perhaps another week of hell? Give’m time…give’m time…

Abramoff and his buddies

Tuesday, January 3rd, 2006

You are right Michelle, Abramoff is a sleaze bag. Anyone who is knowingly in bed with him is also a sleaze bag.

Call me an idealist but I think public servants should be completely transparent. It should come with the job. There is no more privacy for you. Your tax records, from the moment you are sworn in, becomes public record. I’m not advocating anything here, it’s a fact. Maybe not a legal fact but it is certainly a Red Pill fact. The only way to completely avoid having your privacy stripped from you is to avoid even the appearance of impropriety. That is something the current Governor of Kentucky has failed to grasp. We’ll see how many of our public servants in DC have also failed to grasp it.

We, the people, elect you because we believe in you and your ideas. When you garner the appearance of impropriety your integrity is called into question and we will have no further use for you. At least that is how it should be.

Here’s hoping that few, if any, get caught up in this mess. But for those that do, regardless of party, may you rot in prison for a very long time with a violent cellmate who mistakenly believes you are a child molester. I don’t care if you are Speaker Hastert or Congressman Chandler…Leader Frist or Senator Bunning.

Keep your nose clean folks.

Protect your Privacy Website owners!

Tuesday, November 22nd, 2005

Alright people. There are bad guys in the world that if they take offense at something you put on your website might just try and track you down. Many people sign up with their web host provider and allow that provider to register a domain name. Usually it’s wrapped into the deal and people just jump on it. The webhost, through absolutely no fault of their own, use the account information the new client gave them. This information typically includes their name, billing address, and phone number. That information gets added into the Domain Name System or DNS.

DNS is what makes the world wide web so easy to use. It takes an easilly recognized domain name like “” and ultimately turns it into an IP address like “” which is the webserver that actually holds the information you see when you visit that domain name. Each DNS entry has 2 basic contacts; an Administrative and Technical contact. The webhost who registers your domain name for you will enter your information in the Administrative contact.

“Ok, so what’s the problem?” you ask? Well, here’s the deal, if you go to one of the many “whois” services out there you can query these DNS records and see this information. Let’s say I have decided that I want to do harm to the owner of the blog at C-J-DES.ORG.


Monday, October 31st, 2005

These folks are new to blogosphere at least by this domain. I read their entry about the keyboard and liked their style. Then I read about the spammers and decided I liked their dry wit. Then I read about the “power users” they support and well….I’m hooked.

Then I read this and I’m thinking that maybe I’ve read these folks before…hmmmm…

ISP TechSupport

Thursday, August 25th, 2005

Bellsouth Dialup tech support is a joke. Okay, I know these folks get calls from the below-Novice level users and have to go over their “list” but good grief…give us serious geeks a break!

I called last night trying to address a series of drops, timeouts, and generally poor throughput and had to put up with a person who was CONVINCED it was my machine. She wanted to adjust my IE settings(I haven’t used IE for ANYTHING since I’ve owned this computer and before that it was probably a couple years). Then she wanted to adjust my Virus scan install(I have it tweaked the way I like it thank you). Then she wanted to rebuild the dialup profile(don’t waste my time). She wasn’t going to listen to me. I told her the symptoms and the range of tools I experienced the symptoms with. I explained that if I crafted a packet with the URGENT flag set I could get reasonable throughput for about 5 minutes. The woman LAUGHED AT ME! What? Do you not trust me? TEST ME THEN! I was ready to reach through the phone and choke this innocent individual!

I hung up on her and went on the hunt for Satellite ISP that is reasonably priced. I’ll have a long LONG hunt it would seem. I know this, I won’t call for help again…it isn’t good for my blood pressure.

Netcat Tutorial

Tuesday, June 14th, 2005

This is one of few Netcat tutorials I found of late that’s simple to understand for the neophyte and includes where to get the source and how to get the thing installed. From my experience, alot of new folks to Security world come to the Red Pill with alot of Windows experience and can almost spell Linux. Unfortunately some of the most powerful security tools are only found in the Linux environment. While there is a port for Netcat to Win32, Netcat in it’s native Linux environment is still the standard.

So…if you have taken the Red Pill…go here. If you have no interest in the REAL world of the big bad Internet then maybe the Blue Pill is for you.