DOCSLIB.ORG

1972 Can Be Made with the Use of a Blue Box and a Plastic Toy Whistle That Comes in Cap’N Crunch Cereal Boxes

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

History 329/SI 311/RCSSCI 360 Computers and the Internet: A global history The Dark Side: Hackers, Spam, and Black Markets Today } Revisions to the syllabus and end of the course } Hackers } Spam } Vandalism on Wikipedia } Black markets on “darknets” } Next time Proposed changes to syllabus } April 7: session on China } Guest lecturer Silvia Lindtner } Last class April 12 — NO CLASS April 14 } No final exam — 1250-1500 word essay instead } Why does history matter? How has learning the history of computers changed your view of the present? } Adjustment to percentages for final grade } Midterms 1 and 2 – each 30 pct of grade (was 20) } Final essay — 10 pct of grade Hackers Tweet this John Draper, A.K.A. “Captain Crunch,” discovers that free phone calls 1972 can be made with the use of a blue box and a plastic toy whistle that comes in Cap’n Crunch cereal boxes. The whistle duplicates a 2600-hertz tone to unlock AT&T’s phone network. 1979 The first computer “worm” is created at Xerox’s Palo Alto Research Center. The program is meant to make computers more efcient, but later hackers modify worms into computer viruses that destroy or alter data. source (all blue slides): Dell Computer Captain Crunch (John Draper) } “Phreaking” } Built “blue boxes” } Connected with Homebrew computer club } 2600 magazine (1984-) PC hackers (1975-present) } Structure: distributed computing } Individual PCs in homes, offices } PC hacker culture } Far larger, highly fragmented group } Time of day no longer important } Mainframe and mini hackers: usually nighttime, to get maximum computer performance from timesharing systems } Face-to-face social opportunities } Hacker gatherings (Homebrew Computer Club, 2600) } Trade shows } Mainly curiosity and exploit-driven (not criminal) Hardware hackers: the Homebrew Computer Club Silicon Valley, mid-1970s Homebrew and the origins of Apple Network hackers (late 1980s-present) } Structure: Internet, online services, WWW } Usually from PCs } Cyberspace: online interaction } Anonymity: masking of gender, etc., disembodiment } Very large communities: fragmentation } Commerce and finance online: } Hacker/cracker distinction evolves; major criminal acts begin Famous Steiner cartoon, 1993 Tweet this 1983 contact us for vaccination Fred Cohen, a University of Southern California doctoral student, comes up with term 1986 “computer virus.” The first PC virus, “the Brain,” is created. The Brain, however is not destructive, and the The Alameda, 1987 creators included their Cascade, contact information with it. Jerusalem, Lehigh, and Miami viruses are created. Tweet this 1988 A worm is uploaded to ARPANET (Advanced Research Projects Agency Network), the X ancestor of the Internet, disabling about 6,000 computers X by replicating itself and filling their memory banks. Robert Morris, who created and unleashed the virus out of boredom, received three years’ probation and a $10,000 penalty. The first self-modifying 1990 viruses are created. Tweet this Concept, the first Microsoft Word-based virus, spreads worldwide using macro 1995 commands. The virus is spread by opening an infected Word document. 1998 “Solar Sunrise” occurs when hackers 2000 take control of over 500 government, military, and private Hackers use computers computer systems. Authorities at the University of eventually learn that two California California-Santa Barbara teenagers coordinated the attacks. to crash Amazon, Yahoo, eBay, and other websites by flooding their sites with trafc. Tweet this 2001 The Code Red worm causes $2 billion in damage by infecting Microsoft Windows NT and Windows 2000 server software. The virus attempts to use all infected computers to attack the White House website simultaneously, but the worm’s code is deciphered in time and the attack is blocked. 2005 Users of computers infected with PoisonIvy find their computers remotely controlled via the virus. The remote access trojan is used to attack not only personal computers, but chemical and defense companies as well. Tweet this 2008 * * * The Koobface virus spreads through email and social networking sites like Facebook. Once infected, a computer sends its users ads for phony software. Money is exchanged but products are never delivered. 2009 The Conficker (a.k.a Downadup or Kido) worm, best known for stealing financial data and passwords, infect millions of computers. The complexity and infection rate leads to the assembly of an alliance of experts just to stop the complex virus. Tweet this 2010 Stuxnet, a virus created for industrial and economic attacks, is discovered. The worm targets systems used to run nuclear power plants and water facilities and is so large and complex, estimates suggest it was developed by the U.S. or Israeli governments and took more than 10 years to develop. The Ramnit virus is used to steal over 2011 45,000 passwords and accounts on Facebook. The virus attaches itself to a legitimate file, infects a computer, ******** and runs an invisible browser to connect with a hacker. Tweet this 2012 The Heartbleed bug takes advantage of a flaw in the OpenSSL security software library in order to access passwords, encrypted communications, and other sensitive data. Millions of secure servers are exposed to the virus, which in turn afects billions of people. Between Nov. 27-Dec. 15, the 2013 personal data of 70 million customers is stolen when hackers gain access to Targets’ servers. Target discovers the breach on Dec. 13, ******** the event is leaked on Dec. 18, and Target publicly announces it the next day. Tweet this 2014 One dozen Russian hackers steal more than 1.2 billion matching passwords and usernames, and over 500 million email address. The heist is accomplished using viruses to test and ******** exploit vulnerabilities in websites’ SQL code. Hacking evolves } Early hacker communities: mainframes, minis } Unified, local } Competitive, but also cooperative } Highly social (face to face); embodied } Later hacker communities: PCs, networks } Fragmented, distributed } Competitive, but also cooperative } Highly sociable online, but often little face-to-face contact } “White hat” vs. “black hat” } Hackers vs. crackers Spam since 1937… Monty Python’s Flying Circus (1970) The first spam (1978)… …sent to thousands of Arpanet users DIGITAL WILL BE GIVING A PRODUCT PRESENTATION OF THE NEWEST MEMBERS OF THE DECSYSTEM-20 FAMILY; THE DECSYSTEM-2020, 2020T, 2060, AND 2060T. WE INVITE YOU TO COME SEE THE 2020 AND HEAR ABOUT THE DECSYSTEM-20 FAMILY AT THE TWO PRODUCT PRESENTATIONS WE WILL BE GIVING IN CALIFORNIA THIS MONTH. THE LOCATIONS WILL BE: TUESDAY, MAY 9, 1978 - 2 PM HYATT HOUSE (NEAR THE L.A. AIRPORT) LOS ANGELES, CA A 2020 WILL BE THERE FOR YOU TO VIEW. ALSO TERMINALS ON-LINE TO OTHER DECSYSTEM-20 SYSTEMS THROUGH THE ARPANET. IF YOU ARE UNABLE TO ATTEND, PLEASE FEEL FREE TO CONTACT THE NEAREST DEC OFFICE FOR MORE INFORMATION ABOUT THE EXCITING DECSYSTEM-20 FAMILY. History of email spam } 1993: accidental USENET posting first called “spam” } 1994: first large-scale spam } “Global Alert for All: jesus is Coming Soon” – posted to all USENET newsgroups } Early 2000s: a series of criminal convictions, with prison sentences, for spamming } Howard Carmack: sent 800 million messages under aliases } Prison sentence 3.5-7 years } Damages of $14.5 million to Earthlink (ISP) } Early 2000s: introduction of botnets } Command-and-control servers (C&C); slave or “zombie” PCs } Some botnets are good, and legal: scrapers, Internet Archive, etc. Spam volume, 2007-2012 The Gmail spam filter at work (2004-2011) Statistics from an Internet security firm… …and from my own computer source: https://www.incapsula.com/images/blog/images/bot-traffic-report-2013.jpg Botnet C&C server locations worldwide, last 2 weeks C&C = command and control Source: TrendMicro Spamhaus vs. Cyberbunker: a DDoS war (2015) The World's Worst Spammers Up to 80% of spam targeted at internet users around the world is generated by a hard-core group of around 100 known persistent spam gangs whose names, aliases and operations are documented in Spamhaus' Register Of Known Spam Operations (ROKSO) database. This TOP 10 chart of ROKSO-listed spammers is based on Spamhaus views of the highest threat, least repentant, most persistent, and generally the worst of the career spammers causing the most damage on the internet currently. Twitter spambots Network graph of the spambots, 3 levels deep Source: Terence Eden, “This is what a graph of 8,000 fake Twitter accounts looks like,” https://shkspr.mobi/blog/2015/03/this-is-what-a-graph-of-8000-fake-twitter-accounts-looks-like/ Network graph of the spambots, 5 levels deep Source: Terence Eden, “This is what a graph of 8,000 fake Twitter accounts looks like,” https://shkspr.mobi/blog/2015/03/this-is-what-a-graph-of-8000-fake-twitter-accounts-looks-like/ Vandalism on Wikipedia A Wikipedia “edit war” History of entry for “chocolate” “Half of mass deletions are modified within 3 minutes, and half of vulgar mass deletions are modified within 2 minutes” Source: F. Viégas, M. Wattenberg, and K. Dave, “Studying Cooperation and Conflict between Authors with history flow Visualizations,” CHI 2004 Wikipedia entry on “global warming” …we click the “history” tab… …and find entries for “Gardner monk…” Vandalism. Source: R. Stuart Geiger, “The Social Roles of Bots and Assisted Editing Programs,” WikiSym ‘09 A how-to for Wikipedia vandals Reverting Wikipedia vandalism Comment by the poster of this video: “mmmm-mmmm vandals...Twinkle eats you for breakfast....with lots of sugar on top....” Source: https://www.youtube.com/watch?v=aKQbrqikdjI Black markets on “darknets” Darknets } Tor (The Onion Router) — started 2002 } Anonymous, encrypted communication network via 7000+ relays } Location, name, etc. of users very difficult to trace } I2P (Invisible Internet Project) — started 2003 } Peer-to-peer, anonymous } Can run any Internet or Web service Silk Road: a black market run on darknets (2011-2013) Ross William Ulbricht “Dread Pirate Roberts” Next time: Ghana } Reading } “Brief history of Ghana”and “CIA World Factbook on Ghana” } Burrell, “User Agency in the Middle Range: Rumors and the Reinvention of the Internet in Accra, Ghana” (2011) } Wiens, “An Infamous E-Waste Slum Needed Us.
Recommended publications
  • Steve Wozniak Was Born in 1950 Steve Jobs in 1955, Both Attended Homestead High School, Los Altos, California

    Steve Wozniak Was Born in 1950 Steve Jobs in 1955, Both Attended Homestead High School, Los Altos, California

    Steve Wozniak was born in 1950 Steve Jobs in 1955, both attended Homestead High School, Los Altos, California, Wozniak dropped out of Berkeley, took a job at Hewlett-Packard as an engineer. They met at HP in 1971. Jobs was 16 and Wozniak 21. 1975 Wozniak and Jobs in their garage working on early computer technologies Together, they built and sold a device called a “blue box.” It could hack AT&T’s long-distance network so that phone calls could be made for free. Jobs went to Oregon’s Reed College in 1972, quit in 1974, and took a job at Atari designing video games. 1974 Wozniak invited Jobs to join the ‘Homebrew Computer Club’ in Palo Alto, a group of electronics-enthusiasts who met at Stanford 1974 they began work on what would become the Apple I, essentially a circuit board, in Jobs’ bedroom. 1976 chiefly by Wozniak’s hand, they had a small, easy-to-use computer – smaller than a portable typewriter. In technical terms, this was the first single-board, microprocessor-based microcomputer (CPU, RAM, and basic textual-video chips) shown at the Homebrew Computer Club. An Apple I computer with a custom-built wood housing with keyboard. They took their new computer to the companies they were familiar with, Hewlett-Packard and Atari, but neither saw much demand for a “personal” computer. Jobs proposed that he and Wozniak start their own company to sell the devices. They agreed to go for it and set up shop in the Jobs’ family garage. Apple I A main circuit board with a tape-interface sold separately, could use a TV as the display system, text only.
  • A Rule Based Approach for Spam Detection

    A Rule Based Approach for Spam Detection

    A RULE BASED APPROACH FOR SPAM DETECTION Thesis submitted in partial fulfillment of the requirements for the award of degree of Master of Engineering In Computer Science & Engineering By: Ravinder Kamboj (Roll No. 800832030) Under the supervision of: Dr. V.P Singh Mrs. Sanmeet Bhatia Assistant Professor Assistant Professor Computer Science & Engineering Department of SMCA COMPUTER SCIENCE AND ENGINEERING DEPARTMENT THAPAR UNIVERSITY PATIALA – 147004 JULY- 2010 i ii Abstract Spam is defined as a junk Email or unsolicited Email. Spam has increased tremendously in the last few years. Today more than 85% of e-mails that are received by e-mail users are spam. The cost of spam can be measured in lost human time, lost server time and loss of valuable mail. Spammers use various techniques like spam via botnet, localization of spam and image spam. According to the mail delivery process anti-spam measures for Email Spam can be divided in to two parts, based on Emails envelop and Email data. Black listing, grey listing and white listing techniques can be applied on the Email envelop to detect spam. Techniques based on the data part of Email like heuristic techniques and Statistical techniques can be used to combat spam. Bayesian filters as part of statistical technique divides the income message in to words called tokens and checks their probability of occurrence in spam e-mails and ham e-mails. Two types of approaches can be followed for the detection of spam e-mails one is learning approach other is rule based approach. Learning approach required a large dataset of spam e-mails and ham e-mails is required for the training of spam filter; this approach has good time characteristics filter can be retrained quickly for new Spam.
  • Paradise Lost , Book III, Line 18

    Paradise Lost , Book III, Line 18

    _Paradise Lost_, book III, line 18 %%%%%%%%%%%%%%%%%%%%%%%% ++++++++++Hacker's Encyclopedia++++++++ ===========by Logik Bomb (FOA)======== <http://www.xmission.com/~ryder/hack.html> ---------------(1997- Revised Second Edition)-------- ##################V2.5################## %%%%%%%%%%%%%%%%%%%%%%%% "[W]atch where you go once you have entered here, and to whom you turn! Do not be misled by that wide and easy passage!" And my Guide [said] to him: "That is not your concern; it is his fate to enter every door. This has been willed where what is willed must be, and is not yours to question. Say no more." -Dante Alighieri _The Inferno_, 1321 Translated by John Ciardi Acknowledgments ---------------------------- Dedicated to all those who disseminate information, forbidden or otherwise. Also, I should note that a few of these entries are taken from "A Complete List of Hacker Slang and Other Things," Version 1C, by Casual, Bloodwing and Crusader; this doc started out as an unofficial update. However, I've updated, altered, expanded, re-written and otherwise torn apart the original document, so I'd be surprised if you could find any vestiges of the original file left. I think the list is very informative; it came out in 1990, though, which makes it somewhat outdated. I also got a lot of information from the works listed in my bibliography, (it's at the end, after all the quotes) as well as many miscellaneous back issues of such e-zines as _Cheap Truth _, _40Hex_, the _LOD/H Technical Journals_ and _Phrack Magazine_; and print magazines such as _Internet Underground_, _Macworld_, _Mondo 2000_, _Newsweek_, _2600: The Hacker Quarterly_, _U.S. News & World Report_, _Time_, and _Wired_; in addition to various people I've consulted.
  • Hardware and Software Companies During the Microcomputer Revolution

    Hardware and Software Companies During the Microcomputer Revolution

    Technology Companies Hardware and software houses of the microcomputer age James Tam Recall: Computers Before The Microprocessor James Tam Image: “A History of Computing Technology” (Williams) CPSC 409: The Microcomputer era The Microprocessor1, 2 • Intel was commissioned to design a special purpose system for a client. – Busicom (client): A Japanese hand-held calculator manufacturer – Prior to this the core money making business of Intel was manufacturing computer memory. • “Intel designed a set of four chips known as the MCS-4.”1 – The CPU for the chip was the 4004 (1971) – Also it came with ROM, RAM and a chip for I/O – It was found that by designing a general purpose computer and customizing it through software that this system could meet the client’s needs but reach a larger market. – Clock: 108 kHz3 1 http://www.intel.com/content/www/us/en/history/museum-story-of-intel-4004.html 2 https://spectrum.ieee.org/tech-history/silicon-revolution/chip-hall-of-fame-intel-4004-microprocessor James Tam 3 http://www.intel.com/pressroom/kits/quickreffam.htm The Microprocessor1,2 (2) • Intel negotiated an arrangement with Busicom so it could freely sell these chips to others. – Busicom eventually went bankrupt! – Intel purchased the rights to the chip and marketed it on their own. James Tam CPSC 409: The Microcomputer era The Microprocessor (3) • 8080 processor: second 8 bit (data) microprocessor (first was 8008). – Clock speed: 2 MHz – Used to power the Altair computer – Many, many other processors came after this: • 80286, 80386, 80486, Pentium Series I – IV, Celeron, Core • The microprocessors development revolutionized computers by allowing computers to be more widely used.
  • Review on Email Spam Filtering Techniques

    Review on Email Spam Filtering Techniques

    International Journal of Scientific Engineering and Applied Science (IJSEAS) – Volume-2, Issue-3, March 2016 ISSN: 2395-3470 www.ijseas.com Review on Email Spam Filtering Techniques Shiva Sharma1, U. Dutta 2 Computer Science and Engineering Department, Maharana Pratap College of technology Putli Ghar Road, Near Collectorate, Gwalior-474006, Madhya Pradesh, India ABSTRACT- In this paper we present email online messages, blogs, forums, whatsapp and spam filtering and email authorship instant messaging services. Among all CMC, identification. Electronic mail is used by email has remained a key source of written millions of people to communicate around the communication, especially in the last few years. world daily and is a mission-critical Due to its salient features, it is the preferred application for many businesses. Over the last source of written communication for almost 10 years, unsolicited bulk email has become a every population (a part from illiterate) major problem for email users called senders connected to the Internet. It is a very quick, and receivers. And the recent years spam asynchronous written communication channel became as a big problem of internet and that is used for various purposes ranging from electronic communication known as users. formal to informal communication. Email There is developed lot of techniques to fight messages can be sent to a single receiver or them. We presents the overview of existing e- broadcasted to groups known as users. An email mail spam filtering methods is given. The message can reach to a number of receivers classification, valuation and juxtaposition of simultaneously and instantly at singe time. traditional and learning based methods are These days, the majority of individuals even provided.
  • The History of Apple Inc

    The History of Apple Inc

    The History of Apple Inc. Veronica Holme-Harvey 2-4 History 12 Dale Martelli November 21st, 2018 Apple Inc is a multinational corporation that creates many different types of electronics, with a large chain of retail stores, “Apple Stores”. Their main product lines are the iPhone, iPad, and Macintosh computer. The company was founded by Steve Jobs and Steve Wozniak and was created in 1977 in Cupertino, California. Apple Inc. is one of the world’s largest and most successful companies, recently being the first US company to hit a $1 trillion value. They shaped the way computers operate and look today, and, without them, numerous computer products that we know and love today would not exist. Although Apple is an extremely successful company today, they definitely did not start off this way. They have a long and complicated history, leading up to where they are now. Steve Jobs was one of the co-founders of Apple Inc. and one of first developers of the personal computer era. He was the CEO of Apple, and is what most people think of when they think ”the Apple founder”. Besides this, however, Steve Jobs was also later the chairman and majority shareholder of Pixar, and a member of The Walt Disney Company's board of directors after Pixar was bought out, and the founder, chairman, and CEO of NeXT. Jobs was born on February 24th, 1955 in San Francisco, California. He was raised by adoptive parents in Cupertino, California, located in what is now known as the Silicon Valley, and where the Apple headquarters is still located today.
  • The History of Digital Spam

    The History of Digital Spam

    The History of Digital Spam Emilio Ferrara University of Southern California Information Sciences Institute Marina Del Rey, CA [email protected] ACM Reference Format: This broad definition will allow me to track, in an inclusive Emilio Ferrara. 2019. The History of Digital Spam. In Communications of manner, the evolution of digital spam across its most popular appli- the ACM, August 2019, Vol. 62 No. 8, Pages 82-91. ACM, New York, NY, USA, cations, starting from spam emails to modern-days spam. For each 9 pages. https://doi.org/10.1145/3299768 highlighted application domain, I will dive deep to understand the nuances of different digital spam strategies, including their intents Spam!: that’s what Lorrie Faith Cranor and Brian LaMacchia ex- and catalysts and, from a technical standpoint, how they are carried claimed in the title of a popular call-to-action article that appeared out and how they can be detected. twenty years ago on Communications of the ACM [10]. And yet, Wikipedia provides an extensive list of domains of application: despite the tremendous efforts of the research community over the last two decades to mitigate this problem, the sense of urgency ``While the most widely recognized form of spam is email spam, the term is applied to similar abuses in other media: instant remains unchanged, as emerging technologies have brought new messaging spam, Usenet newsgroup spam, Web search engine spam, dangerous forms of digital spam under the spotlight. Furthermore, spam in blogs, wiki spam, online classified ads spam, mobile when spam is carried out with the intent to deceive or influence phone messaging spam, Internet forum spam, junk fax at scale, it can alter the very fabric of society and our behavior.
  • NEWSLETTER Computer

    NEWSLETTER Computer

    NEWSLETTER Computer x ' ' - 4 i■ Volume 3 — Issue 5 August-September 1978 Users GroupBob Reiling Additional Meetings ■ W F -' Scheduled This js a short list of user groups that meet in the Bay Area. No doubt many more exist but I do not Additional meetings of the Homebrew have any inform ation about them. Send me inform a­ Computer Club have just been scheduled. tion about your group and it will be reported in the The dates are listed in the table in addition N ewsl fetter. "** to previously scheduled dates. You are encouraged to bring your equipment and SOL USERS' SOCIETY (SOLUS) - S.F. Peninsula software for display at the meetings. Chapter meets third Sunday of each month beginning Manufacturers and computer stores are at 1 p.m. at" Stanford Physics Building. Other chapters included in this invitation. Fairchild - throughout USA and Canada. Auditorium has a large lobby area which TRS 80 USERS GROUP - Meets at Radio Shack is well suited for display. One caution, Wednesdays 7:30 p.m. Payne Ave. Radio Shack, however: commercial transactions may not Campbell, (408) 247-5300: Call early in week to con­ be completed on Stanford premises. firm schedule. 1978 Meeting Schedule AM I PROTO USERS & SW TPC USERS - Meets in 7:00 pm -10:30 pm. Room 210t Brànnon Hall; University of Santa Clara, first Tuesday of month at 7:30 p.m. Date Location September 27 Fairchild Auditorium PET USERS GROUP — President Marvin VanDerKoor October 11 SLAC Auditorium will coordinate group. Request additional meeting November 8 SLAC Auditorium at the next HCC meeting.
  • IBM X-Force Threat Insight Quarterly 2 X-Force Threat Insight Quarterly IBM Security Solutions

    IBM X-Force Threat Insight Quarterly 2 X-Force Threat Insight Quarterly IBM Security Solutions

    IBM Security Solutions May 2011 IBM X-Force Threat Insight Quarterly 2 X-Force Threat Insight Quarterly IBM Security Solutions Contents About the report 2 About the Report The IBM X-Force® Threat Insight Quarterly is designed to highlight some of the most significant threats and challenges 3 Evolution: From Nuisance to Weapon facing security professionals today. This report is a product of IBM Managed Security Services and the IBM X-Force 8 Prolific and Impacting Issues of Q1 2011 research and development team. Each issue focuses on specific challenges and provides a recap of the most significant recent 16 References online threats. IBM Managed Security Services are designed to help an organization improve its information security, by outsourcing security operations or supplementing your existing security teams. The IBM protection on-demand platform helps deliver Managed Security Services and the expertise, knowledge and infrastructure an organization needs to secure its information assets from Internet attacks. The X-Force team provides the foundation for a preemptive approach to Internet security. The X-Force team is one of the best-known commercial security research groups in the world. This group of security experts researches and evaluates vulnerabilities and security issues, develops assessment and countermeasure technology for IBM security products, and educates the public about emerging Internet threats. We welcome your feedback. Questions or comments regarding the content of this report should be addressed to [email protected]. 3 X-Force Threat Insight Quarterly IBM Security Solutions Evolution: From Nuisance to Weapon One of the more notable examples here is Brain3, a boot sector infector which originated in Pakistan and released in 1986, was Creeper, Wabbit, Animal, Elk Cloner, Brain, Vienna, Lehigh, one of the first examples of malware that infected PC’s running Stoned, Jerusalem.
  • What Are Kernel-Mode Rootkits?

    What Are Kernel-Mode Rootkits?

    www.it-ebooks.info Hacking Exposed™ Malware & Rootkits Reviews “Accessible but not dumbed-down, this latest addition to the Hacking Exposed series is a stellar example of why this series remains one of the best-selling security franchises out there. System administrators and Average Joe computer users alike need to come to grips with the sophistication and stealth of modern malware, and this book calmly and clearly explains the threat.” —Brian Krebs, Reporter for The Washington Post and author of the Security Fix Blog “A harrowing guide to where the bad guys hide, and how you can find them.” —Dan Kaminsky, Director of Penetration Testing, IOActive, Inc. “The authors tackle malware, a deep and diverse issue in computer security, with common terms and relevant examples. Malware is a cold deadly tool in hacking; the authors address it openly, showing its capabilities with direct technical insight. The result is a good read that moves quickly, filling in the gaps even for the knowledgeable reader.” —Christopher Jordan, VP, Threat Intelligence, McAfee; Principal Investigator to DHS Botnet Research “Remember the end-of-semester review sessions where the instructor would go over everything from the whole term in just enough detail so you would understand all the key points, but also leave you with enough references to dig deeper where you wanted? Hacking Exposed Malware & Rootkits resembles this! A top-notch reference for novices and security professionals alike, this book provides just enough detail to explain the topics being presented, but not too much to dissuade those new to security.” —LTC Ron Dodge, U.S.
  • Reversing Malware [Based on Material from the Textbook]

    Reversing Malware [Based on Material from the Textbook]

    SoftWindows 11/23/05 Reversing Malware [based on material from the textbook] Reverse Engineering (Reversing Malware) © SERG What is Malware? • Malware (malicious software) is any program that works against the interest of the system’s user or owner. • Question: Is a program that spies on the web browsing habits of the employees of a company considered malware? • What if the CEO authorized the installation of the spying program? Reverse Engineering (Reversing Malware) © SERG Reversing Malware • Revering is the strongest weapon we have against the creators of malware. • Antivirus researchers engage in reversing in order to: – analyze the latest malware, – determine how dangerous the malware is, – learn the weaknesses of malware so that effective antivirus programs can be developed. Reverse Engineering (Reversing Malware) © SERG Distributed Objects 1 SoftWindows 11/23/05 Uses of Malware • Why do people develop and deploy malware? – Financial gain – Psychological urges and childish desires to “beat the system”. – Access private data – … Reverse Engineering (Reversing Malware) © SERG Typical Purposes of Malware • Backdoor access: – Attacker gains unlimited access to the machine. • Denial-of-service (DoS) attacks: – Infect a huge number of machines to try simultaneously to connect to a target server in hope of overwhelming it and making it crash. • Vandalism: – E.g., defacing a web site. • Resource Theft: – E.g., stealing other user’s computing and network resources, such as using your neighbors’ Wireless Network. • Information Theft: – E.g., stealing other user’s credit card numbers. Reverse Engineering (Reversing Malware) © SERG Types of Malware • Viruses • Worms • Trojan Horses • Backdoors • Mobile code • Adware • Sticky software Reverse Engineering (Reversing Malware) © SERG Distributed Objects 2 SoftWindows 11/23/05 Viruses • Viruses are self-replicating programs that usually have a malicious intent.
  • Virus Bulletin, July 91

    Virus Bulletin, July 91

    July 1991 ISSN 0956-9979 THE AUTHORITATIVE INTERNATIONAL PUBLICATION ON COMPUTER VIRUS PREVENTION, RECOGNITION AND REMOVAL Editor: Edward Wilding Technical Editor: Fridrik Skulason, University of Iceland Editorial Advisors: Jim Bates, Bates Associates, UK, Phil Crewe, Fingerprint, UK, David Ferbrache, ISIS Ltd., UK, Ray Glath, RG Software Inc., USA, Hans Gliss, Datenschutz Berater, West Germany, Ross M. Greenberg, Software Concepts Design, USA, Dr. Harold Joseph Highland, Compulit Microcomputer Security Evaluation Laboratory, USA, Dr. Jan Hruska, Sophos, UK, Dr. Keith Jackson, Walsham Contracts, UK, Owen Keane, Barrister, UK, John Laws, RSRE, UK, David T. Lindsay, Digital Equipment Corporation, UK, Yisrael Radai, Hebrew University of Jerusalem, Israel, Martin Samociuk, Network Security Management, UK, John Sherwood, Sherwood Associates, UK, Prof. Eugene Spafford, Purdue University, USA, Dr. Peter Tippett, Certus International Corporation, USA, Dr. Ken Wong, PA Consulting Group, UK, Ken van Wyk, CERT, USA. CONTENTS SCANNER UPDATE IBM Triumphs Amidst the ‘Vapourware’ 34 EDITORIAL 2 Results Table 35 TECHNICAL NOTES 3 TUTORIAL PRODUCT REVIEWS Fixed Disk Boot Sectors and 1. SafeWord Virus-Safe 36 Post-Attack Recovery 5 2. Knoxcard: Anti-Virus Hardware 38 Virus Bulletin Education, Training & Awareness Presentations 9 3. Trend Micro Devices’ PC-cillin 40 LETTERS SHAREWARE REVIEW VB Signatures With IBM’s Virscan 10 PC Virus Index 42 Vetting Procedure 10 KNOWN IBM PC VIRUSES 12 END-NOTES & NEWS 44 VIRUS BULLETIN ©1991 Virus Bulletin Ltd, 21 The Quadrant, Abingdon Science Park, Oxon, OX14 3YS, England. Tel (+44) 235 555139. /90/$0.00+2.50 This bulletin is available only to qualified subscribers. No part of this publication may be reproduced, stored in a retrieval system, or transmitted by any form or by any means, electronic, magnetic, optical or photocopying, without the prior written permission of the publishers.