Time to test our security mindset

By felixctc at 6:52 pm on March 13, 2008 | 4 Comments

Hey everyone. I found a website where you can try to use various ways to hack through levels of password. I think this is a fun way to get in touch with our security mindsets and see how far you can go. I wish everyone good luck 🙂


Filed under: Announcements,Miscellaneous4 Comments »

Feature or Flaw?

By davidjsh at 1:51 pm on Comments Off on Feature or Flaw?

According to an article found at Dark Reading, Adam Boileau from Immunity Inc, has decided after two years to make publicly available his tool Winlockpwn that “lets an attacker take over a ‘locked’ Windows machine without even stealing its password” via the Firewire port. This exploit is not exactly new news since similar tactics have been demonstrated in the past against both Linux and OS X, but it now adds Windows to the list of operating systems vulnerable via a Firewire feature that allows devices connected to the Firewire port to read and write memory. According to SEC Consult, even Vista is not immune to an attack via Firewire. Unfortunately, there is not really an easy fix for this as it is a security flaw in the way Firewire was designed and not a bug in the implementation. However, hopefully this flaw will serve as a constant reminder to developers that security must be an integral part of the design process and not tacked on at the end as an afterthought.

Filed under: Current Events,MiscellaneousComments Off on Feature or Flaw?