Dave Aitel, vulnerability researcher at New York-based Immunity Inc., unveiled a research-level demo of the "Nematode" framework at the Hack In The Box confab in Kuala Lumpur, Malaysia, insisting that good worms will become an important part of an organization's security strategy.

"We're trying to change the way people think," Aitel said in an interview with Ziff Davis Internet News. "We don't want people to think this is impossible. It's entirely possible to create and use beneficial worms and it's something businesses will be deploying in the future."

For years, security experts have debated the concept of using good worms to seek and destroy malicious worms. Some believe that it's time to use the worms' tactics against them and build good worms that fix problems but the chaos and confusion associated with self-propelled replicating programs have left others unconvinced.

Whats old is new again! Dr Fred Cohen invented computer viruses and invisioned "helpful viruses." He proposed a COM and EXE infector that compressed the actual executable. Xerox invented the "network worm" in Palo Alto in the late 70s. It would transfer from machine to machine on the network, performing maintenance. They never could write it properly and the worm keep crashing machines. A few years back, we had worms which would patch the vuln other worms exploited because if both worms existed on a box it would crash.

Nematodes: The Making of 'Beneficial' Network Worms

Google and Sun are holding a press conference today, but the buzz is its about a web-based version of OpenOffice. Didn't you wonder why version 2.0 is so Java based? Whether the version will ultimately be Java-based or some kind of Javascript/Ajax app is unknown. If this annoucement is true, it also lends creditability to the rumor that Google will be offering a "Internet disk" to save your info on Google servers (talk about RAID!).

What is known is Microsoft must be freaking out. OpenOffice has already started to cause them headaches, but a free, web-based version backed by Google is their worst nightmare. Microsoft is only profitable in 2 areas: Windows and Office. Everything else (MSN, Xbox, their games, Encarta, Money, Hotmail) loses them money. Web applications bypass the need for an OS (the browser is the OS), and directly attacks Microsoft.

Whether the system is a success or vaporware really makes no difference. This is a very public shot across Microsoft's bow letting them know that Google can hit them where it hurts.

Update - It's official. A web-based version of OpenOffice will be offered. I wonder if Google will display ads on the side of documents.

Google and Sun: Web based Office Suite!

The dead walk the earth!!!

Judge or Zombie? (JPG)

I've be doing quite a bit of work on anonymously and permanently publishing information on top of existing webservices (often without the service's knowledge/consent).

I thought I'd meme the grand daddy work on the subject Ross Anderson's Eternity Service paper. A must read about using the fragmented nature of USENET to overlay a hypertext-based layer where thing can never be unsaid.

The Eternity Service

The course instructor was a legendarily incompetent teacher, even by the dubious standards of Smartypants U's engineering department. He was so incoherent and capricious that academic advisors were warned to steer students away from his courses. So why was he kept on staff? His research was outstanding. My tuition dollars at work.

You will not produce thronging bevies of pocket-protector-wearing number-jockeys simply by handing out spiffy Space Shuttle patches at the local Science Fair. If you want more engineers in the United States, you must find a way for America's engineering programs to retain students like, well, me: people smart enough to do the math and motivated enough to at least take a bite at the engineering apple, but turned off by the overwhelming coursework, low grades, and abysmal teaching. Find a way to teach engineering to verbally oriented students who can't learn math by sense of smell. Demand from (and give to) students an actual mastery of the material, rather than relying on bogus on-the-curve pseudo-grades that hinge upon the amount of partial credit that bored T.A.s choose to dole out. Write textbooks that are more than just glorified problem set manuals. Give grades that will make engineering majors competitive in a grade-inflated environment. Don't let T.A.s teach unless they can actually teach.

While I'll save the long discussion about why having large barriers of entry into an engineering discipline is a *good* thing, this article did touch on a lot of what is wrong at Georgia Tech and other universities: complete disregard for their undergraduate students. I remember taking a 2nd year CS class where the average final grade was a 34. I had a 38 which earned me a B. When the average grade is *half* the value of the lowest passing grade, you are doing something very, very wrong.

Confessions of an Engineering Washout

Zebedee is a simple program to establish an encrypted, compressed “tunnel” for TCP/IP or UDP data transfer between two systems. This allows traffic such as telnet, ftp and X to be protected from snooping as well as potentially gaining performance over low-bandwidth networks from compression.

Excellent project. Very good case study into tunneling Layer 7 in Layers 3/4.

Zebedee: Secure IP Tunnel

The Phuture of Phishing
by: Billy Hoffman

Phishing, or the act of tricking a user into revealing confidential information, is a big business. In this presentation, we first discuss what phishing is and how it works. We examine the current tricks and techniques that phishers use to steal information such as CSS positioning, host obfuscation, and malware. Next we evaluate the pros and cons of current phishing defensives such as blacklisting, country reconciliation, and reputation systems. Then we discuss a coming trend in phishing attacks: using cross-site scripting (XSS) to embed a phishing site inside the victim website. Finally, we discuss how XSS/Phishing attacks circumvent most existing defenses, and we demonstrate a free defensive tool, LineBreaker, which can actively detect and stop these types of attacks.

SPI Dynamics is hosting my Toorcon presentation and is hosting my free defensive tool. The above summary isn't on the page yet, but you can download the source code/Jar of LineBreaker, and a PDF or Flash version of my presentation for the memed website.

I even quote Tom Cross in the presentation when discussing the offensive tool (which cannot be downloaded)

Tom Cross: This technology has no legitimate use.

SPI has been very supportive of my research, and I hope they continue to do so.

Phuture Of Phishing: Presentation and code

Lots of oil in the path of Rita

Map: Refineries in the path of Rita (GIF)

The Register has some great pictures of various things around the world.

-A Russian Nuclear Missle Base
-French Sub base
-British Battleships
-Stealth Fighters
-B2 Bombers
-B1 Bombers
-A10 Warthogs

Google Maps: Missile Silos, B2 Bombers, and French Subs, Oh My!

Rattle wrote:
Sad news, Overcode passed away on Saturday, September 17th.

More information and a guestbook is on his home page http://overcode.yak.net

Valhalla welcomes its latest hacker. John, may you Rest in Peace.

From this last blog entry:
Nothing wrong with wishful thinking

John's War with Melanoma is over