beforeyoukillyourcomputer.com Saving computers one at a time from their owners

SANTA ANA, California (Reuters) - A computer hacker testified on Wednesday that a News Corp unit hired him to develop pirating software, but denied using it to penetrate the security system of a rival satellite television service.

Christopher Tarnovsky — who said his first payment was $20,000 in cash hidden in electronic devices mailed from Canada — testified in a corporate-spying lawsuit brought against News Corp’s NDS Group by DISH Network Corp.

The trial could result in hundreds of millions of dollars in damage awards.

NDS, which provides security technology to a global satellite network that includes satellite TV service DirecTV, denies the claims, saying it was only engaged in reverse engineering — looking at a technology product to determine how it works, a standard in the electronics industry.

After an introduction by plaintiff’s attorney Chad Hagan as one of the “two best hackers in the world,” Tarnovsky told the court that he was paid on a regular basis by Harper Collins, a publishing arm of News Corp, for 10 years.

Tarnovsky said one of his first projects was to develop a pirating program to make DirectTV more secure.

But lawyers for DISH Network claim Tarnovsky’s mission was to hack into DISH’s satellite network, steal the security code, then flood the market with pirated smart cards costing DISH $900 million in lost revenue and system-repair costs.

Source /Full Story

Anyone surprised about this at all? Measure, counter-measure, new measure, new counter-measure, etc,. There is a lot of money spent in what may never be obtainable and plenty of nuisance for consumers who simply want to back up their movies. In the 80s I used to purchase a new album, purchase a blank tape, play the album once and back it to tape then only play the tape until it wore out, broke, got lost, or… got melted on (or to) the car’s dashboard. Then a second playing of the pristine condition album was performed to make another backup for use while the original was safely tucked away.

If you are a parent of a child or teen that you have graciously allowed to have a DVD player in their room you may wish to allow said child or teen to play one of your well cared-for DVDs only to see it returned in a condition much reminiscent of something that was dragged down a dusty rocky road in the old West. A backup would come in handy in this situation. Your DVD player could one day break down and spin your DVD in a strange way that makes it unplayable. The door could accidentally close on your DVD. Of course those that make money on you buying the DVD in the first place want you to buy the same movie over and over and over.

Over the past month, a new type of malicious software has emerged, using a decades-old technique to hide itself from antivirus software.

The malware, called Trojan.Mebroot by Symantec, installs itself on the first part of the computer’s hard drive to be read on startup, then makes changes to the Windows kernel, making it hard for security software to detect it.

Criminals have been installing Trojan.Mebroot, known as a master boot record rootkit, since mid-December, and were able to infect nearly 5,000 users in two separate attacks, staged on Dec. 12 and Dec. 19, according to Verisign’s iDefense Intelligence Team. In order to install the software on a victim’s computer, attackers first lure them to a compromised Web site, which then launches a variety of attacks against the victim’s computer in hopes of finding a way to run the rootkit code on the PC.

Once installed, the malware gives attackers control over the victim’s machine…

“It’s not some new attack vector that’s going to be hard to prevent,” he said. “It’s just something that people haven’t really paid attention to.”

Source/Full Story

The programmers who wrote free software that unlocks Apple Inc.’s iPhone Tuesday disputed the company’s claim that their hacks can damage the device, and they promised to battle any attempt by Apple to “brick” modified phones.

In a message posted to the iPhone forum on the Hackint0sh Web site, someone claiming to represent the iPhone Dev Team said the group would answer the firmware update expected this week with a tool of its own that would return any unlocked phone to a factory-fresh condition. That will prevent the iPhone from being “bricked,” or incapacitated, when the update is applied.

“We will provide you with a tool in the next week which will be able to recover your ‘nck’ counter and ’seczones’ and even enable you to restore your phone to a factory-like state if you are really [determined] to update your phone,” said someone identified as “sam…”

A firmware update, the third since the iPhone went on sale in late June, will be released through iTunes this week. Apple is expected to add new features to the phone, including the ability to purchase music over a Wi-Fi connection.

The iPhone Dev Team spokesman advised users who had already unlocked their phones to not apply the update, saying they should instead wait while others, presumably including the iPhone Dev Team’s own programmers, analyze it. Elsewhere in the message, the spokesman claimed that about 500,000 copies of the free unlocking tool had been downloaded. If true, it would mean that almost half of the iPhones sold so far have been unlocked. Apple announced only two weeks ago that it had just sold its 1 millionth iPhone.

Source

We have seen quite a few stories lately of governments reportedly hacking into other governments but, surprisingly, these stories get little media attention. No blood, no violence, no sex… no interest. Disappointing. This is a new battleground and our government better defend it vigorously. If not, it’s the media’s responsibility to bring it to light for correction. For now, we’ll reserve judgement on whether or not our media or government is “doing their job” but I hope someone’s not asleep at the switch when it’s important to act.

WASHINGTON (AFP) — Several nations and groups are trying to break into the US military’s computer system, the Pentagon said Tuesday after reports China’s military had successfully hacked into the network.

The Chinese military’s cyber-attack was carried out in June following months of efforts, the London-based Financial Times reported Tuesday, citing unnamed current and former US officials.

Officials had told the paper the attack was by China’s People’s Liberation Army (PLA) and that it led to the shutdown of a computer system serving the office of Defense Secretary Robert Gates.

Patrick Ryder, a US Defense Department spokesman, declined to comment on the reported Chinese attack but said the Pentagon “aggressively monitors its networks for intrusions and has appropriate procedures to address” them.

“We know that a number of nations and groups are actively developing these capabilities,” he told AFP.

“We have seen attempts by a variety of state and non-state sponsored organizations to gain unauthorized access to, or otherwise degrade, DoD (Department of Defense) information systems,” he said without identifying them.

Source

VANCOUVER, B.C.–The prize in the hack-a-Mac contest at the CanSecWest conference here just got bigger.

TippingPoint, which runs the Zero Day Initiative bug bounty program, is offering to pay $10,000 to the hacker who commandeers one of two MacBooks. The target computers are connected to a wireless access point and fully patched, including the update for 25 vulnerabilities that Apple released on Thursday.

Originally a successful hack would be rewarded with the MacBook. There had been some rumblings among event attendees that the reward was not big enough to draw interest. To qualify for the $10,000 a successful attack has to be carried out with a new, yet-to-be-patched vulnerability, a TippingPoint representative at CanSecWest said.

CanSecWest organizers have set up the MacBooks with all security updates, but without additional security software or settings. Attendees are able to connect to the machines via the access point through Ethernet or Wi-Fi.

Source

Tokyo-based hosting network Shimpinomori.net challenges everyone around the world to hack into their PS3! The first person that hacks into it will win a PS3. The PS3 has Linux on it and is hooked up to the internet with a website running on it at : http://ps3.shimpinomori.net/index_en.html .

The contest runs until next January, and is open to every hacker on the planet. The rules: no “dirty” attacks, no messing with any other equipment other than the PS3 itself. The first person to manage to replace the photo of the child shown on the site with another photo hidden inside the machine will be declared the winner.

Source

A man in Manchester, England has been convicted of using an MP3 player to hack cash machines. Maxwell Parsons, 41, spent £200,000 of other people’s money after using the machine to read card details.

Parsons plugged his MP3 player into the back of free standing cash machines and was able to use it to read data about customers’ cards. That data could then be used to ‘clone’ cards and use them for bogus purchases.

Free-standing machines are typically found in shops and bars, and they allowed Parsons to plug his machine into the back of them in a way that would be impossible in wall mounted dispensers.

The MP3 player recorded customer details as they were transmitted over phone lines to the bank. Tones were read as they were transmitted and used to clone cards.

Source