Gaze-tracking software makes your screen readable only by you
Jun 29, 2009 Security News
If this works as advertised, it looks to possibly make “shoulder surfing” a lot more difficult:
Chameleon uses gaze-tracking software and camera equipment to track an authorized reader’s eyes to show only that one person the correct text. After a 15-second calibration period where the software essentially “learns” the viewer’s gaze patterns, anyone looking over that user’s shoulder just sees dummy text that randomly and constantly changes.
Anderson built a more consumer-friendly version called PrivateEye, which can work with a simple Web cam. The software blurs a user’s monitor when he or she turns away. It also detects other faces in the background, and a small video screen pops up to alert the user that someone is looking at their screen.
Read the rest here
New version of Security Onion LiveCD
Jun 22, 2009 Security News
What is it?
The Security Onion LiveCD is a bootable CD that contains software used for installing, configuring, and testing Intrusion Detection Systems.What software does it contain?
The Security Onion LiveCD is based on Xubuntu 9.04 and contains Snort 2.8.4.1, Snort 3.0.0b3 (Beta), sguil, idswakeup, nmap, metasploit, scapy, hping, fragroute, fragrouter, netcat, paketto, tcpreplay, and many other security tools.What can it be used for?
- The Security Onion LiveCD can be used for Intrusion Detection. Simply boot the CD and double-click either the Snort-Sguil or SnortSP-Sguil desktop shortcuts. The Snort and Sguil daemons will then start, listening on eth0 for any suspicious traffic and creating alerts in the Sguil console.
- The Security Onion LiveCD can be used to test an Intrusion Detection System. Simply boot the CD and use the included tools (such as nmap, metasploit, idswakeup, scapy, hping, and others) to test your existing IDS or to test the included Snort 2.8.4.1 and Snort 3.0 Beta 3.
- The Security Onion LiveCD can be used to install an Intrusion Detection System. Simply boot the CD and double-click the Install desktop shortcut. For more information about installation, please see the README desktop shortcut.
You can download your copy here.
T-Mobile USA gets pwnd??
Jun 8, 2009 Security News
There are reports that T-Mobile USA has been pwnd by attackers who claim to have “everything, their databases, confidental documents, scripts and programs from their servers,
financial documents up to 2009.”
If this is a valid breach, it doesn’t look good for T-Mobile at all:
We already contacted with their competitors and they didn’t show interest in buying their data -probably because the mails got to the wrong people- so now we are
offering them for the highest bidder.Please only serious offers, don’t waste our time.
Contact: pwnmobile_at_safe-mail.net
New BackTrack 4 “Forensics Mode”
Jun 2, 2009 Security News
The soon-to-be-released BackTrack 4 will have the possibility of a “Forensics Mode”:
For a long time now, Linux live CDs have been very useful for forensic acquisition purposes when for one reason or another you can’t utilize a hardware write blocker. For a Linux live CD to be considered for this purpose however, it is of the utmost importance that the use of the live CD in no way alters any data in any manner.
In the past, this ruled out the use of Backtrack for forensic purposes. Backtrack would automount available drives and utilize swap. This could cause all sorts of havoc, changing last mount times, altering data on disk, and so on.
Well, no longer! The Backtrack 4 Live CD has incorporated changes to allow a boot mode which is forensically clean. This is great news, as with Backtrack being such a popular live CD, a copy can often be found close at hand.
This option will be made available from the Grub boot menu:
