Line Noise : A few tidbits from Tipping Point Tower

As a research team we come across a variety of interesting articles, papers and links ranging from cutting edge security research to silly web toys.

We're constantly sharing information and commentary with one another and thought that it may be interesting for others to join in on the fun. So we have decided to dedicate some time to creating a generic "week in review" blog series.

We'll see how it goes and we'll decide on whether or not to keep it up based on the feedback we receive. To kick things off, here are some random recent musings straight from our internal IRC:

  • googleDrive is a fun little toy. Cody thought it would be interesting to snag the code and make a networked multiplayer racing game out of it. Looks like the author of googleDrive is already planning googleRacer which will allow you to plot a course and race against the clock.
  • Aaron found this link to a military sponsored rootkit and botnet research call for papers.
  • The pokerbot writeup and one of the ualberta papers it references. These made the rounds last weekend, with a decent application of DLL injection. It's supposed to be part of a series, so the second part may possibly be up by the time you read this.
  • Debian. That not random enough key generation vulnerability that everyone has been talking about. Ben Laurie has an interesting post on his blog, HD Moore generated the whole keyspace. XKCD made a comic about it and as expected we made a detailed write up of our own here.
  • Recently Google opened up a diagnostic page allowing users to check the malicious status of specific sites. To try this for yourself plug a target domain into:

http://www.google.com/safebrowsing/diagnostic?site=http://www.example.com

Sebastian Muniz will be dropping some Cisco IOS rootkit hotness at EUSecWest which reminds us of FX's forensic tool.