Hackers Selling Vista Zero-Day Exploit

By Ryan Naraine

Underground hackers are hawking zero-day exploits for Microsoft's new Windows Vista operating system at $50,000 a pop, according to computer security researchers at Trend Micro.

The Windows Vista exploit—which has not been independently verified—was just one of many zero-days available for sale at an auction-style marketplace infiltrated by the Tokyo-based anti-virus vendor.

In an interview with eWEEK, Trend Micro's chief technology officer, Raimund Genes, said prices for exploits for unpatched code execution flaws are in the $20,000 to $30,000 range, depending on the popularity of the software and the reliability of the attack code.

Bots and Trojan downloaders that typically hijack Windows machines for use in spam-spewing botnets were being sold for about $5,000, Genes said.

The Trend Micro discovery highlights the true financial value of software vulnerability information and serves as further confirmation that a lucrative underground market exists for exploit code targeting unpatched flaws.

Back in December 2005, researchers at Kaspersky Lab in Moscow found evidence that the exploit code used in the WMF (Windows Metafile) attack was being peddled by Russian hacker groups for $4,000.

However, according to Genes, the typical price of a destructive exploit has increased dramatically, driving an underground market that could exceed the value of the legitimate security software business "I think the malware industry is making more money than the anti-malware industry," Genes said.

Trend Micros researchers also found the underground marketplace saturated with personal data stolen in phishing attacks and virtual currency hijacked from online gamers.

Genes said the average prices for credit card and bank log-in data can vary dramatically, depending on the banks brand and the way the data is mapped to names, Social Security numbers, dates of birth and physical addresses.

A custom Trojan capable of stealing online account information can be bought for between $1,000 and $5,000, while a botnet-building piece of malware can cost between $5,000 and $20,000, Genes said.

Credit card numbers with valid PINs are sold for $500 each, while billing data that includes an account number, physical address, Social Security number, home address and birth date can be found for between $80 and $300.

The auction marketplace is also selling drivers licenses for $150, birth certificates for $150, Social Security cards for $100, and credit card numbers with security code and expiration date for between $7 and $25PayPal or eBay account credentials are available for $7, Genes said.

visit article's source for more details.

FSF launches campaign against Microsoft Vista

by John Sullivan

The Free Software Foundation (FSF) today launched BadVista.org, a campaign with a twofold mission of exposing the harms inflicted on computer users by the new Microsoft Windows Vista and promoting free software alternatives that respect users' security and privacy rights.
“Vista is an upsell masquerading as an upgrade. It is an overall regression when you look at the most important aspect of owning and using a computer: your control over what it does. Obviously MS Windows is already proprietary and very restrictive, and well worth rejecting. But the new 'features' in Vista are a Trojan Horse to smuggle in even more restrictions. We'll be focusing attention on detailing how they work, how to resist them, and why people should care”, said FSF program administrator John Sullivan.
The campaign will organize supporters into effective and unusual actions drawing attention to this daylight theft of computer users' rights, aggregate news stories cutting through the Vista marketing propaganda, and provide a user-friendly gateway to the adoption of free software operating systems like gNewSense (http://www.gnewsense.org).
Peter Brown, executive director of the FSF said, “Whilst Microsoft embarks upon its largest ever product launch, its marketing dollars will be spent in an effort to fool the media and user community about the goals of Vista. Our campaign will ask the important questions. Can you set yourself or your company free? Can you ever be free from Microsoft? As with our campaign against Digital Restrictions Management, we aim to demonstrate that technologists can be social activists, because we know the harm that Vista will cause”.
Among other harms, BadVista.org will focus on the danger posed by Treacherous Computing in Vista. Commonly called Trusted Computing in the industry, it is an attempt to turn computers from machines controlled by their user into machines that monitor their user and refuse to operate in ways that manufacturers don't authorize.
Supporters can sign up to receive more information and participate in the campaign at http://badvista.org

read more article..

Mounting iso image file under freeBSD

Not like linux mount tool, in freebsd, this tool doesn't support option for mount via a loop device (or whatever it says in freeBSD). This is what I always did if I want to mount an iso image file under linux. And then what should I do to mount an iso image filesystem under freeBSD?

Based on FreeBSD's manual page, there is one more step to make it possible before I mount an iso image file. I should build an iso image as a virtual disk first, using mdconfig (because I use version 6.1 RELEASE).

here are the command:
mdconfig -a -t vnode -f imagefile -u 0
mount /dev/md0 /mnt

to remove it, simply type this command in console:
umount /mnt
mdconfig -d u 0

hope this helpful.

How to open slackware's initramfs image file

Here are a step by step what I've done when try to open an initramfs file which come with slackware installation stuff (either using CD/DVD installation or an iso image). I just want to know what are on an initrd.img file (an initramfs itself) which located in directory isolinux.
Before I give the command, I would like to explain you how an initramfs image created with slackware. There is a tool to do this, mkinitrd, and it's only a bash script file. A part of source which exactly generate an initramfs image is on a build_initrd_image() procedure. Here is the source:

# Wrap the initrd as an initramfs image and move it into place:
( cd $SOURCE_TREE
rm -f $OUTPUT_IMAGE
find . | cpio -o -H newc | gzip -9c > $OUTPUT_IMAGE
)

Now we know how an initramfs image created, and we can simply extract it with a gunzip tool first and followed with a cpio tool. a complete command is looks like this:

gunzip -c initrd.img | cpio -i -d -H newc --no-absolute-filenames

I prefer if you doing all of this activity in new directory. first, copy an initrd.img's file into your new directory and make sure you have write access on that directory. And now, you can run that command inside that directory. If there is an error message like this : "cpio: Operation not permitted", you can try to run the command with user root.

hope this helpful.

Windows Is Still More Reliable than Linux On The Server

Windows Server and Linux are growing up fast, but they still aren't a match for the solid, stable Unix systems on the high-end of the server scale.
That's the conclusion of a report from The Yankee Group, which released it 2006 Global Server Reliability Survey on Wednesday. The report compared a number of server operating systems in areas of reliability, down time and recovery.
It found that Windows Server 2003 showed the highest reliability gains, surpassed only by mature Unix-based server operating systems like HP-UX from Hewlett-Packard and Sun Solaris 10 from Sun Microsystems .
Windows Server 2003 had nearly 20 percent more annual uptime in similar deployment scenarios over Red Hat Enterprise Linux.
The Yankee Group found that corporate Linux, Windows and Unix servers experience on average three to five failures per server per year, resulting in 10.0 to 19.5 hours of annual downtime for each server. The down time for Linux systems was longer not due to a software failure, but because Linux often isn't as well-known or that well documented.
"One of the reasons for extended down time often had nothing to do with performance and reliability of the OS," said Laura DiDio, research fellow for application infrastructure and software platforms at The Yankee Group.
"The one random element I can't emphasize enough is I think some of the disparity we see between Red Hat Linux down time and Windows and Unix comes not so much from any inherent flaws in the Linux core kernel, but the unfamiliarity of some of thenetwork administrators with Linux."
When a Linux system fails, it can sometime send a Linux administrator, who likely has less years of experience than a Sun or IBM Unix veteran, scouring the Internet for documentation or a fix.
Overall, DiDio said, all of the server operating system environments have shown markedly improved reliability in recent years, both in hardware and software. The improvements in hardware from Dell, HP and other vendors has given the operating systems a better base on which to run.
This in turn helps the software, which has also improved. With each new release of the Windows server since Windows 2000 was released in 1999, Microsoft has showed a 20 to 30 percent improvement in reliability, said DiDio.
The poorest performing operating system was Debian GNU/Linux, while SUSE Linux from Novell had the best performance, even topping some of the big Unixes. But it's used so little as to be statistically irrelevant, said DiDio.
Another reason Linux may prove shakier is that many shops, more than 50 percent in this survey, were making some level of customization to their Linux environment. Making changes to the kernel and underlying system increases the chances for breakage somewhere in the system.
But don't unplug the mainframe just yet. In terms of power, performance and reliability, DiDio said the only thing that could come close to mainframe performance is the high-end Unix systems from Hewlett-Packard, Sun and IBM. "And even that is debatable."

Author : Andy Patrizio

news source