Brainfoldb4u's Blog

Just another WordPress.com weblog

Archive for the ‘Information Security’ Category

Iphone Hack ban

Posted by brainfoldb4u on February 17, 2010

I guess apple have found their Iphone OS now frequently hacked. Almost like Windows, apple had trouble facing the sophisticated hacks and weekly patches are not enough to protect their OS. So apple seems to come up with a defensive idea of locking the hackers account. Just days after a scrappy young iPhone hacked discovered an unlock exploit for OS 3.1.3 baseband 05.12.01, Sherif Hashim received an ominous message on his iPhone after attempting to log into iTunes: “This Apple ID has been disabled for security reasons.” Proving that this is not an isolated incident, fellow hacker iH8sn0w responded to Hashim to let him know the very same thing happened to him after he released an exploit known as XEMN. Perhaps most puzzlingly, however, is the fact that Hasim’s exploit was never publicly released having only been given to the iPhone Dev-Team who plan to incorporate it into their next release. Obviously Apple could claim that its actions were in response to the violation of their intellectual property as well as a breach of the iPhone’s end-user license agreement, but one has to wonder just how far a notoriously heavy-handed company like Apple might go in the future if it is unable to gain the upper hand over hackers like Hashim.

iPhone developer and hacker, Sherif Hashim, claims to receive a warning showing he’d been denied access to the App Store for “security reasons”, see image above.
The move sparked concerns that Apple might ban all jailbroken iPhones was accessing the App Store. However, such a move would prevent Apple’s application developers from selling to the millions of users of jailbroken devices and would be especially bad politicsfollowing the launch of the Wholesale Applications Community at the Mobile World Congress conference earlier this week.

This seems to be a strong message indicating that known iPhone hackers may get into trouble but at the same time there is no indication that Apple are refusing access to the App Store for anyone who merely makes use of available software to jailbreak or unlock their iPhone or iPod Touch handsets, the message is clear: publicly release an exploit for the iPhone OS and expect to lose your App Store privileges.

Posted in Hacking, Information Security, Iphone | Tagged: , | Leave a Comment »

Voice Encryption

Posted by brainfoldb4u on January 28, 2010

Voice Encryption, almost more than 65% of worlds population uses mobile phone and mobile phone business is in multi million dollars.   We use mobile phone to even book online tickets using Credit card number, personal details and so many occasions we tend to have one or few of these details as our password just to keep it simple. As a general user we assume our telephone conversations are secure and no one else hearing out conversation other than the person we are speaking to.Law enforcement agencies can tap your call but they wont do it unless it is very necessary .

But the reality is any one with basic technical skills and financially motivated.

Statistics show Government agencies on average conduct 50,000 legal wiretaps per year (legal= those where a court order is required), (Let’s not forget Echelon http://tinyurl.com/yetrajm ) another 150,000 phones are illegally tapped by private detectives, spouses and boyfriends and girlfriends trying to catch a potential cheater.  Another estimate shows up to 100,000 phones are wiretapped by companies and private industry in some form of industrial espionage. It is happening and it is a big business.

It’s indeed becomes essential for us to know the ways to secure at least understand the risk of the potential exploit. I saw this article with  technical explanation containing how secure the voice encryption products are..  According to infosecurityguard.com

I knew if I was able to compromise the security I just had to decide if it was as, less or more effective than breaking the encryption and which method was the most efficient. Unfortunately for almost all of  solutions they failed and I was able to simply compromise their security, intercept a phone call in real-time bypassing the entire encryption. The really surprising element was, how extremely simple it is.

All of the products have basic system requirements (i.e. OS, data connection etc) Well, they also all depend on the spoken voice being fed into the microphone.  This is the basic concept of some of the commercial wiretapping tools available on the market, so I thought I would take the same approach.
At what point does the software begin to encrypt the voice input and audio output ? So lets capture it before that happens.   This way I do not have to bother or worry about what encryption algorithms or key exchanges are being used, it really becomes a non issue.

To read more about the technical voice encryptions click here

Lack of voice encryption opens world of attack opportunities with readily available wiretapping utility, costing as little as $100, as well as his own ‘homemade’ Trojan, Notrax was able to bypass the encryption and eavesdrop by capturing conversations from the microphone and speaker in real time. By suppressing any rings, notifications or call logs, these attacks go completely undetected. And while Trojans can be installed manually by someone with access to the phone, they could equally be delivered via email, SMS or a mobile application.

List of Software solutions available with their tested status

The list of tested solutions includes:

  • Caspertec (Software) – Intercepted / insecure
  • CellCrypt (Software) – Intercepted / insecure
  • Cryptophone (Hardware) – Intercepted / insecure
  • Gold-Lock (Software) – Intercepted / insecure
  • Illix (Software) – Intercepted / insecure
  • No1.BC (Hardware SD-Card) – Intercepted / insecure
  • PhoneCrypt (Software) – Secure
  • Rode&Swarz (Hardware Bluetooth) – Secure
  • Secure-Voice (Software) – Intercepted / insecure
  • SecuSmart (Hardware SD-Card) – Intercepted / insecure
  • SecVoice (Software) – Intercepted / insecure
  • SegureGSM (Software) – Intercepted / insicure
  • SnapCell (Hardware) – Secure
  • Tripleton (Hardware) – Still Under Review
  • Zfone (Software) – Intercepted / insecure
  • ZRTP (Software) – Intercepted / insicure.

Phone Crypt,  and Rode&Swarz are two products considered secure and i can find product reviews on

PhoneCrypt

Phone Crypt is an innovative solution based in military grade encryption (RSA 4096 bits and AES 256 bits), the same technology used by FBI and CIA, which effectively protects your landline, mobile and PBX phones from access of intruders. IT also protects against trojan horse.

PhoneCrypt Features

• RSA 4096 bit & AES 256 bit Encryption;
• Diffie-Helman (DH) Key Exchange;
• MD5 & SHA512 Hash for voice integrity;
• Protection Agents detects, alerts and defends against attacks;
• Excelent voice quality;
• Easy to use and intuitive interface for users – the user doesn’t need knowledge in security or technology;
• Voice encryption, immediate and automatic message, without any need of interaction from the user;
• The software uses internet connectivity through 3G, UMTS, HSPA, W-CDMA, EDGE, GPRS and WiFi to data transmission;
• Completely safe –  no secure data it is saved in the device at any time;
• No user intervention is required in security procedures;
• Less requirement use for processor (less than150 MHz);
• Works in devices with Windows Mobile systems without modify or inhibit any other function;
• Encrypt communication in landline and mobile phones;
• Advanced detector of phone calls;
• Superior voice quality (QOS).

To get an detail technical insight of phonecrypt, click here

I urge you to read the interesting article/demo from infosecurityguard.com to gain more understanding on voice encryption products.

Some recent news development about Cell Phone Security:

Posted in Information Security | 2 Comments »

Zues, IM threats

Posted by brainfoldb4u on January 25, 2010

A new threat to instant Messaging (IM) has been identified with a previously well known trojan called Zues attacking users of AOL Instant Messaging and stealing passwords.Zues is one of the best-selling Trojan kit on the black market today  and become the popular choice among cybercriminals because it’s easy to set up and control, and can be used for a variety of purposes. And, like popular commercial software, Zeus comes in a standard version (costing a minimum of $1000) and a professional version with extra features such as a large library of target templates.

So What is Zues is?

Zues network of affected computers

Zues also known as Zbot is an threat organised by army of attackers (known as Zeus builders) who pay thousands for the latest zues builder to make sure they distribute the most up-to-date undetectable bot builds. But they are also available for free in various black market and web sites such as file sharing web sites.

Zeus/Zbot samples are distributed every day in alarming rate. It’s kind of an attack  where multiple modifications of the bot are being produced in-the-wild, packed and encrypted on top with all sorts of packers, including modified, hacked, or private packer builds. Before being released, every newly generated and protected bot is uploaded into popular multi-AV scanner services to make sure it is not detected by any antivirus vendor. Hence, quite a bit of a problem in terms of its distribution scale.

latest generation Zues are capable of using the rootkit techniques to hide its presence on a customer machine.

The bot uses covert methods of injecting additional fields into online Internet banking websites, asking users to answer questions that the authentic website would not ask. The collected details are then silently delivered to remote websites, and added into remote databases. The databases are then sold to other criminal elements down the chain who specialize in withdrawing the funds. The money laundering groups anonymously hire physical people to withdraw money from their personal accounts – in the criminal world these people are called “drops”, and their accounts are called “drop accounts”.

Current Threat to Instant Messengers (IM)

People using the popular instant messaging platform receive an email message announcing an update and are then prompted to click through to download what appears to be a legitimate file, aimupdate_7.1.6.475.exe. However, the so-called update is actually the Zeus installer, which can then transfer itself onto the victim’s machine, whether or not the AIM user clicks on the link to download the executable file.

“It opens an IFRAME to a site that attempts to use vulnerable versions of Adobe Reader to push the Zeus keylogger down to the victim’s computer, then executes it within a few moments of the page loading. The fake web page to which victims are brought appears to be an AOL site, but a close look reveals inconsistencies to an authentic web page. Notably,

  • a true AIM installer has a digital signature from parent company AOL attached. This one does not contain that signature.
  • Further, the URL used for the download begins with a legitimate-seeming address, “update.aol.com”,
  • but that is followed by a six- to seven random-character word followed by .com.pl.

“The exploit opens, in an IFRAME, a page hosted on the IP address in the Vishclub network, which in turn loads a fairly large (15,628 byte) blob of obfuscated JavaScript,” according to the Webroot blog post. “The script invokes the browser to load Adobe Reader, then pushes a file called ‘pdf.pdf’ down to the Reader. That file is built to attack the Collab overflow exploit, the util.printf overflow exploit, and the getIcon exploit in order to force the operating system to download and execute files.”

Webroot Advices
Webroot advises that to avoid this particular exploit focused on AIM, users turn off Adobe Reader’s embedded JavaScript. “There’s almost no circumstance where JavaScript is required,” Brandt said. Turning it off will give web users an extra prompt should they encounter a site that calls for Java, at which point they can make a choice.

Brandt also said that he recommends web surfers use the Firefox browser with the NoScript plug-in extension.

Known facts about Zues:

  • The ZEUS Trojan will commonly use names like below so search your PCs for files with this names:
  1. NTOS.EXE,
  2. SDRA64.exe
  3. LD08.EXE,
  4. LD12.EXE,
  5. PP06.EXE,
  6. PP08.EXE,
  7. LDnn.EXE
  8. PPnn.EXE
  • Typical size for Zues be 40KBytes and 150Kbytes .
  • Additionally look for folder with the name WSNPOEM, this is also a common sign of infection for the ZEUS Trojan.
  • Finally, check the Registry looking for RUN keys referencing any of these names.
  • Do not assume because your antivirus or internet security suite does not show any signs of infection that your PC does not have the ZEUS Trojan infection.

Sample Zues infection diagram from Trend Micro

Ways to remove Trojan manually

I found this information on Spyware techie’s blog as manual removal method for techie computer users. Unknown Trojan manual removal may be difficult and time consuming to remove. There’s no guarantee that Unknown Trojan will be removed completely. So read the Unknown Trojan removal steps carefully and good luck.

Before you start: Close all programs and Internet browsers and back up your computer incase if something goes wrong.

  1. Uninstall Unknown Trojan Program
    Click on StartSettingsControl Panel > Double-click on Add/Remove Programs. Search for and uninstall Unknown Trojan if found.
  2. To stop Unknown Trojan processes
    Go to StartRun > type taskmgr. The click the Processes tab and you’ll see a list of running processes.
    Search and stop these Unknown Trojan processes:
    There are no processes.
    For each unwanted process, right-click on it and then select “End task”.
  3. To Unregister Unknown Trojan DLLs .To find how to delete DLL files click here
    Search and unregister these Unknown Trojan DLLs: There are no dll’s.

    To locate the Unknown Trojan DLL path, go to StartSearchAll Files or Folders. Type Unknown Trojan and in the Look in: select either My Computer or Local Hard Drives. Click the Search button.
    Once you have the Unknown Trojan DLL path, go to Start and then click on Run. In theRun command box, type cmd, and then click on OK.
    To locate the exact DLL path, type cd in order to change the current directory. To display the contents of the directory, use the dir command. To remove the DLL file typeregsvr32 /u FILENAME.dll (FILENAME is the name of the file that you want to unregister).

  4. To unregister Unknown Trojan registry keys To know about how to remover register keys click here
    Go to StartRun > type regedit > press OK.
    Edit the value (on the right pane) by right-clicking on it and selecting the Modify option. Select the Delete option.
    Search and delete these Unknown Trojan registry keys:
    There are no registry keys.
  5. If your homepage has been changed, go to StartControl PanelInternet Options> click on the General > click Use Default under Home Page. Add the your desired default homepage, then click Apply > click OK. Open a new web browser to check that you have your desired default homepage.
  6. Remove Unknown Trojan Directories.
    To find Unknown Trojan directories, go to StartMy ComputerLocal Disk (C:) >Program FilesShow the contents of this folder.
    Search and delete the following Unknown Trojan directories:
    There are no directories.

    Right-click on the Unknown Trojan folder and select Delete.A message will appear saying ‘Are you sure you want to remove the folder Unknown Trojan and move all its contents to the Recycle Bin?’, click Yes.
    Another message will appear saying ‘Renaming, moving or deleting Unknown Trojan could make some programs not work. Are you sure you want to do this?’, click Yes.

  7. To remove Unknown Trojan icons on your Desktop, drag and drop them to the Recycle Bin.

Posted in Exploit, Hacking, Information Security, Passwords | Tagged: , , | Leave a Comment »

Online power point presentation tool: Preezo

Posted by brainfoldb4u on January 22, 2010

Where you ever in a situation,you had no Microsoft power point installed and you are restricted to download any additional softwares or plugins but you still wanted to prepare some power point slides? Here is an easy solution called “Preezo” all you needed is an active internet connection and a reasonably popular web browser.

Web app Preezo is a stripped-down version of PowerPoint right inside your web browser. Create, edit, collaborate on and permalink slideshows at Preezo, which isn’t as featureful as PowerPoint proper but has all the essential tools you need to create a full-on presentation minus desktop software. Preezo is ajax based online presentation creator replaces Microsoft power point application and share it over the web without any software or plug-in to install. If you like to spice up your slide shows with a little movement then check out their Slide Transitions feature. Not only can you make your slides wipe, push and fade, but you can also set your slides to advance automatically after a specified amount of time. They have a diagramming features as well that can help you to create rectangles, ellipses, triangles, lines and more.



They have a large collection of transition effects. For example, Box In, Box Out, Cover Down, Cover Left, Cover Right, Cover Up, Cover Left-Down, Cover Left-Up, Cover Right-Down, Cover Right-Up, Cut, Cut Through Black, Fade Smoothly, Fade Through Black, Push Down, Push Left, Push Right, Push Up, Push Left-Down, Push Left-Up, Push Right-Down, Push Right-Up, Random, Split Horizontal In, Split Horizontal Out, Split Vertical In, Split Vertical Out, Uncover Down, Uncover Left, Uncover Right, Uncover Up, Uncover Left-Down, Uncover Left-Up, Uncover Right-Down, Uncover Right-Up, Wipe Down, Wipe Left, Wipe Right, Wipe Up, Wipe Left-Down, Wipe Left-Up, Wipe Right-Down, Wipe Right-Up.

Key Features

– You can create professional quality presentations using an ultra-fast Ajax user interface.

– Access your presentations from any computer with an Internet connection and a modern browser. And there’s no need for dedicated hosting to use Preezo.

– Reuse images or the content of entire slides from easy to use galleries.

– Save time and reduce headache by collaborating on a centralized web document.

– Distribute presentations to clients and colleages without having to email huge PowerPoint files.

Posted in Free but useful tools, Information Security, Open Source | Tagged: , | Leave a Comment »

IE exploit on IE6.0 and Windows XP SP2

Posted by brainfoldb4u on January 17, 2010

Exploit code for the zero-day hole in Internet Explorer linked to the China-based attacks on Google and other companies has been released on the Internet, McAfee said on Friday. Also, the German federal security agency issued a statement on Friday urging its citizens to use an alternative browser to IE until a patch arrives.

McAfee researchers have seen references to the code on mailing lists and confirmed that it has been published on at least one Web site, the company’s Chief Technology Officer George Kurtz wrote in his blog. “The exploit code is the same code that McAfee Labs had been investigating and shared with Microsoft earlier this week,” he said.

Attack is the latest problem/error in how the “createTextRange()” method is processed on a radio button control. “This can be exploited by a malicious Web site to corrupt memory in a way [that] allows the program flow to be redirected to the heap. The vulnerability has been confirmed on a fully patched system with Internet Explorer 6.0 and Microsoft Windows XP SP2. The vulnerability has also been confirmed in Internet Explorer 7 Beta 2 Preview (January edition). Other versions may also be affected.

The flaw is discovered by secunia Secuirty company in their advisory..

SANS Internet Storm Center (ISC) raised its Infocon to yellow

SANS says this exploit is available in Metasploit, but as far as they are aware at this moment there are no automated tools taking advantage of the exploit and widely attacking the internet.   The exploit currently affects a version of the product that is two major revisions behind the current release, and should really not be widely used anymore.  Easy work arounds are available by utilising other browsers or products, signatures are available from the AV vendors and the patch should be available in the next 3-4 weeks.

“The irresponsibility of releasing such a dangerous exploit will require systems administrators to take drastic action to protect their systems,” Scott Carpenter, director of security labs at Herndon, Va.-based Secure Elements Inc., said in an e-mailed statement. “When vulnerable home systems are added into the equation, Internet Explorer users can expect a virus or worm in the very near future. The most probable vector for this worm will be in the form of spam with malicious links that will tempt users into clicking on a link that takes them to a malicious Web site.”

Microsoft’s Response:

Microsoft has determined that an attacker who exploits this vulnerability would have no way to force users to visit a malicious Web site,” he said in an e-mail. “Instead, an attacker would have to persuade them to visit the Web site, typically by getting them to click a link that takes them to the attacker’s Web site. They also added that , “Upon completion of this investigation, Microsoft will take appropriate action to help protect our customers. This will either take the form of a security update through our monthly release process or providing an out-of-cycle security update.”

Temporary Recommendation:

Meantime, Microsoft said users can protect themselves by configuring IE to prompt before running Active Scripting or by disabling Active Scripting in the Internet and local intranet security zone. Users can also set Internet and local intranet security zone settings to “High” to prompt before running Active Scripting in these zones.

Complete story is on here

Posted in Information Security | Leave a Comment »

Free Cisco, Microsoft, CompTia Study materials

Posted by brainfoldb4u on January 15, 2010

I came across this materials today. They are really useful materials for some one looking to learn for certifications like CCSP, CCVP, CCNA, CCNP.. It is a whole set of materials..

Click the link to access:  http://www.4shared.com/dir/25834616/400fbf67/sharing.html. Special thanks to Scalenetworks

Posted in Auditing, General topics, Information Security, Microsoft | Tagged: | Leave a Comment »

Gmail's GPG Encryption

Posted by brainfoldb4u on January 15, 2010

Better security typically goes hand in hand with increased inconvenience. But some human rights activists who used Gmail right now likely wish they’d put up with a little hardship to help keep hackers at bay. I’m not going so far as to recommend you use e-mail encryption, but I think this is a good time to take a close look at it.

To know how to use a collection of free or open-source software packages: GPG, or GNU Privacy GuardMozilla Messaging’s Thunderbird e-mail software, and its Enigmail plug-in. CNET Download.com also hosts Thunderbird for Windows and Mac and Enigmail for all platforms.

Public key cryptography
Encryption scrambles messages so that only someone with a key (or a tremendous amount of computing horsepower, or knowledge of how to exploit an encryption weakness) can decode them. One form is called, curiously, public key encryption, and this is what GPG and Enigmail use.

Here’s the quick version of how it works. You get a private key known only to yourself and a public key that’s available for anyone else to use. The person you’re corresponding with also has such a pair of keys. Although the public and private keys are mathematically related, you can’t derive one from the other.

To send a private message, someone encrypts it with your public key; you then decrypt it with your private key. When it’s time to reply, you encrypt your message with the recipient’s public key and the recipient decodes it with his or her private key.

Messages in transit from one machine to another are a bunch of textual gobbledygook until decoded. If you’re being cautious enough to encrypt your e-mail, you should be aware that there’s still some information that leaks out to the outside world. The subject line isn’t encrypted, and somebody might take interest in the identity of your active e-mail contacts and the timing and frequency of communications.

So how do you find out what your correspondent’s public key is? You can either fetch the key firsthand from the correspondent, or you search for it on public computers on the Net called key servers–mine is stored at pool.sks-keyservers.net.

This form of encryption has another advantage: you can sign your e-mail electronically so the recipient knows it really is from you. This time the process works in reverse: you sign your e-mail with your private key, then your recipient verifies it’s from you using your public key.

Continue reading Cnet for more insight

Posted in Browser Security, Google, Information Security | Leave a Comment »

Google Turns on Gmail Encryption to Protect Wi-Fi Users

Posted by brainfoldb4u on January 14, 2010

Google is now encrypting all Gmail traffic from its servers to its users in a bid to foil sniffers who sit in cafes, eavesdropping in on traffic passing by, the company announced Wednesday.

The change comes just a day after the company announced it might pull its offices from China after discovering concerted attempts to break into Gmail accounts of human rights activists. The switch to always-on HTTPS adds more security, but does not help prevent the kind of attacks Google announced Tuesday.

Read More http://www.wired.com/threatlevel/2010/01/google-turns-on-gmail-encryption-to-protect-wi-fi-users/#ixzz0cYsjPs7d

Google Turns on Gmail Encryption to Protect Wi-Fi Users

Posted using ShareThis

Posted in Google, Information Security | Leave a Comment »

Skype process

Posted by brainfoldb4u on January 13, 2010

In response to a query raised by one of my friend asking how secure is to use skype and were the communication encrypted?  I did some quick browsing on Skype technology and thought its time to share some information about skype.

Skype is a peer to peer VoIP client allows users to place voice calls and send text messages to other users of Skype clients. Skype claim to have better voice quality than similar applications like MSN and Yahoo Messenger. It also encrypts calls end-to-end. Skype technology uses two types of nodes in its network named Ordinary host ( skype application) and super node (computer with valid IP address).

Windows Registry

Skype application must connect to a host with active internet connection and must register itself with the Skype login server for a successful login. Skype  login server is an important entity in the Skype network with stored usernames,passwords and also used for authentication purpose.  Each Skype client has the capability to build and refresh tables (host cache) of reachable nodes and it contains IP address and port number of super nodes. This table is normally stored in the Windows registry.

Skype traffic

Skype uses wideband codecs to allow and maintain call quality at an available bandwidth of 32kbps. Skype uses TCP for signalling and both UDP and TCP for transporting media traffic. It is to be noted that both signalling and media traffic are not sent on a same port.

Friends list

Skype stores its friends list information in the Windows registry. This list is digitally signed and encrypted. The buddy list is local to one machine and is not stored on a central server. If a user uses SC on a different machine to log onto the Skype network, that user has to reconstruct the buddy list.

Skype encryption

Skype uses AES 256 bit encryption with total possible keys of around 1.1* 10^77. In order to encrypt data in each skype call, it uses 1536 to 2048 bit RSA to negotiate symmetric AES keys. Skype uses STUN protocol to determine the type of firewall or Netowrk Address Translators used in the network. all these data’s are stored in windows registry

Session Cryptography:

All traffic in a session is encrypted by XORing the plaintext with key stream generated by 256-bit AES (also known as Rijndael) running in integer counter mode (ICM). The key used is SKAB. Skype sessions contain multiple streams. The ICM counter depends on the stream, on salt, and the sequency within the stream.

Signature padding:

The signature verification method checks the integrity of the signed message. It decrypts the RSA and extracts and checks the padding. It also checks the hash for accuracy. Consistent with ISO 9796-2, after the first signed block, the rest of the signed message is in plaintext, and this is verified via the SHA-1 hash check.

Skype logins

For skype  to initiate it needs more than one value in the host cahce table. As soon as you start the Skype the login process is to look for valid entries with in Cache table.  Without valid entries it is not possible to connect to skype network.  Skype client will first send UDP packet to this entry. If there was no response afterroughly five seconds, SC tried to establish a TCP connection withthis entry. It then tried to establish a TCP connection to the HC IPaddress and port 80 (HTTP port). If still unsuccessful, it tried toconnect to HC IP address and port 443 (HTTPS port). SC thenwaited for roughly 6 seconds. It repeated the whole process fourmore times after which it reported a login failure.We observed that a SC must establish a TCP connection with aSN in order to connect to the Skype network. If it cannot connectto a super node, it will report a login failure.

Media Transfer process:

The video/voice communication through SKype is established through UDP. The trick here is that quite often, one of the users is behind a firewall or a router, hence it doesn’t have a real IP address. But if both Skype clients are on real IPs, then the media traffic flows directly between them over UDP. The size of the voice packet is 67 bytes, which is actually the size of UDP payload. One second conversation results in roughly 140 voice packets being exchanged both ways, or 3-16 kilobytes/s.

If one of the callee or both of them do not have a public IP, then they send voice traffic to another online Skype node over UDP or TCP. The developers of Skype have preferred to use UDP for voice transmission as much as possible.

An interesting fact is that even if both sides are not speaking, voice packets will still be flowing between them. The purpose of these so called ‘silent packages’ is to keep the connection alive.

For detailed Skype security review click here

Posted in Information Security | Tagged: | Leave a Comment »

Researcher Rates Mac OS X Vulnerability 'High

Posted by brainfoldb4u on January 12, 2010

Flaw in versions 10.5 and 10.6 can be exploited by a remote attacker, says SecurityReason

The proof of concept merely triggers a memory access error, but such buffer overflow conditions can sometimes be exploited to run arbitrary code.

Although the issue has apparently been fixed in FreeBSD and OpenBSD, the researchers imply that the changes have not filtered through to Mac OS X, where it is said to be present in Leopard (10.5) and Snow Leopard (10.6).

The issue is also said to have been present in NetBSD, Google Chrome, Firefox and other Mozilla projects, Opera, MatLab, and other pieces of software.

SecurityReason’s advisory describes a flaw in the libc/gdtoa code in OpenBSD, NetBSD, FreeBSD, and MacOS X, as well as Google Chrome, Mozilla Firefox and other Mozilla software, Opera, KDE, and K-Meleon. SecurityReason’s advisory rates the vulnerability’s risk as “high” and claims that the flaw can be exploited by a remote attacker.

Continue reading..

For security reasons advisory and proof of concept click here

Posted in Hacking, Information Security, Vulnerability | Tagged: , | Leave a Comment »