FireCAT

Yesterday, i implemented FireCAT a.k.a Firefox Catalog of Auditing Toolbox at my browser (firefox 2.0 running on ubuntu), FireCAT is a Firefox Framework Map collection of the most useful security oriented extensions.

The basic idea is using "popular" web browser (in this case "firefox") and its extensions (developed by ethical hackers and coders) to perform pentests and audit assessments.

Here is an updated list of useful security auditing extensions

u can download the OPML here then import it to bookmark, or u can download it manually.





hackbar, "This toolbar will help you in testing sql injections, XSS holes and site security. It is NOT a tool for executing standard exploits and it will NOT learn you how to hack a site. Its main purpose is to help a developer do security audits on his code." running on my browser



Advanced dork : Gives quick access to Google’s Advanced Operators directly from the context menu, helping u for doin google hacking :)





and else.. , so "No more Top 100 security tools, no more LiveCDs and no more exploitation frameworks. A security auditor without toolbox is like a cop without gun."

Bluetooth ver 2.1 + EDR

The Bluetooth Special Interest Group announced a new version of its wireless specification at the CTIA on Tuesday, one that the group says will simplify the pairing process and lower overall power consumption.

Version 2.1 + EDR (Enhanced Data Rate) of the Bluetooth Core specification will make the initial connection of Bluetooth devices easier by reducing the number of steps it take to pair one device to another, the SIG said.

Depending on the user and his or her device, there are currently any number of ways to connect via Bluetooth. As the SIG notes, the experience often depends on several factors, such as the ability to call up different menus on a device as well as its own security features.

The improved pairing will feature a consistent—and according to the Bluetooth SIG, an intuitive—pairing process that includes finding, securing, and authenticating the devices, all in a matter of seconds.


According to Michael Foley, executive director of the Bluetooth SIG, version 2.1 + EDR also increases security levels during the pairing process while also releasing the user from having to come up with a long, personal identification number to establish a secure connection.

Instead, this encryption will happen automatically, according to the SIG.

Near Field Communication (NFC) will also be possible in the new updated spec, the SIG said, and users will subsequently be able to hold two devices together at a short range to start the quick pairing process.

The group also said the updated specification will further reduce Bluetooth power consumption by as much as five times in devices such as wireless mice, keyboards, watches, and some medical equipment using a new feature called Sniff Subrating. v According to the Bluetooth SIG Working Group, all devices with Bluetooth version 2.1 + EDR will be backwards compatible with earlier Bluetooth specifications and will support pairing techniques employed by those devices.

The Bluetooth SIG is also currently working with the WiMedia Alliance to incorporate ultra wideband technology into its next version of the specification, creating a dedicated high-speed Bluetooth backchannel, it said.

Version 2.1 + EDR will be ready for members to develop products around in the second half of 2007.

source from extremetech.com, picure are taken from bluetooth.com

Mitnick is Unforgiven

From: The WELL Help Desk

Date: Mar 2, 2007 11:36 AM
Subject: Your registration for membership in The WELL
To: mitnick@...

We have decided not to offer you membership in The WELL. Your payment will be refunded, and your application is denied.

The WELL staff
------
"Apparently, they have not forgiven me for my intrusions from over 12 years ago," Kevin writes. "Fortunately it's not such a big deal being a member of the Well. But imagine if the phone companies of the world wouldn't let me have service -- now that would definitely suck!"


Posted by Kevin Poulsen at 27bstroke6

S. U . M

StartUp Manager, or SUM, is a gui tool for changing settings in the bootloader and splash screen in ubuntu

Software Details
Application name: StartUp Manager
Current version is 1.0.2
Features

Change: Grub timeout, default boot title, number of kernels in bootloader menu, enable/disable boot option for memtest86, enable/disable boot option for "rescue mode", if the default boot option should be automatically updated, bootup resolution and color depth, grub menu colors and background, and usplash theme.

Create "rescue floppy"

Change visibility of: Grub menu, colors, background image, usplash and usplash text.

Password protection: Password protect grub menu from editing, Password protect "alternate" boot options, Password protect old boot options

Themes: Install new grub backgrounds(either from a png, or a correctly sized and colored .xpm or xpm.gz), Remove grub backgrounds, Install new usplash themes(from a correctly made .so file), Remove Usplash themes

so, if u found a hard time in changging your usplash, just try to get .deb package from here then just simply unpackage and install it using "dpkg", orherwise u may choose this nice tutorial "USplashCustomizationHowto" and build it from scratch ..

%spam ?

!kids, please dont launch your "automatic spamming gun" without configuring it first, at least fill the variable first :)

and remember about "pattern searching" in email interface combine with "select all" and "delete" options, only makes your "powder" goin to trash

"save your bandwidth and stay away from drug (hehehehe) "