Tuesday, February 20, 2007

The World Just Shrunk and it didn't cost hardly nothin'

Skype costs me 30 euros/year to maintain a US number, (303) 800 NEIL, for unlimited inbound calls (I also maintain a UK number and on in France so a friend who lives there can call me locally, at least in theory, she never does call).

Anyway, I just put an $8 Thai SIM I bought at the Bangkok airport into my $50 Canadian mobile phone (a Motorola L2 which I paid $100 with $50 in airtime), which I paid $7 US to a guy in Laval Quebec to unlock and works anywhere in the world. The SIM allows for unlimited free inbound calls.

So now, anyone with cheap long distance in North America (and with a calling card you shouldn't pay more than .001/minute) can call me in Thailand for next to nothing.

When my house sitter called to check that i had set it up correctly, all I could exclaim was 'technology is so cool'. These are the times we live in ladies and gentlemen. Interconnectivity for nothing, and nothing to say ...

Thursday, February 15, 2007

The ultimate phishing accessory!

I'd long postulated that phishers and virus makers will hack ISP routers or re-write the hosts.txt files of home computers to divert traffic to counterfeit sites.


Now, it seems there is another possible vector - and it is a duh moment for me that I missed it - home routers.

This article explains in some detail how it can be done, and of course, the ability to log into far too many wireless routers using 'admin admin' as the username password combo is astounding:

Hack lets intruders sneak into home routers
Ability to change the settings of poorly configured home routers could put home networks at risk of serious attack.
By Joris Evers
Staff Writer, CNET News.com
Published: February 15, 2007, 3:33 PM PST

If you haven't changed the default password on your home router, let this recent threat serve as a reminder.

Attackers could change the configuration of home routers using JavaScript code, security researchers at Indiana University and Symantec have discovered. The researchers first published their work in December, but Symantec publicized the findings on Thursday.

The researchers found that it is possible to change the DNS, or Domain Name System, settings of a router if the owner uses a connected PC to view a Web page with the JavaScript code. This DNS change lets the attacker divert all the Net traffic going through the router. For example, if the victim types in "www.mybank.com," the request could be sent to a similar-looking fake page created to steal sensitive data.

"I have been able to get this to work on Linksys, D-Link and Netgear routers," Symantec researcher Zulfikar Ramzan said. "You can create one Web site that is able to attack all routers. My feeling is that it is just a matter of time before phishers start using this."


Imagine the possibilities! Without the alerts of phishing emails being sent, this hack can allow phishers to make the change, and sit back waiting for victims to show up. Indeed, they could even send phish with 'wrong' URLS, the actual whitelisted legitimate URL of a bank, which is the diverted by a hacked router to the phishing site. Nice work if you can get it.

Monday, February 05, 2007

Consequences - The Eagle Uprising

Years ago two of the four musicians that made up seminal Brit art-rock ban 10cc left to form a duo, Creme and Godley. They put out an album called 'Consequences' in 1977 which was a rock-opera of sorts, the storyline being about how Mother Nature rose up against her human overlords who were trashing the place. Hurricanes, earthquakes, so on - the stuff of so many movies, and press of late.

While there may be some 'debate' behind global warming and man's role therein (The nice anti-global warming people have hired the mercenaries behind creating doubt as to whether or not cigaret smoke causes cancer to help promote their cause), I think there can now be no doubt that nature's pissed and is coming to foreclose.

First, there was this story of an eagle causing an Alaskan power failure, and now the eagles are attacking paragliders.

I'd say it is either time to clean up our act or face the consequences.