The broken. Online hacking show.
Defensive Thinking
The Art of Deception
The unpublished first chapter from "The Art of Deception"
A site dedicated to the case of Kevin Mitnick.
An excellent site for some general hacker information. Host page for the excellent radio show (with real audio archives) Off the Hook
The website hosting talks given at the recent Beyond Hope hacker conference. Brought to you by the 2600 folks.
Electron Privacy Information Center. Keeping abreast of current privacy related events such as Carnivore, and the FBI's being granted "keyboard tapping" surveillence device authority.
News about security exploits. From their about us: "SecurityFocus.com is designed to facilitate discussion on security related topics, create security awareness, and to provide the Internet's largest and most comprehensive database of security knowledge and resources to the public."
John Young's archive of surreptitiously disclosed technology information relating to the Free Speech issues, CIA, FBI, and other global secret police.
A computer security Web site dedicated to the collection, disemination and distribution of information about the industry for anyone interested in the subject.
Premiere hacker, and radio personality, Emmanuel Goldstein was given the opportunity of representing his brethren before the House Subcommittee on the subject of network security and similar topics. Here is a transcript of what happened.
A cool site about the pursuit of Kevin Mitnick by crypto expert Tsutomo Shimomura. Unfortunately, it only represents one side of the case (Shimomura's.) Be sure to check out the parody of it!
A large collection of useful hacking links.
Its hard to find favorable press stories on our favorite martyr, Kevin Mitnick. This is an excellent article that appears to be surprisingly well researched and very accurate.
A group of benevolent hackers who test security systems and report their findings to the companies who use them, then issue public warnings about them. They have numerous reasons why they think they are better than CERT for the similar work they do, and given their explanations, I am very inclined to agree. One of their most recent demonstrations, shows that the current version of Windows NT password encryption scheme is not secure.
A serious example of the law misunderstanding computer crime. Also an example of big businesses exploiting this lack of knowledge to their own benefit.
Reverse engineering is a process where you learn all about how a program or device works. The typical use is to decompile or disassemble programs that have already been packaged up with the intention of enhancing functionality, or duplicating functionality (a delicate operation to do legally.) The most well known example of this is how Compaq Computer copied with IBM ROM BIOS in the early 1980s without breaking any copyright laws.
An online magazine about hacking. Comes with lots of source code for keystroke snooping, password cracking, SYN attacks and so on.
A little write up about what a hacker is, what they do and how to become one.
An online digest of questionable computer activities. While not specifically dealing with hacking, it gives a good background for what motivates hackers to behave as they do.
A discussion of the most common weak links in computer systems, and the most common attacks against them. Includes spoofing email, usenet posts, IRC, and the age old unix password file crack.
I have not yet studied these pages, but I noticed that Emmanuel Goldstein and Phiber Optik have made occasional reference to this in a less than favorable light.
A freedom of information based site that discusses hacking, and security in general.
GSM is cracked!
(real audio)GSM is a cell phone standard (more popular outside of the US than inside) that protects connections authentication and privacy through a digital encryption method. (And don't you american's go feeling you are so safe, CDMA, more common in the US, is far weaker and was cracked some time ago.)
Talk of the Nation
discusses the High-Tech BreakdownIncludes commentary from "Mudge" from the L0pht.
A distributed effort to crack RC5 (a 64 bit government "approved" encryption standard that RSA Data systems is trying to discredit, and rightfully so.) Proceeds, in the event that the group wins (there are several groups competing for the glory of being the one who cracks it) will be donated to the Kevin Mitnick defense fund. At the rate its going, it seems like it will take about two or three years to complete; its not clear whether or not Mitnick will be out by then. But its really about making the statement more than any delusions about running.
A PBS Newshour story on hacking (includes comments from the l0pht.)
Salon magazine takes a critical look at that events and books about the 1995 capture of Kevin Mitnick.
A company in Singapore is calling on hackers to come join a mass hacking demonstration on an internal network to raise awareness of network security.
Protesting through hacking on the web.
Wired reports on a disturbing story that suggests hacking is getting a little too serious for some people.
The DVD encryption scheme has been cracked -- but does this enable piracy or just enable people to exercise "fair use" privileges as guaranteed by copy right law?
Its a beautiful thing. So is deCSS considered free speech? I'm sure we will find out soon enough.
The FBI will have free reign to create "cyber boogie men" as Kevin Mitnick coined. If you thought email wasn't secure, well now let me assure you it most certainly isn't.
Comments on the rubber stamping of the carnivore email snooping system.
An archive of hacking news and exploits.
The FBI has expanded its wiretapping capabilities to keystroke recording.
A very large assortment of cryptography related links. This link above is a mirror since Peter Gutmann's page seems to be down.
SSL and SSH are the fundamental interfaces for "secure e-commerce". But it appears to be trivially susceptable to the "man in the middle" exploit.
Bored? Wanna try your hand at OpenBSD? Wanna get a free root account without running your favorite exploit? I'm not sure why but this seems to be exactly what they claim it to be.
