When is illegal hacking OK?

International Internet security firm, Sophos, raises an interesting question in their latest newsletter... is illegal hacking ever justified?

They raise the example of a former California judge who was convicted of possessing child pornography and sentenced to 27 months in jail.

The key evidence in the conviction came from a Canadian hacker, Brad Willman, who infected the convicted man's PC with a Trojan horse, disguised as images of child abuse, on an internet newsgroup visited by pedophiles in 1999. The hacker (who used the handle Omni-Potent) broke into the PCs of those he infected, focusing on those he suspected of being involved in child abuse.

Sophos would like you to vote on whether this illegally obtained evidence was justified.

We'll be following the results of that poll, but would also welcome your comments here on the following two questions...

1. Should illegal evidence ever be permissible, no matter what the charge?
2. Should the hacker, Brad Willman, have been charged and potentially convicted for his crime of illegally infecting PCs connected to the net (ignoring cross-border legal issues)?
   

What's This? Hacker Drive-By's?

Drive-by Web attack aimed at home routers

Too lazy to change default passwords? You'll pay.

Robert McMillan

February 15, 2007 (IDG News Service) -- If you haven't changed the default password on your home router, do so now.
That's what researchers at Symantec Corp. and Indiana University are saying, after publishing the results of tests that show how attackers could take over your home router using malicious JavaScript code.
For the attack to work, the bad guys would need a couple of things to go their way. First, the victim would have to visit a malicious Web site that served up the JavaScript. Second, the victim's router would have to still use the default password that it's pre-configured with it out of the box.
In tests, the researchers were able to do things like change firmware and redirect a D-Link Systems Inc. DI-524 wireless router to look up Web sites from a DNS (Domain Name System) server of their choosing. They describe these attacks in a paper (PDF format), authored by Sid Stamm and Markus Jakobsson of Indiana University, and Symantec's Zulfikar Ramzan.
"By visiting a malicious Web page, a person can inadvertently open up his router for attack," the researchers write. "A Web site can attack home routers from the inside and mount sophisticated... attacks that may result in denial of service, malware infection, or identity theft."

The paranoia continues...

February 06, 2007 (Computerworld) -- SAN FRANCISCO -- An emerging breed of sophisticated malware is raising doubts about the ability of traditional signature-based security software to fend off new viruses and worms, according to experts at this week's RSA security conference here.

Signature-based technologies are now "crumbling under the pressure of the number of attacks from cybercriminals," said Art Coviello, president of RSA Inc., the security division of EMC Corp. This year alone, about 200,000 virus variants are expected to be released, he said. At the same time, antivirus companies are, on average, at least two months behind in tracking malware. And "static" intrusion-detection systems can intercept only about 70% of new threats.

Hackers Take Advantage of Weak Passwords

... From Computerworld

February 06, 2007 -- Left online for 24 days to see how hackers would attack them, four Linux computers with weak passwords were hit by some 270,000 intrusion attempts -- about one attempt every 39 seconds, according to a study conducted by a researcher at the University of Maryland.

Among the key findings: Weak passwords really do make hackers' jobs much easier. The study also found that improved selection of usernames and associated passwords can make a big difference in whether attackers get into someone's computer.

What surprises me is that these were Linux computers.

Excel Too?

From Computerworld, Feb 5 '07...

Over the past year hackers have increasingly focused on Office applications as a security hole and the attacks based on these flaws are often the same: Criminals send an e-mail that appears legitimate, and trick unsuspecting users into opening a maliciously encoded document. Once the document is opened, attackers are able to install unauthorized software on the victim's system.

Microsoft may not have time to patch the Excel flaw in time for its next set of security updates, expected Feb. 13, but, no doubt, it has other Office patches in the works. Over the past few months four similarly critical flaws have been reported in Microsoft Word. None of these has yet been patched.