A post graduate master’s degree is available to students of the Abertay University, in Dundee, Scotland. The Master’s is being offered as a gateway into the security sector, with coursework enabling students to test security vulnerabilities, whilst at the same time learning about common techniques people use to gain unlawful access to computer systems.

I can see the real benefit in using this tactic to educate people - after all, all the big companies have been hiring people who hack their systems for years, to better understand how to improve things behind the scenes. However, the whole language behind the course (it’s even called an “MSc Ethical Hacking and Computer Security” course) makes me cringe a little bit. But then a course called “Ethical Computer Security” isn’t going to get as much press!

The Hacker from Blighty, Garry McKinnon, has recently lost his most recent battle to prevent his expedition to the US on counts of hacking.

Gary, who is being charged in excess of $700,000 in damages, is taking his case to the European court, which is expected to take at least a couple of years before it’s looked upon again. Originally charged with hacking into the NASA computer systems, the damages really amount to the cost of upgrading their systems (and user’s education you would imagine) to counter future attacks. Surely NASA should be shaking his hand, giving him a paycheck and patting his back for showing them how to improve their systems, after accounts were hacked using the most obvious methods possible: Administrator accounts without passwords, or default passwords, all available over the net via a terminal services connection. That’s like making a guy who punched you in the face to not only pay for the surgery to your teeth, but also pay for a couple of bodyguards, and karate lessons for you, to ensure you were more prepared in case somebody else tried their luck. I’m sure we would all want it, but is it really justified??

The website, Sportsnetwork.com, has been hacked, apparently, by Chinese nationalists looking to put western civilisation straight!

When originally hacked on Sunday, sportsnetwork.com had their front page removed and replaced with Chinese slogans stating the hacker’s disgust at how the media had apparently twisted the ongoing situation in Tibet. Assuming this has actually been done by Chinese hackers, it shows how twisted this person’s outlook is. I’m used to living in a society where I wouldn’t go and break or hack a website just because their opinion was different to mine.

In what seems like a theme, I have another “Make your own…” post! It’s not my fault - firstly it’s the world of tech for creating very uninspiring news, and secondly it’s Dazza’s fault for pointing me in the direction of this hack (thanks mate!)

So here it is. You too can have a custom USB memory stick that looks like somebody has ripped a USB cable in half and plugged it into your laptop! You can be guaranteed lots of attention when people see it (and probably more than when I created my own custom USB memory stick made out of Duplo). A great project for the terminally bored amongst you, and a cool addition to anybody’s laptop bag. See how it’s done here.

Firstly, I would like to say that using a wireless network which is not yours, will probably land you in some trouble. But, hey, it’s not for me to judge, I’m just here to provide the information!

After very recently looking for some admin-like answers to some wireless network problems I was having, I found this article that details in a Make Magazine or Instructables style, how to create a “Predator” wireless access point sniffer.

The Predator is a hacked router and huge wireless receiver, plus a tripod. It will scan the surrounding area for the strongest unencrypted, or “open” wireless network and repeat it into your network. And because of the over-average size of the receiver, you should be able to get a good signal as long as you have a fairly good line-of-sight. So you will have free wireless internet, while still retaining control of your network security. Very cool, but remember it might be illegal depending on where you live and laws in that country etc. Also, I wouldn’t suggest sticking the thing right next to the window as in the pictures, unless you want the SAS zip-lining into your lounge after reports of a sniper in your building!

As reported just yesterday, the Macbook Air was the first laptop to fall to the hands of the security experts. Well today, the Vista laptop has also been compromised, by hacking Adobe Flash. This time the competition focused on 3rd-party software that was available for the laptops with Security Objectives being the first to exploit a flaw today, grabbing the £5,000 prize money. Ubuntu has been crowned the most secure by the competition., but what was interesting for me, though, was that none of the OS’s were actually hacked - just the applications that were installed on them. [SHOW ME]

The Pwn 2 Own competition, which is focusing on hacking 3 laptops, has had it’s first victim. The three laptops are running Microsoft Vista, Ubuntu Linux & Mac OSX - and whoever hacks them gets them. The first day concentrated on hacking the OS and none of the systems were compromised. However on the second day, they moved onto the applications that came with the OS. A group called the Independent Security Evaluators managed to hack the inbuilt web browser, Safari in 2 minutes! Yes that’s right, 2 minutes. The vulnerability in Safari has been passed on to Apple for a fix. The team not only now “Own” the Macbook Air, but also scooped $10,000. [SHOW ME]

Young Adam Dabrowski has been arrested after a schoolboy prank caused 12 passengers injuries when he rearranged the points for the local tram network in Lodz, Poland. Initially it looked as though he was being malicious, but I’m not so sure. It’s just another hacker story that seems to skirt around the real problem, by focusing on a kid that’s obviously bored and needs proper stimulation. The real story here is the pathetic security of the transport department in Lodz.

Adam was described by his teachers as an “electronics genius” or so this article says, although that may just be a smoke screen to hide the inadequacies of the local authorities. If anyone can gain that sort of access to public transport (with a modified TV remote control!) things are very wrong. What if it had been a terrorist? I’m sure it would be “dead” not “injured” in the headlines.

Hopefully the proper authorities will investigate what went wrong and put measures in place to make sure it doesn’t happen again. I remember, about 8 years ago, one local authority in the UK had their inner-city traffic light system running from a gigantic excel spreadsheet - stuffed full of macros. This system is also equally behind the times if an infra-red remote can cause so much havoc. [SHOW ME]

Robert Moore tells the press in the US how easy it was to hack into VoIP services and routers with usually little more than the default passwords that come shipped with the devices.

Not surprisingly, a lot of people still don’t get the importance of security within their devices - and this case plainly shows what can happen if you leave it to chance. Robert Moore worked as the technical lead in a scheme to rip off VoIP providers in an effort to get largely discounted rates and services. While he did the hacking, Edwin Pena did the selling. Mr Pena is reported to have made off with a million dollars of sold discounted services - illegally obtained - and has fled the US as a fugitive. It makes you wonder when people are going to wake up to the really basic security threat that everyone is under on the internet. All it takes is a well thought password and most of this stuff would never happen. [SHOW ME]

It has been revealed that a hacking kit, written by a russian hacking group, has been sold for hackers to create their own malicious code, has been implicated in 10,000 website infections.

The kit which costs $1,000 has been used by hackers to infect legitimate websites, which if the latest patches are not installed in your web browser, results in the download of trojans to the user’s computer. It is thought to have resulted in 160,000 infections on PCs. [SHOW ME]