Month: August 2009

Patches are available for Windows 2000, XP, Vista, Windows Server 2003 and Windows Server 2008. Microsoft has labeled them as “critical” updates. Please schedule a windows update as soon as possible.

Some of our Asian customers are reporting slow Internet access (trace routes and ping times) to the United States and other areas of the world. Currently, two of the major undersea communications cables in the area have received major damage and are no longer functioning. Telecommunications companies are rerouting the Internet traffic, but it will take at least a week to reach full speeds.

The two affected cables are

1. Asia-Pacific Cable Network 2 (APCN2) – connects China (Hong Kong) and Taiwan
2. East Asia Crossing (EAC) undersea cable – connects Hong Kong and Taiwan

We expect the EAC cables to be repaired by August 20th. There is no estimation on repair times for the APCN2 cable.

We added a 10Gbps link to Level3 at our One Wilshire location yesterday. Routes are up and we’re pushing almost 1Gbps through select prefixes. Wow I’m so exited about these great routes that Level3 brings in!

While most networking pros worry about firewalls and anti-malware software, a new keyboard hack promises to completely ignore all such protections. At the Black Hat and Defcon computer security conferences in Las Vegas, a hacker has demonstrated a hacked Apple keyboard that can log keystrokes and autonomously complete nefarious commands.

Apple keyboards have 8K of Flash memory along with 256 bytes of RAM. K.Chen managed to fit his code into this miniscule space and activates the software with a few taps of the return key. Since the software runs inside the keyboard, no batteries are required and the malware is undetectable from the operating system.

Chen included code in the PDF of his talk and the link is included at the end of the article. So what can you do with this hacked keyboard? Chen said you can disable keys, intentionally brick the keyboard and of course record the keystrokes to both flash (more than a 1000 keystrokes) and RAM (approximately a couple dozen keystrokes).

Chen showed off his hacked keyboard in the press room and Charlie Demerjian of Semi Accurate and George Ou of Digital Society managed to record a demonstration.

• PDF Link
• George Ou – Digital Society
  
• Charlie Demerjian – Semi Accurate

Update August 2 2009

After being warned about a possible Trojan horse on the Defcon CD, a few malware analysts ripped through the CD contents looking for the file.  It was pretty amazing seeing the two guys work.  One used a Mac laptop while the other ran the PDF in a VMWare session.  They zeroed in on a few files and looked at the binary information along with the connections the file was trying to make.  In the end, both figured out that the trojan horse warning was just a false positive.  Crisis adverted.

————————–

Well that’s just great, the Defcon CD has a confirmed Trojan horse and everyone has been told to not view/use the files. I guess it shouldn’t come as any surprise that a hacking convention would have a hacked CD. The danger here is that there are federal agents and security professionals here with some serious information on their laptops.

Yikes!