Today I saw on Bugtraq a new 0 day coming that affects all up to date versions of windows. The most extraordinary part of this, and similar disclosures, is their workarounds. Since Redmond has decided not to patch, until a later date, it is up to the discloser or a likeminded individual to figure out how to protect the masses. Guess what ends up being the fix? “Disable said Microsoft FEATURE”. Imagine that. For more information you can refer to:

http://readlist.com/lists/securityfocus.com/bugtraq/1/9704.html

This exploit only affects you if you navigate to a site (or what looks like a site) and drag and drop something. You have been warned.

jd.

Geez. I never have time anymore to put something on this darn thing. I think I am going to stop apologizing for how long it takes me to post, because it is quite quickly becoming the norm. So anyways, since my last post, I have been to ShmooCon ‘06

I met some great people to include but not limited to, Lance James, Kevin Mitnick, Fyodor – A.K.A the creator of NMAP, Skydog, DC-Mike, and Simple Nomad. And those are just some of the highlights of what happened. Bruce Potter, who is sort of a Bruce Banner / Harry Potter mix, in the closing ceremonies decided to start throwing electronics out into the crowd, one of such attacks hitting me. But I got a 1gb USB drive out of the deal so it’s all good. Oh, and a little birdy told me that they may be releasing the videos too all confrences via torrent some time in mid Feb. So if you missed the fun, atleast check out the talks. That way, next year, you’ll beat yourself up even more to go.

Next topic: Feburary Baby. It’s about that time. Words can’t express how excited I am for the first addition to my family. I am the middle child and my older sister was supposed the be the first. I think she just wanted to test the waters with a nephew first before she picked out one of her own ;–).

Next topic: SploitCast. SploitCast is REALLY taking off. I don’t know what or why it happened. But we are getting some pretty big names to speak on our tiny little podcast. Check us out at SploitCast.com or on iTunes. I’ll add a link in the navigation bar so it’s easier for ya’ll.

Next topic: Tax Season for all you Northern Americans under Canada. For the first time in my life, I have my taxes submitted before the deadline. Do you have yours done?

Now a question for the crowd: What is your favorite tool? Any tool, it could be software, a hammer or jolt cola. What is that one thing you couldn’t survive without?

.-.. .. ... - . -. / - --- / ... .--. .-.. --- .. - -.-. .- ... - / .-- .-- .-- .-.-.- ... .--. .-.. --- .. - -.-. .- ... - .-.-.- -.-. --- --

The above is Morse code. But anyways, we release the first episode of SploitCast yesterday night and we already have 1164 diggs. Which is pretty exciting. A lot of people have said quite a few good things about what we are doing. One thing that we do have to work on is the volume equalizing, which is just time and experiance. I am very glad that so many people viewed our first episode as a hit. Thanks for all your support. You can subscribe to SploitCast on iTunes by clicking here or by going to SploitCast.com. Check it out and tell us what you think. You can also help us out by digging the the story at digg.com :

SploitCast – a new podcast for hackers

jd

Archive.org copy of Sploitcast.com

Yeah, I know it’s been a while AGAIN since I have posted, but I just wanted to say Happy New Years to everyone. This year is going to be a very different one for me since my wife and I are expecting in Feb. I am really excited about my future son. It is a blessing to be able to bring a life into the world, and a big responsibility. I am also starting college back up. I will be going for a BS in Information Assurance. Another thing that I want to point out is that I shovled out some dough and am getting 2 x 1 GB (Cas 2) 184pin DDR ram sticks. I am note sure what Cas 2 is, but I am told it’s the best out right now. In other news, I went down to the party with the Hak.5 crew again and had a blast. I am starting to become a regular down there, which is fine by me. It is pretty refreshing to be able to have fun, party, and then sit down for a late night hack session all with the same people. In Bigger new (however not as big as my future son) I am now doing a podcast called Sploitcast with Harrison Holland and Jonny G’ from Hak.5. Our first episode airs Jan 8 and I am extremely excited to see how it all turns out. Well. it is getting really late and it is way my bed time.

Huge shout out to my best friend Heath Mouton!! Congratultions man!

Name: Rayne Marie Mouton
Weight: 3 lbs 9 Oz
Height: 17 inches
Born December 13th 2005 at 5:27 PM

The reason for the late posting is because my BEST BUDDY failed to mention it to me. ;–) Still love ya man.

jd.

Debating security with Steve Gibson and Leo Laporte

Stolen from: http://www.flickr.com/photos/globalhermit/sets/1592265/with/74157804/

I have created this post to invite all who read this (all 5 of ya, yes, I know your IPs by heart) to a game that was initiated out of a forum thread on the Hak.5 Forums. If you would like to join the game, by you commenting on this post you are accepting an agreement that ANYTHING that happens across this VPN is not my or any of the participants fault. You are also authorizing yourself to be a target. HOWEVER, the rules of this game are that of the WHITE HAT. You are not allowed to destroy ANYTHING on ANY computer on the VPN unless explicitly announced. Also, if there is a complaint, a valid complaint against you for not adhering to these rules, you certificate will be revoked and you will no longer be able to participate. I will be the final judge on wither or not a complaint is valid or not. I will be recording ALL traffic across the VPN. Yes, I do have enough space. If you agree to these rules, please add the comment of “I AGREE” , your handle, and include your email address in a human legible way. When the game begins I will email out each individual certificate. Further rules will be set once an initial panel of judges is formed.

If you would like to be a judge. There will be 2 spots. Email me for more information.

Just a real quick FYI. Since I have been getting more and more into the IPTV scene, I figured that I would add links to my favorite shows. I will most indubitably be adding more, but this is a good start. Check it out over

<—————————— There..

opps.. now there ——————————————————————————–>

December 2nd, I drove down to Williamsburg VA to meet up with the guys from Hak.5 and Frank Linhares. For those of you who don’t know. Hak.5 is an IPTV (Vidcast) show, which basically boils down to a TV show on the internet. Anyways, I got to meet up with these fellas and a couple other interesting people. While I was there, I had the privilege of helping out not only in the live techPhile podcast by Frank Linhares, but also the ‘glue’ segments of Ep 5 of Hak.5. I must say, if and of the Hak.5 crew or Frank are reading this; it was a great pleasure to hang out with you guys. I would also like to make some personal shout outs to each one, and because this is my site. I get to. Muhahaha.

• Frank: It was awesome to meet and get to know you. You still owe me dinner! ;–) But seriously, it was an honor to help out with the show.
• Darren: You have Hak.5 on lock, keep up the awesome work, and it was cool meeting you. Thanks for the invite. Inviting someone you have never met into your home is a big deal to me, thanks for the trust and respect.
• Wess: I love you man. We need to tell Alli about us before this gets ugly.
• Harrison: It was sweet meeting you man. We became fast friends; you and I think a lot alike. (‘cept for cars: Ferrari Sucks) and I think ShmooCon 2006 is gonna rock.
• Jon: Man, we will get Gentoo done. If you need any further help you guys got my number – Mubix – Tech Support 24/7 365. Keep it real man.
• Alli, Paul, Harrison’s Mom, and Jui-Chia: It was cool hanging out with you guys. I had a blast down there. 1 ½ hour commute is worth it to hang out w/ you guys.

One last thanks goes out to all the people in the IRC channel techPhile IRC server #hak5 and #techphile for making my moderation a cake walk. Except for a certain individual, all the questions were perfect and I only had to fix/deny a few of them.

Well if you were wondering about me, I didn’t die. I am working on a super secret project for Frank Linhares of techPhile.ca

But don’t tell anyone! That is secret squrrell news. I have also submitted some logo ideas for the new Auditor Security Collection. You can vote for me: HERE

I also got a HP dv1420us which, so far, I really like. It doesn’t like linux too much, but it is challenging me to learn more about the kernel and other aspects of linux to fix the problems.

Anyways,
I’ll start posting more…. promise

j.d.mubix