Rootsecure Homepage
About RootSecure
Lite Edition
User Area
Audio News
Daily Newsletter
Site News Archives
Sources News Archive
SecNews RSS Feeds
SecNews Console
Links:
Videos
Security
Hacking
Wireless
Downloads:
Other
Perl Scripts
Audio Clips
Win32 Tools
Media Archive
PDF Documents
Reports
Hacker Gear
Win' Error Pic's
ASCII Generator
Your IP Address
RootSecure:
Contact
Search
Publicity
Affiliates
Attack Statistics
Syndication
(RSS/XML Feed)
Privacy Policy
Hits: 134,513,749
(Since 06/09/02)
Admin Telnet
HoneyPot Project
|
|
|
|
Reports | Security Related April Fools 2003 Roundup
{1st Apr 2003} |
|
|
April 1st, the time for journalists to make up stories, website designers to
redirect their sites, and everyone else to try and sort out fact from fiction.
From its traditional French roots in 1562, April the 1st has now truly evolved
embracing the digital age in its stride. This year was certainly an eventful
one, but blink and you would have missed it. April fools started appearing as
early as the preceding morning from some publications, which had the desired
effect of successfully confusing a number of people, especially those eagerly
awaiting them the next day.
2600 duly followed tradition redirecting its site, this time to the address
http://www.2600.gov@207.99.30.232/ no doubt trying to confuse the less internet
savvy user of their 'gov' status. The IP address sported a number of audio clips
(embedded in flash animation files), along with the message "2600.COM is now the
property of the United States Government - Your address has been logged"
parodying the
DEA's
recent redirect of several domain names to one of their own servers.
The Register, stuck all its eggs in one basket going all out to
report the
claims of 'Backfire security Inc', who announced the availability of a new "discrete desk-top client
application which wreaks revenge on those hackers and culprits attacking your
network or infecting users with worms and/or viruses" under the title of "Free
software gives hackers taste of own medicine".
backfiresecurity.co.uk only registered on March 28th, was offline by
mid-day Tuesday, after being Slashdotted which prompted a 509 (This account has
exceeded it's bandwidth quota and has been temporarily disabled) soon after. The
site hosted in Nottingham, was not restored by the time of publication. Backfire
had a truly professional look and feel combined with a distinct but plausible
lack of content on its front page. The site required the completion of a short
questionnaire, also asking for "Name", "Company", and "Email" the details
of which were sent to davide@multimediapr.co.uk using a generic formmail script. (It
is unclear whether
theregister.co.uk
or multimediaprm.com
are behind the site.)
An AT&T labs researcher
wrote an utterly pointless and rather long RFC titled "The Security Flag in the IPv4
Header" which requires packets to send a security flag if they are malicious in
nature, this can then be recognised by network security devices and used
as an easy way to
distinguish between malicious, and "unusual" packets. The RFA prompted a massive
overreaction from the Slashot community who though it was such a good idea, that
3 separate items were posted about the RFC alone:
New RFC Adds "Evil Bit", Evil
Bit Added to TCP/IP Packets, s,
IPv4 Headers Investigated.
Slashdot truly got into the spirit of the occasion, to such an extent it was
very difficult to tell what if anything was real news.
The Sydney Morning Herald published an
interesting but technically peculiar
article about a new programming "Language inspired by Orwell set to fool
hackers".
Durham University Computing Society announced
"Whitespace",
a programming language whose only valid syntax is spaces, tabs and newlines
"particularly useful for spies". They are however insisting it is
"no April fools joke".
Lastly proving the moderators of
Security Focus's Bugtraq mailing list haven't
left their sense of humour behind after the recent
takeover by Symantec Corp, an
alert warning "serious vulnerability present. all doomed." made it
into the inboxes of security professionals all around the globe this
morning.
It is worth noting, this years April Fools day seems to have hit the security industry harder than
most.
Mirrors of 2600 &
Backfire security on April 1st 2003 (zip)
Side Notes:
With some stories it is difficult to tell,
Feds: Chinese Hack Attacks Likely April fool poking fun at the NIPC
or factual article?
Non Security Related April Fools:
TV Week: Is Your Television Watching You?
BBC News: Shock tactics for anti-social mobile use
Think Geek: George Foreman USB iGrill
Surprisingly, this year there appears to have been no response from
Google.com, not even a changed logo.
Previously: Search
smarter and faster with Google's MentalPlex &
PigeonRank.
|
|