I'll be interested to read the details, but 2 out of the 3 things have been known for quite some time. The 'caller ID' spoofing trick has been known for _years_. The concept they are touting is known as "back spoofing". I've had friends doing this for a long time. However - there's one problem. No call cell phone associate caller ID with a phone. Yes, back spoofing works great - with _land lines_, but it's always that accurate with cell phones. So, "finding" the cell number that way isn't very reliable. If I have a boost mobile number, bought in cash, under a fake name you'll be out of luck. That is, the caller ID name (CNAM) won't be associated with it in the first place _and_ I gave all fake information to begin with.
About the voice mail. Not a big deal. This was reported 6 or more years ago. The idea is that you spoof your targets number with their cell number. The Telco side "sees" this as a call from the cell and drops you into their voicemail system. Some telco's have fixed this, other haven't. It's been a known flaw for years and years. You don't use CID for authentication exactly for this reason.
If possible, PIN protect your voicemail will stop these types of attacks (if possible). Anyways, the article is interesting, but several factors must fall into place or this attack won't work.
Dude - maybe with the telco you deal with, but that's not always the case. Sprint in south florida will allow you to modify your "caller ID" within a certain range. That is, you can't just plug in "any" phone number. This allows offices to "spoof" (as there main office number) but not broadly "spoof" any number.
Even on PRI, this isnt _always_ the case. Beside VoIP spoofing is so much easier (and cheaper).
So, just so i have this correct. I'm browsing _legal_ porn (adult), and theres a link I click on. The link pulls up child porn. I go to jail for this? That's wonderful.
.. I disagree. I believe it has more to do with the media jumping on the term "virus" rather than "worm" (ala - "cracker verses hacker". Most "malware" are trojan types of programs. There are not to many true (to the traditional sense of the word) "Viruses" (binary infectors - be it.exe/.com/MBR/.doc/etc) out there.
The method of replication has little to do with if it's a "virus" or not. By a traditional sense, most "virii" we see now days are actually worms. I just posted about traditional definitions a minute ago. Here's what ole wikipeia has to say:
"In computer security technology, a virus is a self-replicating program that spreads by inserting copies of itself into other executable code or documents. A computer virus behaves in a way similar to a biological virus, which spreads by inserting itself into living cells. Extending the analogy, the insertion of a virus into the program is termed as an infection, and the infected file (or executable code that is not part of a file) is called a host. Viruses are one of the several types of malicious software or malware. In a common parlance, the term virus is often extended to refer to worms, trojan horses and other sorts of malware, however, this can confuse computer users, since viruses in the narrow sense of the word are less common than they used to be, compared to other forms of malware."
Not the "inserting copies of itself _into other executable code". How it replicates is not what makes it a virus. User interaction or not, has nothing to do with it.
It uses to be that "worm" != "virus". Now days, it seems, many people call just about everything a "virus", when in fact, the "more proper definition" would be worm. Or, maybe I'm just being an old fart about this. It's pretty simple. If it is a _standalone_ program meant to infect machines, then it would be considered a "worm". If the malicous program where to "infect" other programs (say - via.exe,.com infector or MBR), it's a "virus".
That is, a "virus" will actually "attach" itself to a existing program (old com/exe infectors for eaxmple) or load themselves into the MBR/boot records. Then again, I see very obvious "trojans" get called "viruses!!!" all the time as well. Oh well:)
Once again, not being tethered by proprietary VoIP helps. For example, I use a standard 900mhz phone (connected via a TDM card) with my VoIP providers. You can buy ATA adapters from under 100 bucks that will turn just about any phone into a VoIP device. Of course, these all use standard non-proprietary protocols. Oh well.
I'll give you a couple of clues.. What if I want to use my Cisco 7940 (used in a lot of offices) with Skype. Oh, I can't. Welp, maybe I can use it with the Asterisk PBX (... for that fact, insert you favorite model PBX..) Oh wait, you can't. Unless you've been in a freaking hole, there are plenty of _working_ (and some crappy) VoIP providers besides Skype (Vonage/Packet8/Nuphone) that use standard VoIP Protocols (IAX2/SIP). It's not just about Linux and open source. Locking into a protocol limits what you can do.
Welp, as many have pointed out ANI != CID. I'm a big, big fan of VoIP and is anything but knew. Whoopy. If you're interested in what you can do with VoIP and asterisk, check out:
http://www.telephreak.org
and of course a wonderful reference is
http://www.voip-info.org
.
Normal DID lines usually aren't lax enought to let outbound CID go through. However, DS1, etc. circuits, it's not completely uncommon. I think it's sort of cool the Nuphone does this (though, I will have to check it out for myself). When a call via SIP, for example, is made, the CID information is sent - just as normal data. So, it shouldn't be terribly supprising that if your machine is sending the data, you can alter the outbound data. This isn't exactly something ground breaking with asterisk.
Once again "close" and "hit" are two different things. If I throw a dart, and it hits "near" the bullseye.. It's "close". If I actually "hit" the "bullseye", then there no question about how close I am.. Because I hit it.. Yesh.
This is very hollywood of you. We _might_ be able to lessen the damage (by re-directing the object). We might be able to break it up (as you pointed out, but that might make matters worse).. Pointing a large object into the ocean might be _worse_ that actually letting it hit land! Anyways, to the point...
We have to _know_ well ahead of time that the object is headed our way.. And without doubt. With very large objects, that might not be a problem. However, we are not talking about a dozen or so objects! There's more to track than we even know about. Hence, we really leave it up to fate... Isn't there a small project to keep track of the "most" deadly objects as it is? Lets say we watch what we believe are the 100 most "deadly" objects.. It only takes that 101 that we are not watching to make a really, really bad day. Funding something like this reminds me of the fight to get SETI off the ground. There are no immediate payoff's (which the goverment(s) look for!). If it happens, then we'll that will be the payoff.
And we better find the object about to hit earth well
ahead of time to do something about it.
Sounds like everyone has written something like this at sometime. I've been using MapSoN (
http://mapson.sf.net ) along with Spamassasin
for quite some time. MapSoN is a basic challange/response type of system. It's not 100% perfect, but then thats where SpamAssassin steps in.
I uses/run a public OpenVMS cluster. There are still somethings that the Unix community could learn from OpenVMS. Cluster, and the security model come to mind. The stablity cannot be beat. It's good stuff.
And, yes.. You can run OpenVMS on your little Intel boxes.. Check out..
http://simh.trailing-edge.com/.. Cool stuff.
Run's great. If you're really interested in OpenVMS, there's a couple of "free access" servers out there. For example:
http://deathrow.vistech.net.... One uVAX, and
Alpha online for public use. We're about to add a SIMH (Intel) box running OpenVMS into the cluster as well.
We do something similar. We give out free "Shell" account, but rather than using *nix, we use OpenVMS. The idea is two fold. If gives people a place to play, and use a different operating system. OpenVMS is often considered one of the most secure operating sysems around.:)
IF interested, check out http://deathrow.vistech.net, or you can even
telnet to dahmer.vistech.net or manson.vistech.net.
Slashdot Mirror
I'll be interested to read the details, but 2 out of the 3 things have been known for quite some time. The 'caller ID' spoofing trick has been known for _years_. The concept they are touting is known as "back spoofing". I've had friends doing this for a long time. However - there's one problem. No call cell phone associate caller ID with a phone. Yes, back spoofing works great - with _land lines_, but it's always that accurate with cell phones. So, "finding" the cell number that way isn't very reliable. If I have a boost mobile number, bought in cash, under a fake name you'll be out of luck. That is, the caller ID name (CNAM) won't be associated with it in the first place _and_ I gave all fake information to begin with. About the voice mail. Not a big deal. This was reported 6 or more years ago. The idea is that you spoof your targets number with their cell number. The Telco side "sees" this as a call from the cell and drops you into their voicemail system. Some telco's have fixed this, other haven't. It's been a known flaw for years and years. You don't use CID for authentication exactly for this reason. If possible, PIN protect your voicemail will stop these types of attacks (if possible). Anyways, the article is interesting, but several factors must fall into place or this attack won't work.
Dude - maybe with the telco you deal with, but that's not always the case. Sprint in south florida will allow you to modify your "caller ID" within a certain range. That is, you can't just plug in "any" phone number. This allows offices to "spoof" (as there main office number) but not broadly "spoof" any number. Even on PRI, this isnt _always_ the case. Beside VoIP spoofing is so much easier (and cheaper).
So, just so i have this correct. I'm browsing _legal_ porn (adult), and theres a link I click on. The link pulls up child porn. I go to jail for this? That's wonderful.
.. I disagree. I believe it has more to do with the media jumping on the term "virus" rather than "worm" (ala - "cracker verses hacker". Most "malware" are trojan types of programs. There are not to many true (to the traditional sense of the word) "Viruses" (binary infectors - be it .exe/.com/MBR/.doc/etc) out there.
The method of replication has little to do with if it's a "virus" or not. By a traditional sense, most "virii" we see now days are actually worms. I just posted about traditional definitions a minute ago. Here's what ole wikipeia has to say: "In computer security technology, a virus is a self-replicating program that spreads by inserting copies of itself into other executable code or documents. A computer virus behaves in a way similar to a biological virus, which spreads by inserting itself into living cells. Extending the analogy, the insertion of a virus into the program is termed as an infection, and the infected file (or executable code that is not part of a file) is called a host. Viruses are one of the several types of malicious software or malware. In a common parlance, the term virus is often extended to refer to worms, trojan horses and other sorts of malware, however, this can confuse computer users, since viruses in the narrow sense of the word are less common than they used to be, compared to other forms of malware." Not the "inserting copies of itself _into other executable code". How it replicates is not what makes it a virus. User interaction or not, has nothing to do with it.
It uses to be that "worm" != "virus". Now days, it seems, many people call just about everything a "virus", when in fact, the "more proper definition" would be worm. Or, maybe I'm just being an old fart about this. It's pretty simple. If it is a _standalone_ program meant to infect machines, then it would be considered a "worm". If the malicous program where to "infect" other programs (say - via .exe, .com infector or MBR), it's a "virus".
That is, a "virus" will actually "attach" itself to a existing program (old com/exe infectors for eaxmple) or load themselves into the MBR/boot records. Then again, I see very obvious "trojans" get called "viruses!!!" all the time as well. Oh well :)
Once again, not being tethered by proprietary VoIP helps. For example, I use a standard 900mhz phone (connected via a TDM card) with my VoIP providers. You can buy ATA adapters from under 100 bucks that will turn just about any phone into a VoIP device. Of course, these all use standard non-proprietary protocols. Oh well.
Funny, I can run kphone on my Ipaq now.
I'll give you a couple of clues.. What if I want to use my Cisco 7940 (used in a lot of offices) with Skype. Oh, I can't. Welp, maybe I can use it with the Asterisk PBX (... for that fact, insert you favorite model PBX..) Oh wait, you can't. Unless you've been in a freaking hole, there are plenty of _working_ (and some crappy) VoIP providers besides Skype (Vonage/Packet8/Nuphone) that use standard VoIP Protocols (IAX2/SIP). It's not just about Linux and open source. Locking into a protocol limits what you can do.
You obviously missed the part where it said buying _multiple_ backup machines, and you'd still save money. People, can we read the article.
So, keep your landline. VoIP and landline work quite well together. Yesh.
Welp, as many have pointed out ANI != CID. I'm a big, big fan of VoIP and is anything but knew. Whoopy. If you're interested in what you can do with VoIP and asterisk, check out: http://www.telephreak.org and of course a wonderful reference is http://www.voip-info.org . Normal DID lines usually aren't lax enought to let outbound CID go through. However, DS1, etc. circuits, it's not completely uncommon. I think it's sort of cool the Nuphone does this (though, I will have to check it out for myself). When a call via SIP, for example, is made, the CID information is sent - just as normal data. So, it shouldn't be terribly supprising that if your machine is sending the data, you can alter the outbound data. This isn't exactly something ground breaking with asterisk.
Once again "close" and "hit" are two different things. If I throw a dart, and it hits "near" the bullseye.. It's "close". If I actually "hit" the "bullseye", then there no question about how close I am.. Because I hit it.. Yesh.
Yesh. no.. It __hit__.. Mang...
This is very hollywood of you. We _might_ be able to lessen the damage (by re-directing the object). We might be able to break it up (as you pointed out, but that might make matters worse).. Pointing a large object into the ocean might be _worse_ that actually letting it hit land! Anyways, to the point... We have to _know_ well ahead of time that the object is headed our way.. And without doubt. With very large objects, that might not be a problem. However, we are not talking about a dozen or so objects! There's more to track than we even know about. Hence, we really leave it up to fate... Isn't there a small project to keep track of the "most" deadly objects as it is? Lets say we watch what we believe are the 100 most "deadly" objects.. It only takes that 101 that we are not watching to make a really, really bad day. Funding something like this reminds me of the fight to get SETI off the ground. There are no immediate payoff's (which the goverment(s) look for!). If it happens, then we'll that will be the payoff. And we better find the object about to hit earth well ahead of time to do something about it.
Sounds like everyone has written something like this at sometime. I've been using MapSoN ( http://mapson.sf.net ) along with Spamassasin for quite some time. MapSoN is a basic challange/response type of system. It's not 100% perfect, but then thats where SpamAssassin steps in.
I uses/run a public OpenVMS cluster. There are still somethings that the Unix community could learn from OpenVMS. Cluster, and the security model come to mind. The stablity cannot be beat. It's good stuff. And, yes.. You can run OpenVMS on your little Intel boxes.. Check out.. http://simh.trailing-edge.com/ .. Cool stuff.
Run's great. If you're really interested in OpenVMS, there's a couple of "free access" servers out there. For example:
http://deathrow.vistech.net .... One uVAX, and
Alpha online for public use. We're about to add a SIMH (Intel) box running OpenVMS into the cluster as well.
Sorry... Disney characters got old, so yes.. We use serial killers... Also, it says "Loose nit".... Yesh..
For a operating system that didnt come about until the late/mid 70's... pretty stupid button..
We do something similar. We give out free "Shell" account, but rather than using *nix, we use OpenVMS. The idea is two fold. If gives people a place to play, and use a different operating system. OpenVMS is often considered one of the most secure operating sysems around. :)
IF interested, check out http://deathrow.vistech.net, or you can even
telnet to dahmer.vistech.net or manson.vistech.net.