Hacking into a Gmail account proves to be an easy thing. Robert Graham (Ceo of Errata Security) gave a demo of it at Black Hat 2007 yesterday using an unprotected Wifi hotspot. The tools he used — nothing but 2 coded scripts called Ferret and Hamster.

Basically, he used Ferret to capture the Wifi signal Session IDs and Cookies from the victim’s Web browser session and used Hamster to clone the Session IDs/Cookies. The cloned web identity was then used to gain full read/ write access of the Gmail account. The scary part of it all is that one doesn’t need to be a super programmer to hack into an email system i.e. just knowing how to use the scripts would be enough. The term script kiddies comes to mind.

Just shows how much you should be aware of potential exploits within email. George Ou from Znet, posted a good article on security steps to safeguard yourself when using email. You should know however, that there is never a case where it is 100% hacker proof — to think it is would be foolish.

It has been reported today that Wikipedia’s cloak of anonymity will soon be put to an end with the free Internet encyclopedia planning to ask contributors who claim certain credentials to identify themselves. It’s about time Wikipedia does something like that. They should have done it a long time ago as that may have minimized the controversies and the slandering practices we have seen lately.

Wikipedia founder Jimmy Wales said in interviews by phone and instant message Wednesday from Japan that contributors still would be able to remain anonymous. But he said they should only be allowed to cite some professional expertise in a subject if those credentials have been verified.

“We always prefer to give a positive incentive rather than absolute prohibition, so that people can contribute without a lot of hassle,” Wales wrote.

Full Article [Associated Press]

One of the most respected blogs on the web is up for sale, BusinessLogs.

BusinessLogs was established in May of 2004 and has about 50,000 visitors a month and a PR7 ranking. They are asking $55,000 for it but offers are accepted within their auction sale.

Here is what you’ll get:

+ All blog entries written by the current owner Mike Rundle since May 2004.
+ A new design for the site to begin upon finalization of the sale. Normal blog design projects for clients start at $4,000 but this is included in the price.

It does not include:

- Continuation of the 9rules affiliation which accounts for <4% total referral pageviews.
- The work portfolio of Mike Rundle (currently located at businesslogs.com/work).

The package doesn't come with the tag team of Mike Rundle, chief designer and Paul Scrivens ... so you'll most likely have to hire one or do it yourself if you are design savvy enough. Bear in mind, you'll be paying for the name and a lot of credibility too from the likes of Christian Science Monitor, RedState.com, PBS.org, Mozilla, Microsoft, and many more well-known Web 2.0 startups.

The asking price is a little pricey and I can't see a $55K price tag justification. Even if you purchase it, everyone would know that Mike isn't there anymore to do the great designs that the company is known for. I might be wrong but I see the bulk of the clientèle and the blog credibility following Mike where ever he goes. It also doesn't include the 9rules affiliation (which is a huge negative) and the actual blog only takes in about $750 in standalone revenue every month. Pretty hard to sell a design company if its priced assets (the designers) doesn't come with it. Interesting to see how this progresses.

Business Logs Auction Page
Business Logs Site

The video shows to how crack WEP and WPA secured wireless networks. It further educates you in preventing hackers from cracking your already secured wireless networks. The main objective is not necessarily to teach people to hack but more so to help you understand the need to take better steps to secure your wireless networks.

For those of you thinking that putting this up may increase the possibility of individuals using it negatively, here are my thoughts on that — the best way to learn and prevent network security vulnerabilities is to know how hackers operate and the loop holes that they target. As Sun Tzu said in his book “The Art of War” … “To know your enemy is half the battle of winning the war”.

Thanks to Brian Young for submitting this. Sorry about the annoying music in between but I believe he included it to cut the monotony of a powerpoint presentation. All information shown is for educational and informational purposes only.

If you are want a faster browsing experience on the Internet, OpenDNS may be an option for you.

Giving you a simplistic version of DNS (or Domain Naming System) - it is a system that translates domain names of websites and servers (like Yahoo.com, Google.com) to numerical IP addresses. Each IP address acts as a unique identification of where it is located on the internet and to which company or business it belongs to. Think of it like a street or house address. So when you type in a domain name on your browser, visit a web page or send an email, your ISP’s DNS Server automatically and transparently does the IP to Domain translation.

There are 2 factors that may influence and enhance your internet browsing experience:

Once you are sure that the first factor is out of the way, you can start concentrating on the later - making sure you have a good DNS. However, that may be a futile effort as most local ISPs would not give you access to their servers or mess with their DNS settings. That is where OpenDNS may be advantageous.

Read more