DATE: October 5 - 10, 2008
LIVE EVENT: Black Hat Japan 2008
More Information
Home > Dark Reading News Analysis > Desktop Security

The Five Coolest Hacks of 2007
Nothing was sacred – not cars, not truckers, not even the stock exchange
DECEMBER 31, 2007 | 2:51 PM

By Kelly Jackson Higgins
Senior Editor, Dark Reading

Hackers are creative folk, for sure. But some researchers are more imaginative and crafty than others. We're talking the kind of guys who aren't content with finding the next bug in Windows or a Cisco router. Instead, they go after the everyday things we take for granted even more than our PCs -- our cars, our wireless connections, and (gulp) the electronic financial trading systems that record our stock purchases and other online transactions.

Not that there's anything wrong with a new Windows or Vista flaw. But you can't help but secretly admire the ingenuity and persistence it takes to hack something that we hadn't thought of as hackable -- or that maybe that we just didn't want to think was. These are the kinds of hacks that pierce the mainsteam consciousness: Your mom's eyes may glaze over when you warn her about the risk of her PC becoming a bot, but you can bet you'll have her full attention when you show how a hacker could redirect her brand-new car navigation system to a deserted dead end street far from her intended destination.

We've selected five of the coolest hacks we covered here at Dark Reading in 2007 -- unusual vulnerabilities that were exposed and exploited this past year by researchers who don't just do Windows. So raise your glass to some innovative, and sometimes wacky, hacks that we won't soon forget (nor maybe will Mom):

Contents:

Next Page: The car navigation system

 
   PAGE 1 OF 6   
 NEXT >
DISCUSS    EMAIL    PRINT    LINK/REPRINT   
SHARE   
The Five Coolest Hacks of 2007
FULL MESSAGE LIST POST NEW MESSAGE
ID Subject Rank User Date
1 Please do your homework ... NerveGas 01/03/08 01:14 PM
FULL MESSAGE LIST POST NEW MESSAGE
This board does not reflect the views of Dark Reading or Light Reading Inc. These messages are only the opinion of the poster, are no substitute for your own research, and should not be relied upon for trading or any other purpose. The anonymity of the user cannot be guaranteed.
DISCUSS
EMAIL
PRINT
LINK/REPRINT
VIDEO
Friend Me Satan!
PLAY (15:23)
Typo Squatting Election '08
PLAY (05:10)
Typo squatting and other ways to mess with presidential candidate Websites
NEWS ANALYSIS
Targeted Attacks, DNS Issues Hit Home in New CSI Report  10/3/2008
How to Root Out Bots in Your Network  10/2/2008
RESEARCH
Identity Management: Telcos vs. Web 2.0 Titans
Subscriber Information Management: Who's Doing What
Unified Threat Management: The Market Beyond SMBs
Mobile Malware: The Enterprise at Risk
WEBINAR ARCHIVE
From IM to Social Networking: Securing Employee Use of the Web  3/26/2008
Security Update: eCards, Email Threats and Compliance  10/24/2007
COLUMNS
Flying Phish Hooks Schools of Employees  9/11/2008
Is Wireless Really Worth It?  8/14/2008
REPORTS
The Seven Deadliest Social Networking Hacks  8/26/2008
Hacker's Choice: Top Six Database Attacks  5/8/2008
Why a CMDB?
IT best practices (ITIL) have shown the benefits of a CMDB. Click for whitepapers.
Securing the Converged Enterprise II
Securing the converged enterprise is a complex discipline requiring a defense-in-depth approach.
Securing the Converged Enterprise I
Learn how balancing the benefits of convergence against its associated security risks can be tricky.
Download your FREE BUSINESS IP TELEPHONY EBOOK!
Get your free 96 Page IP Telephony eBook! 11 Chapters on DEPLOYMENT, COST SAVINGS, SECURITY & more.
MSIT From Florida Tech
Earn Your Master's Degree From an Accredited University! 100% Online.
BUY A LINK NOW
Two Indicted for DDOS 'Hit' on US Satellite Providers
Survey: Security & Innovation at Odds in the Enterprise
'Super Users' Could Threaten Database Security, Study Says
 MORE KEYHOLE
ENTERPRISE VULNERABILITIES
Vulnerability: debian xsabre
Published: 2008-10-03
Severity: HIGH
Description: a certain
debian patch to the run
scripts for sabre (aka
xsabre) 0.2.4b allows local
users to delete or overwrite
arbitrary files via a
symlink attack on
unspecified .tmp files.
Vulnerability: libvirt libvirt
Published: 2008-10-03
Severity: HIGH
Description: libvirt 0.3.3
relies on files located
under subdirectories of
/local/domain in xenstore
despite lack of protection
against modification by xen
guest virtual machines,
which allows guest os users
to have an unspecified
impact, as demonstrated by
writing to (1) ...
Vulnerability: lighttpd lighttpd
Published: 2008-10-03
Severity: HIGH
Description: mod_userdir
in lighttpd before 1.4.20,
when a case-insensitive
operating system or
filesystem is used, performs
case-sensitive comparisons
on filename components in
configuration options, which
might allow remote attackers
to bypass intended access
restriction...
Vulnerability: lighttpd lighttpd
Published: 2008-10-03
Severity: HIGH
Description: lighttpd
before 1.4.20 compares uris
to patterns in the (1)
url.redirect and (2)
url.rewrite configuration
settings before performing
url decoding, which might
allow remote attackers to
bypass intended access
restrictions, and obtain
sensitive information or <...
Vulnerability: linux kernel, redhat fedora
Published: 2008-10-03
Severity: MEDIUM
Description: the
generic_file_splice_write
function in fs/splice.c in
the linux kernel before
2.6.19 does not properly
strip setuid and setgid bits
when there is a write to a
file, which allows local
users to gain the privileges
of a different group, and
obtain sensitive i...
POWERFUL INFORMATION
AT YOUR FINGERTIPS
(SPONSORED LINKS)
Antivirus  |  Application scanning  |  Application Security  |  Attacks / Exploits / Threats  |  Authentication  |  Botnets  |  Browser security  |  Computer crime  |  Consultants  |  Cross-site scripting  |  DOS  |  Encryption  |  End-user monitoring   |  Firewalls  |  Host Protection  |  Identity management  |  Industry Trends   |  Law enforcement  |  Legal & Regulatory Topics  |  Legislation  |  Malware  |  Managed services  |  Market Research  |  McAfee  |  Messaging Security  |  Microsoft  |  Penetration testing  |  Penetration testing  |  Perimeter Security  |  Phishing  |  Policy management  |  Rootkits  |  Security Administration / Management  |  Security Industry  |  Security Services  |  Social engineering  |  Spam  |  Spyware  |  SQL injection  |  Storage Security  |  Symantec  |  Trojans  |  User privacy  |  Viruses  |  Vulnerabilities  |  Vulnerability assessment  |  Vulnerability management  |  Vulnerability Management  |  Web application firewall  |  Web services security
Dark Reader Weekly Newsletter
Dark Reading Daily Newsletter
 MORE INFO
Copyright © 2008 United Business Media Limited - All rights reserved.
RSS FEED  |   ARCHIVE  |   FREE NEWSLETTER  |   ORDER REPRINTS  |   TECHNOLOGY MARKETING SOLUTIONS  |   TECHWEB  |   CONTACT US  |   USER PREFERENCES  |   HELP
Companies
3Com (17), Aventail (7), CA (18), Check Point (30), Cisco (154), Enterasys (5), F-Secure (10), F5 (5), HP (18), IBM (130), Intel (6), ISS (40), Juniper (36), Alcatel-Lucent (2), McAfee (174), Microsoft (1195), NetIQ (2), Nokia (3), Nortel (6), Oracle (46), Qualys (2), RSA (66), Secure Computing (20), Sun (12), Symantec (295), Trend Micro (29), VeriSign (36)

Application and Perimeter Security
802.11x (46), Anomaly detection (82), Anti-spam (151), Application quality assurance (32), Application scanning (164), Auditing (27), AVDL (1), Buffer overflows (108), CERT (11), Consultants (253), Cross-site scripting (187), CVE (7), Database encryption (56), Digital vaults (8), DOS (217), EAP/LEAP (1), Email gateways (269), Encryption (143), Filtering (56), Firewalls (336), FIRST (1), HIPAA (115), Host-based IDS (45), Host/server configuration (16), Host/server encryption (9), IDS (15), IDS (176), IM (84), IPS (282), ISO 17799 (8), Key management (72), Least-privilege user (54), License management (32), Malware (1463), NAC (297), Network IDS (36), NIST (18), OWASP (17), OWASP (18), Patch management (330), PCI (225), Penetration testing (262), Phishing (705), PKI (51), Rootkits (111), SAML (2), Software metering (4), Source-code auditing (88), SOX (95), SSL (195), Systems integrators (10), VPNs (268), Vulnerability assessment (891), Web App Security Consortium (8), Web App Security Consortium (18), Web application firewall (101), Web services security (702), WLANs (357), Worms (284), WPA (17), XML (27)

Desktop Security
Anti-spam (151), Antivirus (399), Application Security (1161), Attacks / Exploits / Threats (3134), Authentication (1028), Browser security (789), Digital certificates (84), Digital signatures (56), Disk encryption (63), DRM (58), Encryption (655), File/folder encryption (39), Identity management (411), IM (84), Malware (1463), Messaging Security (548), PGP (6), Phishing (705), Rootkits (111), S/MIME (2), Security Administration / Management (1862), Social engineering (397), Spam (778), Spyware (288), Tokens (74), Trojans (388), User privacy (1667), Viruses (414), VOIP security (134), Vulnerabilities (3453), Vulnerability Management (442), Worms (284)

Discovery and management
Anomaly detection (82), Application scanning (164), AVDL (1), Black Hat (142), COBIT (8), Consultants (253), Content filtering (191), CVE (7), End-user monitoring (306), Filtering (56), FISMA (21), HIPAA (115), Host intrusion prevention (106), Host-based IDS (45), IDS (15), IDS (176), IPS (282), ISACA (1), ISO 17799 (8), Log aggregation (61), Network IDS (36), OWASP (18), OWASP (17), PCI (225), Penetration testing (232), Penetration testing (262), SAML (2), SIM/SEM (225), Source-code auditing (88), SOX (95), Vulnerability assessment (891), Vulnerability management (916), Web App Security Consortium (8)

Host security
802.11x (46), Application quality assurance (32), Authentication (1028), Backup security (70), Biometrics (170), Buffer overflows (108), Digital certificates (84), Disk encryption (63), Encryption (655), End-user monitoring (306), HIPAA (115), Host anti-spam (81), Host anti-spyware (107), Host antivirus (125), Host intrusion prevention (106), Host Protection (555), Host-based IDS (45), Host/server configuration (16), Host/server encryption (9), Host/server patching (10), IDS (15), IEEE (4), ISO 17799 (8), Least-privilege user (54), License management (32), NAC (297), P2P management (36), Patch management (330), PGP (15), Port control (12), Single sign-on (75), Smart cards (88), Software metering (4), SOX (95), Systems integrators (10), TCG (21), Tokens (74), User privacy (1667), Vulnerability Management (442), WPA (17)

Security services
Agency application (2), Application quality assurance (32), Application scanning (164), AVDL (1), COBIT (8), Consultants (253), FISMA (21), HIPAA (115), ISO 17799 (8), Managed services (317), PCI (225), Penetration testing (232), PKI (51), Policy management (508), SIM/SEM (225), Source-code auditing (88), SOX (95), Systems integrators (10)

Storage Security
AES (12), Backup security (70), COBIT (8), Database encryption (56), DES (3), Digital vaults (8), Disk encryption (63), Encryption (143), File/folder encryption (39), FIPS-140-2 (1), FISMA (21), Hashing algorithms (17), HIPAA (115), Host/server encryption (9), Identity management (125), ISO 17799 (8), Key management (72), Law enforcement (1142), Legislation (362), Offsite backup (27), PCI (225), PKI (51), SOX (95), Stored data losses (355), Systems integrators (10), Triple DES (3), User privacy (1667)

Wireless Security
802.11x (46), AES (12), Auditing (27), COBIT (8), Credential service provider (13), DES (3), Digital certificates (84), Digital signatures (56), DOS (217), EAP/LEAP (1), FISMA (21), Hashing algorithms (17), HIPAA (115), Host/server encryption (9), IEEE (4), IETF (10), ISO 17799 (8), Key management (72), NAC (297), Network IDS (36), PCI (225), Penetration testing (232), PKI (51), Port control (12), Tokens (74), Triple DES (3), VPNs (268), Vulnerability assessment (891), WLANs (357), WPA (17)