Abusing HTTP Status Codes to Expose Private Information

When you visit my website, I can automatically and silently determine if you’re logged into Facebook, Twitter, GMail and Digg. There are almost certainly thousands of other sites with this issue too, but I picked a few vulnerable well known ones to get your attention. You may not care that I can tell you’re logged into GMail, but would you care if I could tell you’re logged into one or more porn or warez sites? Perhaps http://oppressive-regime.example.org/ would like to collect a list of their users who are logged into http://controversial-website.example.com/?

Ignoring the privacy implications for a second, as a website developer, you might like to know if your visitors are logged into GMail; you could use that information to automatically fill the email fields in your forms with “@gmail.com”… Perhaps you might want to make your Facebook “like” buttons more prominent if you can tell your visitor is logged into Facebook at the moment? Here’s how I achieve this:

…read more

UMP French Political Party got hacked & personal information leaked

UMP French Political Party got hacked & personal information leaked: “UMP French Political Party got hacked & personal information leaked The personal data of several political parliamentarians, ministers, Minister of UMP French Political Party employees were released online by an unknown source. The leak contain the details of  Bernard Accoyer, Lionel Tardy, Jean Tiberi, Georges Tron, Christian Vanneste, Jean Luc Warsmann, Laurent Wauquiez, Michèle Alliot-Marie,


(Via THN : The Hacker News.)

Scientists are from Mars, the public is from Earth

The American Geophysical Union blog has a link up to a very interesting table, and I feel strongly enough about this topic that I want to share it with you. It’s a list of words scientists use when writing or otherwise communicating science, what the scientists mean when they use that word, and most importantly what the public hears.

[Click to enverbumnate.]

I’ll admit, when I read it I laughed. But then my chuckle dried up when I realized just how dead accurate this is. And the smile pretty much left my face when I read that this table is from an article called "Communicating the Science of Climate Change," by Richard C. J. Somerville and Susan Joy Hassol, from the October 2011 issue of Physics Today.

Yup. I think they have a pretty good point.

My career at the moment could pretty much be called "Science Communicator". I do it here on this blog, I do it on Blastr and in Discover magazine, and when I give talks. Before that (and I guess it’s an occupation that never really leaves you) I was a professional scientist for many years. My training ran deep: 4 years undergrad, 6-7 in grad school, then a decade or so of research after that. I could toss around the phrase "Don’t over-iterate the Lucy-Richardson deconvolution algorithm or else you’ll amplify the noise and get spurious data spikes" with the best of ‘em.

As a science writer, though, I can’t use that! I have to say, "Cleaning up a digital image means using sophisticated mathematical techniques that can sometimes mess the image up and fool you into thinking something’s there that really isn’t."

I hope you can appreciate the difference.

So when I write, I try pretty hard to make the science topic accessible without "dumbing it down". I assume my reader is intelligent, but unfamiliar with the concepts I might be discussing. I try to define words if a reader might not know them, or link to someplace they can get more info if they need it.

But as that table shows, there are plenty of words I use all the time that someone else might know, and think means something else. And this is incredibly important, especially if a science writer — as happens more and more often these days — needs to defuse some sort of political spin thrust upon a topic. A classic example in the wholly-manufactured Climategate "controversy". A lot of hot air was generated over the use of the word "trick" in the stolen emails — which most people interpreted as meaning the scientists did something underhanded and sneaky to hide something important. In reality, we use that word to just mean a method of doing something that’s clever. It’s like saying, "The trick in never losing your car keys is to always hang them on a hook by the door that leads outside." See the difference?

But over that, political battles are won or lost.

There are times I fret over a word in a post. It took me a while to start using the word "denier" instead of "skeptic", for example, but the difference is important. I’ve fought for years to teach people that skepticism is not cynicism or denial; it’s asking for and looking at evidence logically and rationally (in a nutshell). What’s funny is that now the media uses phrases like "climate skeptic" when talking about some people who are not skeptics, in that they are not looking at the evidence logically and rationally. They look at evidence so they can figure out how to spin it, cast doubt in the mind of the public over something that is actually a fact.

That’s why I call it "denial". The word fits, and I intend to continue using it when it does.

I could go on and on.

But here’s the point: communication isn’t simply casting out information from atop a tower. There are two parts to it: presenting an idea to someone, and them understanding it. Sometimes we have to change the way we word things to make that second half happen. Otherwise we’re shouting all the facts in the Universe to an empty room.

Tip o’ the thesaurus to Joanne Manaster.

Artillery 0.1 alpha – New tool for Linux Protection by ReL1K

Artillery 0.1 alpha – New tool for Linux Protection by ReL1K
A new Tool “Artillery” – for Linux Protection has been Released by ReL1K (Founder DerbyCon, Creator of the Social-Engineer Toolkit). It’s written in Python and completely open-source. Artillery is a combination of a honeypot, file monitoring and integrity, alerting, and brute force prevention tool. It’s extremely light weight, has

Inner Peace

If  you can start the day without caffeine,

If you  can always be cheerful, ignoring aches and pains,

If  you can resist complaining and  boring people with your troubles,

If  you can eat the same food every  day  and be grateful for it,

If  you can understand when your loved  ones are too busy to give you any time,

If you can take criticism and  blame without resentment   ,

If  you can conquer tension  without  medical help,

If you can relax without  liquor,  

If  you can sleep without the aid of  drugs,  


 …Then  You Are  Probably   ………


               The  Family Dog!

InnerPeace dog

Thanks Janet B

Pentesting IPv6 vs IPv4

We’ve heard a bit of “noise” about how IPv6 may impact network penetration testing and how networks may or may not be more secure because of IPv6.  Lets be clear, anyone telling you that IPv6 makes penetration testing harder doesn’t understand the first thing about real penetration testing.

Whats the point of IPv6?

IPv6 was designed by the Internet Engineering Task Force (“IETF”) to address the issue of IPv4 address space exhaustion.  IPv6 uses a 128-bit address space while IPv4 is only 32 bits.  This means that there are 2128 possible addresses with IPv6, which is far more than the 232addresses available with IPv4.  This means that there are going to be many more potential targets for a penetration tester to focus on when IPv6 becomes the norm.

What about increased security with IPv6?

The IPv6 specification mandates support for the Internet Protocol Security (“IPSec”) protocol suite, which is designed to secure IP communications by authenticating and encrypting each IP Packet. IPSec operates at the Internet Layer of the Internet Protocol suite and so differs from other security systems like the Secure Socket Layer, which operates at the application layer. This is the only significant security enhancement that IPv6 brings to the table and even this has little to no impact on penetration testing.

What some penetration testers are saying about IPv6.

Some penetration testers argue that IPv6 will make the job of a penetration testing more difficult because of the massive increase in potential targets. They claim that the massive increase in potential targets will make the process of discovering live targets impossibly time consuming. They argue that scanning each port/host in an entire IPv6 range could take as long as 13,800,523,054,961,500,000 years.  But why the hell would anyone waste their time testing potential targets when they could be testing actual live targets?

The very first step in any penetration test is effective and efficient reconnaissance. Reconnaissance is the military term for the passive gathering of intelligence about an enemy prior to attacking an enemy.  There are countless ways to perform reconnaissance, all of which must be adapted to the particular engagement.  Failure to adapt will result bad intelligence as no two targets are exactly identical.

A small component of reconnaissance is target identification.  Target identification may or may not be done with scanning depending on the nature of the penetration test.  Specifically, it is impossible to deliver a true stealth / covert penetration test with automated scanners.  Likewise it is very difficult to use a scanner to accuratley identify targets in a network that is protected by reactive security systems (like a well configured IPS that supports black-listing).  So in some/many cases doing discovery by scanning an entire block of addresses is ineffective.

A few common methods for target identification include Social Engineering, DNS enumeration, or maybe something as simple as asking the client to provide you with a list of targets.  Not so common methods involve more aggressive social reconnaissance, continued reconnaissance after initial penetration, etc.  Either way, it will not take 13,800,523,054,961,500,000 years to identify all of the live and accessible targets in an IPv6 network if you know what you are doing.

Additionally, penetration testing against 12 targets in an IPv6 network will take the same amount of time as testing 12 targets in an IPv4 network.  The number of real targets is what is important and not the number of potential targets.  It would be a ridiculous waste of time to test 2128 IPv6 Addresses when only 12 IP addresses are live.  Not to mention that increase in time would likely translate to an increase in project cost.

So in reality, for those who are interested, hacking an IPv6 network won’t be any more or less difficult than hacking an IPv4 network.  Anyone that argues otherwise either doesn’t know what they are doing or they are looking to charge you more money for roughly the same amount of work.

Netragard, LLC. — The Specialist in Anti Hacking.

29 Music-making Apps for Linux

Last week we looked at why Linux deserves some consideration when choosing an operating system for your digital recording studio. But even the worthiest operating system is useless without useable apps.

Fortunately, there is a long list of excellent music applications available for Linux. If you choose one of the Linux distributions recommended last week, many of them come preinstalled.

This article was previously published on the AudioJungle blog, which has moved on to a new format in 2010. We’ll be bringing you an article from the AudioJungle archives each week.

We’ll leave out the programs not directly about making music – programs like guitar tuners, streaming systems, notation software and guitar tab apps – but we will look at some of the plug-ins and effects systems that are available. And we’ll leave out the applications that have better alternatives. My original list had over 50 programs.

Most of the programs are available free of charge, and in general are of higher quality than many free audio apps for Windows. So without further ado, here are 29 music making applications for Linux.

1. Ardour

Ardour is “the new digital audio workstation”. It aims to be a professional DAW, and offers features like “multichannel recording, non-destructive editing with unlimited undo/redo, full automation support, a powerful mixer, unlimited tracks/busses/plugins, timecode synchronization, and hardware control from surfaces like the Mackie Control Universal.”

2. Jokosher

Jokosher is a simpler multi-track recorder, designed for guitarists, not engineers. It “provides a complete application for recording, editing, mixing and exporting audio, and has been specifically designed with usability in mind.” It’s perfect for musicians who want to record their music without spending all of their time learning how the program works.

3. Sweep

Sweep is an audio editor and live playback tool. It aims to be easy to use, support many codecs and audio formats, and support LADSPA effects plug-ins (see below).

4. ReZound

ReZound is a stable, graphical audio editor.

5. Traverso DAW

Traverso DAW is a multitrack recording suite that is cross-platform. Besides Linux, it also works on Windows and Mac OS X. It claims to have a unique interface, a unique approach, and cover all tasks from recording to mastering.

6. Amuc (The Amsterdam Music Composer)

Amuc is an application for composing and playing music. You enter tune fragments graphically, or import from MIDI files. The program includes 5 different built-in instruments, 6 mono synthesizers, and sampled instruments.

7. LMMS (Linux Multimedia Studio)

Similar to FL Studio, LMMS allows you to produce music with your computer. Features include “the creation of melodies and beats, the synthesis and mixing of sounds, and arranging of samples. You can have fun with your MIDI-keyboard and much more; all in a user-friendly and modern interface.”

8. Audacity

Audacity is a well-known and much-loved cross-platform sound editor.

9. Rosegarden

Rosegarden is an easy-to-learn audio and MIDI sequencer, score editor, and general-purpose music composition and editing environment.

10. MusE

MusE is a MIDI/Audio sequencer with recording and editing capabilities. It aims to be a complete multitrack virtual studio with support for MIDI and audio sequencing with real-time effects.

11. Qtractor

Qtractor is an Audio/MIDI multi-track sequencer application aiming evolve as a fairly-featured Linux desktop audio workstation GUI, specially dedicated to the personal home-studio.

12. Seq24

Seq24 is a minimal loop based midi sequencer. It was created to provide a very simple interface for editing and playing midi ‘loops’, and excludes the bloated features of the large software sequencers, and includes a small subset of features that I have found usable in performing.

13. Renoise

Renoise has a unique bottom-up approach to music making. With its vertical timeline and streamlined interface, Renoise lets you have direct control over the composition. Features include automatic plug-in delay compensation, high resolution timing, fast interface, cross-platform (Linux, Mac OSX and Windows), plug-in support, and low-latency audio.

14. TiMidity++

TiMidity++ is a software synthesizer, playing MIDI files by converting them into PCM waveform data. It can also convert MIDI files into various audio formats.

15. amSynth

amSynth stands for Analogue Modeling SYNTHesizer. It provides virtual analogue synthesis in the style of the classic Moog Minimoog/Roland Junos. It offers an easy-to-use interface and synth engine, while still creating varied sounds.

16. Bristol Audio Synthesiser

Bristol Audio Synthesiser is an emulator for diverse keyboard instruments. Currently about 20 are implemented: various Moog, Sequencial Circuits, Oberheim, Yamaha, Roland, Hammond, Korg, ARP, and Vox algorithms. The application consists of an audio engine and an associated graphical user interface called Brighton which acts as a dedicated master keyboard for each emulation.

17. TerminatorX

terminatorX is a real-time audio synthesizer that allows you to “scratch” on digitally sampled audio data the way hip-hop DJs scratch on vinyl records. It features multiple turntables, real-time effects (built-in as well as LADSPA plugin effects), and a sequencer and MIDI interface.

18. Qsynth

Qsynth is a GUI front-end for FluidSynth. FluidSynth is a software synthesiser based on the Soundfont specification.

19. ZynAddSubFX

ZynAddSubFX is a open source software synthesizer capable of making a countless number of instruments.

20. LAoE (Layer Based Audio Editor)

LAoE stands for Layer-based Audio Editor, and it is a rich featured graphical audio sample-editor, based on multi-layers, floating-point samples, volume-masks, variable selection-intensity, and many plugins suitable to manipulate sound, such as filtering, retouching, resampling, graphical spectrogram editing by brushes and rectangles, sample-curve editing by freehand-pen and spline and other interpolation curves, effects like reverb, echo, compress, expand, pitch-shift, time-stretch, and much more.

21. LinuxSampler

The LinuxSampler project was founded with the goal to produce a free, streaming capable open source pure software audio sampler with professional grade features, comparable to both hardware and commercial Windows/Mac software samplers and to introduce new features not yet available by any other sampler in the world. It is very modular, and usually runs as its own process in the background of the computer.

22. SooperLooper

SooperLooper is a live looping sampler capable of immediate loop recording, overdubbing, multiplying, reversing and more. It allows for multiple simultaneous multi-channel loops limited only by your computer’s available memory. SooperLooper is also available for Mac OS X.

23. Cheese Tracker

CheeseTracker is a software sampler and step-based sequencer. It allows a musician to turn single-note samples into instruments capable of covering three or four octaves (by playing the samples at different speeds, resulting in different pitches). In addition, it is possible to take a collection of samples that are recorded at different octaves, and combine them into a single “instrument,” allowing for even more octaves without sampling artifacts.

24. Hydrogen

Hydrogen is an advanced drum machine for GNU/Linux. It’s main goal is to bring professional yet simple and intuitive pattern-based drum programming.

25. Breakage

Breakage is an intelligent drum machine designed to make it easy and fun to play complex, live breakbeat performances. A step-sequencer pattern editor and previewer, database, sample browser, neural network, pattern morphs, statistics and probabilistic pattern generator give you the tools to work with breaks. Breakage is also available for Mac OS X and Windows.

26. JAMin

JAMin is the JACK Audio Connection Kit (JACK) Audio Mastering interface. JAMin is an open source application designed to perform professional audio mastering of stereo input streams. It uses LADSPA (see below) for digital signal processing (DSP). It features linear filters, 30 band graphic EQ, 1023 band hand drawn EQ with parametric controls, spectrum analyser, 3 band peak compressor, multiband stereo processing, and a loudness maximiser.

27. LADSPA effects and plug-ins

LADSPA is the Linux Audio Developer’s Simple Plugin API. It is a standard that allows software audio processors and effects to be plugged into a wide range of audio synthesis and recording packages.

Steve Harris lists quite a few LADSPA plug-ins on his website.

28. DSSI

DSSI (pronounced “dizzy”) is an API for audio processing plugins, particularly useful for software synthesis plugins with user interfaces. DSSI is an open and well-documented specification developed for use in Linux audio applications, although portable to other platforms. It may be thought of as LADSPA-for-instruments, or something comparable to VSTi.

29. LV2 Audio Plugin Standard

LV2 is a standard for plugins and matching host applications, mainly targeted at audio processing and generation. It is a successor of LADSPA, intended to address the limitations of LADSPA which many applications have outgrown.

This article was first published over a year ago on the AudioJungle blog. Has anything changed in Linux audio since then? Let us know in the comments.