There’s a new game in town
Mini ‘how-to’ Bluetooth/Wifi combo for Raspberry PI
Stick’em with the pointy end
Virtual and not so Virtual Space
Be Still my Bleeding Heart …
The Never-ending Privacy Battle
The Many Sides of Bitcoin
Cyber Jihadists
Hacker Gangs
The New Old War
The Sacred Executioner
Scripting Aphrodites
There’s a new game in town My first foray into role playing games (RPGs) wasn’t actually an RPG at all. Rather, it was a computer based word puzzle, “The Colossal Cave” aka “Adventure.” I stumbled upon this game during a computer job back in the late 1970s. The game was written in Basic and ran on a PDP-11. I spent hours […]
Read the Full Story
Mini ‘how-to’ Bluetooth/Wifi combo for Raspberry PI I recently purchased the Cirago USB Bluetooth/Wifi combo to use with my raspberry pi. All things considered, I am quite pleased. Being reasonably versed in google-fu, helped, of course. Since I want the freedom to do some mobile tinkering, I need to access the pi sans a lan. That, and my latest wild hair project […]
Read the Full Story
Stick’em with the pointy end Since I have been spending a great deal of my time playing in the field of 3D design and printing, I have only recently stumbled upon, and had time to read, “Privacy for Me and Not for Thee,” penned by Catherine A. Fitzpatrick, a human rights activist whom I first encountered in the virtual world […]
Read the Full Story
Virtual and not so Virtual Space Not long ago, someone asked if I liked 3D printing better than virtual worlds. The short answer is, equally but differently.
Read the Full Story
Be Still my Bleeding Heart … “Secure web servers are the equivalent of heavy armored cars. The problem is, they are being used to transfer rolls of coins and checks written in crayon by people on park benches to merchants doing business in cardboard boxes from beneath highway bridges. Further, the roads are subject to random detours, anyone with a screwdriver […]
Read the Full Story
The Never-ending Privacy Battle This brings me back to the Hundredpercent American. To some extent he is a pet of mine. I have always rather liked him, because he has some promising qualities. For instance, he has enormous hospitality. I used to feel personally complimented by the amazing warm-hearted hospitality showered on me by Americans. […] When I realized […]
Read the Full Story
The Many Sides of Bitcoin Pariah, darling, or somewhere in between. Bitcoin has continued to linger in the daily media spotlight since the shuttering of darknet’s black-market drug bazaar, Silk Road, and the subsequent announcement of the arrest of its alleged owner, Ross William Ulbricht (aka DPR), on October 2, 2013. Media mavens have long cast bitcoin as a sort […]
Read the Full Story
Cyber Jihadists “We’re facing a very great threat of loosely-coupled, organizational networks that increasingly rely on IT infrastructure to coordinate their movements and recruit young disenfranchised, apathetic guys as suicidal pawns in a sophisticated, dispersed movement. (…)” (AHM, Usenet, September 21, 2001)
Read the Full Story
Hacker Gangs Meet Jim Script Kiddie (skiddie). He is the guy (usually in his early to mid teens) who comes into a hacker forum, asking inane questions like, “how can I be a hacker?” He also tends to over-indulge in “hacker speak” making him look pretty much like a moron to seasoned (and not so) computer netizens.
Read the Full Story
The New Old War In 1956, FBI Director, J. Edgar Hoover initiated a program, code-named COINTELPRO (counter intelligence program) ushering in what would become the mainstay for how intelligence communities dealt with domesitic affairs. The sole directive of this program was “to expose, disrupt, misdirect, discredit, or otherwise neutralize” the activities of various dissidents and their leaders.
Read the Full Story
The Sacred Executioner In his book, “The Sacred Executioner,” Hyam Maccoby notes: “A figure in mythology that has received little attention is that of the Sacred Executioner. […] By taking the blame for the slaying, he is performing a great service to society, for not only does he perform the deed, but he takes upon himself the blame […]
Read the Full Story
Scripting Aphrodites On Wednesday, April 13, 2006, 10-year-old Jamie Rose Bolin was reported missing by her father. Investigators thought she may have been abducted by someone she met online. Oklahoma law enforcement suspected her abductor might be heading just across the border to Texas and requested Texas issue an Amber alert.
Read the Full Story
image There’s a new game in town
image Mini ‘how-to’ Bluetooth/Wifi combo for Raspberry PI
image Stick’em with the pointy end
image Virtual and not so Virtual Space
image Be Still my Bleeding Heart …
image The Never-ending Privacy Battle
image The Many Sides of Bitcoin
image Cyber Jihadists
image Hacker Gangs
image The New Old War
image The Sacred Executioner
image Scripting Aphrodites

Apple Worm Infects Myspace

Monday, 04 December 2006 06:22 Written by xɐɥɹʌ 0 Comments

Some time ago, I became engaged in a rather interesting discussion with… lets just call them a neophyte where JavaScript is concerned. In any event, my contention at the time was, JavaScript can be used to deliver malicious code due to its tight coupling with the DOM.

Those of us who hail from the Usenet group, alt.hackers.malicious, know full well just what can be done with a few judiciously placed JavaScript routines. So the individual was already on the losing end of the debate before it even began. That was about two years ago. Today Brian Krebs who writes the Security Fix blog for the Washington Post, penned an article regarding a MySpace worm. And it was delivered in an apple, no less. That is, via Apples program, QuickTime, which Mr. Krebs notes, “allows video files to load web content.”[1]

Er… wha…?

While I have long griped about people jumping on the JavaScript bandwagon without really knowing what they were doing, this latest bit admittedly defies logic. And while this particular situation can be blamed on an overzealous, albeit, shortsighted, programmer, MySpace has been combatting malicious code insertion issues for quite some time. Their “combatting” if one can legitimately characterize it as such, leaves something to be desired–they utilize rather crude pattern matching routines to clean up content that people use to “Pimp out” their profile pages. This recent fiasco no doubt had coders scrambling. Again. This time truncating “OBJECT” tags, in hopes of rendering the embedded content inoperable. That is, for MSIE users. And while MySpace may be able to douse this particular fire (or would that be, squish this particular worm?) this time around, as long as they allow users to write their own content, they will continue to have problems. Why? Lets take a look at their poorly thought-out model.

Basically, one need only go into the Interests & Personality section, and enter their CSS and/or HTML in any of the sections provided. MySpace programs then attempt to scrub the CSS and HTML source, in hopes of removing malicious code. In the meantime, hackers continue to devise ways to get around said scrubbing. So what you end up with is MySpace coders playing catch-up to hackers. The latter will always be a step ahead in this scenario, simply because the coders are doing nothing more than addressing resulting symptomology, while ignoring the rather glaring hole. And this isnt about attempting to outfox cunning hackers either. After all, open-ended pattern matching can be quite challenging. In this case, browsers help that bit along by removing white noise, thereby reconstructing the munged content that manages to slip past the pattern matching algorithms. Thus, by the time Joe user sees the pages, the embedded JavaScript commands, if they made it through the scrubbing process, are set to do whatever damage they are designed to do. Or otherwise put, MySpaces model for allowing consumer branding was doomed from the beginning.

Since branding is, to some degree, the draw, at some point MySpace will be forced to consider another approach. That, or their whole site will come tumbling down in one cacophonous roar. One possibility is to “make up” their own language, which would then be parsed by a server side pseudo-compiler. The result would be renderable, yet clean and virus free content. The social networking site, LiveJournal does just that. And while LiveJournals implementation comes with its own set of limitations, the least of which involves learning a new language, so to speak, the risk to consumers is reduced by more than an order of magnitude. This bit is, of course, a moot point as MySpace is not in any way, shape, or form, even close to designing, much less, implementing, such a beast.

So… back to the problem at hand. What exactly happened, anyway? The worm basically replaces valid links with malicious links, which in turn redirects users to fake login pages. At that point, an unwary user hands over their username and password to a site that then uses their account to spam pornography to other MySpace users. This is loosely referred to as , by the way. So, if youre a MySpace user, do read this article. Additionally, youll want to look for the ” peculiar blue bar” as described by Mr. Krebs. Also, pay attention to the URL in your browsers address bar. If you do not see the following:

http://something.myspace.com/something

…then youve probably stumbled upon the worm. Heres an example of what a “bad” URL could look like:

http://something.myspacer.com/something

If you look closely, youll see that “r” tacked on to the URL. This, of course, is but an example of what a bad URL might look like. Or, the munged link may simply take you to a nothing page, as myspace appears to be in the process of trapping it on its way back to your browser (which is a good thing for you).

And finally, if your profile is infected, you need to clean out your cache, disable your JavaScript, and then go to the correct login page. Once you are there, you should log in, get rid of the infected file (which will be nothing more than an embedded link to a QuickTime movie), change your passoword, and turn comment moderation on. Oh and. Go to profile settings (under account settings), and check disable html for all comment sections (i.e. profile comments, pic comments & blog comments). In summary, this is not a worm that will infect your computer, rather it will mess up your MySpace account and use it for spamming porn. So, even if you do not see the “blue bar” on your profile page you may want to check out your code to make sure all is well.

This entry was posted on Monday, December 4th, 2006 at 6:22 am and is filed under Bugs, Hacks-n-Cracks. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.