As some of you may have noticed, 2600uk.com has dropped off the face of the Google planet. Asking around it would appear that a number of other websites have also fallen from googles grace and, interestingly enough, each of those interviewed contained information on the darkside of Googles CodeSearch facility.

I swift email to Google produced no reply and checking Google’s cache of 2600uk.com lists our CodeSearch post at the top spot. With its frequent intrusion in to our lives not enough, could it be that Google is also trying to censor those with whom it fails to agree?

I’ve always said, “He who controls Google, controls the world”. Yet with the Google hole becoming ever deeper, it wouldn’t be ludicrous to suggest that Google itself will fall from grace in the not too distant future.

Update: It looks like Google has now relisted the site. Interestingly this comes as the CodeSearch post drops off the homepage and into the archives. Again, there has been no response to previous emails querying Google.

This year saw the beginning of British Telecom’s implimentation of their Next Generation Network - The 21st Century Network, or 21CN. To compliment our series of 21CN articles, mo0 from the Hacker Voice Radio IRC network informs me of the following site offering a lookup service to find when your exchange goes 21CN.

At the beginning of the second half of 2006, British Telecom began the migration of approximately 350,000 customers in the Cardiff, Bridgend and Pontypridd areas (UK) to an extraordinary new telecommunications network, a network that will radically transform the way in which we communicate. But what exactly is 21CN?

The initial release of our 21CN article series is now available at the following location.

http://www.2600uk.com/21st-century-network/

Be sure to check back as more articles and announcements are released and additional information becomes available.

Some nice-looking screenshots of Microsoft’s next version of Windows Mobile - codenamed ‘Crossbow’ - have popped up on the web to show the upcoming operating system’s swankier graphics.

The images come courtesy of MSMobileNews, which has a selection of shots on offer. Meanwhile, the similarly names MSMobiles has a smaller pic showing Windows Mobile 6.0/Windows Mobile 2007’s Vista-like folder icons.

The first report provides some Windows Mobile release information, though the data was first made public in April this year. Specifically, Crossbow is due to ship to OEMs in Q4 to allow them plenty of time to get devices ready for the OS’ introduction in late Q1/early Q2 2007. Crossbow is expected to give gadgets more a better telephony experience and to improve its messaging technology.

Come Q4 2007, and Microsoft will release ‘Photon’, the follow up to Crossbow, to developers. Photon is said to sport a new Windows CE foundation. It’s due to be launched to the public Q1/Q2 2008.

Source : The Register - Vista-inspired Windows Mobile 6 spied on web

From The Register’s John Leyden:

The Swiss government is “considering” the use of a spyware application called Superintendent Trojan to eavesdrop on IP telephony conversation, Heise Security reports.

Swiss firm ERA IT Solutions said it hopes to supply the Superintendent Trojan only to government agencies, a policy it hopes will leave it off malware blacklists compiled by anti-virus and anti-spyware developers.

Even if we accept ERA’s assertion that the use of the technology would be restricted to government agencies, anti-virus firms would be honour bound to blacklist the app if any of their customers complained about it.

As well as allowing VoIP calls to be monitored, the software is surreptitiously turning on the built-in microphones or webcams on target PCs. All this assumes, of course, that the software can be successfully planted in the first place - a tricky proposition without physical access to a PC, as HP leak gum-shoes might attest.

Altogether the plan seems fraught with difficulties, without even considering whether evidence obtained via such covert methods would be legally submittable.

Charles Gudet, the head of the Special Services Department at UVEK (the Swiss government department in charge of telecoms, among other things), told Sonntags Zeitung there’s no basis for using such Trojan techniques under federal wiretap laws (such as the Federal Post and Telecommunications Surveillance Act). However, local laws and federal police procedures permit the use of software wiretaps providing surveillance has being authorised by a court.

Source: The Register - Swiss gov ‘mulls’ spyware to tap VoIP calls

The U.S. Air Force is preparing to create a new command to develop techniques for fighting in cyberspace. Air Force Print News reported Oct. 5 that Air Force leaders will gather in Washington in early November to discuss the plans. On Dec. 7, 2005, cyberspace became an official Air Force domain after Secretary of the Air Force Michael W. Wynne and Chief of Staff of the Air Force Gen. T. Michael Moseley introduced a new mission statement.

The statement informed Air Force personnel that their new mission was to “deliver sovereign options for the defense of the United States of America and its global interests — to fly and fight in air, space and cyberspace.”

Moseley said that Air Force leaders establishing a new “cyber command” to be responsible for fighting in that domain, commenting: “To deliver the full spectrum of effects we will evolve a coherent enterprise, with war fighting ethos, ready to execute any mission in peace, crisis and war. We will foster a force of 21st Century warriors, capable of delivering the full spectrum of kinetic and non-kinetic, lethal and non-lethal effects across all three domains. This is why we are standing up an operational command for cyberspace, capable of functioning as a supported or supporting component of the joint force.”

Read more here

Yesterday, Google Labs opened up the beta version of their CodeSearch search engine, giving way to an influx of pro-hack comments.

The, long awaited, CodeSearch facility enables users to lookup chunks of public source code, something thats sure to put the fjear mode : ON into the likes of Krugle, Codease and co.

Of course, pulling serverside source from webpages has been a dream of most hackers at one time or another, and Googles CodeSearch certainly lends its hand in doing so.

Consider the following search queries which will yield numerous results for unchecked GET variables, which could prove useful when employing Cross Site Scripting (XSS) attack vectors.

file:process.php "include($"

result: http://tinyurl.com/rrmh2

"include($_GET"

result: http://tinyurl.com/rdpl9

Not to mention the insertion of the following regex which outputs a mediocre 22,500 email addresses - making Google CodeSearch every spammers wet dream.

(Chris McClelland, of AJAXPress. stating over 11million emails from the string “@” - funny, we only found 9.5million, and half of those were not email related.)


^[a-zA-Z]([.]?([[:alnum:]_-]+)*)?@([[:alnum:]\-_]+\.)+[a-zA-Z]{2,4}$


result: http://tinyurl.com/ftz3u

Further, Google CodeSearch could prove to be somewhat of an engine for distributing “bad” code to unsuspecting programming/scripting newbies. “Google Code Search could also prove to be a tool for malware writers to distribute their code”, Adds Google Blogs, Steve Bryant, with a bit of realism to the whole security issue.

Recently I’ve had a sudden influx of porn related spam. Given that I dont usually get much spam, this was quite a surprise. Of particular interest, the influx started after applying, online, for a Barclay card.

Each email is a couple of lines packed with sexual related words, and includes a link which, when clicked, submits a GET variable to a script at the target URL, thusly validating the email address.

Example:

sexy blonde sucking and fucking
Hardcored and cummed
http://redheadteen.info/prime/siper.html?fMjXUYf.gVXjbW,hVX
Busty blonde oiled up
Amateur sex hardcore couple


The URL and .html file are variable. Obviously a little regex could filter out these emails due to the number of obscene words. But for anyone a little less tech savvy, a simpler solution is available.

The encoded variable at the end doesnt stand out to be of any particular type (base64, rot13 etc). However, cracking the code is extremely simplistic. The spammer uses a basic character substitution algorithm. Below are two tables, the first is what we know to be true, the second is the most likely completion of the conversion. Clear text is in bold, cipher text is in red

Verified Conversion Table

Most Obvious Completion

What becomes apparent is that the encoded GET variable is the receipients email address. As we know the variable content will be fixed (as apposed to random and matched in a database when processing) we can then use this to create a filter.

Option one would be to create a filter on the whole string. This is fine if you only have one email address, if you have multiple email addresses using only one domain, you could specifiy the filter to run after the @, or in the case of the cipher text, the “.”

If you have numerous email addresses across a number of domains, the obvious option would be to set to filter the encoded top level domains: ,WfQ(.net) ,hVX(.com) ,VSd(.org) etc

You can find details on how to set email filters on a number of mail clients at HideMyEmail - Spam FAQ as well as methods to help prevent spam

A new anti-theft system has been designed that aims to significantly reduce the current rise in mobile phone theft.

Remote XT is a system whereby, upon discovering the theft of a phone, the user can ring a call center who will then send out a signal to the robbed phone. This signal destroys all the data on the phone, before emitting a high pitched annoying screetch, rendering the device completely unusable.

“We also then set a small bomb off, if you like, that completely wipes the data…if it has genuinely been stolen then it renders the phone useless to the thief,” says Mark Whiteman, MD of Remote XT.

The noise can be stopped by simply removing the battery, however, upon re-insertion the noise continues. This may provide a temporary measure that can be employed whilst work on reverse engineering the phone takes place. Whilst it hasnt been confirmed, the noise is probably active with any power source, whether battery or mains.

Strangely enough, I’m told that Hyper, from Hackers Voice Radio, came up with this idea a while ago, as mention at the end of the HVTV2 hacker video.

Today saw the Nokia announce its new N Series mobile phone. The N91 Music Edition, now fitted with a huge 8GB hard drive, is aiming to secure Nokia’s position in the mobile media market. The phone is said to sync with Windows Media Player and, thusly, supports the WMA music format. Surprisingly, the new N91 also supports a variety of other formats, including, MP3, AAC, AAC+ and eAAC+. Nokia has said that it will be bundling an updated version of its PC Suite data synchronisation software with Music Manager rip and transfer code.

The lower spec N70 and N73 are said to incorporate 1GB and 2GB of memory respectively, whilst Nokia haven’t announced whether this will be as removable SD media or built in memory, its more than the current versions offer.

The N70 and N73 go on sale this November, with the 8GB N91 shipping by the end of the year. Potential buyers will be looking at a price of £234-£369, dependant on model.

Online retailer, amazon.co.uk, are offering the current standard 4GB N91 from £235