Archive for February, 2006

Microsoft to integrate Passport with Windows Live ID

Tuesday, February 28th, 2006

BetaNews is reporting that [tag]Microsoft[/tag] plans to integrate their [tag]Passport[/tag] authentication service into the [tag]Windows Live ID[/tag] by 2007.  Since Passport never really took off because there weren't enough opportunities to use it, Windows Live has now injected some new vigor into it.

A Microsoft spokesperson confirmed the existence of [tag]Windows Live[/tag] ID to BetaNews late Monday, calling it the authentication service for Windows Live. "You may consider it a major upgrade to Passport technology," he said. According to Microsoft, Windows Live ID would play a large part in making upcoming services possible.

All this is a long way off but nonetheless represents some exciting things to come! 

Windows XP tips – Tip #2 – Adding a “Pin to Start menu” option for folders

Tuesday, February 28th, 2006

This week I'm going to blast you with some Windows XP tips.

Adding a "Pin to Start menu" option for folders

The pinned list allows users to place shortcuts to specific programs and other items in the Start Menu. A program or a shortcut to a program can be pinned to the Start menu by right-clicking the item and clicking Pin to Start Menu.

But there's also a way to pin folders to the Start Menu. 

  • Click StartRun and type:
    regedit.exe
  • Navigate to the following registry key:
    HKEY_CLASSES_ROOT \ Folder \ shellex \ ContextMenuHandlers
  • Create a sub-key named
    {a2a9545d-a0c2-42b4-9708-a0b2badd77c8}
  • Exit Regedit

Google Hacking: Ten simple security searches that work!

Monday, February 27th, 2006

Is your website giving out more information about your or your company than it should?  Check it out with these ten simple security searches using Google that should help you to carry out a security check.

Note:  This is an excerpt from the book titled "Google Hacking for Penetration Testers" by Johnny Long, Ed Skoudis; Published by Syngress; ISBN: 1931836361; Published: June 2001; Copyright; Pages: 528. 

In the mail – PayPal password stealing Trojan!

Monday, February 27th, 2006

Watch out for a password-stealing [tag]Trojan[/tag] called [tag]Clagger.h[/tag] (Sophos) or [tag]PWSteal.Tarno.s[/tag] (Symantec) mass-mailed to millions last week.  This is aimed at suckering in [tag]PayPal[/tag] users into running the attachment with the following message:

Subject:

Your Account Temporally Limited

Message:

Dear PayPal customer!

As part of our security measures, we regularly screen activity in the
PayPal system. We recently contacted you after noticing an issue on your account.We requested
information from you for the following reason:

We recently received a report of credit card use associated with this account. As a precaution, we
have limited access to your PayPal account in order to protect against future unauthorized
transactions.You can check your transaction details in attachment.

Case ID Number: RR-0922-014

If, after reviewing your transaction information, you
seek further clarification regarding your account access, please contact
PayPal by visiting the Help Center and clicking "Contact Us".

We thank you for your prompt attention to this matter. Please
understand that this is a security measure intended to help protect you and your
account. We apologize for any inconvenience.

Sincerely,
PayPal Account Review Department

PayPal Email ID RR-0922

If you get this, delete it straight away.

The Trojan monitors windows and web pages for the following strings and captures keystrokes entered into them:

  • gold
  • cash
  • bank
  • pas
  • log
  • user
  • usr
  • pwd
  • psw
  • pw
  • parol
  • firma
  • pin
  • clave
  • trans
  • porcue
  • memorable
  • secret
  • id

More information at Sophos and Symantec.

Can I have a USB cable longer than 5 meters?

Monday, February 27th, 2006

I can't find any [tag]USB[/tag] cables that are longer than 5 meters.  I've read on a number of websites that 5 meters is the limit allowed by the USB standard - is there a way around this?

The way around the 5 meter cable limit is to use a USB repeater.  These act like small [tag]USB hubs[/tag] on the cable and ensure signal quality.  Using these it's possible (by hooking them up serially) to extend a cable out as far as 25 meters (80 feet).

Here's one such repeater that comes on an 8 foot or 16 foot cable.