How to get a new Identity

Last week, the german Chaos Computer Club published the fingerprint of germans interior minister Wolfgang Schauble. They got it from a glas, which was touched by the minister at a public discussion. Download the fingerprint here. This was done due to Schaubles affort on biometric passports. Read what Bruce Schneider says on this coup: „This minister guy, what is he going to do now? His fingerprint is going to be known for all time.“ The fingerprint is not only available on the internet, the CCC also published it in its magazine Datenschleuder with instructions on „how to fake fingerprints“.

This is also out there on youtube, unfortunately on german only:

However, the guys and girls at CCC had been kind enough to publish instructions on english as well: How to fake fingerprints?

Pwn to own 2008 – Results

The „Pwn to own“ Competition at CanSec West Conference 2008 in Vancouver ended yesterday.

This year’s PWN to 0WN contest will begin on March 26th, the first day of the CanSecWest conference. The contest includes three laptops, running the most up to date and patched installations of MacOS X Leopard, Windows Vista, and Ubuntu Linux:

* VAIO VGN-TZ37CN running Ubuntu 7.10
* Fujitsu U810 running Vista Ultimate SP1
* MacBook Air running OSX 10.5.2

[Price Money:]
Day 1: March 26th: Remote pre-auth
All laptops will be open only for Remotely exploitable Pre-Auth vulnerabilities which require no user interaction. First one to pwn it, receives the laptop and a $20,000 cash prize.
The pwned machine(s) will be taken out of the contest at that time.

Day 2: March 27th: Default client-side apps
The attack surfaces increases to also include any default installed client-side applications which can be exploited by following a link through email, vendor supplied IM client or visiting a malicious website. First one to pwn it receives the laptop and a $10,000 cash prize.
The pwned machine(s) will be taken out of the contest at that time.

Day 3: March 28th: Third Party apps
Assuming the laptops are still standing, we will finally add some popular 3rd party client applications to the scope. That list will be made available at CanSecWest, and will be also posted here on the blog. First to pwn it receives the laptop and a $5,000 cash prize.

Read more at DVLabs.

While non of the systems was hacked on day one, the Mac OSX was owned on day two, Windows Vista was hacked on day three. Only the Laptop running Ubuntu Linux remained unhacked. Would be interesting to figure out if MacOSX is really more insecure than Vista., or if the hackers were more attracted by the Mac hardware.

UPDATE:
The hacked Vista Laptop was on ebay for some time, till ebay stopped the auction due to violation of user agreements: infoworld

Hello world!

Welcome to WordPress.com. This is your first post. Edit or delete it and start blogging!