This Episode of CrackerCast looks at this weeks hacker news and an interview with Kevin Mitnick.


Download .mp3 (right-click -> save link as…)

You can subscribe to the podcast feed via one of the two feeds below (might take a day for itunes to update it) :FeedBurner or iTunes

News stories mentioned:

Insecurity vendor’s website gets hacked
Apps Going Viral: When Your Smartphone Gets Hacked
Computer Expert Pleads Guilty to Hacker Stock Scheme
Oh Hai! Apple TV Officially Hacked

Hacker website of the week:

Infolookup.securegossip.com“”

After collecting cobwebs in a studio vault for the better part of a decade, an unreleased documentary on the 2003 hacking scene leaked onto the Pirate Bay Thursday.

Narrated by actor Kevin Spacey, the 90-minute Hackers Wanted follows the exploits of Adrian Lamo, who pleaded guilty in 2004 to cracking the internal network of The New York Times. The film was produced by Spacey’s Trigger Street production company, and includes interviews with Kevin Rose and Steve Wozniak.

Lamo says the film had been bogged down by conflicts among the producers and crew. “It’s ironic that a film about overcoming barriers, about new technologies, about thinking differently, had to come to the public eye by being hacked out of the hands of people who, after making a film about the free flow of information, tried to lock away that information forever,” says Lamo. “The truth tends to itself.”

“”

This Episode looks at this weeks hacker news and discusses how to stay anonymous on the internet.

Download .mp3 (right-click -> save link as…)
You can subscribe to the podcast feed via one of the two feeds below (might take a day for itunes to update it) :
FeedBurner or iTunes

News stories mentions:

Here comes the Johnny Depp RIP malware
iPad searches lead to malware
Hackers target doctors’ emails to make a killing
Oil companies targeted by hacking attack
Over half of global hacking attacks from China – report

TechCrunch Hacked and Defaced

Report: 48% of 22 million scanned computers infected with malware
Hack attack on Obama via House computers
FBI Arrests Alleged Cable Modem Hacker

Websites mentioned:

Pipl

PeekYou

Hacking website of the week:

House of Hackers

Book of the week:

Hacker Cracker

Follow me:

Twitter.com/MrCracker“”

This Episode looks at this weeks hacker news and discusses what Backtrack is and its new release, Backtrack 4.

Download .mp3 (right-click -> save link as…)
You can subscribe to the podcast feed via one of the two feeds below (might take a day for itunes to update it) :
FeedBurner or iTunes

News stories mentions:

Computer scammers solicit for Haiti

‘Iranian Cyber Army’ claims its first casualty

Baidu sues domain name server after hacker attack

Depressing Analysis Of RockYou Hacked Passwords

Google’s Nexus One Has Multi-Touch Thanks To Hacker

Tor IP anonymising internet service hacked

Sony Playstation 3 Hacked By Father Of iPhone Jailbreak

Website of the week:

www.HappyHacker.org

Websites Mentioned:

BackTrack 4

BackTrack 4 Training“”

Today I was Googling the word “hacker” and came across a link to Google on first page. After clicking on the link I was really surprised to find the Google front page with every word in leet speak. Don’t believe me? Check it out:

And the links up top:

Check it out for yourself:

Google’s Leet Speak Homepage

Want to challenge your leet speak reading skills? Try interpreting Google’s missions statement, it’s harder then it seems!

Google’s Missions Statement

How’d you do? I had to refer to a leet speak translator to keep from experiencing a brain fart.”"

There’s no better way to stay motivated and to keep learning new things then by attending conferences. At these hacker conferences, you will meet tons of likeminded people that are probably much smarter than you that you can leach off. Believe it or not, there is always someone smarter then you. That someone is me. No, not really, but you get the point. There’s always something you can learn from someone else and if you think that you are the hottest shit around, someone needs to spank that mindset out of you, or you will never reach your potential.

Here’s a list of the top 20 hacker conferences out there today with a short description that I found on their websites. They aren’t ranked from best to worst, because I am in no position to judge them since I haven’t been to all of them. If you think I missed a great one, feel free to mention it in the comments.

1. DEFCON @ www.defcon.org – DEFCON is one of the oldest continuous running hacker conventions around, and also one of the largest. Originally started in 1993, it was a meant to be a party for member of “Platinum Net”, a Fido protocol based hacking network out of Canada. As the main U.S. hub I was helping the Platinum Net organizer (I forget his name) plan a closing party for all the member BBS systems and their users. He was going to shut down the network when his dad took a new job and had to move away. We talking about where we might hold it, when all of a sudden he left early and disappeared. I was just planning a party for a network that was shut down, except for my U.S. nodes. I decided what the hell, I’ll invite the members of all the other networks my BBS (A Dark Tangent System) system was a part of including Cyber Crime International (CCI), Hit Net, Tired of Protection (ToP), and like 8 others I can’t remember. Why not invite everyone on #hack? Good idea!




2. Blackhat @ www.blackhat.com – “From its inception in 1997, Black Hat has grown from a single annual conference in Las Vegas to a global conference series with annual events in Tokyo, Amsterdam, Las Vegas and Washington DC. It has also become a premiere venue for elite security researchers and the best security trainers to find their audience.”




3. ChicagoCon @ www.chicagocon.com – “features security-focused boot camps, exams on-site followed by a two-day ethical hacking conference. Learn from the pros and network with peers in order to advance your InfoSec career.”




4. Toorcon @ www.toorcon.org – “San Diego’s hacker conference bringing together the top security experts to present their new tricks of the trade and have fun in the sunny and beautiful city of San Diego.”




5. ShmooCon @ www.shmoocon.org – “ShmooCon is an annual East coast hacker convention hell-bent on offering three days of an interesting atmosphere for demonstrating technology exploitation, inventive software & hardware solutions, and open discussions of critical infosec issues. The first day is a single track of speed talks, One Track Mind. The next two days, there are three tracks: Break It!, Build It!, and Bring It On!.”




6. Hackinthebox @ http://conference.hackinthebox.org – “Asia’s largest network security conference held annually in Kuala Lumpur, Malaysia and more recently the Middle East.”




7. HOPE @ www.thenexthope.org – “The HOPE conferences have been running since 1994. HOPE stands for Hackers On Planet Earth and it has become a gathering point for thousands of computer hackers, phone phreaks, net activists, government spooks, and a whole lot of curious people from all corners of the globe. This will be our sixth one (hence the name) and we expect to continue to grow and have more imaginative events, cool speakers, and fun projects than ever before. “




8. Notacon @ www.notacon.org – “ an annual conference held in Cleveland, Ohio, explores and showcases technologies, philosophy and creativity often overlooked at many “hacker cons”. Our desire is not to supplant other events, but complement them and strike a balance that has gone unnoticed in our community for far too long. “




9. HackerHalted @ www.hackerhalted.com – “Hacker Halted aspires to be a complete and comprehensive conference cum workshop that will educate and equip its participants with the in-depth knowledge of understanding the vulnerabilities and the countermeasures to overcome the security infringements present today.”




10. ConFidence @ www.confidence.org.pl – International IT security conference held in Poland.




11. Nullcon @ www.nullcon.net – “If you too share this passion for knowledge, if a core dump brings glimmer to your eyes, if you want to share your hack with others and you have an inquisitiveness to learn, then nullcon is the place for you. If meeting hackers/researchers/phreaks in a 2 days event packed conference and the sun-bathed beaches of the tropical paradise called Goa won’t get you off your bed, nothing ever will. So crack you knuckles, fire your Live CDs, dust your Debuggers and get ready for some serious action this February.”




12. Phreaknic @ www.phreaknic.info – “Phreaknic was started years ago by JonnyX. After 5 years of working his bony ass off putting together a con on a budget, he had to leave Nashville to get a good job and survive. He passed on the duties to Dolemite, who with the help of his amex card, put together a group of directors and formed a non-profit corporation to put on the con. Dolemite built on previous successes, and has made phreaknic a well organized, finely tuned machine… Well, fairly well tuned. We have our moments. After Phreaknic 11, Dolemite stepped down as President of Nashville2600, the non-profit that puts on Phreaknic. A vote was taken and skydog was elected as President of the Nashville2600 Organization. This is our 13th year. We are the longest running annual hacker con in the United States. DefCon is the longest running, having just had their 17th con.”




13. Dnscon @ www.dnscon.org – “DNS is a data and network security council conference. This being the annual meeting of UK security professionals and interested individuals. The UK’s longest running open information security conference provides an opportunity to find out about new threats to information security.”




14. bruCON @ www.brucon.org - BruCON is an annual security and hacker conference providing two days of an interesting atmosphere for open discussions of critical infosec issues, privacy, information technology and its cultural/technical implications on society. Organized in Brussels, BruCON offers a high quality line up of speakers, security challenges and interesting workshops. It’s affordable, accessible and entertaining. BruCON is a conference by and for the security and hacker community.




15. thotcon @ www.thotcon.org – “THOTCON (pronounced ?th?t and taken from THree – One – Two) is a new small venue hacking conference based in Chicago IL, USA. This is a non-profit, non-commercial event looking to provide the best conference possible on a very limited budget. “




16. SEC-T @ www.sec-t.org – “SEC-T is an annual vendor and company independent information security conference in Stockholm, Sweden. The conference is a single track conference with one hour time slots. All presentations and official communications will be in English to allow our non-swedish-speaking presenters and attendees to participate without restrictions.”




17. Summercon @ www.summercon.org – “Summercon is known as the world’s oldest (and drunkest) computer hacker convention. While it has been held in many places around the globe, it has called the ATL home for the last two years. We’re happy to inform you that it will be held in ATL for 2009! Other cons may try to tell you that they will be ‘informative’ or ‘ground breaking’. We at SummerCon can only promise you the time of your life and an opportunity to meet life long friends. If you happen to learn something, we take no responsibility. Please stop back frequently as the site will be updated constantly.”




18. Shakacon @ www.shakacon.org – “The Shakacon security conference is a laid back conference where industry, government, academia and independent experts will get together to share knowledge and experience in one of the most beautiful places on Earth, Hawaii. “




19. Hacking At Random @ www.har2009.org – “an international technology & security conference. Four days of technology, ideological debates and hands-on tinkering in the Netherlands.”




20. RSA Conference @ www.rsaconference.com – “RSA Conference is helping drive the information security agenda worldwide with annual industry events in the U.S., Europe and Japan. Throughout its 19 year history, RSA Conference has consistently attracted the world’s best and brightest in the field, creating opportunities for conference attendees to learn about IT security’s most important issues through first-hand interactions with peers, luminaries and emerging and established companies.”

Once again, if you think I missed a great one, feel free to mention it in the comments below.

Also, as you’ve probably already noticed, below I have a new sharing bar. So if you enjoyed this article, or any other article on this site, don’t hog it all to yourself, share it with your friends!

After reading the above request, if you choose not to share this or any article, then I want you to know that you are a greedy and selfish bastard. That is all.”"

Today I finished reading the book title: The Watchman – The Twisted Life And Crimes Of Serial Hacker Kevin Poulsen. It was such a great book I finished it in just two days, and that’s pretty good for me since I don’t like to read for long periods of time.

It goes through the life of Kevin Poulsen, mug shot below (yes I know, a little creepy) :

Some of the incredibly fascinating things he did was activate deactivated Yellow Book escort telephone numbers for a local Pimp. This Pimp then payed Kevin every time one of his many bitches got a telephone call that ended up in the paid business of sexy time. Genius, eh?

Another thing discussed in the book is how Kevin could wiretap anyone in California, including the FBI and how he could see who the FBI was wiretapping, illegally, all the time, without warrants. Convenient.

I highly recommend this book, and if you are interested, here’s a link to it:
The Watchman: The Twisted Life and Crimes of Serial Hacker Kevin Poulsen“”

Last week, I listed a whole bunch of informative podcasts. Today, I’ll be listing a few of the best ongoing security / hacker video podcasts along with a couple of dead ones that are still worth checking out.

HAK5 – “Put together by a band of IT ninjas, security professionals and hardcore gamers, Hak5 isn’t your typical tech show. We take on hacking in the old-school sense, covering everything from network security, open source and forensics, to DIY modding and the homebrew scene. Then we wrap it all up with a healthy dose of cocktails and geek comedy. Damn the warranties, it’s time to Trust your Technolust.”

Hack Naked TV – Although the last episode was last year, I think it’ll start up again since their audio podcast, PaulDotCom, is still going strong. And no, they aren’t actually naked.

InformIT Podcasts – InformIT has a bunch of audio/video podcasts on all types of subjects like open source, networking, software and security.

Now here’s the couple that have unfortunately ceased to continue:

HackTV – Video podcast that covered subjects like wifi jammers, hacker conferences to urban exploration and airsoft guns.

thebroken – “thebroken is an underground technology show with a hacker mentality that caters to the elite (or wannabe 1337) computer user using a mixture of seriousness and irreverent comedy. If it’s shady or underground, it’s thebroken.”

Do you know of any that I missed? Let me know in the comments below and I’ll be sure to add them.”"

We have finally released the first issue of the MrCracker.com Newsletter. If you haven’t already subscribed to it, you can do so on the right hand side of this page. As of right now, the table of contents of the newsletter is the following:
1.    Top Hacker News
2.    Hacking Tip of the Week
3.    Hacking Article of the Week
4.    Hack of the Week
5.    Badass Hacker of the Week
6.    Skid of the Week
7.    Website of the Week
8.    Suggestions/Questions

This isn’t set in stone though and is likely to change with the feedback I receive from the readers. So give it a look, sign up, read it, and let me hear your thoughts on it. I want to make you happy by giving you the content that you want .

At the end of every month, I plan to add the months newsletters into an archive on this website, so look for that soon.

Happy Hacking!”"

As a hacker, you are constantly learning new things and staying up to date in the scene. But sometimes you can’t due to your daily responsibilities like driving places, mowing the lawn, shoveling, cleaning around the house and sitting on the toilet. Well now you still CAN with podcasts. Pump ‘em into your iPod, Zune or phone, plug in your earphones and you have a constant stream of knowledge being pumped into your head while you do your daily chores/responsibilities. Multitasking ftw! Below I have put together a list of the some of the best and a couple decent security/hacking podcasts out there today.

1. Security Now – This is by far one of my favorite ones. Steve Gibson, the man who coined the term spyware and created the first anti-spyware program, creator of Spinrite and ShieldsUP, discusses the hot topics in security today with Leo Laporte. Published every Thursday.
2. PaulDotCom – PaulDotCom Security weekly’s mission is to provide free content within the subject matter of IT security news, vulnerabilities, hacking, and research. We strive to use new technologies to reach a wider audience across the globe to teach people how to grow, learn, and be security ninjas.
3. 2600 Podcasts -  2600 hosts two hacking related radio shows, Off The Wall and Off The Hook, on Tuesdays and Wednesdays.
4. SploitCast -  the podcast for hackers, geeks, and the security paranoid.  By a group of students and IT professionals that have decided to start a downloadable talk show.
5. The Command Line Podcast – Technology/hacking related podcast by Thomas Gideon.
6. Blue Box Podcast – discuss the latest VoIP security news, offer commentary on topical issues and play and respond to listener comments.
7. Data Security Podcast – a professionally-produced news program on the security issues of the moment. Co-hosted by noted security expert Ira Victor, the program is fast-moving and fun with top notch interview segments.
8. Crypto-Gram Security Podcast – Audio version of Bruce Schneier’s monthly Crypto-Gram Security Newsletter.
9. Security Wire Weekly – Information security news and interviews with information security experts and professionals.
10. OWASP Podcast – Jim interviews OWASP volunteers, industry experts and leaders within the field of web application security.
11. ISC StormCasts -  Stormcasts are daily 5-10 minute threat updates.
12. Network Security Podcast – Each week, Martin McKeay talks about computer security issues that are relevent today.
13. ITradio – IT journalist Patrick Gray set up this site to provide radio-quality news and current affairs audio programming to busy IT professionals.
14. SearchSecurity Podcasts – SearchSecurity.com has a variety of information security podcasts you can download.
15. Security Bites – Feeling vulnerable? Keep up with the experts on botnets, phishing, rootkits and other computer malware.
16. Symnatec Security Response – Providing information to help consumers and organizations confidently secure and manage their information-driven world.
17. ESET Podcast – Randy effortlessly navigates his listeners through today’s dangers by offering security tips and tricks to avoid becoming a casualty.

Yah, that’s IS a lot. Everyone has different preferences, so go through and choose the ones you like the best and stay up to date.

Learn how to hack?“”