Rodney Campbell's Blog

A colleague and I were lucky enough to score invites on behalf of XboxZone to attend Activision's annual Activate Asia event held here in Sydney at the Shangri-La Hotel.

Activate Asia is an exclusive event to the Asia Pacific region and provided press briefings and live gameplay on the suite of upcoming current and next gen console as well as PC platform releases including Six of Activision's forthcoming titles (Guitar Hero II, Tony Hawk's Downhill Jam, Marvel Ultimate Alliance, Call of Duty 3, Tony Hawk's Project 8 and Enemy Territory Quake Wars) and Five LucasArts titles (Star Wars Galaxies, Lego Star Wars II, Star Wars Empire at War – Forces of Corruption, Next Gen Technologies and Next Gen Star Wars and Indiana Jones titles).

A full writeup on the event and the games which I wrote for XboxZone is available by following the following link: The Lowdown on 11 upcoming Games from Activision/LucasArts at Activate Asia 2006

Breaking into a laptop via Wi-Fi
Flaws in software that runs wireless-networking hardware could let attackers take over PCs, including Macs, researchers at Black Hat warn.

Top Four Reasons for Email Archiving
Email generated by the corporate world continues to grow dramatically and storage-related costs of email are an escalating concern for IT executives. In fact, it has been predicted that this year 84 billion emails will be sent daily worldwide, requiring nearly 4 billion MB of server storage.

Metasploit Releases Web-Based ActiveX Fuzzing Engine
Metasploit offers AxMan – web-based ActiveX fuzzing engine. The goal of AxMan is to discover vulnerabilities in COM objects exposed through Internet Explorer. Since AxMan is web-based, any security changes in the browser will also affect the results of the fuzzing process.

eEye Releases Free Binary Diffing Suite
The eEye Binary Diffing Suite (EBDS) is a free and open source set of utilities for performing automated binary differential analysis. This becomes very useful for reverse engineering patches as well as program updates. 

Black Hat 2006 Presentations

Tip of the Day – Remove Default Route
Not having a default route in the router network is a great way to minimise the impact of malware on the corporate environment.

The death of email?
Email is undeniably the de facto standard for business communication but it is far from perfect. It can be a nightmare of paradoxes: from an organizational perspective, most users regard their mailboxes as personal and yet use them to store thousands of corporate documents.

Today's malware technology
Fifteen years ago, nobody could have imagined how far malicious code would get into our day-to-day work. When a new virus emerged, weeks or even months could go by before it could spread: a floppy disk is not the fastest means of propagation!

Firewall Chip Gets Funding
EU funding of 2 million Euros has been announced for a major new three-year project to develop a re-configurable photonic 'firewall on a chip'. Called WISDOM,, the new system will plug a major gap in the global data network security armoury – the lack of tools to implement security checks and algorithms directly at high optical data communications rates. 

Rounding the Corners of Network Security
As the Black Hat conference descends upon Las Vegas this week, internetnews.com presents a series of articles addressing security issues past and present. 

Security Model Analysis of Windows Vista
Matthew Conover, a security researcher over at Symantec, has published a new paper on the "Analysis of the Windows Vista Security Model". His paper provides an in-depth technical assessment of the security improvements implemented in Windows Vista, focusing primarily on the areas of User Account Protection and User Interface Privilege Isolation.

The six dumbest ways to secure a wireless LAN
A bit of humour to start the day 🙂 

The Month of Browser Bugs is coming to a close – HD Moore discovered over 100 Windows XP / Active X bugs in the Process
Using a custom-built data fuzzing tool, the security researcher pinpointed more than 100 vulnerabilities in the ActiveX controls included with the default installation of Microsoft's Windows XP operating system. Data fuzzing tools combine knowledge of the input parameters accepted by a software package with a tenacious and systematic mangling of the data to discover how applications react to various permutations, whether valid or invalid.