Friday, August 5, 2011

Anonymous codes a digital weapon

Anonymous is reportedly coding a JavaScript-powered weapon that exploits SQL vulnerabilities to create a "devastating impact" on targeted servers.

Dubbed RefRef, the new software could replace the ubiquitous Low Orbit Ion Canon (LOIC) fielded by cyber activists waging various DDoS campaigns.

Anonymous codes a digital weapon

RefRef - which is slated to debut in September - works by turning a server's own processing power against itself.

According to the Tech Herald, the targeted server eventually "succumbs" to resource exhaustion. 



Although such an attack vector has existed for a while, cyber activists have traditionally preferred the brute force of a DDoS attack generated by bots or LOICs.



Nevertheless, Anonymous recently tested the new weapon and managed to down Pastebin for a total of 42 minutes.

"Imagine giving a large beast a simple carrot, [and then] watching the best choke itself to death," an Anon promoting RefRef told the Herald.

Another Anon explained that the tool "only makes you vulnerable" if systems remain unpatched and outdated.

"This is how Sony got caught with it's pants down. It axed huge swathes of it's IT security a little while before it got pwned. Basically, [Sony] decided that basic maintenance wasn't good ROI... It's companies like Sony - making idiotic decisions like that - which will be vulnerable to this tool. Proper companies staying on top of things won't be vulnerable after the fifth or sixth attack, at which point patches will be out."



Despite its possible shortcomings, RefRef does appear to be a fairly potent tool, as it can be used on any platform that supports JavaScript, including smartphones and even consoles. 
The versatile nature of the weapon will likely create multiple command points manned by activists from public wifi hotspots such as libraries and Internet caf├ęs.

Ubuntu 11.10 Alpha 3


Kate Stewart has announced the availability of the third alpha release of Ubuntu 11.10, code name "Oneiric Ocelot". This release comes with the new Linux kernel 3.0, while Lubuntu (an Ubuntu variant featuring the LXDE desktop) becomes an official member of the Ubuntu family. From the release notes: "Alpha 3 includes the 3.0.0-7.9 Ubuntu kernel which is based on the mainline 3.0 kernel. Some of the most notable changes between the alpha 2 and alpha 3 release with respect to the kernel include: adopted a 3 digit kernel version, e.g. 3.0.0-x.y; re-base to upstream 3.0 final kernel; enable Overlayfs; enable Realtek RTL8192CU and RTL8188CU WiFi driver; enable support for rt53xx wireless chipset family...." See also the release announcement. Download (SHA256): oneiric-desktop-i386.iso (712MB, torrent), oneiric-desktop-amd64.iso (709MB, torrent). Also made available today were 11.10 alpha 3 releases for Kubuntu (download, release notes), Edubuntu (download), Lubuntu (download) and Mythbuntu (download).