An impending global strike?

The recent phpBB bug highlighted first a small fuckup between phpBB and php.net, each claiming that the fault lies with the other party. However, it was clear later that there was a slight problem with the php code itself, as well as phpBB's need to urldecode a highlight URL, causing the worldwide phpBB/Google attack, aka Santy worm. Santy worm implications on phpBB-based websites esp those with confidential info like credit card numbers were huge.

The php bug itself was quite serious, allowing ALL php-based forum software (eg Invision, vBulletin, phpBB, etc) and ANY php-based software using cookies to be penetrated via cookie manipulation. While the damage is small (a memory dump occurs), I feel it's a prelude to something bigger.

As it stands, there are ALOT of php websites and I mean ALOT. In fact I dare say that the top 5 online languages for web and forum code is as follows, in order:

1) PHP
2) Perl
3) ASP
4) JSP
5) ColdFusion

I believe a major vulnerability in php will occur soon. When it does, the impact on the web will be immense.

An OS on portable media: The future of hacking?

It's now possible to install a small OS onto a portable media like USB drive. I know it's possible to install Linux on a USB flash, 64MB is enuff. You couple this with the fact that new laptops and motherboards these days support USB boot, and the mind boggles at the possibilities.

Nowadays you have mb and laptops that not only do USB boot they also have an F12 or something to access boot menu. If I have a Linux-on-USB, even if your system is protected by a password (eg XP/W2K/etc), I just boot my Linux and mount your C drive. After that the world is my oyster, eg bank cookies, confidential files like your tax E-File, etc.

And that's USB flash. How about Memory Stick? PSP's UMD? CF? SD?

A possible protection is BIOS password, but nowadays who does that? Anyway this is only a possibility. As I said, it's technically possible now. The possible use in the real world here is not up to me to answer.

Firewalls and Anti-Virus

I've been talking to people with PCs and internet connections recently and I'm quite surprised that many people who go online these days only install an anti-virus software on their PC. No firewall at all.

First thing I tell them is "A firewall is more important than an anti-virus". Yep, these days anti-virus software is not really effective in protecting you. Why? Simply because the danger comes from "zero day attacks", meaning worms, trojans and viruses that are newly created and being spread, before companies like Symantec can get a copy of it, create a signature and then create an update. And then the user needs to download the update. This is easily a 2 week to several month window in which the attack would have made its rounds manyfold.

The firewall on the other hand, blocks activity without the need for any signature. As long as the traffic doesn't appear to be a normal activity of the PC, it will block it and thereby prevent attacks from occurring. In fact, these days worms like MyDoom and Blaster are still circulating. Check ur firewall logs, port scans are a daily occurrence.

However, in the end you still need a smart user behind that monitor. No use having a powerful firewall when you the dumb user allows everything to pass through. If in doubt ask or check a search engine.

Nice firewalls you can download for free include Sygate Personal Firewall and Zone Alarm. Windows XP SP2 comes with a firewall. Good luck folks!