Simoka
 
   
Universities & Colleges Programs Studying Research Publication

Five Hackers Who Left a Mark on 2006

In the security year that was 2006, zero-day attacks and exploits dominated the headlines.
ADVERTISEMENT

However, the year will be best remembered for the work of members of the hacking—er, security research—community who discovered and disclosed serious vulnerabilities in the technologies we take for granted, forced software vendors to react faster to flaw warnings and pushed the vulnerability research boat into new, uncharted waters.

In no particular order, here's my list of five hackers who left a significant mark on 2006 and set the stage for more important discoveries in 2007:

1 - H.D. Moore

H.D. Moore has always been a household name—and a bit of a rock star—in hacker circles. As a vulnerability researcher and exploit writer, he built the Metasploit Framework into a must-use penetration testing tool. In 2006, Moore reloaded the open-source attack tool with new tricks to automate exploitation through scripting, simplify the process of writing an exploit, and increase the re-use of code between exploits.

Moore's public research also included the MoBB (Month of Browser Bugs) project that exposed security flaws in the world's most widely used Web browsers; a malware search engine that used Google search queries to find live malware samples; the MoKB (Month of Kernel Bugs) initiative that uncovered serious kernel-level flaws; and the discovery of Wi-Fi driver bugs that could cause code execution attacks.

Love him or hate him—hackers marvel at his skills while software vendors decry his stance on vulnerability disclosure—Moore's work nudged the security discussion to the mainstream media and confirmed that vulnerability research will remain alive in 2007.

2 - Jon "Johnny Cache" Ellch and David Maynor

At the Black Hat Briefings in Las Vegas, Jon "Johnny Cache" Ellch teamed up with former SecureWorks researcher David Maynor to warn of exploitable flaws in wireless device drivers. The presentation triggered an outburst from the Mac faithful and an ugly disclosure spat that still hasn't been fully resolved.

For Ellch and Maynor, the controversy offered a double-edged sword. In many ways, they were hung out to dry by Apple and SecureWorks, two companies that could not manage the disclosure process in a professional manner. In some corners of the blogosphere, they were unfairly maligned for mentioning that the Mac was vulnerable.

However, among security researchers who understood the technical nature—and severity—of their findings, Ellch and Maynor were widely celebrated for their work, which was the trigger for the MoKB (Month of Kernel Bugs) project that launched with exploits for Wi-Fi driver vulnerabilities.

Since the Black Hat talk, a slew of vendors—including Broadcom, D-Link, Toshiba and Apple—have shipped fixes for the same class of bugs identified by Ellch and Maynor, confirming the validity of their findings.

Maynor has since moved on, leaving SecureWorks to launch Errata Security, a product testing and security consulting startup.

4 - Mark Russinovich

Before Mark Russinovich's mind-blowing expose of Sony BMG's use of stealth technology in a DRM (digital rights management) scheme, "rootkit" was a techie word. Now, the word is being used in marketing material for every anti-virus vendor, cementing Russinovich's status as a Windows internals guru with few equals.

The Sony rootkit discovery highlighted the fact that anti-virus vendors were largely clueless about the threat from stealth malware and forced security vendors to build anti-rootkit scanners into existing products.

Russinovich, who now works at Microsoft after Redmond acquired Sysinternals, spent most of 2006 expanding on his earlier rootkit warnings and building new malware hunting tools and utilities.

5 - Joanna Rutkowska

Polish researcher Joanna Rutkowska also used the spotlight of the 2006 Black Hat Briefings to showcase new research into rootkits and stealthy malware. In a standing-room-only presentation, she dismantled the new driver-signing mechanism in Windows Vista to plant a rootkit on the operating system and also introduced the world to "Blue Pill," a virtual machine rootkit that remains "100 percent undetectable," even on Windows Vista x64 systems.

In 2006, Rutkowska also pinpointed inherent weaknesses in anti-virus software; warned that the major operating system vendors are not yet ready for hardware virtualization technology and confirmed fears that stealth malware is the operating system's biggest security threat.

By Ryan Naraine
eWeek. com

Click here to download now!!

null

TOP 10 Reasons to Study in Canada
TOP 10 Reasons to Study in Canada
The United Nations ranked Canada as the best place in the world to live!
 

How Do I Choose a Canadian School?

Here are some usefull questions you may want to ask potential schools, universities or colleges:
how early should students arrive in Canada in order to find a place to live?
 

Online Education

Online Private colleges and Universities are known for their high standards and excellent academic programs. Their online programs are no different. If you are ready to get your Bachelor’s degree, or if you are ready to continue your
 

Pursuing an Online Degree

If you want to earn an associates, bachelors, masters, doctorate degree, or certificate or even just improve your work skills, an online degree program may be for you. These programs are a prime option for those who cannot attend traditional classes for whatever reason.
 

Samples Job Interview Questions

Samples of Appropriate Interview Questions
There are several pages of questions. Because each position is unique, these questions may or may not suit your specific needs.
 

How to Immigrate to Manitoba, Canada
 
Publications
Momentum:

AUCC Publications:
The 2005 report on university research and knowledge transfer

Managing Higher Education Scholarships

 Through its Higher Education Scholarships Program, AUCC administers a growing number of scholarships,

 

null

Donald Trump know's about Real Estate
 

Universités Canadienne de langue francaise

Universities & Colleges
Alberta
British Columbia
Manitoba
New Brunswick
Newfoundland
Nova Scotia
Ontario
Prince Edward Island
Quebec
Saskatchewan
 
Universities Programs
Arts and Humanities
Business
Education
Engineering
Fine Arts
Health and Medical
Language and Culture
Science
 
Most Popular Articles

Top 10 Myths of College Funding

The Monetary Value of Education

How To Get The Most Out Of Class

The Art Of Note Taking

How To Prepare For Tests and Guarantee an A

Step by Step Immigration to Canada
 
Tuition Fees 2005/2006
Canada's undergraduate university students face their smallest increase in tuition fees in more than a decade this fall.
 
University & College Radio Stations
 
Canada Top 10 Universities in 2005

General Classification
Research in General
Research Intensity
 
Top 10 Universities Receiving Most Patents

This report presents a preliminary list of the U.S. universities receiving the most patents for invention (i.e., utility patents) during the 2005 calendar year. All campuses are included.
 
Top 10 Inventions Of All Time

Ever wonder what came after sliced bread? We have them all from the laser, to the Internet, to the beloved Pill.

 
 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 
Simoka | Publications | Forum | Classifieds | Sitemap | Careers | Privacy | Contact
Technorati Profile
Copyright © 2005 - 2006 Simoka.com