[fc-discuss] Financial Cryptography Update: A hand of Pennies
iang@iang.org
iang@iang.org
Wed, 15 Jun 2005 15:50:26 +0100 (BST)
((((((((((( Financial Cryptography Update: A hand of Pennies )))))))))))
June 15, 2005
------------------------------------------------------------------------
https://www.financialcryptography.com/mt/archives/000504.html
------------------------------------------------------------------------
Adam points at the Underhanded C Contest. This is a good idea - write
some C which is totally readable but does something underhanded. This
year's challenge is to do some basic image processing but to conceal a
fingerprint in the image you spit out.
I don't know whether this will work or not but it will be fun to see a
new generation of hackers try (I'm too old for such tight elegant and
introverted code). Any bets as to whether the contest sponsors are in
the DRM camp or the anti-DRM camp?
http://www.brainhz.com/underhanded/
More news of techies fighting back to get some respect. Dbourse /
slashdot / LA Times says the $100,000 Poker Bot Tournament is now ON!
Tickle your PRNGs, tune and prune those search trees, limber up those
card dealing digits.
+--------------------------------------------------------------------+
| $100,000 Poker Bot Tournament |
| from the upped-my-bet-now-up-yours-robot dept. |
| posted by timothy on Sunday June 12, @21:28 (Programming) |
| http://games.slashdot.org/article.pl?sid=05/06/12/2326207 |
+--------------------------------------------------------------------+
[0]Costa Galanis writes "The LA Times is reporting that a poker
tournament will be held where engineers will be able to [1]pit their
automatic poker-playing programs against each other in a tournament
similar to the upcoming World Series of Poker main event, with a
100,000
dollar cash prize for the winning program. The article mentions how the
recent rise in popularity of poker has encouraged many to try and
create
the poker equivalent of chess' Big Blue, the chess playing computer
program that defeated the world's top chess player in a widely
publicized
event, and also talks about how many engineers also are trying to make
bots that are good enough to play and beat human players for money in
online casinos."
Discuss this story at:
http://games.slashdot.org/comments.pl?sid=05/06/12/2326207
Links:
0. mailto:cgalanis@gmail.com
1.
http://www.latimes.com/news/printedition/la-fi-pokerbots12jun12,0,60503
64.story?track=mostemailedlink
Bruce Schneier reports that "Sudanese currency is printed on plain
paper with very inconsistent color and image quality, and has no
security features -- not even serial numbers. How does that work?
Because anyone who counterfeits will be put in front of a firing squad
and shot."
http://www.npr.org/templates/story/story.php?storyId=4673945
That link doesn't check out the story, but FC historians will recall
that forgery was kept to basically zero in the scottish banking period
by two rules: any forged note would be paid out in full by the bank if
you cooperated with their investigation, and when they found the forger
they hung him.
More links in Cryptogram point to info on the T-mobile hack - it was
mostly social engineering.
http://www.washingtonpost.com/wp-dyn/content/article/2005/05/19/AR20050
51900711_pf.html
Also a fascinating and learned article on phishing from the Honeypot
projects - I learnt some good stuff in there. Check out this corker of
an observation:
http://www.honeynet.org/papers/phishing/
"Parallel phishing operations are also indicated by the timing of the
first inbound HTTP request for phishing content after the UK honeypot
was compromised:
2004-07-23 21:23:14.118902 XXX.XXX.XXX.XXX -> 10.2.2.120 HTTP GET
/.internetBankingLogon HTTP/1.1
This inbound HTTP request to the honeypot occurred before the attackers
had finished setting up the fake online banking content on the
honeypot, and confirms the hypothesis that the attacker knew in advance
that this server was available for use as a phishing web site. Spam
messages advertising the new phishing web site were already being
emailed to victims from another host, even whilst the attacker was
setting up the new phishing web site."
A coordinated attack, a pincer movement! It's war out there.
--
Powered by Movable Type
Version 2.64
http://www.movabletype.org/