This should make for some interesting reading during the next few weeks...
If you haven't yet read about it, some printer brands place tiny, almost invisible yellow dots on every page you print. These dots encode certain information (date, time, printer serial number, or similar things). I think you can easily imagine the security and privacy implications. The EFF has now cracked the DocuColor Tracking Dot code.
I have updated my iptables scripts again.
This time fw_laptop got support for limiting logging in case of flooding, blocking of known-bad IP addresses (e.g. from DShield.org), optional blocking of certain outbound ports (e.g. X11 server, VNC, NFS etc.), and a few minor tweaks...
Thanks to Ryan Giobbi for several hints and comments. Further comments and suggestions are welcome!
Someone on the security mailinglist Full-Disclosure has posted an interesting warning regarding proof-of-concept exploit code. It seems that multiple published exploits have been replaced with more malicious versions by unknown attackers.
The attackers replaced the shellcode in the demo exploits (which usually opens a root-shell) with more malicious versions like '
rm -rf /*'. As such shellcode usually consists of hex-encoded assembler instructions, most people don't have the slightest chance to understand it, and hence cannot verify what it really does. People who want to "just try out whether I'm vulnerable", might end up with a wiped hard drive (or worse).
The lesson (one of them, that is) we should learn here is to never execute any code we don't trust and/or fully understand.