There are few job titles as misleading as that of the "Penetration Tester." Sure, saying professional computer hacker would be more direct, but have you ever noticed how hackers seem to have a dirty mind? Why else would they want to go phreaking through backdoors?

Anyway, in order for hackers to umm...maximize their penetration; they need the right tools for the job. BackTrack is a bootable Linux CD that is the swiss-army knife of computer hacking tools. Need to crack a password or break into a wifi connection? Backtrack has the tools already configured and ready to go.

As a matter of fact, with over 250 tools to choose from, your problem will be finding the right tool for the job. We recommend a quick YouTube search for common hacking scenarios.

Backtrack is open-source, as are all the included tools. The program is completely free to download and use. Unfortunately, as with most open source software, it may be hard to find support should you experience any problems.

Now that you have the tools, be sure to use them wisely. We are sure your neighbors wouldn't appreciate being brute forced. I am talking about their WiFi, sheesh!

On the plus side for Muxtape, the service has only gotten better since its initial launch. It's now playable from iPhones, and plenty of sites have popped up to catalog the best and most interesting Muxtapes. The site is down right now, presumably being fixed, and we will update this post as we get more information on the battle between Muxtape and Babybird's Prince thing. Is this a publicity stunt by the band, or just a prank?

UPDATE: Muxtape is now saying that this may have been a result of a database problem and not any kind of breakin, but the cause is still undetermined. The site should be back up by tomorrow, and everyone's mixes were probably backed up and should be restored.

PSP developer extraordinaire Dark Alex is at it again, pushing the boundaries of firmware hacking to whole new places. His latest creation, Time Machine, is perhaps his greatest feat yet. This gem of a hack allows one to run previous firmwares on the PSP by use of the Pandora Battery.

Why is this cool? The biggest reason we can see is this: the 1.50 firmware, which is generally the most popular base for homebrew code, does not run on the Slim PSP. However, DaX has managed to create a hybrid 1.50 firmware with modules from 3.40 that runs just fine with Time Machine! This means that PSP slim owners no longer need to worry about compatibility issues.

Check out Dark Alex's personal website for downloads as always, and let us know how it goes in the comments!

Ever want to see MySpace crash and burn? Or, are you at least a little tired of the horrific design/coding/everything nightmare that is MySpace? A couple of hackers plan to introduce security vulnerabilities in MySpace next month, revealing one a day as part of the "Month of Bugs" tradition. However, Mondo Armando and Müstaschio, in a kind of satirical, cynical, and humorous fashion, will attempt to subvert both the popular social networking website and the "Month of Bugs" trend simultaneously. From their website, their reasons for this endeavor are as follows:

• Myspace is important, in that there are a bazillion users and a kajillion dollars involved.
• "Months of Bugs" are whiny, attention-seeking ploys for acceptance. Myspace's design use is to enable whiny, attention-seeking ploys for acceptance.
• "Months of Bugs" are annoying, so rather than suffering through another, we figured it'd be better to just create our own where we could at least direct the content a little.

MySpace haters, hackers, coders, and everyone else in-between should look forward to this experiment. What will be the result of spreading word of the Emperor's many vulnerabilities? Only time will tell. Godspeed.

Within the past month, both HD DVD and Blu-Ray's AACS protection scheme has been bypassed, and now news has broken of a researcher cracking Vista's DRM scheme. Mind you, Vista just barely hit the shelves. Boing Boing sums it up very nicely:

"As with previous multi-year DRM development efforts, this one disintegrated like wet kleenex on contact with the general public. Now that Vista, HDCP, Blu-Ray and HD-DVD are all broken, it seems like the millions of dollars and thousands of work-hours sunk into these systems was mis-spent. The only benefit that these anti-copying systems confer to the companies that developed them is the right to sue competitors -- and that benefit could have been had by shellacking a one-atom-thick layer of token DRM onto their systems, just enough to be able to invoke the DMCA. Everything else was just gold-plating, wasted money."

So the trend continues. Anything meant to be protected will always be cracked, it seems. Researcher Alex Ionesco's hack bypasses Vista's anti-copying technology and allows for full-res, unencrypted high-def video streams. Due to legal concerns, he has not yet released his code, so it is unknown what will become of his hack. And how will companies respond to the prompt obsolescence of their copyright protection schemes?

Brian Krebs of the Washington Post writes about how Banks and other financial institutions are stopping phishers by disallowing the use of their logo and website images via a white-listing technology for outgoing image links. This forces phishers to actually do some work if they want to duplicate the website, since the bank swaps the real images with a fraud warning image. The phishing site thinks it has displayed the image, but it has been duped into using an image that alerts consumers not to use the site. Pretty smart of banks, don't you think? Brian also mentions Netcraft's anti-phishing toolbar, and its near-flawless detection of phishing sites. Personally, I haven't used it, but wanted to see if you had heard of it, and if it is any good. Brian seems to think so.

There are tons of threatening viruses, spyware, and other yucky things out there in the world wide web. They have the powers to potentially access your computer if it is not locked down with security software, ensuring there are no kinds of intrusions and any malicious hacking going on. Is your computer protected against the many potentially dangerous things floating around the internet? Do you know for sure? How can you know for sure? And how do you get started and stay on top of your computers security? AOL has made it easier. A whole lot easier at ensuring you know how your computer is doing, staying up to date with its security, and protecting against all things threatening. I recently installed AOL's Active Security Monitor to check out my systems vitals, and how I was doing at staying secure on the machines I connect to the internet with. I knew I was lacking in some areas, but not that much!

Disclosure: Download Squad is owned by AOL. Nonetheless, the following is a completely unbiased review of AOL's Active Security Monitor software by myself. I absolutely loved it, and think it does a very effective job at ensuring users know how secure their computer really is and aiding in increasing security when needed.

No, it's not Microsoft making us do the dirty work, it's iDefense labs, a subsidiary of Verisign. They've announced a quarterly hacking challenge, and each quarter they will offer a different security challenge. Going for the easy target right out of the gate, eh? Here are the details from their site: "For the current quarter, iDefense Labs will pay $10,000 for each vulnerability submission that results in the publication of a Microsoft Security Bulletin with a severity rating of critical. In order to qualify, the submission must be sent during the current quarter and be received by midnight EST on March 31, 2006. The $10,000 prizes will be paid out following the publication of the Microsoft Security Bulletin and will be paid in addition to any amount paid for the vulnerability when it is initially accepted. Only the initial submission for a given vulnerability will qualify for the reward." If you think you've got what it takes, go for it! How hard can it be?

[Via BetaNews]

In a rare, extremely cluetrain response from a corporation whose product has been hacked, Lego is actually welcoming the modification to its 3D design program that will enable users to avoid purchasing too many extra blocks when making custom kits. The backstory is that last month Lego launched a new program that lets users make custom Lego designs using the provided free 3D design software, then actually order the kits that would create their custom models. The trouble is, users would sometimes end up over-ordering too many extra bricks because of the way brick packages or 'palettes' contained multiple bags of bricks. The software would generate an order based on which palettes to order, causing a glut of extra bricks -- so users created a database of the type and number of bricks in the bags, and modified the software to display the number of bags to order instead of palettes, bringing the cost of many custom pieces down. Instead of flipping out about users hacking their software, especially when the net result is a loss of revenue for the company, Lego is embracing the modifications. Lego senior producer Ronny Scherer said, "It was a puzzle to us. They took us completely by surprise. We think it's great." Wow, a company embracing its users' efforts to make its tools more useful -- how unfortunately novel.

[Via Slashdot]