All right, the fine folks at Hakin9 put a small special issue devoted to BitCoin.  BitCoin sure has been getting a good bit of buzz lately, so if you are totally new to BitCoin this months article can most definitely lend a hand.  I’m not sure if I am buying in on all the hype but I will say for better or worse BTC definitely has some momentum behind it.  If you are weighing the pro’s vs cons of BTC or perhaps just wondering if it is worth your time to invest in it, this issue should help you form a decision.

The first article, A Secure Coin, jumps right in and gives the reader all the details they need to start mucking around with BitCoins.  It covers some technical aspects of the applications used in BTC mining, how the information is transmitted, the current BTC practices such as pooling and of course threats.  Overall this is a fairly decent article to read if you have not been introduced to BitCoins before.

Bitcoin – How it works, gives a pretty good introductory walkthrough on how to start creating bitcoins.  This article is a little less technical, covering some of the reasons for BitCoins, mining and some basic background information.  So if you are looking for a little less technical article then this one should work just nicely.

Mining – Tutorial for Rookie Miners is a really quick read on what the current hardware and mining rates are.  A topic anyone who is interested in getting into BitCoins will probably be wondering about.  While the information in this article is probably readily available on lots of other BTC sites, it is still a nice reference piece.

The next article is an interview with two BitCoin developers, Amir Taaki and Patrick Strateman.  Amir and Patrick both make some very recognized and great points about the flaws of our current currency environment.  It is hard to argue the reasons for BitCoins and when they actually describe the inner-workings of BTC you can respect the electronic currency even more.  If I have to recommend an article or two regarding BitCoins this would definitely be the first one, the next one would be Rebecca Wynn’s article.

BitCoin in your hand is the next article.  It answers some questions to an interesting add-on technology to BTC called BitBills.  I am not overly sold on BitCoins (mainly because I am too lazy to get around to it) but I am even more hesitant on BitBills.  I see some really good layers in BitBills but I am still not sold on it nor where one would need to use it but if you want to know some basic information on BitBills this interview might help you.

How to Secure BitCoins, Your Virtual Money is a walk-through on how one might secure their BTC wallets from malware or a direct intruder.  Not a bad setup for those of you who are overly worried about the theft of your wallet.dat.

BitCoin Online and Off-Line Opportunities for Commerce was a nice breakdown on a good way to implement BitCoin transactions online commerce.  Apparently there have been some well thought methods for handling online BTC transactions.  If you are thinking about adding BTC as a payment method for a mobile app or online site then you should utilize some of the methods listed in this article or refer to securebitcoin.org.

Rebecca Wynn’s article BitCoin – Destined to Fail is probably the hardest hitting article of the bunch.  It does a really good job pointing out the inherent flaws with the BitCoin system and environment.  Her hard facts and well thought out arguments and articles are easily making her one of my more favorite tech journalists.  This article is a must if you are a BTC user or are thinking about becoming one.

All right, it’s been two weeks and the Hakin9 folks have kicked out another issue.  I am assuming they don’t sleep much in Poland because I don’t know how they are spitting out some many issues recently but more is better than less (unless of course if you are referring to the Nix cmds).  This issue is mainly devoted to RFID.  While I have dabbled some in RFID, I would definitely not say I am confident in my skills and knowledge so this issue was a great refresher and motivator for me to pull out my old equipment and start playing again.

Once again for those who don’t subscribe to the magazine here is a breakdown of the articles.

RFID for Newbies is one of the best introductions and overviews on RFID technology I have read.  Gildas Avoine did a superb job outlining the types, hardware, frequencies, uses, privacy, flaws, attacks and multiple tools.  If you have the slightest interest in learning about RFID I would most definitely check out this article.  It is a perfect introduction and can definitely get you revved up to start dabbling.

RFIDIOt for Mac OS X described an ever so common situation for anyone who solely doesn’t rely on Windows.  Everyone should be able to quickly relate to the authors situation of frustration at trying to get a piece of hardware and software working on his system.  But the article just isn’t about the missing dependencies and frustration.  Israel Torres was finally able to make RFIDIOt work properly on his Mac and gives a great how-to on getting your hardware working on a Mac.  I will definitely have to give this one a go too.

RFID Security and Privacy Issues covers some basic RFID information and background but then discusses the possibilities of privacy issues regarding the trending biometric uses of RFID and identification tags.  The author goes over a few protections, namely Stronghold.  The author also discusses a handful of useful tools for RFID “auditing”.

Passive RFID Tag Security gives a very nice breakdown of 3 major types of RFID implementations, covering EPC, Contactless Credit Cards and the E-Passport.  I found this article to be my favorite out of the lot.  It does a terrific job of covering the protocols and authentication of these applications.  If you are looking to find out some good information on these devices without reading a thesis paper this article can definitely get you started.

The next article, The RFID and NFC Radio Frequency-Enabled Security Threat covers some of the current and possible future threats in RFID.  While the article is fine a lot of the material is covered in the previous articles so depending on which one you read first you may start to see some repetition in what they cover.

The next article is an interview with Dr. Ann Cavoukian, who is recognized as one of the leading privacy experts.  The article covers a radio interview she did regarding RFID.  While she doesn’t go into technical details, (not that I would expect technical details in this type of interview) it is a pretty good interview and reference piece if you are dealing with RFID with management or a customer.

The next article, MITM using Cain: Client Side Attacks covers the ever popular Windows tool Cain and Abel.  Cain and Abel isn’t a tool I use often but when I do boot up a Windows box with it on it I always say the same thing, man this tool covers a lot of stuff and has tons nice goodies.  Cain and Abel are a perfect tool for the introductory security analyst and this article covers one of Cain’s ARP poisoning Man in the Middle attacks, one of Cain and Abel’s more popular uses.  The article is pretty cut and dry but does a good job outlining the steps needed to perform the attack.

When is Private Not Private is an interesting article on data privacy.  The majority of the article covers some current day case studies which were very interesting but the best part of the article in my opinion was the preventative steps he listed.  As simple as they might be there are a great reference for anyone involved in the security area and non-security minded individuals.

The Astalavista Experience is an overview on the Astalavista service.  It covers some of their key uses, DNS information, Information Gathering and some of their decryption and encryption uses.

Before I could even click publish on my last post, Hakin9 has published another issue.  As I mentioned previously, I will try and give a brief run-down on each article.  This extra issue is mainly devoted to the ever popular subject of Identity Theft.

I usually won’t cover the New Stories that front each Hakin9 issue but this month’s news stories take a bit of a different route.  They do a terrific job outlining a diverse set of frauds that are commonly seen and gives the reader some good tips on protecting themselves.  The article also gives some details about what the possible  circumstances of not protecting your id could be.

The first article “Identity Theft/Fraud” is my favorite of the ID Theft bunch.  It is a nicely written piece on how thieves can get your info, what they can do with this information and how to take steps protect yourself.  The author Rebecca Wynn, does an excellent job giving the reader multiple tips, instructions and even a little quiz.  If you are looking for an article to help your employees, family or friends protect themselves definitely give this article a once over.  It is the perfect article to help educate awareness in and out of the office.

The second article, “Proactively Defending Against Identity Theft” follows suit on the first one.  It gives an excellent breakdown where ID theft takes place, steps to hopefully prevent it and lastly what to do if you are a victim of ID theft.

The third article “Identity Proof Your Personal Data – UK”, was an article devoted to steps UK citizens can take to protect themselves.  If you are a UK citizen this is an perfect article to share with your family on how to protect your data.  As with the first two articles, this one does a nice job detailing a few good ways you can help thwart a lot of low hanging fruit catchers.

The next article, “Ask the Social-Engineer” is a pretty fun article.  Detailing what is unfortunately not a well educated topic. Social Engineering is a topic that goes silent a lot when companies teach security.  Perhaps people think it is more of a common sense thing but it happens more than people think and in my opinion it should be one of the first topics taught when doing security awareness training.  The article has some very good real-world examples that everyone can learn from.

The fifth article is a close runner up to my favorite.  It is an excellent resource on phishing and can teach wonders to an inexperienced user.  As with most security folks, I see thousands of phishing attempts.  Some are pretty clever and some are just plain poor attempts.  Harshad Mehta does a fantastic job laying out some of current tactics that folks use in phishing.  While some of the tactics are old, they still work like a charm a good bit of the time.

Moving away from ID Theft the next article, “Design Flaws in IP Surveillance Cameras” was a perfect introduction into surveillance camera security.  Out of all the articles in this issue, this was my top pick.  It does a very nice job of detailing multiple flaws, environments and giving the reader a good understanding of IP camera environments.  Definitely a good article to reference if testing surveillance cameras.

The last article is an introduction to Nessus.  The article gives the reader a fair introduction into setting up Nessus, initiating a scan and an overview of some of the inner-working of Nessus.  If you are new to Nessus give it a look if you need some help.