Category Archives: Random

Black Hat DC Day 1

My first day at Black Hat was pretty neat, I learned quite a bit, and I had my expectations shifted around. Originally, I was expecting the presentations to be the core aspect of the conference, and everything else on the sidelines. I quickly learned that the presentations are just a small part of the greater networking and information exchange going on.

The keynote was very interesting as it wasn’t technical in the least, but more a call for discourse about the tough questions that the country needs to ask about how the government and private sector need to work together to protect the country’s cyber resources. It also brought to light a question regarding cyber weapons, and who is responsible to clean up the online equivalent of a Katrina.

Moxie’s presentation on defeating HTTPS was interesting, but was more leveraging holes in other aspects of the network to gain control of an SSL tunnel. Why clever and very neat to see in action, it didn’t blow me away nor was it particularly ground breaking.

After Moxie’s talk, I spent a while chatting with Dan about the advantages of DNSSEC versus DNSCurve and how take the strengths of each to find a happy medium. I hope to implement his suggestions into LadieBug (which he thought was a bad name to have ‘bug’ in the name).

I left half way through the Mac OSX presentation since it was pretty useless. The presenter assumes you have access to a Mac and can run arbitrary code/modify binaries. From my perspective, one you’ve got that, the game is pretty much over.

After lunch I made my way to the packed room where the gang from the Invisible Things Lab talked about their TXT exploit. This was a highly anticipated talk, and I must say I personally was slightly disappointed. While their findings were interesting, due to their deal with Intel, they basically gave an overview of TXT and then talking about the Q35 hack in more detail, which is old news. Esentially, the summary of their findings were that TXT doesn’t check the SMM handler, and they disassembled the handler and found a number of bugs. The need for Dual Monitor Mode or an STM as they called it seems needed, but perhaps more eyes on the SMM handler code to help find bugs.

Hailing from AFIT, the speaker for the SecureQEMU project gave an overview of using emulation to encrypt and sign code that can’t be modified from the guest. While impressive that they managed to get it working on an unmodified OS, it was slow, and not a very complex concept.

Last, but not least was a just for fun talk on satellite hacking. This one had the room laughing for much of the hour while the speaker showed us a live demo of decoding a stream from a satellite over Africa. He then showed us how laughable the security in the RFID passports is, easily cloning and modifing his son’s passport to have Osama Bin Laden’s face, and doing a MitM attack using two $15 RFID readers/emulators.

That’s all for today, check back tomorrow for a review of the next set of briefings, and as always I’ll be updating regularly on Twitter.

Peace and chow,

Ranok

Why Better is Not Always Best

There has been a long debate on Windows versus Linux, Mac versus Windows, Apples versus Oranges, etc… I’m going to add my two cents to the fray, but in a way that looks at how each OS plays its role.

Windows: This is the dominant OS, it may not follow industry standards, but regardless is the norm. It has a horrid reputation for security as it is still trying to support legacy applications. It is also buggy, and a pain to develop on, however, the .NET framework is a step in the right direction. Windows made a rise when it was able to make computing both affordable, and simple, it wasn’t perfect, but it was good enough for its users.

Mac: Apple started out lost, using the shotgun approach to selling computers, many different models with very slight differences. However, once Steve Jobs trimmed down the breadth of choices and OS X came out, they had finally hit the sweet spot, selling powerful, easy to use software on high quality hardware. They are in the best position to take the lead, if they can lower their price points, as they will never be able to compete with a $200 computer from Dell. I’d suggest they release some very low end netbooks and cheap desktops to gain market share in both the education sector and as a computer for the ‘basic user’, those who only checks their email and surfs the web.

Linux: An oddball to say the least, it has been mostly community developed since its inception. Very popular with servers and more computer literate users, it still has very little market share. While there may be evidence to support it being the ‘best’ operating system, best is inherently subjective, Linux is made by technically savvy users for themselves, it is just now being looked at from a average user standpoint. While I prefer Linux, I also would consider myself a pretty technically skilled user, therefore enjoy the challenges of getting my system running perfectly, and the customizations it exposes. Linux has a long way to go before it will be considered viable for the average user, as most of the development is to make it better for the current userbase, not the one that doesn’t use it.

Well, now that I’m sure I’ve angered a number of people (please comment, I do like reading responses), I will end this post having put in my two cents, but very eager to see how the next few years change the playing field.

Peace and chow,

Ranok

Lulz of the Day: Ark

Well, it’s about time for there to be another Lulz of the Day! Today we’ll be lulzing about Ark, my IRC anti-floodbot script. As an IRCop on a network, I am constantly figthing floodbots who join, /msg everyone on the network some spam and then disconnect. I figured that there must be a way to stop them, and so I diligently started working on Ark. Ark is a perlscript that connects to an IRC server as an IRCop and joins the most popular channels (which you specify). It then waits quietly, bidding its time until it gets /msg’d. Once it receives a message, it springs into action, checking the received message against a list of regexs. If any of them match, it will /kill the bot and resume its slumber.

This very simple, yet oddly helpful script can be downloaded from my code site

Peace and chow,

Ranok

Lulz of the Day: Cesspool

While cleaning up my hard drive, I’ve come across many old projects that are pretty interesting, and I thought I’d start a mini-series of these little pearls (perls?) I come across as I find them. Without further ado, lets start with our first Lulz of the Day (LOTD)!

Cesspool

As many of you know, I’m in the systems biology class this semester, and recently we spent a week or so looking at the genetic algorithm and its applications. I immediately began hacking on a genetic algorithm to ‘breed’ a Corewars warrior. The code for this is pretty simple, and still needs much revision, but it’s bred some programs that are pretty good. I’m going to run it a few times and try to put together some statistics in the next few days, but for now, you can download the source and play around with it as you wish. Basically what it does is:

  1. Generates some initial warriors with random commands and arguments
  2. Pits the warriors against themselves in battle using the corewars-cmd command
  3. Ranks them by their scores
  4. Cross breeds the best 20% of the population, and mutate the rest (with 5% chance of mutation)
  5. Repeat from step 2 for the number of generations.

Todo:

  • Modify the cross-breeding algorithm so it doesn’t just append one program to the other, but mixes up the commands of both
  • Small bug fixes with the scraper for the corewars-cmd results
  • Run a number of times, and then pit the best generated warriors against some made by humans

Peace and lulz,

Ranok

Expanding My Horizons

While I have many interests from computers to canoing, to philosophy and reading, one thing that I love across the board is music. I’ve been keeping track of my musical tastes for a while using Last.fm, and I’m very fascinated by how my tastes have matured and shifted, and how music I couldn’t stand before I now embrace. In high school, I was very into pretty mainstream hard rock and metal, bands like Godsmack, Killswitch Engage and Lamb of God. While I still enjoy them from time to time, I have found myself growing tired of the genre as while each song is a very multidimensional sonic journey, the variations between individual songs and albums are slight and rather lacking. I was then shown Porcupine Tree by my friend Jon Rossi. I immediately feel in love with the difference between each song, and between the different albums, I could listen to album after album without growing weary of it. Using Last.fm to branch out from Porcupine Tree, I found Blackfield, Sigur Ros, rediscovered Alan Parsons Project, Marillion and Pink Floyd. Still, I was looking for something more off the wall and varying, looking into The Prize Fighter Inferno and moving my way into electronic music. Today however, I think I have hit the nail on the head, finding a whole genre of off-beat, strange yet oddly musical delights: avant-progressive rock, with bands like Kayo Dot and The Mars Volta. From there, Max pointed me at Sound Tribe Sector 9 and I found Tstewart, an electronic post-jazz musician. So I have many new artists to listen to (thanks Amazon MP3 download) and more places to search.

It should be said that even as my tastes have evolved, I still really enjoy hardcore trance ala Clubland X-Treme and other hardcore eurotrance.

Peace and chow,

Ranok