| : blog | news | wiki |
July 4th, 2008
If you want to compete in the Kenshoto hosted competition at Interzone West, the Interzone staff have agreed to provide free admission for competitors. Mail one of the MRL guys for details, or stop by #mrl on EFnet.
It has come to the attention of MRL that many of you are still running vulnerable versions of PHP 5. Maybe now is a good time to upgrade to 5.0.5, hmm?
Why do you care? Because metasploit has had an exploit for the problem since July. But, it’s not like, you know, there are HACKERS on the Intarwebs or anything. I’m just sayin’.
Remember the whole fiasco over the v710 handset from Verizon? Well, I got this on August 29th:
Dear Verizon Customer:
A national settlement has been reached in the claims against Verizon
Wireless over the Motorola V710 cell phone. Details will be available
shortly at www.VerizonWireless.com/V710Settlement.
But “shortly” never happened. On September 22nd, I got this:
Dear Verizon Customer:
We apologize for the delay. Verizon has advised us that details of the settlement will be posted on
www.VerizonWireless.com/V710Settlement by Monday, September 26, 2005. In addition, claim forms will be mailed out
to Verizon customers on October 3rd and 4th.
And today, I got this:
Good job, Verizon… FOR ME TO POOP ON!
Intel has released version 9.0 of their C/C++ and FORTRAN compilers to the community. The release is Linux only. Ports to other platforms with Linux emulation are not yet widely available (this includes FreeBSD).
Here’s a link to the software. And here is my Linux-elitists post from a while back demonstrating icc’s superior floating-point performance.
Interzone West is now two weeks away. MRL crew just got back from a planning get-together in San Francisco, and determined that Interzone West is understaffed. They need several volunteers to do AV stuff, watch doors, corral speakers, etc. Why would you do such a thing, you ask? Free admission, that’s why.
The convention is in Walnut Creek from Friday to Sunday. There will be good, cutting-edge talks, wireless hacking games, and a fast-paced version of the CTF game hosted by Kenshoto at DefCon earlier this year.
Don’t click this. Via JWZ.
We got linked from hackaday.com for SurveySays. w00t. Thanks Eliot. 
CDYNE has a SOAP gateway which allows users to place phone calls with arbitrary caller ID. The machine then reads some text via TTS. There’s a free demo of the service available; just enter 0 for the license key.
Using 911 as the caller ID doesn’t work, by the way
I finally (mostly) recovered from Toorcon. It was as always, a blast and very enlightening. I saw lots of great talks, including our very own Jason Spence. He gave a great talk on BIOS and Flash hacking, and how we need to be careful because it’s easier than you think it put a rootkit in your BIOS, and patent lawyers really do suck because they’re just hurting security by keeping needed datasheets and information hidden. Jason also got “front page” coverage on hackaday.com for his talk, along with Dan Kaminsky whose talk was entertaining and interesting like always (but mostly overlap from defcon: MD5 collisions, IDS evasion with temporal IP fragmentation, and more video over DNS, and some pretty moving pictures from his data from scanning the entire internet, =).
Also excellent was Major Malfunction with his talk about hacking IR (I briefly showed him IRpet and SurveySays, and he seemed mildly interested). Andrea Bittau presented a new WEP attack, which shows that you can basically (slowly and iteratively) decrypt any given packet, even without the wep key, and given enough traffic, you could participate in the network without even needing the wep key at all. He had some novel approaches to this and other problems.
Microsoft hosted a big party there, which I thought was pretty funny, but it sounds like they behaved themselves pretty well, =).
So, tons of fun, loads of interesting and smart people, and if you didn’t go this year, reserve a spot for next year, I hope to see you there, =).
The first two of hopefully many more projects to come, is now released, yea!:
* SurveySays - This is software (can perl really be considered software??) to intercept IR signals with (LIRC) sent by test-taking devices used in the classroom. It will display the most common given answer, and also has a trigger to send this same answer back as your own if you want. After the test/quiz/survey or whatever is complete, it will output a html report of all answers given.
* IRpet - IR protocol examination tools. These are a few scripts to help visualize IR signals. It contains irpet, irpet-graph, irpet-grabber, and irpet-simulator.
And it’s just in time for Toorcon!, =)
0
0
0