November 24th, 2014


Here is the front of what the first iteration of MRL shirts will look like (though for real estate it’s a little squished in the following image):

Thanks to Jeremy for the design. He also designed our logo. Thanks!

Distributed cracking of original enigma messages

The M4 message breaking project has been getting a bit of interest as of late for attempting to break a number of original WWII messages encoded by enigma and intercepted in the North Atlantic in 1942. Apparently several of the messages have been verified as broken already. These messages are believed to be previously unbroken. Here is a link to the first broken message. Here is the translation of the decrypted text:

1930     Radio signal    1851/19/252:
"   F T  1132/19 contents:
Forced to submerge during attack.
Depth charges. Last enemy position 0830h
AJ 9863, [course] 220 degrees, [speed] 8 knots. [I am] following [the enemy].
[barometer] falls 14 mb, [wind] nor-nor-east, [force] 4, visibility 10 [nautical miles].
Looks  "

Here is the wikipedia entry for the enigma, and with some more NSA hot-linking action, a description of the math related to the enigma devices. If you wanted to help out, these are the tools you’ll need (*nix and windows) which includes a command line enigma simulator, =)
This is what one of the originals looks like (as taken from the CIA museum site):

Random tools

Here are a couple random security related tools that have been updated in the not-too-distant past:

Nmap 4.0(.1)According to Fyodor, 4.0 is faster, more accurate, more memory efficient, uses raw ethernet frames instead of raw sockets (important for windows), run-time interaction (for progress), and a much larger application version fingerprint database. On a related note, here is a paper from Fyodor on version detection.

John the Ripper 1.7According to Solar Designer, 1.7 offers primarily performance improvements that come in the form of better algorithms, better idle priority scheduling (so that it has limits the impact on running processes), better parallelism, and better optimized code that supports new hardware features. He thinks it’s the first program to cross the 1M crypts per second on a general-purpose CPU. This reminds me, if you’re not using Solar’s pam_passwdqc as a required pam module for your systems, you should, it’s pretty good.

Raw wireless utils — I mentioned these releases from during shmoocon previously, but didn’t get a chance to link them. rfakeap, rglueap, rcovert are tools for creating scads of fake access points, snaring unsuspecting windows users, and creating a covert communication channel over raw 802.11 frames (largely ignored by current IDS systems). Good stuff.

Security Professional Resource Guide

(ISC)^2 has put together a Resource Guide for security professionals that’s available for download. It’s 61 pages of links to educational, event and online resources relevent to the security world. Despite being a .pdf, and well lathered up with CISSP ads, there’s still some good information in here.

Rooting your BIOS

This article sounds like what MRL’s own Jason has been talking about for a while now. Basically, if your BIOS flasher can write to it, chances are so can anyone else if they know the magic registers to poke about.

Security related podcasts

Just in case you’re not already reading HackADay, Eliot posted a roundup of recent security related podcasts.

The NSA teaches us how to scrub documents

If you’ve always wished you could “redact with confidence”, then here’s the document for you. NSA published a guide on scrubbing Word documents, removing hidden meta-data and proper graphic censoring. Apparently people didn’t know that just drawing a black box widget over something in Word doesn’t actually remove or even hide the content well. I don’t think I’ve ever seen word “redact” used so frequently/frivolously. I think I just like hot-linking to the NSA.

Warning: do not eat immortal sensor

Wireless sensors are fun, but they’re even more fun when they’re immortal.

RSA Conference

In case you missed it, today was the second day of RSA Conference and Expo in San Jose. I got a free pass for the Expo only so here is a writeup of what I have seen there today. I tried to avoid any large companies that usually bring mostly sales people to Expos like this one. It is much more exciting and interesting to look at the smaller companies usually stuck to the corners of the expo hall. One of them, Cryptometrics, was showing off their biometrics tracking software and hardware already used in European airports. They are using a combination of rfid and body heat tracking to know exactly where you are in the airport. They also take a picture of your face at the check-out and verify your picture again just before you board on the airplane to make sure you didn’t swap tickets with anyone. Cryptopmetrics, already has the technology ready for the new US Passports with RFIDs in them. As I have found out the new US Passports are going to have some type of shielding to prevent unauthorized activation of RFIDs, all of the information transfered is still going to be in clear text though. Another interesting booth was Biopassword. They have implemented a system that not only gets the login and password from you, but also records how you type them (speed, pauses, rhythm, etc.). Renesas had a lot of smart card and biometrics as usual. I had some fun playing with their finger vein-map biometric reader and musing about how to get the system to work with my finger cut off. Great technology, just make sure your finger is not too cold or else the reader will not be able to read your vein signature, so no trying to get in your house when it’s cold, sorry. And of course, Arxan, they are the guys who work for the spooks making anti-tampering systems that will self-destruct, explode, melt, and other fun stuff when you try to tamper with their systems. In case you are wondering what our government is using to secure their wireless communications, you should visit Fortress Technology booth. They only do layer 2 though, but their stuff sits on pretty much every branch of US government out there. Lot’s of people doing security appliances, but those are usually the types of people who can’t tell apart symmetric from asymetric encryption. Same with content management, lot’s of companies doing pretty much the same thing. Sith and me will try to make it to the Expo tomorrow, so stay tuned for more news.

banana lock picks

Since you can pick locks with a pen or even a aluminum can why not a banana? Here’s a link (via of someone doing just that. As a bonus feature, here is a video on how to make lockpicks cheaply and easily with the blades of a hack-saw.

Imhotep theme designed by Chris Lin. Proudly powered by Wordpress.
XHTML | CSS | RSS | Comments RSS