July 29th, 2014

Jet Bug

Ron Patrick, owner of ECM in Sunnyvale, has bolted a jet engine onto a Volkswagon Bug.

Linky linky

The metasploit team has a blog now, and they recently posted a fantastic walkthrough where they develop an exploit for a recent vulnerability.

Today, I spent most of the day upgrading one of my WRT54G units to OpenWRT, which got a serious case of the awesomes when I wasn’t looking. Not only did they expand the supported platform list to devices far beyond the original WRT54G (why didn’t someone tell me that Asus was selling one with USB ports?!), they also created a nifty package system so you can install whatever you need without resorting to building custom firmware. And yes, they finally added JFFS2 and compression to the firmware so you can save /etc to the flash disk.

Then, I tried to make their OpenS/WAN package talk to a Cisco PIX at Digital Revelation labs and a Sonicwall at a customer office. It was painful. I got it mostly working like this:

conn hsq
left=%defaultroute
leftsubnet=192.168.1.0/24
right=5.1.1.1
rightsubnet=192.168.0.0/255.255.255.0
pfs=yes
auto=start
authby=secret

The problem is that the Sonicwall isn’t running SonicOS, it’s running “firmware 6.6″, which is apparently something different.  So, it turns out that just about every howto I read on the subject was wrong.  You also have to turn on nat_traversal if you want to route packets from machines other than the router — even though OpenS/WAN isn’t configured to use it.

You also have to add routes going back to you on every machine on the remote network you want to talk to.

Open Source this to get us more moneys!!!

Your Thoughts Are Your Password

There is an intersting article on Wired.com about using your brain waves as a new biometric identification system. Researchers in Canada are exploring the ways to uniquely identify you based on the brain-wave signatures generated by your thoughts. This is an interesting idea, but it is possibly flawed because the way we think about things can very easily change (think positive, always think positive) thus resulting in a different brain-wave signature. Now some of the more interesting uses for this technology would be to prevent employers who are pissed off from ever logging in to the workstation (angry signature) or may be to allow logins as root only when your brain signature shows full alertness (tired sysadmin signature). Either way, this technology is extremely exciting, but I will stick to my good ole’ typed passwords for now.

Random API of the day

Today’s random API is wait(2), which UNIX processes use to clean up after their child processes.

On UNIX, multitasking is implemented by the fork(2) system call, which applications use to create a child process. Sometimes, these child processes die, and you need to get the exit code, which is why the wait(2) system call exists. The kernel has to keep that information somewhere for you, and you tell the kernel that it doesn’t have to keep it around any more by calling wait(2).

One problem with wait(2) is that it is a blocking system call; that is, the calling program stops running until wait(2) returns. This kind of defeats the point of multitasking, because then the parent process has to stop and wait until the child process is finished. So, most applications install a signal handler so that when the kernel sends the parent a SIGCHLD signal, the parent process can call wait(2) in the signal handler to clean up after whatever child just died.

If the parent process never calls wait(2), the kernel assumes you’re just busy and will keep the child process around, just in case you want to have one last look at it before you shut it down. The kernel will wait forever for you to do this. In the meantime, the dead child process is called a zombie process. Why? Because just like real zombies, it’s dead but won’t go away. So, it’s important that wait(2) gets called reliably, because otherwise zombies will fill up the computer and start pouring out the front of it :)

Here’s a typical application:

 void sigchld_handler(int signum)
{
pid_t pid;
int ignored;

pid = wait(&ignored);
syslog(LOG_INFO, "pid %u finished", pid);
}
int main(void)
{

struct sigaction sa;
int rc;
memset(&sa, 0, sizeof(sa));
sa.sa_handler = sigchld_handler;
sa.sa_flags = SA_RESTART;
rc = sigaction(SIGCHLD, &sa, NULL);
if(rc == -1)
err(EXIT_FAILURE, "sigaction() failed");
return EXIT_SUCCESS;
}

Federal Psychophysiological Detection of Deception

From Stupid Security:

George Maschke writes “The U.S. Government’s official polygraph handbook, formally titled the Federal Psychophysiological Detection of Deception Examiner Handbook, published by the Department of Defense Counterintelligence Field Activity (parent agency of the Department of Defense Polygraph Institute) and marked “For Official Use Only” is now available to the public. An earlier version of this document (dated 2001) was released under the Freedom of Information Act, but was heavily redacted. The new version, dated 2004, is available in its entirety.

New wi-fi distance world record reported

A team of people from Venezuela reported a new world record for wi-fi connection distance (Link in Spanish). Using 8 and 9 foot parabolic satellite dishes, their link was 167 miles (!!) set from on top the Andes mountains with no amplifier. Here is a good .pdf doc that describes the experiment (in english) and has some great pictures including google earth images and pictures of the setup.

Glenn Fleishman at Wi-Fi networking news did some arm chair calculations on the subject and agreed that it’s at least a plausable record, and if so, it’s pretty impressive. Wi-Fi records that require factoring in the curvature of the earth make me happy.

Link from Wi-Fi Networking News

Random API of the day

Today’s random API is glutCreateWindow(), provided by the GLUT graphics library.  GLUT was originally written by Mark Kilgard at SGI, and was intended to trade control for simplicity for OpenGL apps that just wanted to draw a window and start doodling on it.  Any OpenGL stack usually includes the following components:

A platform-specific API for manipulating low-level graphics objects,

The “standard” OpenGL API, as ratified by the OpenGL Architecture Review Board, and
The OpenGL utility toolkit, GLU.  Despite the similar name, this has nothing to do with GLUT.
GLUT is not usually considered a “standard” part of the OpenGL stack; for example, Windows does not ship with a copy by default.  Most commercial OpenGL applications prefer to duplicate GLUT’s functionality so that they will have tighter control over the low-level details of the OpenGL environment.

The nice thing about using GLUT is that it makes writing simple applications easier.  GLUT provides a nice abstraction from the platform-specific API for creating the GL context and dealing with mouse and keyboard events.  For example, here’s everything glutCreateWindow() does on Win32:

/**
* The procedure to do this is:
*
* 1) Define a window class with RegisterClass().
*
* 2) Change the display settings if necessary with ChangeDisplaySettings().
*
* 3) Turn off the cursor with ShowCursor(FALSE).
*
* 4) Determine the window geometry via AdjustWindowRectEx().
*
* 5) Create a window using the previously defined window class and
*    geometry using CreateWindowEx().
*
* 6) Get a device context from the window with GetDC().
*
* 7) Construct a list of requirements for a pixel format and have the
*    operating system suggest some pixel formats using
*    ChoosePixelFormat().
*
* 8) Set the pixel format to one of the choices returned using
*    SetPixelFormat().
*
* 9) Use wglCreateContext() to create a rendering context from the
*    device context now that the device context is bound to a suitable
*    OpenGL capable pixel format.
*
* 10) Use wglMakeCurrent() to bind the device context and rendering
*     context together.
*
* 11) Use ShowWindow() to make the window visible.
*
* 12) Use SetForegroundWindow() to make the window the foreground
*     window.
*
* 13) Use SetFocus() to give the window the focus and have it start
*     receiving keyboard events.
*
* Multithreaded applications must perform steps 6-10 in each thread
* which will be calling OpenGL APIs, or the calls will no-op
* successfully.
*/

This can all be replaced with a call to glutCreateWindow().  You can read more about GLUT at the OpenGL site.

HT v3.0 released, Chipzilla not amused

The Hypertransport v3.0 specification was released today, so we all get to add “HTX connector” to our vocabularies. The fat lady hasn’t started singing for Chipzilla‘s quad-pumped GTL+ bus, but she’s in the balcony warming up…
Let’s review, shall we?
Average Intel processor: 200 MHz quad-pumped = 800 MHz effective, 64-bit, 6,400 GB/sec, memory accesses use FSB.
Average AMD processor: 2000 MHz dual-pumped = 4000 MHz effective, 16-bit, 8,000 GB/sec, memory accesses bypass the system bus.
One interesting thing that external hypertransport connectors (HTX) may enable is wide availability of hot-swap CPUs. For cooling reasons, it may even begin to make sense to decouple the CPU and graphics card from the system board and put them in separate modules. I can easily imagine a little box with a x16 PCI-e connector for the video card and a HTX connector on the outside, as well as a little CPU module with a Athlon socket and a HTX. Then, you can save cost by sharing a heat pump between the CPU and GPU because they’re physically adjacent.

Something else you may not be aware of is that HyperTransport is used as the northbridge to southbridge link on nForce4 SLI for Intel chipsets, which you’re probably using if you’re using NVidia SLI on an Intel processor.

CCC videos online

The videos for the Chaos Communication Congress are now online (including torrents). Put on by the Computer Chaos Club (CCC) in Germany, the 22C3 sounds like an amazing event covering Hacking, Science, Community, Society and Culture over four days with four different simultaneous speaking tracks totalling 143 different talks!

Pointed out by our friend Eliot at Hack a Day.

Imhotep theme designed by Chris Lin. Proudly powered by Wordpress.
XHTML | CSS | RSS | Comments RSS