April 21st, 2014

Forensics with VMware

This looks like a cool tool for doing cold migration from a physical machine to a VMware partition. Though it’s focused on migration for forensics purposes, I think this is a more genericaly useful tool as well. It will work with the free version of VMware Server too.

Linksys WRT revision HW documentation (and pictures)

As seen on #pauldotcom — here is a link that covers technical information for many different hardware revisions of the Linksys WRT. It has information on what general features it has as well as pictures of the internals for each. If you’re trying to determine which version to buy for your project, this might help you out. At the bottom there is a very useful table that has all kinds of information for each model including the number or ports, the antenna connector, whether it has serial access, what processor/memory/flash, etc.

Hacker Media

HackerMedia.org is a hacker podcast aggregator site. It takes a list of about 20 hacker/security focused podcasts, and rolls them all up into one RSS feed. It seems to have a decent list of podcasts, but I casually mentioned they should also add PaulDotCom as well.

Tracing “anonymous” skype users

I thought this post from Bruce Schneier was pretty interesting:

Kobi Alexander fled the United States ten days ago. He was tracked down in Sri Lanka via a Skype call:

According to the report, Alexander was located after making a one-minute call via the online telephone Skype service. The call, made from the Sri Lankan capital Colombo, alerted intelligence agencies to his presence in the country.

Ars Technica explains:

The fugitive former CEO may have been convinced that using Skype made him safe from tracking, but he — and everyone else that believes VoIP is inherently more secure than a landline — was wrong. Tracking anonymous peer-to-peer VoIP traffic over the Internet is possible (PDF). In fact, it can be done even if the parties have taken some steps to disguise the traffic.

Let this be a warning to all of you who thought Skype was anonymous.

Update: So I read most of the the PDF described in the previous quote, and while interesting, it still doesn’t explain how they could track him down in another country without being able to control or at least monitor the traffic from that end-point. The paper does describe a way to verify that two parties are talking, but it requires that you can modify the traffic at one end, and monitor the traffic at the other. They inject a timing “watermark” into the traffic, so that you can see that it’s the same connection by the patterns of packet timing on the recieving end even if the traffic is sent through an anonymizing blackbox network like tor.

PhreakNIC videos online

I just noticed that the PhreakNIC video’s were online for the last couple years. I’ve never been, but it looks like there are at least a couple interesting talks going on this year. The conference will be held in Nashville, TN (Tennessee has hackers?) on October 20-22.

Free wi-fi on SF Bay Area buses

If you’re one of the many people caught choosing between the poor choices in public transportation to get around the San Francisco Bay Area, riding the bus just got ever so slightly more tolerable. The AC Transit bus system will be offering free wi-fi access on the cross-bay routes. Though, if you’re already stuck commuting for any length of time, you should probably invest in some EVDO gear anyway.

A couple other interesting points from the article:

BART has entered into preliminary discussions with potential vendors to provide Internet service on its trains, but there are no concrete plans to move forward, said Jim Allison, a BART spokesman.


Caltrain, is planning to provide high-speed Internet service, but full coverage is still a year or so away

Bruce Schneier Facts

Bruce Schneier, like Chuck Norris, now has his own dedicated facts database. Here are a couple little-known facts about Bruce Schneier: Bruce Schneier’s secure handshake is so strong, you won’t be able to exchange keys with anyone else for days and also Bruce Schneier doesn’t need to hide data with steganography – data hides from Bruce Schneier. So anyway, check out the facts, and also check out the latest Everybody Loves Eric Raymond which covers some more interesting Schneier facts (actually, check out the earlier ELER strips as well, they are pretty funny).

Stolen from ELER

NASA SWIFT: Real-Time GRB Data

Stars have this annoying habit of blowing up when they run out of fuel. Sometimes the star is especially large, resulting in cones of intense gamma-ray radiation being emitted along the star’s axis of rotation. The scientific community calls these beams gamma-ray bursts. GRBs, as they’re sometimes called, are powerful enough to travel billions of light years and punch right through the Earth’s particle field. This field, the Van Allen belt, is named after Dr. James Van Allen, who passed away last Wednesday.

With the increasing density of DRAM cells and the shrinkage of FET gates to mere atoms, it doesn’t take a lot of energy to screw up the delicate progression of ones and zeros through your machines. If you’ve been experiencing inexplicible stability problems, you might want to see if a GRB occured during the crashes. But how? Enter SWIFT.

SWIFT, an orbital GRB detector launched by NASA a few years ago, watches for gigantic space explosions from orbit. When they occur, the satellite reorients itself towards them to gather as much data as possible on these short-lived events. The resulting data, being a product of the Executive branch of the US federal government, is available for free on NASA”s SWIFT site.

OS X Leopard gets DTrace

Amidst all the hype about Apple’s entrance into the PC workstation business, you may have missed the official confirmation that Sun’s DTrace is now in OS X 10.5.  Although we didn’t get to use DTrace on the Solaris images at CTF this year due to incompatibilities with the Solaris Zones mechanism, it’s a great source of data when troubleshooting problems with your machine.

RFID and ePassport detection

Relevant to other discussions and presentations we’ve had at MRL, here is a video on ePassport detection by flexilis, the same people who brough you the bluetooth sniper rifle. They found that despite the internal shielding that the new ePassports could be read even when open only a fraction of an inch (like it could be when bouncing around in a purse). In the video they have a video of a dummy being dragged past a trash-can rigged with a RFID reader which triggers a mock explosion.

Imhotep theme designed by Chris Lin. Proudly powered by Wordpress.
XHTML | CSS | RSS | Comments RSS