Create an Account
username: password:
  MemeStreams Logo

Compensating Controls


My Blog
My Profile
My Audience
My Sources
Send Me a Message

sponsored links

angus's topics
Health and Wellness
Home and Garden
Current Events
Local Information

support us

Get MemeStreams Stuff!

Current Topic: Technology

Pirate Radio or Synchronized Saturation?
Topic: Technology 7:27 am EST, Jan 30, 2006

Reports have been circulating about pirate radio feeds of the new Sirius Howard Stern Show. Howard is not talking much about it.

I have my own theory. I personally do not think this is a coordinated effort by pirate radio broadcasters. Rather, I think it is large numbers of personal Sirius radios in their home docking stations. In areas like New York City, there would only be so many FM channels available to re-transmit the Sirus feed. This could lead to conscious or unconscious Synchronized Saturation, proving a clear FM signal to anyone who wants it. It would be very easy to light up an area even if you only a handful of common off the shelf Sirius radios. This in fact could allow the FCC to get involved. It should be a very interesting space. Remember how they got Al Capone?

Topic: Technology 8:40 pm EST, Jan 11, 2006

Angus is heading to SHMOOCON this weekend. He will be checking out Hack or Halo. We are getting our calendar together for 2006. If you know of event that we should sanction or attend please email ANGUS at HACKSEC dot org


Bug Me Not Buggy?!?!?!
Topic: Technology 10:15 pm EST, Dec  1, 2005

I hit this page tonight and noticed a bunch of sql errors. Might want to have that thing looked at.

Bug Me Not Buggy?!?!?!

Router Flaw Is a Ticking Bomb | Mike Lynn Has Integrity^3
Topic: Technology 12:29 pm EDT, Aug  3, 2005

Wired has done a great interview with Mike. It should clear up a number of the questions people have had with recent events.

I would like to specifically point out one part of this interview:

WN: So ISS knew the seriousness of the bug.

Lynn: Yes, they did. In fact, at one point ... they apparently didn't get it, and they actually wanted to distribute the full working exploit very widely inside the company.... I was told ... "Give this to all the sales engineers and to all the pen testers."

WN: Why would they want you to do that?

Lynn: Well, because it bruises Cisco, remember? Mind you, this was something that Cisco hadn’t gone public with yet and that's not useful to pen testers because what do they advise their customers to do (to protect themselves if no information about the vulnerability has been released yet)?

I told them, "You do realize if you do that, it's going to leak?" And (one of the ISS guys) says, "That's Cisco's problem." And then (another ISS guy) turns to me and says that they need to understand this could be their Witty worm. I was like, Whoa, what meeting did I walk into?

(The Witty worm was a particularly aggressive and destructive code released by someone last year that targeted computer systems running a security program made by Internet Security Systems and even more specifically targeted military bases using the software. It infected more than 12,000 servers and computer systems in about an hour. Because of the worm's speed in spreading and its creators' apparent knowledge of who ISS' customers were, some security experts speculated that someone working for or connected to ISS might have been responsible for writing and releasing it.)

At that point, I told them all no, and they fought it and I resigned right there on the spot. And this was about a month ago.

I thought they were handling this in a non-ethical manner. Because it was just way too fast and loose with who can see this.... I mean, I don't even want people to see it now. (ISS talked him out of the resignation by agreeing to give him control over who could see or have the exploit.)

All I can say is WOW. A big "wow". Caps, bold, and feeling.

Anyone who says that Mike is not on the level needs to reference this. This says truly horrible things about ISS. This should cost them some serious reputation capitol.

One thing that Mike did a great job of in this interview is getting the idea out that in order to defeat the "bad guys", you must run faster then them. It is the only option.

Case in point, via the Wall Street Journal:

"The vulnerabilities are out there on the Net in full broadcast mode," said Gilman Louie, a tech-industry veteran who heads In-Q-Tel, a venture-capital firm backed by the Central Intelligence Agency. "The bad guys get to it faster than everybody else. I'd rather have disclosure and let everybody respond."

Disclosure is a great thing, but it must be done properly. I would argue that Mike did it properly. I would argue that he has displayed the best kind of ethics through this entire mess. Given the content of this Wired interview, I would argue that ISS has its head up its ass.

Router Flaw Is a Ticking Bomb | Mike Lynn Has Integrity^3

The Shout | Jennifer Granick | ISS and Cisco v. Granick’s Gambling Plans
Topic: Technology 12:26 pm EDT, Aug  3, 2005

What follows is my take on “Ciscogate”, the uproar over researcher Michael Lynn’s presentation at this year’s Black Hat conference, in which he revealed that he was able to remotely execute code on Cisco routers. I have been representing Mike during this crisis, so I’m clearly partisan, and what I can say is limited by attorney-client responsibilities. But while many people are speculating about the facts, there hasn’t been much on the law, which turns out to be really interesting.

Jennifer Granick has posted the first installment of the story about her representing Mike. Its very rare you get to hear the take of a case like this directly from the lawyers involved, so this is a treat.

Earlier I suggested that everyone leave a comment on Jennifer's blog thanking her for representing Mike. I'd like to renew that suggestion. Thanks Jennifer!

After reading this, you might want to check out this collection of comments on Cryptome about the situation. It includes links to pictures of the presentation Mike actually gave, as opposed to the one that is floating around.

And seriously don't miss the truly excellent video floating around of the Cisco temp-workers slicing the materials out of the conference booklets. You can get it here or here.

The Shout | Jennifer Granick | ISS and Cisco v. Granick’s Gambling Plans

Rock'Em Sock'Em Battlebots!!!
Topic: Technology 10:21 am EST, Jan 25, 2005

January 23, Associated Press — Armed robotic vehicles headed for Iraq combat. The U.S. Army is preparing to send 18 remote−controlled robotic warriors to fight in Iraq beginning in
March or April. The Special Weapons Observation Reconnaissance Detection Systems(SWORDS), will be the first armed robotic vehicles to see combat. Military officials like to compare the roughly three−foot−high robots favorably to human soldiers: They don't need to be trained, fed or clothed. They can be boxed up and warehoused between wars. But officials are quick to point out that these are not the autonomous killer robots of science fiction. A SWORDS robot shoots only when its human operator presses a button after identifying a target on video shot by the robot's cameras. The SWORDS' developers say its tracks, like those on a tank, can overcome rock piles and barbed wire, though it needs a ride to travel faster than 4 mph. Running on lithium ion batteries, it can operate for one to four hours at a time, depending on the mission. The Army has been testing it over the past year at Picatinny and the Aberdeen 2 Proving Grounds in Maryland to ensure it won't malfunction and can stand up to radio jammers and other countermeasures.

Rock'Em Sock'Em Battlebots!!!

Brute-forcing GTA San Andreas cheat codes
Topic: Technology 6:31 am EST, Jan 20, 2005

] Do this dude edisoncarter cracked open what appears to be
] a cheesy 3rd party PS2 controller (save the good stuff
] for the gaming, we always say), hooked up the lines to a
] parallel port for signal injection, and then hash-cracker
] style used a custom app that ran brute force key
] combinations until he came up with a slew of unreleased
] cheat codes for GTA San Andreas. Damn, dude.

That is so damn cool!

Brute-forcing GTA San Andreas cheat codes

Wired News: Wi-Fi Shootout in the Desert
Topic: Technology 8:14 am EDT, Aug  5, 2004

] When Meng's dad, a radio frequency engineer, looked at
] the test-run data he said, "Oh my God. They might have a
] chance at this. They might actually have to go to Las
] Vegas."
] Not without Justin's father, however. Greg Rigling drove
] them across the country in a van, with the 10-foot
] satellite dish strapped to a trailer. Then he spent two
] days driving around Nevada's mountains helping them get a
] signal.

The wifi shootout concept is kind of silly. The guy who can buy the best antenna wins, and you've got a bunch of people running around with antennas that they constructed without reading anything about antennas. It ought to be obvious that parabolic dishes are the right answer.

However, the fact that these teenagers managed to get an unamplified consumer wireless card communicating across 55 miles of desert with old C-band dishes is cool in a DIY kind of way. It means that anyone with line of sight can build a long distance wireless backbone, and cheap.

Wired News: Wi-Fi Shootout in the Desert

EE Times -Startup launches commercial Body-lan
Topic: Technology 8:13 am EDT, Aug  5, 2004

] A German startup company has developed a possible
] alternative to short-range communications technologies
] such as RFID, Bluetooth and Near Field Communications
] (NFC). In contrast to those processes, the company's
] Skinplex technology uses human skin as a transmission
] medium.

EE Times -Startup launches commercial Body-lan

Say it Ain't So Boys
Topic: Technology 10:36 am EDT, Jun 23, 2004

I love the Beastie Boys but I hope this is not true and/or they didn't know about it. Basically the story relates that the new BB's CD and some rumored copy protection that is really is more like malware. "Check, check, check it out!"

Say it Ain't So Boys

<< 1 - 2 >> Older (First)
Powered By Industrial Memetics