| |
| Current Topic: Technology |
|
Mike Lynn's 'exploit', in plain (non-technical) English |
|
|
|---|
| Topic: Technology |
9:51 am EDT, Aug 2, 2005 |
There has been an almost unbelievable amount of hubbub lately about the research that Mike Lynn gave a demonstration of at the BlackHat conference last week, and there's been a positively dizzying amount of "spin" applied to the media. Let me say one thing to everyone reading this, right up front. What Lynn uncovered is a serious issue, probably actually more serious than what the media is making it out to be. While coverage on the issue is good (and useful to both "sides") the lack of actual accurate reporting on the issue isn't helpful to anyone. Part of the problem is that apparently, outside of the list of BlackHat attendees, there's not that many people running around who truly understand what Lynn's research uncovered. Lynn did not reveal an "exploit" in the usual sense. In fact, Lynn of his own volition has been playing his cards fairly close to his chest on this, and omitted most of the technical details of the problem from his presentation in order to assure that no one would be able to easily "follow in his footsteps". Lynn, it can safely be said, was scared by what he discovered--scared enough that he has risked his livelihood not once but twice in order to be sure that should the technical aspects of what he's found not be resolved before someone with less respect for the continuation of the Internet figures it out for themselves, the network and security administrators of the world will have had time to take some steps to reduce the amount of damage done. It can no longer be thought of as a sure thing that just because a particular vulnerability could "break the Internet" that no one's going to try it just to see if it's really true. We have a rather excellent example in recent history that pretty much everyone is aware of by now... the MS Blaster worm which raged around the Internet wreaking rather unprecedented havok. Pretty much everyone on the Internet was either personally affected by this, or knows someone who was. Blaster made use of a vulnerability that had become rather common knowledge by the time it was released, but had already been known to many security professionals for months. The real problem that made things so painful and propagation of Blaster so widespread, was that for those months, Microsoft had been actively denying that there was ever a problem until Blaster forced them to admit it. Had system administrators been made aware of the issue and the meager steps needed to impede the spread of Blaster (which everyone implemented in a white-hot hurry once their networks were figuratively ablaze) the damage could have been much less indeed. Cisco is not helping the issue, or I should say, Cisco's lawyers are not helping the issue. Cisco makes some really awesome products, and their technical people can't really be faulted for this one technical flaw. The problem is that Cisco's lawyers are convinced that public knowledge of a serious issue ... [ Read More (1.3k in body) ] Mike Lynn's 'exploit', in plain (non-technical) English |
|
Etymotic Research, Inc. - ER6i Isolator Earphones |
|
|
|---|
| Topic: Technology |
9:08 pm EDT, Jun 6, 2005 |
Anyone that knows me knows I'm sorta obsessed w/ audio technology. Headphones, stereos, pre-amps, amps... that sort of thing. I already own a set of grado sr125 but with my new ipod shuffle, but for practical reasons I had to get a set of ear buds. I had a pretty good reason for the In Ear Monitors (IEMs). I wanted to use them on the metro and while I was biking around. Most importantly they had to sound good cause I'm spoiled like that. So I debated between the Etymotics er6i and the Shure e3c's for a long time w/ my audio-crazy friends. It came down to the fact that my friend GB was gonna buy the e3c's and I was gonna buy the er6i's. Purchased from buy.com these cans were $92 shipped. I have to say that in the three days I've had these things:
1) My ears have gotten used to having silicon nipples shoved into them.
2) They sound great.
3) The level of isolation pretty much allows me to hide from the outside world. The first worry was that they wouldn't fit. I have pretty small ears. And at first these cans are pretty uncomfortable. To get the best sound out of them you really do have to shove them almost the point that they touch your cochlea but once you master how to shove them in... As far as sound quality goes: OMFG they're awesome. Nice and clean articulate highs, headful bass and that isolation. These thing supposedly provide upto 32db of isolation... If you know anything about math, 32db is HUGE. Basically when you shove these things in you can't hear very much at all. I liken it to having your head underneath four or five pillows and underwater. Loud sounds will register to you, but conversations will be totally gone. This is a feature. Overall I give these cans a 7. The "Shove-in-head-until-you-see-yellow" was basically why I rate these lower than they should. We'll see how I feel about these things in 2wks. --- [a month later] --- DAMNIT! I can't reply to these things if I'm the one that posted. BUG! Anyways I did a dumb thing and got a shampoo and a haircut w/ these headphones still in my ears. Bad mistake. The headphones got really wet and after a couple of days all the sound in the left ear disappeared. I called in their customer support and asked if there might be a problem and the nice lady told me that "you probably have to replace the filters". I did and they're back to sounding groovy. So I went back to the etymotic site and bought more filters and some new ear plugs and a case... that added $40 to the cost of these headphones but the quality has been worth it. --timball Etymotic Research, Inc. - ER6i Isolator Earphones |
|
|
|---|
| Topic: Technology |
10:46 am EDT, May 10, 2005 |
] Time to mix things up. Meet iPod shuffle, the
] unpredictable new iPod. What will it play next? Can it
] read your mind? Can it read your moods? Load it up. Put
] it on. See where it takes you. Choose from pocket-size
] 512MB or 1G models starting at $99(1) and surprise
] yourself. Last night I bought the 1GB version. I really do like it. It's super light, ultra durable, and more important it's an ipod. What I hate is steve jobs. I hate him. I hate his marketing tactics. I hate the feeling of "completion" I had while I listened to my shiny new shuffle and seeing an ipod poster on the metro wall. What really irked me was the fact that the whole marketing campaign worked on me. My name is timball and I bow before the temple of Steve Jobs. Apple - iPod shuffle |
|
Advanced binary analysis of CherryOS: proof of theft |
|
|
|---|
| Topic: Technology |
11:10 am EST, Mar 31, 2005 |
just incase anyone didn't believe them already here goes the analysis (I do this sort of thing for a living) first off CherryOS.exe is what we call in the security industry "packed", that means that they have taken a compiled binary and run it through an obfuscator to make it hard to reverse engineer (or at least with hard if all you're doing is strings)...this is common for virus writers, worm writers, 31337 bot net kiddies, and on the legitimate side, game developers do this a lot...its not very common among the commercial (or free) legitimate software market (mostly because it doesn't work and doesn't do any good) so, the easiest way to defeat the packing is simply to let it start up (this one has several annoying checks for debuggers so its easiest to just attach after its loaded)... the eula for this thing says its a violation to reverse engineer it, but if you do disassemble it you find they never had the rights to license it in the first place, so I don't feel worried to put this here... if you want to follow along I downloaded a trial copy of CherryOS this morning and I got the latest version of pearpc as of this morning off of sourceforge (not from cvs, just the tarball), I am using windows XP with Interactive Disassembler (IDA)... ready...here goes: so the first thing we want to do is find some strings which are common to both, they will not in and of themselves give you the answer you're looking for but they will give us a good starting point, we will then use these to get a context on the code that uses these strings, we will then compare the functions (or in this case class methods) to see if they are similar (or in this case identical) so, example number one lets look at something in the cpu emulation code (because that is the heart of the code) direct your editor to cpu/cpu_jitc_x86/jitc.cc line 465 you will see the following small function extern "C" void FASTCALL jitc_error_program(uint32 a, uint32 b) {
if (a != 0x00020000) { // Filter out trap exceptions, no need to report them
ht_printf("JITC Warning: program exception: %08x %08x\n", a, b);
}
} first lets see if we can find the format string "JITC Warning: program exception: %08x %08x\n" somewhere in the core memory image of CherryOS now if you're using IDA attach to an already running CherryOs.exe (not to be confused with mainCherryOs.exe) and regenerate strings or do a direct string search, and search for this exact string... you will find it in the text segment located at .text:0040E890...now the fact that it exists alone is almost enough to pass summary judgment, but lets keep going so its painfully obvious... in cherryos.exe at .text:0040E8C0 you will see a reference to the format string from pearpc the disassembled function at this address looks like this (don't worry details will be explained in a bit) .text:0040E8C0 sub esp, 0Ch
.text:0040E8C3 cmp ... [ Read More (1.6k in body) ] Advanced binary analysis of CherryOS: proof of theft |
|
|
|---|
| Topic: Technology |
5:22 pm EST, Mar 24, 2005 |
] zipdecode
]
]
] This project began a very short sketch (a few hours) that
] I created because I was curious about how the numbering
] works for zip codes in the states.
]
]
] This version adds several features over the original,
] including zoom, some new colors (thanks to Eugene Kuo for
] suggestions), and a better zip code database (because of
] all the people who emailed and were sad that they
] couldn't find themselves).
] k-rad zipdecode | ben fry |
|
MPlayerhq puts up protest |
|
|
|---|
| Topic: Technology |
6:14 pm EST, Mar 22, 2005 |
] Free Software Multimedia Threatened by Software Patents
]
] Closed for patent infringement
]
] This site has been shut down because of numerous patent
] violations in MPlayer. The other free software multimedia
] players are next.
]
...
]
] Wish us luck, we will need it. MPlayerhq puts up protest |
|
|
|---|
| Topic: Technology |
1:59 pm EST, Mar 17, 2005 |
] Welcome to Google Code, Google's place for Open Source
] software. Read the FAQ for more information. Google Code |
|
Google switches on TV search beta |
|
|
|---|
| Topic: Technology |
5:58 pm EST, Jan 26, 2005 |
Google has launched a service designed to search TV content from US broadcasters including PBS, NBA, Fox News and C-SPAN. http://video.google.com Google switches on TV search beta |
|
|
|---|
| Topic: Technology |
2:37 pm EST, Jan 26, 2005 |
] The Solaris operating system is being released under the
] terms of the OSI-approved, CDDL (Common Development and
] Distribution License). Millions of development hours
] worth of code and over 1,600 patents are being
] contributed to the open source community. We know that
] innovation happens everywhere. And we're going to stand
] shoulder to shoulder with you. To push Solaris. And see
] how far we -- together -- can take it. Soon. Everything in opensolaris is soon, but they have released the code to DTrace... which is cool. Of course it only works on solaris... OpenSolaris.org |
|
