0xdecafbad.com

I am writing this because of my belief that more people need to be aware of this type of attack.  I have been noticing first in 1997 and more so today that people only focus on internet based threats and do not focus on non-internet based threats.  This technique can apply not only to  WAN based fiber links but also to LAN based ones.

PDF spec sheet for the FCD-10B tap by EXFO

This is a subject I have been looking at for years, and for years when people start reading this type of information they either do not care, agree or mentally shut down and refuse to understand anything presented and ultimately throw a tantrum, often making threats because to them the GPL is a religion and not a mere software license. They do not care about the wording of that license if it goes against the Orwellian double speak the FSF puts forth.  The double speak I am referencing is things like the GPL keeps software free.  They are not talking about the cost of the software but rather the freedom to modify it, to distribute modified works and things of that nature.

I will present an alternate theory, that the GPL is restrictive, that those restrictions do not meet the stated goals, and that ultimately the GPL harms open source by creating islands of code that cannot be used together thus forcing developers to rewrite code just to change the license.  This rewriting of code is time and effort spent on duplication rather than innovation, slowing the FOSS movement somewhat. (continue reading…)

Lately I have been interviewed by a few newspaper type organizations in relation to the Playstation attacks.  This is because back in February I commented on IRC (chat network) that Sony needs to fix their servers because they are running known vulnerable software and advertising the versions of that software and its modules  to the world.  I specifically addressed those comments to Sony knowing that Sony was monitoring at that time.  Investigators from the law firm Sony hired to go after George Hotz and Fail 0verflow were seen in  there as well as Sony employees.

Sony has claimed publicly in a press conference they held about PSN that the attacker exploited a “web server” and used a “known vulnerability but it was not known to Sony management”.  This basically goes along with what I warned about months ago.  (continue reading…)

I recently came across a paper on GPU malware.  I am unsure how old this paper is as  I did not see a date in it.  I wanted to expand on this idea a bit.

In section 3.2 on polymorphism they state

No matter how complex the encryption scheme in a packed malware is, upon the end of the unpacking process the code of the original malware will be restored on the host’s memory. At that point, a malware analyst can take a snapshot of the process’ address space and analyze the exposed malicious code. Similarly, runtime malware scan-will be able to detect the original malicious code.

They do address encryption where the keys are stored in private memory of the GPU, however they miss what I believe to be a glaring point.

(continue reading…)

I recently stayed at a hotel where included in your room was wifi internet access.  This is not that unusual, however the system they ran bothered me.  For some reason they got the Dlink hotspot edition management solution for their wifi network.  This was not well suited for the way they gave the internet access out.  Each login & password that you got was useful for only a certain amount of data trafficked.  This may seem reasonable, however it is only useful for about 10-15 minutes of low quality streaming video (320×240).  If you did a system update it would surely run you over.  You then have to go back down to the front desk and ask for another login which they will give you free, and with a smile. (continue reading…)

For a secret project I am planning I decided to swap out the stock wifi card for one with alternate features.  I use the 1000HE eeepc for ham radio and some other tasks.  I really like it.  Due to my background and preferences I had installed linux, at the time I installed I wanted to get all the drivers and all as easily as possible.  To that end I opted for the eeebuntu distribution.  It is currently based on ubuntu, although the next release which is currently in beta will be debian due to severe problems with things breaking with each ubuntu release.

This is the saga of how I did it. (continue reading…)

I have an Asus 1000HE eeepc.  I like it, mostly its battery life.  I installed eeebuntu not being a big windows fan and was displeased when I discovered that you could not directly install to a root cryptofs.  I did it anyway, although it takes a round-a-bout method to accomplish.

For those that do not know, cryptofs is a whole disk encryption solution in linux.  It is transparent to the user, aside from having to enter a passphrase (which can be very long) when you mount the disk.  Making / (root) cryptofs requires some modification to the initrd so that it will load the appropriate modules, set up the proper pseudodevice entries, and then mount the disk.  Swap can also be made encrypted making it even more difficult for anyone to get anything out of your system should it fall into the wrong hands.

Unlike some of the other tutorials out there I do not require you to do an intermediate temporary install, this means that your entire disk except /boot can be encrypted in one go. (continue reading…)