Wednesday, December 18, 2013

December InfoSec Links

NSA and Government
Shame on Feinstein: There is a cost to surveillance.
http://www.siliconvalleywatcher.com/mt/archives/2013/12/shame_on_feinstein_co.php?utm_source=buffer&utm_campaign=Buffer&utm_content=buffer54e85&utm_medium=twitter
RSA took $10mil to backdoor their crypto libraries.
http://www.reuters.com/article/2013/12/20/us-usa-security-rsa-idUSBRE9BJ1C220131220
EFF reviews how the CFAA ruined lives and slowed innovation out of fear:
https://www.eff.org/deeplinks/2013/12/2013-review-tragedy-brings-cfaa-spotlight
Getting the ungettable: The NSA's Tailored Access Operations Unit
http://www.spiegel.de/international/world/the-nsa-uses-powerful-toolbox-in-effort-to-spy-on-global-networks-a-940969-2.html
Backdoors R Us: NSA's backdoor catalog
http://www.spiegel.de/international/world/catalog-reveals-nsa-has-back-doors-for-numerous-devices-a-940994.html
Practical Tamper-evident Techniques
http://www.wired.com/threatlevel/2013/12/better-data-security-nail-polish/


Security and Cool Exploits
Via Chavaukin: 10 things Security should stop doing in 2014
http://blog.anitian.com/2014-stop-doing/
Acoustic cracking of PGP keys.  Fantasy attack made real:
http://www.cs.tau.ac.il/~tromer/acoustic/
SD Card Hacking
http://www.bunniestudios.com/blog/?p=3554

Target Breach Madness
International cards and those associated with a zip code fetch a premium:
http://krebsonsecurity.com/2013/12/non-us-cards-used-at-target-fetch-premium/
Putting a face on the Target breach:
http://krebsonsecurity.com/2013/12/whos-selling-credit-cards-from-target/
Target's faster checkout system explained:
http://www.quora.com/What-is-the-new-instantaneous-payment-system-being-used-at-Target
All PINs in the world leaked! (Tongue in Cheek)
http://pastebin.com/2qbRKh3R

Also hilarious: What happens when the common folk get a glimpse at the code behind:
https://twitter.com/neave/status/415533230579019777/photo/1

Monday, December 16, 2013

Bench Power Supply Complete!

Thanks to SYN Shop, the Las Vegas Hackerspace, I completed a bench top power supply.  I took a class that helped me build one from a kit.  The kit itself produced a 5v out and a configurable out that I ended up making 8.5 for Arduino.

One of the challenges of the class was to take that kit and enhance it.  I removed the resistor on the configurable channel and replaced it with a 10K Ohm potentiometer from Radio Shack.  This allows me to configure it for between 2 and 14.5 volts!



Some time later, I got tired of the alligator clips I used to connect to the two rails.  I replaced them with a barrel connector and switch.  My initial schematic was woefully flawed, however.  If I had completed it, I would have shorted the rails to ground through the switch, blown the fuse, and possibly smoked the voltage regulators.  Yeesh.

Thanks again to SYN Shop and Javid, the teacher who's kit made this possible.

Thursday, November 14, 2013

InfoSec Links for Thursday, November 14, 2013



Adobe Breach Link Blitz:
Root Cause: Cold Fusion
Also Owned: Limo Company to the rich, famous and well connected.  Note the targeted attacks (often called spear phishing) based on the original hack:
AT&T owned too:

An interesting article on how most security amounts to Integration concerns and not true security problems.
Also, putting financial security in perspective:

Updated: Skylanders Hacking

Worked with Skylanders Editor in Windows 8 64 bit.  Here is what I learned:

  1. Editor came with source code and a portal driver.  This is great if I want to play with the code itself and build a Mifare Classic encryption cracker out of it.
  2. You may need to disable the Spyro Portal Service before Editor.exe can talk to a portal.  Do this in services.msc.
  3. I was able to get the PS3 and 3DS wireless portals to work using the driver included in the Editor zip file.
  4. When working with the device in any system post-Vista, make sure to run your command prompt or batch file as an administrator.  This allows such ancient technology to access the USB where the portal connects.
  5. I was unable to get the wired portal to work.  I believe this one is from Skylanders Giants.
  6. I do not have a portal from Swap Force to test it out, but I suspect a new driver will be necessary.
  7. My Nexus will not read Mifare Classic cards with the usual apps.  You need keys and something to teach the NFC reader how to talk using the Mifare proprietary format.
  8. Breaking the Mifare encryption is my next step.  As described in the Editor v2 docs, the key is a bunch of data from Block00-01 and 35 bytes from a constant key.  I have my bead on a Mifare cracker in Backtrack Linux that will do the job quickly. 

Update: After sitting down with the Editor code and some testing, it seems like the author has done all the work for you.  Still planning an exercise to crack the key myself, though.  I conducted a practical upgrade/downgrade test on a first-gen Skylander.  A normal Skylander will go to level 10 in the first release and 15 in "Giants".  The actual Giant figs have yet to be tested, but I expect similar results.  The data pulled the same and decrypted just fine using Editor v2.0. 

Final Note: Don't tell him, but I may get SWAP Force for my son for Christmas just to get a peak at those new guys.  Curious as to how they sense the fig/element match.  It requires a pretty hefty purchase, though, so it is either that or Disney Infinity.

Tuesday, November 12, 2013

Pivoting from Planning to Doing


The above tweet by Dan Kaminsky really got into my system.  As someone who makes lists of things to do, I often get trapped planning more than doing.  Since DEFCON 21, I have tried to focus on doing.  Here is a list of my successes so far:
  • Rooted my Sony Ericsson Xperia Play and installed Cyanogenmod 9.
  • Studied Arduino and created a few basic projects.
  • Started following security wonks on Twitter and have become fairly well-versed in the conversation.
Where to go from here?
  • Hack Skylanders and Disney Infinity using tag writers and custom code.
  • Help Ethan get through Scratch manual.  He has had a blast so far.
  • Creating a product in Arduino.  Planning a card swipe emulator to apply my skills to real world annoyance.
  • And probably most important: settle on a handle.  VegasVic?

Modest Mouse - Missed the Boat

The lyrics to this song got me through a very depressing and delicate time.  I had just split with my wife and given up on religion.  This song gave me comfort that a life without religion could still be fulfilling.  It pointed to a common experience many like me have had: general despair in the ability of the individual to decide a right course for themselves.

Tuesday, June 22, 2010

Heirs of Vulcan Heavy Support

Land Raider Crusader "Throne of Vulcan"

This centerpiece model is the culmination of all my bitz and conversion work. I didn't drastically alter the hull of the model, though I did deck it out with little detail bitz that keep me looking at it from all angles.

The most noticeable conversion is the dozer blade.  Though no longer providing any benefit while playing, this adds bulk to the model (though it will be tough to paint).  As a smal;l detail, I added an extra row of frag charges to the front (because I had them, that's why), fuel/promethium tanks and spigots on the rear (including an externally stored hose), ventilation fan, an extra comms unit, and a set of winches and chain to the top/rear. 

I like to call this the fire truck.  Not sure if it is putting fires out or starting them.  However, it is well kitted to do either.  In addition, the dover blade and winches make it the perfect lost technology recovery vehicle.  All around, the Fabricator General's personal vehicle will make all your battlefield woes vanish when he and the Vet Squad comes tearing out of it, followed by his personal servitors sporting power fists.  Ah, it's good to be king...


Whirlwinds

The floating tank concept is very impractical.  To this end, I gave stabilizers to the artillery.  These Whirlwinds have custom payloads and optics only to be surpassed by their custom feet.  They fly with armor down, but the armor hinges out as they touch down, and provide much needed ground support when launching endless barrages of hell fire.

The conversion itself is very simple: hinge up the extra armor from the Vindicator kit, add several pistons from dozer blades as well as 2 dozer mounting kits (easy to come by should you be copying my plow blade design for the Vindicators) make one Whirlwind.

The conversion really speaks to me, and the model itself is static while telling a dynamic story.  That is a recipe for miniature love, right there.

Vindicators

This was the first vehicle model I converted.  The FW extra armor and smoke stack from Cities of Death's Manufactorum fell into my hands at Blue Table, and somehow I conned Shawn into giving me two dozer blades to mutilate.  This was also the inception of replacing the front plate of the Rhino chassis with CoD vents.

Together, it makes sense.  The wildly inaccurate mortar chell lobbed by a Vindi could only come from a mobile, floating mortar  Extra bling in the form of a pop-up HK Missile and custom floating using superglue caps and specialized flying bases rounded out the conversions.

When I started this army, I had no intention of building a coherent force out of it.  However, the concepts that appeared here wormed their way into every inch: ubiquitous geared skull, floating EVERYTHING, Storm-bolter positioning, on and on.  Not only is the Rhino chassis preserved, but it is enhanced in a way that is not totally outlandish and quickly recognizable.  In other words, I am not putting down a Dr. Pepper bottle and calling it a Carnifex, I'm building my own little corner of the universe, related but unique.


Thunder Fire Cannon

OK, so I saw the newest Space Marine swag before Games Day oine year and said to myself, "Self, you're broke.  Make a choice."  Instead of buying the Thunderfire, I bought the limited edition Techmarine which became my beloved Librarian HQ, the Archivor General.  This piece was then started to fill the new slot.

Clearly, the scale compared to the real thunderfire is way too big.  This makes it a sitting duck.  Stripping the battery cells (Leman Russ Wheels) down to the single large cell and reducing height and width would give it a much needed playability bonus.  However, as far as goofy contraptions goes, this is it.  This could easily serve as an Anti-Aircraft Mount for Apocalypse or be re-engineered as the big gun on a converted Bane Blade.