[Virgil] presented the next version of Wikiscanner at The Last HOPE today. To build the original Wikiscanner, he scanned the monthly database dump of anonymous edits and compared that against a purchased list of known company IP addresses. The 34.5 million edits account for nearly 21% of all edits. The idea was to unearth businesses and groups white washing critical pages. This only handles anonymous edits though. Users could log in to avoid having their IP reversed.
In the new version, [Virgil]’s team developed a Poor Man’s CheckUser. If you spend too much time editing a talk page, your session could end and when you hit save it attaches your IP. Most regular users will then log in and remove their IP. They found 13,000 username/IP address pairs by searching for IPs being removed and replaced with usernames. These are some of the most active users. Using this list, they could potentially uncover sockpuppets or potential collusion by top editors.
Continue reading “HOPE 2008: Wikiscanner 2.0” →
The team from Princeton has released their cold boot attack tools at The Last HOPE. Earlier this year they showed how to recover crypto keys from the memory of a machine that had been powered off. Now they’ve provided the tools necessary to acquire and play around with your own memory dumps. The bios_memimage tool is written in C and uses PXE to boot the machine and copy the memory. The package also has a disk boot dumper with instructions for how to run it on an iPod. There’s also efi_memimage which implements the BSD TCP/IP stack in EFI, but it can be problematic. aeskeyfind can recover 128 and 256bit AES keys from the memory dumps and rsakeyfind does the same for RSA. They’ve also provided aesfix to correct up to 15% of a key. In testing, they only ever saw 0.1% error in there memory dumps and 0.01% if they cooled the chips first.
Continue reading “HOPE 2008: Cold Boot Attack Tools Released” →
While Defcon badges have taken on the habit of being hackable electronics, The Last Hope badge is taking a new shape this year. It’s dubbed the Attendee Meta-Data project (AMD for short). Aside from the tombstonian dimensions, it features a trackable RFID tag that’s going to be used to create a different sort of conference experience.
Sure, the creators might use the badges to make sure they meet all the lovely ladies in attendance, but the idea is to use the data to improve the conference experience for everyone. Attendees have the ability to add tags indicating their interests. Combine that data with actual location tracking and people can now network and interact based on what and who they’re looking for. It’s social networking coming full circle to include actual socializing.
The Last HOPE is off and running in NYC. [Karsten Nohl] started the day by presenting The (Im)possibility of Hardware Obfuscation. [Karsten] is well versed in this subject having worked on a team that the broke the MiFare crypto1 RFID chip. The algorithm used is proprietary so part of their investigation was looking directly at the hardware. As [bunnie] mentioned in his Toorcon silicon hacking talk, silicon is hard to design even before considering security, it must obey the laws of physics (everything the hardware does has to be physically built), and in the manufacturing process the chip is reverse engineered to verify it. All of these elements make it very interesting for hackers. For the MiFare crack, they shaved off layers of silicon and photographed them. Using Matlab they visually identified the various gates and looked for crypto like parts. If you’re interested in what these logic cells look like, [Karsten] has assembled The Silicon Zoo. The Zoo has pictures of standard cells like inverters, buffers, latches, flip-flops, etc. Have a look at [Chris Tarnovsky]’s work to learn about how he processes smart cards or [nico]’s guide to exposing standard chips we covered earlier in the week.
Many a computer gamer has scowled at the thought of trying to control an FPS with thumb sticks. When you’re used to the precision and speed of a mouse, the analog stick feels, well… just wonky. XIM360 has built, what is hopefully a big step forward in inputs for the 360. The device is an add on to the XFPS, and supposedly delivers an experience that is “what you’ve always hoped to get”.
The project came into existence when people, let down by the poor performance of the XFPS started augmenting it to try to get desired results. They used a board called XIM to get better control. The new board, XIM2 was built from the ground up to achieve the best possible experience. The XIM2 is now available for pre-order.
More information can be found on their website, as well as a large user forum of modders and hackers.
[via Xbox-Scene News]
In the aftermath of [Terry Childs], the jailed disgruntled software engineer who created a God password and effectively locked San Francisco officials out of their own computer system, IT Grind unveils its Techie Hall of Shame. The Hall of Shame highlights figures who give computer professionals a bad name. From [Roger Duronio], the systems administrator who wasn’t satisfied with his raise, to [Kenneth Kwak], who installed spyware on his boss’ computer in order to gossip, the wrath of the IT professional can wreak thousands to millions of dollars of damages for companies and corporations to clean up. As much as these figures seem to be singular figures, we think they also serve as cautionary tales. Always have backup. If you suspect you’ve got a disgruntled employee, you should probably at the very least keep another expert eye on him. And hire more than one person to manage your systems. [Deb Perelman] asks her readers who else they think would be worthy of the Hall of Shame. We’re curious to know what you think, too.
Today, [sprite_tm] let us in on one of his pet projects. This is an inexpensive portable game platform runs about $50 and happens to use an ARM CPU and a 320×240 color LCD. Because it’s so cheap, he’s been working on reverse engineering the thing and there’s already a proof of concept homebrew version of Pong out for it.
Update: Yeah, yeah – title’s fixed.