Month: July 2008

Predictive Blacklisting With DShield

July 25, 2008 by 4 Comments


The DShield project is hoping to change how we protect our networks from malware with predictive blacklisting. Using a method similar to Google’s PageRank, DShield collects logs from network administrators to help develop a score based on maliciousness. They combine this score with information about where the malware has already hit to determine an overall threat level.

Similar to antivirus programs, the system still relies on networks being attacked to rate the threat level. They have shown though, that the predictive method is consistently more effective than manual blacklisting. The system has been available for free for the past year. Those utilizing the system have been reporting positive results. They do note that there are a few people whose network infrastructure doesn’t match up with the predictions very well. If you would like to participate, go to their site and sign up.

HOPE 2008: YouTomb, A Free Culture Hack

July 25, 2008 by 9 Comments


YouTomb is a research project designed by the MIT Free Culture group to track video take downs on YouTube. To succeed, the team needed to track every single video on YouTube… which is close to impossible. Instead, they built several “explorer” scripts to track what videos were interesting. One explorer tracks all of YouTube’s lists: recommended, featured, most active, and more. Another explorer picks up every video submitted to YouTube, and a third crawls Technorati.

The explorers just find the videos; a separate group of scanner scripts checks the current status of videos. It checks both the new videos and ones that have been killed to see if they return. YouTomb archives every video it finds. They display the thumbnail of the video under fair use, but they’re still determining whether they can display each video in full.

Continue reading “HOPE 2008: YouTomb, A Free Culture Hack”

Drill Powered Mini Bike

July 24, 2008 by 25 Comments


DPX Systems seems to deal exclusively in devices powered by handheld drills. In addition to the mini bike in the video above, they’ve made systems for wheelchairs, toolboxes, and hoists. The device costs $630, but we know most of you just need prompting that something is possible to be well on your way to building your own version. We’re still more fond of weed whacker machines.

[via Toolmonger]

DNS Cache Poisoning Webcast

July 24, 2008 by 4 Comments


UPDATE: Full audio of the webcast is now available

Today Black Hat held a preview webcast with [Dan Kaminsky] about the massive DNS bug he discovered. On July 8th, multiple vendors announced a patch for an undisclosed DNS vulnerability. [Dan Kaminisky] did not release the details of the vulnerability at that time, but encouraged security researchers to not release their work, if they did happen to discover the bug. On the 21st, the full description of the vulnerability was leaked.

In today’s webcast, [Dan] covered how he felt about the handling of the vulnerability and answered a few questions about it. He started out by talking about how he stumbled across the bug; he was working on how to make content distribution faster by using DNS to find the server closest to the client. The new attack works because DNS servers not using port randomization make it easy for the attacker to forge a response. You can read the specifics of the attack here.

Continue reading “DNS Cache Poisoning Webcast”

HOPE 2008: Methods Of Copying High Security Keys

July 24, 2008 by 4 Comments


[Barry Wels] is well known for his lockpicking talks, but this year he wanted to talk about how he copies high security keys. If a key blank is available, you could make a copy just by viewing the original. High security keys generally have profiles with more side cuts, which means you can guess at how deep a specific pin is by observing how many cuts it crosses. He also showed that you could imprint your arm with the key and use that as a guide. If a blank isn’t available, you could fill a similar key with solder and file that down.

[Barry] showed two different kits for casting keys. The first used soft clay in a clam shell to make an imprint of the original key. The form is then filled with a low melting point alloy (probably Wood’s metal) to create the new key. A second style uses a metal form and two part silicone to create the mold. This method works for most high security keys, but will not work on keys with active elements like sliders or magnets.

Finally, [Barry] talked about his favorite method: impressioning. Unlike picking a lock, when you’re done impressioning you have a funtional key. You start with key blank and file off the top layer. Place the blank in the lock and turn it till it jams. Then, you rock the key up and down. Observing the key under light you’ll see a small mark where each pin is. File a bit where the marks appear and repeat the process. You can’t use too much force or you might break the blank. This also works on dimple keys and as this video shows, laser cut keys. [Barry] highly recommends the impressioning book by [Oliver Diederichsen].

[photo: Rija 2.0]

Behead Your Laptop

July 24, 2008 by 19 Comments


[Mark] sent in this nice trick for breathing new life into an old laptop. [Sarc] had a tibook with a broken LCD. It was still usable with an external monitor, so he simply removed the broken LCD. The tibook (and MacBook) uses a magnetic sensor to monitor the LCD position. To put the machine in the right mode, he taped a magnet in place to make the machine think that the display was in the closed position. To really clean things up, he mounted all the hardware under the desk and used a wireless keyboard and mouse with the machine.