34C3: Roll Your Own Network Driver In Four Simple Steps

Writing your own drivers is a special discipline. Drivers on the one hand work closely with external hardware and at the same time are deeply ingrained into the operating system. That’s two kinds of specialization in one problem. In recent years a lot of dedicated networking hardware is being replaced by software. [Paul Emmerich] is a researcher who works on improving the performance of these systems.

Making software act like network hardware requires drivers that can swiftly handle a lot of small packets, something that the standard APIs where not designed for. In his talk at this year’s Chaos Commnication Congress [Paul] dissects the different approaches to writing this special flavor of drivers and explains the shortcomings of each.

Continue reading “34C3: Roll Your Own Network Driver In Four Simple Steps”

34C3: North Korea’s Consumer Technology

[Will Scott] and [Gabe Edwards] shed some light on the current state of consumer computing technology at 34C3 in their talk DPRK Consumer Technology. The pair has also created a website to act as a clearinghouse for this information — including smartphone OS images up at koreaComputerCenter.org.

Not a whole lot is known about what technology North Korean citizens have available to them. We have seen Red Star OS, the Mac-like Linux based operating system used on PC based desktops. But what about other systems like smartphones?

[Will] and [Gabe] found that cell phones in North Korea are typically manufactured by Chinese companies, running a custom version of the Android Operating system. The phone hardware is common — the phone sold as the Pyongyang 2407 in North Korea is also sold in India as the Genie v5. If you can get your hands on the Genie, you can run the Korean version of the Android OS on that hardware.

Continue reading “34C3: North Korea’s Consumer Technology”

31st Chaos Communications Congress

The 31st annual Chaos Communications Congress (31C3) kicked off today and you’ve already missed some great talks. If you’re not in Hamburg, Germany right now, you can watch the talks as they happen on the live stream. So stop reading this blog post right now, and check out the list of presentations. (But don’t fret if you’ve already missed something that you’d like to see. All the talks are also available after the fact.)

For those of you whose worldview is centered firmly on the You Ess of Ay, you’ll be surprised to learn that the Congresses are essentially the great-grandaddy of the US hacker conventions. If you’re one of the many (old?) US hackers who misses the early days of yore before DEFCON got too slick and professional, you’ll definitely like the CCC. Perhaps it’s the German mindset — there’s more emphasis on the community, communication, and the DIY aesthetic than on “the industry”. It’s more HOPE than DEFCON.

This is not to say that there won’t be some great hacking showcased at 31C3. It is the annual centerpiece of the European hacker scene, after all. Hardware, firmware, or software; it’s all exploited here.

Some of the talks are in German, naturally, but most are in English. If you haven’t attended before, you at least owe it to yourself to check out the live stream. Better yet, if you’re a member of an American hackerspace, you can at least set up local remote viewing for next year. Or maybe you’ll find yourself visiting Germany next Christmas.

[Image: Wikipedia / Tobias Klenze / CC-BY-SA 3.0]

Lightning Rod: keeps you safe from dirty Flashers

A new open source package called Lightning Rod will help to close security exploits in Adobe’s dirty Flash code. A presentation made at the 26th Chaos Communication Congress showed that the package does its job by reviewing incoming code before the browser executes it. Heise Online is reporting that this method can block over 20 different known attacks and can even be used to filter out malicious JPG attacks. As more vulnerabilities are discovered they can be added to Lightning Rod to close the breach. This amounts to a virus scanner for Flash code. It’s great to have this type of protection but why can’t Adobe handle its security problems?

[Photo Credit]

[Thanks das_coach]