[Patrick] directed us to his project for alternate realism. The final goal is to be able to walk around in a space wearing a head mounted display, exploring a virtual representation of that space. This virtual representation could be altered, stylized, augmented and modified in countless ways. It is an exploration in perception, similar to enjoying different styles of painting, we could enjoy different styles of viewing a real space. Currently, it isn’t quite real time. He has to scan a room with a somewhat bulky device, then plug into his display to explore it. Being able to scan quickly and reliably enough shouldn’t be far off. [Patrick] notes that others have done almost real time scans at home already.
With all the noise about Conficker turning your computer into liquid hot magma on April 1st, there’s actually some positive news. Researchers from the HoneyNet Project have been following the worm since infections started in late 2008. They recently discovered an easy way to identify infected systems remotely. Conficker attempts to patch the MS08-067 vulnerability during infection. A flaw in the patch causes the machine to respond differently than both an unpatched system and an officially patched system. Using this knowledge, the team developed a proof of concept network scanner in python to find infected machines. You can find it in [Rich Mogull]’s initial post. [Dan Kaminisky] has packaged it as an EXE and has instructions for how to build the SVN version of Nmap, which includes the new signature. Other network scanner vendors are adding the code as well.
In conjunction with this detection code, the team has also released the whitepaper Know Your Enemy: Containing Conficker. It discusses ways to detect, contain, and remove Conficker. They’ve combined this with a tool release that covers Conficker’s dynamic domain generation among other things.
Midnight Research Labs has just published a new tool. Depant will scan your network and check to see if services are using default passwords. It starts by performing an Nmap scan to discover available services on the network. It organizes these services by speed of response. Using Hydra it does brute force password checking of these services with a default password list. The user can supply an alternate list for the first phase or an additional list to be used in a followup check. Depant has many different options for configuring your scan and will certainly help you find that rogue piece of hardware on your network that someone failed to set up securely.
[Radiohead], being no strangers to out of the box delivery ideas, are preparing to release a new video that was created without the use of cameras. The entire video for the song House of Cards was “filmed” using lasers.
The system, known as Geometric Informatics and Velodyne Lidar, scanned the entire environment 900 times a minute to capture an entire party in real time.
The video was originally set to be released in mid July, but appears to have been moved back.