Archive for the ‘Python’ Category

Today’s update from the Department of Things That Make You Go “Hmmmmmmmmmmm”.

Thursday, January 16th, 2014

I found a couple of interesting little tidbits while going through the “Cisco 2014 Annual Security Report”. Before I begin, disclaimer and explainer: keep in mind that I am a contractor for Cisco. However, the 2014 Report is not a Cisco internal document, but is available to the public. You can download it here, though you do have to enter your name and an email address.

Things that I found interesting:

Ninety-nine percent of all mobile malware in 2013 targeted Android devices. Android users also have the highest encounter rate (71 percent) with all forms of web-delivered malware.

You. Don’t. Say.

Spam volume was on a downward trend worldwide in 2013. However, while the overall volume may have decreased, the proportion of maliciously intended spam remained constant.

So we’re winning? Maybe?

Of all the web-based threats that undermine security, vulnerabilities in the Java programming language continue to be the most frequently exploited target by online criminals, according to Cisco data.

More:

Data from Sourcefire, now part of Cisco, also shows that Java exploits make up the vast majority (91 percent) of indicators of compromise (IoCs) that are monitored by Sourcefire’s FireAMP solution for advanced malware analysis and protection (Figure 12).

So should you disable Java? I think Borepatch would probably say “yes”. But this is also interesting:

90 percent of Cisco customers use a version of the Java 7 Runtime Environment, the most current version of the program. This is good from a security standpoint, since this version is likely to offer greater protection against vulnerabilities…
…However, Cisco TRAC/SIO research also shows that 76 percent of enterprises using Cisco solutions are also using the Java 6 Runtime Environment, in addition to Java 7.

JRE6 has been end-of-lifed and is no longer supported. I’m thinking the best practice here is:

A. Carefully evaluate your need for Java.
II. If you do need it, use the most current version.

At 43.8 percent, Andr/Qdplugin-A was the most frequently encountered mobile malware, according to Cisco TRAC/SIO research. Typical encounters were through repackaged copies of legitimate apps distributed through unofficial marketplaces.

“unofficial marketplaces”. You. Don’t. Say.

There’s a lot more in the report, including a brief discussion of Wireshark and Python tools for doing data analysis. I do commend it to your attention, even though my bias here is obvious.

Edited to add: left out one I intended to include.

In a recent project reviewing Domain Name Service (DNS) lookups originating from inside corporate networks, Cisco threat intelligence experts found that in every case, organizations showed evidence that their networks had been misused or compromised.
For example, 100 percent of the business networks analyzed by Cisco had traffic going to websites that host malware, while 92 percent show traffic to webpages without content, which typically host malicious activity. Ninety-six percent of the networks reviewed showed traffic to hijacked servers.

Noted.

Thursday, August 15th, 2013

The 5th edition of Learning Python is out.

Since I am not an idiot, I bought the ebook; doing so is easier both on my wallet and on my back. I started reading it and working through the examples last night.

Quoth Chapter 1, under “Who uses Python today?”:

The IronPort email server product uses more than 1 million lines of Python code to do its job.

I can only smile and say “No. Comment.

And a few bullet points later:

The NSA uses Python for cryptography and intelligence analysis.

So remember, folks: the NSA is spying on you, but they’re doing it with open source software. Doesn’t that make you feel better?

(Yes, yes, I’m sure the NSA also uses Perl and Java and Visual Basic and FORTH and even internally developed languages that are still classified. I just found it funny, is all.)

Joey deVilla has a blog?

Friday, November 16th, 2012

I mean, other than “The Adventures of Accordian Guy in the Twenty-First Century“?

Yes, yes he does.

I ran across this on the Y Combinator Twitter yesterday, and thought I’d give FizzBuzz a shot. I’d estimate it took me just under 30 minutes to get the code you see here, which I believe “works”. Part of that time was taken up with assisting one of my cow orkers with a problem, though. An embarrassingly large chunk of that time was taken up by my having to look up the Perl syntax for “for”, “if”, and the modulo operator. I’m a bit rusty; the last time I wrote substantial Perl code was about a year ago (a Perl script that parses CSV data from a file and imports it into a SQL database).

Anyway, code:


#!/usr/bin/perl
for ($index = 1; $index < 101; $index++)
{
$div_by_3 = 0;
$div_by_5 = 0;
if ($index % 3 == 0) {
$div_by_3 = 1;
}
if ($index % 5 == 0) {
$div_by_5 = 1;
}
if ($div_by_3 == 1 && $div_by_5 == 1 ) {
printf "FizzBuzz\n";
} else {
if ($div_by_3 == 1) {
printf "Fizz\n";
} else {
if ($div_by_5 ==1){
printf "Buzz\n";
} else {
printf "$index\n";
}
}
}
}

As always, when I put stuff like this up, I welcome criticism or comment on how I could have done it better (or, in this case, “right” if I did it wrong). The way I see it, I can’t get any better if I don’t solicit and accept criticism.

(Followup from deVilla here.)

Edited to add: I was going to upload a Python version that I wrote in (about) 20 minutes (I think). I keep planning to sit down and learn Python, but then somebody calls and wants to go riding bikes or whatever…anyway, I couldn’t paste that here and have it come out the way I wanted to, so I’ve uploaded it here. (I had to change the extension from “.py” to “.txt” because WordPress didn’t like “.py”.)

DEFCON 20 updates (round 2).

Thursday, August 2nd, 2012
  • Here’s a link to the slides from Terrence Gareau’s “HF Skiddies Suck, Don’t Be One. Learn Some Basic Python” presentation. I’m not complaining, but be advised that this is a large download (620 MB ZIP file) with video and code examples. Also be advised that, based on a very brief preliminary skim of the file, there may be some NSFW material in the presentation.  (Also not a complaint, but an observation.) I’d like to thank Mr. Gareau for making this available: his presentation is the only one in the “DEFCON 101″ track that I’ve found so far.
  • Added a link to Renderman‘s presentation on ADS-B hacking, “Hacker + Airplanes = No Good Can Come Of This” to the day 2 notes.
  • Josh Brashars (who is a heck of a nice guy) and I have exchanged emails, and he’s graciously allowed me to temporarily host the version of his “Exploit Archaeology: Raiders of the Lost Payphones” presentation from the DEFCON 20 DVD. Of course, iDisk no longer exists (NOT that I’m BITTER or anything) and WCD’s hosting provider/WordPress implementation has a 10 MB file size limit, so I’m using Dropbox to host this file. Let me know if it doesn’t work.

-2 Day DEFCON 20 notes.

Monday, July 23rd, 2012

The schedule for DEFCON 20 is up.

Lawrence reminded me on Saturday that I also had not solicited panel requests, so this is your pre-DEFCON 20 post.

I’m flying out Wednesday morning and getting to Las Vegas around 1 PM. I’m hoping to visit the Mob Museum (just because it is new since my last visit, and I haven’t seen it) and to make a return trip to the two bookstores I visited last year. Lotus of Siam is also required.

There is some stuff going on at DEFCON on Thursday:

Here’s what I’m interested in on Friday:

Saturday, we have a possible tie for this year’s “Hippie, PLEASE” panel:

I shan’t be attending either. The Saturday panels I am interested in:

Sunday! Sunday! Sunday! Live at DEFCON 20! Nitro-burning FUNNY CARS!

So that’s that. If anyone has any specific panel requests after looking over the posted schedule, let me know (by email on in the comments), and I’ll try to hit those events. Also, if anyone has any recommendations for new, cool, or interesting places to eat in Vegas, feel free to leave those in comments.

(Edited to add: It’s a Borepatch-o-lanche! Thank you, brother man!)

0 Day DEFCON 18 notes.

Thursday, July 29th, 2010

This year, I got in on Wednesday, which reduced the stress level considerably. Mike the Musicologist met me here; Andrew “Swordfish Trombone” Wimsatt is flying in tonight.

Mike and I had a pretty good (and cheap!) dinner Wednesday night at Four Kegs, which some of you may recognize from “Diners,  Drive-Ins, and Dives“.

DEFCON 18 panels that I may, or may not, attend, but will point out for Lawrence‘s benefit:

Weaponizing Lady Gaga, Psychosonic Attacks

I’ve already missed the “Hardware Black Magic: Designing Printed Circuit Boards” and “Go Go Gadget Python: Introduction to Hardware Hacking” panels, but I figure most of the information from those is on the DEFCON 18 CD.

Panels I want to attend:

I’m torn between the annual “Making of the Badge” panel, and the “How To Get Your FBI File (and Other Information You Want From the Federal Government)” panel. If I do get moving that early, I suspect I’ll end up at the latter one.

Build a Lie Detector/Beat a Lie Detector“. My desire to attend this is mostly based on nostalgia. When I was a young boy, my dad gave me several of the Radio Shack 50-in-1/100-in-1/250-in-1 electronic kits for Christmas. One of the projects in those was always a lie detector, and I always built that project.

Build your own UAV 2.0 – Wireless Mayhem from the Heavens!” How could anyone not go to that panel?

Exploiting Digital Cameras“. Another panel that seems designed to push multiple buttons on my user interface at once.

DCFluX in: Moon-bouncer“. Looks like it could be a fun panel on alternative methods of communication in a critical situation, like moon-bounce (something I’ve heard of from the amateur radio community).

Black Ops Of Fundamental Defense: Web Edition“. Dan Kaminsky. Again, enough said.

Extreme Range RFID Tracking“. I haven’t gotten that deep into RFID hacking yet (though I might change that this year), but I’m interested in this long-range low-power radio device stuff. Also, this is one of two Padget talks I want to see.

Jackpotting Automated Teller Machines Redux” The Black Hat version of this talk is already getting a lot of attention.

I’m having trouble deciding between “This Needs to be Fixed, and Other Jokes in Commit Statements“, which sounds like it could be very funny, and “Insecurity Engineering of Physical Security Systems: Locks, Lies, and Videotape“; I have a lot of respect for Tobias’ work.

Practical Cellphone Spying” is the other Padget talk I want to see.

We Don’t Need No Stinkin’ Badges: Hacking Electronic Door Access Controllers“: besides the title reference, this might make good background for that novel. I’m also considering “Wardriving the Smart Grid: Practical Approaches to Attacking Utility Packet Radios” as another possibility; I’d really like to see both.

Physical Security : You’re Doing It Wrong!” Well, if he’s going to talk about how to get vendors to take you to lunch, sure!

Physical Computing, Virtual Security: Adding the Arduino Microcontroller Development Environment to Your Security Toolbox“. I’ve been thinking about getting into microcontroller hacking, and this seems like it might be a good introduction to the Arduino (which is one of the environments I’ve considered).

Hacking with Hardware: Introducing the Universal RF Usb Keboard Emulation Device – URFUKED” and “Programmable HID USB Keystroke Dongle: Using the Teensy as a Pen Testing Device“: it sounds like there could be a lot of overlap between these two panels.

The Search for Perfect Handcuffs… and the Perfect Handcuff Key“. You never know when you might need to get out of a pair of handcuffs…

I haven’t decided between “Attack the Key, Own the Lock“, which sounds like it may be a rehash of some panels at previous DEFCONs, and “Constricting the Web: Offensive Python for Web Hackers“, which pushes the Python button.

Electronic Weaponry or How to Rule the World While Shopping at Radio Shack“. Not a lot of information on the DEFCON site; I’ll probably go and leave if I get bored.

Breaking Bluetooth By Being Bored“. I’m fascinated by Bluetooth attacks, so this is a must-see for me.

Panels I won’t be attending:

Getting Root: Remote Viewing, Non-local Consciousness, Big Picture Hacking, and Knowing Who You Are“. The usual hippie horse-pucky.

Any suggestions from anyone else who may be attending? Or presenting? Or wanted to go, but couldn’t?

Snakes on a book.

Tuesday, December 8th, 2009

python

The book on the left is the 4th edition of Learning Python.

The book on the right is this year’s Austin phone book.

Yes, Learning Python is thicker.

No, I’m not sure what that means; I just find it amusing.

Extreme geek humor.

Thursday, November 5th, 2009

Inspired by chapter 6 of Learning Python (the 3rd edition, alas).

IDLE 1.2
>>> A ='A'
>>> A is 'A'
True

(Well, I thought it was funny.)

MIT OpenCourseWare: 6.00, the home game (Part 1).

Wednesday, October 21st, 2009

School has wrapped up for the semester, at least for me. (Yes, I’m aware it is mid-October. Yes, I’m aware normal people are dealing with mid-terms. What can I say; that’s the way the St. Ed’s New College schedule worked out this time around.)

Now that I’ve got some free time, I can engage in some useful projects, like more Project e work (I’ve got a long multi-part post in the works that I hope to finish soon), updating the SDC pages, and perhaps some outside study.

I’ve written here before about the MIT OpenCourseWare initiative, and I decided this would be as good a time as any to start working through 6.00, “Introduction to Computer Science and Programming“. As I was reviewing the various readings, a thought came to me.

“Hey,” I said to myself, “wouldn’t it be nifty to blog this as you’re taking it?”

“That’s a definition of ‘nifty’ I was previously unaware of,” I responded.

“It’d give you some motivation,” I said.

“Why am I talking to myself?” I responded.

“I don’t know,” I said. “Have you considered medication?”

Anyway, my need for psychotropic medications aside, this seems like a good idea, if only to give my loyal readers something to laugh at. So…

Lecture 1.

Course readings.

Getting Started: Python and IDLE.

Problem set 1.

My code for problem set 1. (This has been tested on Project e with Python 2.6.2, on the MacBook with Python 2.5, and on the Nokia with Python 2.5.2. I haven’t tested it on my work machine yet.)

Comments on my code or coding style are welcome; as a matter of fact, they are downright encouraged.