Added May, June, and July 2011.
There’s only been one SDC in August, and I need to get some information before I post that. Also, I need to back fill some information for one of the May conspiracies, and add Lawrence’s comments when he gets them to me. (This isn’t badmouthing him; he’s tied up and will get them to me as soon as he can.)
I’m thinking about converting the SDC to a more standard blog format, but I haven’t made up my mind if and how I’m going to do that yet.
Chicago Cubs general manager Jim Hendry out.
Does anyone know if the Cubs are, officially, mathematically eliminated yet? I want to make sure my bet with Lawrence is properly settled.
(Subject line hat tip: come on, if you don’t know the words of the national anthem, what’s wrong with you? Okay, it isn’t the national anthem, but it should be. Either that, or Dave Van Ronk’s “Last Call”.)
Tuesday! Tuesday! Tuesday! Nitro-burning Tuesday Morning Quarterback after the jump!
The gentleman is charged with stealing the forklift (duh), drinking while driving (and that should be pretty easy to prove, since he’s also charged with throwing beer bottles at traffic), evading police, and…aggravated assault. Aggravated assault? Does that mean that he…tried to kill someone with a forklift?
Also, it is apparently not a good idea to follow a police chase and film it with your iPhone. Important safety tip there, guys.
Yes, TMQ is back. WCD is a bit tied up, but we hope to have the first TMQ Watch of the new season up tomorrow later today. We would have sworn we’d posted this last night…
I am a shy and private person.
Whenever someone does the “go around the room and introduce yourself” thing, I cringe. When my turn comes up, I give the minimum amount of information I can get away with: basically name, rank, and serial number.
(As a side note, there’s a story in Chuck Hustmyre’s book, Killer with a Badge
Tycho’s promotion of Google-, “the social network for narcissists”, has a certain emotional resonance for me. (Though I don’t consider myself to be a narcissist; just, as I said earlier, almost pathologically retiring.)
My resistance was never about privacy. I don’t trust Facebook, Google, or any other large corporation (as I’ve said before, anyone who trusts a large corporation, outside of the bounds of a legally enforceable fiduciary duty, should have their sanity checked), but I believe I’m smart enough to manage the privacy issues.
There was a strong element of drama avoidance going on. I didn’t (and don’t) want to water people’s Farmville crops or get caught up in all the other various interpersonal dramas that seemed to play themselves out on Facebook. Not having a Facebook account gives me what the Nixon administration called “plausible deniability”.
So “Why did ‘mr. anti-social networking’ decide g+ was worthwhile?” to quote an email I received this morning?
Two reasons:
So, yeah, I’m on Google+ now. I’ll probably add a link to the contact information. I’m following Lawrence’s policy; I only add people to my “Friends” circle if they can pick me out of a police lineup. However, the nice thing about Google+ is that I can have another circle for people who don’t meet that criterion. Indeed, I can have many circles; one for fellow bloggers, another for people I like but who would fail the police lineup test, another for family, and even another for the mothers of my illegitimate children. (Just kidding, Mom. I don’t have any. That I know about.)
The fun never stops here at WCD. Watch this space for more random G+ thoughts as they come to me.
(And thank you, again, to my friend, who shall remain anonymous to protect his/her privacy.)
Today’s LAT brings word that MGM Resorts International wants to stage another building implosion in Vegas.
The target in this case is unusual: the Harmon tower, part of MGM’s City Center project.
More:
I know I drove past the Harmon (because I remember seeing the Cosmopolitan) but it doesn’t stand out in my mind.
(To be fair, though, I didn’t drive the Strip as much as I did on previous trips; I was staying at the Rio, which is off-Strip, and given traffic on the Strip, I found it easier to drive Paradise or Koval to Flamingo, then go up Flamingo to the Rio.)
(Speaking of Vegas, there’s a Gilley’s in front of Treasure Island now? What the heck?)
(How common are “strong earthquakes” in Las Vegas, anyway? I don’t recall Nevada being a seismically active zone.)
If you’re going to sell “lobster salad” in your store, it is a very good idea to make sure that your “lobster salad” contains actual lobster.
No, I’m not convinced by the argument that crawfish is close enough to lobster for it to count.
Added links to the following presentations:
“Earth vs. The Giant Spider”: This was described as a collection of weird, bizarre, freaky, and unusual hacks compiled by the presenters during penetration tests. I figured this would probably be a high energy, lots of fun, lots of laughs panel. I ended up kind of disappointed. Maybe high energy is too much to expect at 10 AM on DEFCON Sunday, but the presenters seemed curiously subdued. (This may have had something to do with non-functional equipment that resulted in them having to drop the live penetration test portion of the presentation.)
As for the hacks…well, okay, owning an entire country’s credit card processing (bypassing the firewall by sending packets from source port 0) is kind of cool. Getting cheap food from a restaurant chain by hacking a Javascript that communicates with a 3rd party server, and doesn’t validate data being sent from the restaurant’s website to the server? Meh. The story about cloning the support mailbox on an old ROLM PBX (default field service user ID/password) which ended up with the penetration testers doing Checkpoint support for one of the corporate users? Mildly funny. The other hacks (doing a HTTPS man in the middle attack with a self-signed certificate, and using information gathered that way to hijack a session to an external VPN by cloning cookies; high-def IP cameras with undocumented default accounts located right over keyboards, Oracle session hijacking), well, maybe you just have to have been there.
As for the “Caucasian-American love hack” (in which they were able to guess an admin’s password from his profile on an Asian-American dating site), I felt more pity for the poor admin, who was probably just looking for love (and not even in all the wrong places) rather than admiration for the penetration testers. Sorry, guys: I know your intentions were good, but this didn’t click with me. It may just have been a personal thing: YMMV.
“Seven Ways to Hang Yourself with Google Android”: An excellent presentation by Yekaterina Tsipenyuk O’Neil (Fortify) and Erika Chin (UC-Berkeley) about the major mistakes programmers making developing Android applications. Specifically:
(Edited to add 8/10/2011: I’ve added a link to the final version of this presentation.)
“Build your own Synthetic Aperture Radar”: So this wasn’t as dangerous as I expected (the radar is low-power) and it wasn’t quite as awesome as I expected. But this was a decent presentation on radar technology, starting with an overview of basics and proceeding onwards to discussion of a homebrew radar system.
One minor problem with this presentation was that the presenter (Michael Scarito) had converted his system to use a custom-built data acquisition board (previous versions used a sound card and MATLAB) and didn’t have build documentation for that board prepared yet. However, much of Mr. Scarito’s work is based on other work done at MIT. The slides for the talk are not currently online, as far as I know, but here’s a link to a MIT Open Courseware presentation that gives exact, step-by-step detail, parts lists, and other resources for a very similar project (cited by Mr. Scarito in his presentation).
“Wireless Aerial Surveillance Platform”: UAVs are fun. UAVs that have onboard computing power to crack WEP encryption are more fun. UAVs that add the ability to spoof cellular base stations are even more fun. UAVs that have the ability to communicate with a remote server and offload heavier computational tasks (like attacking WPA) are perhaps the most fun of all. Note: the link above doesn’t go to slides, but to the build blog maintained by the two presenters (Mike Tassey and Rich Perkins). The build blog provides a lot more detail than the presentation, and includes resource links. Very well done, gentlemen.
“SCADA & PLCs in Correctional Facilities: The Nightmare Before Christmas”: Borepatch posted a few days ago about a presentation at Black Hat on SCADA vulnerabilities. You could consider this the other shoe dropping.
Summary: many prisons and jails depend on programmable logic controllers (PLCs) to do things like unlock and unlock cell doors. Usually, these PLCs are all controlled from a central control center, so all you have to do, once you find a PLC vulnerability to exploit, is to get your exploit code into the central control center.
“But they aren’t connected to the Internet, right?” Sometimes they are: the systems need to get updates, or send information to other systems, or communicate with other people (food service vendors, for example). Sometimes the systems aren’t connected to the Internet, but other systems they connect to are. (The presenters cited one example where someone was able to upload arbitrary files to the wireless system on a patrol car, and from their to a central jail control system.) Someone could carry an exploit in on a USB drive.
“But the people who run these systems don’t go out to arbitrary sites, right?” The presenters cited examples, from their personal experience, of correctional institution employees watching videos on the Internet, checking GMail accounts, etc. Friend the right correctional institution employee on Facebook…
“But they couldn’t do anything bad, right? I mean, if they open the cell door, the control panel shows it, and won’t the guards catch them?” As for the guards catching them, I remember a story from Pete Earley’s book The Hot House: Life Inside Leavenworth Prison
(“Christ, what an imagination I’ve got.” Spot the reference, win a cheese.)
(Edited to add 8/10/2011: I’ve added a link to a white paper by the presenters that pretty well summarizes their presentation and findings.)
That concludes my DEFCON 19 roundup. As more of the presentations get online, I’ll be adding links to them, and there will probably be one or two update posts. If you attended a panel I missed at DEFCON 19, and think it is worth linking to, please feel free to mention it in the comments. Responses from presenters are also welcome, especially if I mis-represented or misunderstood a point.
Closing ceremonies ran a little long last night, and I went to bed pretty much immediately after they ended. I seem to be coming down with a cold or allergies or some sort of creeping DEFCON crud.
Please bear with me; I’m about to check out and leave for the airport, but I’ll have the notes for the last day up as soon as I possibly can.
What the well-dressed gun blogger is wearing at DEFCON 19:
“Safe to Armed in Seconds: A Study of Epic Fails of Popular Gun Safes“: Confession time. I didn’t just watch this panel, I actually volunteered for part of it. I don’t think that compromised my objectivity, but better to be up front about it.
Deviant Ollam’s presentation concentrated on the smaller handgun safes, specifically the GunVault Microvault MV500, the BioBox, and the LokSAF PBS-001. Summarizing:
“DIY Non-Destructive Entry“: I missed this and “Battery Firmware Hacking” because I was still caught up in stuff from the gun safes panel. Sorry.
“Smile for the Grenade! ‘Camera Go Bang!’“: Nice guys, good presenters, total failure. The basic idea was to build a clone of military throwable/launchable video camera systems, using off-the-shelf parts (including the perfectly legal and not a destructive device at all 37mm grenade launcher) at a fraction of the cost. This looks like it could be a promising project, but the presenters only started working on it three months before the con, and only did their first test run the weekend before DEFCON. It didn’t go well; the powder they used to load their grenades was apparently defective, and they got no video. While it is interesting to see how small (and cheap!) wireless video cameras have gotten ($20 for the cameras they used, and $80 for the receiver), this is a presentation that should have been shelved for a future DEFCON.
“This is REALLY not the droid you’re looking for…”: From those wonderful folks who brought you Android rootkits, yet another Android exploit. Summary: because of Android’s design, and Google’s lack of strict enforcement of their user interface guidelines, it is possible to build an app that:
This is a very high level summary; the authors went into much more detail about how to build this kind of application in their talk. And it’s not really easy to fix the problems that enable an application of this sort without changing both the Android OS and the way Google/the Android Market does things.
