Whipped Cream Difficulties

Black Hat/DEFCON 27 links: August 13, 2019.

August 13th, 2019

I had a lot of trouble finding this on the site, but: the DEFCON 27 media server is here.

“Say Cheese – How I Ransomwared Your DSLR Camera”. Here’s the writeup from the CheckPoint Research website, which is the most detailed I’ve been able to find.
Also from CheckPoint Research: the white paper for “SELECT code_execution FROM * USING SQLite;—Gaining code execution using a malicious SQLite database“.
GitHub repo for the BAL Xilinx package. This is part of the “Defeating Cisco Trust Anchor: A Case-Study of Recent Advancements in Direct FPGA Bitstream Manipulation” presentation, and includes links to the slides and white paper.
I believe these are the most up-to-date slides for “GSM: We Can Hear Everyone Now!“
Stumbled across this while looking for other stuff: “MITRE ATT&CK: The Play at Home Edition“. Slides here.
There’s a long blog post at the McAfee Labs website about vulnerabilities in an industrial control system by Delta Controls. As I understand it, this is the basis for the “HVACking: Understand the Difference Between Security and Reality!” talk at DEFCON.
PenTest Partners post on “Reverse-Engineering 4g Hotspots for Fun, Bugs and Net Financial Loss“.

I’ve got to wrap this up for now, as my lunch hour is almost over. I may try to do a second post tonight, if I find enough additional material to justify one. Otherwise, please share, enjoy, comment, and thank any presenters whose work you found particularly enjoyable or valuable.

Posted in DEFCON, DEFCON 27, Photography, Radio | Comments Closed

Obit watch: August 13, 2019.

August 13th, 2019

Dorothy Olsen. She was 103 when she passed away on July 23rd.

You’ve probably never heard of her, but she was one of the WWII Women Airforce Service Pilots (WASPs). The WASPs ferried military aircraft from manufacturing plants to points where they could then be flown overseas.

Transporting and testing the latest models, towing targets and transferring captured enemy planes, the WASPs collectively flew an estimated 60 million miles from 1942 to 1944. Thirty-eight died in accidents during training or on duty.
From her base in Long Beach, Calif., Mrs. Olsen flew 61 missions for the Sixth Ferry Group in nearly two dozen models, including P-38s, P-51s and B-17s. She flew them to West Coast airfields to be deployed in the Pacific, or to Newark to be deployed in Europe.

The WASPs were initially considered to be civil service employees and not military.

The WASPs were finally recognized as veterans eligible for benefits in 1977 under President Jimmy Carter. In 2010 they received as a group the Congressional Gold Medal, one of the nation’s two highest civilian awards.

According to the paper of record, Ms. Olsen’s death leaves 38 surviving WASPs.

Henri Belolo, co-founder (with Jacques Morali) of the Village People.

I love the caption on that first photo.

Posted in History, Music, Obits | Comments Closed

TMQ Watch: August 2019.

August 12th, 2019

Looks like the NFL is getting fired up again.

Yes, the loser update will return this year. We haven’t sat down to consider which teams are likely candidates for the Owen-16 trophy, but maybe we’ll get some time to do that between now and the start of the regular season.

But we are sure everyone is asking this question: what of Gregg Easterbrook and “Tuesday Morning Quarterback”? Has he found a new home, since the “Weekly Standard” folded up their tent and headed into the long dark night? And what of “TMQ Watch”? Will that be a recurring feature next year?

To answer the last question first: sadly, no. No “TMQ Watch” in 2019. Why?

To answer many inquiries from Tuesday Morning Quarterback aficionados – just finished novel #4, researching nonfiction book #7, there are only so many hours in the day. So no TMQ this season. Not ruling out for future. pic.twitter.com/sKkPielXIM

— Gregg Easterbrook (@EasterbrookG) August 11, 2019

Not our choice, Easterbrook’s. We may try to keep an eye on his Twitter feed for noteworthy items relating to the NFL. But we’ve found that Easterbrook’s Twitter feed is a reliable way of pressure testing our cerebral arteries, so we don’t recommend making bets on how much and how often we’ll be doing that.

Posted in Admin, Books, NFL, Sports, TMQ watch | 2 Comments »

Bagatelle (#13)

August 10th, 2019

Every now and then, I see a story in one of the papers and think to myself, “Dick Wolf’s going to get an episode of ‘Law and Order: Kinky Sex Crimes’ out of this one.”

Today is the first time I’ve ever thought “Dick Wolf’s going to get an entire season of ‘L&O:KSC’ out of this story.”

Posted in Bagatelle, Law, TV | Comments Closed

Black Hat/DEFCON 27 links: August 9, 2019.

August 9th, 2019

Some more stuff I’ve stumbled across from Black Hat:

“All Your Apple are Belong to Us: Unique Identification and Cross-Device Tracking of Apple Devices” by SparkZheng and XiaolongBai. Slides here.
I didn’t flag these as ones I was interested in, but XiaolongBai retweeted links: “Towards Discovering Remote Code Execution Vulnerabilities in Apple FaceTime” by Tao Huang and Tielei Wang, “Attacking iPhone XS Max” by Tielei Wang and Hao Xu, and “Debug for bug: Crack and Hack Apple Core by itself” by Lilang Wu and Moony Li.
“Inside the Apple T2” by Mikhail Davidov and Jeremy Erickson. Slides here.
And now, your break from things Apple: “Infighting Among Russian Security Services in the Cyber Sphere” by Kimberly Zenz. Slides here. I’m excited about this one, and I have a feeling it might pique Lawrence‘s interest, too.
Blackhat version of a DEFCON presentation: “All the 4G Modules Could be Hacked” by Shupeng Gao, Haikuo Xie, Zheng Huang, and Zhang Ye. Slides here.
This has gotten some public attention, so I’m linking it here without comment: “Arm IDA and Cross Check: Reversing the Boeing 787’s Core Network” by Ruben Santamarta. Slides here. White paper here.

I expect to be somewhere between slightly and highly busy this weekend, so updates will be catch as catch can. It might be Monday before I can pull more stuff together, but I’ll try as best as I can to get updates before then.

Posted in Apple, DEFCON, DEFCON 27, Planes | 1 Comment »

Obit watch: August 9, 2019.

August 9th, 2019

Rosie Ruiz, historical footnote. She apparently died in early July, but her death was not widely reported until recently.

For the younger set: Ms. Ruiz “won” the 1980 Boston Marathon, with a “finishing time” of 2:31:56.

But suspicions about her victory arose immediately. Spotters had not seen her at checkpoints along the 26-mile course, and after the race she told a television interviewer that she had run only one other marathon, the 1979 New York City Marathon, and that she had finished that race in 2:56:33.

Eventually, it came out that Ms. Ruiz hadn’t actually finished the NYC Marathon:

New York City Marathon officials invalidated Ruiz’s time after reviewing videotape showing that Ruiz had not crossed the finish line in the time she had mistakenly been assigned by a volunteer, who thought Ruiz was an injured runner.
Days later, Ruiz’s victory in Boston was also nullified. Race organizers there based their decision on about 10,000 photographs taken along the last mile of the race as well as on information supplied by the news media and observers along the route. In addition, at least one witness recalled seeing Ruiz enter the course at Kenmore Square, about a mile from the finish line.

Jacqueline Gareau was declared the women’s winner. According to Wikipedia (I know, I know) her time was 2:34:28, which was a record women’s time for the Boston Marathon.

Posted in History, Obits, Sports | Comments Closed

Black Hat/DEFCON 27 links: August 8, 2019.

August 8th, 2019

So here’s the first round of stuff from Black Hat and DEFCON 27. I apologize that I’m just posting links, but I haven’t had time to really digest any of these presentations, and I want to get the links up while they are still semi-timely:

“Look, No Hands! — The Remote, Interaction-less Attack Surface of the iPhone” by Natalie Silvanovich. Slides here. Google Project Zero blog post here.
“Bypassing the Maginot Line: Remotely Exploit the Hardware Decoder on Smartphone” by Xiling Gong and Peter Pi. White paper here. Slides here. Blog post here.
“Attacking and Defending the Microsoft Cloud (Office 365 & Azure AD)” by Sean Metcalf and Mark Morowczynski. Slides here.
“Reverse Engineering WhatsApp Encryption for Chat Manipulation and More” by Roman Zaikin and Oded Vanunu. Slides here.

I think it’s still early for today’s Black Hat and DEFCON presentations. I may try to get another post up tonight.

Posted in Apple, DEFCON, DEFCON 27 | Comments Closed

Don’t be evil.

August 7th, 2019

I’m seeing reports that Google is deleting gun blogs.

The only one I’ve been able to “confirm” so far is “No Lawyers – Only Guns and Money”: John Richardson has posted on Twitter that his blog has been locked. (Hattip: SayUncle.)

Thing is, one data point doesn’t make a trend, and it could be just incompetent Google support (is that redundant?). Or it could indeed be a Google decision.

My point here is mostly: it doesn’t matter if you’re on Google, or on a third party hosting provider, or even if you own your own server. Back your (stuff) up.

And in that vein, thanks to McThag for the valuable reminder that I hadn’t backed my (stuff) up in a while. A failing which I have since corrected.

Posted in Admin, Backups, Guns | 2 Comments »

Lock, lock, baby, baby.

August 7th, 2019

I missed these the first time around, but the Hacker News Twitter linked to them a couple of days ago. I thought I’d blog them for the benefit of all my lock/computer security/Internet of Broken Things fans.

There’s a type of lock called the FB50 smart lock. It’s manufactured by a Chinese company, and sold “under multiple brands across many ecommerce sites”. As you might guess, it has Bluetooth and an app.

And, of course, it’s vulnerable. Once you get the lock’s MAC address (which, you know, you can get just by looking for Bluetooth devices in the area), you can use a series of HTTP requests to get the lock ID and the user ID, and then disassociate the user from the lock and associate yourself.

Discussion and proof of concept code here.

And the footnotes on that led me to another Pen Test Partners lock exploit (these are the folks who brought you the Tapplock one). This time the target is something called the Nokelock, which is apparently popular on Amazon (“…they do a number of different formats in a number of different body types, sometimes with other unlocking devices, such as a fingerprint sensors. There are other brand names they get repackaged as, such as Micalock.”)

So the Bluetooth packets are encrypted. But…

…the key can be obtained from the API by two methods. All the API requests need a valid API token, which can be obtained by simply creating a user with a throw away email address.

And:

…all traffic, including the user’s traffic is sent via the unencrypted HTTP protocol.

And there’s no authorization for API calls. All you need is a token, which (as noted above) you can get with an email address. Once you’ve got a token, you can grab the information about any lock, “including email address, password hash and the GPS location of a lock”.

And the password hash is unsalted MD5. “This is a cryptographically weak hash type that can be run through very quickly.”

Extra bonus points: the footnotes for the Pen Test Partners entry point to yet another lock exploit, this one for something called the Klic Lock.

An authentication bypass in website post requests in the Tzumi Electronics Klic Lock application 1.0.9 for mobile devices allows attackers to access resources (that are not otherwise accessible without proper authentication) via capture-replay. Physically proximate attackers can use this information to unlock unauthorized Tzumi Electronics Klic Smart Padlock Model 5686 Firmware 6.2

I don’t think I can put it any better than icyphox did:

DO NOT. Ever. Buy. A smart lock. You’re better off with the “dumb” ones with keys.

Posted in Bluetooth, Locks, Radio | Comments Closed

Also an obit watch.

August 6th, 2019

It has been really, really hard to find anything linkable on this, but Lawrence has a post up at his other blog:

Barry Hughart, noted fantasy writer. I’m not a big fantasy fan, but I’ve heard a lot of folks I trust (including Lawrence) rave about the Master Li and Number Ten Ox books. I do want to read them: I just haven’t been able to accumulate copies.

(Of course, if I were sufficiently motivated, Lame Excuse Books could probably take care of that.)

Posted in Books, Obits | Comments Closed

Layers and layers of fact checkers.

August 6th, 2019

I noticed this over the weekend and pointed it out to a few people, but it’s still going on:

Ras G, an experimental hip-hop producer whose kaleidoscopic, throttling beats channeled a wide spectrum of black musical history and established him as a guiding light on the Los Angeles music scene, has died at 39 https://t.co/moOmMKba26

— NYT Obituaries (@NYTObits) August 6, 2019

Posted in Media, Music, Obits | Comments Closed

Obit watch: August 6, 2019.

August 6th, 2019

The NYT is reporting the death of Toni Morrison, Nobel prize winning writer.

Preliminary NYT obit here, which will probably be replaced by a full obit later.

Posted in Books, Obits | Comments Closed

Here’s an odd clipping for you…

August 5th, 2019

Odd because:

1) I don’t like talking about religion.
II) I don’t like linking to ESPN.
c) I don’t like basketball.

With those stipulations: Shelly Pennefather was one of the great women’s basketball players.

She scored 2,408 points, breaking Villanova’s all-time record for women and men. She did it without the benefit of the 3-point shot, and the record still stands today.

After college, she played in Japan for a while. But she felt a calling, so in 1991…

…she became a cloistered nun.

The Poor Clares are one of the strictest religious orders in the world. They sleep on straw mattresses, in full habit, and wake up every night at 12:30 a.m. to pray, never resting more than four hours at a time. They are barefoot 23 hours of the day, except for the one hour in which they walk around the courtyard in sandals.
They are cut off from society. Sister Rose Marie will never leave the monastery, unless there’s a medical emergency. She’ll never call or email or text anyone, either. The rules seem so arbitrarily harsh. She gets two family visits per year, but converses through a see-through screen. She can write letters to her friends, but only if they write to her first. And once every 25 years, she can hug her family.

Don’t really have much more I want to say about this, other than I recommend you read the linked story.

Posted in Religion, Sports | Comments Closed

Obit watch: August 5, 2019.

August 5th, 2019

D. A. Pennebaker, noted mostly as a documentary filmmaker. (“Don’t Look Back”, “Primary”, “The War Room”.)

His political films are now part of the canon, but the scenes from Mr. Pennebaker’s catalog that still circulate most widely are of pop culture figures in action: Jimi Hendrix lighting his guitar on fire in “Monterey Pop”; Elaine Stritch in “Original Cast Album: Company,” exhausted and straining to record “The Ladies Who Lunch” while Stephen Sondheim and others look on in despair; Mr. Dylan showing up the softer-edged singer Donovan in a hotel room crowded with their hangers-on; and the actor Rip Torn attacking Norman Mailer with a hammer at the end of “Maidstone” (1970), one of three eccentric movies directed by Mr. Mailer, for which Mr. Pennebaker served as a cameraman.

Nuon Chea is burning in Hell.

“Who?”

Known as Brother No. 2 — he was second in command to the movement’s founder, Pol Pot, who died in 1998 — Mr. Nuon Chea was convicted of, among other crimes, directing the forced evacuation of perhaps two million people from the capital, Phnom Penh, and overseeing the torture and killing of more than 14,000 people in a notorious prison, Tuol Sleng.
Often described as the movement’s chief ideologist, he was accused of laying out a “master plan” for the transformation of society that included the abolition of money and religion, the extermination of the educated class and the killing and expulsion of ethnic Vietnamese.
In the words of the court’s formal detention order, he planned or directed crimes including murder, torture, imprisonment, persecution, extermination, deportation, forcible transfer and enslavement.

Mr. Chea and Khieu Samphan were the only leading members of the Khmer Rouge who were convicted of any crimes. A third man, Kaing Guek Eav, who ran a prison (and reported to Mr. Chea), was also convicted: two other Khmer Rouge leaders died during the trial.

Mr. Nuon Chea denied involvement in the widespread killings. But in video recordings played to the court, he was heard acknowledging the purges, saying, “If we had shown mercy to these people, our nation would have been lost.”
He added: “We didn’t kill many. We only killed the bad people, not the good.”

Posted in History, Movies, Obits | Comments Closed

DEFCON 27/Black Hat 2019 preliminary notes.

August 1st, 2019

DEFCON 27 starts a little later than I’m used to this year (August 8th, so a week from today.) Black Hat 2019 starts August 7th. Black Hat schedule is here. DEFCON schedule is here.

Again this year, I’m not going. While I feel like I’m moving closer to the point where I’m ready to return (expenses paid or expenses unpaid) I’m not quite where I want to be yet to go on my own dime. And as far as the company paying for me to go…not this year, for reasons I won’t go into. (Nothing bad. At least I don’t think so. Just don’t want to run my mouth about internal stuff.)

So, as usual: what would I go to, if I were going?

Let’s look at the DEFCON schedule first.

Read the rest of this entry »

Posted in Apple, Bluetooth, DEFCON, DEFCON 27, Radio, SDR | Comments Closed

Whipped Cream Difficulties

Black Hat/DEFCON 27 links: August 13, 2019.

Obit watch: August 13, 2019.

TMQ Watch: August 2019.

Bagatelle (#13)

Black Hat/DEFCON 27 links: August 9, 2019.

Obit watch: August 9, 2019.

Black Hat/DEFCON 27 links: August 8, 2019.

Don’t be evil.

Lock, lock, baby, baby.

Also an obit watch.

Layers and layers of fact checkers.

Obit watch: August 6, 2019.

Here’s an odd clipping for you…

Obit watch: August 5, 2019.

DEFCON 27/Black Hat 2019 preliminary notes.

Pages

Happy Amazon Fun Time!

Archives

Categories

Blogroll

BugMeNot

Firearms Reference

People who deserve your support.

Poetry

Reference

RIP

Twitter

Twitter Catholico

Webcomics I Like (without reservation)

Meta