| |
Current Topic: Technology |
|
Unique Fingerprints Identify Wireless Users |
|
|
Topic: Technology |
5:00 pm EDT, Sep 5, 2006 |
A new security technique promises to uniquely identify any WiFi device in the world, so hackers cannot hide behind a fake MAC address. Every wireless device has a unique signal "fingerprint" produced by variations produced in the manufacturing process for silicon components, according to Dr Jeyanthi Hall, of Carleton University in Ottawa. As a doctoral student, Dr Hall analysed the RF signals of fifteen devices from six manufacturers, and found it was possible to distinguish clearly, even between devices from the same manufacturer. Using "transceiverprints," Dr Hall got a detection rate of 95 percent, and a false positive rate of zero, according to papers submitted to various conferences, including IEEE events on wireless and security. She achieved this reliability in the task of "recognising" the transceiverprint from a pre-recorded set - a job which could usefully be built into a wireless IDS, she says in the paper. Beyond this, things could get even more exciting: "It would be interesting to identify the correct transceiver (from the set of all profiled transceivers), using the same set of transceiverprints," she goes on. Hall used a probabilistic neural network to work out the transceiverprint and compare it with stored prints. Although the signal processing equipment and analysis software is specialised at present (see a brief by account software vendor Mathworks) it could eventually be delivered on a more general-purpose signal processer system, Dr Hall hopes, according to a report in Electronic Engineering Times. Limiting network access to specific devices using MACs has been a possible security technique for some time, and is included in many WiFi systems. However, it has mostly been dismissed by security professionals, as it is easy to spoof the MAC address of a device. Comparing the MAC to a pre-recorded transceiverprint would make an access control list based on devices feasible again.
Nothing new here. Just a new application of existing technology. Unique Fingerprints Identify Wireless Users |
|
LiveView: Forensic tool converts dd images to VMWare format |
|
|
Topic: Technology |
1:23 pm EDT, Aug 30, 2006 |
"Live View is a Java-based graphical forensics tool that creates a VMware virtual machine out of a raw (dd-style) disk image or physical disk. This allows the forensic examiner to "boot up" the image or disk and gain an interactive, user-level perspective of the environment, all without modifying the underlying image or disk. Because all changes made to the disk are written to a separate file, the examiner can instantly revert all of his or her changes back to the original pristine state of the disk. The end result is that one need not create extra "throw away" copies of the disk or image to create the virtual machine.
LiveView: Forensic tool converts dd images to VMWare format |
|
ICANN oks Tiered Pricing for .biz/.info/.org |
|
|
Topic: Technology |
10:29 am EDT, Aug 25, 2006 |
Vint Cerf/ICANN confirm my interpretation of .biz/info/org proposed contracts—tiered/differential domain pricing would not be forbidden I finally got the “official” word from Vint Cerf of ICANN, “on the record”, who confirmed that my interpretation is correct, that differential/tiered pricing on a domain-by-domain basis would not be forbidden under the .biz/info/org proposed contracts. This means that the registries could charge $100,000/yr for sex.biz, $25,000/yr for movies.org, etc. if they wanted to—it would not be forbidden the way the proposed contracts are currently written. This would represent a powerful pricing weapon for registries, and a fundamental shift in possible domain name pricing, that could lead them to emulate .tv-style price schedules. It doesn’t mean they will necessarily do it, but it’s not forbidden. When a contract doesn’t forbid something bad, it implicitly allows it.
ICANN oks Tiered Pricing for .biz/.info/.org |
|
Personal Firewalls Ineffective at Outbound Traffic Compliance |
|
|
Topic: Technology |
12:46 pm EDT, Aug 24, 2006 |
"More and more security research comes to the conclusion that personal firewalls are ineffective in controlling outbound traffic."
(sarcasm) I've never thought of that before. Wow, I guess they are right. (/sarcasm) Kerio. IP Tables. ipfw. ipf. But that's just blocking ports -- are there any open-source outbound content compliance packages? Personal Firewalls Ineffective at Outbound Traffic Compliance |
|
Topic: Technology |
10:35 am EDT, Aug 22, 2006 |
SSHFS is a really nice piece of software, because it just makes your life just a bit easier. It can 'mount' a directory of a remote SSH server and you can use it as a normal directory.
About time. NFS + SSH = SSHFS |
|
Topic: Technology |
10:27 am EDT, Oct 27, 2005 |
This fellow has created a small, simple DIY synth that you can build (provided you have a little experience with electronics) at home. DIY Small Synth |
|
Gmail: Not an agent of piracy |
|
|
Topic: Technology |
3:31 pm EDT, Apr 7, 2005 |
Just discovered something interesting; gmail won't allow you to recieve RAR files. I had the occasion to need to recieve a RAR file with some documentation in it and discovered, much to my dismay, that gmail blocked the arbitrary extension ".rar". I changed the file to .tar, which passed through unimpeded, thus showing that no file-type detection is being used. Quite disturbing for those who use RAR for things other than piracy. |
|
Bullshit Phrase Generator |
|
|
Topic: Technology |
11:41 am EDT, Jun 3, 2004 |
This is useful for writing business plans, or just filling in your resume. It's funny, but at times, it just makes your head want to explode. Bullshit Phrase Generator |
|