The Vrije Universiteit team found that compact malicious code could be written to RFID tags after all. By replacing a tag's normal identification code with a carefully written message, the researchers found they could exploit bugs in a computer connected to an RFID reader. This made it possible to spread a self-replicating computer worm capable of infecting other compatible, and rewritable, RFID tags.

Exploiting RFID Readers -- Viral RFID Prototype Created

A monstrous discovery suggests that viruses, long regarded as lowly evolutionary latecomers, may have been the precursors of all life on Earth.

Unintelligent Design

Bush, whose aides said they consider the issue a clear political winner, is resurrecting tactics from the last campaign to make the NSA spying program a referendum on which party will keep the United States safe from terrorists. He has dispatched top White House officials almost daily to defend the program and has sent a message to party activists that he considers fighting terrorism with tools such as NSA eavesdropping the defining issue of the November elections

Worth reading. Troublesome.

The story here is not whether or not it ought to be authorized but whether or not is was authorized. Almost no one understands this distinction. The Republican talking points are:
1. Its legal.
2. Its needed to defend America.
3. People raising questions about its legality are partisan hacks who don't care about the safety of the American people.

The problem is that its probably not legal. I haven't seen a legal analysis coming from outside the administration that jives with the position of the administration. But the common man is not going to understand subtle Constitutional questions. The Democrats have to fight this fight, because its a basic separation of power issue. They can't just leave it on the floor. However, they are going to loose the political dialog because you really have to think about this in order to understand it, and most people are incapable of doing that, and many who aren't are partisan enough to be unwilling to do it objectively. If the Republicans loose in court they are likely to be able to spin that its another example of judicial activism and the ACLU hates America, etc...

What it really comes down to is the honesty of the Republican Party at large. They are being told, via this message, to tow the line on this. They are trapped in a position where if they disagree on this issue they must risk the support of the party and their political chances in November in order to take a stand. This issue will not fly if enough Republicans take a stand on it, but its going to be a very, very difficult decision for them to make (which is why Rove is putting the above sort of pressure on them).

On the balance is the entire idea of the rule of law. If the President can simply violate the law at will, argue that the court system is biased, and pressure the legislature into towing the line for political reasons, there effectively is no law. Or, in particular, there is no law with regard to minority interests. As long as the President is capable of garnering popular support for something it can be pursued irrespective of the checks and balances in our system.

The Miers nomination demonstrated that the Conservative legal community is capable of fighting the President when it wants to. This is a time and place where it ought to. We'll see if it has the guts. If it doesn't, we'll have slipped quite far down the slope toward an unravelling of the rule of law...

Rift Between Parties Over NSA Wiretapping Grows

Decius wrote:

It is now possible to define a ping attribute on anchor and area tags. When a user follows a link via one of these tags, the browser will send notification pings to the specified URLs after following the link.

If IE picks this up, MemeStreams could use it...

Viva la Smurf Attack!

I have to wonder if the Mozilla developers have fully considered the implications of this feature. With browser redirect tracking, the company providing the content bears the burden of processing; with the track back mechanism implemented in the client, no such limitation exists. This by itself would not necessarily be a problem, except for the fact that the developers appear to be supporting MULTIPLE track back locations.

This is Bad.

Consider for a moment what kind of havoc that could be reaped by compromising a banner ad server to include a list of track back urls that all resolve to a single, unsuspecting, network. Someone just got a free army of DDoS clients, all courtesy of your friendly web browser. If one considers the implications of this feature being implemented in an html rendering engine, then the consequences of a spammer taking advantage of this "feature" become truly frightening.

Fortunately, all is not lost for this technology. If the track back ping implementation is limited to a single URI, then its potential for abuse becomes equivalent to that of the IMG SRC tag.

RE: Fried Fish: Mozilla Ping Feature

Abstract

Recent announcements of better-than-expected collision attacks in
popular hash algorithms have caused some people to question whether
common Internet protocols need to be changed, and if so, how. This
document summarizes the use of hashes in many protocols, discusses
how the collision attacks affect and do not affect the protocols,
shows how to thwart known attacks on digital certificates, and
discusses future directions for protocol designers.

RFC 4270: Attacks on Cryptographic Hashes in Internet Protocols

May Meeting of The Atlanta UNIX Users Group (AUUG)

Topic: RFID, How it Works and What It Will Mean To You

Speaker: Lindsay Cleveland
Digital Systems Company
Atlanta, GA

Location: Hewlett-Packard Building
20 Perimeter Summit (directly across I-285 from Perimeter Mall)
Atlanta, GA

Date: Monday, May 2, 2005
Time: 7:30pm

(Our speaker has supplied the following)

Radio Frequency Identification (RFID) has been around for several
years, but new techniques are now being used to make it
inexpensively available on a large scale.

The FDA is requiring RFID on pharmaceuticals for tracking/recall
purposes. Vehicle tires are beginning to have RFID embedded in
their walls for the same reason (remember the Firestone flap?).
Some large retailers, such as Wal-Mart, will soon be requiring
them on every item they stock on their shelves.

This talk will detail the newer RFID 900Mhz technology and will
examine privacy implications and Information Technology
challenges. Will we be living in a "Brave New World" or will
this become "Big Brother Is Watching"?

[ Note that the AUUG web site does not yet have the May meeting announcement posted. ]

RFID, How it Works and What It Will Mean To You

Police in Malaysia are hunting for members of a violent gang who chopped off a car owner's finger to get round the vehicle's hi-tech security system.

The car, a Mercedes S-class, was protected by a fingerprint recognition system.

The Downside of Biometrics

just incase anyone didn't believe them already here goes the analysis (I do this sort of thing for a living) first off CherryOS.exe is what we call in the security industry "packed", that means that they have taken a compiled binary and run it through an obfuscator to make it hard to reverse engineer (or at least with hard if all you're doing is strings)...this is common for virus writers, worm writers, 31337 bot net kiddies, and on the legitimate side, game developers do this a lot...its not very common among the commercial (or free) legitimate software market (mostly because it doesn't work and doesn't do any good) so, the easiest way to defeat the packing is simply to let it start up (this one has several annoying checks for debuggers so its easiest to just attach after its loaded)...

the eula for this thing says its a violation to reverse engineer it, but if you do disassemble it you find they never had the rights to license it in the first place, so I don't feel worried to put this here...

if you want to follow along I downloaded a trial copy of CherryOS this morning and I got the latest version of pearpc as of this morning off of sourceforge (not from cvs, just the tarball), I am using windows XP with Interactive Disassembler (IDA)...

ready...here goes:

so the first thing we want to do is find some strings which are common to both, they will not in and of themselves give you the answer you're looking for but they will give us a good starting point, we will then use these to get a context on the code that uses these strings, we will then compare the functions (or in this case class methods) to see if they are similar (or in this case identical)

so, example number one lets look at something in the cpu emulation code (because that is the heart of the code)

direct your editor to cpu/cpu_jitc_x86/jitc.cc line 465 you will see the following small function

extern "C" void FASTCALL jitc_error_program(uint32 a, uint32 b) {
if (a != 0x00020000) { // Filter out trap exceptions, no need to report them
ht_printf("JITC Warning: program exception: %08x %08x\n", a, b);
}
}

first lets see if we can find the format string "JITC Warning: program exception: %08x %08x\n" somewhere in the core memory image of CherryOS

now if you're using IDA attach to an already running CherryOs.exe (not to be confused with mainCherryOs.exe) and regenerate strings or do a direct string search, and search for this exact string...

you will find it in the text segment located at .text:0040E890...now the fact that it exists alone is almost enough to pass summary judgment, but lets keep going so its painfully obvious...

in cherryos.exe at .text:0040E8C0 you will see a reference to the format string from pearpc the disassembled function at this address looks like this (don't worry details will be explained in a bit)

.text:0040E8C0 sub esp, 0Ch
.text:0040E8C3 cmp ... [ Read More (1.6k in body) ]

Advanced binary analysis of CherryOS: proof of theft

A theory of the Hindenburg fire that has recently gained popular acceptance proposes that the paint on the outer surface of the airship caused both the fire and its rapid spread. However, application of physical laws and numerical calculations demonstrate that the theory contains egregious errors. Specifically: (1) The proposed ignition source (an electrical spark) does not have sufficient energy to ignite the paint. (2) The spark cannot jump in the direction demanded by the theory. If a spark were to occur, it could jump only in the direction that the author of the theory has shown will not cause a fire. (3) The most obvious flaw in the theory is the burn rate of the paint, which, in the theory, is likened to solid rocket fuel. The composition of the paint is known, and it is not a form of solid rocket fuel. Even if it were, it would, at best, burn about 1,000 times too slowly to account for the rapid spread of the fire. For example, if the Hindenburg were coated with exactly the same solid rocket fuel as that used in the Space Shuttle solid rocket boosters, it would take about 10 hours for the airship to burn from end to end, as compared to the actual time of 34 seconds. The arguments and calculations in this paper show that the proposed incendiary paint theory is without merit.

The Hindenburg Hydrogen Fire: Fatal Flaws in the Incendiary-Paint Theory

Instead of waiting weeks for computers to grind out solutions to complex problems, scientists may someday get answers instantly thanks to a new type of "oracle" computer that will have all the answers built in, predict Duke University computer scientists and engineers. When a question is posed, the computer will provide the answer already paired with the question in the very structure of the computer's processing unit.

'Oracle' Computer Could Have All the Answers Built In