] Interz0ne III was a blast.

Acidus has posted a review of Interz0ne3.

Interz0ne 3 - Review, pros and cons

DEVELOPERS DEVELOPERS DEVELOPERS DEVELOPERS
DEVELOPERS DEVELOPERS DEVELOPERS DEVELOPERS
DEVELOPERS DEVELOPERS DEVELOPERS DEVELOPERS
DEVELOPERS DEVELOPERS DEVELOPERS DEVELOPERS

DomoKun Developers Video [WMV]

The slides from Greg Conti's talk about Network Security Data Visualization are available here.

Greg gave a very good talk. Many links and references to visualization tools.

Interz0ne3 Network Security Data Visualization

As the tradition goes for Hacker Cons in the SouthEast, a list of reasons to attend is usually constructed. They are always slanted in a given direction due to the events of the last year, and the expected events of the next. Yuck it up, and/or add your own.

- Everything we have told you, for years now, has either come to pass or been partly true.
- You desire to test your ability to be evasive.
- Your paranoia is more of a fine tuned skill rather then a serious disability, but you still can't turn it off. You are coming to find a new drug.
- You have studied the art of lurking.
- You are not looking for a job.
- The whole September 11th thing still pisses you off.
- You know where certain streets are in every major American City.
- You love DARPA.
- You are terrified of DARPA.
- You called on information systems, but you still have not found an occupation. You are busy watching the detectives scurry as everyone hurries down doomsday.
- You use no crypto because the emperor wears no clothes.
- You have built infrastructure, not weapons.
- You know infrastructure and are a weapon.
- Arguing about Bill Joy being right or wrong has reached the point of diminishing returns, you would rather just help the process along.
- You suddenly realized that the "jokes" you make in the subject headers of all the encrypted email you send might be taken seriously.
- You'd be worried about you too, and all your friends.
- Since turning 18, every company you have completely destroyed or damaged financially, your own and those of others, has been accomplished via completely acceptable and legal American style business practices, by both post and pre Enron standards, for whatever the fuck that's worth.
- Many of us are well aware of the amateur bands.
- You are happy about Lessig's new book because if people read it, it will save you time.
- Offline its all about location, online its all about licensing.
- Power systems have always been a common topic of discussion.
- You were born to argue.
- Your college diploma has not opened any doors for you.
- Not having a college diploma has shut doors you installed.
- You have a copy of The Prince in one hand and Art of War in another.
- Regardless of who is in office, you have always part of the loyal opposition.
- You are looking for something to blog about, again.
- You are aware the term Social Network has existed since the 1800's.
- Corporate engineering of grouping architecture might best be called Industrial Memetics.
- Diebold is putting the security of future elections at serious risk, and someone is pulling their strings.
- You are the government, but the constituency is not clearly defined.
- You have a search technology that does not fall under Google's patents.
- Microsoft is trying to kill you, and you have been told by trusted parties this i... [ Read More (0.3k in body) ]

knockd is a port-knock server. It listens to all traffic on an ethernet interface, looking for special "knock" sequences of port-hits. A client makes these port-hits by sending a TCP (or UDP) packet to a port on the server. This port need not be open -- since knockd listens at the link-layer level, it sees all traffic even if it's destined for a closed port. When the server detects a specific sequence of port-hits, it runs a command defined in its configuration file. This can be used to open up holes in a firewall for quick access.

knock - a port-knocking implementation

From Randy Bias's blog. Click through for links..

] An earlier article touched on pen-testing, exploits, and
] the Metasploit Framework. A ZDNet article talks about the
] newly released Metasploit Framework version 2.0, which
] has powerful new abilities. One amazing new capability is
] a remotely loadable PERL interpreter; shown here in
] action.
]
] With only 240 bytes of shellcode payload you can open a
] local socket, make an outbound connection and download a
] full PERL interpreter to the exploited machine (~400K).

Again, there is a whole subset of skills I continue to feel fully justified in wasting no time developing. Given toolkits like this, much of the elbow work involved with crafting sophisticated attacks is not necessary.

Someone else can construct the exploit, you can use someone else's tools for the first stage payload, and have the benefit of a high level language by the point its time for anything unique.

Sheesh.. Construction of weapons continues to get easier.

] This is a pretty amazing amount of power for both
] researchers and unfriendly hackers. The capabilities of
] these tools are just going to increase over time and
] seriously highlight the need for strong defense-in-depth
] capabilities. It takes a comprehensive security strategy
] to meet these increasingly sophisticated kinds of tools.
]
] There will undoubtedly be some debate about the propriety
] of releasing tools such as this, but realistically we can
] assume that tools like this already exist inside
] government agencies and other entities with deep pockets
] and an interest in taking this technology to the next
] level for their own purposes.

Kung-fu has been further automated. The bar, continues to drop. Lets hear it for wind resistance in the face of full on freefall. Open source arms races..

Insights into Information Security: Metasploit Releases 2.0 Framework

Decius wrote:
] Acidus wrote:
] ] -Furthermore, the infrastructure itself causes me to violate
] ] the laws without even knowing it.
]
] It is my opinion that laws ought to apply to people and their
] behaviors, rather then technologies and their architectures.
] There are cases where technologies make new behaviors
] possible, and in those cases we need new legislation, but
] simple ideas such as the notion that a private conversation is
] private ought to apply without respect to the technological
] mechanism through which the conversation takes place.
]
] In almost all cases where it has been argued that old laws do
] not apply or that new laws must be created because of the
] technical architecture of a system, such arguements are almost
] always wrong and consistently employed dishonestly.

There is another way to attack the problem. Explicit licensing. If IM clients understood what terms text typed in a given discussion space or chat room were licensed under, then many of these problems would start to dissolve. Or at the very least, could be approached in a different way.

You gave the example of +i on an IRC channel indicating that its more private. I'm of the opinion that they type of social cues are what we need to foster the development of to attack these particular set of problems.

In certain venues, you know its acceptable to record, such as when a public official is speaking. In other venues, you know it is not acceptable to record, such as seeing a play on Broadway or a Rolling Stones concert. Other areas, are very grey, like open mic night at your local coffee house. The only way to attack the problem is through the creation of shared conventions.

The law should not address the architecture, but the architecture can address the problem in a way the law already allows. That would be the path of least resistance. In this case, recording consent law is different from place to place. IP law is the same, hence, that may be the best way to tread.

I think a way to distinguish if you are speaking with a "public" or "private" voice in regard to IM and chat rooms is a "good idea"(tm). I think it should follow the place, as opposed to the speaker.

RE: Chat, Copy, Paste, Prison

Jeremy wrote:
] The moral is obvious. You can't trust code that you
] did not totally create yourself.

If any discussion about secure computing platforms goes on long enough, this paper will come up. Its a flavor of Goodwin's law. Goodwindows law? Heh..

Good topic to spin into a pre-Interz0ne rant. I agree with you in your bold, in that having code is not the end-all be all of trustworthy computing bases or anything like that. Some interesting things have been done with polluted compilers as well..

A long time ago, this was my motivation for knowing how to bootstrap a compiler and base OS. I guess that places a fair amount of trust in GNU, OpenBSD, or others, and many eyes making the difference. I attempted to make sure I understood the chain of dependencies necessary to make basic server type functions happen.

On a personal computing level, I suck. I own an Apple. For the record, that's giving in, not selling out. I don't care to take the time rolling my own of anything most of the time.. I just want it to work. However, if I ever found proof of my personal privacy trust being compromised by deliberate holes in my hardware or software, I would find myself very, very, very angry about it. Matters of physical security in relation to software/hardware are another matter. Its just as easy, and more likely, to have your hardware compromised physically by any powers who would be powerful enough to pull the strings on deliberate pre placed software holes from vendors like Apple, RedHat, Sun, or Microsoft.

The "mad rogue coder with silver bullet" risk is less likely in the public (read: open source) sector by virtue of more review. I'd think so anyway. On the other end of things, you know the feds look over what they use. If an intelligence agency such as the NSA found a serious deliberate hole in a piece of open code, I'd like to think that efforts to see it removed from the mainline branches would be taken, and an investigation started by other agencies to figure out how it got there. The source of such things would be a major concern, in the most general of ways. In that context I'd think that national security would have a larger focus. Keeping a hole secret would only make sense if you were the only one holding the secret, or knew definitively who the other holders were.

I'd like to think that our government would not be behind placing deliberate holes as well, but I'm also naive for breakfast. They were fans of key escrow type schemes in the past.

Someone _is_ keeping all the major distribution folks on their toes. I think I've seen a news story about "attempted breakins" on just about every major open OS's source distribution site, as well at other key pieces of code. People are aware of and do think about these type of code compromises..

From the perspective of joe hacker. When it comes to trade craft, knowing is half the battle. The other half, ... [ Read More (0.6k in body) ]

RE: ACM Classic: Reflections on Trusting Trust

In a letter mailed on Friday to the Reporters Committee for Freedom of the Press, Scalia, calling the organization's concern "well justified," wrote: "You are correct that the action was not taken at my direction. I was as upset as you were."

I like green eggs and ham!
I do, I like them, Sam I Am!

Justice Scalia said in the letter to the Reporters Committee that the controversy had caused him to revise his policy "so as to permit recording for use of the print media" to "promote accurate reporting." He indicated he would continue to ban the recording of his speeches by the broadcast press.

All media are created equal, but some are more equal than others.

Scalia Apologizes for Seizure of Recordings

] Ms. Konz and a reporter for The Associated Press, Denise
] Grones, were seated in the front row. They began to take
] notes. And when Justice Scalia began speaking, they
] clicked on their tape recorders.

The irony here is the kind that makes you feel sick inside.

] But this is the United States in the 21st century where
] the power brokers have gone mad. They've deluded
] themselves into thinking they're royalty, not public
] servants charged with protecting the rights and interests
] of the people. Both recordings were erased. Only then was
] the reporters' property returned.

This was a public speaking engagement. It was at a High School. Its not like this was someone recording a gathering among friends, or some clear gray area where there might have been some ability to exercise "privacy rights".

] When agents acting on behalf of a Supreme Court justice
] can just snatch and destroy information collected by
] reporters, we haven't just thumbed our nose at the
] Constitution, we've taken a very dangerous step in a very
] ugly direction. The depot at the end of that dark road is
] totalitarianism.

The above quote saves me having to come up with and type something to express similar sentiment. It makes me feel all warm and fuzzy inside to know if Justice Scalia does the same, he would prefer I not pass it along..

] "It protects journalists not just from newsroom searches,"
] she said, "but from the seizure of their work product
] material, things like notes and drafts, and also what's
] called documentary materials, which are things like these
] tapes, or digital recordings."

I guess the lesson here is that if you have a recording device on site, make sure its storage is located in a place fully within your control, several blocks away. The lesson is noted, the spectrum and services are there to do it several ways "legally". In that shitty future we keep hearing bits and pieces about, when public officials engage in public speaking engagements, will we have to square off SIGINT and IA chops with the Senior Services on hand?

] Ms. Konz told me: "All I was doing with that tape recorder
] was making sure that I was not going to misquote the
] justice. My only intention was to report his words accurately."

I'd really like to hear Scalia's justification for not allowing people to record him at large gatherings.

NYT Op-Ed: A Justice's Sense of Privilege