About
(Lots of) Thoughts and (a few) rants about those shiny things we call computers
Accounts
Groups
Newer posts are loading.
You are at the newest post.
Click here to check if anything new just came in.
Click here to check if anything new just came in.
February 09 2010
February 08 2010
Suppose you're a government, and some of your citizens are selling weapons (0day).How do you react? My guess? You prosecute them.m
February 03 2010
IMPRESSED by the content discovery feature of the new Burp. Well done @portswigger!
February 01 2010
Conf review of a product with no public documentation nor security reviews. Pretty interesting stuff.
January 30 2010
Unconfirmed technologies
Sometimes you see a technology which looks like magic. Happens all the time in security, more often in IT, not so often in real world.
Steorn, for instance, just demonstrated Orbo, its new free energy technology. Violating one of the core principles of (not so) modern science. However, the demo itself was nothing worth of note. It's the tiny, small quote at the end "next week, come and try: measure with your own equipment".
The trick is not showing some magic. It's having people actually use it. It's one of the oldest techniques in the world, and made fortunes in IT (remember? Shareware). Any product has to learn from that: put down the barrier, release "easy to try at home" products, have people see for themselves. A video won't do it, nor will a live demo. OpenSource developers (including me) should learn it.
Steorn, for instance, just demonstrated Orbo, its new free energy technology. Violating one of the core principles of (not so) modern science. However, the demo itself was nothing worth of note. It's the tiny, small quote at the end "next week, come and try: measure with your own equipment".
The trick is not showing some magic. It's having people actually use it. It's one of the oldest techniques in the world, and made fortunes in IT (remember? Shareware). Any product has to learn from that: put down the barrier, release "easy to try at home" products, have people see for themselves. A video won't do it, nor will a live demo. OpenSource developers (including me) should learn it.
Ok now I'm impressed. The demo itself was bullshit,BUT if you can actually measure in vs out yourself then we might have an "issue"..#steorn
RT @Vibroseis: Steorn audience strangely silent considering the laws of physics have apparently just been broken.
January 29 2010
Looking forward to steorn "demonstration". These are the moments I would love to have no scientific training at all.
Modern magicians
Recently, I have been asked to write a non-tech article about pentesting and vulnerability research. As it might be interesting to some readers, I decided to share a few fragments here.
Since my early days with computers, I have always cited this Clarke's Law to people astonished by technology artifacts. These days, I am still using the same quote while explaining my job as a pentester to non-technical persons. Beyond the shadow of doubt, security testing is far away from magic being a complex technology-based process. It requires a proper mix of scientific know-how, creativity and expertise on cutting-edge technologies. Staying on top of the latest in vulnerabilities and computer attacks requires continual study, in-depth research, as well as continual discussions and feedback with fellow security professionals.
Understanding incoming threats or even discovering new vulnerabilities gives a crucial advantage over potential aggressors. It allows system owners to protect their installations in spite of the public spread of critical flaws. In the long term, it also provides important insights which are useful to design more secure technologies for the future. As 0days are a product of an intensive research work, vulnerability research activities are essential for pentesting.
Hacking is about skills, dedication, patience, passion and creativity. Properly mixing these elements makes possible to experiment with computers (and not only!). During a pentest, trying to understand how systems work and using them in an unconventional way is the key to circumvent protections and exploit vulnerabilities. After all, security testing is just about mastering technology and doing magic tricks.
"Any sufficiently advanced technology is indistinguishable from magic"
Arthur C. Clarke
Since my early days with computers, I have always cited this Clarke's Law to people astonished by technology artifacts. These days, I am still using the same quote while explaining my job as a pentester to non-technical persons. Beyond the shadow of doubt, security testing is far away from magic being a complex technology-based process. It requires a proper mix of scientific know-how, creativity and expertise on cutting-edge technologies. Staying on top of the latest in vulnerabilities and computer attacks requires continual study, in-depth research, as well as continual discussions and feedback with fellow security professionals.
"0days are a device to prove that a client is unready to handle the unknown"
Pete Herzog
Understanding incoming threats or even discovering new vulnerabilities gives a crucial advantage over potential aggressors. It allows system owners to protect their installations in spite of the public spread of critical flaws. In the long term, it also provides important insights which are useful to design more secure technologies for the future. As 0days are a product of an intensive research work, vulnerability research activities are essential for pentesting.
"I’ve always said that hacking is not about skill set. It is mostly about dedication, patience and a lot of motivation"
Pdp, GNUCITIZEN
Hacking is about skills, dedication, patience, passion and creativity. Properly mixing these elements makes possible to experiment with computers (and not only!). During a pentest, trying to understand how systems work and using them in an unconventional way is the key to circumvent protections and exploit vulnerabilities. After all, security testing is just about mastering technology and doing magic tricks.
January 28 2010
RT @sandrogauci: Multiple Vendor HTML Form Protocol Vulnerability on DOE-CIRC referencing my papers due to "Firefox XPS IRC Attack" http ...
January 25 2010
RT @tomaszmiklas: RT @samykamkar: New NAT-to-NAT client-server tunneling method, *no* 3rd party, server doesn't even know client IP http ...
January 19 2010
RT @hdmoore: Tavis Ormandy drops it like its hot: local user to ring0, NT 3.1 -> Win7 (code provided w/workarounds): archives.neohapsis.com/...
January 16 2010
Twitter do you know if the Cost-To-Compromise (how much it costs to HACK, not DOS, a target) has been formalized before?
January 15 2010
A note on GenApple and the security community http://blackfire.soup.io/post/41720650/Once-youre-sold-you-cant-stop
My @tomaszmiklas @_snagg @m_melewski @_ikki @ChrisJohnRiley Tnx guys, ended up with just the jokes on how good the pr would have been in 90m
Once you're sold, you can't stop.
Some of you know I'm quite hostile towards selling exploits and vulnerabilities.
I've debated the thing with a lot of friends, and still can't see the actual difference with selling weapons, nor I can buy the "I get paid for my work" attitude. I can see too many flaws in the logic... but never mind, this is not the point of the post.
I've just been made aware of GenApple, https://www.genapple.com/. GenApple is a startup allowing people to sell their knowledge.
Right now, the site is full of recipes, cheat codes and "how to get rich fast" documents.
However, it made me wonder: what if the underground community actually starts using one of these tools?
It is a scenario that cyberpunk readers are familiar with: in Stephenson's Snow Crash selling data is what the main character (Hiro Protagonist, btw) does for a living.
But what if all of sudden such scenario goes real?
Right now, hackers go to conferences for free (well, most of them and most of the conferences). They share their knowledge for the sake of it, and for a little celebrity maybe, which in turn can become money at some point.
Yet, the hacker community has always been driven by the idea that "information wants to be free". Maybe not for everybody - we've always got "inner circles of whatever" - but yet miles away from the idea of actually selling a new attack or defense technique.
People advocating selling exploits always told me: I'm only selling the actual code, I'll let the technique out and skilled people and the security community as a whole can then write the code and find the bug by themselves. As a "science", security will go on anyway, they told me.
Now I wonder: if they were actually offered money for their techniques - say, $10k for a way to bypass stack protection on VISTA or something similar - what would they do?
A lot of people say that some hackers resemble rock stars. In the rock/metal community, there's a saying: "to sell out". I wonder if the same is true for knowledge, not just for code. Once you sell out, it's hard to stop.
No more free bugs. No more free techniques. No more free security. No more security?
I've debated the thing with a lot of friends, and still can't see the actual difference with selling weapons, nor I can buy the "I get paid for my work" attitude. I can see too many flaws in the logic... but never mind, this is not the point of the post.
I've just been made aware of GenApple, https://www.genapple.com/. GenApple is a startup allowing people to sell their knowledge.
Right now, the site is full of recipes, cheat codes and "how to get rich fast" documents.
However, it made me wonder: what if the underground community actually starts using one of these tools?
It is a scenario that cyberpunk readers are familiar with: in Stephenson's Snow Crash selling data is what the main character (Hiro Protagonist, btw) does for a living.
But what if all of sudden such scenario goes real?
Right now, hackers go to conferences for free (well, most of them and most of the conferences). They share their knowledge for the sake of it, and for a little celebrity maybe, which in turn can become money at some point.
Yet, the hacker community has always been driven by the idea that "information wants to be free". Maybe not for everybody - we've always got "inner circles of whatever" - but yet miles away from the idea of actually selling a new attack or defense technique.
People advocating selling exploits always told me: I'm only selling the actual code, I'll let the technique out and skilled people and the security community as a whole can then write the code and find the bug by themselves. As a "science", security will go on anyway, they told me.
Now I wonder: if they were actually offered money for their techniques - say, $10k for a way to bypass stack protection on VISTA or something similar - what would they do?
A lot of people say that some hackers resemble rock stars. In the rock/metal community, there's a saying: "to sell out". I wonder if the same is true for knowledge, not just for code. Once you sell out, it's hard to stop.
No more free bugs. No more free techniques. No more free security. No more security?
January 14 2010
RT @hdmoore: Travis Goodspeed *destroys* the Z-Stack Zigbee PRNG: travisgoodspeed.blogspot.com/...
Older posts are this way
If this message doesn't go away, click anywhere on the page to continue loading posts.
Could not load more posts
Maybe Soup is currently being updated? I'll try again automatically in a few seconds...
Maybe Soup is currently being updated? I'll try again automatically in a few seconds...
Just a second, loading more posts...
You've reached the end.
