20110818

Trashing made easy

Obviously I am way behind on keeping this blog updated but here is something from the last NYC 2600 meeting. We found these bins sitting on the street on the way to dinner. Each of them overflowing with bundles of paper marked as "donor packets". They contained check images, financial records and all sorts of other information which could have been abused (if only we had fewer moral objections to commiting fraud and theft). We snapped some photos, returned some papers which had fallen on the ground and moved on.


20110407

Breaking In# mv humor /dev/null

Out of a combination of boredom and morbid curiosity I tried watching the premier of Breaking In, Fox's new penetration tester 'comedy'. Having done so I regret it and I would like that 30 minutes of my life back, I could have enjoyed myself more by spending it reinstalling Win 98.
While I could spend a paragraph or three complaining about the superficial wooden acting or the formulaic casting but you wouldn't be reading this blog if you cared about that more than about how they treat the profession of penetration testing and information security and the world of hacking.

So, how much penetration testing does go on in the show? Not much, except maybe superficially, and even then it tends to resemble something Tom Cruise does in a movie rather than Sneakers, much less real life. Occasionally the writers will remember that it's supposed to be set in a security company so they will have a character drilling a safe or bring up a character's past cracking his college's admissions and grading systems. Instead of trying to show any element of actual hacking, cracking, social engineering, or security testing the characters walk around putting on fake accents that would make Keanu Reeves cringe, clicking a hyperlink that changes their college tuition counter to a page saying "You graduated!" or tossing around buzzwords that sound like they were lifted from a news paper 'computer security for morons' column ten years ago. The core cast is stocked with 'hackers' and 'security geniuses' whose credentials seem to exist because they decided they do and their work seems to be a slim presence for 'geeky' pop culture references and the nominal hero character to feel awkward fro the audience's amusement. In the whole half hour the closest I got to laughing was when the 'hero' (who has been tasked to steal a car from a high end dealership) announces "They should really have a gate here." and heaves a rock through the showroom window.

Maybe I was expecting too much from Fox, too much from a comedy and too much from Hollywood in general. Just once I would like to see a program that treats the subjects of technology and security with some dignity and seriousness, and obviously this isn't it.

20110314

Updates and an opinion from the UK

The distribution upgrades from last week are coming along, if less smoothly than I had hoped (the inline radeon/radeonhd driver is not all it's supposed to be) forcing some additional changes. Thanks to a combination of Lenovo's hardware design and some weird heisenbugs I can only have working network management and battery monitoring/power control on my Thinkpad under GNOME, KDE 4.6 seems to be a bit of a step backwards, and for some reason Wicd is only being packaged by 3rd party contributors which means it will likely be a few weeks before it's available under 11.4.

In other news of interest to no one, over ten days since my last real cigarette but my nicotine intake still fluctuates, averaging above average levels. I might just have to try getting some of the very low nicotine cartridges to test whether the high intake is likely to be more attributable to physical/mental rote actions or chemical dependence. On a related note, I found this column from The Independent few weeks ago and the more times I read it the more I like the author's points.

20110309

Counting down changes



First, as I do when OpenSuSE releases a new version I get reminded about hardware upgrades.replacements and changes that I had been putting off or which I should do before the software change in order to avoid a problem during or after the installation. Last time (the change from 11.2 to 11.3) the changes in video drivers caused issues with my workstation for several days while I learned the new CLI utilities necessary to compile and install Nvidia's drivers and then work out their new xorg.conf structure. (At that time, I considered the Nouveau driver they had switched to, to be far from ready for primetime.)

This time, in an attempt to avoid the problems with Nvidia's cards and drivers I've decided to replace it with an ATI card. Sounds simple enough, until you try to find one that is actually a straight forward replacement for my current GeForce 9800 GT. It seems to me that a video card designed to drive multiple high resolution monitors should actually have more than one of a given type of port, yet nearly every card that is easily available has only one DVI port (or that DVI-esq port for a dual VGA adapter) and then they cram the rest of the faceplate with HDMI, DisplayPort and VGA ports which then means that they have to build the card up to two slots thick which then tends to cause cooling issues if you happen to be using any of your other expansion slots. Then of course I have to find one that not only is available but is in my price range.

Eventually I managed to find one that actually met my needs, a Radeon HD 4670 by XFX. From the looks of it it is one of maybe three ATI cards which actually has dual DVI ports (and the only one that can be found for less than $150). It should be arriving tomorrow (assuming that UPS doesn't fuck up again) which should be almost perfect timing.

There is also my effort (thanks largely to the ever more pervasive smoking bans I have to deal with and the exorbitant taxes levied on cigarettes in my area) to change my smoking habits. This afternoon marked one week since I have smoked a cigarette with hardly any cravings (or the common nicotine withdrawal symptoms) thanks to Green Smoke's electronic cigarette product. While I'm still working on adjusting my nicotine intake with this system so far the experience has been a good one. Hopefully I'll be marking 29 days of not smoking at the next 2600 meeting.

20110203

Victory over Lenovo and Realtek with Linux and IBM

At least amongst the local 2600 attendees, Lenovo ThinkPads and a mixture of netbooks seem to be the preferred computer of hackers. Most netbooks are either sufficiently generic or use such a small range of parts that driver support under Linux is not much of an issue, even when it is a few google searches of your distro's forums and wiki will usually turn up a simple fix. Laptops, unfortunately, don't have the same degree of homogeny and seem to use far more varied and unusual components, many sold under either generic descriptors (Wireless N!) or OEM brandings (ThinkPad BGN Wireless), neither will allow you to identify the chipset and driver that you will require unless someone else has discovered and posted that information in a searcable place.
This is where my last few weeks of frustration began.
Having become tired of the limited processing power and the rather brain-dead storage design of my EEEpc 901 (linux edition) I decided to take another shot at finding a reasonably priced ultra-portable laptop. ThinkPads have grown on me lately as a number of my friends either own one or consulted me while buying one. Luckilly for me Lenovo was running a few sales the week I decided to actually buy the new machine, however I was still rather budget concious and opted to go for the cheaper generic default options on a few parts that were low priority for me. I included the WLAN card on that list, big mistake.
When the new X201 finally arrived (1 business day and a weekend late, as is usual for the local UPS drivers) I checked that it passed POST and diagnostics and then promptly formatted the harddrive and installed a couple of linux distros. Installations complete, I logged in and began checking that everything was working, of course the wifi card wasn't but I eventually tracked it down in the hardware configuration. Once I got a wired connection going I was able to pull down the neccessary firmware packages for the detected chipset (the Realtec RTL8191se) as well as the vendor's official driver source tarballs so that I could compile the driver for another distro.

Once the firmware and drivers were installed and loaded the card would be detected and attach to a standard wireless network interface and even allow AP searches and connect, but only for a few minutes at a time. Reported signal strengths appeared as only one of about 5 values (0db, -1db, 35db, 47db and 53db) which would rapidly change until the connection would drop (without generating the standard system messages to take down the interface so that ifconfig would still report a connection). Despite being sold as 802.11n capable it would not detect 802.11n only networks or APs broadcasting on the 802.11n long distance frequencies. This obviously doesn't qualify as working so something needs to be done.

Having exhausted all of the tweaked and custom built versions of the realtek drivers available I decided to try replacing the card. Lenovo won't sell you just the component nor will they actually sell you an upgrade; they will make you go through a torturous returns process (which they will refuse to complete if you have made any changes to the content of the harddrive or left any visible signs of opening the body) before they will eventually issue a refund which you can then use to purchase a new laptop with the hardware you need. Luckilly a competent system builder can easilly remove the keyboard and palm rest assemblies (9 clearly marked screws) to get access to the PCI-e slots, and other internals; it should be simple to find a replacement PCI-e wi-fi card and simply slide it in then shouldn't it? Of course not. Lenovo, under the guise of 'ensuring compliance with FCC regulations' for certifying the "combination of wireless tranciever and antenna", has also locked you into buying all future parts for *your* laptop by adding a PCI-ID whitelisting routine to their BIOS. If you replace the PCI-e card with one from a third party, even one of the exact same model, the BIOS will halt with an 1802 error and refuse to boot. There are a handful of tools for modifying Lenovo's BIOS update packages but Lenovo's BIOS update tool requires a functioning Windows installation, so much for that option.

For those who aren't too keen on risking the destruction of their laptop and buying Windows there is another option. It isn't much cheaper then buying a Windows license but it won't actually require paying Microsoft. IBM operates the post warranty service parts center for ThinkPad and ThinkCenter computers. Their parts aren't cheap and you will have to be very sure about exactly which part you need (as you need to order by the exact part number contained in your computer's maintenance manual) but it will work and they will ship nearly any part via UPS's next day delivery service. So, as long as you can find a properly supported card in the maintence manual you can get it without having to send your computer anywhere or having to deal with Lenovo's helpless desk and drain bramaged customer disservice^w^wsales people.

Once UPS finally got around to delivering my overpriced Intel Centrino 6300 wireless card I had it swapped out and working in five minutes.

Details about the 1802 boot error and related issues can be found on ThinkWiki.

20110129

Best laid plans

I was gearing up to write up a summary of the trials and tribulations of getting openSuSE and Backtrack Linux up and running on a new Thinkpad x201 series laptop (it has been quite an effort so far), particularly focusing on Linux/vendor hardware support issues and the effect of Lenovo's practice of adding a pciid whitelist check to their BIOS to prevent owners from using hardware from non-Lenovo sources.

Unfortunately, despite the promising start in acquiring the (hopefully) final part necessary to fix the most egregious issue (wifi), UPS has managed to derail this in a spectacular manner ("Well you can't blame us for not delivering the package marked "URGENT!, Rush Delivery, Overnight AM delivery" because we declared an emergency nine and a half hours after it was supposed to have arrived. We'll probably try to deliver it Monday. Probably. No I don't understand why that might be a problem or why you are unhappy about us claiming that we would deliver it tonight hours after we had pulled all of our trucks off the road due to a 16th of an inch snowfall.")

Hopefully the part will arrive in sufficient time that I can actually work on it in the copious free time I have during my week-long certification boot camp. Untill then, fuck UPS.

20110107

Wikileaks followup for today's 2600 meeting

As a heads up to all of the 2600 meeting attendees who read this, today I will have about two dozen DVDs with some Wikileaks related content much of which is difficult (and, depending on how you go about it, expensive) to track down and acquire. Quantities will be limited to that for now (don't have the cash for more blanks) and it will be first come first served (although at 2GiB a decent size flash drive and a few minutes with a laptop at the meeting can get you the content in case I run out of discs). I'll leave the exact contents a 'secret' until you pick on up but I will assure everyone that it's all been checked for anything malicious.