VnutZ's Articles, Page 8 of 75

← Previous    1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16     Next →
21 Sep 13


Bored this weekend? As an OmniNerd, try the various challenges on the 2013 CSAW CTF. (Leave a comment below and I’ll send you the OmniNerd login). There are puzzles of various difficulty for reverse engineering, exploitation, cryptography and many others. If nothing else, watch the scoreboard to see the cadets of West Point’s SIGSAC team destroy Naval and Air Force Academies.

CSAW CTF is a entry-level CTF, designed for undergraduate students who are trying to break into security.

13 Sep 13

Is Private School Morally Evil

Slate featured an op-ed a few weeks back from Allison Benedikt that apparently ruffled some feathers. The subject? Is sending your kids to private school a morally draining effort in that society is no longer collectively improving itself as a whole? Are your kids better off at the cost of everyone else? She writes:

You are a bad person if you send your children to private school. Not bad like murderer bad—but bad like ruining-one-of-our-nation’s-most-essential-institutions-in-order-to-get-what’s-best-for-your-kid bad. So, pretty bad.

Whatever you think your children need—deserve—from their school experience, assume that the parents at the nearby public housing complex want the same. No, don’t just assume it. Do something about it. Send your kids to school with their kids…. Don’t just acknowledge your liberal guilt—listen to it.

12 Sep 13

Predatory HFT

Annnnnnd it’s here. High Frequency Trading has continued to stay off the public’s radar largely because most people 1) just don’t care and 2) don’t understand it. They should start caring. The software has already proven to beat humans on a general basis and has been the primary factor in traffic volume for more than half a decade. The original models were largely looking for trends and arbitrage opportunities but the newest algorithms … are exploiting each other. Analaysts have examined mini “spikes” and “crashes” and determined they occurred too quickly and corrected too quickly to be the result of humans. But those anomalies are different than HFTs in the past which tended to bandwagon with each other for similarity in their algorithms. The new models appear to be predatory, essentially anticipating the behavior of another algorithm and quickly shaping a market condition to trigger the prey’s activity in order to create artificial arbitrage.

12 Sep 13

Yongbyon Reactivated

It will only be a matter of months before North Korea starts leveraging their reactor for favors again. Imagery indicates the Yongbyon nuclear facility has been reactivated. The plant has had a troubled history with the world from being the target of a ’90s era preemptive attack in OPLAN 5026 to being the subject of six-party talks in the early ’00s for deactivation. North Korea has quite a history of using the plant as a means of trading its deactivation for concessions from the west. It is suggested that Yongbyon, although a lightwater reactor, could easily be changed for plutonium enrichment.

11 Sep 13

Basketball Diplomacy

Well … clearly the problem for the past sixty years of armistice (despite North Korea’s recent attempt to dissolve it) was a lack of Dennis Rodman. The former basketball player has recently completed his basketball diplomacy tour of North Korea, undoubtedly seeing the official script instead of reality. Clearly, the United States just needed to go there and see that everything was rainbows and butterflies all along. Now seemingly friends with the DPRK leadership, Rodman quips, “He has to do his job but he’s a very good guy …. If he wanted to bomb anybody in the world, he would have done it.” And then goes on to challenge President Obama, “Why Obama, are you afraid to talk to Dennis Rodman? You’re not afraid to talk to Beyonce and Jay-Z, why not me? Why not me? I’m pretty important now, right?”

29 Aug 13

United States to Engage Syria?

It wasn’t the more than hundred thousand people that the Syrian regime killed that led the world to care. Rather, it was the chemical weapons the government used against its people that spurred the United States to threaten an attack. They’ve had the weapons for decades but the allegations of using them internally are relatively new with “wash-out bombings” taking place to burn away the evidence. The UN Security Council appears to have balked at getting involved leaving the United States to consider, once again, going at it alone. Presently, the Obama administration has only made mention of utilizing standoff capabilities against the regime without a ground element as a means of enforcing a global ban on chemical weapons.

20 Aug 13

SAC Capital Investment Woes

SAC Capital is currently in a world of hurt. The major investment firm is being indicted for insider trading with the government originally seeking ALL of its billions as punishment despite having already settled some of the issues to the tune of a $600 million fine. At first, most of us will think, “Let ’em burn.” However, the amount of money borrowed, invested and leveraged by hedge funds as large as SAC have deeper implications (hedge funds control an estimated $2.25 trillion). Part of the reason the government was gunning for all of the firm’s assets is that profits obtained from “dirty money” are themselves dirty and therefore seizable. And that extends beyond SAC into the markets that have also invested in and profited from SAC (which is most of Wall Street). The rest of Wall Street’s traders are concerned, however, because as SAC’s traders are indicted, they may also subject to scrutiny for basically bandwagoning when the illegal behavior should have been obvious. The investigation isn’t scaring away all the investors, there are many that plan to continue riding the gravy train of SAC’s run of success.

18 Aug 13

Violence in Syria and Egypt Continue

Sooooo, the violence in Syria continues. The world has watched since March 2011 as rebels fought with the government. More than 100,000 people have died in that span according to the United Nations. Egypt saw the beginning of Arab Spring and had mass, violent protests, though things became relatively sedate, until recently. Everything has exploded in the country once again with what appears to be a coup over the elected government.

16 Aug 13


Elon Musk, the wealthy innovator behind PayPal, SpaceX and Telsa motors, recently blogged about his next idea Hyperloop (detailed pdf). This one, however, he proposed as a thinking man’s journey as opposed to putting up the funding and infrastructure himself. Musk asks that for California’s massive investment in transportation, it should provide a massive improvement in critical areas:

  • Safer
  • Faster
  • Lower cost
  • More convenient
  • Immune to weather
  • Sustainably self-powering
  • Resistant to Earthquakes
  • Not disruptive to those along the route
14 Aug 13

Blackhat Femtocell Hacking

One of the interesting presentations at the 2013 Blackhat conference in Las Vegas demonstrated the fun hackers can have with a femtocell. For those not familiar with them, femtocells are essentially miniature base stations that allow a mobile phone to affiliate (via 3G, LTE, etc) whereupon the connection is patched to the carrier via the Internet. This sort of technology is useful in low signal areas such as your house in order to have a full signal experience.

Tom Ritter of iSEC presented, I Can Hear You Now: Traffic Interception and Remote Mobile Phone Cloning with a Compromised CDMA Femtocell which demonstrated all the options available with a Verizon femtocell. The hackers first gained shell and root access to the device whereupon they were able to perform traffic captures of all the data passing through. It took awhile for them to identify the codec used for voice, but once determined, they were able to capture a call’s voice packets for decoding and replaying voice conversations. Text messages were easy to intercept and display live to the audience as was capturing the data sessions. (NOTE: The same talk was also given at DEFCON where the audience was much more apt to text “Penis” and other phallic ASCII art to be displayed on the projectors.) For their demonstration, they intercepted an SSL connection from the affiliated phone to a bank and logged the username/password combinations. All of this was “simple stuff” when you have root access to the packet streams. So the team went further and used their captured information to essentially allow them to clone a mobile phone such that they could receive calls, listen in on existing calls and for all intents and purposes … be that phone and use it’s account for free. According to Ritter, “this is not about how the NSA would attack ordinary people. This is about how ordinary people would attack ordinary people.”

14 Aug 13

Food Source During Zombie Apocalypse

Food will be tight during the zombie apocalypse. A question arose at work today – would it be safe to eat Zombie meat if its cooked or irradiated?

13 Aug 13

US Embassy Closures

So who believes there was an AQAP threat to the US embassies in Northern Africa and the Middle East?

Supposedly, the SIGINT system made famous by Edward Snowden is credited with capturing chatter between AQAP leadership. Particularly of interest, according to anonymous government sources, was a notification between Ayman al-Zawahiri and his subordinate leadership that everything was ready for an imminent attack. This prompted the US government to shut down nineteen embassies and issue a general travel advisory through the month of August. Meanwhile, despite the imminence of the attacks, nothing has happened except for some drone strikes against AQAP militants in Yemen.

01 Aug 13

BlackHat 2013 Keynote

GEN Alexander took the stage for BlackHat 2013’s keynote speech and gave the audience an hour long outline of the programs in question, the authorities involved and the success stories behind them. It’s interesting how accounts vary … the summary write-up on SlashDot for instance made it sound like the conference was largely against him (the forum’s comments are about the most off-the-mark guesswork of conspiracy I’ve read in awhile). While sentiment is hard to read, the NSA director received thunderous applause in support of his words more often than jeers (yes, BTW, I was there in the audience).

30 Jul 13

Manning Acquitted of Aiding the Enemy

Bradley Manning, the lowly Army PFC responsible for America’s largest leak of classified documents has been acquitted of the most serious charge against him – aiding and abetting the enemy. He was still found guilty of countless other charges regarding the leaks which will likely leave him imprisoned for the remainder of his life. Elizabeth Goitein, of the Liberty and National Security Program commented, “The judge rejected the government’s argument that Manning, by virtue of his training as an intelligence officer, must have known that the information he disclosed was likely to reach al Qaeda. But she also ruled that Manning had reason to believe his disclosures could harm the U.S., even if that was not his goal.”

10 Jul 13

DISA Rolls Out Corporate Denial of Service

Everyone used to bitch and moan about AKO (Army Knowledge On-line) as a horrible email solution for the Army – with its outdated interface and horrendously small storage capacity. But there were always workarounds for exemptions on storage, the BETA program for a modern OWA UI and bypassing the whole thing with IMAP. Oh, if we could only have that old system back.

Then DISA found it in the best interest of the Army to roll-out Enterprise Email. It’s kind of like a self-imposed denial of service. Login is only possible with a CAC because DISA seems to believe its impossible for an adversary to cache your credentials and replay them. Whether you have a CAC or not, the system continually blasts you with pop-up windows to re-enter your PIN … sometimes as often as every ten minutes. Even if you enter the PIN, it will still time you out in the middle of your work causing it to be lost. Somehow, they’ve taken a working Microsoft product (OWA) and mutilated it so the page doesn’t render properly in anything but Internet Explorer. If it happens to die, the page will NEVER come back unless you close your whole browser down and re-open it – the rest of your tabs and work be damned. I used to be accessible to my subordinates and unit nearly at all times with my IMAP access from home and work machines. But then I had to have CAC readers installed at work just to access the page and as I mentioned before, it continually times me out or fails the PIN re-entry because my screen locked. Needless to say, the inconvenience of it all means I only check once a day every couple of days now.

← Previous    1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16     Next →

What is OmniNerd?

Omninerd_icon Welcome! OmniNerd's content is generated by nerds like you. Learn more.

Voting Booth

Most enjoyable Nintendo system?

1 vote, 0 comments