In Through The Out Door

Can You Pass 3rd Grade?

Navy to Commission Attack Submarine Texas

FBI software doesn’t exactly work:Filed under: News, CommercialThe Washington Post reports that the FBI’s new software system had to be scrapped since it doesn’t work…. The software problem reports (SPR’s) with the system numbered in the hundreds, just as Zalmai Azmi (FBI technology chief) thought the project was mere weeks from completion. Many critics point to bad management and sloppy work by the contractor for this large scale snafu…. With that kind of money, you could hire the best code hackers from the world’s largest software companies and do the job right. That is if you feed them enough junk food, Bawls, and have all-night code jams (aka hacker parties).

Upgrading Wi-Fi — What, When, and Why:Wi-Fi (802.11x) networks have been around long enough that many businesses and home users run their own. The first widely deployed standard was 802.11b, while most new hardware uses 802.11g. The latest 802.11n hardware is just around the corner. If you run an existing wireless network, is it time to upgrade?“

Locking Up Linux, Creating a Cryptobook:Tom’s Hardware has a nice overview about some of the latest ways to secure your data looking specifically at open source solutions that wont lock down your credit card. Since many people presented performance issues for why they don’t implement encryption there was also special attention given to how well your system will perform after implementation of encryption. From the article: “At least where LUKS is concerned, performance is hardly an issue - one must expect to pay some penalty for additional encryption facilities that handle unencrypted data transparently. All of these solutions are simple to set up and use on a daily basis, but LUKS is portable across Windows and Linux platforms.”

Atheros’s CTO, a blunt-spoken fellow, sent Krebs this statement: “Atheros has not been contacted by SecureWorks and Atheros has not received any code or other proof demonstrating a security vulnerability in our chips or wireless drivers used in any laptop computers. We believe SecureWorks’ modified statement and the flaws revealed in its presentation and methodology demonstrates only a security vulnerability in the wireless USB adapter they used in the demo, not in the laptop’s internal Wi-Fi card.” Apple said yesterday that the researchers had provided no information that showed an exploit was possible, and that the demonstration used a third-party Wi-Fi card and driver; the researchers updated their site to reflect this…. Krebs writes, “Apple’s revised statement today made it clear that the company had not received any evidence from SecureWorks to back up the claim that the Macbook drivers are indeed vulnerable.”… Rather that it’s, in fact, all too likely that a Wi-Fi driver could allow an exploit to happen–but that under the guise of preventing exploits in the wild that it’s too easy to take that general case and believe that it’s applicable when we can’t see and touch it.

Securing Wimax Networks:. Dark Reading explores the security of Wimax, and notes that Sprint will have its hands busy when it comes to locking down its next wireless broadband network. “I expect we’ll see similar problems with [WiMax] as we’ve seen with other devices, namel..

Using both static addresses and DHCP:When you set up your home network an important choice has to be made. Are you going to use dynamic or static addressing? In other words, are you going to assign IP addresses to your computers manually, or will you ask your router to assign them for you dynamically through the use of DHCP? Sometimes, the best is to use both. In this article we’ll see what advantages DHCP and static addressing can give us compared to each other and we’ll learn how to use both in our home network.

Stealing Free Wireless: What do you do when you find someone else stealing bandwidth from your wireless network? I don’t care, but this person does. So he runs “runs squid with a trivial redirector that downloads images, uses mogrify to turn them upside down and serves them out of it’s local webserver.” The images are hysterical. He also tries modifying all the images so they are blurry.

Web Design Tools for Free:I don’t consider myself a design guru, but I do like to dabble in CSS, PHP, and Javascript — at least enough to make my blog look nice…. Luckily, I use a Mac, which means I don’t have to shell out big bucks for simple applications.My top five design tools are available exclusively for OSX — and they’re all free too.TextWranglerOf all the programs that I use most on my Powerbook, TextWrangler is second only to Firefox…. Like the rest, it’s free.WebKit InspectorIf you’re brave enough to grab a nightly build of WebKit, the open-source engine behind Apple’s Safari, you’ll be rewarded with one of the slickest-looking DOM inspectors on the block. In a style befitting Apple’s pro line of applications, the inspector gives you a quick look into your website’s DOM tree.If you have WebKit on your machine (it’s beta, but it’s remarkably stable, so don’t worry yourself much about runnign it), you can spawn the inspector by Ctrl-clicking an element and selecting “Inspect Element.” If you’re into CSS or Javascript and consider yourself a power-user, it’s a must-have.FireBugOkay, so FireBug isn’t Mac exclusive at all, but I’m pretty sure Jow Hewitt wrote it on a Mac…. The Firefox addon effectively combines Javascript/AJAX, DOM, CSS, and XHTML debugging into one console, meaning you can spend less time navigating through your debugger and more time fixing bugs.

Mac OS X v10.5 “Leopard” Developer Improvements.:AeroXperience (heh): Mac OS X v10.5 “Leopard” Developer Improvements. “A new framework is included for publishing and subscribing to RSS and Atom feeds, including complete RSS parsing and generation.” Let the nitpicking begin!

Spurs Preseason Schedule Announced:The Spurs will open the 2006 preseason against the Adecco ASVELL Lyon-Villeurbanne on October 5 in Lyon, France. San Antonio is set to play their first of four preseason games at the AT&T Center on October 14 against the Orlando Magic.

In the middle is the hands-off policy, where the law doesn’t mention DRM, companies are free to develop DRM if they want, and other companies and individuals are free to work around the DRM for lawful purposes. In the U.S. and most other developed countries, the move has been toward DRM-bolstering laws, such as the U.S. DMCA.The usual argument in favor of bolstering DRM is that DRM retards peer-to-peer copyright infringement…. First, they argue that DRM enables price discrimination — business models that charge different customers different prices for a product — and that price discrimination benefits society, at least sometimes. Second, they argue that DRM helps platform developers lock in their customers, as Apple has done with its iPod/iTunes products, and that lock-in increases the incentive to develop platforms…. Accordingly, we can expect the debate over DRM policy to come unmoored from copyright, with people on both sides making arguments unrelated to copyright and its goals.

Apple releases new website:“Mac OS X includes a wide variety of open source software from FreeBSD, NetBSD, OpenBSD, the GNU Project, and many more projects each its own vibrant developer community.Mac OS Forge is dedicated to supporting the developer community surrounding open source components specific to Mac OS X. Here you will find resources for working with the source code to popular Apple-original projects, as well as third party projects that are closely related to the Macintosh operating system.”The site also includes Launchd, now under an Apache license, version 2.0.

Chapter 4: Nagios Basics:Chapter 4 - from the book Nagios: System and Network Monitoring by Wolfgang Barth — Reprinted by permission from No Starch Press and Open Source Press.  Available at booksellers now.  Full book details are at the bottom of the article.

WiFi makes waves at Blackhat:

WiFi makes waves at Blackhat

Less Than a Minute to Hijack a MacBook’s Wireless:Kadin2048 writes “As reported by Ars Technica and the Washington Post, two hackers have found an exploitable vulnerability in the wireless drivers used by Apple’s MacBook. Machines are vulnerable if they have wireless enabled and are set to connect to any available wireless network, fairly close to their default state, and the exploit allows an attacker to gain ”total access“ -— apparently a remote root. Although the demo, performed via video at the BlackHat conference, takes aim at what one of the hackers calls the ”Mac userbase aura of smugness on security,“ Windows users shouldn’t get too smug themselves: according to the Post article, ”the two have found at least two similar flaws in device drivers for wireless cards either designed for or embedded in machines running the Windows OS.“ Ultimately, it may be the attacks against embedded devices which are the most threatening, since those devices are the hardest to upgrade…. According to this story at ITwire.com, they were able to exploit Linux and Windows machines, too.

News: SCADA system makers pushed toward security:

SCADA system makers pushed toward security

News: ActiveX security faces storm before calm:

ActiveX security faces storm before calm

Breaking into a laptop via Wi-Fi:Flaws in software that runs wireless-networking hardware could let attackers take over PCs, including Macs, researchers at Black Hat warn.