Lock Picking Observations

In a previous comment I noted that I intended to share my observations on beginning lock picking. I’ve only really been raking so far, not per-pin picking.

First, it’s very easy to apply too much pressure to the torsion wrench. Start by applying just a little bit of pressure and slowly increase the pressure. The wrenches with the half twist will absorb some of the pressure by bending so they may be a good choice while you get a feel for the right amount of pressure. The downside is that you lose some of the sensitivity of what’s going on with the plug. While I was getting a feel for it I would vary the pressure as I was raking. Sometimes I would let up to much and give up pins I had set, sometimes I would press too hard and false set some pins. Eventually my hands learned the proper range of pressure. If you eat sushi I think the right pressure range is what you might use picking up a cut roll with chopsticks. If you don’t eat sushi, you’re missing out.

Second, the raking pressure should also be pretty light. I think of it like brushing teeth. You’re not trying to rub your gums off but you are trying to remove plaque. Raking too hard has less of a negative impact than applying too much torsion.

Third, don’t try to hard. The more you work at it the less success you have. Keep your practice lock, torsion wrench, and pick/rake at your desk. Pick them up and fiddle with them when you’re thinking or need to take a break. Just don’t focus on it. Your hands need to figure things out on their own. I found that my first half dozen or so times getting my practice lock I was absently fiddling and had no idea what I had done to make it work. Every time I’d try to figure it out and get nowhere. When I stopped paying attention I eventually found that my hands just knew what to do.

4chan

4chan is an Internet fever dream.

Spoofing For Charity... or Not

The media is reporting a lot about SMS charities. You send a text message to a certain number and your cell phone company bills you $10 or whatever. The company keeps a percentage or flat fee and passes the rest on to a charity. It’s a very convenient way for charities to get money. Of course it’s huge for Haiti charities.

What if you set up your own SMS “charity”. Then you get yourself a PBX system that can send text messages with whatever caller/sender number you want. You then send out texts to thousands of cell numbers with the caller/sender as your charity number. The messages you send are those that are likely to illicit a response, even if just a “WTF?”. Perhaps they say, “Where are you?” or “Who is this?” or “I just found out she’s bi” or “Mom’s dead” (thanks Aaron). People reply to ask you who you are or what you’re talking about and boom you just made $10.

Maybe if you’re nice(ish) you spoof the number of a real charity. Of course, a lot of those people would want it taken off their bill which means it would have to be taken back from the charity. This would really be the opposite of nice(ish).

Ain't No Mountain High Enough

Some of my friends know that I have clinical depression. For the most part I have it licked; I was on medication for a couple years while I learned how to deal with it. Now I occasionally go through some bad patches but they usually don’t go on for longer than a week. I’ve learned that if I just wait them out they’ll pass. I had been stuck in one for all of January which finally broke last Saturday.

Something people often don’t understand about depression is how it impedes your ability to get simple, important things done. Even when depressed if you have a gun to your head you can usually do just about anything required of you but there never really is a gun held to you head. Frankly you can probably do the laundry tomorrow when you might feel better. Today you just feel terrible.

Used to be I couldn’t get much of anything done. I couldn’t go grocery shopping, I couldn’t take care of our pets, I couldn’t get my bills paid even though I had the money. This month I could take care of the bills mostly. I could go grocery shopping because we’re pretty thoroughly resolved not to go out to eat during the week. I could take care of the pets because I’ve seen how much happier they’ve been when I’m taking care of things properly. The laundry had been piling up on the floor and the dishes piling up in the sink because I just couldn’t muster the will to take care of them. Saturday it broke, I felt great, and I knocked those things out. Overall this bad patch wasn’t as bad as they’ve been in the past but it was much longer for reasons unknown.

I was explaining the situation to a friend and he had a hard time understanding lacking the will to take care of these basic, small things. He did acknowledge that there was a reason for it but that he didn’t have the experience to wrap his head around it.

Eventually I thought of away to explain it that I hadn’t really thought of before. If you’ve ever been exposed to a motivational speaker or anyone similar you’ve probably heard something to the effect of: If you have the will to succeed, the size of the challenge doesn’t matter. The idea here being that the challenge can be very, very large but the will to succeed will make you overcome the challenge. Here’s another version that is also true: If you lack the will to succeed, the size of the challenge doesn’t matter. In this case the challenge can be very, very small but lacking the will to succeed will make it insurmountable.

Depression robs you of your ability to try, even things you’re good at and you know can succeed at.

Locks... not so much

I started practicing lockpicking with a basic set of lock picks. So far I’ve really just been raking and I’ve found that the C rake works best for me. I’ll eventually work up to per-pin picking but for now I happy just having success raking and getting a feel for things.

I’ve been practicing on a cheap padlock I got at a grocery store. A few minutes ago I took a try at my second lock - the deadbolt on my front door. First try took about 30 seconds to figure out the space I could move the rake in. Once I started raking it took about 10 seconds. Thinking I might have gotten lucky I locked it again and it took about 5 seconds to find the working space again and then another 10 seconds to rake it open.

Colo Cage Hunting

I love colo cages because a lot of people think they alleviate the need for cabinets. Just put up four-post racks in your cage and you’re done. The cage gives you all the physical security you need.

I was told the phrase “the cage will keep malicious people from plugging things in”. Aside from the fact that cages can’t sense intent, I don’t think it can keep anyone from plugging things in.

I’d like to tell you a story. The story is about a hunter and his niche - hunting in colo cages. Here’s a photo:

That’s quite a mighty spear he has. Can it penetrate the hearty flesh of your protective colo cage? Let’s take a closer look:

Oooo… looks like U3 Poison. That’s nasty, particularly on Windows systems before Server 2008. Will it have an affect on his game? His quarry today is one of the young of his normal prey, the rackmount server. Perhaps he has a taste for veal:

He stalks his prey into the bush of the cube prairie. Outside its normal protective cage the little one is even more vulnerable. Our hunter attacks!

Quite a nail-biter! Will the hunter get to eat or will the young one escape to live another day?

Looks like our hunter was too fast. Would the little one have survived had he been in his cage? Seems doubtful. That spear is pretty long and could be even longer. This one was rather “field expedient”. He could possibly keep a collapsible, elastic-corded tent pole on his survival pack (netbook bag). What if the U3 poison wouldn’t work on the larger beasts? Many of those larger beast have an unused but enabled second network interface. Many beasts will react to a new ethernet link by asking for DHCP. Other beasts might have a firewire orifice which bypasses their immune system.

If you tend to beasts like this, keep the hunters at bay. Put cabinets in your cage or spay/neuter them using connectors with the cables clipped off. It’s even possible to find chastity belts for yours.

Copying Windows Binaries

Maybe this is piracy, maybe it’s not. I have a tool installed on my computer and when new programs are installed it discovers them and pops up a lovely prompt asking if I will allow the executable to be copied to some computer somewhere. I haven’t looked into it deeply but it doesn’t seem to be aware of software licenses and whether the license for that binary allows for it to be redistributed. Maybe it is and maybe it’s not. It doesn’t seem like the tool is based on some kind of prior agreement between the tool author and the owners of each and every software package that it’s prompted me to allow copying their binaries. If it did, it doesn’t seem like it would need to ask me if it’s okay, except to honor my privacy. Maybe this copying falls under “Fair Use” or maybe it’s just not worth suing over. Maybe it’s piracy and I’m an accomplice.

The tool in question seems to be an inherent feature of Windows 7. It may have been in Vista, which I skipped. If I recall correctly the prompt says it’s part of Windows Defender which I believe is part of Windows security. The obvious conclusion is that it’s grabbing the file to analyze it for malware. If it is, it seems like it could just run a few different cryptographic hash functions over it and if any one of them differ, then it copies the file. I don’t think it’s doing that because I’m sure I’m not the first person to install the latest Acrobat Reader appropriate for my platform. What are they doing with them? Maybe we help them collect binaries for competitive analysis and it’s not just strictly for security.

Maybe it isn’t enforceable or no one would dare sue Microsoft, but it seems to me like I’m violating someone’s copyright or license.

GPEN Certified

I just passed my GPEN at 94%. Wewt.

Chinese Server

I need to get a server in China. Then if I hack something or use it as a phishing site people will just assume the big, mean, Chinese government is behind it.

I Have Comments Now

Sorry about that, Richard. I’ve wanted to have a comment system for a while but tumblr doesn’t have built-in support for it and I was just lazy. I had to switch templates or hack up the HTML and I really want nothing to do with HTML.

Most technical discussions of security are in a context with no practical constraints.

In practice you have constraints you have to work around. You have a limited budget, limited man-hours, user requirements. All of these affect the security-effort and security-usability curves.

For every security policy and tool you want to implement you have to weigh the effort and usability affects against the security it will offer, and you have to understand the needs of your users as part of that.

It Wasn't Me, It Was the Seeder Worm

The media cartels like to hold the user of an IP address liable for any file sharing done through that IP. So if someone breaks into your WiFi and runs bittorrent it’s your fault. To some degree I believe that it’s the responsibility of the individual to secure their network that problem is basically intractable. At any rate, you could have DMCA invoked on you for whatever happens on your assigned IP address. I’m fairly sure the legality of this is debatable, especially looking at the response templates provided by the EFF for TOR users, but I’m a hacker not a lawyer.

Who’s liable if my server gets infected with Slammer or Conficker? It came to my system from some other system. Shouldn’t the owner of that IP be liable? I haven’t heard of any legal pursuit to that effect. It would seem that if you get infected with a worm it’s not your fault and you won’t be held liable.

To put this in perspective, if someone gains access to your network and uses it for file sharing you’re liable because you control the security of your network. If your system gets a worm and is infecting other systems on the Internet you’re not liable, even though you control the security of your server. Worms cost definite, calculable loss of revenue. File sharing may cause loss of revenue but no one’s really sure and there’s no way to know much.

What if the next big worm surreptitiously installs a minimal bittorrent client. It then randomly grabs one of the top 100,000 torrents from on of the top 50 torrent sites and runs it to seed? What if the next java plugin/flash/acrobat/Active X exploit did the same? What if this seeder tool was created as a Metasploit payload?

Are you liable for file sharing because you got infected with malware?