This time it was 19:40 in to work. I haven’t been sleeping well so I haven’t been riding. I need to get back on the horse.
I wonder what the legal implications might be of a framework that makes it easy to create generators for bogus but convincing log data.
Prosecution: “Your honor, I present to the court computer logs that show that the defendant participated in online activities for which he is charged.”
Defense: “Your honor, I present to the court computer logs that are completely falsified but are completely indistinguishable in form from the logs presented by the prosecution.”
Flying Monkies, GO!
Actually, I’ve ridden to work about five times since I last posted about it. Totally different route now.
I think the time is a personal best but I’ve only tracked it with the GPS twice now. Good riding music, but a little bland for my taste. Would be appropriate to play in a gym where they have that special selection of music that sounds upbeat but isn’t actually exciting.
Anonymizer Universal on Anroid -
While at Anonymizer I got to use Anonymizer Universal and I thought it was pretty sweet. It doesn’t take long with a packet sniffer on a popular public wireless access point to see that you have little protection if any without some sort of VPN. Anonymizer Universal is a commercial VPN service that protects your traffic on the local network and allows it to exit through Anonymizer. I got it working on my Android phone using a little hand-configuration. This doesn’t require the phone to be rooted/jailbroken; it’s part of the standard functionality. Note that while it works, it’s not a supported platform…
I guess this is a bit late but it shouldn’t be Earth-shattering news to anyone. April 30th was my last day at Anonymizer. I had never before been in the position of leaving a job I liked but an opportunity fell into my lap that was too good to pass up. I’ve taken up a position as a security engineer at a Fortune 500 company in the Silicon Valley area that’s doing a lot of interesting things and has a lot of interesting challenges to wrestle with. As such, I had to relocate to the valley which, aside from moving away from my friends and family, was an exciting proposition.
There are a few things I’d like to say about Anonymizer. First and foremost is that they really are passionate about people’s privacy. Lots of people have said that it’s the perfect place for the government to back door to spy on us citizens. While that’s an accurate observation, at the time I left there was no back door, no special eavesdropping equipment or privileges for anyone, and no plans for those things to change. Unfortunately I can’t go into further detail without risking disclosing proprietary information. I believe in the products I used, Nyms and Anonymizer Universal, enough to continue using them to protect my privacy.
I would also like to mention that Anonymizer was a really interesting place to work. If you’re in the San Diego area and you think you know your stuff when it comes to networking, Linux, etc, it’s worth shooting them your resume.
Anyway, new beginning for me. This is the first time I’ve done security as the focus of my job rather than something orthogonal to my job. I expect I’ll have a lot more security stuff to talk about fairly soon. I was in the San Diego area for 12 years and while I liked it I’m excited to explore a new city. I expect to enjoy doing a lot of touristy stuff without having a short vacation window to explore the bay area.
wepwn -
Some months ago I wrote a couple scripts to capture the workflow of cracking WEP. Essentially you could use the scripts to scan for targets and then specify the target to attack by ESSID or BSSID.
I came into a situation where I needed to learn python so I consolidated those scripts into a single python script and that is wepwn. It was developed on Backtrack 4 but may work on other Linux distros without modification.
I was reluctant to release it without much testing but it’s not going to get much testing in my environment beyond what I’ve done. I’d appreciate feedback, bug reports, or patches. Enjoy.
Our Savannah Monitor died today.
I’m sorry, ‘zilla.
UK to Kill off National ID Card Program -
Way to go UK!
Two dads are better than none.
Yes!
Todo Sushi off of Carroll Canyon Rd. Tuna roll: good. Baby lobster dynamite roll: very good. Volcano roll: incredible.
When I went to buy my Droid Incredible the Verizon sales rep was very friendly and helpful. One thing that was lame was that he offered to sell me an 8GB or 16GB microSD card for my phone. I refused figuring I’m better off just picking one up at Fry’s or wherever. A few minutes later he pulls out a 2GB microSD card and says that it’s free. This seems like a totally shady upsell, not telling me it came with a 2GB card up front.
On the other hand, the second day with my phone I was trying to wiggle in the USB cable and a small thin bar of plastic above the USB connector snapped. Obviously it was my fault that it broke and I need to be more careful in the future. I went back to the store to talk about it and pick up a car mount for the phone. I explained that I had broke it and that it was still functional and my real concern was that this little piece of protruding plastic would catch on stuff. The same rep who sold me the phone looked at it carefully, made a note in the system about it and said that I could call an 800 number and get a new one under their 30-day Worry-Free Guarantee. This was all before I mentioned an intent to purchase the car mount.
The shady upsell in the beginning was weak, but the follow-up service for minor damage to my phone was excellent.
I like graffiti so I’ve started a semi-public blog for graffiti. Check it out.
From "The Privacy Blog" Intelligence collection *from* open proxy servers -
The short version: you use an open proxy someone set up and the logs of what you’ve visited are stored there. Possibly those logs are poorly protected. It’s also possible that the proxy was set up with the specific purpose of surveillance.
Had some drinks at Hamilton’s in South Park. Seemed like a pretty nice place. Even if it weren’t, I had a few beers and a lot of friends there and those things alone would have made it a good time.