WiFi for all San Franciscans

In a Reuters article Friday, the mayor of San Francisco was quoted as saying "We will not stop until every San Franciscan has access to free wireless Internet service..." in his annual state of the city address, proposing city wide WiFi.

This is a growing trend and it is FREAKING ME OUT! Imagine being able to drive to San Francisco with your laptop to commit a crime through a government funded internet connection. Doing it through conventional wardriving from a residential private wireless connection in some random neighborhood is one thing, but at least it is fairly easy to spot that. If there is city wide WiFi, it would be perfectly normal for a person to be on their laptop on the side of the road. And when this sort of system is implemented, there is little doubt in my mind that they are going to put ease of use ahead of security. Do you make all residents download authentication software? Any security guy will tell you you're not going to find any solace in built-in security technologies. So how do you implement such a system easily and securely? I'm curious to find out, but I'm guessing: you don't.

25 Oct 04 | +Permalink+ | Comments (3) | TrackBack (0)


The first real reason to make me want Gmail: GmailFS.

"GmailFS provides a mountable Linux filesystem which uses your Gmail account as its storage medium."

A Gmail account + GmailFS could join tools like Nmap in being one of the few indispensable tools for a hacker. Pop on any box locally or remotely, grab GmailFS, and mount your Gmail account; all of your tools now sit at your fingertips.

30 Aug 04 | +Permalink+ | Comments (2) | TrackBack (0)

Crazy audio switch

When you can't find it at a store, keep looking. If you still can't find it, well, I guess you have to make it. I needed a nice little switch that takes one of three computers' audio outputs and diverts it to either a set of speakers, or headphones. Thats three inputs, two outputs. All stereo by the way. The result is this:

With the help of Dave, Radioshack, and lots of solder, my dream switch lives.

19 Aug 04 | +Permalink+ | Comments (3) | TrackBack (0)

A Phish Called NamesDatabase

Ah, The Names Database. By now you may have gotten an email or two from them claiming to be from a friend of yours. If you went ahead and followed the link in that email, you've already been through part of the journey you will soon read about, and it could be too late for you. If not, let this save you the trouble, and help save us all from this growing beast.

Before even entering their virtual doors, observations from the outside will tell you this is not an honest site. They employ at least two tactics that I've found for falsely fishing you in from search engines.

1. Dynamic links at top of page that say "Click here if you are looking for ". This means that if you got to one of these pages from a search engine (and really, how else would you be there) the phrase you typed in to search for would be displayed on the page, as if I were already there. Trying to find that long lost buddy Fredward Smithstone? Well gosh! Click here if you are looking for Fredward Smithstone! You finally got him!

2. Pages upon pages of as many names as they could generate. Just in case their dynamic text at the top of the page doesn't click with the way your search engine works, the name you are looking for might randomly have been generated on one of these pages they threw on the web.
(example of 1 and 2: http://namesdatabase.com/names/names/K/Kemper.html )
Edit: WOW! Since the publishing of this, the format of these pages has changed dramatically! Now neither example 1 or 2 apply. Could it be that one of the commentors actually *was* affiliated with them?
Once they have you on their main site, BOY is it exciting to watch their page counter rise right before your eyes! Wonderful fradulent fun!
I had a suspicion that these counters were fake when mine continued to advance at a steady rate at a very low traffic time of day. I popped the site open on another computer and found that the site's total members were counting up as well, but were not in sync with the first computer. At each update, the counter would simply add one, and soon enough, the counters on the two computer screens veered far enough apart to make me almost certain. The final blow came when I opened the source code for the site to find the following code for a random incremental counter: (examine it yourself if you wish, opens in a new window)

Being on their front page gives me the undesirable urge to enter personal information as fast as I can. I'd better do it.

"Hey- glad you just gave us personal information! But now that you have, you need to give us five more suckers before we can let you in!"

Businesses that are in the practice of getting you to recruit people are widely frowned upon. If there is money at all involved in this, it reaches the point of illegality. Commonly known to anyone who has taken a business class as Pyramid Schemes, Matrix Schemes, or many variations on them involving recruiting for gain.

Once NamesDatabase gets past the first five people, they let you "in" to the next recruiting area of the site. Here, you are able to search through the names database and see which of your friends got suckered into this. You can then click on a friend and be told "you need to UNLOCK The Names Database" before sending the person a message. How you UNLOCK? Simple!

-Recruit a mere 24 more people, or
-Give them $12.00

to let you "send messages" to your fellow victims for a whole year. Thats only a dollar a month, Kyle! They've gotten you this far, why don't you just go ahead and comply. Its like that poker hand that you are too far into already. You've gotta go all in.

The goal of this company is either:
A) Straight monetary gain, or
B) Getting a huge database of information at their disposal, and a few bucks as the icing on the cake.

I'm going to say its B. But really, what information do they have on you? Just your name, your email address, your year of birth, the country you went to high school in, maybe your [maiden name]. And maybe a little billing information here and there.

I know I wouldn't trust a company that is involved in sketchy practices with all that information. Would you?

5 Aug 04 | +Permalink+ | Comments (46) | TrackBack (0)

'The Matrix' hack

WARNING: Nerdy Linux geek speak ahead.
In the process of messing around with my different Linux boxen and virtual-boxen ala VMware (read: rooting my own boxes for fun and profit, minus the profit), I have come to realize that the first hack we see on the original 'The Matrix' is a perfectly realistic hack.

Wake up, Neo.

I remember seeing the movie when it first came out and thinking "Yeah, right- that's so cheesy" when Neo's screen goes black and the words "Wake up, Neo." are typed onto the screen. But in reality, there is minimal cheese involved. To recreate the scene from one of your computers to the other:

1. Get logged in remotely as r00t by one of these methods:
a . SSH into the box (we know Trinity loves SSH from Matrix:Reloaded) with a shell account and exploit a local vulnerability to elevate your priviledges to r00t.
b. Use a remote exploit that throws a r00t shell
c. ?

2. Execute the command 'ps aux | grep X' to see the list of running processes, singling out the X server (the windowing system). Note it's PID.

3. You can execute the 'w' command to see who is all logged into the box, and note the TTYs, but the X server is usually running on /dev/tty1, so we can assume it is that and skip this step.

4. Kill the process for X, bringing the victim to a blank terminal.

5. Execute 'echo "Wake up, Neo." > /dev/tty1', assuming the terminal the victim will be dropped to is on tty1, the default. This will place the words "Wake up, Neo." on your victim's screen.

6. You can keep sending messages to their screen in this manner, remembering to execute 'clear > /dev/tty1' to clear the screen between messages. If you want the screen to type the letters one at a time the way Trinity did to Neo, you can wget a nice little app called 'dirthy' from packetstorm.


And make sure to clear the screen one final time when someone knocks on the door and your victim looks away from the screen.

Linux is used in this example. There is no real reason why you shouldn't be able to take those same steps on any *nix system, adjusting commands accordingly.

13 Jul 04 | +Permalink+ | Comments (5) | TrackBack (0)