stacksmash.org

But don’t take my word for it — take Ross Anderson’s.

I bought Crysis so I could play a Mechwarrior mod with it.  When I tried to start it, a window popped up saying:

A required security module cannot be activated. This program cannot be executed (5003).

One of my friends located the explanation.  Indeed, I had IDA Pro running in the background.

Good job, guys.  That will really prevent piracy, a lot.  You are great at what you do.

I’ve ranted about Verified By Visa before.  Since then, I’ve had the good fortune of having no dealings at all with the idiotic system – until tonight.  Since I’m using a different Visa card for a purchase, it’s harassing me to create myself a new Verified By Visa account which includes my Social Security number for some fucking reason.  And when they prompt me for a password?

Passwords must contain at least one lower case alpha character, one upper case alpha character, and one numeric value. Special characters and spaces are not allowed.

You fucking idiots.  Go fuck the devil in hell.

I saw an article about this new technology that’s supposed to “stop computer viruses in their tracks.“  The idea is interesting, but overall I think it would be useful in only a very limited, focused application.  Things would get far too complicated, far too quickly, for it to be both successful and at all versatile.

So I think the fact that it’s being patented, and the fawning article in New Scientist, are laughable.  I was going to viciously mock them but it turns out David Harley beat me to it.  He added less sarcastic commentary here.

A long-time pet project of mine is decoding the network protocol of Valve Software’s “Source” game engine, used in Half-Life 2, Counter-Strike: Source, Team Fortress 2, and Left 4 Dead.  I’ve never made it very far, but it has led me down some interesting paths in reverse engineering, debugging, and visualization.  One example of the latter is this Python script I wrote to analyze a series of packets.  It creates an image in which each row represents a packet, and each pixel represents one byte of the packet.  The pixels range from black (for a value of 0×00) to bright green (0xFF).  I got the idea from Greg Conti in his interview on the Network Security Podcast.  Here’s what I did:

Read more…

I passed the CISSP exam.  Now I can stop making fun of it for a while.

Once upon a time, I wasn’t satisfied with Wordpress’s backup feature for some reason.  I can’t remember why.  This was way back in 1.2 or something, and I’m sure it’s fixed now.  Nevertheless, I set up a system for database backups which I think works pretty well.  It runs as a cron job on my host, backs up the database, compresses the backup file, uuencodes it, and emails it to my Gmail account.  There I have a filter which directs such emails to the Trash.  This way I never have to actually deal with the backups, but they stay in the Trash for 30 days until automatic deletion – so I have backups of every day for a month.

So I thought I’d share.  My cron job is set to run at 3 AM every day.  It’s a string of semicolon-separated individual commands:

Read more…

A while back I wrote this on another blog.

An open letter to websites that require your registration, then email you your details, including the password, in plaintext.

Read more…

While I wade through my CISSP study guide and take practice exams, I can’t help but wonder how much useful information I would’ve learned in the past month if I had studied, say, rootkits.  Instead of bullshit.

These people are basically telling me that if I don’t know – off the top of my fucking head, mind you, even though the answer is always a four-second Google search away – details of the token ring standard, and what class of fire extinguisher belongs with what fire, then I can’t possibly be an Information Security Professional.

I just took a practice quiz for a Body Of Knowledge I haven’t started to study yet, just to see how I’d do.  It’s the Application Security section.  I figured it’s the one I’d know offhand more than any of the others, y’know?  Because, I actually work with applications.  And their security.

Nope.  The practice questions were all about Software Capability Maturity Models and Database Design Principles and which features of prototypes are (ISC)2’s favorite.  So I only got 50% of the questions right.  I guess I’m a Certified Information System Security Retard, because the test said so.

I can’t imagine how many people are making money hand over fist just to have their heads up their asses and come up with this.  It’s college all over again.

I love Scapy, a Python library that wraps around Pcap and various other things to let you do all kinds of cool network stuff.  I originally got into Scapy because I wanted to do packet forgery and injection in Windows.  It can also do sniffing, modification, and visualization.

Scapy is the sole reason I got started in Python.  For someone familiar with Python, it’s really easy to use; for everyone else, these examples should help.  Scapy requires a bit of setup on Windows, but it’s not too difficult – follow the setup guide here.  Unless you use Vista or Windows 7.

Until recently, Vista/Win7 users suffered some weird crashes in Scapy.  I found a related bug report on its Trac system and added some details to it.  Happily, the smart developer person fixed the bug (see the whole conversation here).  It was in the custom, patched version of pypcap, and he posted a link to a new one.

Update: The setup guide has a link to the correct version now, so everything should be just fine if you follow it.