* Posts by -tim

518 posts • joined 10 Jul 2009

Page:

.. ..-. / -.-- --- ..- / -.-. .- -. / .-. . .- -.. / - .... .. ... then a US Navy fondleslab just put you out of a job

-tim
Pint

It was a skill that some were very good with

The WWII signalman who taught my father morse code decided he would join a typing contest run by the towns office supply place. The first prize was one of the brand new daisy wheel typewriters. The guy brought his manual typewriter and managed to out type all the local secretaries and then tried the new electronic typewriter and it couldn't keep up with him. He would routinely communicate for hours at time in the 100+ WPM bands and he could do bursts to the limits of the equipment.

2
0

Dev to El Reg: Making web pages pretty is harder than building crypto

-tim
Boffin

Not even 140 characters?

The 95 character limit is related to the limit of how much data RSA can encrypt. AES256 can encrypt 256 bits (or 32 characters) with a single key. RSA runs some mathematical operations on the data to be encrypted and the keys and the results can not exceed 2048 bits for 2048 RSA. That limits how much data can be encrypted at once resulting in about 95 bytes depending the keys and data.

Secure communications typically start with creating new random key and using a public/private cipher like RSA, DH or EC to share that key with the other side and then follow that with data encrypted with a block cipher like DES or AES so there is no limit to the message length. Early SSL often did that in weak or broken ways which why we shouldn't be doing that anymore.

2
0

nbn™ hits the half-way mark – but has more than half of the job left

-tim
FAIL

How many have disconnected?

My boss decided to move the small office off Internode into NBN HFC. It turns out that the HFC was providing half the speed of the naked DSL. We also lost our static IP address and our IPv6. Internode said they couldn't reconnect the DSL so I went to their online form and had a new DSL connection installed. Once that was live, I disconnected the NBN. It won't come back on until they can get their act together. Someone else in the office is running their business phones over 4G as the tower is out their back window. They won't be keeping their NBN connection either.

3
1

BOFH: That's right. Turn it off. Turn it on

-tim
Facepalm

Re: do not enter the hypen!

Not only are card number 19 digits, the MOD-10 check works with letters (in EBCDIC). While the CVC happens to be 3 or 4 digits now, there isn't anything keeping letters from appearing in the field either. Expire dates aren't quite what they appear as well.

We found that allowing spaces in card numbers reduces our change backs as people make fewer mistakes. The worst are the silly Javascript things that screw with the browser filling in the card numbers since they will do funny things and increase mistakes in non-obvious ways.

3
0

Oz government wants its own definition of what 'backdoor' means

-tim
FAIL

Way too late?

Years ago when the US Govt decided Skipjack was a good idea, some Aussies didn't like it and rewrote the RSA libraries. Those are now known as openssl and the basis for most encryption done in the world today.

There are people who have decided the best way around the recent backdoor attempt is one time keys added to messaging and VPN apps. The way that works is one side fills a large USB stick with random keys and then gets that into the hands of who ever they wan't to talk to. A large USB stick can hold enough random keys to transfer centuries worth of message apps while never reusing a key. You can't break that no matter how hard you try to back door it.

0
0

Don't panic, but Linux's Systemd can be pwned via an evil DNS query

-tim

Re: Trust a hackers data?

To people who think reverse DNS is a good idea, consider concepts like CNANE loops. Smart DNS servers will catch it but there are plenty of dumb DNS implementations out there. In IPv4 we could send a UDP request out and expect to get a UDP response back but now with IPv6, the packet sizes often exceed the MTU resulting in several packets. Once you get a large chunk of data back, someone at the other end might just be playing games with malformed DNS packets or even just broken DNS settings. What does you application do when you get back thousands names for a reverse lookup? What happens when each lookup results in a chain of CNAMES? What happens when the end of those chains result in hundreds of addresses that are all the same?

DNS isn't authoritative, it is informational. It is great when it doesn't lie to you. But you can't test for when it does.

1
0
-tim
FAIL

Trust a hackers data?

I've always found it odd that systems would enable dns reverse lookups for all sorts of things where it provides no value. I don't trust DNS to give me a valid name if all I have is an IP address.

The whole thing of probing someone's network and have them look up your IP address where you then send TCP packets back to crash their name server or other application has been around since the early 1990s.

7
4

Not that scary or that hard: Two decades of VLANS

-tim

Very secure until it isn't

Isolation in VLANs has been an issue for 2 decades. Most of the time it works great but when it fails, it tends to fail open or in very odd ways.

The trick twenty years ago was simply flood the switch with arp packets that would overload the mac table in which case every packet went to every physical port turning it into a hub. That still works in an amzaing amount of current hardware. Long ago you might need to generate a bit over thousand packets while 64k is more typical today, there are machines that get confused with just over 2 million packets which takes all of two seconds to send out.

There are techniques now that make use the mostly unused auto-configure features on different switches that allow it to auto-configure holes in the security.

VLANs are great for "keep the VoIP traffic off the video camera network", You just can't count on it for "keep the R&D secrets isolated from the credit card processing network"

1
0

WannaCrypt blamed for speed camera reboot frenzy in Australia

-tim

Re: Revenue cameras

The congestion related accidents in Victoria are going up faster than new car technology and trauma response are saving lives.

If you study traffic engineering in Australia, you must go to a university that is sponsored by Redflex and you must toe their line. I figure that is only resulting in about 20 to 40 deaths a year in Victoria.

0
0

Teen girl who texted boyfriend to kill himself guilty of manslaughter

-tim

Munchausen syndrome by proxy?

This sounds much like Munchausen syndrome by proxy with a twist of at least one other mental health issue. That tends to be very rare and mostly women abusing their children or and adult abusing an elderly parent but I've never heard of someone abusing a boyfriend.

Some of the psychiatric pharmaceuticals can have very strange effects. The turn on and turn off thresholds for different symptoms can differ by ratios of 1:100. The half life of drugs that pass the blood–brain barrier is often measured in months which means by the time the shrink discontinues a drug, it can take years before a side effects disappears. Most non-psychiatric drugs have half lives in the range of hours. There seems to be a strong lack of understanding of how to do proper half life calculations from medical students based on the tutoring I did.

4
1

Yeah, if you could just stop writing those Y2K compliance reports, that would be great

-tim
Coat

That reminds me

We have a file folder full of Y2K report requests that we never quite got around doing or even sending to the circular file. We now keep it around for comedic value. Maybe we should get an intern to answer them.

1
0

If you live in a network lab, you'll get gigabit NBN over HFC soon

-tim

They can't sell a 1gig plan without a gig of backhaul which current costs more than $1,400 a month. With a 20:1 contention ratio, the link from the NBN POI to the ISP is $70/mo. That means an ISP needs to have at least 20 willing to sign up in the same area before it is economical to turn it on.

What I would like to see is the ISPs use the 1gig NBN plan but offer something smaller like 233/100 and raise it as they add capacity to their backhaul from the NBN but I don't think they can offer that.

1
0
-tim

So, progress?

Would this be the same NBN HFC that can't provide static addresses and IPv6 from any* provider? Our shiny new HFC NBN connection gets 70%^ of the bandwidth we are paying for and it only costs slightly more than the naked DSL that was providing double the download speed and 4 times the upload speed.

*Aussie Broadband claims to be planning IPv6 and may do IPv4 static today. Telecube is working on IPv6 too. Internode will migrate IPv6 ADSL plans to HFC where they don't support it.

^70% on IPv4 traffic. 0% of IPv6.

5
0

Bank of Canada finds flaws with current blockchain solutions

-tim

Its secure... right?

If you have a system that is based on two different types of cryptology, you need to test it by dropping both to some thing silly like AES-512 keys but they are all 0000...0 to 0000...00ff and then make your hashs only return 256 values. Now you only have 65536 combinations to play with and you can see what happens when someone breaks it. Block chains gets very wobbly when someone breaks them. If you add in the fact that "no one can break it" and add that to the level of trust, your asking for a disaster in the future.

4
0

Guess who's getting fat off DRAM shortages? Yep, the DRAM makers

-tim

What? Tell me it isn't true?

Oh, wait... this happens ever few years doesn't it.

There wasn't a flood in some 3rd world country that provide a rare but unexplained part (that didn't effect any other silicon based products) to blame for the shortage this time was there?

4
0

No laptop ban on Euro flights to US... yet

-tim
Mushroom

Barometers?

From another post...

There are barometers that are drop in replacements for most of the temperature sensors in a laptop or phone. The cpu that reads those isn't the main processor so it can run a very long time and is running in a semi-sleep mode most of the time when the laptop is "off".

The mini-cpu that those are hooked to has direct control to the battery charging circuit. I don't think this stuff should be where people can't help out putting out the fires.

1
0

Australia considers joining laptops-on-planes ban

-tim

Barometers?

There are barometers that are drop in replacements for most of the temperature sensors in a laptop or phone. The cpu that reads those isn't the main processor so it can run a very long time and is running in a semi-sleep mode most of the time when the laptop is "off".

Unless someone starts doing real world boom tests in simulated luggage compartments at typical flight pressures, I think I would prefer to have the device above the floor where someone might have the ability to do something rather than below it where only the fire suppression system can help out.

2
0

Do we need Windows patch legislation?

-tim

"Solaris 9 - released May 2002 - support ended October 2014"

The last patches for Sol 8 and 9 that I've seen were released 2 months ago. They were hidden in a Zones or Live Upgrade patch, but they where there. There were Java for Sol 9 patches released 28 days ago. The last Sol 9 kernel was Feb/26/2015. Of course those all require an expensive support contract to even find, but they are and supported for some definitions of supported.

0
0

Infosec, e-health, Vets' Affairs scoop up cash in Oz federal budget

-tim

Just what is a Service Provider?

The eHealth system lets the "service provider" do all sorts of things with the data. The only way to opt out is to sign up and then opt out or it may be collecting data forever.

0
0

FireEye calls Shim-anigans: Bank-raiding hackers switch tactics

-tim
Boffin

Re: Surely 'we' know enough by now

The core concept of a Von Neumann architecture computer is the ability to use the same memory for code and data and the OS simply looks at a user program as data that it can point to with a program counter. The alternative Harvard architecture machines are ever decreasing as today they are being phased out of GPUs which leaves them only in FPGA and some odd hacks of chip cards.

Multics which preceded Unix had shared libraries and dynamic linking. The ability to easily insert shim code in Unix dates back to its the early days of the shared library ld.so and the evil LD_LIBRARY_PATH variable which showed up in early versions of the portable C compiler which dates to the mid 1970s. There isn't anything that says you have to use ld.so but your compiler would prefer it add it in.

0
0

'I feel violated': Engineer who pointed out traffic signals flaw fined for 'unlicensed engineering'

-tim

What does the term mean?

My father is a Professional Computer Engineer. An Analog(ue) Computer Engineer.

I looked into getting my PE in Computer Engineering and all I needed was to apprentice for one for a year under a PE Computer Engineer. That was combined with 5 years of other apprenticeship for not having the right Analog Computer Engineering Degree. At the time there were about 6 people I could work for in the entire USA to meet the requirements.

1
0

Well, hot-diggity-damn, BlackBerry's KEYone is one hell of a comeback

-tim

Buttons?

They go to all the trouble to design a new keyboard and leave out a red and green one that might come defaulted to answer and hang up a call? I can't think of how they decide "we want to make a phone for people who like buttons" and then seem to forget that the phones can be used to make phone calls and people who like buttons might want a button or two for the primary purpose of the device.

Hopefully soon someone is going to come out with a low cost raspberry hat that can do 4G. With a decent API and then maybe we will see some decent progress made though the hackerspace type groups.

4
0

What is dead may never die – how to get a post-BlackBerry BlackBerry

-tim
FAIL

New Q10?

My old Q10 died and my spare went into service. What will I do when it dies?

0
0

Would you believe it? The Museum of Failure contains quite a few pieces of technology

-tim

Re: Sweden

Could it be considered a ship since it couldn't meet the core requirement for a ship?

Many decades ago there was a tv show about how they had found Noah's Ark. The next day the Russian Orthodox priest who had somehow managed to get a job teaching religion in a Catholic school brought in a a very old book and asked the question "So which one did they find this time?" and went into the details of groups building churches where they thought the Ark had landed. Apparently being boat builder for a rich guy who wanted to build church shaped like arks on mountain tops isn't a great way to learn how to build real boats.

3
0

nbn™ joins standards body CableLabs

-tim

Most of the PON FTTP and FTTC stuff uses parts of the DOCSIS standards for data transmission. The HF part of HFC in most cases is exactly the same as the headend part of a PON system.

Where this might be a good thing is getting a wider acceptance of standards that allow wholesaling of last mile solutions. Most large buyers of that technology are quite happy if they can tell a regulator that the hardware simply doesn't support letting others use their infrastructure.

2
0

Oracle patches Solaris 10 hole exploited by NSA spyware tool – and 298 other security bugs

-tim

The last patch cluster for Solaris 9 was released Nov 2012. The last kernel for Solaris 9 was the end of Feb 2015 and called Generic_122300-70. I wonder just was and wasn't patched.

0
0

'Tech troll' sues EFF to silence 'Stupid Patent of the Month' blog. Now the EFF sues back

-tim
Facepalm

Re: EFF Lawyers are EFF'n Stupid

I've proposed that the EFF ask the courts to bar the examiner who allowed bad patents from issuing any more patents until they receive some training in finding prior art.

2
0
-tim
Coat

Re: EFF Lawyers are EFF'n Stupid

Countdown timer prior art? I had to walk to the far book case to find an example. Figure 50 page 102 "SAA-CUA Advanced interface design guide" 1989. IBM part SC26-4582-0

10
1

Solaris admins! Look out – working remote root exploit leaked in Shadow Brokers dump

-tim

Re: Old is new again?

There was another 9 patch bundled in with the 10 stuff to help it play nice on 11. The last 9 kernel is 2 years old.

Solaris 10 was junk and 11 won't run on our hardware so we have a choice of 8 or 9 which is what far too many customers have decided as well.

0
0
-tim

Old is new again?

I'm sure I saw info about both of these long long ago so I wouldn't be calling them zero day. This is why we clean up lines in initd.conf and /etc/rpc when we install systems.

One program requires running a gui that shouldn't have never even been loaded on most servers and the other requires RPC to be wide open to the world in which case someone has already found all your NFS shares long ago.

The last patch to Solaris 9 was 26 days ago. Sparc things that won't run 11 (or 11 Early Adopter) should be on SunOS 5.9 Generic_122300-70 for things like sun4u.

11
0

Boss swore by 'For Dummies' book about an OS his org didn't run

-tim
Boffin

Not the first time

Apparently someone at AT&T decided that someone needed a TSO command line and created tso_shell to let them feel at home. It had removed all the normal cool stuff like piping, file redirection and process control and had function called tso_sleep which would be called anytime you hit control C. It would wait a random number of seconds and the range would increase every time you pressed control C while it was waiting.

4
0

BOFH: Defenestration, a solution to Solutions To Problems We Don't Have

-tim
Pint

I figure the BOFH and the PFY do have some work that has to happen and we all know they aren't about to do any real work. Maybe they have a need for a warm body to do real work.

0
0

US ATM fraud surges despite EMV

-tim

Re: slow?

Many of the skimmers only record 4 digits of the PIN and a few seem to do with 4 or 6 or 8. 5 or 7 digit PINs might be a very good idea if you aren't going to use an old US ATM.

0
0

BOFH: The Boss, the floppy and the work 'experience'

-tim

Re: maths trick

Most all the tricks that work with base 10 9s work with hexadecimal with Fs. The same is true with 0, 1,2 and base 10 5 and 0x8.

3
0

Reg now behind invisible HTML5 Bitcoin paywall

-tim
Devil

nobody uses bitcoin

Its good to see that TheReg has a «best practice» security plan in place and is looking ahead to when they get p0wned by ransomware.

0
0

New plastic banknote plans now upsetting environmental campaigners

-tim
Pint

Beer proof?

Are these like the Aussie plastic bank notes? The ones that are nearly indestructible and seem to outlast coins? They can deal with most wear and tear issues unless they are soaked in beer and then they tear very easily. I would have thought that how a bank note deals with being passed over a bar would have been a critical part of the specifications.

1
0

Samizdat no more: Old Unix source code opened for study

-tim

The BSD socket layer you see in all modern operating systems is view into a streams like model. That model allows all the cool things like zero copy, firewall systems and Apache httpready filter. They are all bolted in using the model that steams introduced.

1
0

Web-app devs note: Google wants to banish JavaScript dialogues

-tim
Flame

About 20 years too late...

Who ever thought it would be a good idea to have those boxes pop up with out the normal OS related "close this thing" working as "cancel"? That person should be found, named and shamed and every other feature they added to JavaScript should also be purged in a fire.

4
0

Why do GUIs jump around like a demented terrier while starting up? Am I on my own?

-tim

Re: Some other gems

The "new" editor in VMS from about 1986 required some new microcode in the CPU so it could detect the ESC stuff sent by the vt terminals more efficiently.

1
0

Good news, everyone! Two pints a day keep heart problems at bay

-tim
Pint

What about lunch time?

So when is someone going to do a study about the lunch time pint and what it does to stressed out office workers?

0
0

I've Been Moved: IBMers in same division slapped with 2nd redundo scheme in 2 months

-tim
Coat

Repeating names

"I've Been Moved" has been used many times over the decades.

And now from the 1980s edition of the IBM songbook^

"I BM, You BM, We all BM for I B M!"

^the IBM song book is a real thing

1
0

BlackBerry admits dying BB10 is in pain

-tim
Pint

Isn't lock in great?

I so wish someone would build a low cost 4g raspberry pi hat that can do voice and data calls. If thousands of hackers can code their own phone prototype, someone will have much better ideas that what has come out of the major vendors of late.

0
0

Hyper-V guest escape, drive-by PDF pwnage, Office holes, SMB flaws – and more now patched

-tim
FAIL

Hello new bot nets

Put in a turing complete rendering tool and it opens up remote exploits. The Uniscribe one could be live in all versions of windows back to Win 98. Combined with with older versions of the OS loading the font cache in Ring 0, and there will be compete and total p0wnage.

The scary thing is just how much new equipment still gets shipped with WinCE.

9
0

Today's WWW is built on pillars of sand: Buggy, exploitable JavaScript libs are everywhere

-tim
Facepalm

PCI-DSS?

I have told many clients that their web pages aren't PCI-DSS complaint because of their broken Javascript. It never goes down well.

0
0

Do you use .home and .mail on your network? ICANN mulls .corp, .mail, .home dot-word domains

-tim
Devil

They won't work on my networks

I for one will be delegating .mail and .home on my servers to my own servers. I've done that to a bunch of scummy TLDs so far. I'm thinking I should just delegate the country code and old top levels and remove all the rest. Another advantage is many of the spammy TLDs automatically get rejected without bothering a DNS blacklist. Anyone want do a patch for bind to allow delegating ??. so I can easily take care of the CC-TLDs?

5
0

nbn™ is installing new hybrid-fibre coax cables

-tim
Unhappy

Even at 3mb, your dsl might be better than what you may be upgraded to. If you are in a battle axe block without proper telco ducts and no place to run the new cables, you will end up with satellite. That means a 1/2 second delay on every request even though the bandwidth is higher.

0
0

'First ever' SHA-1 hash collision calculated. All it took were five clever brains... and 6,610 years of processor time

-tim
Coat

Re: This is why I use multiple hashes

For things that I need to make sure haven't been changed, I tend to use a modified version of an existing hash as well. All modern hashes are seeded using a table. MD5 uses a table of sines, SHA1 uses a values that start out as 0x67 45 23 01 and SHA-256 uses fractional parts of cube roots of primes. Simply swapping the 6 and 7 in SHA-1 and rebuilding the source provides a different hash that should be as cryptographically as secure as SHA-1 yet an attacker would need to know how you modified the seeds as well to compute a colliding document. Swapping the 6 and 7 does produce different hashes for the example files. If you treat your modified table as a secret key, you have that strength but even if you publish your table, that forces an opponent away from precomputed rainbow tables. This is much like seeding in password hashes and since the tables seem to be arbitrary chosen numbers, it shouldn't have the same problems that picking the wrong s-box values does in code like DES.

3
0

HPE blames solid state drive failure for outages at Australian Tax Office

-tim
Big Brother

They had something until their MBAs went feral

They are another company that lost the plot after the MBA clan got to them. My BB doesn't leak data to anyone (other than my local gov't). My Apple and Android devices do so much side channel stuff that I can't keep track of it all. I would love to have the option of "this thing wants $FOO, we can lie to it".

My biggest problem is there isn't a green and red button on the phone. The damn thing has buttons, stop making me use the stupid touch screen.

0
0
-tim
Flame

Was it a deep hack?

Did anyone look into magic firmware that was made just for the ATO?

The Ruxcon and Breakpoint security conferences have been showing these sorts of hacks for years. I would think having that type magic in the ATO's disk system would be worth a fair amount of coin.

0
0

General Electric plays down industrial control plant vulnerabilities

-tim
Flame

Nothing to see here, move along...

Of course there are no exploits in industrial systems. A number of steal plants have managed to have their emergency shutdown systems activated in such a way that results in their core furnaces ending up as a giant block of steel and the emergency shutdown systems broken in such a way as that was the only safe way to shut down is purely a coincidence. Nothing to see here, no industrial sabotage or hacking going on here, just move along.

1
0

Page:

Forums

Biting the hand that feeds IT © 1998–2017