Posted by Tim
Filed under: Geek
What's your favorite
I have tried the Linux Distribution Chooser and it spit out Fedora. Nice fit.
Posted by Tim
Filed under: Geek
22C3 0101 - Too many bits
So this is the last post directly related to the 22C3. It's kinda late. I forgot that I wrote it... We had a really good time and thanks again to Phil for hosting us geeks for the time of the congress! I liked the snowy Berlin.
After all I have to say the congress was great. Expanding it to four days and having fewer and therefore bigger rooms totally made sense. It was not as stressful as last year and I could attend most of the talks that interested me. Only the CCTV talk was so full that I had to use the CCTV version outside on a TV screen - pure irony. I also think that four days are the maximum length that makes sense. Although it got better you are still exhausted after four days at the congress and happy to get home, see your girl-friend and have good food and your own bed.
I also liked the new Hackcenter. They changed the layout so that only half of it could be registered before the congress. The other half had free seeds, a few sofas and matrasses. This way we could stay there for a few hours, blog, have a rest and talk to friends and people.
The workshop area was quite bad this year though. It was not a closed room but just a few dirty tables in the corner which was misused as pizza eating a smoking area when no workshop was running. There was also no really announcement of workshops on the schedule. It just was not present and you didn't know what was running when if not checking the Wiki from time to time. I would think that a simple note "think about workshops" in the Fahrplan would have made a difference.
The non-smoking policy worked quite well although not officially enforced. Even on the fourth day you could breath fresh air pumped through one or two laptops but not contaminated with grey dust - something that was hardly possible on the second day last year... Great success on this side.
The biggest impact this yearly clearly had the "We lost the war" talk. Virtually anybody discussed this with someone else. From what I heard nobody agreed - or wanted to agree. I'm not sure if I'm just (too) optimistic or naive in thinking that we can make a difference. Rob's point on the closing event was interesting. He said that until know if it came to such topics (total DRM etc.) usually an argument you hear is "we still have the hackers, they'll fix it". And in fact, this is what we usually agree on in the end if discussing about DRM. But in the end the systems will become hardened against all the known attacks and eventually may reach a state where it is finally that hard that virtually nobody can break it anymore. So he wanted to make this a wake-up call. We do not just need the hackers, we need everybody to keep the risks in mind and work against these.
Posted by Tim
Filed under: Geek
22C3 0100 - Workshop and interesting (tech) projects
The 22C3 is now already over so I will make some shorter blog entries now to reflect on the event.
On the fourth day in the morning I held my little workshop. Helgar also stood up early and so went with me to the bcc earlier and attended the workshop. At least there is one I can count on... And there were even two more :-) I shortly presented what I did to find where the worm came from. It turned out that on of their websites had been intruded with the very same Mambo bug. Their page got defaced and someone installed a defacement tool written in PHP. One of the two was pretty skilled in tracking down those attacks so successfully peering knowledge especially meant transferring knowledge to me - mission accomplished. Instead of one we sat two hours together discussing the script kiddie shit. Very interesting, need to do that more often.
I want to start to describe some interesting projects that I learned about. Most are widely known and you probably heard of them before but I got some more in-depth knowledge on the congress and so this is more or less a personal agenda about what I want to have a look at during the next year.
A project that finally decided to try out is OpenWRT which is a free Linux distribution for a few Routers and WLAN access points like the LinkSys WRT54G or the Asus WL200. I think I'll have a look at the Asus model since it has a few USB ports that I can use to attach a harddrive. Maybe it is even powerful enough to run a small mail server. This would allow me to completely replace the box we have at home that is right now a router and a small mail and file server. I'd assume the small box consumes way less power so I want to give it a try. If it does not work out I will just have an AP running Linux which is already good :-)
Another interesting projects is the Freifunk project. It is a mesh network in a few cities with the core team sitting in Berlin. It allows anybody to participate in the network transferring data to all stations in the WLAN. The data is not send via a central infrastructure though but it is send via other stations in the network allowing the packets to traverse a long distance by using several stations as hops. The took the OLSR RFC and implemented it eventually finding out that it is not as powerful in the real world as in the simulations. So they are now using that as a foundation and testing new ways for mesh networking in a real world scenario in their olsrd software. Great! Maybe this could also emerge in Aachen?
In the past I had used Snort for some stuff and Tripwire for on-host security. But at 22C3 I learned about the Prelude IDS. It consists of a client library for applications and a central manager application. The manager collects all the information sent in the IDMEF format to it (for example using the prelude client library) and stores them in a central message repository. It then uses a fuzzy set based approach to deduct real incident reports from this information. An example in the talk was a ping, followed by a known buffer overflow and eventually a modified file on the attacked machine. Every message by itself may not be an attack, a ping is in general not harmful, the buffer overflow does not harm patched machines, a modified file might be an update, but all together point with a higher probability to a security breach if they are in a given time frame and the admin should look closer at it.
Something to play with and to learn is Trifinite's work on Bluetooth security. I will try out blooover and the other tools to learn more about why I should disable BT on my phone if not needed...
There was a talk about exploring a 3G GPRS/UMTS network and they presented their findings. Right now there are only a few that can afford to be curious because of the pricing that you have to pay (especially in Europe where data traffic is still quite expensive). But in the (near) future when the prices drop this may attract more "interested users". Time to play with this a little bit.
Stay tuned for more to come.
Posted by Tim
Filed under: Geek
22C3 0011 - We lost the war - did we?
Yesterday I heard a pretty depressing talk - basically the message is that all the bad things we imaged over the last few years have become true now, we are in a 1984 police state.
I cannot completely agree with this. Although we lost quite a few battles the war is still not over. There are even more battle fields nowadays that we have to care about. Five years ago we didn't have that bad problems with big entertainment corporations that we encounter today. On the other hand creative commons hadn't landed by then.
There were two interesting comments on that: We are mostly in reactive mode - we react to what happened. As it was stated in the talk the "security" guys basically had the plans in their drawer when the planes crashed on 9/11, we didn't. But we have to have plans if we make it to turn the public opinion on these issues. These issues are the right for freedom and personal privacy. We are getting profiled more and more by corporations and authorities. Data mining is getting a daily used tool. If that information finally gets transported to the ones that will really get screwed - everybody no in power - we may have a chance.
The other note was that if there is money to spent on "security enhancing techniques" we were not there. We were not in place to supply the systems that could really have increased security while preserving the needed privacy. That might even be an opportunity to make money with this.
Later talks often referenced this talk, quite a few did not agree. One of these that really impressed me was about personal experiences bringing technology and new media to disaster areas. Jacob Appelbaum talked about his experiences he made while travelling through Iraq and when he went to New Orleans after Katrina to help the people. I knew that it wasn't good at all - but I didn't imaging that it was that bad! I had talked to a iraqi shop owner at home whose family was still in the curdish part of Iraq. He said in the northern part it was not good but ok to live. One point of Jacob's talk was that he couldn't explain why civil houses get bombed - with bombs he paid for with his taxes. About New Orleans he had to tell how hard it was to get just a basic radio station running to get information to the people. Not technically hard but because authorities wouldn't want him to send out information. Only after he had drawn public attention on this by publishing the information on the internet and
I also attended a talk about Privaterra, an organisation that helps human rights groups and other activists to establish secure networks and teach them how to use these.
Have to stay closer to all of this in the future and keep track of what's going on. Some popular blogs should help with this.
Posted by Tim
Filed under: Geek
22C3 0010 - Democracy, Buffer overflows, CCTV and my workshop
So finally 22C3 has officially started (and in fact day 1 is almost over). Tim Pritlove welcomed us all and told us the usual administrivia - let's see what he will say in the end.
Joi Ito was invited to hold the 22C3 keynote speech. It had some quite interesting points. He argued that although we do not have something better by now democracy is still a broken legislative system. With a few statements he exposed the major problems we are facing these days:
Power aggregates, big corporations follow their natural interest of keeping their own interests secret and making their customers as transparent as possible ("money is lonely, it goes where the other money is").
What we need as a basis is the freedom of speech. He formulated several ways for this to happen. First what we see these days are phenomenons like blogs and wikis, which he called "global voices" - a voice counts more than a vote.
One of the major concerns is the ability for big corporations or any government to build up profiles. Profiles are only statistical measurements and error prone. Since we are here at the 22C3 I would think that there is a way higher probability to commit cyber crimes, although almost no visitor will actually commit one. If you now take all the profiles and only take the top 50 of the visitors it is likely that you piss of at least 49.5 of these 50.
"Beware of the boogymen" could be considered the guideline to deal with all the FUD coming from organisations like the music industry and the Becksteins from politics...
There is a video available for this talk at the FEM 22C3 page.
Then I attended two talks about buffer overflows. The first one was pretty awful in style. It could have transported some really interesting information, but unfortunately the real knowledge has not been transported and only a few basics could been shown - the real information, how a buffer overflow can actually be exploited could only be shown very briefly. The second one described some standard tools which I can care about if I need them, I left after 20 minutes and got a Club-Mate.
The CCTV talk was full - so I sat down on the stairs and watched it on conference TV with about 50 others. It was really interesting to see how the tapped public CCTV (public in the sense that it is at public places, not that it is meant to be seen by everybody). Interesting talk.
I have decided to give a workshop at 22C3 about finding a worm's origin (which will be basically about my past blog entry).
