Category: Random Ramblings

Anything that catches my fancy as a topic I want to cover. Truly random crap.

Microsoft security engineer shows simple wireless network break-in tools

I love security. I really need to get a good job back in the computer security industry. If I could track down a decent job in security, I’d get to play with cool software like the wireless security breaking tools demonstrated by Microsoft’s Marcus Murray (more information on this session on Murray’s blog).

ORLANDO – During an updated version of one of the more popular sessions at TechEd each year, senior security engineer and Microsoft MVP Marcus Murray did attendees a major service by demonstrating that hacking into a network is not really an art, and in some ways, not even much of a science.

His “Why I Can Hack Your Network in a Day” session is actually something of a misnomer, as many of the tools he uses (including one written by SysInternals guru-turned-Microsoft fellow Mark Russinovich) can enable individuals to work their way to revealing the passwords of domain administrators in closer to 15 minutes.

Of course, this is just a case of technology allowing transfer of skill – one security expert figures out the vulnerability, encases it in a point-and-click tool, and shares with the world. But it is still interesting to see what is going on in the back-and-forth of improved security/improved breaking of security fight. As always, security experts will look at the exploited vulnerabilities, come up with ways to reduce or eliminate them, improve protocols, and release equipment with the improved protocols. This will be followed by the break-in experts analyzing the new protocols, looking for direct and secondary/side-channel attacks, determining weaknesses, exploiting those weaknesses, and releasing simple tools that allow less skilled attackers break the security. Around and around it goes, until the eventual heat death of the universe or until we all start communicating via telepathy (which will probably get hacked somehow, in which case evolution will create better telepaths, and so on).

[tags]Microsoft security engineer demonstrates wireless hacking tools[/tags]

The JFK plot

I know there has been plenty of news lately about the plot to blow up JFK airport, but I haven’t bothered writing anything about it. I have had someone contact me to ask me why, since I’ve covered a number of other terrorist plots or physical security issues in the past. The main reason is that this planned attack just wasn’t very feasible, nor was the attack likely to have had any success.

Safeguards in the fuel delivery grid greatly limit the amount of damage that can be done by intentional or accidental explosion/destruction/burning of any section of the fuel system. Additionally, jet fuel contains additives specifically designed to reduce the chance of explosion, increase the difficulty of catastrophic fire, and minimize spread of flames in general. Yes, the stuff burns, but it actually does not burn well enough to have very much of a chance of the spectacular destruction it seems the attackers had in mind.

Though Mr. Defreitas had lived in Brooklyn and Queens, he told the informant that his resentment of the United States hardened into hatred during his years as a cargo worker at the airport.

“He saw military parts being shipped to Israel, including missiles, that would be used to kill Muslims,” the complaint read. Mr. Defreitas, who was secretly recorded by the informant, complained bitterly that he “wanted to do something” and that “Muslims always incur the wrath of the world while Jews get a pass.”

Mr. Defreitas envisioned “the destruction of the whole of Kennedy” and theorized that because of underground pipes, “part of Queens would explode.” He boasted that in addition to a huge of loss of life – “even the twin towers can’t touch it,” he said – the attack would devastate the United States economy and strike a deep symbolic blow against a national icon, President John F. Kennedy, officials said.

Sure, it sounds scary and stuff, but the explosion he dreamed of just wasn’t going to happen. And given how much I’ve written about improbable attacks and the over-reaction of Americans to these things, I was planning on giving this incident a pass. I’m tired of wasting my time detailing the weaknesses of bad, weak, improbable and infeasible threats. You’ll note that I’ve not even taken the time to provide links backing up my claims on infeasibility and difficulty of any success. That’s because the whole plot was so ludicrously bad that I don’t want to waste more of my time pointing out specifics. You can spend a few minutes online and easily find reputable sources supporting what I’ve stated above. If you disagree, please post it in the comments and I’ll be glad to expand on the topic. But unless someone really thinks this attack was worth worrying about, I’m not going to waste more time on it. That is, unless the government does something else stupid to strip away our freedoms as a result. Then, you can be sure I’ll come back to bitch about the poor job our government is doing.

[tags]JFK explosion plot too infeasible to even waste time debunking it[/tags]

Today, we have a headline winnar!!!

Great commentary by a man caught driving drunk on the way to his hearing for previously driving drunk:

HARRISBURG, Pa. (AP) – HARRISBURG – A man charged with drunken driving on the way to a drunken driving hearing said he probably will have to quit drinking.

I’d say there’s a 70%, maybe 75% chance he’s right.

[tags]Dumb criminal news, Man driving drunk to hearing for previously driving drunk[/tags]

Talk time at the democratic debate

The Chris Dodd Presidential campaign web site has an interesting chart of candidate talk times at the latest Democratic debate.

dem-debate-talkchart.png

I’m not really surprised by who has the most talk time, but I do plan on learning a little more about the candidates with the least talk time since I know so little about them right now. (via Victoria Kos)

[tags]Democratic candidates’ talk times at debate[/tags]

I smells a h0axor!

Since I’m enjoying the whole LOLcat phenomenon so much, I feel obligated to point out the origins of LOLcat, as told by Ape Lad.

bb-lolcat_origin.jpg

Not many people know this, but my great grandfather Aloysius “Gorilla” Koford, was also a cartoonist. From 1912-1913 he produced a comic strip which was featured in 17 newspapers, including the Philadephia Star-Democrat, the Tampa Telegraph, and the Santa Fe Good-Newser.

The strip was entitled “the Laugh-Out-Loud Cats” and featured the exploits of one Meowlin Q. Kitteh (a sort of cat hobo-raconteur) and his young hapless kitten friend, Pip. The strip did not last long due to a run-in my great-grandfather had with none other than William Randolph Hearst.

I believe this is one of the finest secondary effects of an interpipe meme, and hope others jump on the bandwagon. (via boingboing, which links to additional origins stories)

[tags]The origin of LOLcats, LOLcats can has beginning here?[/tags]

iPhone gets official release date

engadget_iphone-june-29th.jpgIn case you haven’t been keeping up, on June 29th you can get your iPhone, provided you don’t mind getting stuck with a 2 year contract on a version 1.0 $600 cell phone. Hey, I’ll admit I could be wrong about how well this product will perform in the market, but to exceed my expectations, I think the market will need to be filled with idiots or folks with too much money for their own good.

During an onscreen demonstration of the iPhone in Apple’s sprawling retail store here recently, an employee, clad in a black T-shirt, of course, surprised a potential customer.

Nonplused, the customer stammered, “You mean it’s a cellphone, too?”

Hmmmmmm. My idiots prediction might just be what Jobs is counting on for high market penetration. I guess I could just be wrong due to the cult of Apple that keeps growing. Oh, yeah, there’s also this:

Most analysts believe that Apple will easily exceed its initial goal of selling 10 million phones by the end of next year.

“It will be just 1 percent of the handset market,” said Jagdish Rebello, director of wireless communications research at iSuppli, a market research firm based in El Segundo, Calif. “But it is essentially shifting the balance of power into the hands of the mobile device manufacturers.”

That has a high probability for proving my prediction wrong, too. I could have sworn I read that Jobs was aiming for 10% of the market. Well, I may turn out to be the idiot here – 1% is too easy given the hype surrounding this.

[tags]Official iPhone launch date[/tags]

More work by the Bush administration to protect Americans


The Bush administration said Tuesday it will fight to keep meatpackers from testing all their animals for mad cow disease.

The Agriculture Department tests fewer than 1 percent of slaughtered cows for the disease, which can be fatal to humans who eat tainted beef. A beef producer in the western state of Kansas, Creekstone Farms Premium Beef, wants to test all of its cows.

Thank goodness we’ve got government leaders who will allow the industry self-regulation they’ve long called suggested is best for us. Or, and this is just a theory I and other folks have (and hey, we might all just be deluded conspiracy theorists, so consider that before believing this suggestion), it might be government protecting big business to the detriment of citizens and small business alike.

A federal judge ruled in March that such tests must be allowed. The ruling was to take effect June 1, but the Agriculture Department said Tuesday it would appeal – effectively delaying the testing until the court challenge plays out.

. . .

The Agriculture Department argued that widespread testing could lead to a false positive that would harm the meat industry. U.S. District Judge James Robertson noted that Creekstone sought to use the same test the government relies on and said the government didn’t have the authority to restrict it.

I’m not saying I buy the Agriculture Department argument, but felt it should be pointed out for those that do believe it.

[tags]Bush administration opposed to comprehensive mad cow testing[/tags]

WTF? Bad karaoke gets man shot

If you can’t sing, here’s an anecdote which suggests you shouldn’t sing videoke in public.

For singing out of tune, a jobless man was shot dead by a security guard of a videoke bar at the height of an argument in San Mateo, Rizal Tuesday night.

The victim, Romy Baligula, 29, was shot in the chest and was pronounced dead on arrival in a local hospital.

. . .

When Baligula started to sing, Ortega even danced to the tune. But when the song progressed, the suspect reportedly commented that the victim was out of tune, triggering a verbal tussle.

So, um, don’t sing if you can’t. Some people just lack the willpower to be non-violent critics.

[tags]Bad karaoke results in dead singer[/tags]

Dumb crook news

I’ve mentioned it before, but every time I read a story like this one, I’m reminded of a cow-orker who told me that most criminals aren’t that smart. Looks like again he is proven right.

A Rockford couple who called police to investigate a burglary at their home ended up being arrested on drug charges.

According to the Metro Narcotics Unit, officers investigating a burglary in the 5000 block of Vineyard Lane on Wednesday found more than 100 marijuana plants in the basement.

How? I can’t even conceive of being so stupid as to call that one in, and I’ve done a lot of stupid things in my time. (via Blog of Stupidity)

[tags]Marijuana growers call cops about home burglary – arrested[/tags]