Slashdot Mirror
3D Hacking Environment Links Kinect, Blender, and Metasploit
baxpace writes with a link describing a way to test your own security systems for vulnerabilities using Kinect-interpreted natural gestures in tandem with the Metasploit Framework and the Blender game engine, writing: "The idea is to hack into your own systems while in a 3D, first person shooter style environment that interfaces with the Kinect sensor. The game engine was built using Blender and looks to be one of the most pleasing ways of uncovering your own systems' architectural/networking vulnerabilities."
We can finally hack it!
I hate Hollywood style hacking with all that fancy 3D graphics that flash around on the computer screen while the "programmer" sits in front of it typing randomly on the keyboard saying, things like "512 bit encryption", "almost, almost", "come on!", "don't do this to me", "got it!".
So now we have an actual hacking application with actual 3D graphics that actually mean something. Too bad it doesn't look as cool as in the movies.
in order to audit your own systems?
Cool, but rather complex for an audit!
Sent as ripples into the electromagnetic field. No single photon has been harmed in the process.
Call me old school, but I'd prefer a command line. Can't see this taking off for security professionals.
Gee, if you have so much time to waste, can you lend me some?
Nae king! Nae laird! Nae yurrupiean pressedent! We willna be fooled again!
Damn, now I have to buy roller skates and glow sticks. Penetration testing used to be so simple!
Prior art: Wargames, hacker types on keyboard while saying what he's typing for the benefit of the audience who aren't looking at the screen.
"What... {bashbashbashbashbashbashbashbashbash} ...is... {bashbashbashbashbashbashbashbashbashbashbashbash} ...the primary... {bashbashbashbashbashbashbashbashbashbashbashbashbashbashbashbashbashbash} ...goal?"
Hollywood couldn't even do a chatbot session right back in the 80's!
Merge it with the Doom source and play online with your friends and strangers!
The Gibson?
But the the Cisco fragged me! Aaaaaarrgh!
It's a UNIX system!!!!!
http://www.youtube.com/watch?v=dFUlAQZB9Ng
All these times you tried to explain people that what they see in the movies is bullshit when it comes to "hacking". And now, that SOME slowly get it - bam - they will inevitably see this and think that you have no idea what you're talking about when it comes to computers.
Lesson learned: quit trying to explain computer shit to lay people. They don't really want to know. And they will never really understand.
How on earth is this 'a pleasing way of uncovering system architecture'? ... The pointy balls aside, I'd basically do pretty much everything exactly opposite of how they did the 3D. ... This guy has it pretty much nailed in terms of 3D enviroment UI and data ... since, like, 8 years ago or so.
3D visuals? OK, I get that. However, I'd leave out crappy wall textures and 3rd grade FPS props and stick to abstract platonic and geoedic shapes with distinct colors, connected with various forms of lines and indexed with a cool looking 3D-enviroment-friendly font.
The actual work I'd have scripts do, while I go and flirt with the helpdesk cutie over a latte. ... As, errm, pretty much everybody does it today already, I might add.
What system analyser in his right mind is going to wave his hands around and shake his hips to lauch scanners and change views?? My fingers can do that way faster. And much cheaper. ... And the technology is there allready.
Bottom line: Nothing new. Not so spectacular realisation. Way better solutions out there allready. No cookie!
My 2 cents.
We suffer more in our imagination than in reality. - Seneca
Reminds me a little bit of the movie nirvana, with christopher lambert of highlander fame.
I found a trojan of some sorts in the NT kernel; someone left the message "Created by Warren Robinett". Weird, only happens when I hit this invisible spot with Metasploit in the Kinect/Blender interface. I wonder if he's still employed by Microsoft.
Wearing pants should always be optional.
"3D Hacking Environment Links Kinect, Blender, and Metasploit"....and Zumba!
So now I can "hack" like a scriptkiddie, while playing 'Dance Dance Revolution'?
come to think of it, my 7 Year old goddaughter would probably be a better "hacker" than me, if it comes to this.
The positive sideeffect is that the scriptkiddies soon will have the physique to run from the cops/feds.
"news at eleven: Hackers fitter than jocks!" (still can't catch a fuusball, though)
~men are from earth. women are from earth. deal with it.~
I smell bullshit. No real-life colleague could make the linguistic jump from taxonomic to taxonomy unaided.
Now that's scary.
Hacking is going to be waaaaaay more fun with this thing... And lots of people are now going to have a go at it just for the fun of it.
Hmmm
I'm no longer fed up with MS Windows: I go rid of them
Slightly related: it would be nice if someone wrote a program that lets you create 3d models for e.g. blender or povray using a kinect. I wrote the beginning for that ( http://www.vanheusden.com/kinect2povray/ ) but don't have the time to extend it so that it combines multiple angles.
www.vanheusden.com - home of Multitail, HTTPing, CoffeeSaint, EntropyBroker, rsstail, bsod, listener, nagcon, nagi
wasn't there a network management interface or something like that based on doom? supposedly you went around shooting stuff to make changes or something. i wish i could remember its name.
Having to work for a living is the root of all evil.
Am I the only one picturing Ed on the Bebop making little fish to munch through someone's firewall?
Perhaps the colleague was an English major?
without reading any further, almost sounds like what they used in that movie 'Disclosure' with Michael Douglas; wearing the 3-D glasses and whatnot. or somewhat similar to 'Minority Report'
I'm good with numbers -
Seriously? I mean, 3D VR hacking attempt, reaching out with VR Gloves to manipulate/hack interface, face palm into VR Gloves, etc.
And no Pr0n jokes about 3D VR Penetration testing?
Who are you and what have you done with my SlashDot?
Time's fun when you're having flies. - Kermit the Frog
Let's not cross The Matrix with Sling Blade ever EVER again.
Good. That'll keep them from asking me to fix theirs.
Joey. I need you to drop your viruses, go after the worm. You're the closest. It's root slash period workspace slash period garbage period.
"I hope you know how very lucky you are to know me, because I am so incredibly incredible."
Shatner predicted this next well have drugs on microchip, ah Tekwar
Corporations having as much power as national governments, able to hire their own police forces.
Implants that are making steps to improving biological abilities.
3D visual hacking.
Shadowrun seems closer and closer every day.
Jurassic Park, anyone? THE DOORLOCKS TESS!!!... I know this, its a Unix system!
Koalas. They're telepathic. Plus, they control the weather. -Margaret
...and we'll finally have Neuromancer!
Good! Maybe they'll quit bugging me for help and asking stupid questions about "apps". For them to think I know nothing about computers is not the world's worst outcome....
At least the software she was using was real.
In all seriousness, "3D input", i.e. flailing limbs and gyrating in front of your computer, is a cool toy, a nice pastime and maybe even some kind of workout for kids who wouldn't think about actually going outside and move a limb, but for hacking, they just fail. Why? Because we are still far from the ability to never misunderstand a gesture. Hell, we, as humans, trained and raised as creatures to understand each other, sometimes misjudge and misunderstand each other. The very last thing I need when dealing with a trigger-happy firewall is my hacking tool mistake a -T0 for a -T5 when assembling the options for nmap. In some cases you only have one attempt, and that should be a good one. The very last thing I need then is that my tool misunderstands me.
It's also usually not faster than a CLI. Yes, most people probably gesture better and faster than they type. But, seriously, by the time you are good enough as a "hacker" to actually do something sensible with your skills, like conducting an audit, you CAN type faster than you can gesture. Your fingers are most likely the fastest part of your body (especially if they're the only thing that got any kind of workout for a few years ... *sigh*).
The only real advantage body movement had over manual input is that you can use your reflexes to your advantage. But then, they have to be very precise, very well timed and you must not flinch at the wrong moments, something that's very hard to do with reflexes because, being reflexes, they are not exactly under your command.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
I remember seeing this and thinking "YES!!!!!" http://www.cs.unm.edu/~dlchao/flake/doom/
I'll use that lame 3D UI for pen testing right after they pry Backtrack 5 out of my cold, dead hands. Try and make sqlmap a better tool by giving it a flashy ui. Go ahead, make my day.
But hey, the script kiddies will love it.
Once upon a time, there was a master of computers.
And there was a herd of idiots.
The idiots, despite knowing shit, judged the master.
And the master, despite knowing they know shit, cared about their judgment.
The moral of the story: Grow some balls and a spine, say NEIN, and you will be mighty fine! ^^
We all used to laugh about the ridiculous OS interface to the file system (flying through a 3D world of towers and things), the one they used to conduct their hacks.
... ?
And now it looks like it was not far-fetched after all. Why is our future being so... regressive
or a taxonomy major :-)
-- no sig today