There's now way to send a private communication. I have a legit NTP server that I've configured to use an appropriate stratum-1 server. The administrator of that server doesn't have my email address and has no way to communicate with me. The difference is that I selected an appropriate stratum-1 server and the DLink doesn't.
This is the kind of stuff that Microsoft promises in Longhorn. I provide something similar, only for web pages you've already visited, in Recall Toolbar
Some of what Martin says regarding minimizing false positives by correlating an attack with the correct platform, etc. is already being done by the open source IDS correlation project QuidScore:
I find that the single largest unecessary piece of load comes from having huge apache children (i.e., apache with mod_perl or php) sending bits down slow pipes to browsers.
We solved this problem at mozo (plug: personal dvd networks), and of course we're not alone in this approach, by running tiny-footprint apache children with nothing more than the basics + proxy capabilities. These guys act as reverse proxies, pass the requests off to the bigger mod_perl children, who when they're done processing can go onto the next request without having to push bits down to modem connections.
The math on this is fairly simple, but worth mentioning: ((100 connections * a few hundred-K for proxy children) + handfull of mod_perl children) 100 mod_perl connections. So we don't end up memory bound.
> Everything is hackable, it just a question of how much effort is involved.
I feel like a broken record. Yes, the effort far outweighs the reward. That's the point. If you look at my earlier threads, the point is to allow the company to survive, so that they may support the lives of their employees.
No, I don't think so. Going through those steps does not make somethat that is mass-reproducible. You don't have an XBox mod chip at this stage, and even if you do why bother? Again, it's such a pain in the butt that you have to wonder why someone would bother. With the XBox mod chip you get pirated games, here, you spend a bunch of effort to make an $11 camera operate like a few hundred dollar camera. Nor worth it.
I'm smiling, because with this amount of work you're $11 camera is not such a good deal after all. Your cost to break the protection outweighs the benefit, so the company can survive.
We're protecting the company that makes the cameras and sells the service against people reverse engineering the camera and removing the service (and thus the money) from the company. Companies have a right to make money to sustain their employees' lives. When the immediate reaction to this is "I'll hack it and get a $11 digital camera" then you need to think in these terms.
Well, considering they're not disposable, but rather reusable you can start to spend a little on the chip. The bottom of the barrel Palm has sufficient power to do crypto.
My GSM phone, which cost me nothing, has crypto cabilities. Surely my phone wasn't free to the manufacturer, so they must be making it up on the service. Same thing could apply here.
If I were building these things, I'd do it like so:
Each camera has a UUID -- a universally unique identifier, like a MAC address.
Before sending the camera out, I'd create a pair of public/private keys. I store the public key on the camera, the private key at the camera store (or centrally, whatever, so long as it can be retrieved later during processing).
When the camera takes a shot, it is stored *only after being encrypted* using the public key.
When the camera comes back for processing, the private key is retrieved (thanks to the UUID) and used to decrypt the images.
W/O the private key, the data retrieved is worthless. Generate a new key set before sending it out again.
This being the case, I'd use standard USB or IRDA or whatever and not worry about people violating my rights by reverse engineering the system.
There's another alternative: P2P style netflix. Check out mozo.
Basic idea is that arround you -- your dorm, co-workers, etc.-- there are thousands of DVDs. If you pool them into groups and share amonst yourselves you'll never need Blockbuster.
Statistically, it works: average DVD owner buys 15 a year, rents 30. With these numbers, the average person has access to thousands of DVDs around them already.
And yeah, I wrote this code for this site, so I'm biased..
I'm going to release an application with a 3mb download size. A few downloads a day will put me over my colo's bandwidth cap. I'm looking for alternatives to download.com, because download.com doesn't take beta software. Sourceforge might not be right because, while it's free, I don't include source. Any suggestions?
Okay, so I want to start with all of the cards on the table: I work for Qualys. Having said that:
Consider *self-service* Vulnerability Assessment using a third-part provider. It's quicker, can be run more frequently, is more up-to-date and less costly.
Instead of running quarterly audits, run them weekly, or even daily. Better yet: schedule scans to run automatically and get alerted via email if something new pops up.
Using consultants is messy, expensive, and consultants want to drive more consulting.
Using tools is time consuming, and they quickly get out of date. Producing reports that your managers can comprehend is a pain in the ass too.
Things to look for from a self service, third party scanner:
1. Frequency of signature updates. The lifetime from when a hack is discovered to when it is commonly exploited is getting smaller. Look for weekly, or even daily updates.
2. Number of vulnerabilities. Beware of marketing math: a php vulnerabilitity that can be exploited on every linux build, nt, solaris, hp, etc. isn't 20 vulnerabilties, it's one.
3. Scanning speed. How fast for one IP, a class C, a class B.
4. Non-damaging. Make sure the scanner doesn't damage production systems. What about bandwidth throttling?
5. Network mapping. Can you do network discovery to find all the servers? Are there some boxes in your DMZ you didn't know about.
6. Fixes. Okay, so you found stuff that is broken. How do you fix it? Look for the vendor to validate fixes and provide links, patches, etc. right in their tool.
7. Reporting. Besides the tech-view, is their a CIO report--particularly with trend graphs to show that you're staying on top of vulns as they get discovered.
8. Pricing. All you can eat is best. If you can't scan at-will, but only a few times a year then you're pretty well screwed.
9. OS Detection. How good is the scanner at identifying the OS? nmap is about 50% accurate. qualys about 85%.
10. DoS. How does the service check DoS without actually denying service?
11. Standards support. Is the system CVE compliant?
12. Where do they get their signatures? Do they have professional data feeds from Security Focus/BugTraq? Vigilinx? How are their signature labs organized?
13. Trial. Is there a free trial, or do you have to buy to get started?
Okay, that's all I can think of at the moment. Like I said, I work for Qualys. I think we do this well. Obviously I'd like you to check it out. Visit http://www.qualys.com for a free trial.
The novel thing about this is that it's the first example of a trojan like this that modifies the binaries and doesn't break them. There have been ones that break the binaries, which is immediately obvious to the admin. In this case, the binary does it's usual thing just fine...except that the trojan comes alive too.
This uses spectrum called "ISM" (Industrial, Scientific, Medical) that is essentially unregulated worldwide. It's the same spectrum your 2.4GHz cordless phone uses. Lobbying or not, it'd be very nearly impossible to take back this spectrum.
I think you could actually get away with running at least an HTTP server on port-80. Here's why:
A friend of mine and I were talking about peer-to-peer apps (ala Gnutella or ICQ) and he said he was shocked to find out that ICQ listens on all sorts of ports, including 80 if it's available, for messages.
Apparently, the ICQ engineers wanted to try solving the "behind a firewall" problem of receiving inbound packets and choose commonly opened ports, incl. 80. So, I think it'd be tough to monitor on a home network like @Home because so many people use ICQ.
The Freedows site cracks me up: it uses a FastCounter -- FastCounter is a LinkExchange service (my former employer) and LinkExchange is now owned by Microsoft! Freedows.org, powered by Microsoft:-)
Slashdot Mirror
There's now way to send a private communication. I have a legit NTP server that I've configured to use an appropriate stratum-1 server. The administrator of that server doesn't have my email address and has no way to communicate with me. The difference is that I selected an appropriate stratum-1 server and the DLink doesn't.
This is the kind of stuff that Microsoft promises in Longhorn. I provide something similar, only for web pages you've already visited, in Recall Toolbar
http://www.paulgraham.com/spam.html
http://www.itconversations.com/shows/detail164.htm l
A friend of mine owns the bar.com domain. It gets hundreds of messages a day at the address "foo@bar.com"
Some of what Martin says regarding minimizing false positives by correlating an attack with the correct platform, etc. is already being done by the open source IDS correlation project QuidScore:
http://quidscor.sourceforge.net/
oops. The less than sign got escaped out. The math:
((100 connections * a few hundred-K for proxy children) + handfull of mod_perl children) < 100 mod_perl connections
I find that the single largest unecessary piece of load comes from having huge apache children (i.e., apache with mod_perl or php) sending bits down slow pipes to browsers.
We solved this problem at mozo (plug: personal dvd networks), and of course we're not alone in this approach, by running tiny-footprint apache children with nothing more than the basics + proxy capabilities. These guys act as reverse proxies, pass the requests off to the bigger mod_perl children, who when they're done processing can go onto the next request without having to push bits down to modem connections.
The math on this is fairly simple, but worth mentioning: ((100 connections * a few hundred-K for proxy children) + handfull of mod_perl children) 100 mod_perl connections. So we don't end up memory bound.
> Everything is hackable, it just a question of how much effort is involved.
I feel like a broken record. Yes, the effort far outweighs the reward. That's the point. If you look at my earlier threads, the point is to allow the company to survive, so that they may support the lives of their employees.
No, I don't think so. Going through those steps does not make somethat that is mass-reproducible. You don't have an XBox mod chip at this stage, and even if you do why bother? Again, it's such a pain in the butt that you have to wonder why someone would bother. With the XBox mod chip you get pirated games, here, you spend a bunch of effort to make an $11 camera operate like a few hundred dollar camera. Nor worth it.
I'm smiling, because with this amount of work you're $11 camera is not such a good deal after all. Your cost to break the protection outweighs the benefit, so the company can survive.
We're protecting the company that makes the cameras and sells the service against people reverse engineering the camera and removing the service (and thus the money) from the company. Companies have a right to make money to sustain their employees' lives. When the immediate reaction to this is "I'll hack it and get a $11 digital camera" then you need to think in these terms.
Well, considering they're not disposable, but rather reusable you can start to spend a little on the chip. The bottom of the barrel Palm has sufficient power to do crypto.
My GSM phone, which cost me nothing, has crypto cabilities. Surely my phone wasn't free to the manufacturer, so they must be making it up on the service. Same thing could apply here.
Each camera has a UUID -- a universally unique identifier, like a MAC address.
Before sending the camera out, I'd create a pair of public/private keys. I store the public key on the camera, the private key at the camera store (or centrally, whatever, so long as it can be retrieved later during processing).
When the camera takes a shot, it is stored *only after being encrypted* using the public key.
When the camera comes back for processing, the private key is retrieved (thanks to the UUID) and used to decrypt the images.
W/O the private key, the data retrieved is worthless. Generate a new key set before sending it out again.
This being the case, I'd use standard USB or IRDA or whatever and not worry about people violating my rights by reverse engineering the system.
Mozo - DVD sharing networks
There's another alternative: P2P style netflix. Check out mozo.
Basic idea is that arround you -- your dorm, co-workers, etc.-- there are thousands of DVDs. If you pool them into groups and share amonst yourselves you'll never need Blockbuster.
Statistically, it works: average DVD owner buys 15 a year, rents 30. With these numbers, the average person has access to thousands of DVDs around them already.
And yeah, I wrote this code for this site, so I'm biased..
I'm going to release an application with a 3mb download size. A few downloads a day will put me over my colo's bandwidth cap. I'm looking for alternatives to download.com, because download.com doesn't take beta software. Sourceforge might not be right because, while it's free, I don't include source. Any suggestions?
If you like this, check out the Brick Testament (http://www.bricktestament.com)
Okay, so I want to start with all of the cards on the table: I work for Qualys. Having said that:
Consider *self-service* Vulnerability Assessment using a third-part provider. It's quicker, can be run more frequently, is more up-to-date and less costly.
Instead of running quarterly audits, run them weekly, or even daily. Better yet: schedule scans to run automatically and get alerted via email if something new pops up.
Using consultants is messy, expensive, and consultants want to drive more consulting.
Using tools is time consuming, and they quickly get out of date. Producing reports that your managers can comprehend is a pain in the ass too.
Things to look for from a self service, third party scanner:
1. Frequency of signature updates. The lifetime from when a hack is discovered to when it is commonly exploited is getting smaller. Look for weekly, or even daily updates.
2. Number of vulnerabilities. Beware of marketing math: a php vulnerabilitity that can be exploited on every linux build, nt, solaris, hp, etc. isn't 20 vulnerabilties, it's one.
3. Scanning speed. How fast for one IP, a class C, a class B.
4. Non-damaging. Make sure the scanner doesn't damage production systems. What about bandwidth throttling?
5. Network mapping. Can you do network discovery to find all the servers? Are there some boxes in your DMZ you didn't know about.
6. Fixes. Okay, so you found stuff that is broken. How do you fix it? Look for the vendor to validate fixes and provide links, patches, etc. right in their tool.
7. Reporting. Besides the tech-view, is their a CIO report--particularly with trend graphs to show that you're staying on top of vulns as they get discovered.
8. Pricing. All you can eat is best. If you can't scan at-will, but only a few times a year then you're pretty well screwed.
9. OS Detection. How good is the scanner at identifying the OS? nmap is about 50% accurate. qualys about 85%.
10. DoS. How does the service check DoS without actually denying service?
11. Standards support. Is the system CVE compliant?
12. Where do they get their signatures? Do they have professional data feeds from Security Focus/BugTraq? Vigilinx? How are their signature labs organized?
13. Trial. Is there a free trial, or do you have to buy to get started?
Okay, that's all I can think of at the moment. Like I said, I work for Qualys. I think we do this well. Obviously I'd like you to check it out. Visit http://www.qualys.com for a free trial.
http://www.timecube.com
families only please. Please don't flood the lines and make it so families can't find out.
The novel thing about this is that it's the first example of a trojan like this that modifies the binaries and doesn't break them. There have been ones that break the binaries, which is immediately obvious to the admin. In this case, the binary does it's usual thing just fine...except that the trojan comes alive too.
This uses spectrum called "ISM" (Industrial, Scientific, Medical) that is essentially unregulated worldwide. It's the same spectrum your 2.4GHz cordless phone uses. Lobbying or not, it'd be very nearly impossible to take back this spectrum.
802.11 supports something called WEP or Wired Equivilent Privacy, a 40 bit encryption system. To be an 802.11 product you've got to support this.
I think you could actually get away with running at least an HTTP server on port-80. Here's why:
A friend of mine and I were talking about peer-to-peer apps (ala Gnutella or ICQ) and he said he was shocked to find out that ICQ listens on all sorts of ports, including 80 if it's available, for messages.
Apparently, the ICQ engineers wanted to try solving the "behind a firewall" problem of receiving inbound packets and choose commonly opened ports, incl. 80. So, I think it'd be tough to monitor on a home network like @Home because so many people use ICQ.
The Freedows site cracks me up: it uses a FastCounter -- FastCounter is a LinkExchange service (my former employer) and LinkExchange is now owned by Microsoft! Freedows.org, powered by Microsoft :-)