I once had to admin a system that used some software that kept its own log file and wouldn't roll the log file. The software had to keep running non-stop but its logs were so verbose that eventually it started filling up the disk and kept the log files open so you couldn't cleanly swap out the disk even.
solution: small gdb script to attach to the daemon and open/create a new file at the proper place dup2() the file handle with a new (closing the old), and then detach and bzip the old file...
PTRACE is magic.
So, assuming that the issue of getting high enough resolution images is possible (and I'm not saying it is). I agree that its probably not practical to pick a specific person out without having enough info that you could have already nabbed the guy. That said, it does make for an interesting possibility that, although you might not be able to track someone specifically, you could, perhaps say that this is the same person that was in these other videos (with some limited amount of success). Now also keep in mind that many of the places we're most interested in finding people are places with a lot less foot traffic (not big cities, more like Afghanistan). So what I wonder is, would it be possible to say that the person in the video with the RPG here, is (with some level of error of course) probably this farmer that we see over here in these older videos.
Last year at Blackhat after my presentation, FBI agents showed up (without a warrent) and started making demands for the video of my presentation and all the materials related to it, I don't doubt for a second that they would have arrested me had though known ahead of time that I was actually going to give my presenation...whatever he was going to present, someone was pissed about it...
After my experience with those clowns I have very little faith in their judgement or their respect for law...
not always true...the first time my grandmother touched a computer we had to talk her into it, she was terrified she would break it somehow, we explained to her that no matter what she did it wasnt going to "catch on fire" or anything...
my aunt left her alone with the computer for about 2 minutes and upon her return the computer was on fire (well it was letting the magic smoke out at least)...aparently my grandmother had decided to try to use the thing so she wanted to load some program off a floppy disk, she put the thing in sideways or upside down (round peg square hole style) jamming it in there until it fit...the floppy motor jammed and the friction caused the motor to make smoke come out the drive...
it took us another ten years to get her to touch another computer...
thats funny; it never fails to amaze how many people can't be bothered to read the actual body of an article before commenting on it...
I'm Michael Lynn, so I know a thing or two about what went on...I DID NOT release any bug details, I DID work with the vendor, the bug in question was patched months before I went on stage as a result of my working with PSIRT, and when I went on stage I didn't disclose any details about any bug...all I did was prove it was possible to exploit bugs on IOS...
If you don't believe me, then go and find out the exact nature of the vulnerability...you won't be able to do it (at least not without disassembling the thing yourself and rediscovering it) because I never disclosed it to the public...furthermore I disclosed it to the vendor months in advance, waited for them to get a fix out, worked with them all the way until about 48 hours before the talk...they were even going to co-present with me, then someone changed their mind and went into panic mode...
except I didn't tell anyone how to take anything down...As I've said repeatedly, and as you would know if you had read any of these articles, I didn't detail any vulnerability at all...I didn't even explain how to exploit a vulnerability if you had one...
All I did was prove that vulnerabilities are exploitable...period...tell me what is wrong with that...
Cisco was notified of the vulnerability in question many months ago and the issue has been patched for about 3 months now.
Furthermore I did not disclose the details of this vulnerability at all. The presentation was merely a demonstration that IOS was exploitable just like any other OS.
yes, look two posts up or goto memestreams.net and search for CherryOS, I decrypted (unpacked) CherryOS.exe (because they had it run through something to basically obfuscate the binary in a retarded attempt to stop this) and then I did a function by function comparison, its pretty much identical...but don't take my word for it, check out the post...
I did a disassembly (and decrypting of course) of the CherryOS.exe binary (see memestreams.net or my post in this thread for details)...
based on that it looks like they did some work on the IO code (but not much), it looks like they reorged how some of the devices get initialized (or more likely they based it on an older version of pearpc and that accounts for the delta)...
all in all it sucks (the part they did, not pearpc), their frontend is written in visual basic of all things (not to knock all you vb guys or anything but its just not the language you'd expect pricey commercial software to be written in)...
they're not compressed they are "packed" in security industry terms, this basically means a mild form of obfuscation to stop people from doing disassemblies of the binary...they dont work very well, as you can see
here
the Pentax K-1000 is cheap, durable (you can kick it around a bit and it will still keep going), supports lots and lots of lenses, the K-mount style of lens is named for this camera but is made by many manufacturers (read as cheaper). And its picture quality is very good for the money.
not really, they only handle it when there is a financial institution involved etc, they are still very much part of the dept. of the treasury, there were some terf wars back when they were still doing shit like busting steve jackson games etc, but they seem to have settled on solid juristicional boundries...read the orielly book on computer crime...its a bit dated, but not alltogether too bad...
well actually a OTP could be considered perfect encryption (though you're going to need perfect random number generation to pull that off, and i wouldnt care to comment on thats possibility)...
of course this is no-where near a OTP from what i read on their site, and the fact that they arnt screaming about this algo to every group capable of giving it peer review shows you its bullshit...
Slashdot Mirror
I once had to admin a system that used some software that kept its own log file and wouldn't roll the log file. The software had to keep running non-stop but its logs were so verbose that eventually it started filling up the disk and kept the log files open so you couldn't cleanly swap out the disk even. solution: small gdb script to attach to the daemon and open/create a new file at the proper place dup2() the file handle with a new (closing the old), and then detach and bzip the old file... PTRACE is magic.
So, assuming that the issue of getting high enough resolution images is possible (and I'm not saying it is). I agree that its probably not practical to pick a specific person out without having enough info that you could have already nabbed the guy. That said, it does make for an interesting possibility that, although you might not be able to track someone specifically, you could, perhaps say that this is the same person that was in these other videos (with some limited amount of success). Now also keep in mind that many of the places we're most interested in finding people are places with a lot less foot traffic (not big cities, more like Afghanistan). So what I wonder is, would it be possible to say that the person in the video with the RPG here, is (with some level of error of course) probably this farmer that we see over here in these older videos.
Everyone knows that real presidential candidates use cat...
Last year at Blackhat after my presentation, FBI agents showed up (without a warrent) and started making demands for the video of my presentation and all the materials related to it, I don't doubt for a second that they would have arrested me had though known ahead of time that I was actually going to give my presenation...whatever he was going to present, someone was pissed about it...
After my experience with those clowns I have very little faith in their judgement or their respect for law...
--Mike Lynn
not always true...the first time my grandmother touched a computer we had to talk her into it, she was terrified she would break it somehow, we explained to her that no matter what she did it wasnt going to "catch on fire" or anything...
my aunt left her alone with the computer for about 2 minutes and upon her return the computer was on fire (well it was letting the magic smoke out at least)...aparently my grandmother had decided to try to use the thing so she wanted to load some program off a floppy disk, she put the thing in sideways or upside down (round peg square hole style) jamming it in there until it fit...the floppy motor jammed and the friction caused the motor to make smoke come out the drive...
it took us another ten years to get her to touch another computer...
thats funny; it never fails to amaze how many people can't be bothered to read the actual body of an article before commenting on it...
I'm Michael Lynn, so I know a thing or two about what went on...I DID NOT release any bug details, I DID work with the vendor, the bug in question was patched months before I went on stage as a result of my working with PSIRT, and when I went on stage I didn't disclose any details about any bug...all I did was prove it was possible to exploit bugs on IOS...
If you don't believe me, then go and find out the exact nature of the vulnerability...you won't be able to do it (at least not without disassembling the thing yourself and rediscovering it) because I never disclosed it to the public...furthermore I disclosed it to the vendor months in advance, waited for them to get a fix out, worked with them all the way until about 48 hours before the talk...they were even going to co-present with me, then someone changed their mind and went into panic mode...
--Michael Lynn
except I didn't tell anyone how to take anything down...As I've said repeatedly, and as you would know if you had read any of these articles, I didn't detail any vulnerability at all...I didn't even explain how to exploit a vulnerability if you had one...
All I did was prove that vulnerabilities are exploitable...period...tell me what is wrong with that...
I am Michael Lynn...I'd like to clarify things
Cisco was notified of the vulnerability in question many months ago and the issue has been patched for about 3 months now.
Furthermore I did not disclose the details of this vulnerability at all. The presentation was merely a demonstration that IOS was exploitable just like any other OS.
yes, look two posts up or goto memestreams.net and search for CherryOS, I decrypted (unpacked) CherryOS.exe (because they had it run through something to basically obfuscate the binary in a retarded attempt to stop this) and then I did a function by function comparison, its pretty much identical...but don't take my word for it, check out the post...
I did a disassembly (and decrypting of course) of the CherryOS.exe binary (see memestreams.net or my post in this thread for details)...
based on that it looks like they did some work on the IO code (but not much), it looks like they reorged how some of the devices get initialized (or more likely they based it on an older version of pearpc and that accounts for the delta)...
all in all it sucks (the part they did, not pearpc), their frontend is written in visual basic of all things (not to knock all you vb guys or anything but its just not the language you'd expect pricey commercial software to be written in)...
they're not compressed they are "packed" in security industry terms, this basically means a mild form of obfuscation to stop people from doing disassemblies of the binary...they dont work very well, as you can see here
to all those who are interested in some serious proof, here it is and its pretty much indisputable...
4 7145
http://www.memestreams.net/users/abaddon/blogid48
yeah, Irix will not only destroy you, but three of your friends as well (chosen at random)
the Pentax K-1000 is cheap, durable (you can kick it around a bit and it will still keep going), supports lots and lots of lenses, the K-mount style of lens is named for this camera but is made by many manufacturers (read as cheaper). And its picture quality is very good for the money.
not really, they only handle it when there is a financial institution involved etc, they are still very much part of the dept. of the treasury, there were some terf wars back when they were still doing shit like busting steve jackson games etc, but they seem to have settled on solid juristicional boundries...read the orielly book on computer crime...its a bit dated, but not alltogether too bad...
well actually a OTP could be considered perfect encryption (though you're going to need perfect random number generation to pull that off, and i wouldnt care to comment on thats possibility)...
of course this is no-where near a OTP from what i read on their site, and the fact that they arnt screaming about this algo to every group capable of giving it peer review shows you its bullshit...