Archive for the ‘Uncategorized’ Category

After a hard fought Monday in the data center trenches it is sometimes too easy to forget how simple our problems can be. When compared to a true disaster of not just IT infrastructure but basic human needs infrastructure. I remember reading about some of the staff responsible for trying to keep business moving during one of the worst US disasters in recent times. Some call it “Katrina” while the ones who lived thru it still call it hell.

“We’re on the 10th and 11th floor of a corporate high rise on Poydras Ave., right near St. Charles. We have generators and tons of food and water. It is five of us total. I am not sure how the Internet connection will be affected. I have a camera and my gun. Sustained winds are 175, gusts to 215. The real danger is not the wind, it’s the storm surge the wind will be pushing into the city from the Gulf through the lake. The city might never recover. Honestly, this thing could be biblical”

Read More Here

Worried about how you will let others know you made it to heaven after you die?
Well worry no more the website youvebeenleftbehind.com has got you covered.
Should the rapture or other event claim your life this Christian based site will not only contact your friends and family via email to let them know your safe with God, but they will also forward up to 120MB of data to your contacts.

They even have a Rapture DR plan that will trigger the event from various geographical locations when the judgement day comes. I mean I will be checking my email that day won’t you?

Now to answer the question does sending everyone a message saying “eat $hit and DIE!” considered a Sin if its done after your already dead and in heaven? Sounds like a fun experiment to me!

Monsterous Patch Tuesday

Posted: 2008/12/10 in Uncategorized

Since Microsoft started its “Patch Tuesday” schedule back in 2003 they have been pretty consistent with fixing issues every week. This past week they have patched the most vulnerabilities since the start of the schedule.

8= Bulletins
28= Vulnerabilities patched

Find out more info here and get yourself patched!

If you speak to me on a regular basis you already know how much I love my Google G1.  Actually my love affair is more with the Android OS than the hardware itself although I do not have any complaints about the hardware.

Well it looks like I will not be shutting up about this device any time soon. I have gotten my hands on another device which can be used for more extensive testing without destroying my G1 in the process.  This should allow be to gather more details on the focus of my research which is mostly the devices security.  This would include the cool device locking functions along with the authentication and process of firmware and software upgrades. Hopefully this will lead to some research into possible android “Malware” which I am sure will become a factor over the next year or 2.

So to my new white Google phone I say
“What Up G?!”
image

ACISS Reviewed

Posted: 2008/12/09 in Uncategorized

In keeping with the theme of last week and reviewing proprietary government systems. Today we will take a quick glance at ACISS (Augmented Criminal Investigation Support System). It’s names like this that let you really appreciate acronyms, but just as the name suggests this is a tool used by law enforcement to help manage the electronic data collected during criminal investigations.

As per their website:

ACISS integrates all types of investigative information such as addresses, vehicles, subjects, telephones, financial information, and physical evidence in a security conscious, friendly web based environment. ACISS not only automates the electronic organization of the entire investigation, but also enables users to identify links within a case or between multiple cases that would not otherwise have been realized. ACISS guides and documents the entire investigative process from a tip or lead to case closure and is fully 28CFR Part 23 compliant.

While the software seems to be able to manage multiple facets of an investigation the component that interests me the most (and the only module I have been able to play with yet). Is the telephonic investigation module. This module has integration with Neustar, and ChoicePoint’s Phonelink service.

This allows for very detailed reports that can include cell tower information. Mapping of mobile communications thru the tower usage, and extensive details on incoming and outgoing calls placed to target under investigation.

While this software is not freely available to the open public maybe some crafty torrent, IRC searches or just the good ole buddy network can help get you a copy.

About Neustar:
NeuStar acts as the clearinghouse of the telecommunications industry and has over 700 million telephone numbers which it manages between the Number Portability Administration Center, Number Pooling Administration and its North American Numbering Plan Administration duties.

About Choicepoint Phonelink
ChoicePoint’s PhoneLink batch service provides telephone subscriber information, which is acquired through multiple sources including real-time phone gateways, White and Yellow pages, self-reported credit header data and reverse phone number logic.

So with the rising costs of fuel affecting various shipping industries. The viability of a strong rail system is more valuable than ever. Today we will review one of the tracking mechanisms used by this our rail system called RailNet AEI (Automatic Equipment ID).

From the Company Website:

“SAIC’s RailNet® Automatic Equipment Identification (AEI) reader system identifies rail equipment by reading electronically coded radio frequency identification (RFID) tags mounted to locomotives, railcars, trailers, end-of-train units and intermodal containers”

In its simplest form this system uses RFID tags mounted on rail cars and RFID stations that pick up and forward this information to the rail systems NOC.

AEI RFIDTag

AEI RFIDTag

Since it is possible to actually purchase some of these devices directly from the manufacturer I hope to be able to dig up more details info on the specs of these devices. Specifically the types of encryption used and any reverse engineering done on the software itself.  They may also offer some type of developmental kit for plugins as they hint on their website.

In combination with the new Next Generation AEI Version 5.0 software, SAIC’s RailNet product becomes a platform upon which new applications can be rapidly prototyped and deployed.

This seems like an interesting topic and we will revisit this soon stay tuned..

It should also be noted that a recent security breach by the developer itself could also play a role in the overall security of these rail system devices.

“We the People of the United States, in Order to form a more perfect Union of food, establish this Feast, and promote the general practice of eating mass quantities and reflecting.”

From SecurityPimp.net.. Happy Thanksgiving!

Pilgrims.. the OG Pimps

Pilgrims.. the OG Pimps

Scene of the Crime!

Posted: 2008/11/26 in Uncategorized

image
Posted from Droid:C4P0

“Jack found some anomalies in which machines would stop working in some very specific circumstances while being scanned,” Lee told CNET News. One of the behaviors experienced was packet loss where the packets just kept trying, and trying, and trying, creating, more or less, a denial of service (DoS) on that machine.”

More Info…

Forget trying to find evidence that there used to be water on Mars. Scientists from NASA said today that its instruments on the Red Planet have detected falling snow.

More Info…