hacking Archives - The Travelin' Librarian

Jun

2014

June 20th, 2014 by Michael Sauers

The beauty of hackers, says cybersecurity expert Keren Elazari, is that they force us to evolve and improve. Yes, some hackers are bad guys, but many are working to fight government corruption and advocate for our rights. By exposing vulnerabilities, they push the Internet to become stronger and healthier, wielding their power to create a better world.

Published on Jun 10, 2014

Posted in Internet, video Tagged with: hackers, hacking, TED

Nov

2013

November 13th, 2013 by Michael Sauers

The folks at LastPass have a simple way to search the database of hacked passwords (and password hints) released by the recent Adobe hack. Please check, and change accordingly. (Mine was and I did.)

Posted in Internet Tagged with: adobe, hacking, lastpass, passwords, security

Aug

2013

August 30th, 2013 by Michael Sauers

A film about the world’s largest hacking convention and its 20th year running. Filmed over the summer of 2012 and containing hundreds of hours of interviews, parties, presentations and spectacle. Over 280 hours of footage was recorded in support of the documentary, and five separate camera crews were in action.

Directed by Jason Scott with camerawork by Eddie Codel, Alex Buie, Drew Wallner, Rick Dakan, Steve Fish, Kyle Way and Rachel Lovinger.
Produced by Jeff Moss and Russ Rogers.

(This was a bit too racy at times to post on the office blog, so I’m posting it here instead.)

Posted in Tech, video Tagged with: defcon, hackers, hacking

Jun

2013

June 10th, 2013 by Michael Sauers

If you have ever felt overwhelmed by the ubiquity of McDonald’s, this stat may make your day: There are more public libraries (about 17,000) in America than outposts of the burger mega-chain (about 14,000). The same is true of Starbucks (about 11,000 coffee shops nationally).

“There’s always that joke that there’s a Starbucks on every corner,” says Justin Grimes, a statistician with the Institute of Museum and Library Services in Washington. “But when you really think about it, there’s a public library wherever you go, whether it’s in New York City or some place in rural Montana. Very few communities are not touched by a public library.”

In fact, libraries serve 96.4 percent of the U.S. population, a reach any fast-food franchise can only dream of. On a map, that vast geography looks like this:

Grimes built that map this past weekend during the National Day of Civic Hacking, using the agency’s database of public libraries. Each of those dots refers to an individual branch library (and a few bookmobiles), out of a total of 9,000 public library systems.

Read the full article and view the interactive maps @ TheAtlanticCities.com. (Thanks dad!)

Posted in Libraries Tagged with: data visualization, google, hacking, libraries, map

Apr

2011

April 9th, 2011 by Michael Sauers

Back on March 7th I received the nook color that I’d purchased from Barnes & Noble via eBay. Why eBay? Well, there was this $50-off coupon and it was from Barnes & Noble’s eBay account so the total price was a mere $200. Considering I had no intention of keeping it as just an eReader this was finally a deal on such a device I couldn’t pass up.

Knowing that I had several co-workers that wanted to see how the nook color worked, I charged it overnight and brought it into the office the next morning for a little show & tell. We played the video that demonstrated its features and I registered the device using my B&N.com account. Overall everyone seemed impressed with its functionality as an eReader. Once the show & tell was over, it was off to the fun stuff.

First I updated firmware to version 1.1.0. This was important so as to make sure I had the latest version of the nook software and the underlying android operating. I then proceeded the root the nook using Auto-Nooter. This involved downloading an .iso file and writing it to a microSD card making the card bootable. I then inserted the card into the nook and booted up. Within just a minute or two my nook was rooted and I started installing apps.

So, what do I now actually have as a result of this process. First, I still have all of the built-in nook color software. So, if you have any experience with an un-rooted standard nook color, mine works just the same. However, due to my having rooted the nook I now also have full access to the Android Market and can install pretty much any app I want, including the ebook apps from most other vendors. (I could have gone on to completely install a different version of Android but I stopped here so as to keep the built in nook functionality of the device.)

Overall I’ve been completely happy with the nook color as an android tablet. Suddenly, my Droid feels really small, especially when playing games like Angry Birds. But there are some issues:

There are some built-in “downsides” such as the fact that it’s WiFi only, there’s no camera , and it’s an earlier version of Android. Which one is not completely clear but it’s definitely not Gingerbread and probably not Froyo. (Best guess is that it’s Eclair.)

Probably due to the fact that it’s an older version of Android there are certain apps that just won’t work. Those that I’ve found are the Borders & Kobo reader apps (a well known issue), the Remember the Milk won’t sync (though I sort of solved with ToDo Today but that only shows today’s and overdue tasks), SplashID, my password storage program won’t sync with my desktop computer and the remote access app PhoneMyPC won’t connect to my desktop. These aren’t insurmountable problems. In each case, these apps work on my phone and the chances of me having my nook but not my phone are pretty much nill

There’s also a particular quirk that took me a while to solve. Android pretty much assumes that your device will have a few hardware buttons, mainly back and home. Trouble is, the nook only has one button “n” and that always takes you to the nook eReader home screen. This generally isn’t a problem by every once in a while with certain apps (such as viewing a photo via Dropbox) you end up in an alley where the only way out (a hardware back button) doesn’t exist. It turns out that part of the rooting process installs the SoftKeys app which, when run, adds an on-screen button that gives you on-screen hardware-eqsue buttons. Unfortuantely there’s no way that I know of to get SoftKeys to run at boot but I don’t need it all that often. When I do I just head back home, run SoftKeys, then get myself back to the app that has me stuck.

So, how is is the nook color as an eReader? Well, I must say that I’m impressed. The backlit LCD screen is sized around a trade paperback and looks generally butter than eInk in my experience. The screen does have a glare and it’s a bit heavier than I’d like but it gets the job done. I can easily sideload non B&N content via direct drag & drop in the desktop OS or via Calibre yet sometimes sideloaded covers aren’t displayed. The only other annoyances are that there’s no social sharing unless it’s a B&N purchased book and samples downloaded from B&N are only removable via the B&N site. Again, just minor annoyances to me.

As to battery life, it’s been lasting me a good two-three days under moderate use.

Ultimately, I think it’s the best Android tablet out there without spending at least double the price. And this even this article from WSJ.com agrees with me: ROI: The $200 Tablet Computer.

If there’s something else you’d like to know that I missed, feel free to leave a comment and I’ll do my best to answer your questions.

Posted in 1 Tagged with: ebooks, hacking, nook

Apr

2008

April 25th, 2008 by Michael Sauers

Dr. Thomas J. Holt, University of North Carolina, Charlotte

digital crime markets

problem is increasing
also becoming more complex

criminological research

little research has been done
few studies have explored malware and hacker community in their own words

online resources

blogs
forums
this study focuses on Russia & China
not using their real handles

data & methods

qualitative analysis

identify 2 via snowball samples
qualitative analyses of open source materials online

linguists involved

RUSH

malware writer and hacker in Moscow
skilled individual
possible emotional problems

close associate of RUSH
skilled hacker

CS major at a Moscow university
may have minor health issues
loves his cat

Black Hat Gang

both RUSH and RUN belong
no stated political or financial agenda
provide a justification for their activities

rush & ru seem to have dif levels of productivity

have worked together

SAINT

Chinese national in Jinzhou
does not specify his motives but gives Chinese perspective
actions are somewhat contrary to his words
young student but doesn’t enjoy school
likes girls & posts comments about love & relationships

SNAKE

associate of SAINT
difficult to gage his skill level
may be a script kiddie
is a student
may also have emotional issues though no specific reasons given

Hack Crew

SNAKE & SAINT are members
covert security technology group
criteria for membership
roles listed for members

SNAKE is a cracker
SAINT is a hacker/cracker

not clear how skilled group is as a whole

Discussion

all extremely interested in tech
variation in skill levels
justify what they do as education
some evidence of depression & substance abuse
variation in information provided
public & private resources needed to get mroe info
further research needed

Tagged with: hacking, iciw2008

Apr

2008

April 25th, 2008 by Michael Sauers

Jamison Scheeres, Air Force Institute of Technology

what is social engineering

techniques to manipulate people

also shoulder surfing
also dumpster diving
trick someone into doing something

huge threat in today’s environment
red teams say SE is 100% effective
current defensive techniques are not effective
research

successful SEs are not caught
classification issues
ethical issues in deceiving subjects

psychological triggers

authority
reciprocation
strong affect (phishing)
overloading (buffer overflow for humans)
deceptive relationships
integrity/consistency

principles of persuasion

authority
consistency
liking
reciprocity
scarcity
social proof

resistance to persuasion

inoculation theory
self-efficacy
forewarning

“dispelling the illusion of invulnerability” (2002, Sagarin)
methodology

compared psych triggers to principles of persuasion
determine relationship between illegitimate persuasion & social engineering

military vulnerable to authority due to strict hierarchy of authority
conclusions

strong relationship between principles and triggers
illegitimate persuasion = social engineering

been trying to install resistance in the wrong way
solution is to demo to the individual they are personally vulnerable
security people must social engineer their people

future research

develope measurement
compare/validate various means of resistance training

Tagged with: hacking, iciw2008

Sep

2007

September 10th, 2007 by Michael Sauers

Jeff Atwood over at Coding Horror has posted about something called Rainbow Tables. Now, I don’t want to turn this blog into a discussion of encryption so let me boil it down for you.

Windows passwords are stored in an encrypted format known as “hashes”. When you enter your password, Windows encrypts it for you and compares it to the stored hashed version. If it matches, you’re let in. If it doesn’t you’re not. There’s no way to decrypt the hashed version of your password in any reasonable amount of time, if at all, and is therefore considered a secure method of storage.

The problem now is that you can get a database of pre-hashed content. Known as rainbow tables, these are basically a table with just two columns, first column, a word (or other combination of letters) and in the second, the matching hash. Now, if you have a hash, you can look it up in the table and see what the original password is. In other words, it’s not decrypting the hash, its hashing all possible passwords in advance.

This is such a simple hack. So, why is it coming to light now. Well, the problem is large-scale portable storage. In the past, tables such as these were considered to big to bring to the computer you’re trying to hack. But these days, a 1GB flash drive would allow you to carry a rainbow table that covered all conceivable passwords between one an 14 characters in length, containing just English letters. Here’s Jeff’s chart showing example storage requirements:

If you’re suddenly not worried about a Rainbow Table measuring 64BG I’ve got a 500GB portable USB hard drive I’d like to show you.

Here’s the bottom line, in Jeff’s example, the password “Fgpyyih804423” (one that’s probably a hell of a lot stronger than any password you use) was broken in just 160 seconds using a rainbow table.

Tagged with: encryption, hacking, passwords, security

May

2007

May 9th, 2007 by Michael Sauers

Dude takes the SAT and answers every question incorrectly, on purpose. What a way to hack the system.

Tagged with: hacking

Search

Archives

Visitors

License