Veröffentlicht am

23C3 - The Beginning

Die Faszination im IT-Bereich liegt mitunter darin das es quasi jeden Tag etwas komplett Neues zu entdecken gibt. Diesem Leitsatz folgend gab es gleich am ersten Tag des 23C3 eine geballte Ladung an neuen Themen.

Im ersten Vortrag von Rechtsanwalt Peter Voigt ging es um die Neufassung des deutschen Strafrechtsparagraphen 202c. Der Vortag war insofern interessant als das bereits bekannte Fakten nochmals für den rechtlichen Laien aufbereitet dargestellt wurden. Die Einführung dieser Änderung wird jedenfalls erhebliche negative Auswirkungen auf die Arbeit im IT-Security Bereich haben.

Sputnik RFID
The picture above shows the active RFID tag of the CCC Sputnik Project. The Sputnik project
is an self made location tracking system. The tag consists of an micro-controller and an NRF24L01 RF-IC. The location tracking is based on transmitting the tag ID with 5 different power levels and software based correlation of several readers.

In the next talk "Fudging with Firmware" the speaker mainly focused on how to get started with an firmware image file - like you get it from your DSL-Router vendor.His tool UWfirmforce looks really interesting:

[frank@t01 UWfirmforce-0.0.1]$ wget http://www.uberwall.org/releases/UWfirmforce-0.0.1.tar.gz
[frank@t01 UWfirmforce-0.0.1]$ tar -xzvf UWfirmforce-0.0.1.tar.gz
[frank@t01 UWfirmforce-0.0.1]$ cd UWfirmforce-0.0.1
[frank@t01 UWfirmforce-0.0.1]$ make
make[1]: Entering directory `/tmp/UWfirmforce-0.0.1/plugins'
cc -W -fPIC -Wall -g -O2 -c ar.c

...

cc -o UWfirmforce UWfirmforce.o plugin.o  
UWfirmforce.o: In function `UWfirmforce_dlerror':
/tmp/UWfirmforce-0.0.1/UWfirmforce.c:298: undefined reference to `dlerror'
collect2: ld returned 1 exit status
make: *** [UWfirmforce] Error 1
[frank@t01 UWfirmforce-0.0.1]$ cc -o UWfirmforce UWfirmforce.o plugin.o -ldl
[frank@t01 UWfirmforce-0.0.1]$ ./UWfirmforce -v wgt634u_1_4_1_10.img | less

Analyzing file: wgt634u_1_4_1_10.img
Matching GZIP signature #0 at offset 26788
compression deflate, flags FNAME, 06/04/2005 07:27:46, OS Unix
Score: 100%

Matching CPIO signature #1 at offset 90769
binary big-endian, uid 21197, gid 19184, 16/06/1952 00:54:47
Score: 0%

...

The talk "Java wird Groovy" was even more interesting. It was an short but quite good introduction to Groovy. The final talk of the day about the OpenXPKI project made references to the tools sscep and CertNanny which you should definitely checkout if you have to deal with SSL certificates.

Like yesterday my stack of talks for tomorrow:

Veröffentlicht am

23C3 - The Arrival

23C3 Berlin Central Station

Ich bin gerade mit dem Zug in Berlin angekommen um - wie jedes Jahr ;-) - am Kongress des CCC teilzunehmen. Ein ganz besonderer Gruß geht an dieser Stelle an meine Freundin Kerstin, die leider aus beruflichen Gründen nicht mit nach Berlin kommen konnte.

Hier schon mal mein "Vortrags-Stack" für den ersten Tag:

Veröffentlicht am

22C3 is coming up

Wow, the end of 2005 is coming, so - same procedure as every year :-D
In my case that will be the 22nd Chaos Communication Congress. Just finished booking the train ticket and hotel.

22C3 Logo

The line-up of interesting talks is quite overwhelming this year. There are a lot of talks about buffer overflows and related topics - I am very curious about new approaches and developments concerning that craftwork...

The degree of collateral damage for this years congress will also be very amusing :-D. Last year we got a mass defacement for over 18.000 websites. Well nothing spectacular, but it hit the news and makes up the reputation...

If you are interested in digital life and/or computer security you may want to check out the 22C3 webblog or the schedule.

You also attend the 22C3? If you like get in touch with me... I am always happy to meet new and interesting people.

Veröffentlicht am

Having Fun with Bugs

Ups :-)
It is a little bit embarrassing, but software bugs can also happen to me. Bugs in web applications can lead to something like that showing up in search engine results:

error message in search engine

That error message was caused by an flaw on how I handled the
input from the HTTP Accept-Language line, if it was missing my code run into the above error.

So, that example proves one thing - it is very hard to review and audit your own code for flaws and security holes.

Veröffentlicht am

21C3 Video Recordings

Wow, it finally happend - the video recordings from the 21th Chaos Communication Congress are in the Torrent! Just have an look at the offical BitTorrent tracker.

Well I have my own list of favorite talks:

  • 013 The Art of Fingerprinting
  • 019 Verdeckte Netzwerkanalyse
  • 057 SUN Bloody Daft Solaris Mechanisms
  • 070 Fnord-Jahresrueckblick
  • 074 Hacker-Jeopardy
  • 097 Das Literarische Code-Quartett
  • 105 Honeypot Forensics
  • 109 Anti-Honeypot Technology
  • 123 Gentoo Hardened
  • 146 Mehr Sicherheit fuer HostAP-WLANs
  • 176 Passive covert channels in the Linux kernel
  • 308 MD5 To Be Considered Harmful Someday

To play the videos I had to make some small adjustments to mplayer. The AVI-Files use H.264 as videocodec and AAC (MPEG4) ID 0x706D as audiocodec. To get the audio I had to register libfaad2 for the ID 0x706D to hear the audio within mplayer. But that was all I had to do.