Thoughts of a Cyber-LOONATic

I've fallen victim to the tablet PC craze and recently acquired a Sansui LifePad (ETAB) 700.
In all honesty, it wasn't completely my fault. I just happened to be casually browsing an Incredible Connection store that happened to be giving the on-sale device away for a measly R999.
Like my previous Acer Aspire One netbook, I categorised the tablet as one of my impulsive purchases of throw-away hardware. "Throw-away" in the sense that I'm willing to give the technology a bash/try, but am not prepared to part with an insane amount of money (for something that I am unsure if I'll ever use much).

Specifications:

• ARM1176 720Mhz
• 256MB DDR II RAM
• 7" WVGA LCD (800x480)
• 802.11 b/g wireless
• Android 2.3.3
• 4GB Internal Flash (but only 3.1GB available for use)
• microSD card slot
• Mini HDMI (type C)
• Front-facing 0.3MP camera
• Built-in microphone and stereo speakers
• USB 2.0

At the time of writing, online information for the Sansui LifePad device was extremely limited with Google results only leading to websites that used silly SEO tricks to get traffic for free.

My assumption that Sansui was simply rebranding another company's device turned out to be correct when I stumbled across the Coby Kyros MID7125. Hardware-wise, the MID7125 has a slightly faster CPU (1Ghz). In terms of looks however, the two devices are identical.

It's interesting that the LifePad identifies itself as a model MID7120 - a model that, at time of writing, does not exist within the Coby catalogue.

As you'd expect of me, my pet project will be pimping this tablet up. The first order of business being to theme-up and make the LifePad's interface look a bit seksier!

Many tech-savvy geeks over-engineer the simplest of solutions, solely for extensibility.
Moreover, security-minded geeks tend to be unusually paranoid and enforce (sometimes complex) security practices accordingly.
Neither of these should be seen as faults, but rather as unique traits that us (as geeks) often share.

Bitcoin, the first P2P crypto-currency, has gained much popularity in recent months with its value reaching a peak of over $30 on one of its supporting money exchanges.
Being supported mostly by geeks, it's not surprising that a number of e-businesses and services have been established to support the virtual currency.
As expected, there have already been a number of breaches by malicious users seeking some Bitcoin booty.
Although the cryptography behind Bitcoin is interesting, I find the behavior of the Bitcoin community more fascinating.
This is especially concerning security and privacy matters.

As a penetration tester, I regularly assess applications/infrastructure with direct contact to real-life currency e.g. online personal/business banking solutions.
Furthermore, having also worked on (fraud) forensic investigations, I have a good understanding of the average banking client.
With this in mind and after comparing the attitudes of my other non-security-aware geek friends, I find it truly inspiring the manner in which most Bitcoin community members have a burning desire to ensure that their (Bitcoin) wallets are kept safe from theft.

The forums showcase some of the proposed ideas that, while not always practical or effective, illustrate how far a member would go to ensure that earnings are not stolen. Below are a few threads, in no particular order, that I found interesting:

• Bitcoin Stock Exchange Security Standards (... it's like the start of a Bitcoin PCI-type standard)
• Swapping Wallets for Increased Anonymity
• Secret keys could be memorizable
• How I manage and protect my wallets
• HOWTO: have a safe BTC storage w/o - encryption, backups, or a clean computer!
• Idea for a hardware-based Bitcoin savings account (... my favourite)

Whether (or not) Bitcoin will succeed in the long run is questionable.
But in a world where the top 10 hacks resemble the previous year's list, I have found a sparkle of hope to believe that the next generation of internet users just might be smart (or determined) enough to eradicate the age-old vulnerabilities that plague applications/infrastructure today.

[side note: The hacker/cracker arms race will never end as new vulnerabilities will always be discovered, but I can at least hope that some of the older vulnerabilities will eventually become extinct.]

Update: After many years away from RPMs, I still cannot stand them and have uninstalled OpenSUSE. Also, Unity-2D is available through the base repositories. While this is closer to the 10. Unity than the 11. Unity, it's fine. I'm still sticking to KDE4 on the netbook though, but using Kubuntu instead.

Since the arrival of the resource-crazed Unity 3D interface with 10.10, I knew my poor little Acer Aspire A110L netbook would never again taste the pleasure of another Ubuntu Linux installation ... even though I did still have two options:

1. Install Ubuntu 10.04 Remix again
2. Install Unity 2D

Although I enjoyed 10.04 remix, I wanted something new. Regarding Unity 2D, I'm surprised that it was not included by default with the Ubuntu releases and was not prepared to install it ... even though it is a dead-simple process.

So, I decided to go look for some excitement in the form of KDE 4 and old-school RPM dependency-hell.
You just wait until old-school makes it return again... hopefully

Prior to my current liking for Gnome, I went through a very long (flux|black)box phase where I also enjoyed other minimalistic environments.
I believe the last KDE that I may have installed on any of my own boxen could very well be roughly version 1.1.2

However, I really wanted to check out KDE 4 and specifically their KDE Plasma Netbook workspace. Having heard a lot of good comments regarding OpenSUSE and KDE4, I decided (against my better judgement) to go along and download the DVD.

Coming from a slackware/gentoo/ubuntu background, it is and will always be my view that RPM distributions are mostly bloatware. Sorry.

For some reason though, I stuck with my decision of OpenSUSE and after completing the installation, I found the default KDE4 environment pretty comfortable on the netbook (although a bit slow).

I knew I had to enable the Plasma Netbook Workspace but unfortunately had no idea how to do so. Googling for an answer brought up numerous short+vague responses that lead me to sections/pages/components that didn't seem to exist. I can only assume that either OpenSUSE has renamed their menu items, or OpenSUSE 11.4 comes with a newer KDE4 with menu items that differ to the answers found during Googling.

This blog entry is dedicated specifically to anyone whose installed OpenSUSE 11.4 and wants to enable the KDE Plasma Netbook workspace ... without getting frustrated!

Assuming you are using the default application-style launcher menu:

1. Click on the Applications tab at the bottom
2. Scroll down and click on Configure Desktop
3. Look under the Workspace Appearance and Behaviour section and click on Workspace Behaviour
4. Click on the Workspace option within the scroll window on the left
5. Finally, change the Workspace Type from Desktop to Netbook

To be honest, I'm flabbergasted that OpenSUSE runs like a dream on my netbook without any performance hits. Maybe I'll post another update sometime, but for now, I'm going back to fiddle on the netbook that was given a breath of fresh air

[side note: No RPM dependency hell yet, nor any other issues]

Without a doubt, kiosk hacking assessments have the simplest objective... Gain command execution!

During one of my engagements, I was provided with locked-down desktop that had most/all functionality disabled.
The user account, of course, was unprivileged.

The system administrators blacklisted cmd.exe (Command Prompt) but did not prevent the use of batch scripts.
So although I was unable to work within a command prompt session, I could still run batch scripts to execute commands.

[side note: When locking-down, always opt for whitelisting applications rather than blacklisting]

Instead of constantly modifying-and-running batch scripts, I threw together some quick+dirty batch-fu to mimic a command prompt:

@echo off
:getcmd
set /P CMDIN=Cmd: %=%
%CMDIN%
goto getcmd

I'm sure it's been done before, but I'm positive that writing the above script was faster than google'ing for an existing implementation.
For brownie points, which application / tool does the "Cmd:" prompt most resemble?

It disgusts me whenever I think about the manner in which Geohot is be prosecuted by Sony.
Unfortunately, there are number of journalists (with absolutely no concept of vulnerability research or security for that matter) determined to portray George as a criminal that hacked the PS3 only so that pirated games could be played on the games console.
This is no doubt because either these "journalists" (and/or the organisations that they represent) are laying in bed with Sony, or there will be negative impact if they sided with George.

But let me drop some knowledge on the matter...

After experiencing each of the major printer brands, I quite like HP for their quality and reliability.
A short while back, I was on the prowl for a new printer and happened to come across a couple of wireless printers.
Being a geek, I immediately knew this was some tech that I definitely needed in my life...

While Nokia had always been a popular brand, there was always that "little something" that kept me away from their products.
The D500 had done well to protect me from myself, but this was only accomplished by restricting everything I did.

There use to be some really wierd restrictions that the D500 imposed upon me.
If I remember correctly, I attempted to use the D500's file storage as a USB flash drive to transfer files from one pc to the other... however, I soon realised that the D500 firmware was preventing me from storing executable files (*.exe) on its file storage.
Furthermore, I'm sure that the phone actively checked to ensure that uploaded image files were in fact valid.
While the D500 effectively followed the golden rule of "Never trust user-supplied data", I must admit that I wasn't expecting it. Not at least from Samsung.

These wierd restrictions as well as the missing MIDP libraries made me realise that I needed a phone that ran an operating system which understood the word "extendible".
Hating Windows Mobile with a passion, I was left with the (then closed-source) symbian range of phones.

(and just then, she walked into my life)

Nokia E51 @ GSMArena.com

Nokia E51
Finally, a phone that had complete MIDP libraries!
The E51 was a mix of business and pleasure... all rolled up into a single neat little package.
In addition to all the functionality I had on my D500, I now had wifi!

Truth be told, I always wanted wifi on my phone so that I wouldn't have to pull out my laptop in order to break into a wireless network.
My dream came true while at a client who informed me that they have "absolutely no wireless infrastructure".
I whipped out my E51 and did a quick scan.
Unfortunately for the client, their wireless printer provided me with instant access to their internal network.
#FAIL



Symbian gave me much joy not only in terms of application development, but also as a solid platform to perform application assessments on phone applications.
Like the D500, this little treasure served me for roughly three years.
My primary breaking point was reached when @singe asked me if I could SSH into my phone, just like he could with his new iPhone.

While I was unsure if there existed a SSH server for symbian, I already knew that a shell on a symbian phone would be utterly pointless for the most part... simply because it isn't unix!

This lightbulb moment helped me realise what I needed in life... besides sleep of course!

Like many of my other possessions, I have always tried my best to preserve my mobile phones in proper condition ... at very least until I am willing to replace them.
As such, it's not surprising to me when I look back and recall how each of my phones had lasted me a good few years of service.

(and so starts my recollection of past phones, as I explain my way to my latest purchase)

Samsung D500 @ GSMArena.com

Samsung D500
The D500 was my first phone that was bought with the intention of "doing great things".
Back in the days, the D500 was known for its extensive list of features and functionality.
I remember clearly how I was exhilarated by the thought of 96MB of shared memory.
Although it lacked wifi, the D500 still came with bluetooth (v1.1) and infrared.
Samsung, known for their quality cameras, left D500 competitors in the dust by shipping the D500 with a 1.3MP camera! drool
Finally, the D500 supported MIDP 2.0 ... which ultimately convinced me that this was my (cellular) destiny.





Like in any relationship, there were a few ups-and-downs:

• The MIDP 2.0 implementation was half-baked and seemed to miss some crucial libraries required to do cool things
• I think I managed to find almost every GUI-related bug in the D500 which caused it to reboot (I also enjoyed the way the D500 would reboot and bypass the SIM PIN-entry screen, such that it would appear as if nothing had occured)
• I had to search for the D500E firmware (released in another country) in order to flash my phone and be able to achieve EDGE speeds. While the speed improvement was not really noticeable, the functionality should have been included in the default firmware on my phone

All in all, the D500 did seem to be virtually bullet-proof since it had survived numerous incidents where other phones would probably snap into pieces.
The durable D500 lasted 3 years before I let her free to continue her journey with someone else.

FOSS = Free and Open Source Software.

Casually reading through my usual list of news websites, I stumbled across a link which led me to a recent post about Notepad++'s new website. It turns out that Notepad++ has moved hosting of their site due to SourceForge compiling with US law to deny access for some countries.

[side note: SourceForge's filtering started sometime in January. Clearly, I was enjoying my vacation a bit too much to notice anything.]

As many of you would agree, all this reminds a person of the Cryptography Export Regulations which the US introduced some time ago.

Many feel that affected users should simply use TOR to conceal their location, while concerned project maintainers should use an alternative service provider for hosting. I believe that if we are a community determined to support FOSS, then such work-arounds are simply not sufficient nor is such a mind-set. It is not possible for a project to "OPEN" to all, if it is hosted on a provider like SourceForge and unavailable to certain countries.

[another side note: Although I understand that SourceForge are not entirely to blame as they were adhering to laws imposed upon them, I still believe there must have been some loophole in the legislation which could have been exploited.]

When confronted with cryptography export laws, Phil Zimmermann utilised a legislation-loophole which allowed printed copies of the PGP source to be distributed globally. (See under PGP 5.0)

Whether some creative thinking will overcome such laws and regulations is not yet apparent. However, a solution needs to be found as an increasing number of countries wish to impose restrictions against their rivals and opponents.

At this rate, it seems like we may require the creation of a darknet specifically for the hosting of FOSS products.

With rare exceptions, source code is never released for proprietry software applications. This is primarily in an attempt to prevent other developers from cloning the application (and its functionality), as well as to protect the security of the application (security through obscurity).

The legitimacy of these (and other) reasons is besides the point. The fact remains that in order to implement additional functionality (e.g. add a new shortcut button), extensive research must be performed to understand the application's inner workings. Additionally, the new functionality needs to be implemented such that it does not affect existing functionality.

What all applications have in common however, is that they all rely on existing APIs to display themselves to the user. Using this commonality, two geeks have created and demonstrated what they refer to as a pixel-based reverse engineering package, Prefab.

After interpreting the display, Prefab can identify the various window components as well as interact with them. Logically, this enables a developer to create a layer, between the propriety application and the final pixel display, which can be used for all interface alterations and additions.

Although the demonstrations do seem to work fine, I'd be interested to see how badly Prefab logic is affected when a creative / unique themes are applied to the user interface. It goes without saying that this technique can only be used for additions / alterations to an application, and not to retrieve the source code for the targeted application.