Latest Entries »

FPGA Workshop at Ada’s books

Pico Computing E101

If you are in the Seattle area and you ever wanted to learn how FPGAs work or how to actually get started with putting them to a legitimate use, Dave Hulton, of Toorcon fame has been putting on a monthly workshop at Ada’s Technical Books where he teaches a handful of people the basics.  That being said, FPGAs are not exactly basic.  I recently attended his workshop in February because I had an interest in learning what makes them tick.  I ended up getting more information than I even bargained for.

The morning talk starts out with more basic overview type of stuff like “What an FPGA is” and”What tools you’ll need to work with them”.  After a bit of talking though, it was time to dig in and write some code.  Let me stop right here and say that having at least a basic understanding of C and maybe a couple other languages would be a big plus here.  That being said, you’ll also need to forget a few things that you know.  For instance, instead of thinking in terms of variables and functions, you need to be thinking in terms of registers, wires and logic blocks(low level predefined logic functions).  Under Dave’s instruction, you’ll learn how to communicate with the device over your USB port and also how to run the device in a more standalone mode.  Dave is a great instructor and explains the process very well.

Heading into the afternoon, we started to get our hands dirty and really digging into the Verilog code.  I had a great time learning how to manipulate the hardware I/O channels on the device and making the LED’s flash in sequence.  After doing a couple of variations on this, my caffeine level dropped to a dangerous low unfortunately as we moved into implementing an encryption and decryption algorithm.  I started out getting it but it was just a bit too much for me after a certain point.  Luckily I ended up sitting next to a super sharp dude who writes BIOSes for Intel for a living and he didn’t bring a laptop so we pooled our resources for most of the day.  Regardless, even though the encryption and decryption was above my head, I still got good value out of trying to port C code over to run nativley on an FPGA.

My original goal for signing up for the class was to gain a deeper knowledge of FPGA’s, how they work, why they are so good at these encryption tasks and playing with something that would otherwise have too steep of a learning curve without vast amounts of front end effort.  All in all, it was $60 WELL spent.

On top of having the workshop, Ada’s is also hosting a monthly meet up for workshop alumni.   Contact Ada’s Technical Books for more details on this event.  I have taken the liberty of attaching the class description down below.  By the time you read this, the date will probably be past but judging on the success of these classes, I have a feeling they will keep offering them for the foreseeable future.

FPGA Workshop

March 12th, 2011: 10am-6pm

Another Intro to FPGA Design workshop! The workshop will be taught again by Ada’s
co-owner, David Hulton. David has over 10 years of experience in the computer security
industry and is most recently a co-founder of Pico Computing, a Seattle based FPGA
board manufacturer specializing in embedded and high performance computing applications.
David spends most of his time breaking cryptosystems using the massive amounts of
FPGAs he has access to at work and supporting Pico’s security-related customers.
David has presented at dozens of conferences around the world and has been featured
in numerous online and print articles (most recently mentioned on the cover of Forbes
Magazine May 2010). He spends his free time running ToorCon, a San Diego and Seattle
based computer security conference and helping his wonderful wife run Ada’s Technical
Books in Capitol Hill Seattle.
The workshop will be on March 12th from 10am-6pm with an hour break at 1pm for a
catered lunch. It will cover:

-An Introduction to FPGAs

-An Introduction to Verilog

-Writing a “Hello World” bus communication example

-Toggling/Capturing LEDs and GPIO

-Implementing a basic crypto algorithm in Verilog

The cost is $60 or $360 with a Pico E101…(links removed for clarity, contact Ada’s for more information)  Or, you can come into the store to purchase. Hurry though, there are only 7 spots available and last time they sold out in less than 24 hours!

CutePDF Professional woes

I just switched a friend over to the Macintosh platform.  Love it, hate it, I don’t really care.  😛  He’s been loving it in any event which is what matters.  There have been a few things that we’ve needed to tweak though to get all the same functionality of his old Windows XP system that is running some very archaic proprietary software.  I wish I could call out the developer of this particular package because it’s absolutely one of the worst coding disasters I have EVER seen.  This piece of garbage is a perfect example of what happens when a developer tries to reimplement the GUI from the ground up without using mature APIs/SDKs.  He thought he could do it better…

Stepping back off my soapbox, my friend’s work flow involved using this program to draw a wire frame type of drawing for purpose of design and bidding.  After that, he would print to PDF with CutePDFWriter and then use CutePDFPro to annotate the PDF and modify it in all of the ways that the software that generated the drawing could not.  Here is where the problem came in.  It was extremely baffling and annoying.

We are running Windows XP on his new Mac in a Parallels virtual machine.  This is great because he can patch his system, install all the necessary programs he needs and then freeze a snapshot of it so he can always roll back to a known good state.  Being the minimalist I am, I was trying to keep his new VM extremely clean so it would perform in tip top shape.  When it came time to replicate his old setup, we install the crappy custom CAD program, then we installed CutePDF Pro and CutePDF Writer.  Now when he would attempt to open a PDF in CutePDF Pro, there was a big problem.  The file would instantly bring up ANOTHER dialog that said “file download”.  It would have the options to open, save or cancel and pre-populated was a temp file sort of name with some letter and numbers.pdf.  If you hit save, it would save it where you specified and repeat that loop with a new temp file name with incremented numbers.  This went on and on and on.  I didn’t know what could possibly be wrong so I turned to tech support (last resort, right?)  CutePDF provides only email support so I sent in the request and forgot about it.   I came back to solve this problem 2 weeks later.  Apparently they did end up answering the email but he didn’t notice.

I screwed around with the problem for another couple hours and then finally was going to reinstall so I searched his email for CutePDF to find his product key and saw that they had answered our plea for support.  The solution was simple but completely baffling to me:

“Dear Sir, Please install Adobe Reader 9.0.  That will solve your problem”

WHAT?!?  Are you kidding me?  Of course I tried it and it worked like a charm.  Everything was flawless and back as it should be.  Why though?  This strikes me the same as if you purchased Apple’s answer to Microsoft Office, iWork but when you went to run it, it told you, “Please install Microsoft Office to continue this operation”.

I mean, am I wrong to think that some people use alternatives like CutePDF Writer and Foxit Editor perhaps because they hate Adobe with a passion or if not, perhaps because they may be lighter weight applications that use less system resources and may run better on older hardware?  Having your competitor’s product be a critical requirement for your application to function correctly seems to be a bizarre business choice for me.

I tried to Google around for solutions to this issue and I’m fairly shocked now that I found out what the problem is that more people don’t have the same complaint.  </rant>

InfoSec career day

If you are currently looking for a career in InfoSec or looking to move up, there have a been a few great podcast episodes recently worth checking out.

InfoSec Daily Podcast episode 315 was a fantastic open discussion tossing around the topic of certifications vs. degrees and everything in between.  Special guests Dave Kennedy and Adrian Crenshaw hashed it out with your regular hosts and everyone in the IRC.

Also worth noting is Securabit episode 71.  Those guys have been knocking it out of the park lately with some great shows.  This one in particular is good because it features head hunter, Lee Kushner giving some excellent perspective about personal development vs. continuing education.  He also brings up career planning stating that the guys who actually bother to plan out their career paths(15%) have much more success in life than everyone else(85%) who simply fly by the seat of their pants.

Lastly, InfoSec Daily had another career day special for episode 300 where they discussed what to do when you make the WRONG career switch.  Many of us have been there.  Left something good for greener pastures and wished we could go back.  Listen here for some helpful advice about not burning bridges and what not to do.

If you are attending higher ed or digesting a pile of certs, I hope you have a plan.  I hate to see people out there WASTING money on making the schools rich and if you don’t really know where you are going, that is exactly what you are doing.

The O’Reilly School of Technology recently started offering a 4-part Python certificate course.  I have just recently completed the first part of the course and wanted to share some of my impressions.  The course is ‘cloud-based’ and served to you over an RDP connection.  They provide you links to Mac OSX and Windows versions of the RDP client so either way you are covered.  When you log in, you are dumped into the Eclipse IDE environment and walked through how to navigate the environment and set it up for your use.  Love or hate Eclipse, you will be forced to use it through this course.  I personally did not like Eclipse too much before I signed up for this course.  Now that I’ve been using it a lot more I have decided it’s not so bad and I could probably grow to like it at some point.  The further into the course you get, the more you realize why they made the decision to use Eclipse.  Largely because it allows them to embed a web browser and they can run their other courses for Java, etc all off of Eclipse.  Anyhow, enough about Eclipse…

My first impression of the course was not really so good.  I kinda felt like I was just reading an abridged version of a $50 book.  But after completing a few lessons I can see the value in essentially being forced to apply what you learn in each lesson.  Is it worth the $300-$400($300 if you happen to catch it on sale)?  Well that depends on your specific needs.  If you want to go for the full certificate, you will spend $1200-$1600 because there are 4 separate courses you need to complete in order to obtain the cert.  On top of that, there is a $15 monthly lab fee for using the system where the course is hosted.  $1600 MIGHT be cheaper than your local university or perhaps your local university doesn’t even offer Python in the first place.  I know some folks that were recently enrolled in a prominent local university’s Python course and they ended up feeling it was a complete waste of their time.  Apparently the teacher kind of sucks.  That’s good money down the drain unfortunately…  Fortunately their employer is paying that bill.  The OST course is nice because you can just try one module of it and if you don’t like it, don’t go any further.  There is also a 7 day money back guarantee.  Keep in mind that if you have completed more than 40% of the course in that first 7 days, you will no longer be eligible for the money back guarantee.

For me, I’m in it for the knowledge.  I want to learn to be a better programmer and I think Python is a great language to help with that goal since it’s so deep and versatile yet simple enough to understand the fundamentals with a little bit of effort.  If your company will pay for you to obtain a Python cert with O’Reilly, I would say go for it.  No question.  If it’s your own money you are spending, I would suggest trying to go through a book such as Learning Python by Mark Lutz.  That is what I started with and I’m glad I did.  It allowed me to fly through the O’Reilly course and get more value for my money since the course was reinforcing and clarifying concepts that I had already come across in the book.  I wouldn’t mind having the Python certificate and learning the rest of the knowledge the course has to offer but I’m not so sure I want to spend another $900-$1200 to get to that point right now.

As far as specifics of the course, I felt that it started out with a slightly higher than beginner level.  If you’ve never programmed before and never even tried to play around with Python, you might get lost in place.  There is an instructor available via email but there is a lag if you are working on the course after business hours.  The course makes a couple assumptions about prerequisite knowledge.  My suggestion would be to at least skim a Python book even if you don’t punch in code out of the book as you read it.

I spent several weeks deciding whether I wanted to do this Python course.  I discussed it over with a few friends and what finally convinced me to just give it a shot was the words of one person in specific…. “Well, it can’t hurt any now can it?  It won’t make you any worse at Python, right?”  True enough.  In the end I definitely feel like I have a much deeper understanding of Python and I can now converse with other Pythonistas in a semi-coherent manner.  So for me, yes, it was worth the $300.  As an added bonus, you get a free ebook of one of their beginner Python books.  For me it was “Head First Python by Paul Barry” which incidentally is a fairly new release for them.  On top of that, I got a discount code for 40% off of any of their printed books.  That sweetens the deal if you are in the market for any of the O’Reilly books.

Bottom line is that I’m happy with my purchase and would do it again given the choice.  If you have completed this course yourself or are thinking about taking it, please feel free to post a comment down below.  I would be interested in some additional perspective.

Now I wish they could figure out how to do one for developing iPhone apps 😉

Hakko 936 solder station review

I have been asked by a LOT of folks which soldering iron I recommend.  To give a little background, I used repair CRT monitors for a living back when A) a monitor was cheaper to repair than replace  B) crt monitors were still in style.  Sure it’s been a while but over the years I’ve used different irons.  At that particular job, I used a Weller solder station.  It wasn’t terrible but I can’t say it was overly impressive either.  It was cheap ($60) and it got the job done.  After that job, I didn’t buy my own solder station for years.  Instead I bought cheapo irons from Radio Shack like it was going out of style.  They used to be about $3 when I started buying them and now they are up to about $9.  These irons sort of got the job done over the years but they had problems.  I’ll just list off some of the top disadvantages that come to mind:

  1. They take forever to warm up to the proper temperature.
  2. They are unregulated so the temperature can be wildly inconsistent.
  3. The metals in the iron and tip are cheap and dissimilar.  After a while the tip will loosen and it will be impossible to properly tighten it.
  4. The plating on the tip seems to be prone to gumming up and eventually becomes impossible to clean.
  5. If you drop the iron on the cord, it will burn through the insulation.
  6. They don’t come with a stand and I consider the ones they sell unsafe.

The main advantage, price, won me over all those years but I’ve rounded up my “collection” of these irons and it amounted to a large pile.  I buy them like screwdrivers and strategically lose them in places where I’d likely remember to look later…

More recently, I’ve finally started soldering surface mount components on a regular basis so I decided I needed something that was regulated at the very least.  Enter the Hakko 936.  The 936 is NOT expensive for a solder station.  In fact, you can get it on Amazon for around $85-$95 typically.  Compared to my old Weller, it feels like a Mercedes Benz of soldering stations if there ever were such a thing.  Instead of my typical conversational review, I will just explicitly list the advantages here:

  1. Heats up in 10-15 seconds.
  2. Indicator light lets you know it’s on.
  3. Temperature is regulated and it bounces back fast when pressed.
  4. Comes with a beefy stand with an integrated sponge to keep the tip clean.
  5. Burn proof wire from the iron to the base unit.
  6. ESD safe. (seems to be, I haven’t fried anything with it)
  7. Light weight iron feels well balanced in your hand.
  8. Tip stays clean for a long time.
  9. Chisel tip included with the iron is very versatile.(for my uses at least)
  10. Don’t need a 15w, 25w and a 40w solder iron to do different jobs.  This one does it all.

There are probably even more advantages that I’m not thinking of but this list is a good start.  Back when I started buying the crappy Radio Shack irons, I didn’t really know any better and soldering stations were still $150-$200 for a professional grade model.  Thanks to global economics, demand and competition though, there are several choices under $150.  Yes, there is also the Aoyue 936 for $50.  I have not used it or compared them side-by-side but I can tell you that the Hakko looks, feels and performs like a professional piece of equipment.  It does what I expect, when I expect it and overall has exceeded my expectations.

By the way, the Hakko(at least mine) is made in Japan if you were wondering.  In the past, when I’ve tried to cut corners by purchasing the knockoff tool, I’ve ended up with something that doesn’t last and is disappointing.  Anyone who has ever shopped at Harbor Freight knows what I mean.  I expect the 936 will be the last soldering station I will ever need.  Now a hot air pencil is a different story 😉  Beyond the 936 models, there is also the digital readout version of the Hakko solder station but it’s considerably more expensive for something that won’t make your soldering a damned bit better.

I keep my soldering station pegged at 700 degrees.  If you are soldering something more sensitive or more heavy duty, adjust as needed obviously but 700 degrees seems to work well for my purposes.  If you have concerns about this, consult the data sheet of the component you are trying to solder.  Also, Don’t buy this awesome solder station and use crap solder.  Grab a spool of Kester 44 Rosin Core Solder 60/40.  I have a roll that I’ve been using since 2001(it’s dated) and it works great.  The lead free solder is complete and utter garbage in my experience.  It makes for lousy solder joints and is just generally hard to work with.

While you are rounding out your kit, a Flux pen and Chem-Wik desolding wick are both extremely nice to have.  Don’t buy 50′ of Chem-Wik from Amazon though.  They come in 5′ rolls that should be less than $5 or so.  Please feel free to comment on any experiences you’ve had with Hakko or Aoyue gear in the comments.  Happy soldering!

Apple’s new Mac app store

I was on the Infosec Daily Podcast tonight and one of the topics we covered was Apple’s new Mac App store. Mainly, since the podcast is security-focused, our angle was that the ‘DRM’ was already found be broken by some simple copy and pasting. That being said, it lead us down a rabbit hole of some further thoughts about the implications of this new app store.

Is Apple’s intention to close up the system and make it more like an iPod Touch or iPhone? If that’s the case, I would just as soon bail now and save myself the money and heartache later. Will I be forced to ‘jailbreak’ my MacBook Pro to obtain the same functionality the current version of Snow Leopard?  Will I want lose the ability to compile packages or eventually lose my command line interface?  I don’t think I’m the only one who would jump ship if any of these possible outcomes came to pass.

On a brighter note, this could be an EXCELLENT unified update management system. Software update is NOT bad in my experience but I do feel the iTunes app store is more effective. Seeing that sort of system come to OS X is exciting. As an added bonus, it’s been said that even apps that you did not originally purchase through the app store will be able to be updated through this new system.  Having a little icon in the corner that just pops up a little red number telling you how many updates are waiting sounds pretty nice to me.  Will Software update eventually be entirely merged with the app store for performing OS-level security updates?  That’s how it works on iTunes with an iPod/iPhone so it’s probably quite feasible and maybe more efficient in the end.

Here are some of my further fetched wishes… Will Xcode install and be manageable through the new app store?  Could ports be merged into the new app store? That would rule! I’d love to have everything manageable through a unified interface but if the past is an indication of the future, this is all wishful thinking. Can I get a command line interface to the new app store so I can update my system over a SSH session?  Definitely asking too much there….

On another tangent, I’d like to direct you to an interesting ‘blog’ post. I say blog in quotes because we’re talking about an HTML 1.0 type document…. Anyhow, it’s Tom Pittman’s vision of a perfect operating system.  The interesting portion is where he feels that OS X was a step backwards from System 9.0. Agree or disagree, he has a couple of interesting points and I feel the whole short document is worth a read.  Could the new app store be a natural progression?  Maybe Apple’s way of “righting the ship”?  It’s all food for thought.

For more information about how the app store is already broken in a DRM sense of the word, check out this link and enjoy….

Inside the Personal Computer pop up book video tour

I made a short video tour of one of my favorite books from when I was a kid.  I shot it with my Canon 5D mkII and then tweaked it a bit in iMovie.  I’m trying to familiarize myself more with the video features of my camera.  I’ve only had it for 2 years now so it’s about time I figure it out. The music is a track I made nearly 10 years ago on my Korg ER-1. I always considered it somewhat unfinished but it worked fine for my video.

I’ve had this book since I was about 5 or 6.  It was made in 1985 by Sharon Gallagher.  This book was one of the few that I kept from my childhood.  It has always captured my interest even to this day.  Though the contents may be a little dated, most of the information still holds true oddly enough.  These days, this book is a bit of a collector’s item.  It’s available at Amazon and last time I was at Ada’s Technical Books in Seattle, they had a copy available.

BlackSheep and FireShepard failure

Tonight was protocol study night at my local hacker space where 5-10 people get together every Wednesday to dissect various networking protocols to see how they tick.  We use a combination of things like Wireshark, The TCP/IP Guide(the bible), and the internet RFC archives to rip apart protocols and analyze live traffic in a group setting.  Tonight, the subject was HTTP with a focus on FireSheep and the two mitigation tools BlackSheep and FireShepard.

So by now everyone has heard of FireSheep.  The concepts are nothing new but the author put everything into a pretty little browser plugin that makes it super easy for ANYONE to steal your Facebook, Twitter, etc credentials.  Within a day or two of FireSheep being released, BlackSheep quickly followed.  The premise of BlackSheep is that it is supposed to protect you from users of FireSheep and not allow said users to steal your credentials.  This would be nice if it actually worked.  I’m here to tell you that it does NOT work.  FireSheep looks like this:

So what both BlackSheep and FireShepard do is attempt to perform a Denial of Service attack of sorts against the user running FireSheep.  They spam FireSheep with fake sessions and credentials that show your name but won’t actually log you in.  They show up in your FireSheep window and attempt to flood your buffer with too much information.  The problem with this is that your working credentials are still there and can still be used.  The attacker merely has to sort out all the fake credentials, find the real ones and click on them.  FireShepard has even more failure in this regard.  The spoofed HTTP headers have several fields in them that are always identical.  My favorite was this one:

request+=”GET /packetSniffingKillsKittens HTTP/1.1\r\n”;

Even if FireShepard did work better than it does(which is basically not at all), the person running FireSheep could then easily filter out all the spoofed credentials by filtering it on that phrase.

BlackSheep, on the other hand, attempts to detect if the fake credentials are being used and is supposed to alert you if this is the case.  In our testing however, we did not see any indication of this feature working properly.

If FireSheep isn’t scary enough, we observed some other scary behavior of facebook’s cookies.  Most notably, we hit logout(explicitly) on the Facebook session and closed the browser and cleared/restarted FireSheep.  When we reopened the browser and went to Facebook, we were not yet signed in on the Facebook page but when we switch BACK over to Firesheep, we were already logged in!!  In other words, we merely had to go to Facebook’s page for a cookie to be transmitted to them that allowed a full login.

Not all bad news…

We did find one good solution to this mess.  It’s not a sexy new tool but instead something that I hope a lot of us are using already.  The EFF’s HTTPS Everywhere Firefox browser plugin put a stop to FireSheep picking off any of the credentials.  We tested this with a Gmail, Facebook and Twitter.  Not one of them showed up on FireSheep after enabling HTTPS Everywhere.  I have been using this plugin since it was released and have been extremely satisfied with it.  My only complaints are that I have had problems with the HTTPS side of certain sites not loading correctly for me.  Most notably Wikipedia and Twitter(for about 24 hours).  Other than that, it’s been flawless.  It’s one of those plugins you can basically set and forget.

Using a VPN and avoiding open public wifi connections are also great ideas.

Follow this link for more information on FireSheep, FireShepard and BlackSheep.

Speck PixelSkin iPod Touch 4th generation case

Let me rant about Apple a little here.  I’ll preface with saying that I love many of their products but I’m irritated sometimes by their ultra/over secrecy…  I ordered my iPod touch 4th Generation the hour that it was announced.  I was waiting for it to be released and it was a planned purchase opposed to an uncontrollable lust for any shiny object Steve holds up in his hand.  As punishment for my early adoption, I had to wait months for a decent case to come out.  Like hell would Apple actually share even their measurements to any third party accessory manufactures and god forbid they actually release their own protective case to tarnish their beautiful objects…

Now that I’m done ranting, let me talk about the Speck PixelSkin.  First I will say that I don’t really trust it nearly as much as my Tech21 iBand that my son inherited with my old iPod Touch 2g.  I have full confidence to THROW the iPod at the ground in that case and have it survive unscathed.  I don’t have quiet the same confidence in the PixelSkin but I think it would withstand an accidental drop just fine.  There are plenty of other things I like about the Pixel vs. the iBand though.  Most notably, the power button is much easier to press in the Pixel.  The volume buttons perhaps are not aligned as well as I would like but I wouldn’t even ding this case half a star for that.  Overall, the case fits very snugly and has a fairly high ridge that should do a reasonable job protecting the screen from the table top and other devices in my pocket.  The case does SLIGHTLY encroach on the home button.  That is really the worst thing I can say about it.  Other than that, it looks great, feels great in my hand and appeals to my love of 8-bit things for some reason

🙂

Social Media Security podcast

I have been listening to various security podcasts for over a year now and just recently stumbled on the Social Media Security podcast.  Just recently I finished listening to all of the episodes from the beginning.  I found them all still to be relevant and full of good information. Naturally, most of the focus is on Facebook.  I doubt there will ever be an episode where they don’t mention Facebook but with over 500M users (as of 2010), it’s not a big surprise.

Tom and Scott who run this podcast are always very laid back and professional compared to certain other security podcasts.  This is one you could certainly send to your 90 year old grandma without worrying about bad language or risqué topics.  Not too technical but still very important information for anyone who uses social media in any capacity.  Even if you decide that listening to podcasts is not for you, you should definitely grab the Facebook Privacy & Security Guide that they link to on their site.

Powered by WordPress. Theme: Motion by 85ideas.