Zeroday 01100100011010010

Some of the projects I am working on require that I gather data about particular addresses on the Internet. One method I’ve been experimenting with is scapy’s traceroute function which allows for neat graphing  secdev.org]. One can also combine two arbitrary traceroutes for graphing as simply as:


traceroute1, unans = traceroute([1.2.3.4])
traceroute2, unans = traceroute([5.6.7.8])
combined_traceroutes = traceroute1 + traceroute2


So for me the next logical step was to start storing all the traceroutes in a database so I could combine two or more at will and see interesting things. Not only could I see differences in different paths but I could even see changes of a single path over time! I fought with scapy for a while and finally realized that the export_object and save_object functions are wrappers for cPickle. I’m not entirely familiar with Pickle so I’ve had to do some reading on the topic. So far it does not look promising. No one has come up with a solution for this just yet although there are some promising recipes in the O’Reilly “Python Cookbook” which touch on this subject in a more abstract way. [“Using the cPickle Module on classes and Instances”]

I’ll document some of the errors in case someone else decides to try this and wants to save some time:

>>> export_object(trace)
Traceback (most recent call last):
File "", line 1, in
File "scapy.py", line 867, in export_object
print base64.encodestring gzip.zlib.compress(cPickle.dumps(obj,2),9))
PicklingError: Can't pickle : attribute lookup __builtin__.function failed


Another casualty is being reported on the DRM front. Yahoo Music is shutting down it’s authentication servers which means those who purchased music will not be able to transfer the music to another computer. This will not affect all of Yahoo Music’s former customers initially but once they need to reinstall their OS or purchase a new computer the inability to move the music will become more clear. Yahoo’s reputation will likely suffer from this as the complaints start finding homes in various blogs and news stories. A better move on Yahoo’s part would have been to simply un-DRM the music for their customers before going dark. I would think that the possibility of a class action lawsuit would be enough economic incentive to invest in the relatively cheap process of providing uncrippled versions of the products they sold to their customers.

A friend shared an interesting post with me from Ars Technica about a recent torrent website owner getting jailtime .

One of the more interesting facts from the article was the disposition of a previous case in 2007 which somehow escaped my attention back then. Scott McCausland was forced to have his computer monitored as a condition of his probation. He noted in his blog that, “their software doesn’t support GNU/Linux (which is what I use). So, he told me that if I want to use a computer, I would have to use an OS that the software can be installed on.”
I think there is a snarky lesson in all of this. Windows is the choice of those who want to monitor your every move. Irony aside McCausland “added a donation link to his blog to help pay for the cost of a Windows license.” This is a very real additional cost that wasn’t really considered by the judge. I’ve complained about this privately when the Extension School at Harvard offered a statistics class which only allowed the use of a Windows based statistics program. This was not known to me when I signed up and I subsequently withdrew from the course (costing me both time and money) because I refused to deal with a Windows only learning environment.

I really love the Enormous Room but recently they decided to cut off the food supply upstairs. This caused the Beansec team to ponder for a while and we have decided that we will now make Middlesex the new home of our humble little gathering. The food at Middlesex is good and the seating is really flexible.

All that said I hope to see you guys at Middlesex Lounge this Wednesday for Beansec.
Also see the announcement done with more flair at Hoff’s blog:
 http://rationalsecurity.typepad.com/blog…