Cracking 1024 bit RSA keys

The next time someone raves about the advances of computing ask them about this challenge. Truly a benchmark for the next 100 years in computing a paper published by Adi Shamir and Eran Tromer entitled “On the Cost of Factoring RSA-1024” [pdf] hypothesizes a device which could “break a 1024-bit RSA key in one year using a devices whose cost is about $10M”. emphasis mine.
$10M is a sizable amount of start up cost so this type of power certainly isn’t going to fall into the hands of criminal organizations (maybe narco lords in South America) but defense agencies could certainly handle this type of cost. It isn’t difficult to imagine a scenario where a message is important enough to necessitate this type of effort. However advances such as perfect forward secrecy make even these herculean efforts less effective. Courts have been dealing with this issue in a different way. Some realize they can’t coerce a private key while others attempt to force decryption with the threat of jail time. My question is how well does Moore’s law really fit here? Using the simple 1/2 price in 1 year version of this axiom we can expect to crack 1024 bit keys with as little as $10k (in one year) 10 years from now.

local irish bar… hacked

While doing some research for the SOURCEboston pub crawl I wandered over to the Tommy Doyle web page. Clearly not a page visited often or cared for much by the owners since it has a anti-war page up stating:

Security :0 My test: 1

Who is ‘the real murder’ Bush? You or this baby?
[ – _ +]

Hacked BY Scientist/AYT

A haunting but beautiful arabic song plays in the background. the source of the mp3 is http://dosyalar.semazen.net/muzic/Esma1…. but I can not in good conscience hotlink to the song. If anyone knows the folks at TD’s they might need to be notified to fix their server security. The really odd part is the Kendall page and the main page are unchanged. It is only the Harvard location page which contains this message.

Here is a mirror of the page
tommy doyle pwned

RIAA webserver compromised

The following url was found on a popular aggregation site

http://riaa.com/news_room.php?resultpage=9&news_year_filter=2007%20UNION%20ALL%20SELECT%20BENCHMARK(100000000,MD5('asdf')),NULL,NULL,NULL,NULL%20--

broken down into component pieces the actual sql commands are easier to read:
UNION ALL SELECT
BENCHMARK(100000000,MD5(‘asdf’))

,NULL,NULL,NULL,NULL —

We can see that the url parameters contain a mysql command to benchmark 10M md5 operations on the string ‘asdf’. The very clear and simple vector allowed some others to achieve content insertion and even possibly deletion. What is worse is that a malicious person could have easily planted an iframe in the content to infect every visitor of the RIAA website. They are clearly not conducting code reviews on the RIAA website since this type of SQL injection attack would be noticed by even the most novice of auditors. The Content Management System (CMS) used was known to be vulnerable so there were likely patches available.

Psiphon

As noted on several other blogs…
Psiphon is part of the CiviSec Project run by the Citizen Lab at the Munk Centre for International Studies at the University of Toronto. The CiviSec Project is funded by the Open Society Institute.

 http://psiphon.civisec.org/

Tor

Tor is great if you are already encrypting your traffic. It isn’t the best idea if you are doing a lot of clear text related activities.

OSX Instructions here

The Tor Overview is worth reading through and I can see good uses for this type of tech for globe trotters who may need to bypass certain filters.

Some advanced tips:

If you want to forward multiple virtual ports for a single hidden service, just add more HiddenServicePort lines. If you want to run multiple hidden services from the same Tor client, just add another HiddenServiceDir line. All the following HiddenServicePort lines refer to this HiddenServiceDir line, until you add another HiddenServiceDir line:

HiddenServiceDir /usr/local/etc/tor/hidden_service/
HiddenServicePort 80 127.0.0.1:8080

HiddenServiceDir /usr/local/etc/tor/other_hidden_service/
HiddenServicePort 6667 127.0.0.1:6667
HiddenServicePort 22 127.0.0.1:22

Wireless Resources

Wireless Users Groups
bawug.org Bay Area Wireless Users Group
 
nycwireless.net NYC Wireless Group
 personaltelco.net Personal Telco Project
 frars.org.uk FRARS Wireless lan working group
 bawia.org Boston Area Wireless Internet Alliance
GBA 802.11 Greater Boston Area 802.11 Wireless Database
DC-WiFi Initiative Public WiFi advocates in Washington DC
Seattle Wireless Seattle Wireless group

Wardriving Resources

wardriving.com Wardriving news portal
www.sicheres-funknetz.de Wireless security portal (German)
 www.netagent.at Wardriving and Wireless site (German)

How to surf from hostile networks

NYT article claiming to help with the issue of kiosk network connections. They could have keyboard sniffers, network sniffers, or just good old spyware.

Print edition

Circumventing censorship


The filtering takes place in at least three ways:

de-listed domains: specific websites are removed entirely from search results; it is as if the website never existed.
de-listed urls: specific urls are removed from search results if they contain a de-listed domain.
restricted keywords: specific keywords are restricted to searches of web pages hosted in China only.

Blocking VOIP

Derek Bambauer explains the legal ramifications of Service class blocking.
 http://blogs.law.harvard.edu/infolaw/200…

Wireless Security Review: Kismet++

Kismet is an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system.

 wardriving.com Wardriving news portal
– Ethereal/Tcpdump compatible data logging
– Airsnort compatible weak-iv packet logging
– Network IP range detection
– Built-in channel hopping and multicard split channel hopping
– Hidden network SSID decloaking
– Graphical mapping of networks

Q: What happens when I ask a question thats already answered here?
A: I’ll probably be rude to you and tell you to go read the docs.
But of course everyone already read the docs all the way to the end,
right? Right?

Greater Boston Area 802.11 Wireless Database
 http://www.digivill.net/~mowse/gba80211/

NYC Wireless Group
 http://nycwireless.net/

 www.turnpoint.net
 Turnpoint.net‘s wireless antenna shootout

 antennasystems.com
Antenna Systems antenna supplier

 pasadena.net
 Pasadena.net wireless equipment

 therfc.com
TheRFC RF Connector and custom cable supplier with no minimum order.

www.solwise.co.uk
Solwise UK connector and equipment supplier.