InfoSec Daily Podcast Episode 450 for August 12, 2011. Tonight's podcast is hosted by Karthik Rangarajan, Geordy Rostad, b0n3z, and Varun Sharma.
Announcements:
#BruCon
When: Sept 19-22, 2011
Where: Brussels, Belgium
http://blog.brucon.org/2011/02/confirmation-of-brucon-dates.html
@DerbyCon
When: September 30th – October 2, 2011
Where: Louisville, KY
http://www.derbycon.com/
SANS Mentoring: Forensics 408 – Computer Forensic Essentials
When: Wednesday, October 12, 2011 – Wednesday, December 14, 2011
Where: Atlanta, GA
Discount Code: ISDPod15 (15% discount)
http://www.sans.org/mentor/details.php?nid=25504
Hack3rCon 2011
When: October 21st-23rd, 2011
Where: the Charleston House Hotel and Conference Center
http://www.hack3rcon.org/
2011 Fall Information Security Conference
When: November 8 – 9, 2011
Where: Atlanta, GA (Loudermilk Conference Center)
http://www.gaissa.org
Stories:
Source: http://www.reghardware.com/2011/08/12/ibm_pc_30_anniversary/
IBM announced its new machine, the 5150, on 12 August 1981. It was no ordinary launch: the 5150 wasn't the 'big iron' typical of Big Blue – it was a personal computer.
IBM came late to the party. Through the 1960s and 1970s, it had focused on corporate computing: expensive mainframe and, later, mini computers. But by the end of the 1970s, it had seen the likes of Tandy's TRS-80, Commodore's Pet and Apple's Apple II win support from smaller businesses, individuals and even in some of the big companies IBM traditionally targetted.
IBM bosses realised there was clear demand for a single-user system, and while their emphasis on big machines would continue, it was clear that the personal computer was an opportunity open for exploitation.
The 5150 – the machine that would eventually be called, simply, the IBM PC, was developed by what was at that time a little known part of the company, the Entry Systems Division, based in Boca Raton, Florida.
A 12-strong team was assembled under Don Estridge, the Development Director of the project, codenamed 'Chess'. Lewis Eggebrecht was brought on board as Chief Designer.
Rather than create the 5150 from scratch, Estridge's engineers used existing parts from a variety of other companies, seemingly in marked contrast with IBM tradition. The company made a virtue out of the fact that it made the components used in its machines. When you bought an IBM computer, it had IBM's imprimatur of quality through and through.
Relive some nostalgia here: For those of you who were actually alive or of a computer usable age when it was still around.
Source: http://techcrunch.com/2011/08/12/friday-time-waster-play-dos-games-in-your-chrome-browser/
NaClBox (get it?) is a port of DOSBox that allows DOS games to be played right in your browser. Right now you can play titles like Star Wars Tie Fighter complete with multi-voice MIDI sound and hot hot VGA graphics. It works on Macs, PCs, and Linux machines and runs under Chrome 13.
To play the games, you have to turn on the Chrome Native Client (Na Cl, hence the pun):
In the Chrome address bar, type:
about:flags
Find the section titled “Native Client”
Click “Enable” and restart Chrome.
The game downloads and you’re ready to play a moment later. The most interesting thing to note is that this is how games will probably be played under ChromeOS – right in the browser with almost no lag. If this is better or worse than services like Steam I’m not willing to argue, but it does point to some very interesting upcoming features for the OS.
The site has been around for a while but they’ve added some new games and I suspect I just made a few folks’ days with this delightful Hackernews discovery.
Source: http://arstechnica.com/tech-policy/news/2011/08/world-ipv6-day-leads-to-browsers-resistant-to-ipv6-brokenness.ars
At a plenary session during the Internet Engineering Task Force (IETF) meeting in Quebec City, Canada two weeks ago, World IPv6 Day was rehashed at some length. It took place on June 8 this year, and Google, Facebook, Yahoo and others turned on IPv6 for 24 hours in an effort to flush out broken IPv6 setups. Immediately after IPv6 day, and again six weeks later, we noted that there didn't appear to be much breakage to speak of. But at the IETF meeting, several of the Web companies had a little more information to share (PDF).
The most interesting presentation came from Cisco's Mark Townsley. Unlike companies such as Google, Yahoo, Limelight, and Akamai, Cisco isn't a Web company. It does make most of its money through cisco.com, though; as such, it was hard to convince management to participate in IPv6 day, since nobody really wants to put any part of $30 billion in revenue at risk. But apart from the argument that Cisco should be "eating our own dogfood," the management found one argument compelling: many others would be doing the same thing, so this was the one and only chance to try it without much risk of a customer backlash. 1.11 percent of all traffic to www.cisco.com was IPv6 on June 8 and zero IPv6-related support tickets opened that day.
Google's Lorenzo Colitti showed a graph indicating slowly declining levels of "issues" with IPv6, but this number excluded users of Google's Chrome browser. For Chrome, Colitti reported a reduction in problems by as much as 80 to 90. However, this figure only applies to the user experience; Chrome now has a "fast fallback" option which makes the browser switch to IPv4 if an initial IPv6 connection attempt doesn't progress in 300 milliseconds. (According to Colitti, Firefox implements a similar workaround.)
Of course, such fixes only apply to browser use—other applications still experience much longer timeouts when using a machine that thinks it has IPv6 connectivity when IPv6 doesn't actually work.
As of Mac OS 10.7 Lion, Apple implements something similar in its lower layer networking frameworks. This means that all applications that use these frameworks automatically gain this user-friendly behavior. As explained by Apple's Josh Graessley on the company's IPv6 dev mailing list, the address (IPv4 or IPv6) that has the lowest minimum round trip time is initially selected for connections. Round trip times are continuously measured during TCP connections and stored for some time in the system's routing table. If this information isn't available, the system uses a set of rules to determine which addresses are "better" than others. However, unlike Windows, FreeBSD, and Linux, Mac OS doesn't allow the user or system administrator to change these "RFC 3484" rules.
There's also some DNS timeout magic going on in Apple's implementation of decisions based on previous RTT measurements (which was also present in Mac OS 10.6, but remained buggy until version 10.6.8). In Chrome's approach, it tries IPv6 first and the browser only falls back to IPv4 if there is no answer over IPv6 within 300 milliseconds. Apple's approach layers several mechanisms on top of each other, each dependent on ever changing timing information, so it becomes pretty much impossible to predict whether the system is going to connect over IPv6 or IPv4.
For users, this doesn't matter. If IPv6 doesn't work, their Mac will connect over IPv4 automatically and the broken IPv6 connectivity is never an issue. However, for system and network administrators, this behavior can be extremely problematic. Applications, operating systems, and various network devices change on a regular basis, and it's quite common for these changes to break connectivity. Broken IPv4 connectivity immediately leads to complaints and is thus fixed very quickly. But if broken IPv6 connectivity is now hidden by numerous "happy eyeballs" algorithms, this means that any broken connectivity is never even detected, let alone fixed. This makes it easier to enable IPv6 on large Web properties without any problems, but makes it harder to learn much from the experience.
All of this seamless fallback to IPv4 is also going to make it harder to eventually turn off IPv4, because lots of people who think they have IPv6 will in fact have broken IPv6 without realizing it. The worst part about this is that Apple refuses to allow power users to disable this automatic behavior or change the RFC 3484 policies used by their system, frustrating efforts to find and fix IPv6 brokenness.
However, not all software uses Apple's networking frameworks, which leads to some interesting results. At home, I use a tunnel so IPv6 packets are carried in IPv4 packets, which makes IPv6 slower than IPv4. This ensures I get two different results when I test my IPv6 connectivity. Using Safari, Apple's browser, my system only connects over IPv4 when it has the choice between IPv4 and IPv6, since that's the faster option. ipv6test.google.com even tells me I don't have IPv6. But Firefox uses lower-layer Unix network code and thus connects over IPv6 where possible. So, with that browser, Google's IPv6 test tells me I do have working IPv6.
I'm afraid that the efforts by Google (Chrome), Mozilla (Firefox), and Apple to hide broken IPv6 will produce a short-term victory, but at a cost of delaying the long-term solution.
Source: http://www.rawstory.com/rawreplay/2011/08/bart-cuts-cell-phone-service-to-thwart-protest/
A planned protest of Bay Area Rapid Transit (BART) fizzled Thursday after officials reportedly cut cell phone services at some stations.
BART spokesman Linton Johnson told a KTVU reporter, who had noticed the disruption, that the public relations department had suggested that phone service be shut down.
Another BART spokesman, Jim Allison, reportedly admitted that the tactic had been “part of a larger strategy.”
But Allison later claimed that he had been mistaken and phone service was not blocked.
“I haven’t been able to find another incident in which this has happened,” criminologist Casey Jordan told CNN’s Suzanne Malveaux Friday. “I think perhaps it is unprecedented, and yet that’s how these legal issues come to light and get debated. Whether it’s legal or not it hasn’t been tested in the courts. Public safety exceptions to or encroachments on our personal freedoms do happen.”
“A lot of people are wondering, what happened to freedom of speech, assembly without government interference that’s protected by the First Amendment?” Malveaux asked.
“They didn’t try to shut down the protest. They simply turned off the cell service so it couldn’t become viral,” Jordan explained. “It really is just a cost/benefit analysis of where your freedom of speech begins to threaten the public safety.”
The group No Justice, No BART had called for the protest following a string of killings by BART police.
“We are fighting for justice for Charles Hill, Oscar Grant, Fred Collins, Bruce Seward, Jerrold Hall, Robert Greer, and all victims of BART police violence and murder,” the group said. “We demand that BART disband its murderous, inept, corrupt police department.”