martinmurphy.com – Martin Murphy

Saw this on Bruce Schneier’s blog, it’s the FBI’s Dec 2008 cryptanalysis problem. Can you crack a code?

Good fun.

The Past:
I’m a long-time user of SSH. I presume that I was typical in my initial use of it for secure access to remote servers. But I quickly became familiar with its port-forwarding capabilities, and have often set up intricate webs of connected and nested tunnels, in order to negotiate the problems of multiple NAT servers and firewalls. I even considered myself a power-user.

The Present:
Today, while checking out A Defcon survival guide on The Register, I noticed that they had mentioned the -D parameter to SSH. It was that kind of “in-passing” reference, where you know they think they’re stating the obvious. You’ve probably guessed though, that it was not obvious to me.
Enter the Ubuntu SSH Howto, and in particular the “SSH as a Proxy” section. How could I not know that a SSH could run as a SOCKS proxy, tunnelled to a remote server? Now I’ll be able to run SOCKS capable client applications (including web browsers) across lots of network configurations, without having to identify and forward individual ports. Brilliant!

The Future:
Wait, what’s that I see? At the bottom of the page there’s a link to SSH VPN. It can’t be. Not full networking access (routing,UDP,etc) over an SSH tunnel using the “tun” driver. Yes it is, it’s amazing. I can’t try this one out at the moment, but it will be a definite must-have for me (very soon).
Anywhere, on any network, once I have SSH access, I can get full access to my home network. (Or, if I wanted, an Amazon EC2 node that I could start when I needed full Internet access)

What lessons I’ve learned today, and not just about SSH. It’s important to check out the features and updates of software and networking tools that you use. Especially, if you already consider them important and useful. Don’t fall into the trap of thinking you already know how to use them, even if, like me, you’ve been using the tools for too many years to remember.

Now, I’ve also been using Ethereal for a long time, but a colleague has recommended WireShark, I must find out which one is better

Not convinced about the usefulness of this RFID application, reported on Ars Technica: RFID being tapped to stifle exam cheaters

Given that this only seems to be used to check if all the exam papers are still in the package. Surely, someone could count them? Also, it doesn’t seem to account for the fact that whoever might steal the papers, may now just photograph/photocopy them instead.

On the other hand using statistical analysis to flag particular answer papers for further investigation seems reasonable but it doesn’t prove that someone has cheated.

Wow, this is the second movie reference in 2 posts.

You may have guessed that I’m interested in security and alternative computer input/output systems. This morning, I saw this post “Voice biometrics: coming to a security system near you.” about banks using voice print technology.
Interesting discussion about using voice to combine 2 id methods, something you have: voiceprint, and something your know: security question. The usual concerns about “Big Brother” are also mentioned.

Humorous, even if not politically correct, referring to some users as “goats”

Interesting story about a camera that can count eyes. They suggest that it might be used by advertising companies to count the numbers of eyes that have looked at particular ads. Eyeball-tracking camera could change real-world ads
Getting closer to the ads in “Minority Report”
This might be interesting for anyone researching computer vision or pervasive and ubiquitous computing.

Just found out about this command today.

“lsof” displays information about open files by processes on *nix systems (including network “files” – TCP/UDP). I don’t know how I managed to miss such a useful command over the years.

As an example, listing network ports (which I would previously have done with netstat):

# lsof +c0 -n | grep IP 

java             1022    martinm   28u     IPv6
          467902                 TCP 192.168.2.104:51769->192.168.10.1:xmpp-client (ESTABLISHED)
java             2961    martinm    6u     IPv6
          322274                 TCP *:8083 (LISTEN)
evolution        6408    martinm   59u     IPv6
          472527                 TCP [fffe:111:11:2:111:72ff:fe10:2bd]:51943->[fffe:111:11:1::11]:imaps (ESTABLISHED)
mysql           18407    martinm    3u     IPv4
          489375                 TCP 192.168.2.104:49021->192.168.2.146:mysql (ESTABLISHED)
firefox-bin     24396    martinm   52u     IPv4
          490170                 TCP 192.168.2.104:52906->192.168.0.1:webcache (ESTABLISHED)

I added linebreaks to make it more readable
As usual, further information is available with man lsof.
Now I’ll just need to find out a way of setting the command to be the Java Start Class to identify which java program has the port open.

Update: the number after the command is the PID so a ps -fpXXXX will show the comamnd line.

Just noticed this story (via a link from LifeHacker)

With desktop camera, your face can be your password | CNET News.com

The company produces a 3D desktop camera that can be used for authentication. So instead of entering a password, smartcard or fingerprint, your face can log you into a computer (or open a door). Interesting for anyone working in the field of computer vision.

Just noticed this on Engadget. It’s a discussion about the security of doorlocks, it will need further investigation on my part.
The Lockdown: Locked, but maybe secure (part 1)

refers to the previous articles:

The Lockdown: Locked, but not secure (Part I) – Engadget

The Lockdown: Locked, but not secure (Part II) – Engadget