Chandan chandanlog(3C)
or sayings of an hearer
or A Blog of a Security Engineer
or The Official Online Journal of Chief Executive Prankster, Sun Microsystems Inc.,

All (Archive) | General | Solaris | Security | Art | About | | 		General Solaris Security Art
Main | Next page »
30 Jul 2008 Secure your Wi-Fi networks now!

Last time I visited an Internet cafe in Bangalore to scan a few documents I was in for a surprise. They asked for a photo ID before they offered me any service, even if it is just to scan a couple of documents to my USB stick. That is a good thing - makes it difficult for terrorists to operate and communicate.

This person apparently had his WiFi network wide open for anyone to access and abuse it. It is suspected that terrorists used his network or mail account to send a warning email hours before the blasts in Ahmadabad where about 54 people were killed.

He says "I'm not an IT professional. I have no idea how all that works". It is as good an excuse as saying "I am not a locksmith. I have no idea how to lock my doors". Search google or ask a friend.

Some amount of blame rests with folks who make these Wi-Fi devices and not making them easy to operate in a secure by default mode.

Link | Comments [4]

28 Jul 2008 Notes from the 20th FIRST conference in Vancouver
I was at 20th FIRST Conference Vancouver last month. Forum of Incident Response and Security Teams is a community of folks who work behind the scenes to keep the world running - from people securing your banks to people protecting your national infrastructure. Here are pointers to some of the interesting topics from the conference:

Overall it was good listening to stories direct from people in the battleground, to get an understanding of real world problems and threats they face. It also gave a good opportunity to meet product security folks other companies and CERT folks from around the world - many whom we communicate over email daily.



Link |

27 Nov 2007 Bank Robbery
8:30 pm at a deserted Bank of America ATM: as I drove into the parking lot, what I saw made my hair stand up. An old windowless car was the only one in the parking lot. Two people were dragging sacks of something hurriedly into that car. That made it look like a text book bank robbery, except they weren't wearing any masks, nor holding guns up in the air. Looking at the volume of the bag it looked like they would have emptied millions of dollars. Our robbers then accelerated past me, innocently smiling at me. They looked like senior citizens burgling banks for fun!

I got down the car and went towards an ATM and there is no sign of breakage or forced entry; all lights were on inside the bank and the scene looked perfectly normal.

What our thieves looted wasn't bank but the trash container!! It was completely empty as if the trash was cleaned up.
Either they were from a garbage pickup company which used cars instead of garbage trucks or they were the identity thieves trying to piece together account details from ATM receipts, or merely garbage thieves hoping to make money at the recycling unit. One thing for sure, I'll go get a good paper shredder tomorrow!

Link |

06 Jul 2006 Installing err Recovering Windows XP

Factory Ferrari 4000 came with two partitions: one about 3G of unknown junk and another about 40G installed with Windows XP. One of the few things I did on my Ferrari 4000 was to blow away its Windows partition and reuse its space attached to a ZFS pool. Adding or removing partitions to a file systems is not only possible, but also easy with ZFS - the last word in filesystems!

Everything was fine, until I had to fill a form on an US Government site, which had a page, which had a big button titled "Continue" and above it were these words written in red, font size X-Large: "CLICK THE CONTINUE BUTTON ONLY ONCE. DO NOT CLICK IT AGAIN AFTER YOU CLICK ONCE. PLEASE WAIT FOR THE NEXT PAGE WHICH MAY TAKE SOME TIME TO LOAD.." I faithfully clicked the button once, the mouse pointer showed busy signal and the page was waiting to load ... 1 min ... 2 min ... 15 min ... it is still waiting! I have no idea what would happen if I clicked it again. Well after some investigation, it seemed, that brainless site either used active-X or some other critically insecure Technology (or No-tech-logy), that refused to work on Firefox, not even on the latest Opera 9 (it is available for Solaris x86 right on their download page!)

At any cost I had to submit a form in the national interest of United States, and thus had no option but to re-install Windows. I hadn't thrown away the recovery CDs, because like everything else that came with the laptop, they happen to be Company property. I backed-up all data on Solaris partitions just in case the Windows recovery program happens to erase them. I Inserted the recovery CD and rebooted. It started restoring windows. It took about 45 minutes, changing three CDs in the proces, before it said "Recovery complete". (Ah, Solaris install from a single DVD is so painless and faster)

I rebooted and was delighted to see that GRUB is still there and showed an option to boot Windows. On booting windows, it said "Preparing to start windows for the first time.." ... BEEP ... A black screen and a small dialog "Setup was not complete"; with a single 'OK' button. I clicked the OK button and it rebooted. May be I had inserted the CDs in wrong order, when it asked disk 1 of 2... may be it rebooted before installing everything ...

So I restarted the recovery process all again.. After another 45min to 1 hour of listening to the Recovery CDs whirl inside the drive, I encountered the same dreaded black screen with a short dialog box that said "Setup was not complete".

Third attempt, meanwhile few friends knock the door, and to get them directions to somewhere, I had to reboot in Solaris to use Google maps.

Fourth attempt, 45 mins.. big black screen with small dialog box that is laughing at me "Ha Ha Ho.. Set up is not complete. Hu Hu Ha Ha". Here I am sacrificing my comfort of Firefox browser on Solaris desktop environment, in the interest of safety and security of the people of this country, to submit an online form of utmost National importance to United States, more critical than war in Iraq or the rhetoric in Iran; and this silly small evil dialog shows up from nowhere and throws up a meaningless OK button like a North Korean missile ... and laughs at me.

Not accepting defeat, I tried for the fifth time. Just like North Korean missiles do not carry the name or brand which supplied the underlying Technology, nowhere in the recovery program can you see the brand name of Microsoft. While searching for the brand name I saw the vital clue which was the main reason for failure to set up, even when the recovery program hailed it a success. This whole brainless recovery thingy was going on to the factory default 3G partition, too small to fit the recovery bits.

Then I picked up a Linux Rescue CD that had QtParted tool and deleted the 3Gig partition and the old Windows 40Gig Partition to create a new 20G FAT32 partition meant for the recovery tool to reinstate Windows XP to that partition. It went fine this time, and when I saw the chiming XP animation, I knew Victory isn't near yet.

The most crucial part is now to get the latest updates from Microsoft headquarters, quickly before the vanilla system gets infected with numerous worms, launching deadly packets targeted at my Widows RPC ports. I quickly navigate to Start -> Control Panel -> Security -> Check for Windows Updates.. It goes connects to headquarters and the very first message from there is "Please try our Windows Genuine Advantage tool!" That is like a silly pepper mint jingle advertisement to a soldier in distress, needing critical supplies. It took two reboots and about 60 minutes to completely reinforce the system with latest updates. Much more time to upgrade than it took to setup.

Finally, bruised and hungry, when I clicked on that button which had the large red text above saying 'CLICK ONLY ONCE' I felt victorious!

Well, While not all software is perfect,
Imperfect software sold at hefty prices is cheating,
Charging for imperfect software bundled with a laptop is extortion,
Asking money for its security updates is blackmail,
It is also greater threat to world peace and security than North Korean missiles.



Link | Comments [8]

01 Jul 2006 Sun on FIRST Steering Committee/Board of Directors
In the Annual General Meeting of FIRST.org (held last week), where elections are held for half the members on its Steering Committee for a two year term, Derrick Scholl of Sun was elected as a member of Steering Committee and Board of Directors. Congratulations to Derrick! I see it as a recognition for Sun being an important and responsible member of world wide security community.

Link |

19 Jun 2006 Week to go for FIRST 2006 Baltimore
The largest annual gathering of Computer Security folks (FIRST) who keep the world's computing infrastructure safe, (aka white hats) is happening in Baltimore in a weeks time.

Sun is one of the Supporting Sponsors of FIRST 2006. If you are a security geek fighting the dark and evil forces of the underground, you wouldn't want to miss attending this. Registrations are still open.

Link |

16 May 2006 At JavaONE
I stopped by JavaONE Moscone Center, this evening, it was quite crowded. Java Pavilion was bustling with companies and groups showcasing some of the amazing stuff with Java. John and team won Duke's choice award for model rail road. There was a java GUI app that reflected the state of the track. You could change tracks by clicking on the track in the GUI. My mischievous mind changed tracks when the train was half way through a junction, causing the train to get stuck in the middle!

Another really cool stall was the Looking Glass 3D desktop operated by hand gestures (just like in movie Minority report). You could wave away a window or maximize it by pulling it towards you. (see the new videos from Cebit on lg3d site)

Link |


Main | Next page »

Copyright (cc) 2004-2006 by Chandan chandanlog(3C): Secure your Wi-Fi networks now!