Search This Blog

Friday, May 30, 2008

Maxtor BlackArmor


I simply can't say no to a black box with blue shiny lights can I? This piece will click in with my Habu, Reclusa and the DGL-4300 Router... Ok, lets see what is BlackArmor.

Maxtor make haddisk. Now they concentrate on external harddisk after the Seagate acquisition. Black Armor is a secured harddisk as they claim. Well, I am tempted to crack it and (not) get hired by Maxtor. Black Armor is protected by AES128 encryption which cover the whole harddisk using their software. Well, I am also tempted to break their software for use on other harddisk IF I can extract it. Ya, this does not come with a Installation CD. In any case, you wont get the hard case and blue shiny lights unless you buy this at USD$150 for the 160GB version. Costly. But cool.

BlackArmor has something very similar to U3, except this encrypt. U3 only authenticate. This is a misconception which many people has. All you need to break the U3 protection without the password is to flash the firmware with a custom one such as SwitchBlade. Anyway, back to this. BlackArmor uses AES128 which will take a fair amount of time unless you like password like abc123 or password. Maxtor claim 30 years. I dare say less because machines get faster, new methods of breaking things comes up every so and then. But its pretty long. BlackArmor supposely has not much issue with unplug from USB. Once unplug it automatically locked and encrypts. So I guess maube this is something built into the firmware which kinda make my statement to want to install it on other notebooks sound silly.

So, is there a downside? Obviously, this does not work in Mac or Linux. This is hard to recover using normal tools. I am not sure if defrag make sense, but it may be. Well, to be honest, I have yet to get my hands on it.

Apple OSX iCal critical vulnerability

This is just great. Just when I am about to roll in OSX 10.5.2, a major bug in the iCal application fall prey to a critical bug which can allow an attacker to execute codes on the OSX machine.

As quoted:
"Three vulnerabilities discovered in the iCal application may allow un-authenticated attackers to execute arbitrary code on vulnerable systems with (and potentially without) the assistance from the end user of the application or to repeatedly execute a denial of service attack to crash the iCal application."

Detail :
http://www.coresecurity.com/index.php5?module=ContentMod&action=item&id=2219

How many Apple users will patch their product? I only know of 1.
C:You better be, or it would be 0.

Given this is a 0+2 Day vulnerability, I expect the trojan to attack this bug to be released pretty soon.

Monday, May 26, 2008

Backtrack 3 Teaser

Backtrack is a Blackish-hat tool used by many security professional. I used it often too for environment which are tightly controlled. You can sneak in with this on a USB thumb drive or a autoboot CD where you are not allowed to bring in your custom laptop for testing.

Backtrack 3 present many new tools, yet also new problems working in VM especially Virtual PC (which run faster for me in any environment). Anyway, since its in BETA, there is still time for it to fix up everything before the Final is out.

Meantime, enjoy the Wifu and other fantastic stuff here :
https://www.asiaextendedservicesuat1.citibank.com/aes/

Download the BETA:
http://www.remote-exploit.org/backtrack_download.html

PLEASE. Do not ask me how to use this aor what is going on. If you have no idea, then I suggest, you stay out of this. There is no bad tool, just bad people.

Sunday, May 18, 2008

Luminous Arc 2 ~ Will

Cetis Cisco Crow Massacre Unit


I am pretty sure we all hear the gunshot and see the strange black van moving around shooting down crow in the neighborhood. I got a close look today was to be honest was a shocking experience.

I heard a gunshot and immediately recognized it and I saw it up close. This belong to a Crow culling Unit of Certis Cisco Singapore. What I cannot stand was what happen after this... I saw a crow injured and fallen to the fall maybe its wing got it or something... The man with the shotgun cross the road to reach it... Then all a sudden I see him raise a gun and take a shot into the air on a flying by crow and it fall right onto the road where car are passing by. I recall how much train we all had about using a rifle in the open space. Even a police officer has to make a difficult judge to take such a shot in open public, yet this man did not. In a total of 3 shot, he took down 2 crow. I am really concern such use of firearms in public area may some day lead to a tragedy (I recall a man killed while feeding dogs some years back, probably by the same group of people?).

Well that was still prety ok. He picked up both the crow and one of them was still quite kicking. What shock me was what happened immediate there. I saw him took the crow at one wing and slam it against a nearby tree until it stop moving. Come on, if he had already wasted 3 shots and now he is saving it by smashing the crow onto the tree? I know crows are pest, but I did not think what he did should be consider human. If this is so, we might as well equip them with morning stars and club those crow to death. Luckily no children saw this. I am sure it will project a very bad example to children.

A few things I wonder.
1. The Maths. 3 shots 2 crow. 2 guys in a van. How does the cost justify the means? Does killing 2 crows solve anything?
2. The use of firearms in open public. Has this been so open now that its pretty ok to just pull you guns and shoot when there are people walking around and car driving pass? Does the shot and crow not hit onto someone passing by?
3. Crow slamming. Does what these people do not be govern under animal cruelty? Has SPCA got anything to say about it? Or is it just because they are crow its ok to club them to death. I don't know. But in this case, maybe its ok to pull off heads of rats and electrocute the fishes in the reservoirs because they are not consider animals?

Wednesday, May 14, 2008

Solving the Rubik Cube Part 3

This is the final tutorial on the rubik cube. By now you should had solved 2 layers. The last will involves some steps but they are quite straight forward. Take a look at your top (opposite of the strawberry which was chosen as the based). If you see something like this, you are good.


Don't panic if you do not. Just apply the following formula (a few times if necessary). Remember that you DO NOT change your F. The pattern above should appear on your U (up) side.
Formula :
F, R, U, R1, U1, F1

After you get the invert "L" above, the next one you will see if a straight line like this on the U side:


Continue with the formula and you will reach this :


Notice the cross or + is very similar to the first step in tutorial one, except you may realized this if you look at the other sides. The middle top pieces does not match the middle piece on the side. Turn the cube to the side which does not match an make that your F. Try to keep the correct side as your B or your R to avoid moving them. Remember, the U and D face do not change, just play around with your 4 sides.
Apply this formula :
R, U, R1, U, R, U, U, R1, U
You may have to do it a few times, eventually, but quite quickly, you will find your cube to have the matching middle matching the sides like this :



So, how many pieces are left? 4. Right. If you are lucky (maybe), you will see one of your corner in your U side is correct.


If this is the case, make the yellow Pear as your F. Keeping that piece on your R side. This will not move that piece. Apply this formula :
U, R, U1, L1, U, R1, U1, L
This is the last, but hardest part. There are ways out there which you may be able to tell how to get each piece right, but by doing this repeatly, you will eventually get it. Just remember the formula only shift the corners on the U side. So you can turn the cube around a bit, keeping hte U and D side to apply this formula. I would say with a bit of luck, you will finally get this :


Yes, its done finally. Congratulation. I had completed this a few times thanks to the methods describe here. haha, if you notice there is another trick in my cube, the facing of the fruits. You can change that with a slightly different formula, but thats out of topic here.

If you feel you would like more information, try this :
http://jeays.net/rubiks.htm
or
http://peter.stillhq.com/jasmine/rubikscubesolution.html
or
http://rubikscube.info/

You may encounter another fast method known as the corner first method. Of course, if you are interested, go ahead and try that. This method is used by many winners and champions. Given the full potential, some of them claim it can solve the cube in 60 or less moves. Its out of my topic here too.

Solving the Rubik Cube Part 2

Ok, here is the 2nd part. We will solve the 2nd layer in this section. To be honest, I think this is the hardest part. OK, we need to define some simple notation. First turn the cube upside down. The strawberry side which is completed should be at the bottom covered. Take a look at this picture :


OK, now the side facing you we will call it F (Front). The side on your left and right will be L and R respectively. The top side will be T (Top) and the strawberry side will be D (Down). Finally the side that on the opposite you are looking away from you will be B (Back).

The black region will be the region that is completed in Part 1. Now we need to locate some special pieces on the top...


Find one of these pieces in black. Notice how this piece should be on the right in the blue region? There is a formula to move this there. Move this face to be your F (Front) to start. For notation, to rotate a side clockwise (means that you imagine you are looking at that side and turning the side clockwise), we will use F,B,U,D,L,R. To rotate it anticlockwise, we will use F1,B1,U1,D1,L1,R1. Got it?

To move the top pieces in black to the blue region on the right, the formula is :
U, R, U1, R1, U1, F1, U, F

OK, I mentioned don't ask why. This guide is simply to help you complete it. to understand why you may want to look at it step by step and figure it out.

If you have not figure it out, the formula for moving the top to left side in the similar case will be :
U1, L1, U, L, U, F, U1, F1

The piece should be in the blue region as shown here :


You may also find that sometimes you have a wrong piece in place like this below :


In this case, you will need to swap that piece out using the above formula moving L or R depending which side you choose to be F. You will also need to do this if you cannot find any pieces on the top to do the step above. simply move them out using the formula. If you have done it right, it will be something like this :


Now you can use the Grape side as F and move the top piece (in black region), which you had moved out just now, to the right side using the same formula again.

Do it for all the pieces (there are 4 only actually) in layer 2 and you should be having something like this :


Layer 2 for all side should be correct to end this part of the tutorial.

Solving the Rubik Cube Part 1

The Rubik cube has existed long before many of us. I still remember having to struggle to complete it when I was like.. 6? That's crazy then. There is no Internet or FAQ out there then. But today, its different now.

There are many guides on the Internet and I believe this page is not the first you came across looking for a way to complete it. Unlike other sites, I do not want to go through too much trouble about the history, how and why the method works etc. I just want to put it plain and simple. To solve the cube. Its not the fastest way to do it, but I will try to make this the simplest around.

This is divided into 3 parts and each concentrate on solve 1 layer of the cube. Before we start, lets go through some simple notation I will use later. Basically look at the cube you have now. Mine is a bit cute because it has fruits on it, yours will be color usually (OK, or super model if yours is the Playboy edition).

First, some basic. The cube consist of 6 sides and each of the has a center. The center pieces will never change. Relatively. Keep that in mind. There are 8 corners, these pieces wil lalways be corners... and the same goes for the mid side pieces. With that in mind, play around until you are able to join multiple same patterns around etc...

OK, I like strawberry, so this tutorial will pick strawberry as the base and start from there. The aim will be to create a + or cross shape as shown.


But thats not just any cross, you will have to match the side to the middle pieces on the side as well. See below :


The side pieces must match with the center pieces on the side. There are only 4 combinations, so this shouldn't be a problem even for beginners.

Next you will need to put in the 4 corner pieces and you will have to get them right as well. I am not providing much tips here because these should be very simple. If you are still struggling doing this, then you need more practice before you can go on... It will get harder.


This is how your cube should be at the end of this part. 1 Layer fully solved. With pieces matching the center of the side as well.

THE SGDUMMIES GUIDE TO WALKING TO BAN LEONG

First of all, lets not assumed everyone drives. If you do, this guide is not for you. You can easily find the place via your GPS. What? The building is not listed on the GPS? emm.. too bad.

Ok, lets do some walking...

1. Get off the right bus stop
I did not try the feeder bus inside. But lets talk about the bus stops on the main road. You should see Kah Motors or Honda directly in front of you if you drop on the same side. For those coming on the other side you should see a green building, following by a blue building, finally a red building after the traffic light.. They are side by side and your bus stop is right at the red building. Its City Warehouse.

2. Walking through Honda
You will need to get over via the overhead bridge if you are on the other side. In any case, you should head towards Honda. There is no fence whatever blocking you, just walk right in. There are 2 ways in Honda, one is directly in front of you. Its a bit longer. Take other other way instead. Walk towards the front of the building. You will see another path going through. Proceed with this path. You will pass by 2 entrance to Honda's Testing lab for vehicles with yellow floors on your left.

3. Find the right building and right floor
Once out of the gate at the back of Honda, you will see a brown nice building across the road. This is NOT it. The building is the one white and gray behind this one. You will need to cross the road and get to it. Once in the building, BL is at level 4. Once you come out of the lift, you will see hte nice office of BL. This is NOT where you will be served. Instead, turn right and follow the path. You will end up in some warehouse like place which is the service center. There is 2 counters there and as far as I can see, there is no queue system in place. So do not be shy go right up the counter and press the bell on your left side.

4. Getting out of BL
After all the happy/unhappy/sad/angry experience, you will probably not be thinking too well on your way out. Go into the lift. DO NOT PRESS LEVEL 1! you did not come in from Level 1. Its LEVEL 2! Level 1 is the underground car park. Once out, follow the same path back, this time Honda may not be so obvious across the road. Look for Kah Motors and you won't miss it. You may want to catch some food right across BL before continue if you are hungry. The rest is just the reverse. Go through Honda and you will come right out into the bus stop again. Cross the road if you have to via the overhead bridge.

Tuesday, May 13, 2008

Ban Leong Sucks.

I had a VERY bad experience too. My Gfx card went KO on friday and had to wait till monday to go to BL. Despite all the help, the place IS very confusing. I took leave and called in the morning to check that they are open. OF cos, its the standard customer service->vga card tech support on the menu. Then I got lost, this is my fault, cos 150 is not exactly helpful. If you end up on the wrong side of ubi ave 4 all you see are 10s and 20s...

But eventually I called again. Same menu and asked for direction. Not very helpful, but luckily I remember walking thru Honda part and found the place.

GUESS WHAT? They say they are stock taking no RMA whatsoever until like Wed or Thu. And 2x I called and nobody said anything about stock taking? The website did not state either. I had totally wasted my day getting there and they ask me to come back again later the week (I need to take another day leave then?). I asked them then anything they CAN do today. At least take in the card or whatever. Cos even if I come down again they cannot confirm whether I will get a replacement at all. (Which means I may need to take yet another day in the future to collect the card). I refused and ask them to take in today since I am here already. I asked them if I cant get a replacement on Wed then how? They say will send back to TW and can take up to 6 weeks!!! Then I asked if they can T-Loan me something for the meantime. They say cannot. If the card goes back to TW, then I st away loses 6 weeks of usability and warranty time?

I had done with Big3 before. At least when my ASUS board when back, they load me one for the time being which alhought unhappy, but I cant complain. To make things worse is that Vista had detected a gfx change and I need to reactivate soon or it will log me out again...

1. The location sucks.
2. The information sucks. If you cant RMA, they did not even tell you.

BTW, I saw some other people around quite pissed also... They even send off one couple who is trying to RMA their Sony LCD (which I presumed is under them) to Sony Orchard. I am totally so give up on BL. Previously I always insist on getting item with BL warranty, I think I will insist I DO NOT get BL warranty in the future!!!!

Friday, May 09, 2008

The Crossroad Part II

I finally made up my choice. Its one of the sunnier path I took. Despite the fact that I will get less in material returns, I hope the experience and satisfaction gain will out weight the others. Its time for me to 从出江湖... :) Seriously, security is not something you can hide behind some cubicles and read or learn. You have to put it to use. If not it does get rusty. Which comes to the point that what if someday I rise high enough to stop getting handons? Is that what I wish for? For now, this question will haunt me, but until that day comes, I do not have to worry about it. I just need to concentrate and make sure I reach higher ground and gain more skills.

Printers - The Weakest Node

I had seen companies which invested heavily on security. They had some of the best firewalls, hardened all their servers and conducted regular security assessments on their internal and external applications. It is often rare enough to find some of these companies actually patches the firmware of their routers, switches and network devices. However I had almost never come across one that patches their printers as part of their security practice. Most of these companies does not even set any passwords on their printers or even know that they can do so.

Printer hacking is not something new and has been introduced years ago. With modern multifunction printers, it is often common to find embedded operating systems with full networking support and removable storages devices hidden inside. Most of these printers have build in applications serving web portal, ftp and telnet services to enhance productivity. This opens up new opportunities for creative attacks against the printers.

Dumpster driving (retrieval of information from paper waste) is no longer necessary when hackers can simply pull information out from the removable storage. While companies have enforced policies on storage media disposal, the printer is often overlooked. Often printers are sent in for repair or even sold or donated as it is. Some of the mini hard disks were found to contain fax history and some even fax images. Classified information may have been stored and if it falls into the wrong hands, it can may a lot of damages to the companies.

Some of the services of these printers may also pose security risk to the company. Unsecured communication through telnet or ftp which are unencrypted may reveal control passwords and printer configurations. Print jobs can also be easily sniffed out by anyone on the network when they are sent through unencrypted channels. Unauthorized users can easily abused the printers by sending job through direct printing ports or via the web interface which usually requires no authentication. These services can assist authorized users from bypassing printing quotas and often allows these users to avoid leaving audit trails in the system.

However, the printer posed the most risk when it has been taken over. Clever hackers may be able to launch scans or attacks into the company network or other networks. The printer storage may be used to store hacking tools for deployment on other servers. Through the configurations, some printers may even allow duplicate copies of all documents to be fax or email out to other locations. Printers can also be taken down by putting in a bad firmware or locking the printing ports. The list goes on. It is all up to hackers to get creative on how much the printers can do for them once they have control of them.

Printers should no longer be treated as dumb devices on the network. Security practice should extend to cover printers because they are as capable as workstations today. While not many printer manufacturers are providing security support to these devices, consumers should take proactive actions to pressure them. Start protecting your printers and not let them become the weakest nodes in your network.

WHS - Files that are compressed by NTFS compression may not be backed up correctly by WHS

This issue may also affect CAB, ZIP, JPG, PNG, RAR and all sort of compressed files. Microsoft has details the problem at :
http://support.microsoft.com/kb/950190/en-us

Good news is that there is a fix available at :
http://go.microsoft.com/fwlink/?LinkId=117355

Although MS has stated it should be updated via Windows Update, this did not appear on my list. However, a point to know is that most people thought you had to install this on the Server. Well, no. You will end up with some errors because you do not have the WHS Connector software on your server. (You do? Why would you install it on the server? :P)

Anyway, this is for all PC who send backup to the server using the WHS Connector.

Wednesday, May 07, 2008

Mayo Sapphire Pudding




I thought Mayo was a boy and had her named Peanut initially. But soon discovered she is a gal afterall, thus hte name Mayo. But alas, she just doesn't get along. Like to bite me, jump out of my hand etc... I am worried I couldn't take good care of her and in the end had to hand her over to J. However, she is really evil. When she is outside or at her place, she is super nice and well behaved. She is not like hte little devil at home jumping up and down and biting cages.
I hope she is happy there. Maybe I am just not the woman's guy.

Monday, May 05, 2008

Enter Hiro



Yeap, this is the Moated Pudding, Hiro. I had given Maya to J because she really doesn't like me. She have a very good life there now. Hiro is so far friendlier and I guess we wil lget along well. He loved food... which is very similar to Xiao P, but Hiro is greedy... He will ask for more unlike Xiao P whom never do so until he finishes what he started eating.

Xiao P needs Beijing 101?

Despite the hair drop, I had confidence with Xiao P. He has bene losing near his eyes and face. Due to his age, which is about 2 years old give or take, I know some things I may not have control over. however, he is active and plays, eat, sleep well. I supposed I did not haveto worry too much.

I had tried giving cod liver oil as what I had read and also give up all the sands and beddings. Instead I had replace it with organic beddings from Japan. Hopwfully this will make he better. As for his food, I can't help stopping his snack. After all, whats there in life if you cannot enjoy it. But I had to seriously cut down on salty stuff and sunflower seeds. There is a debate whether sunflower seeds are indeed bad for hamster. So far, I take a neutral stand, but perhaps changing to a more neutral diet with less sunflower seeds may be better. But again, Xiao P is a very picky hamster who knows good food.

Despite the hair lost, Xiao P does not attract any less animosity from Hiro, my other male moated Pudding. With only a face look, Hiro charges at the cage in an attempt to (attack/give a very violent welcome to) Xiao P. Of course, Xiao P cannot be bothered as usual. He lies safe in his side protected by the cage. That comes ot conclusion that I should not let these 2 come into anymore contact in the future. 1 Hill doesn't hides 2 Tigers as some would say.

Now, all I can do is take good care of them, play with them when I can and hope for the best.

The Crossroad

It comes to a point in time, that there are many paths to take and some of these reaches where I had not been before. Before I thought it does not matter to me. I should take whichever take me the furthest. Seems like I cannot make that decision when I come to it.

Against all odds, I had turned down an opportunity to work oversea with a major telco. This could had been my break in life, but I realized what I wanted was much more simplier. Some things I could give up. Some responsibility I would want to bear. So this was the decision made. I probably will wondered for he rest of my life what would had happened if I had taken that step. I know I will never know.

Ther eare still many paths ahead here locally. Some are darker than others. I am sure for the sake of my responsibility, I would had chosen a much darker path should the opportunity arised, but for now, I think I should stick to the brighter side of life and hope one of these path will lead somewhere...

Saturday, May 03, 2008

R4 NDS V1.18

Another kernel updates bringing the kernel to V1.18. Mainly fixes support for a few games in particular.

Updates :
1)Solved 2203, 2219, 2240, 2250 problem

Again, I had repacked and included the latest AR Code as of 3 May 2008 in this package. I had include all the games from EU and US. The reason I opt out the JP codes is because mainly the display may have issues and how it handles the duplicate with JP and other code may have issue. If there is a high demand for JP Code, do comment here and I may include this as a addon package in the future.

Simple install. Unpack everything into your R4 main directory overwriting all.

Download :
http://rapidshare.com/files/112138546/R4DS-118.RAR

Amazon Gift Cards!

Thanks for viewing!

Copyright © 2008 nemesisv.blogspot.com, All rights reserved.