Wednesday, August 09, 2006

Cornell boffin explains Galileo hack

PATIENCE may be a virtue, but impatience has led to a lot of technical breakthroughs.

In January, Mark Psiaki, professor of mechanical and aerospace engineering at Cornell University in Ithaca, NY, and his team of researchers were impatient. Galileo had sent up its first prototype satellite, and Psiaki wanted the codes that would let his team begin testing receivers they hoped would work with the new system.

"We thought we were all ready to go with a receiver design, and we wanted to present it at a conference in September," he said.

Psiaki was working on a receiver intended to work with both GPS and its European civil successor, Galileo, which together will considerably expand today's global navigation satellite systems. Galileo will deploy some 30 satellites between 2008 and 2010. GPS satellites, which nominally last seven years, will gradually be replaced and upgraded. "It will be at least 2014 or 2015 before they have anywhere near the new capabilities that Galileo will have," said Psiaki.

By then, the market should be filled with receivers that work with both systems to give better coverage than is possible now with GPS alone.

"Even next year," said Psiaki, "when more satellites are launched, it would probably be an advertising plus for a receiver manufacturer to say 'this is a Galileo-capable receiver'. Why would you want to buy a receiver that in three years won't do more than it does now?"

So you want your designs to be ready. And despite requests to the Galileo folks, Psiaki couldn't get the codes the team needed to test the receiver.

Navigation satellites use codes known as pseudo-random numbers (PRNs) to identify themselves so that multiple satellites can transmit on the same frequencies without interfering with each other – think an ADSL microfilter, or perhaps two conversations over the same phone conversation, one in Chinese and one in English. The PRN codes also, said Psiaki, "allow precise timing of when a part of the signal left the satellite and when it gets to the receiver." The length of the interval gives you a range of locations; when you repeat the exercise with three satellites, you know where you are. But you have to know the PRN codes in order to identify the signal you want – and Galileo wasn't revealing them even for the supposedly free part of the service.

Colleagues in Europe were having no better luck.

So his team cracked them and published the codes and the details of how they did it on April 1. Within a couple of days other researchers had downloaded the codes and begun using them. "We were worried that they'd change the codes after we cracked them," he said. But so far, that hasn't happened.

Even so, "Everyone knows this is not the final version," said Psiaki, "but we can test a lot of difficult and important stuff with this signal."

Such as: monitoring the ionosphere, for which Psiaki has a contract from NASA. "There are scintillations where the ionosphere becomes turbulent over Brazil or over the Equator after dark. We have known this for a while, but we're starting to uncover more aspects of how that happens, so we're working on using Galileo and GPS to develop techniques whereby we might image it. We have to develop receivers, Galileo has to launch all its satellites. These are projects that will take years to see fruition. For the man in the street, space weather can affect power networks, communications, and GPS itself. Oil rigs in Brazil use GPS to maintain the right positioning and stay hooked up to the wellhead on the sea floor, and sometimes after dark it just goes bananas."

The upshot is that despite cracking and publishing the codes, Psiaki really doesn't want anything bad to happen to Galileo as a result. "I and a lot of people want Galileo to succeed," he says. "But we don't want to be shut out


Robot hijacks motor cars

A ROBOTIC carpark involved in a software licensing dispute trapped hundreds of humans' cars for several days.

The robot, which parks cars at the Garden Street Garage in Hoboken, New Jersey, was owned by the city council, but its software is created by an outfit called "Robotic Parking".

The council had a bit of a barny with Robotic Parking and had kicked the employees from the premises just a few days before the contract between both parties was set to expire.

Robotic Parking took its software manuals and intellectual property with it, it then took the city to court claiming that it was using its software without a licence. Meanwhile the Robotic carpark had malfunctioned and peoples' mobile rooms were trapped.

The council claimed that Robotic had set "booby traps" in the code, causing the garage to malfunction. While the fight went on in the court, the garage's punters couldn’t get their cars out.

more Wired

Blackberry servers vulnerable to new attack

BE AFRAID. BE VERY AFRAID. That's basically the message to organisations running Research In Motion's (RIM's) Blackberry server behind their firewalls.

That's because code that hacks the server and has been developed by Jesse D'Aguanno, a consultant with Praetorian Global, is due for release next week. The hacking program is called BBProxy and can be installed on a Blackberry or sent as an email attachment to an unsuspecting user.


Sprint Nextel picks WiMAX for 4G

CONTRARY TO the INQ's previous speculation, US network operator, Sprint Nextel, has chosen to commit billions of dollars to building a nationwide mobile WiMAX network.

Its partners in crime will be none other than Motorola, Samsung and Intel, naturally. Sprint Nextel is expecting to invest around $1billion next year [ 2007] and between $1.5 billion and $2 billion in 2008 in order to roll out the 4G mobile network.

Intel has been a key contributors to the IEEE's 802.16e-2005 standard on which mobile WiMAX is based. The company promises to deliver "next generation WiMAX solutions for Centrino mobile technology. Um, isn't Centrino a laptop technology? Where's the phone bit?

Sprint Nextel has overlooked the fact that Intel recently sold its handset chip business to Marvell. So it's not exactly well positioned to provide "mobileWiMAX-enabled chipsets that will support advanced wireless broadband services for computing, portable multimedia, interactive and other consumer electronic devices" as Sprint Nextel claims.


Sex came before the iPod

The RAND study did not examine the use or effect of you noted, the study began well before the use of the IPod was prevalent.


Comeback Again!!

just comeback to online again

Tuesday, July 25, 2006

Conroe vs. AM2: Memory & Performance

Core 2 Duo (Conroe) launched about twelve days ago with a lot of fanfare. With the largest boost in real performance the industry has seen in almost a decade it is easy to understand the big splash Core 2 Duo has made in a very short time. AnandTech delivered an in-depth analysis of CPU performance in Intel's Core 2 Extreme & Core 2 Duo: The Empire Strikes Back. With so much new and exciting information about Conroe's performance, it is easy to assume that since Core 2 Duo uses DDR2, just like NetBurst, then memory performance must therefore be very similar to the DDR2-based Intel NetBurst architecture.


Debian GNU/Linux 4.0 Set for December

dolson writes sends in a heartening update straight from the Debian project's news page: "The Debian project confirms December 2006 as the date for the next release of its distribution which will be named Debian GNU/Linux 4.0 alias 'etch'. This will be the first official release to include the AMD64 architecture. The distribution will be released synchronously for 11 architectures in total. At this stage, the upcoming release will ship with Linux 2.6.17 as its default kernel. This kernel will be used across all architectures and on the installer. A later version may be selected during a review in October. New features of this release include the GNU Compiler Collection 4.1 as default compiler. X.Org will replace XFree86 as implementation of the X Window System X11. Secure APT will add extra security by easily supporting strong cryptography and digital signatures to validate downloaded packages."


Monday, July 24, 2006

Intel 965GM is considerably hotter than its predecessor

While the 945GM will have a lease of new life at the end of this month with the launch of Merom and the refresh of the current Centrino Napa platform (see the link here?), details have started to leak to the world of the new Crestline 965GM chipset that will form part of the Santa Rosa platform.

You may recall that we looked into the desktop version of the 965 chipset, and found that it was more than a little toasty using 23.1W even without the graphics enabled; this didn't bode too well for a mobile chipset.



Kuniyasu Suzaki has announced the availability of a new version of Xenoppix, a live CD that "boots KNOPPIX on Xen HVM domain on Intel VT (example: iMac CoreDuo) and AMD SVM." From the release announcement: "Xenoppix (Xen3.0.2 + KNOPPIX 5.0.1) CD is released. It uses isolinux + mbootpack instead of GRUB, because the combination expands bootable machines. It enables Xen to boot on EFI (iMac CoreDuo). LCAT (Live CD Acceleration Toolkit) is applied to make fast boot. It was effective on Dom0, DomU and HVM.


Secure messenger to guard against totalitarian governments

Aged geeks should remember the Cult of the Dead Cow (CDC) well. The hacker group was particularly famous for its easy-to-use Back Orifice spyware trojan released in 1998, which was as good for corporate espionage as it was for humorous office pranks. So it's with some irony that CDC has released an open source client that secures your instant messenger communications over the Internet.

Since 2000, CDC has been a proponent of what it calls "hacktivism" - hacking for what it feels is a just cause. In this case, the secure instant messenger, called ScatterChat, is designed for "non-technical human rights activists and political dissidents operating behind oppressive national firewalls," according to the press release. The solution comes from a division of the CDC dubbed Hacktivismo, "an international group of hackers, human rights workers, lawyers, and computer security experts".


XP's No-Reformat, Nondestructive Total-Rebuild Option

t's one of those software design decisions that makes you scratch your head and wonder, "What were they thinking?"

The "it" in this case is XP's most powerful rebuild/repair option, and yet Microsoft chose to hide it behind seeming dead ends, red herrings, and a recycled interface that makes it hard to find and (at first) somewhat confusing to use.

But it's worth exploring because this option lets you completely and nondestructively rebuild, repair, or refresh an existing XP installation while leaving already-installed software alone (no reinstallation needed!). It also leaves user accounts, names, and passwords untouched and takes only a fraction of the time a full, from-scratch reinstall does. And unlike a traditional full reinstall, this option doesn't leave you with two copies of XP on your hard drive. Instead, you end up with just the original installation, but repaired, refreshed, and ready to go.


Xbox 360 shipments hit the 5 million mark

With a one-year lead on the other two next-generation consoles, Microsoft has been hoping to get a significant head start with Xbox 360 sales, especially on the PlayStation 3. Microsoft is on record as saying that they expect to open up a 10 million unit gap between the 360 and the PlayStation 3 by the time Sony's console launches, and the company is forecasting 15 million total sales for its next-gen console by the end of FY 2007 (June 30, 2007). Although that number may be out of reach, the company shipped another 1.8 million consoles during the final quarter of its 2006 fiscal year.

The 1.8 million Xbox 360 shipments last quarter bring Microsoft up to 5 million for fiscal year 2006, which just ended. Amazingly, amid all the reports of console shortages, the company was still able to ship 1.5 million Xbox 360s during the quarter encompassing the holiday season, including 900,000 in the US, 500,000 in Europe, and 100,000 in Japan

When the company announced its first quarter earnings, it said that it hoped to ship 4.5 million and 5.5 million Xbox 360 consoles during fiscal 2006. It hit that target, selling 5 million shipments for the fiscal year.


Why popular antivirus apps 'do not work'

Antivirus applications from Symantec, McAfee or Trend Micro -- the three leading AV vendors in 2005 -- are far less likely to detect new viruses and Trojans than the least popular brands.

This has nothing to do with the quality of the software or how long it takes the respective firms to update their clients with signatures and other malware countermeasures.

AV companies continue to refine their products and most will tell you they stopped relying on purely signature-based systems many years ago. These days they use all sorts of clever methods to try and detect suspicious behaviour but the problem is that malware authors are also very clever. Very, very clever.


Friday, July 21, 2006

D-Link 'n' gear readied , Faster wireless kit to go

D-LINK IS ABOUT to begin shipping its 802.11n wireless LAN cards and routers, saying that demand for faster speeds and longer range override any minor compatibility issues.

The Taiwanese giant does not expect 'n' to be rubber-stamped as a standard until next summer but is shipping product anyway and insisting that using the draft spec will not be major hassle for users.

"Maybe there’s a few bugs here and there but they will be ironed out in the next few months. The range and performance are good and will get better," said Nick Bharadia, D-Link product manager.


Dell has secret stash of burnt-out notebooks

THE EXPLODING DELL laptop captured on camera by our friends sojourning in Japan was one of many that have erupted into flames over the years, it transpires.

Channel publication CRN confirmed as much after being shown documents by a source.

According to documents flashed in CRN's direction, a fair number of Dell laptops have made their way back to Round Rock HQ with melted cases and "mangled and charred" systems.

One had a two-inch hole where the case had melted away and several showed evidence of burning around the battery unit.

In more than a dozen examples, an inch or two of casing had melted away around the right-hand corner of the unit, above the keyboard but below the LCD screen, the publication reports


SiteDepth CMS <= 3.0.1 (SD_DIR) Remote File Include Vulnerability

SiteDepth CMS <= 3.0.1 - Remote File Include Vulnerability
Discovered by: "Aesthetico"

------------------------------------------------------------------ - 2006-07-20


Ubuntu 6.10 Knot-1

The first development CD image of Ubuntu release 6.10, code name "Edgy Eft", has been released for Intel x86, PowerPC, and AMD64 platforms: "Welcome to Edgy Eft Knot-1, which will in time become Ubuntu 6.10. Knot-1 is the first in a series of milestone CD images that will be released throughout the Edgy development cycle, as images that are known to be reasonably free of showstopper CD-build or installer bugs, while representing very current snapshots of Edgy. You can download it here, for Ubuntu, Kubuntu, Edubuntu and Xubuntu respectively." Read the full announcement and visit the Edgy Eft wiki page for more details. Three types of CD images (also BitTorrent files) for all three architectures are available from; here is a quick link to the edgy-desktop-i386.iso


Saturn controller for the Xbox 360

With a slate of old-school 2D fighting games like Street Fighter 2 and Mortal Kombat 3 being released on the Xbox 360 [twistedsymphony] thought it would be nice to have a decent old-school gamepad to play them with. His final interface board lets you use an unmodified Saturn controller with the Xbox 360. He used a chopped up Saturn cable extender to attach the controller to a PIC16F690. The PIC decodes the Saturn pad’s button presses. It then triggers a corresponding analog switch that acts as a button press on the actual 360 controller. He did it this way instead of the much harder task of figuring out what the 360 controller protocol was actually doing. Future plans include support for other system’s controllers.

read more

How to restore a hacked Linux server

Every sysadmin will try its best to secure the system/s he is managing. Hopefully you never had to restore your own system from a compromise and you will not have to do this in the future. Working on several projects to restore a compromised Linux system for various clients, I have developed a set of rules that others might find useful in similar situations.

The type of hacks encountered can be very variate and you might see very different ones than the one I will present, or I have seen live, but even so, this rules might be used as a starting point to develop your own recovery plan.

read more

SSH tunneling for ultra-secure web app administration

Over the past few months, some friends and cow-orkers have come to my site, and invariably I get the “Where are the hacks?!? When you gave me the link, I was excited and assumed the site had all your hacks and tricks?!? What happened?!?” You see, my fellow cow-orkers specially, know me as a man of many technical talents. I can turn any normal workday into a techfest show-and-tell, just by emptying my pockets or laptop bag, or discussing my latest interests.

read more

10 ways to protect systems from electrical damage

There are many potential causes of electrical catastrophe, so follow these measures to keep your systems and peripherals safe

PCs, servers, switches, routers, broadband modems, KVM switches and other computer equipment are all subject to electrical damage. From improper site wiring to lightning strikes, a wide variety of electrical issues constantly threaten systems and peripherals. Check out the following 10 suggestions to ensure you've the taken necessary precautions to protect against data loss and equipment damage.

read more

IP-over-DNS How To

You're sitting in an airport or in a cafe, and people want your money for Internet access. They do allow DNS traffic, though. Enters NSTX. NSTX is a hack to tunnel IP traffic over DNS. NSTX (IP-over-DNS) seems cool, but you cannot get it to work.

You've downloaded the latest version, maybe because you saw it mentioned on Slashdot. You've looked at the nstx project page and the freshmeat page. You even tried reading some confusing documentation. Maybe you gave up and tried OzymanDNS. But curiousity got the better of you. You really want to use this.

Once you've followed these instructions, you basically have a remote proxy, providing you with access to the Internet. Communication between you and the remote proxy is over NSTX.

If DNS traffic does not work, but ICMP traffic (i.e., ping) works, try ICMPTX: IP-over-ICMP. Note that these instructions play nicely with ICMPTX. You can run both on one proxy.

read more