On next Tuesday we’ll be traveling to San Francisco (California).After landing we will reach Berkeley, where our friend lives and where we will stay for two weeks . I’m pretty excited to hang around San Francisco, Berkeley University, Mountain View and the silicon valley. I’ll be very happy, if through the blog, someone could give me some advice about the Bay Area events and cool places to visit.

how worth is :
sf2600.org meeting
www.buug.org meeting

Today I’ve tried to install the vmware server on my laptop, where is running ubuntu 8.04 ( hardy heron). Everything went smoothly, except when I tried to run the Vmware server-console, the system returned the following error:

/usr/lib/vmware/bin/vmware: /usr/lib/vmware/lib/libgcc_s.so.1/libgcc_s.so.1: version `GCC_3.4′ not found (required by /usr/lib/libcairo.so.2)

/usr/lib/vmware/bin/vmware: /usr/lib/vmware/lib/libgcc_s.so.1/libgcc_s.so.1: version `GCC_4.2.0′ not found (required by /usr/lib/libstdc++.so.6)

/usr/lib/vmware/bin/vmware: /usr/lib/vmware/lib/libgcc_s.so.1/libgcc_s.so.1: version `GCC_3.4′ not found (required by /usr/lib/libcairo.so.2)

/usr/lib/vmware/bin/vmware: /usr/lib/vmware/lib/libgcc_s.so.1/libgcc_s.so.1: version `GCC_4.2.0′ not found (required by /usr/lib/libstdc++.so.6)

/usr/lib/vmware/bin/vmware: /usr/lib/vmware/lib/libgcc_s.so.1/libgcc_s.so.1: version `GCC_3.4′ not found (required by /usr/lib/libcairo.so.2)

/usr/lib/vmware/bin/vmware: /usr/lib/vmware/lib/libgcc_s.so.1/libgcc_s.so.1: version `GCC_4.2.0′ not found (required by /usr/lib/libstdc++.so.6)

A quick and dirty workaround is to comment out the line 246 on the file /usr/lib/vmware/lib/wrapper-gtk24.sh

Just a simple iptables script for a standalone mail,web,dns server.

Here’s the code in a readable mode:

http://www.cryptolife.org/code/easyfire.sh.txt


#!/bin/sh
IPT="/sbin/iptables"
echo 1 > /proc/sys/net/ipv4/tcp_syncookies
echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all
echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts
echo 0 > /proc/sys/net/ipv4/ip_forward
#modules
$IPT -P INPUT DROP
$IPT -P FORWARD DROP
$IPT -P OUTPUT ACCEPT
# Enable free use of loopback interfaces
$IPT -A INPUT -i lo -j ACCEPT
$IPT -A OUTPUT -o lo -j ACCEPT
# Input policy
$IPT -A INPUT -j ACCEPT -m state --state ESTABLISHED,RELATED
TCP="22,25,53,80,123,443,993"
UDP="53,123" $IPT -A INPUT -i eth0 -p tcp -j ACCEPT -m multiport \ --dports $TCP -m state --state NEW


$IPT -A INPUT -i eth0 -p udp -j ACCEPT -m multiport \
--dports $UDP -m state --state NEW


This man is not welcome in Croatia .

With this post I want to take a look to the communities that use Wikimedia as a collaborative tool.

en.wikibooks.org
Wikibooks is a Wikimedia community for creating a free library of educational textbooks that anyone can edit. Wikibooks began on July 10, 2003, since then Wikibooks has grown to include over 28,696 pages in a multitude of textbooks created by volunteers like you!

wikitravel.org
Wikitravel is a project to create a free, complete, up-to-date, and reliable worldwide travel guide. So far we have 18,087 destination guides and other articles written and edited by Wikitravellers from around the globe. Check out the Help page to see how you can edit any page right now, or the Project page for more information about Wikitravel and getting involved.

commons.wikimedia.org
If you are browsing Commons for the first time, you may want to start with our featured pictures or quality images, which have been selected by the Commons community as being particularly valuable.

wikimapia.org
WikiMapia is an online map and satellite imaging resource that combines Google Maps with a wiki system, allowing users to add information (in the form of a note) to any location on earth.

cosmeticwiki.com
CosmeticWiki features over 35000+ of your favorite Skin Care, Hair, and Cosmetics products. View Product Information, Ingredient Lists, User Testimonials and Price Comparisons for each, or add your own.

www.wikileaks.org
Wikileaks is a website that publishes anonymous submissions and leaks of sensitive corporate and government documents, while taking measures to preserve the anonymity and traceability of its contributors.

www.sourcewatch.org
SourceWatch is a collaborative project of the Center for Media and Democracy to produce a directory of the people, organizations and issues shaping the public agenda.

en.wikinews.org
The free news source you can write!

anarchopedia.org
Anarchopedia is an open knowledge-portal and online anarchist community.

wiktionary.org
Wiktionary, a collaborative project to produce a free-content multilingual dictionary.

One of my favorite web sites is cryptome.org, which publish sensitive corporate and government documents,in particular material on freedom of expression, privacy, cryptology. I often browse inside the site,but without a internal search engine it is very hard to find and appreciate all the documents and photos available . Then I have decided to write a small firefox search engine plugin that improve the search.

You can download and install the plugin here:
www.cryptolife.org/code/cryptome/

I hope that this small addon will be helpful.

The passport is a document as others, we consider it inoffensive ,and when we are abroard, it gives to us a common sense of security and confidence. We never think that it would be used against ourselves, because we assume that it is a paper document issued by our government in order to give us protection and freedom of movement when we travel in a foreigner country. Before the madness of post 9/11, our passports were printed with a statement of nationality, first name, surname and other anagraphic information about the holder. But when the psychosis started with the demand of for more security and control; companies and governments showed a great interest in security measures such biometrics and rfid chips. On one hand, people worried more about possible terrorist attacks, and on the other hand, about the way in which a master plan was being drawn up to extend the power of corporations and governments to control and track consumers and citizens in daily life. This security mongering campaign has worked and succeeded so far, and so well that people accept rfid and biometrics without asking themselves the possible implication of such privacy invasion.

A few weeks ago I received the new biometric British passport with an integrated rfid chip and , as soon as I have opened the package , I had a strange feeling. Then I decided to build a hardware firewall for my new e-Passport. I’m not so worried that my personal data is stored in the chip embedded in the e-Passport, but I’m scary that this information could be read remotely and re-used without my knowledge, and my every movement can be tracked. Suck attack can be performed with a common rfid reader available on ebay and various opensource software. The more that I have the passport and more I wanted to do something. So, I went into the kitchen and with a roll of aluminium foil I’ve made a kind of wallet that should stop or reduce the chip emissions . I’m not sure if this is enough, but it is a good starting point.

The average person thinks that deleting the files or even formatting the hard-drive and removable devices is enough to make data unrecoverable. This is a common misconception, in fact deleting a file does not delete any information but just the pointer that the operating system uses to build the file and the directory structure. Deleting those pointers, only changes the file status which become invisible to the operating system but it is still there (on the hard drive) until it is not overwritten by another file or done with a dedicated wiping software. With sophisticated forensic techniques it’s still possible to determine which wiping tools have been used or which file name was deleted. In this post I will show you how it’s possible to recover (in a few minutes), some deleted files from a common usb key. After downloading the software PhotoRec (for linux) we can plug our usb key (where previously we have copied and deleted some files and even formatted the key) and then move in the directory /testdisk-6.9/linux , where you will find the binary called photorec_static .

type ./photorec_static and follow the instructions

screenshot 1
screenshot 2
screenshot 3
screenshot 4
screenshot 5
screenshot 6
screenshot 7

After that, the process is over, I’ve moved in the dir recup_dir.1 where I’ve found 2 files recovered from the usb key; one is the txt file where I’ve written some fake usernames and passwords and the other is Advanced Bash-Scripting Guide .pdf, just the ones that I’ve copied and deleted from the key before that I’ve started the test. Scary ?

To avoid the leak of your sensitive information through a data recovery, there are several programs available to overwrite entire hard disks, usb keys, or single files to make them unrecoverable with data recovery techniques.

for Linux:
dban.sourceforge.net
wipe
secure-delete
shred

for Windows:
www.fileshredder.org

for Mac:
Secure Empty Trash
Eraser Pro

Before selling or giving away an old computer, hard drive or lending out your usb key, just think about how much juicy information can be recovered.

Note: you can use this commands to grab and store in a different location the file previously recovered .


find recup_dir.* \( -name \*.bmp -o -name \*.gif -o -name \*.png -o -name \*.jpg \) | xargs -I '{}' mv {} /media/disk/recovery/img


find recup_dir.* \( -name \*.mp3 -o -name \*.avi -o -name \*.mpg -o -name \*.swf \) | xargs -I '{}' mv {} /media/disk/recovery/multimedia


find recup_dir.* \( -name \*.pdf -o -name \*.xls -o -name \*.doc -o -name \*.txt\) | xargs -I '{}' mv {} /media/disk/recovery/doc


Just a few days ago I’ve wrote about how to protect sensitive data on the hard drive and other storage devices. But during the weekly meeting of “razmjenavjestina“, I’ve been warned (from one developer of luks) about a new attack that can easily dump the encryption key used by products such as Windows Vista BitLocker,Linux truecrypt, linux dm-cryp and Apple FileVaul. The concept of the attack doesn’t work on the encryption directly, but on the weakness of some computers to wipe the data when they boot up.

This attack is based in the fact that the encryption key for the HDD is stored in RAM while the computer is running, shutting down or restarting the computer should wipe off the data of the DRAM. But the princeton research team have found that the data is retained for seconds or minutes after the computer is powered off.

They also found that by freezing the memory chips with liquid nitrogen found in a can of air , they could get the data to remain in memory easily for as long as ten minutes, and often longer. Then the researchers have plenty of time to remove the ram and place it in another computer and dump the encryption key, with the appropriate software.

Here there’s the papers and the video that explain the proof of concept:
http://citp.princeton.edu/memory/

Solutions: I regret to say that at the moment there’s no simple method or mitigation for this attack.

I’ll try to keep this post update with the latest news, contributions will be appreciated .

Bruce Schneier point of view: Cold Boot Attacks Against Disk Encryption

Next week  the Ubuntu community will host a special classroom session wich will cover Personal Package Archives to bug triaging. This is a greath starting point to become a new ubuntu developer. Read more on arstechnica.com

ubuntu wiki