Blog‎ > ‎

32c3 comments, random ramblings, thoughts, notes, dump part II

posted Feb 4, 2016, 7:38 AM by Sami Lehtinen   [ updated Feb 7, 2016, 12:14 AM ]
Running own 3G / 3.5G UMTS network - luh protocol stack and osmo-iuh implementing HNBAP, RUA and RANAP in Free Software OSMOCOM. Node B, BTS, lu RNC - MSC. M3UA, SCCP. SGSN, GGSN, RANAP, 3GPP, LTE-U, requires Protocol Archaeology (lol). Such a mess, well that wasn't surprise. I personally love KISS design, as long as there's no very good reason to introduce additional complexity. All Our Shared Spectrum Are Belong to Us. Neat things about resource allocation, cognestion control, routing, link scheduling, rate control, carrier sense control, power control and other layers of the required stack. Distributed Coordination Function (DCF, Listen Before Talk, collision avoidance). Consumer brain-computer interfaces. EEG / BCI / neuro feedback. DIY / OpenSource. 32c3 Data Protection Talk by Max Schrems (maxschrems). Adequate Protection, Personal Identifying Information (PII),  general data protection law, self-certification, 2000/520/EC, TRUSTe, PRISM, Facebook, public / private surveillance, CFR, ECHR, EU, data retention, content data, meta data, data storage, blanket surveillance, bill of rights only apply to US citizens. No news there. FISA procedure, RTE, Data Protection Commissioner, mass surveillance, all that paperwork was ridiculous, also the court process was a big joke. No disrespect, but that's what it is. This is a very good talk and presentation. Effective detection and supervision mechanisms, legal redress, EU law, consent, informed, unambiguous, specific, regulations, orders, data localization, encryption, data trustees, technical knowledge, legal enforcement. SIGINT data interception global network. Certified cloudless solutions, cryptologic defense platform. Stylometry and machine learning, identifying code author from binary and de-anonymizing programmers using statistical methods. Computational Meta-Psychology and real AI, not machine learning (which is not AI, it's just statistics at least in most of cases). Mental simulations, linguistic protocols, percepts, motivationally connected systems, cortical columns, Blue Brain project, state machine, message passing, reward, motivation. Primary computational transition function. Quite interesting talk, ha. Nerds. Intelexit talk and the Intelexit video, especially the campaign video "The Backdoor to democracy" was quite amusing. Be smart, exit intelligence now. Well well, it isn't that simple. Isn't it old saying that you'll sing the songs of whoever pays you. Of course respecting earlier agreements and good morale and manners (whatever that might mean). The drone flyer drop flight was quite daring. Anyway check out intelexit.org. Fluxus cannot save the world. Architecture of street level panopticon. Panopticon is The Perfect Prison. There people won't do anything forbidden, because they know they're being watched all the time. This means that the guards don't even need to do basically anything. Automated street level surveillance, tracking mobile devices, facial recognition, surveillance cameras, which is mass surveillance. Automated License Plate Readers (ALPR), Metadata, centralized data storage. Cell-site Simulators (Stingray, IMSI-catcher), aggregate analysis. Prevent, Expose, Empower, GPS Spoofing. Gibberish Detection, Vector Graphics Displays, Malware Obfuscation, C&C and hidden data relays. Pseudorandom Generator, Incident Responce, DNS servers, domain takedowns, gram / bigram frequency. Whole Gibberish Legitimacy test was stupid afaik. It's as trivial to generate words instead of other random strings. So the test is utterly useless. Measure minimum distance of domain name from concatenation of dictionary words, won't help at all afaik. Dictionary distance analysis, Greedy Algorithm, Symmetric Search, Edit Distance, normalized lexical deviancy, domain name collusion, Undetectable Gibberish, Domain Generation Algorithm (DGA). Clearly academic work? They're marvellous at producing very cool and complex stuff, lot of formulas, analysis and research papers, yet usually not doing anything useful at all. How about doing something preferably very simple which actually solves the problem? Card-based payment relies on two protocols, ZVT or OPI and ISO 8583 / Poseidon protocol, ARP spoofing, attack, ARP MITM, magstripe and chip details, authorization_req. Afaik, situation is better for Payment Terminals (Credit Card Terminals) in Finland. HSM, PIN, MAC, JTAG, RCE. Refund isn't tied to earlier payment, so you can refund money without charging it first. I've found out this earlier a few times. How? Actually it seems that sales transactions expire by default after 14 days, but refund transactions expire after 90 days or something. So if I do charge and refund, and then just keep the payment terminal unconnected for a month and connect it, the refund will get processed but the charge will be ignored. Been there, done that. A long time ago already. Shop shifting  (Shopshifting) puts merchants at significant fraud risk. Cloning ETF EMV payment terminals. Missing authentication and authentication with symmetric system-wide shared keys. Fixing suggestions weren't hard to guess. Disable unused features, add manual confirmation, don't allow any (random) configuration to be done remotely. Use encryption, don't use shared keys. Simple as that.