 Marcus Carey of SunTzu security firm & founder of DoJoSec | The March 5th DoJoSec was the second one of their monthly briefings I have attended. Although it is almost a three-hour drive from New Jersey, these evening sessions have been worth attending. I had to miss April's session because of schedule conflicts, but plan to attend the upcoming sessions of what has been called "dinner theatre for security geeks." Since the videos of the presentations are available (embedded & linked on this page), I won't bother summarising them in detail. Just watch the videos. Rather, I'll highlight some of the things I found especially interesting in the presentations. iPhone Forensics - Walter Barr and Sean Morrissey I had heard much about iPhone forensics from Jonathan Zdziarski, so I was interested in hearing what these fellows had to say on the subject. One of the interesting aspects of the presentation was the influence of the speakers' different professional background when it came to the issue of "jailbreaking" iPhones in the course of forensic examination. Morrissey came out of law enforcement background while Bar did not. This difference was the most evident when they covered "jailbreaking" iPhones to extract evidence data. Bar saw jailbreaking as an option. Morrissey strongly insistented that jailbreaking should not be used. Besides Apple's claim that jailbreaking iPhones is illegal, the use of "hacker tools" might open up challenges in court where opposing attorneys imply one is using "criminal" or somehow suspect tools. He exhorted the audience to do forensics right so we don't have bad cases and alluded to the forensic problems in the OJ murder case. The "hacker tool" & potential for court challenges stirred up quite a lively discussion during the Q&A. Some people pointed out that valuable security/forensics tools such as Wireshark could be maligned as "[criminal] hacker tools" and yet we use them, so why avoid jailbreaking tools. The problem appears to be that jailbreaking tools don't have as strongly established reputation for constructive uses as do Wireshark, nmap, nessus, and many other dual-/multi-purpose tools. Snort - The Forensics Tool? - David Warren Because I have been dealing with malware and network analyses recently, I was particuarly interested in seeing what Warren had to say. The main thing I got was that Snort's rules features and its support for extensive text and hex pattern searches make it handy for going through packet capture data. Cyberwar is BS - Marcus J. Ranum I looked forward to hearing Marcus Ranum's take on popular cyberwar concepts. I had read his thought-provoking "Six Dumbest Ideas in Computer Security" and saw that even if I didn't agree with everything he said, his ability to make us think more deeply about security was a valuable talent. Ranum's presentation was even better than I had expected. I am not even going to bother summarising anything else from it. Just view the video. enjoy, and think! Cheers. P.S. Dustin L. Fritz has more photos from the March DoJoSec Monthly Briefing on his blog. | |
 Bar & Morrissey speaking on iPhone forensics | ||
DojoSec Monthly Briefings - March 2009 - Wally Barr & Sean Morrissey from Marcus Carey on Vimeo. | ||
 David Warren reminding us of computing in the early 1980s. Remember the TI-99/4A home computer? | ||
DojoSec Monthly Briefings - March 2009 - Dave Warren from Marcus Carey on Vimeo. | ||
 Marcus Ranum speaking on cyberwar | ||
DojoSec Monthly Briefings - March 2009 - Marcus J. Ranum from Marcus Carey on Vimeo. | ||
Good practical advice in this New York Times tech article. It covers problems such as
- mobile phone losing its charge
- remote car key transponder doesn't have enough range to reach the vehicle
- dried up inkjet cartridge
- mobile phone took a dive into the loo
- extending WiFi reach (has a link to http://freeantennas.com/projects/templat
e/) - dirty CD or DVD disc -- no, not smut, but schmutz. (a nice excuse for keeping a small botlle of vodka in the office desk. "It's for cleaning my discs, yes, indeed. Oh, the smell on my breath? Hmmm.....")
- camera flash too bright
- crashed hard disk disk drive.
Jonathan "J.D." Abolins
Slashdot had a thread yesterday about this device & software. I've not seen the package myself.
http://mobile.slashdot.org/
Neopwn: <http://www.neopwn.com/> says:
http://mobile.slashdot.org/
Neopwn: <http://www.neopwn.com/> says:
Pocket Pentesting(The mobile phone will only work with GSM networks that require SIMs.)
Running on a well balanced mix of open source hardware and network security testing software, NeoPwn has been a long awaited pocket penetration testing platform. This is the first ever network auditing distribution for a mobile phone.
The NeoPwn uses the base platform of the Openmoko Neo Freerunner, which offers USB WLAN support, a GPS Modem, a GPRS Modem for cellular connectivity, and an CSR based Bluetooth module. The USB hostmode will also allow for a range of other devices and peripherials.
Neopwn runs on an optimized FULL custom Debian operating system that boots off of a microSD card with a custom Linux kernel, with a vast support range for module drivers, allowing the network security tester the ability to perform various network penetration auditing tasks that are normally carried out on a notebook or desktop workstation.
The complete mobile phone & software packages run from about 700 USD to 1,000 USD. They have less expensive packages minus the phone.
Even if you don't buy a Neopwn mobile, their software listing can be useful for building a collection of free/open source software pen-test tools.
J.D. Abolins
- Mood:
awake - Music:Zot Nit Keynmol (Song of the Warsaw Ghetto) - Paul Robeson
![[info]](http://l-stat.livejournal.com/img/userinfo.gif){kind=small}
