[nycbug-talk] some more notes on Fifth HOPE
george at sddi.net
Fri Jul 9 22:30:27 EDT 2004
Some additional notes from the 2600 Conference today. . .remember, it
continues tomorrow at the Pennsylvania Hotel at 7th & 33rd street. .
A few of us were sitting outside trying to find wireless connectivity
in the area, as Verizon screwed up the HOPE circuits, and an older man
started asking a barrage of questions. It was Captain Crunch himself.
What an honor. Told him about KisMac, which he took the URL for. . .If
you don't know who he is, google for his name and a certain whistle and
you'll understand it all. . .
How the Great Wall Works.
Bill Xia spoke about the Chinese gov't's firewall, probably built with
the assistance of Cisco. . .They censor sites external to China with
DNS poisoing, tcp session hijacking, ip blacklisting of
source/destination IP and port. SSH tunnels are a way around for now.
Not to be on the gov't's side of this. . .but why don't they just cache
the sites they *do* want to give internally, and block everything else?
And proxy all mail. . .Since 2000, over 40 documented cases of arrests
tied to "illegal" internet activities. . hmmm. . .If the US is 1/3.5
the size of China, that would be over 11 people. . .Something I'm sure
the US gov't has matched if not surpassed. Bill is involved in
dit-inc.us, which works to bypass the gov't's firewall. He provided a
few other sites, including faluninfo.us, hrichina.org, 64memo.org,
china21.org. . .Fascinating stuff. Definitely an effort worth giving
your support to.
Security Through Diversity
Another great meeting. . .first part based only on genetics and the
role of diversity in species' survival. Then connected to technology
and computing. . .whether on the application end, os, etc. Had a great
list of bibliographies for his talk, but was unable to get them down,
and he wasn't too helpful in getting them to anyone. Referenced
authors included Zhang on Hetero. . .I raised point about difficulty
about diversity in business sites, as there's been the complete
dismantling of open standards. . .so interoperability is hard. . .He
raised the point of reverse engineering, such as with SMB. . .excellent
point. He mentioned that OpenSSH, Apache and more rely on one library,
another indication of the problems with diversity. One bibliography I
did catch was Linger: "Systematic Generation of Stochastic Diversity as
an Intrusion Barrier in Survivable Systems Software" 1999 Pretty scary
title for a paper, but excellent concept. He also contrasted security
through diversity versus security through obscurity, an approach by
Missed some of this meeting. . .based in Berlin, on GSM, of course.
Triband, CP200. Other solutions include Speak Freely, Nautilus,
PGP-Phone, h.323 over IPSec, Skype, and other closed source. All have
various problems. Hardware is HTC Himalaya XDA-II, MDA-II. Nokia
9210, with Windows CE, as he said it was the easiest to access code, as
most is open. Locked down os
Hope some people found that useful.
More information about the talk