- Michael Ossman and the NSA Playset — the guy who read the leaked descriptions of the NSA’s toolchest, built them, and open sourced the designs. One device, dubbed TWILIGHTVEGETABLE, is a knock off of an NSA-built GSM cell phone that’s designed to sniff and monitor Internet traffic. The ANT catalog lists it for $15,000; the NSA Playset researchers built one using a USB flash drive, a cheap SDR, and an antenna, for about $50. The most expensive device, a drone that spies on WiFi traffic called PORCUPINEMASQUERADE, costs about $600 to assemble. At Defcon, a complete NSA Playset toolkit was auctioned by the EFF for $2,250.
- Gates Foundation Announces World’s Strongest Policy on Open Access Research (Nature) — Once made open, papers must be published under a license that legally allows unrestricted re-use — including for commercial purposes. This might include ‘mining’ the text with computer software to draw conclusions and mix it with other work, distributing translations of the text, or selling republished versions. CC-BY! We believe that published research resulting from our funding should be promptly and broadly disseminated.
- Xenotix — an advanced Cross Site Scripting (XSS) vulnerability detection and exploitation framework. It provides Zero False Positive scan results with its unique Triple Browser Engine (Trident, WebKit, and Gecko) embedded scanner. It is claimed to have the world’s 2nd largest XSS Payloads of about 4700+ distinctive XSS Payloads for effective XSS vulnerability detection and WAF Bypass. Xenotix Scripting Engine allows you to create custom test cases and addons over the Xenotix API. It is incorporated with a feature-rich Information Gathering module for target Reconnaissance. The Exploit Framework includes offensive XSS exploitation modules for Penetration Testing and Proof of Concept creation.
- Firing Range — Google’s open source set of web security test cases for scanners.
"open source" entries
Nate Oostendorp on manufacturing and the industrial Internet, and Tim O'Reilly and Rod Smith discuss emerging tech.
The Industrial Revolution had a profound effect on manufacturing — will the industrial Internet’s effect be as significant? In this podcast episode, Nate Oostendorp, co-founder and CTO of Sight Machine, says yes — where mechanization ruled the Industrial Revolution, data-driven automation will rule this next revolution:
“I think that when you think about manufacturing 20 years from now, the computer and the network is going to be much more fundamental. Your factories are going to look a lot more like data centers do, where there’s a much greater degree of automation that’s driven by the fact that you have good data feeds off of it. You have a lot of your administration of the factory that will be done remotely or in a back office. You don’t necessarily need to have engineers on a floor watching a machine in order to know what’s going on. I think fundamentally, the number of players in a factory will be much smaller. You’ll have much more technical expertise but a fewer number of people overall in a factory setting.”
According to Oostendorp, we’re already seeing the early effects today in an increased focus on quality and efficiency. Read more…