Clustering Bitcoin Accounts Using Heuristics (O’Reilly Radar) — In theory, a user can go by many different pseudonyms. If that user is careful and keeps the activity of those different pseudonyms separate, completely distinct from one another, then they can really maintain a level of, maybe not anonymity, but again, cryptographically it’s called pseudo-anonymity. […] It turns out in reality, though, the way most users and services are using bitcoin, was really not following any of the guidelines that you would need to follow in order to achieve this notion of pseudo-anonymity. So, basically, what we were able to do is develop certain heuristics for clustering together different public keys, or different pseudonyms.
A Primer on Hardware Security: Models, Methods, and Metrics (PDF) — Camouflaging: This is a layout-level technique to hamper image-processing-based extraction of gate-level netlist. In one embodiment of camouflaging, the layouts of standard cells are designed to look alike, resulting in incorrect extraction of the netlist. The layout of nand cell and the layout of nor cell look different and hence their functionality can be extracted. However, the layout of a camouflaged nand cell and the layout of camouflaged nor cell can be made to look identical and hence an attacker cannot unambiguously extract their functionality.
Prompter: A Domain-Specific Language for Versu (PDF) — literally a scripting language (you write theatrical-style scripts, characters, dialogues, and events) for an inference engine that lets you talk to characters and have a different story play out each time.
Popular Chinese Android Smartphone Backdoored By Manufacturer — Coolpad is the third largest smartphone builder in China, and ranks sixth worldwide with 3.7 percent global market share. It trails only Lenovo and Xiaomi in China and is the leader of China’s 4G market with 16 percent market share. Coolpad outsells Samsung and Apple in China, and has said it plans to expand globally with a goal of 60 million phones worldwide. For now, its high-end Halo Dazen phones are the only ones containing the backdoor, Palo Alto said. Backdoor enabled installation of other apps, dial numbers, send messages, and report back to the mothership. The manufacturer even ran the command-and-control nodes for the malware.
USB Driveby — dongle that plugs into USB, and tries to root the box. Specifically, when you normally plug in a mouse or keyboard into a machine, no authorization is required to begin using them. The devices can simply begin typing and clicking. We exploit this fact by sending arbitrary keystrokes meant to launch specific applications (via Spotlight/Alfred/Quicksilver), permanently evade a local firewall (Little Snitch), install a reverse shell in crontab, and even modify DNS settings without any additional permissions.
Dissent — an anonymous communication substrate intended primarily for applications built on a broadcast communication model: for example, bulletin boards, wikis, auctions, or voting. Users of an online group obtain cryptographic guarantees of sender and receiver anonymity, message integrity, disruption resistance, proportionality, and location hiding. And a pony.
USB Armory — another Linux-on-a-stick, but this one has some nifty dimensions and security applications in mind.
Who’s the Boss? — The Elf on the Shelf essentially teaches the child to accept an external form of non-familial surveillance in the home when the elf becomes the source of power and judgment, based on a set of rules attributable to Santa Claus. Excellent deconstruction of ludic malware. (via Washington Post)
Bezos on Time (Business Insider) — Where you are going to spend your time and your energy is one of the most important decisions you get to make in life. We all have a limited amount of time, and where you spend it and how you spend it is just an incredibly levered way to think about the world. This (he says at 9 p.m. in the office, in a different city from his family!).
The Many Facades of DRM (PDF) — Modular software systems are designed to be broken into independent pieces. Each piece has a clear boundary and well-defined interface for ‘hooking’ into other pieces. Progress in most technologies accelerates once systems have achieved this state. But clear boundaries and well-defined interfaces also make a technology easier to attack, break, and reverse-engineer. Well-designed DRMs have very fuzzy boundaries and are designed to have very non-standard interfaces. The examples of the uglified DRM code are inspiring.
DPDK — a set of libraries and drivers for fast packet processing […] to: receive and send packets within the minimum number of CPU cycles (usually less than 80 cycles); develop fast packet capture algorithms (tcpdump-like); run third-party fast path stacks.
Clearing the Air Around Tor (Quinn Norton) — Occasionally the stars align between spooks and activists and governments and anarchists. Tor, like a road system or a telephone network or many pieces of public infrastructure, is useful to all of these people and more (hence the debate on child pornographers and drug markets) because it’s just such a general architecture of encryption. The FBI may want Tor to be broken, but I promise any spies who are counting on it for mission and life don’t.
Offline Cookbook — how Chrome intends to solve the offline problem in general. I hope it works and takes off because offline is the bane of this webapp-user’s life.
The Pirate Bay, Down Forever? — As a big fan of the KLF I once learned that it’s great to burn great things up. At least then you can quit while you’re on top.
Luigi (Github) — a Python module that helps you build complex pipelines of batch jobs. It handles dependency resolution, workflow management, visualization, etc. It also comes with Hadoop support built in. (via Asana engineering blog)
Quantum OS — Linux desktop based on Google’s Material Design. UI guidelines fascinate me: users love consistency, designers and brands hate that everything works the same.
Inside AWS — Every day, AWS installs enough server infrastructure to host the entire Amazon e-tailing business from back in 2004, when Amazon the retailer was one-tenth its current size at $7 billion in annual revenue. “What has changed in the last year,” Hamilton asked rhetorically, and then quipped: “We have done it 365 more times.” That is another way of saying that in the past year AWS has added enough capacity to support a $2.55 trillion online retailing operation, should one ever be allowed to exist.
Michael Ossman and the NSA Playset — the guy who read the leaked descriptions of the NSA’s toolchest, built them, and open sourced the designs. One device, dubbed TWILIGHTVEGETABLE, is a knock off of an NSA-built GSM cell phone that’s designed to sniff and monitor Internet traffic. The ANT catalog lists it for $15,000; the NSA Playset researchers built one using a USB flash drive, a cheap SDR, and an antenna, for about $50. The most expensive device, a drone that spies on WiFi traffic called PORCUPINEMASQUERADE, costs about $600 to assemble. At Defcon, a complete NSA Playset toolkit was auctioned by the EFF for $2,250.
Gates Foundation Announces World’s Strongest Policy on Open Access Research (Nature) — Once made open, papers must be published under a license that legally allows unrestricted re-use — including for commercial purposes. This might include ‘mining’ the text with computer software to draw conclusions and mix it with other work, distributing translations of the text, or selling republished versions. CC-BY! We believe that published research resulting from our funding should be promptly and broadly disseminated.
Xenotix — an advanced Cross Site Scripting (XSS) vulnerability detection and exploitation framework. It provides Zero False Positive scan results with its unique Triple Browser Engine (Trident, WebKit, and Gecko) embedded scanner. It is claimed to have the world’s 2nd largest XSS Payloads of about 4700+ distinctive XSS Payloads for effective XSS vulnerability detection and WAF Bypass. Xenotix Scripting Engine allows you to create custom test cases and addons over the Xenotix API. It is incorporated with a feature-rich Information Gathering module for target Reconnaissance. The Exploit Framework includes offensive XSS exploitation modules for Penetration Testing and Proof of Concept creation.
Firing Range — Google’s open source set of web security test cases for scanners.
A Critique of the Balancing Metaphor in Privacy and Security — The arguments presented by this paper are built on two underlying assertions. The first is that the assessment of surveillance measures often entails a judgement of whether any loss in privacy is legitimised by a justifiable increase in security. However, one fundamental difference between privacy and security is that privacy has two attainable end-states (absolute privacy through to the absolute absence of privacy), whereas security has only one attainable end-state (while the absolute absence of security is attainable, absolute security is a desired yet unobtainable goal). The second assertion, which builds upon the first, holds that because absolute security is desirable, new security interventions will continuously be developed, each potentially trading a small measure of privacy for a small rise in security. When assessed individually each intervention may constitute a justifiable trade-off. However, when combined together, these interventions will ultimately reduce privacy to zero. (via Alistair Croll)
ISP Interconnection and its Impact on Consumer Internet Performance (Measurement Lab) — In researching our report, we found clear evidence that interconnection between major U.S. access ISPs (AT&T, Comcast, CenturyLink, Time Warner Cable, and Verizon) and transit ISPs Cogent, Level 3, and potentially XO was correlated directly with degraded consumer performance throughout 2013 and into 2014 (in some cases, ongoing as of publication). Degraded performance was most pronounced during peak use hours, which points to insufficient capacity and congestion as a causal factor. Further, by noting patterns of performance degradation for access/transit ISP pairs that were synchronized across locations, we were able to conclude that in many cases degradation was not the result of major infrastructure failures at any specific point in a network, but rather connected with the business relationships between ISPs.
The Delusions of Big Data (IEEE) — When you have large amounts of data, your appetite for hypotheses tends to get even larger. And if it’s growing faster than the statistical strength of the data, then many of your inferences are likely to be false. They are likely to be white noise.
ROSCON 2014 — slides and videos of talks from Chicago open source robotics conference.
Making Sure Crypto Stays Insecure (PDF) — Daniel J. Bernstein talk: This talk is actually a thought experiment: how could an attacker manipulate the ecosystem for insecurity?
Material Design Icons — Google’s CC-licensed (attribution, sharealike) collection of sweet, straightforward icons.