Red/Blue Pills, deeper and deeper
August 6, 2008
One of the most promising areas of innovation from a blackhat whitehat standpoint in research is the area of hardware based virtualization. So basically after the 5 year trend of software based virtualization VMware, VirtualPC ectera, AMD and Intel and others implemented hardware support for virtual machines. One physical box hosts multiple OS versions or Guest OS’s with emulated calls to the abstracted hardware layer yet all machines can share access to the underlying hardware functionality. The term hypervisor came into being that basically shrunk, and optimized the software used to manage virtual machines, and added a bunch of enterprise management and security features.
Security researchers have primarily four goals, creation of virtualization rootkits, escaping the Virtual machine to affect other virtual machines or the host OS/hypervisor, makeing the hypervisor undetectable to malware and malware being able to detect that its running in a virtualized environment. 
One of the leading researchers in this field is
Joanna Rutkowska is the babe brains behind the operation and is sort of an international wunderkind. I spent most of my formative years doinking around with games. heh, gotta catch up..
Look who is coming to dinner!
August 1, 2008
My wife wanted me to bring a co-worker of her’s home for a nice dinner.
I politely declined.
This is SPARTA!
August 1, 2008
If you eat your spinach you might turn into one of these Bruisers. If you havent been living under a rock for the past decade you might have noticed that one of the baddest movies ever 300 has been mashed up a ton of times.
Here is the Internet Meme version that went totally viral.
BOOM Headshot!
August 1, 2008
So for many years I have been playing a kickass game called CounterStrike. Here is a little taste. If your familiar with mashups there is a huge genre for mashing up music with gameplay videos.
I make sure I get out of the house quite a bit, so I don’t turn into this!
Bits fly through the air like MAJIC
August 1, 2008
So I am a consultant for a living and over the past few years have become a Mobile and Wireless Security expert. If you want to read up on some great stuff this is required daily intake.
340 HP of thigh rumbling Hemmy
August 1, 2008
So here is the car I drive. Its a blast and there is never any small amount of people asking me how I like it. There was a time I took my wife to my cousins wedding and when I pulled up everyone wait for their cars where like DAMMMMMMM…. Nice car. I felt like I was in a commercial! Can’t get better than that. Plenty of nice traffic tickets though. Freaking COPS.. Actually I have two buddies that are cops. One of em is cool, always gives out warnings. My kinda dude! By the way my ride is a Chrysler 300C V8
Context and Kick ass music
August 1, 2008
So I haven’t really given much context to what this blog is about so let me enlighten you now. I will be covering mostly Blackhat innovative techniques, tools, and outrageously cool vulnerabilities and circumvention of crucial technology. I will probably cover some cool aspects of wireless stuff as well.
In the mean time while you wait for my next post enjoy some of the music that I enjoy!
My Laptop is encrypted, Uhhh not anymore.
August 1, 2008
So with everyone losing and getting their laptops stolen, every organization under the sun is evaluating and looking at Data At Rest encryption typically AES if your smart, using Data Loss Prevention products. Basically it encrypts the entire hard drive, not just volumes, folders, and files like other products. Well cold boot attacks basically rip the encryption key right out of physical memory and then mount your hard drive and unencrypt the data so it can all be stolen. Wonderful. Of course these products should use multi-factor biometric and smart card based authentication at the preboot level which could conceivably prevent this, MAYBE. Im investigating….. McAfee Safeboot here I come! If you want to read up more on it and try out the code check out the research….
What a botnet looks like.. Purteeee
August 1, 2008
Well, one can’t really discuss the malware space without focusing on Bots, which are basically souped up trojans that get put onto machines due to a innumerable number of attack vectors, typically spam, SQL injection/malicious obfuscated JavaScript/multihop iframe redirections to multistaged malware dropper sites hosted by fast flux networks. Data, information, and authentication and identity credentials such as passwords, usernames, SSNs get stolen off machines, encrypted and sent through P2P based HTTP outbound ports sent via encrypted proxy services and dumped onto drop site servers where the info is picked up and sold to the highest bidders in the underground for identity theft, more data stealing, and espionage. Can you say are we having fun yet?!?! Anyways,
Heres a great article about what one of these puppies looks like. When you hear about things like Storm… This is what they are talking about. O ya, they are hidden by advanced rootkit technology and their binaries are packed and obfuscated, making effective reverse engineering way more difficult. O yea and they use anti Virtual Machine, anti debugger, tricks as well.
