I use Wireshark quite all the time. I was lucky to get a copy of Hacking: The Art of Exploitation when I was a teenager, the book gave me an excellent introduction to using tcpdump to perform network analysis. tcpdump is the first tool I reach for when I wonder where the packets are going, but for anything higher level (breaking down http, checking wlan flags) I use wireshark , I am always impressed.

At 33c3 there was a wireshark introductory self organised session run by kirils . I did not go to this session, but the slides I found look to be an excellent introduction to using wireshark .

Reading: Babylon's Ashes

My head is pretty full writing slides for FOSDEM. Here is an interview with William Binney , if you don't know of Binney this interview is a great introduction. Binney is credited by Snowden as one of the motivators behind his set of leaks.

Binney also gave the keynote at Hope 9, which is a great watch.

Reading: Babylon's Ashes

I reinstalled or upgraded my c720 or something and things are a bit all over the place. Tonight I started firefox in the hackerspace and noticed my trackpad wasn't working, it needs to be explicitly setup. This is mentioned on the comprehensive FreeBSD c720 guide , but there have been some updates to the driver that aren't reflected on the page. You now need to load the chromebook_platform driver manually.

# kldload chromebook_platform
# kldload ig4
# kldload cyapa

The cyapa driver offers all the features you would want from a trackpad, two finger dragging, thresholds for taps and an three button mouse emulation mode.

# sysctl debug.cyapa_enable_tapclick=3

Which gives me the following awesome mouse button layout on the trackpad.

        Trackpad layout

         2/3               1/3
+--------------------+------------+
|                    |   Middle   |
|                    |   Button   |
|       Left         |            |
|      Button        +------------+
|                    |   Right    |
|                    |   Button   |
+--------------------+............|
|     Thumb/Button Area           | 15%
+---------------------------------+

Also disable super danger mode:

# echo "hw.acpi.power_button_state=NONE" >> /etc/sysctl.conf

Physical access is pretty much always game over, apart from the iPhone there are not many devices that can stand up to attack. Intel seem to want to make physical access even easier and are now offering JTAG access on USB.

JTAG is a hardware debugging protocol normally seen on embedded systems or accessed through a special adapter on the motherboard. You can use JTAG to pause a processor, step through the instructions being executed and read into memory. With JTAG access you have full access to the machine.

Reading: Babylon's Ashes

One of the speakers asks the audience early on 'Do you think Internet Censorship should be allowed?' and gets about half the crowd showing hands. I really cannot understand that sort of response, clearly there are things we don't want people to see, but I can't support a blanket censorship system to block that content.

If there was a way to block really dangerous material, without risking blocking completely reasonable material I am sure that is what we would be implementing.

The slides for the presentation are here , there are some other slides here .

Reading: Babylon's Ashes

This podcast it is quite nice.