This post is going to be my recap of a small portion of Dan Kaminsky’s Derbycon 2012 talk, “Black Ops.” The part of his talk this writing will reflect on the importance of random number generation and details a couple methods for adding entropy.Continue reading
This post is going to briefly discuss RFID (Radio Frequency IDentification) technology and some concerns with it being used in keys. It will start with a quick description of the functional components of RFID, move on to some examples of it being used in keys, continue with a little bit of cryptography talk, and end with saying RFID keys are probably a bad idea.Continue reading
This post is inspired a DerbyCon 2011 talk by Rob Simon and Josh Kelly I recently watched called Pentesting Over Power Lines. I’m going to start with a brief overview of the concept of Broadband over Power Lines (BPL). From there I will transition into a description of the X10 protocol itself. The focus will be on the protocol’s vulnerability to hacking.Continue reading
The SANS Institute lists the top 20 critical security controls at http://www.sans.org/critical-security-controls/. In this post I will concern myself with their number 1 item: inventory of authorized and unauthorized devices. According to SANS, controlling the inventory of authorized and unauthorized devices on a network seeks to “actively manage (inventory, track, and correct) all hardware devices on the network so that only authorized devices are given access, and unauthorized and unmanaged devices are found and prevented from gaining access.” This article outlines several ways of implementing such control which I will briefly recount.Continue reading
I’ve had a Roku for about two years now and just finally got around to hooking it up. There are a lot more channels than I was expecting, and some pretty good ones at that; one that I found and have been watching recently is the DerbyCon channel. DerbyCon is a hacker convention in Derby, Kentucky, and they have videos of all the speakers from 2011 and 2012. John Strand is the speaker I’m parroting. In his talk he spoke of “hacking back” as a way of interfering with webcrawlers and directory-scanning bots that I thought was neat.Continue reading
I started this post to showcase my first electrical circuit, a motion detecting rope light, but it begins with a rant about the clutter I’ve accumulated over my short time as hobbyist electrical engineer. After the short rant, I basically present a walkthrough of the project along with the wiring schematic, the code, and a video showing the light in action.Continue reading
The Fundamentals of CDMA and GSM
April 5, 2012
This term paper is going to compare CDMA and GSM cellular technologies. It will first introduce both technologies with a brief terminology and history overview. The paper will then delve into each technology individually. The first focus will be on GSM. This work will explain the fundamentals behind how GSM works and will assess its strengths and weaknesses. Following suit, the paper will do the same with CDMA. Finally, the two technologies will be compared, contrasted, and summarized to complete the paper. Continue reading
Seven months between posts isn’t bad, is it? A lot has happened, and I’m going to briefly recap. In a nutshell, I built a computer, nearly finished my Bachelor’s degree, and am considering a Master’s degree (but I don’t know in what concentration).
The title says it all. I finally got around to setting this thing up. It was a nice little crash course in PHP. I appreciate how simple PHP is to implement, but I don’t care much for the syntax and odd function names; using a period for a concatenation operator seems silly to me. It is nice and quick, though.