jump to navigation

Congressman Barber’s Response to Inquiry About DHS Alleged MRAP and Ammo Orders April 19, 2013

Posted by Robert Harder in Uncategorized.
Tags: , , ,
3 comments

640px-Navistar_MaxxProRegarding the Department of Homeland Security’s (DHS) alleged purchases of 2,700 Mine-Resistant Ambush Protected (MRAP) vehicles and billions of rounds of ammunition, I just got off the phone with a fellow named Mike from Congressman Barber’s (D-AZ) office. Congressman Barber is on the House Armed Services Committee. I was concerned about these reported unusual purchases, and I wrote a letter in February. I asked for answers; they investigated. Here is their answer.
(more…)

ShieldsUP! Strange Results March 15, 2011

Posted by Robert Harder in Utility.
Tags: , , ,
add a comment

ShieldsUP! from Steve Gibson is a great service that helps you assess your computer’s protection on the Internet. Debugging some recent router troubles, I tried turning on DMZ mode, which redirected all incoming traffic to a Mac (OS X 10.6.6) on my network. I was surprised to see the striped pattern below:

Now that’s weird. Could it be some kind of reactive firewall technique on the Mac? I don’t know, but it’s a pattern, and that certainly caught me off guard.

Locate Your Mac Laptop If It Is Missing January 19, 2011

Posted by Robert Harder in Utility.
Tags: , , ,
20 comments

There are commercial services to help you locate lost laptops, but I wanted a feature that required less software to be installed and fewer Big Brothers helping me out along the way. Using a few free tools and shell scripts, I cobbled together my own LoJack-type system that notifies me whenever my laptop awakes (I can’t help you if your computer is turned off).

Tools Used:

  • SleepWatcher: Executes commands of your choice when computer wakes, sleeps, etc
  • bash: Shell scripting
  • LocateMe: Free command line tool (from me) using Apple’s geolocating API
  • Notifo: Lightweight notification for iPhones, etc
  • Google Maps: Displaying your laptop location

Downloads:

(more…)

Be Notified of SSH Logins with Notifo September 11, 2010

Posted by Robert Harder in Utility.
Tags: , , ,
6 comments

I’ve been finding all kinds of neat uses for Notifo, a multipurpose notification tool for the iPhone, and I wanted to be notified when anyone (should only be me) logged in to my home computer via SSH. I wrote a Pluggable Authentication Module (PAM) that sends a notice to Notifo whenever someone logs in or activates the PAM module another day (yes, I know that “PAM module” is redundant).

Check it out on SourceForge at http://iharder.net/pam_notifo. I developed it on a Mac. I don’t know if it will compile properly on Linux. Please try it out.

I Use CrashPlan for Live Offsite Backup February 19, 2010

Posted by Robert Harder in Utility.
Tags: ,
5 comments

One of my favorite podcasts SecurityNow had an advertiser that offered an online/offsite backup service and after trying Carbonite, Mozy, JungleDisk, and CrashPlan, I ended up settling with CrashPlan as my favorite to back up my Macs.

Unfortunately this all happened a few months ago, so I don’t remember all the details about why I liked or disliked each of the products, but here are some brief thoughts on each one.
(more…)

Jam Resistant Communication Without a Shared Key December 7, 2009

Posted by Robert Harder in Utility.
Tags: , , , ,
4 comments

BBC Decoding TreeSome US Air Force Academy (USAFA) and National Security Agency (NSA) smart guys (Baird, Bahn, and Collins – BBC) have come up with a way to achieve the kind of jam resistance that shared keys provide (like spread spectrum) but without the need for a shared key. For the crypto guys out there, this would be analogous to what the Diffie-Hellman key exchange brought to the world of symmetric cryptography. In fact one would probably use such a key exchange over BBC and then revert to traditional jam-resistant communication techniques, just as we do with asymmetric/symmetric crypto. Their ideas extend beyond jam resistance, but that’s what we’ll look at here.

(more…)

Two Factor Authentication in Snow Leopard SSH with Perfect Paper Passwords September 2, 2009

Posted by Robert Harder in Utility.
Tags: , , , , ,
4 comments

If you’re nobody special like me, you probably “only” get a few thousand failed SSH logins to your computer each day. If you run a high profile system, it’s probably worse. Of course you have a good password for your account (right?), but should someone actually get your password, like with a keystroke logger on the remote computer you’re using to log in, what protection do you have then?

Two factor authentication can increase your security by requiring more than just your password (one factor) to log in. I like using Perfect Paper Passwords from Gibson Research Corporation (GRC.com). With this system after entering my username and password (even a wrong password) in an SSH session, I am then prompted for a four-digit passcode that I’ve previously printed out and stashed in my wallet. Each code is only used one time, and protects me even if someone manages to get my password. In the case where attackers are guessing my password, they cannot tell if the password or passcode was guessed incorrectly.

Sample PPP passcard (courtesy grc.com)

Sample PPP passcard (courtesy grc.com)

There’s only a little bit of trickery involved to compile it for Mac OS X 10.6 Snow Leopard, and if you had it working before in Leopard, you’ll need to recompile the PAM module (I know, it’s like “ATM machine”) for 64-bit mode.

(more…)