Links to this:

While it’s no fun being stuck in an airport, it turned out to be the perfect environment to read this book. The story follows a high school hacker as he fights the “Department of Homeland Security” to reclaim American civil liberties after anti-terror tactics are taken to a new level. Having the real DHS making announcements in the background about threat levels and unattended baggage, only makes the story more real.

The book targets a younger audience than myself, but it’s still enjoyable. Doctrow does a wonderful job keeping the story believable, and explaining the security implications of the technology we use on a daily basis. Given the theme of the book, I do hope he’s successful in reaching a wide audience and sparking a healthy debate about “national security”, privacy, and civil liberties.

For more, see:

• Today is America’s wiretap the Internet day (Via BoingBoing)
• Reminder: Monday is Wiretap the Internet Day (Via Wired)

“Numbers stations are shortwave radio stations of uncertain origin. They generally broadcast people reading streams of numbers, words, or letters (sometimes using a phonetic alphabet)…” (Via wikipedia.)

There’s plenty of information online that describes how SSH tunneling works and how to set it up, but not surprisingly, you have to do a bit of Googling to actually find concise, step-by-step instructions that actually work. So here we go: Erik’s Three-Step Plan for Looking Like You Know What You’re Doing SSH Tunneling. (For the record, I’m using a PowerBook running OS X, tunneling to a server running Ubuntu Linux.)

[STEP 1] On the remote server I’m running Privoxy (an HTTP proxy.) On a Debian/Ubuntu box, getting Prixovy running is as complicated as typing: sudo apt-get install privoxy

[STEP 2] Assuming you can SSH into your remote server (ie., no firewall blockage), launch Terminal.app and issue something like this: ssh -N -L 8118:127.0.0.1:8118 remoteuser@serveraddress (changing “remoteuser” and “serveraddress” appropriately.) Using the -N flag you’ll still need to authenticate with the server, but you won’t actually get a command prompt — the window will just look like nothing’s happening.

[STEP 3] Tell your browser to use a proxy for HTTP and HTTPS running at 127.0.0.1 on port 8118.

You’re done! You can now hit WhatIsMyIP to see it working.

Of course, just like other three-step programs, there’s a little fine print and few extra details that might help to know:

1. Privoxy is an HTTP proxy, which translated means that instead of your browser asking a server for a web page, you’ll be asking Privoxy and Prixovy will relay the request and pass the resulting content back your way. Using a proxy is handy when: (1) You want to tunnel your browsing activity, and/or (2) When you’d like to have the proxy do some content manipulation for you (which is what Privoxy was written to do.) This content manipulation can be anything you want, but most of the time it means stripping out advertisements and possibly cleaning up bad HTML before the browser sees it.
2. If you haven’t used Privoxy before, you might want to read the docs and poke around in the config files to tweak as needed.
3. By default Privoxy runs on port 8118, hence the 8118 mapping the ssh statement.
4. Save yourself some time by storing your proxy settings for future toggling. To cover most OS X apps you’ll be creating a new Network Location for this. Go to the Apple Menu / Location / Network Preferences to create a new location profile. Toggling can be done using the Location menu under the Apple menu. For Firefox (which ignores the system-wide proxy settings), you’ll need to enter the settings directly into the Firefox’s Preferences or install the SwitchProxy Firefox plugin to enable a pop-up menu for proxy switching from the Firefox status bar.

Happy Surfing!

In other news…

Texas Sues Sony Under Anti-Spyware Law

“AUSTIN, Texas – The state sued Sony BMG Music Entertainment on Monday under its new anti-spyware law, saying anti-piracy technology the company slipped into music CDs leaves huge security holes on consumers’ computers.”

A piece of tape defeats any CD DRM:

“Applying a piece of opaque tape to the outer edge of the disk renders the data track of the CD unreadable. A computer trying to play the CD will then skip to the music without accessing the bundled DRM technology.”

Hackers Cracked Gmail (Here’s how)

“Google said Wednesday it has fixed a problem in its widely used email program that allowed hackers to break into people’s Gmail accounts to read messages and pose as legitimate email users.”

More at: “Online Vigilantes Fight Back Against Phishing Fraudsters“.

First, “Known Hole Aided T-Mobile Breach.” We’ve all heard plenty about what’s her name’s Sidekick getting owned, but the less recent T-Mobile breach has me a bit more concerned. According to this article, the back-door wasn’t nearly as elaborate as one would have hoped — it was simply an un-patched version of BEA WebLogic that let Jacobsen in. According to the article, older versions of WebLogic had a “feature” that allowed any file on the server to be read or replaced using an undocumented HTTP parameter. That’s right, someone designing the software decided that they would enable a full-on backdoor, but not tell anyone. You’ve got to be kidding. Worse still is that the flaw was discovered and a patch was issued, but T-Mobile simple failed to update their web servers.

But it get’s better. According to this article, the U.S. Government has decided that there will be “No Encryption for E-Passports.” Well that’s just great. How about just issuing T-Shirts and ball-caps with our social security numbers on them, and requiring travelers to hand out business cards with all their personal information to everyone they see. At least they thought about the issue enough to suggest that wrapping one’s passport in tin foil and duct tape should protect your personal information.

Of course, even with proper security measures, none if it will matter if the people who collect and sell this information don’t care who they sell it to. The article, “California Woman Sues ChoicePoint“, describes a case against ChoicePoint, “a data broker that collects financial, medical and other personal information on billions of people”, for apparently selling personal records to identity thieves.

The success of the attack is in part due to the weak, proprietary encryption algorithm developed by Texas Instruments 10 years ago. It relies on a 40-bit key, which is simply too small for critical security now.

The implications of this are very interesting, especially as businesses push to increase the use of RFID tags. Don’t get me wrong, I love RFID, but they way it’s being used here could stand a little more security thought. Take this scenario: a trouble youth packs a similar exploit system into a portable computer in her backpack. She could walk around supermarkets and shopping malls with a high-powered RFID reader in her bag, quietly collecting SpeedPass keys from the dongle’s in people’s pockets and purses. This is even easier then stealing credit card numbers, being a completely passive action. No more dumpster diving — just hang out around people and ping RFID chips! The cracked keys become black-market commodities, much like stolen credit card numbers or digital cable codes.

Mind you, using stolen RFID keys to buy fuel is just as dumb as using a stolen credit card. Modern gas stations have video cameras, and your license plate will be captured. In other words, it’s a cool hack… but don’t try this at home unless you’d like to see a little jail time.