MeshPotato featured on Australian radio

David Rowe explaining the MeshPotato and Paul Gardner-Stephen telling about the very cool Serval project on the national radio in Australia. They had focus how to bridge the digital divine.

You hear it here (mesh potato from 17+ minutes and onwards)

VoIP and other presentations from the Honeynet Project

The yearly Honeynet Workshop has been great every time!

This year we also had a public day for those not a member. The presentations are publicaly available here.

Enjoy!

My Internet enabled coffe machine

OK, I was tired of the coffee machine at work. The coffee was no good.
And we were not allowed to buy another machine, since we already had two (of same kind, same terribly coffee)

What do you do?

You make the coffee machine as part of one of your projects. I’m working on smart houses, so that part was easy. The harder part was to find a cheap coffee machine with an Ethernet plug. I dismissed that quite fast and did it the hard (wired) way.

Part 1.

Get an automatic machine that does the most things (I did not find one with automatic cup dispenser)
I found a quite cheap one, approx 500 USD (3000 NOK). It had electronic buttons in the front which I presumed I could modify.

Part 2.

The harder part. Get to the circuit board to the buttons. Of course, these are compact machines and the circuit board are not made for being “serviced” easily. I had to unscrew approx 30 screws and dismantle most of it to get the right part out of it.

I soldered 4 wires, two for the button for single coffe and two for the double strength. The switch just needed a short-circuit to activate.

Then I connected the wires to a relay (capable of 230V, but I just use it as a switch). This was again connected to a smart controller from Sensio.

Now I order coffee through my iPad. Great!

 

 

Using social media to organize Telephone Denial of Service (TDoS) attacks

Mark Collier has been blogging a long time and put up this about using social media to coordinate TDoS attacks. It remined me about another “joke” that ended up in a lawsuit

The rapper, whose real name is Jayceon Taylor, tweeted on his account Twitter.com/thegame that fans could call a given number and apply for an internship working for him, but the number given was the Compton area of Los Angeles‘ equivalent of the ’999′ number and took callers straight through to the Sheriff’s department.

Also recalls an SMS that went around last time in 2007 in Norway, but also happened around year 2000.

Please call 22xxxxxx and ask for Harald, he needs technical assistance

Where this number was to the King of Norway, so they ended up with a lots of calls. (article in Norwegian)

Google Powermeter and now MS Hohm are shutting down their services

Last week Google announced they were shutting down their Powermeter service which would give you a nice view if you had one of the supported powermeters installed at home.

Now Microsoft does the same, shutting down their Hohm service.

The reason?

Not enough people interested and the utilities does not want to share their data…

Ubuntu Cloud not ready for mass market

I had two blade centres that I wanted to run virtualization on. Then it was timely that Ubuntu released their 11.04 version, cloud ready.

I read myself up on the Cloud controller, Cluster controller and the Node controller and started installing.

The first problem was when I did a PXE boot for the Node Controller. During the setup, the Node Controller contacts the Cluster Controller and the PXE server value is overwritten with the Cluster controller IP. The network configuration stopped further OS installation. I mounted the CD through the ILO management on the server instead, worked like a charm.

But the process of handling the images is not straight through. To setup a new image, you either need to do command line and remember IDs of the different images, or pay for the Landscape service.

I spent quite an amount of time to get the Ubuntu Cloud up and running, but dropped it and installed VMWare ESXi instead since I already used it for several years.

The femtocell, prime time or bad time?

I fancy the idea of femtocells, to take the wirless traffic down into “earth” as fast as possible, but is this femtocell effoert just too late?

I have a NEC G3 femtocell to test out. It can do 3G with speeds up to 14Mbit, and have 4 or 8 (license issue…) concurrent calls. The range is approx 25 metres indoor, 150+ metres outdoor it states in the manual.
The price is estimated to approx 200 USD for the devices at the moment.

But how can this match a WiFi access point capable of 300Mbit already and costing a fifth of it.

It is still sensible since these address to different service markets at the moment, but this services will be Internet based and then who cares if you use 3G/4G/5G or your WiFi. It should only give you Internet access to all your over the top services. And the mobile operator will be just another access provider….

M2M is ramping up

And then a new era has arrived, the time of the machines. No, they will not take over the world today, but start helping you out more and more with your life. All those little things..

From the robot vaccum cleaner (i’ve had one for 5 years already) to the built in intelligence in the microwave, more and more technology around you will get connected. Just like Web 2.0 brought the social web to the Internet for human beings, M2M (machine to machine) communication will get a lot of your technology gadgets to talk to each other, cooperate and give you an even better service.

Detecting phrases in an encrypted VoIP call

Even if you use an encrypted VoIP connection, the content of your call can be picked up by analyzing the timing and size of the encrypted traffic. You must use a Variable Bit Rate (VBR) codec, which just compresses the speech which is said. If you would use encryption on G711 with no Voice Activation Detection (VAD) enabled (just a continous stream of data), this phrase recognition would not be possible.

This shows that it you need to see the “whole” picture when securing your communication.

The full paper is here for more information.

Also a 27 pages presentation here

GSoC project -> Dionea with SIP

Are you a student in need of a summer job and interested in VoIP?

Apply to become a Google Summer of Code student and help the Honeynet Project to improve the SIP module for Dionea!

Join the IRC channel on freenode for any questions on channel #gsoc-honeynet (web client available here)