June 2008 - InputOutput.io

Just took the OSCP exam

Alright, so as the topic suggests, I just finished the Offensive Security 101 exam yesterday, and oh man.  I can’t disclose much information about the test itself, but let me tell you this: it was both frustrating, exciting, and triumphant all at once.  Well, only triumphant if you pass, I suppose.  Okay, so this is the first exam I’ve taken since college, and I have to admit, I was pretty nervous for it.  Alright, you could consider my post-college sociology degree job searching a test of some kind.  *Insert inaudible mutterings about the job market here.*

OS101 is unique in its field: it teaches you about software security holes from the perspective of the attacker.  It explains common vulnerabilities in network security, and the attack vectors involved in exploiting them.  It also teaches, among other things, enumeration techniques, Google h4x, and tunneling services through ssl proxies.  And it’s fun!  The Offensive Security team has built a lab environment that you VPN into, with a wide array of machines running different unpatched services.  And they give you access to a windows machine with OllyDbg, a windows debugger that allows you to develop exploits at a very low level using 32-bit assembly language.  Don’t be put off if you’re not familiar with assembly – I don’t even really know it myself, but nonetheless it was a blast learning how things that wind up on milw0rm actually get developed.

The lectures that the course provides are very straightforward and explain things in an easy-to-understand manner, so even if you haven’t coded before, it’s definitely worth it to give it a try.  OS101 assumes a basic understanding of the Linux command line and the bash environment.

This is somewhat tangential, but I have to make another recommendation here.  If you are interested in network security, cryptography, and electronic privacy and want to keep up to date on these and other things, I highly recommend listening to the Security Now weekly podcast.  Security Now features a maverick in the industry and the creator of the data recovery tool SpinRite, Steve Gibson.

Anyway, I really do feel like a walking billboard now, so I’ll leave it at that!

Cory Doctorow’s Little Brother

I just finished Cory Doctorow‘s Little Brother. And oh. My. God. Soooo good. Sooooooo good.

First let me note: Cory Doctorow is a sci-fi author, but this novel doesn’t read like sci-fi. Sure, it hinges on technology that doesn’t yet exist. But we’re talking about the near future, the very near future, no more than 4-5 years down the line. So there’s no robots with plasma spheres for heads screaming “Danger Will Robinson!,” or faster than light travel, or any of those elements that have given the genre an unfair reputation. Instead, it’s tech that we can see developing before our very eyes in real-time. In every chapter there is an explanation of real or conceivable computer systems, cryptographic systems, or mathematics that are relevant to the story in some way. And that’s the exciting part: the innovativeness and imagination that is embodied in the not-so-far-off world that Doctorow describes is believable because it comes from the authors understanding of how the technology really works, and how it is evolving in the present. As William Gibson explains, sci-fi “can’t be about the future. It’s about where the person who wrote it thought their present was, because you can’t envision a future without having some sort of conviction, whether you express it or not in the text, about where your present is.” And our present is a very exciting time indeed.

That being said, even without an understanding of the underlieing technology, it makes for a great read. Basically, it’s about a teenage hacker in San Francisco and how he deals with the Department of Homeland Security (DHS) taking over the bay area after the next terrorist attack. The DHS sets up random checkpoints throughout the city, extending the surveillance measures already in place, and tracks the movements of every citizen through the RFID tags they use when they take the BART (subway), or go through the FastTrac (RFID-enabled toll booth lane in SF). Furthermore, our protagonist and his friends are taken in and tortured by the DHS for days on end, in a secret prison the department has set up offshore. With this imagery, you can see how Doctorow’s vision of the near-future is also informed by the political realities of our time. Just as he projects the technologies of the near future based on the technological dynamics of the present, the stark political realities of today are extended into the near future in a way that seems not just believable, but inevitable. I’m not going to give away too much of the plot, but here’s the long and short of it. Just as these technologies can be used against the people, those same technologies can be used to promote and extend peoples rights and freedoms, and to subvert the governments attempt to take those freedoms away. A movement evolves, and at the center of it is the Xnet – an encrypted network of hacked Xbox Universals, using Paranoid Linux as its operating system.

Doctorow does such a wonderful job of interweaving the political, cultural, and technological strains of our current society and projecting them into the near future with an elegance that it is truly visionary. Anyone who is interested in cryptography, hacking, or activism should immediately drop whatever they’re doing, run to their nearest independent bookstore, and pick up a copy of this immediately. Well? Go!