«
Expand/Collapse
45 items tagged "number"
Related tags:
hacks [+],
values [+],
sql [+],
security weakness [+],
ruby [+],
random number [+],
random [+],
number values [+],
fpga [+],
x 509 [+],
wrong number [+],
vulnerability note [+],
security vulnerability [+],
remote security [+],
random number generator [+],
project [+],
perl functions [+],
perl [+],
number nine [+],
null pointer dereference [+],
null [+],
joe geek [+],
gnutls [+],
fpga technology [+],
felix domke [+],
design [+],
client implementation [+],
chaos communication congress [+],
certificate [+],
Hardware [+],
web [+],
user interface [+],
serial number [+],
robots [+],
random number generation [+],
monster [+],
mathematical calculations [+],
mac [+],
javascript [+],
integer overflow vulnerability [+],
generator [+],
generation [+],
cookie monster [+],
cookie [+],
contexts [+],
ccid [+],
card [+],
arbitrary web [+],
analysis tool [+],
zach [+],
year [+],
workbench [+],
whole number [+],
vipr [+],
video tutorials [+],
usa fax [+],
usa [+],
unofficial records [+],
tutorial [+],
trillion [+],
time twister [+],
spam [+],
sophos [+],
sophistication [+],
sms text message [+],
slides [+],
seth hardy [+],
seed [+],
security [+],
second [+],
scott harden [+],
scott [+],
routers [+],
robot walk [+],
robert lam [+],
record [+],
random number seed [+],
random number generators [+],
random data [+],
random bits [+],
pseudorandom [+],
pseudo random number [+],
proof of concept [+],
proof [+],
prime numbers [+],
prime number generator [+],
power efficiency [+],
phone [+],
pc. [+],
number generation [+],
need [+],
nature [+],
misc [+],
microcontrollers [+],
mhz channels [+],
mechanical engineer [+],
matrix [+],
magic number [+],
locomotion [+],
linux [+],
links [+],
lighter [+],
lego [+],
legged robots [+],
legged robot [+],
legged locomotion [+],
leds [+],
learning [+],
leap day [+],
kondo [+],
kenneth [+],
jonathan rosenberg [+],
isp [+],
intel [+],
inks [+],
ink washes [+],
ink [+],
how to [+],
here [+],
hardware random number generator [+],
hackaday [+],
gigabits [+],
generating [+],
gardner [+],
fuzz [+],
frequent topic [+],
fax number [+],
fax [+],
factor [+],
expiry [+],
entropy [+],
electronics kit [+],
earth orbits [+],
dtg [+],
digits of pi [+],
digits [+],
different things [+],
derek [+],
day [+],
cyber [+],
cvv [+],
clock [+],
cisco ime [+],
cisco [+],
charlie miller [+],
cc number [+],
carnivore [+],
calculating pi [+],
bull mountain [+],
black hat [+],
biped robot [+],
beginner [+],
authors [+],
arduino [+],
apple server [+],
apad [+],
android [+],
alexander yee [+],
Newbie [+],
Area [+],
802.11ac [+]
-
-
14:01
»
Hack a Day
Most toolchains for embedded system include support for random number generation. But if you’ve read the manual you’ll know that this is really just pseudo random number generation (PRNG). When calling this function the same numbers will always return in the same order unless a different random number seed is supplied in advance. [Gardner] put together [...]
-
-
7:00
»
Hack a Day
Even though rand() may be a good enough random number generator for making a video game, the patterns of random bits it spits out may not be sufficient for applications requiring truly random data. [Giorgio] built his own random number generator, and after many statistical tests it ended up being random enough for a few very [...]
-
-
9:01
»
Hack a Day
[Zach] sent in a project he’s been working on that brings hardware random number generators to common hardware you might have lying around. It’s called Whirlyfly and it turns an FPGA dev board into a hardware random number capable of outputting random bits over a USB connection at 3 Mbps. Previously, the whirlygig ran on [...]
-
-
15:19
»
Wirevolution
You know from a previous post how 802.11n gets to 600 megabits per second. 802.11ac does just three things to increase that by 1,056%:
-
It adds a new Modulation and Coding Scheme (MCS) called 256-QAM. This increases the number of bits transmitted per symbol from 6 to 8, a factor of 1.33.
- It increases the maximum channel width from 40 MHz to 160 MHz (160 MHz is optional, but 80 MHz support is mandatory.) This increases the number of subcarriers from 108 to 468, a factor of 4.33.
- It increases the maximum MIMO configuration from 4×4 to 8×8, increasing the number of spatial streams by a factor of 2. Multi-User MIMO (MU-MIMO) with beamforming means that these spatial streams can be directed to particular clients, so while the AP may have 8 antennas, the clients can have less, for example 8 clients each with one antenna.
Put those factors together and you have 1.33 x 4.33 x 2 = 11.56. Multiply the 600 megabits per second of 802.11n by that factor and you get 600 x 11.56 = 6,933 megabits per second for 802.11ac.
Note that nobody does this yet, and 160 MHz channels and 8×8 MIMO are likely to remain unimplemented for a long time. For example Broadcom’s recently announced BCM4360 and Qualcomm’s QCA9860 do 80 MHz channels, not 160 MHz, and 3 x 3 MIMO, so they claim maximum raw bit-rates of 1.3 gigabits per second. Which is still impressive.
Maximum theoretical raw bit-rate is a fun number to talk about, but of course in the real world that will (almost) never happen. What’s more important is the useful throughput (raw bit-rate minus MAC overhead) and rate at range, the throughput you are likely to get at useful distances. This is very difficult, and it is where the manufacturers can differentiate with superior technology. For phone chips power efficiency is also an important differentiator.
-
-
21:40
»
SecDocs
Authors:
Felix Domke Tags:
cracking FPGA Event:
Chaos Communication Congress 27th (27C3) 2010 Abstract: In 1998, the EFF built "Deep Crack", a machine designed to perform a walk over DES's 56-bit keyspace in nine days, for $250.000. With today's FPGA technology, a cost decrease of 25x can be achieved, as the copacobana project has shown. If that's still too much, two approaches should be considered: Recycling hardware and distributed computing. This talk will be about combining both approaches for the greater good. A number of projects (Copacobana, Picocomputing) have shown that with today's technology enough brute force computing power to break limited keylength ciphers (like DES) is affordable even for small companies. But what about Joe Geek at home? Recycling FPGAs is one option (nsa@home), distributed computing another (distributed.net, ...). This project combines both approaches, developing a toolchain that can be used to prototype a project on a low-end FPGA (or even in a free simulator), and then scaling up the effort across different implementations onto a large number of devices. An example client implementation uses an FPGA in a widely available consumer device to provide computing power when the device is in standby. Another approach that will be discussed in detail is how to obtain decommissioned high-end FPGA-based hardware. We will have hardware to show with a live demo!
-
21:40
»
SecDocs
Authors:
Felix Domke Tags:
cracking FPGA Event:
Chaos Communication Congress 27th (27C3) 2010 Abstract: In 1998, the EFF built "Deep Crack", a machine designed to perform a walk over DES's 56-bit keyspace in nine days, for $250.000. With today's FPGA technology, a cost decrease of 25x can be achieved, as the copacobana project has shown. If that's still too much, two approaches should be considered: Recycling hardware and distributed computing. This talk will be about combining both approaches for the greater good. A number of projects (Copacobana, Picocomputing) have shown that with today's technology enough brute force computing power to break limited keylength ciphers (like DES) is affordable even for small companies. But what about Joe Geek at home? Recycling FPGAs is one option (nsa@home), distributed computing another (distributed.net, ...). This project combines both approaches, developing a toolchain that can be used to prototype a project on a low-end FPGA (or even in a free simulator), and then scaling up the effort across different implementations onto a large number of devices. An example client implementation uses an FPGA in a widely available consumer device to provide computing power when the device is in standby. Another approach that will be discussed in detail is how to obtain decommissioned high-end FPGA-based hardware. We will have hardware to show with a live demo!
-
21:40
»
SecDocs
Authors:
Felix Domke Tags:
cracking FPGA Event:
Chaos Communication Congress 27th (27C3) 2010 Abstract: In 1998, the EFF built "Deep Crack", a machine designed to perform a walk over DES's 56-bit keyspace in nine days, for $250.000. With today's FPGA technology, a cost decrease of 25x can be achieved, as the copacobana project has shown. If that's still too much, two approaches should be considered: Recycling hardware and distributed computing. This talk will be about combining both approaches for the greater good. A number of projects (Copacobana, Picocomputing) have shown that with today's technology enough brute force computing power to break limited keylength ciphers (like DES) is affordable even for small companies. But what about Joe Geek at home? Recycling FPGAs is one option (nsa@home), distributed computing another (distributed.net, ...). This project combines both approaches, developing a toolchain that can be used to prototype a project on a low-end FPGA (or even in a free simulator), and then scaling up the effort across different implementations onto a large number of devices. An example client implementation uses an FPGA in a widely available consumer device to provide computing power when the device is in standby. Another approach that will be discussed in detail is how to obtain decommissioned high-end FPGA-based hardware. We will have hardware to show with a live demo!
-
-
10:01
»
Hack a Day
The Earth orbits the Sun every 365.256 days. Because this number isn’t a whole number, an extra day is tacked onto February every four years, unless the year is evenly divisible by 100, except in cases where the year is divisible by 400, or something like that. To commemorate this calendar hack, here’s some stuff that has rolled [...]
-
-
6:01
»
Hack a Day
In August, 2010, [Alexander Yee] and [Shigeru Kondo] won a respectable amount of praise for calculating pi to more digits than anyone else. They’re back again, this time doubling the number of digits to 10 Trillion. The previous calculation of 5 Trillion digits of Pi took 90 days to calculate on a beast of a workstation. [...]
-
-
15:01
»
Hack a Day
Here’s an interesting take on a Lego clock, it uses rotating squares to change the orientation of the black and white tiles to display the needed number. As we see one of the digits cycling to the next number in the video after the break, a couple of different things pop into mind. This seems [...]
-
-
9:01
»
Hack a Day
Random number generation is a frequent topic of discussion in projects that involve encryption and security. Intel has just announced a new feature coming to many of their processors that affect random number generation. The random number generator, which they call Bull Mountain, marks a departure from Intel’s traditional method of generating random number seeds [...]
-
-
7:06
»
Hack a Day
[Kenneth] is a Mechanical Engineer who likes to dabble in electronics. Besides providing us with an excellent picture of his workbench, he has put together a list of things that you’ll need as you learn to work with electronics. A beginner electronics kit from one of a number of different sources may work for some, [...]
-
-
15:28
»
Packet Storm Security Advisories
When given a wrong number of arguments, a number of perl functions will attempt to read memory from an unmapped location, resulting in a deterministic crash.
-
15:28
»
Packet Storm Security Recent Files
When given a wrong number of arguments, a number of perl functions will attempt to read memory from an unmapped location, resulting in a deterministic crash.
-
15:28
»
Packet Storm Security Misc. Files
When given a wrong number of arguments, a number of perl functions will attempt to read memory from an unmapped location, resulting in a deterministic crash.
-
-
15:22
»
Wirevolution
Although phone numbers are an antiquated kind of thing, we are sufficiently beaten down by the machines that we think of it as natural to identify a person by a 10 digit number. Maybe the demise of the numeric phone keypad as big touch-screens take over will change matters on this front. But meanwhile, phone numbers are holding us back in important ways. Because phone numbers are bound to the PSTN, which doesn’t carry video calls, it is harder to make video calls than voice, because we don’t have people’s video addresses so handy.
This year, three new products attempted to address this issue in remarkably similar ways – clearly an idea whose time has come. The products are Apple’s FaceTime, Cisco’s IME and a startup product called Tango.
In all three of these products, you make a call to a regular phone number, which triggers a video session over the Internet. You only need the phone number – the Internet addressing is handled automatically. The two problems the automatic addressing has to handle are finding a candidate address, then verifying that it is the right one. Here’s how each of those three new products does the job:
1. FaceTime. When you first start FaceTime, it sends an SMS (text message) to an Apple server. The SMS contains sufficient information for the Apple server to reliably associate your phone number with the XMPP (push services) client running on your iPhone. With this authentication performed, anybody else who has your phone number in their address book on their iPhone or Mac can place a videophone call to you via FaceTime.
2. Cisco IME (Inter-Company Media Engine). The protocol used by IME to securely associate your phone number with your IP address is ViPR (Verification Involving PSTN Reachability), an open protocol specified in several IETF drafts co-authored by Jonathan Rosenberg who is now at Skype. ViPR can be embodied in a network box like IME, or in an endpoint like a phone of PC.
Here’s how it works: you make a phone call in the usual way. After you hang up, ViPR looks up the phone number you called to see if it is also ViPR-enabled. If it is, ViPR performs a secure mutual verification, by using proof-of-knowledge of the previous PSTN call as a shared secret. The next time you dial that phone number, ViPR makes the call through the Internet rather than through the phone network, so you can do wideband audio and video with no per-minute charge. A major difference between ViPR and FaceTime or Tango is that ViPR does not have a central registration server. The directory that ViPR looks up phone numbers in is stored in a distributed hash table (DHT). This is basically a distributed database with the contents stored across the network. Each ViPR participant contributes a little bit of storage to the network. The DHT itself defines an algorithm – called Chord – which describes how each node connects to other nodes, and how to look up information.
3. Tango, like FaceTime, has its own registration servers. The authentication on these works slightly differently. When you register with Tango, it looks in the address book on your iPhone for other registered Tango users, and displays them in your Tango address book. So if you already know somebody’s phone number, and that person is a registered Tango user, Tango lets you call them in video over the Internet.
-
-
8:00
»
Hack a Day
[Robert Lam] has produced a number of video tutorials, his latest being a tutorial on how to make a biped robot walk. He is mainly covering the individual motions and actions. He doesn’t go into any specific programming, but rather breaks down the act of walking into several motions and discusses the reason you need [...]
-
-
6:00
»
Hack a Day
[Scott Harden's] prime number generator exhibits a great way to use an LED matrix to present readable information. The project resides in a hinged wooden box with a grid of holes on the lid for the LEDs. [Scott] has overlaid the matrix with a printout showing powers of two that represent different prime numbers. Inside [...]
-
-
18:00
»
Packet Storm Security Recent Files
The Rekonq web browser is vulnerable to Javascript injection in a number of components of the user interface. Depending on the exact component affected this can lead to Javascript being executed in a number of contexts which in the worst case could allow an arbitrary web site to be spoofed or even for the Javascript to be executed in the context of an arbitrary context.
-
18:00
»
Packet Storm Security Exploits
The Rekonq web browser is vulnerable to Javascript injection in a number of components of the user interface. Depending on the exact component affected this can lead to Javascript being executed in a number of contexts which in the worst case could allow an arbitrary web site to be spoofed or even for the Javascript to be executed in the context of an arbitrary context.
-
-
6:02
»
Hack a Day
[Carnivore] tried to break as many (unofficial) records as possible when he modified his Apad/M002 into what he calls Project Apex. Record number 1: [Derek] claims this is the first Apad mod, ever. Record number 2: 8500mAh battery, giving the device a 12 hour life which is longer than any other Android slate. Record number [...]
-
-
13:15
»
Hack a Day
The number one and number two things asked after presentation of our DIYDTG were… “How does it hold up in the wash?” and… “How did you change out the inks?” While we’ve explained the first several times (regular ink washes out, DTG ink gets a little lighter but survives) we can hopefully answer the second [...]
-
-
19:00
»
Packet Storm Security Tools
Cookie Monster is a cookie analysis tool written in Python. Cookie Monster will grab cookies from a host and assign each character a number. This number can be used to perform mathematical calculations on the differences in order to find a pattern and see if cookie prediction is possible.
-
19:00
»
Packet Storm Security Recent Files
Cookie Monster is a cookie analysis tool written in Python. Cookie Monster will grab cookies from a host and assign each character a number. This number can be used to perform mathematical calculations on the differences in order to find a pattern and see if cookie prediction is possible.
-
-
10:51
»
remote-exploit & backtrack
here in the UK, I know that most ISP ship routers with Pre loaded sercurity..
most of which use pw of 8 char. in the form,number letter number ie1a2b3cd So does anyone know of a premade dictionary that i could run Aircrack -NG against that... this is just to prove a point
-
-
12:00
»
Hack a Day
When designing legged robots, we generally see an even number of legs. Mainly, we think, it is due to us modelling things after nature. But with robotics, you’re free to do whatever you want. [Iketomu-san] has built this unsettling 5 legged robot out of parts he had lying around. The gait is fairly interesting. He [...]
0day.today (was: 1337day, Inj3ct0r, 1337db)
OSVDB Vulnerabilities
Exploit-DB
SecurityFocus Vulnerabilities
Bugtraq
XSSed
Sophos security news
Penetration Testing
SecuriTeam
BackTrack Linux Forums
Threatpost
carnal0wnage.attackresearch.com
Carnal0wnage
Darknet
The Exploitant
7:00