bullet proof TLD - part deux

And I am not alone on this. Seems the guys and gals from the Pirate Bay thought the same and moved their arses.

Enter P2P DNS

Some observations here

bullet proof TLD

We need a "bullet proof tld". Seeing what happens with wikileaks ATM makes me worry.

I do not like what wikileaks does, but they are merely the publishers, not the creators, nor the leakers...

HUAWEI Mobile == horror

This happens once a day, simply open up gmail with gtalk enabled will whack my machine. HUAWEI makes it possible.

Interval Since Last Panic Report: 67994 sec
Panics Since Last Report: 1
Anonymous UUID: 3879FB28-9833-4155-99DD-722A33411EAB

Wed Nov 3 07:57:30 2010
panic(cpu 0 caller 0x2a8ab2): Kernel trap at 0x227d78a3, type 14=page fault, registers:
CR0: 0x8001003b, CR2: 0x000004a8, CR3: 0x00100000, CR4: 0x000006e0
EAX: 0x00000000, EBX: 0x04e4f000, ECX: 0x09000000, EDX: 0x0426e800
CR2: 0x000004a8, EBP: 0x22433b08, ESI: 0x04e4f000, EDI: 0x03fc2b00
EFL: 0x00010206, EIP: 0x227d78a3, CS: 0x00000008, DS: 0x00000010
Error code: 0x00000000

Backtrace (CPU 0), Frame : Return Address (4 potential args on stack)
0x22433918 : 0x21b455 (0x5cf328 0x2243394c 0x2238b1 0x0)
0x22433968 : 0x2a8ab2 (0x591664 0x227d78a3 0xe 0x59182e)
0x22433a48 : 0x29e9a8 (0x22433a60 0x4e4f000 0x22433b08 0x227d78a3)
0x22433a58 : 0x227d78a3 (0xe 0x48 0x10 0x4e40010)
0x22433b08 : 0x9590cb (0x4e4f000 0x3fc2b00 0x0 0x8)
0x22433b48 : 0x958e0a (0x4e4f000 0x2 0x3fc2b00 0x0)
0x22433b88 : 0x548cf9 (0x4e4f000 0x22433c00 0x0 0x0)
0x22433bd8 : 0x958e86 (0x488d600 0x958dc8 0x22433c00 0x0)
0x22433c28 : 0x958f17 (0x4e4f000 0x3fc2b00 0x958fc6 0x4e4f000)
0x22433c58 : 0x953d68 (0x4e4f000 0x3fc2b00 0x7 0x3fc2b00)
0x22433c78 : 0x5356be (0x3fc2b00 0x4e4f000 0x7 0x4fe006)
0x22433ce8 : 0x547337 (0x4e4f000 0x7 0x4809f40 0x0)
0x22433d18 : 0x531ee8 (0x395df80 0x5355b0 0x4e4f000 0x7)
0x22433d68 : 0x536251 (0x4809f40 0x0 0x0 0x449bf40)
0x22433de8 : 0x537363 (0x7 0x3e98500 0x1 0x0)
0x22433e48 : 0x537a9b (0x3e98500 0x6 0x0 0xffffffff)
0x22433ec8 : 0x537ac3 (0x3e98500 0x6 0x22433f08 0x542f000)
0x22433ee8 : 0xe64e9c (0x3e98500 0x2 0x1 0x456ab80)
0x22433f08 : 0xe6c329 (0x3e98500 0x2 0x456ab8c 0x293b71)
0x22433f28 : 0xe6c419 (0x542f000 0x7 0x22433f58 0x4fb982)
0x22433f58 : 0xe6c4d4 (0x542f000 0x0 0x22433f78 0x2a1591)
0x22433f78 : 0x22fb84 (0x542f000 0x0 0x0 0xbfffdcfc)
0x22433fc8 : 0x29e6cc (0x863ea0 0x0 0x10 0x43c8de4)
Kernel Extensions in backtrace (with dependencies):
com.huawei.driver.HuaweiDataCardECMData(1.19.00)@0x227d3000->0x227dafff
dependency: com.apple.iokit.IOUSBFamily(4.0.2)@0xe5c000
dependency: com.apple.iokit.IONetworkingFamily(1.9)@0x952000
com.apple.iokit.IOUSBFamily(4.0.2)@0xe5c000->0xe8cfff
dependency: com.apple.iokit.IOPCIFamily(2.6)@0x926000
com.apple.iokit.IONetworkingFamily(1.9)@0x952000->0x967fff

BSD process name corresponding to current thread: kernel_task

Mac OS version:
10F569

Kernel version:
Darwin Kernel Version 10.4.0: Fri Apr 23 18:28:53 PDT 2010; root:xnu-1504.7.4~1/RELEASE_I386
System model name: MacBook3,1 (Mac-F22788C8)

System uptime in nanoseconds: 68307501559045
unloaded kexts:
com.apple.driver.AppleWWANSupport 2.0.3b0 (addr 0xcc8000, size 0x12288) - last unloaded 68242737696090
loaded kexts:
de.novamedia.driver.NMSmartplugSCSIDevice 1.0.1 - last loaded 68167435223328
com.huawei.driver.HuaweiDataCardECMData 1.19.00
com.huawei.driver.HuaweiDataCardECMControl 1.19.00
com.huawei.driver.HuaweiDataCardACMData 4.05.00
foo.tun 1.0
foo.tap 1.0
com.apple.filesystems.smbfs 1.6.2
com.apple.driver.AppleHWSensor 1.9.3d0
com.apple.driver.SMCMotionSensor 3.0.0d4
com.apple.filesystems.autofs 2.1.0
com.apple.driver.AudioAUUC 1.4
com.apple.driver.AppleHDA 1.8.7f1
com.apple.driver.AppleUpstreamUserClient 3.3.2
com.apple.Dont_Steal_Mac_OS_X 7.0.0
com.apple.iokit.CHUDUtils 364
com.apple.iokit.CHUDProf 364
com.apple.driver.AudioIPCDriver 1.1.2
com.apple.driver.AppleIntelMeromProfile 19.1
com.apple.driver.AppleBacklight 170.0.24
com.apple.driver.ACPI_SMC_PlatformPlugin 4.1.2b1
com.apple.driver.AppleLPC 1.4.12
com.apple.driver.AppleIntelGMAX3100 6.1.8
com.apple.driver.AppleIntelGMAX3100FB 6.1.8
com.apple.driver.AppleUSBTrackpad 1.8.1b1
com.apple.driver.AppleUSBTCKeyEventDriver 1.8.1b1
com.apple.driver.AppleUSBTCKeyboard 1.8.1b1
com.apple.driver.AppleIRController 303.8
com.apple.iokit.SCSITaskUserClient 2.6.5
com.apple.iokit.AppleYukon2 3.1.14b1
com.apple.iokit.IOAHCIBlockStorage 1.6.2
com.apple.driver.AppleAHCIPort 2.1.2
com.apple.driver.AppleIntelPIIXATA 2.5.1
com.apple.BootCache 31
com.apple.AppleFSCompression.AppleFSCompressionTypeZlib 1.0.0d1
com.apple.driver.AppleUSBHub 4.0.0
com.apple.driver.AppleSmartBatteryManager 160.0.0
com.apple.driver.AppleFWOHCI 4.7.1
com.apple.driver.AppleUSBEHCI 4.0.2
com.apple.driver.AppleUSBUHCI 4.0.2
com.apple.driver.AirPortBrcm43xx 423.91.27
com.apple.driver.AppleEFINVRAM 1.3.0
com.apple.driver.AppleRTC 1.3.1
com.apple.driver.AppleHPET 1.5
com.apple.driver.AppleACPIButtons 1.3.2
com.apple.driver.AppleSMBIOS 1.6
com.apple.driver.AppleACPIEC 1.3.2
com.apple.driver.AppleAPIC 1.4
com.apple.driver.AppleIntelCPUPowerManagementClient 105.10.0
com.apple.security.sandbox 0
com.apple.security.quarantine 0
com.apple.nke.applicationfirewall 2.1.11
com.apple.driver.AppleIntelCPUPowerManagement 105.10.0
com.apple.iokit.IOSCSIBlockCommandsDevice 2.6.5
com.apple.iokit.IOUSBMassStorageClass 2.6.1
com.apple.driver.AppleProfileReadCounterAction 17
com.apple.iokit.IOFireWireIP 2.0.3
com.apple.driver.DspFuncLib 1.8.7f1
com.apple.driver.AppleProfileTimestampAction 10
com.apple.driver.AppleProfileThreadInfoAction 14
com.apple.driver.AppleProfileRegisterStateAction 10
com.apple.driver.AppleProfileKEventAction 10
com.apple.driver.AppleProfileCallstackAction 20
com.apple.iokit.IOSurface 74.0
com.apple.iokit.IOBluetoothSerialManager 2.3.3f8
com.apple.iokit.IOSerialFamily 10.0.3
com.apple.iokit.CHUDKernLib 365
com.apple.iokit.IOAudioFamily 1.7.6fc2
com.apple.kext.OSvKernDSPLib 1.3
com.apple.driver.AppleHDAController 1.8.7f1
com.apple.iokit.IOHDAFamily 1.8.7f1
com.apple.iokit.AppleProfileFamily 41.4
com.apple.driver.IOPlatformPluginFamily 4.1.2b1
com.apple.driver.AppleSMC 3.0.1d2
com.apple.iokit.IONDRVSupport 2.1
com.apple.iokit.IOGraphicsFamily 2.1
com.apple.driver.CSRUSBBluetoothHCIController 2.3.3f8
com.apple.driver.AppleUSBBluetoothHCIController 2.3.3f8
com.apple.iokit.IOBluetoothFamily 2.3.3f8
com.apple.driver.AppleUSBMergeNub 4.0.0
com.apple.iokit.IOUSBHIDDriver 4.0.2
com.apple.driver.AppleUSBComposite 3.9.0
com.apple.iokit.IOSCSIMultimediaCommandsDevice 2.6.5
com.apple.iokit.IOBDStorageFamily 1.6
com.apple.iokit.IODVDStorageFamily 1.6
com.apple.iokit.IOCDStorageFamily 1.6
com.apple.driver.XsanFilter 402.1
com.apple.iokit.IOATAPIProtocolTransport 2.5.1
com.apple.iokit.IOSCSIArchitectureModelFamily 2.6.5
com.apple.iokit.IOAHCIFamily 2.0.4
com.apple.iokit.IOATAFamily 2.5.1
com.apple.iokit.IOUSBUserClient 4.0.0
com.apple.iokit.IOFireWireFamily 4.2.6
com.apple.iokit.IOUSBFamily 4.0.2
com.apple.iokit.IO80211Family 311.1
com.apple.iokit.IONetworkingFamily 1.9
com.apple.driver.AppleEFIRuntime 1.3.0
com.apple.iokit.IOHIDFamily 1.6.4
com.apple.iokit.IOSMBusFamily 1.1
com.apple.kext.AppleMatch 1.0.0d1
com.apple.security.TMSafetyNet 6
com.apple.driver.DiskImages 283
com.apple.iokit.IOStorageFamily 1.6.1
com.apple.driver.AppleACPIPlatform 1.3.2
com.apple.iokit.IOPCIFamily 2.6
com.apple.iokit.IOACPIFamily 1.3.0
Model: MacBook3,1, BootROM MB31.008E.B02, 2 processors, Intel Core 2 Duo, 2.2 GHz, 1 GB, SMC 1.24f3
Graphics: Intel GMA X3100, GMA X3100, Built-In, 144 MB
Memory Module: global_name
AirPort: spairport_wireless_card_type_airport_extreme (0x14E4, 0x88), Broadcom BCM43xx 1.0 (5.10.91.27)
Bluetooth: Version 2.3.3f8, 2 service, 19 devices, 1 incoming serial ports
Serial ATA Device: Hitachi HTS542512K9SA00, 111,79 GB
Parallel ATA Device: HL-DT-ST DVDRW GSA-S10N
USB Device: Built-in iSight, 0x05ac (Apple Inc.), 0x8501, 0xfd400000
USB Device: HUAWEI Mobile, 0x12d1, 0x1465, 0xfa200000
USB Device: Apple Internal Keyboard / Trackpad, 0x05ac (Apple Inc.), 0x022a, 0x5d200000
USB Device: IR Receiver, 0x05ac (Apple Inc.), 0x8242, 0x5d100000
USB Device: Bluetooth USB Host Controller, 0x05ac (Apple Inc.), 0x8205, 0x1a100000

Buy apple, forget orange

As all sane people should, I like to buy shares of a company that sells products that I believe in and as soon as the shares have rissen enough to pay for the product I buy it.

This is the moment [again] to get yourself some Apple shares. Why? Because they so get what we want.

The next super step will be the iPhone5. It will change your live or at least [if you do not owe a mac by then], the way you will expect your computer live to be. How? This is how:

If users wave an NFC-equipped iPhone and an NFC-equipped Mac, the Mac will load all their applications, settings and data. It will be as though they are sitting at their own machine at home or work. When the user leaves, and the NFC-equipped iPhone is out of range, the host machine returns to its previous state.”
The source told Cult of Mac: “The system would essentially turn any Apple computer in to your own, like you’re actually working on your own computer; same settings, look, bookmarks, preferences. It would all be invisible. Your iPhone would be all you needed to unlock your Mac.”

See, that is what you never knew you wanted but actually is. Just like the interface of the iPhone, it's something you never knew you missed but once you touched it, you can not let go. This will rock your world.

The smart money is there already ofc. 52 week high and low 185.57 - 319.00. But still, still I bet you that buying a couple of stocks now, will give you a premium when you will buy your iPhone5 and NFC-equipped Mac. Check for current stock prices here.

Edit: 9/11 2012. One day before the [roumored] launch of the iPhone5.
665.82  3.08(0.46%) 11:59AM EDT - Nasdaq Real Time Price

See through: IP6 iphone-XXXXXXX.local > ff02::2: ICMP6, router solicitation

Please help a connection searching iPhone out and give it an IPv6 address. And while at it, a default router too. After being so nice, I am sure you've collected enough karma to warrant some cookie sniffing or even the occasional traffic modification.

In about 3 hours on a public hotspot I saw nearly 30 [that is thirty!] iOS 4 iPhones crying for router solicitations. Knowing the rules layed out in rfc3484, it should not be to hard to get the application/OS to prefer v6 over v4. This makes getting these pesky SSL'ed cookies so much easier without ARP poisoning.

NEDERLAND

randstad/ hofstad/ domstad/ kaasstad/ maasstad
hanzestad/ slaapstad/ spookstad/ vestingstad

parkeerplaats/ marktplaats/ speelplaats/ zitplaats
luchtplaats/ vrijplaats/ ligplaats/ drinkplaats

inktvlek/ vetvlek/ schandvlek/ bloedvlek
geboorteplek

ton lebbink

Op het nieuwe scateboard

Leuk!

Intrusion Tolerance in Istanbul

If 'things' normally never go wrong, you're in deep sheit when they do. But if you work as a hairdresser in Istanbul, and you've grown used to powercuts, a simple all-lights-out situation will not knock you out of your socks but you just keep doing your thing.

When a friendly neighbor called Achmed walks in with a handheld torch, you thank him casually and keep on cutting.

AR Drone in tha house!

This gets me all excited:

Van AR Drone

A cool Parrot AR drone. Available now in the US and in France, but in Holland it is not for sale untill October. No mention as to where, yet.

Who cares, I am close to one, let's fly it!

First:

Van AR Drone

Then this:

Van AR Drone

Next:

Van AR Drone

And:

Van AR Drone

DUH!

How not to mess up your AR Drone

From Bruce

From NPR:

Based on surveys Barnes collected, the top five worries of parents are, in order:

Kidnapping
School snipers
Terrorists
Dangerous strangers
Drugs



But how do children really get hurt or killed?

Car accidents
Homicide (usually committed by a person who knows the child, not a stranger)
Abuse
Suicide
Drowning

Why such a big discrepancy between worries and reality? Barnes says parents fixate on rare events because they internalize horrific stories they hear on the news or from a friend without stopping to think about the odds the same thing could happen to their children.

No surprise to any regular reader of this blog.

More on the subject

IPv6: lies damned lies and power point

On the 12th of April 2010, the state secretary of Binnenlandse Zaken & Koningsrelaties, formally answered questions raised by Arda Gerkens, member of the 2de kamer about the warnings from the ICANN about the shortage of Internet Protocol addresses.

Yes, our politicians know about these, for most people, obsecure and deeply technical issues. The formal and written answers are, well, interesting to say the least. First there is a little chit chat about the 10% of IPv4 space being available, the prediction that these might be used up in the next 2 years etc. Then comes the part where Marja J.A. van der Hoeven [minister van Economische Zaken] writes:

"I have the recent results from research by the European Commision regarding the transistion to IPv6. This research shows us that 56% of the internet service providers in Europe support IPv6. Participating Dutch ISP's score significantly higher: 92%. From the research it is shown that factual useage of IPv6 in the Netherlands is 3%, higher then Germany, France and the UK."
[Note: slobby translation all done by me]

These numbers are based on this 'document'. I challange you to find any basis of the 92% of Dutch ISP's supporting IPv6.

But it gets worst. The 3% of factual Dutch IP traffic being IPv6 is based on access to one single website of TNO, aka Netherlands Organization for Applied Scientific Research. Certainly a high profile & representative website? I am afraid not.

The reality is sad, and getting sadder. Where the local IT news site Tweakers was happy to show that IPv6 traffic on the AMS-IX 'thouched' the 2Gbps. At the same time the AMS-IX had about 700Gbps IPv4 traffic. That means the total amount of IPv6 traffic was 0.285% of the amount of IPv4 traffic. Around May this year the amount was around 0.2% So were still seeing growth, just not as fast as it has been the last years.

That was back in October 2009. Enter 2010 and IPv6 in absolute numbers is degrading. From a stagering 0.285% it is now even lower and NO WHERE NEAR the 3% our minister van Economische Zaken claims.

I have tried to contact Maarten Botterman [the author of the document that these 'numbers' are based on] for some more insight on the data he based at least his own number on, but to no avail.

Here's some more of my ranting.

Niet rooskleurig, maar wel realistisch en dat mag best wel eens. Rond kijkend in 'mijn netwerk' kan ik alle partijen die ook werkelijk V6 doen op 1 hand tellen [en drie daarvan hebben members op deze lijst]. Kijkend naar klanten van mijn huidige opdrachtgever kom ik ook niet veel verder.

Rond vragen in de [pre-] sales omgeving levert ook een bedroevend beeld op qua interesse voor V6.

Het is niet onwil of onkunde, veel van de clubs waar ik kom doen wel lastigere dingen dan v6, het is veel meer het oorverdovende gebrek aan drivers. Er zijn geen klanten op v6, er is geen content op v6, er is kortom niets te halen.

ISP's als XS4ALL hebben een notoire techniek-bewuste klantenkring en zijn daar mee de uitzondering op de regel, vandaar dat er voor hen een goede driver is om v6 wel aan te bieden. Bij Bit & surfnet werken ongelofelijk goede mensen dus die kunnen het voor een relatief lage prijs aanbieden omdat de kennis er aanwezig is. Maar voor de KPN's, de UPC's, de banken, de Aholds en andere die geld moeten verdienen kost V6 geld, betekend risico, en belooft voorlopig helemaal geen extra opbrengsten.

Vandaar de behoefte om de overheid maar weer in te schakelen. Daar kost geld niets en maakt laten de verantwoordelijke zich met een vage selectie van wat obscure cijfertjes uit een powerpoint presentatie afserveren.

In de commerciële markt is er [nog] helemaal geen vraag naar v6. De kans dat die vraag binnen 2 jaar op grote gaat komen is klein, binnen 5 jaar eventueel, maar garanties zij er niet. De voordelen van nu v6 ondersteunen ten opzichte van de risico's & kosten zijn marginaal als ze al bestaan.

Maar hoe komt dat toch? v6 is toch 'klaar' en bestaat al zo veel jaren? Nou nee, niet echt. v6 verkeerd nog immer in het 'individuele contributie moet het aan de praat krijgen want wij overzien het nog steeds niet helemaal stadium [zie http://fud.no/ipv6 voor een klasiek voorbeeld van 1 individu die 'alle' OS makers moet vertellen hoe v6&v4 te ondersteunen]. Zoals ik, begin 90'er jaren, zelf mijn bastion hosts moest [lees: mocht] bouwen voor bedrijven die 'veilig' wilde snuffelen aan 'het Internet', zo moeten bedrijven nu ook v6 implementeren.

Begin jaren 90 verdiende [grote] bedrijven niets met Internet access, het was een speeltuin waarbij uitval van een dag niet to grote consternatie leiden. Anno nu kan het niet functioneren van 1 knop op een website van een bank leiden tot moeten opdraven van de CEO op het 8 uur journaal om de onrust in de markt te bezweren.

Kortom, v6 staat in de kinderschoenen, er is niets te verdienen, noch te verkopen. Laten we dus ajb een beetje realistisch met de materie omgaan en 'v6 mailing server whitelist' en 'v4 is op over 153 dagen' en '91% van de isp.nl zijn er klaar voor' en 'v6 is mature & prime time ready' gewoon adresseren & behandelen als pipe dreams.

Typoos? It shuold be verboten!

Want to hide information in a sea of data? Try typoos.

From the RSS feed of Bruce Schneier I was pointed to an article about the nominated head the of US Cyber Command, Lt. Gen. Keith Alexander, the current Director of NSA. In a snipped of his 'job interview' there has slipped a typo that has been copied & pasted in to 9 sites indexed by google.

Google "both government and insustry to consider" [with quotes ofc] and get 9 hits [21st of april 2010 at 09:18 GMT].

Gotta love unique typoos for tracking information spread.

But what if the bad guys would do the same? Use some 'easy to remember but unlikely to make' spelling errors so their cells can easily find instructions?

Just like Steganography, this should be investigated and a lot of money poured into to keep the spy catchers happy & busy.