The Silicon Underground

Home » Page 311

How I once took down a network, including a radio station

Dave Farquhar Hardware, Retro Computing, War Stories April 3, 2013March 23, 20221990s, AOL, IBM, os 2, ps 2, Token Ring, troubleshooting

I met up Monday night with some other security professionals for some emergency networking of the professional kind. One of the attendees, a penetration tester, had a little incident where he took down a production system when he conducted his penetration test. The system owners were a bit arrogant, and, well, they paid for it.

I’ve taken down a network too, but in my case it wasn’t something security-related. No, in my case, I was a 20-year-old desktop support technician working in a college computer lab, making an honest mistake.

Scratchbuilding, Marx-style

Dave Farquhar Toy trains April 2, 2013April 1, 2013boxcar, boxcars, greenberg, KCS, lionel, marx, marx trains, tin, Wayne Wesolowski

I saw a modern-production Lionel box car in a hobby shop one weekend. I wanted it, but I really wanted it in Marx 3/16 style, so it would look right with my Marx #54 KCS diesels pulling it. But I face very long odds of ever getting that car in Marx 3/16 unless I build it myself.

So I started building. And you can too.

What I learned about air travel by globetrotting back and forth to Baltimore and D.C.

Dave Farquhar Uncategorized April 2, 2013April 1, 2013Angry Birds, Big Pond, TSA

In 2011-2012, I flew to Baltimore or Washington D.C. a lot–probably eight times, if not more. Internet pal Rob O’Hara wrote about his recent flight to Seattle this weekend; predictably, they lost his bags.

Here’s what I learned by getting to know the Baltimore area by plane.

Shakespearean surprises

Dave Farquhar Uncategorized April 1, 2013April 15, 2017syntax

This oft-cited story about Shakespeare’s wealth and how he got it in the Telegraph led me–as the Internet often does–to something else: Shakespeare as therapy.

My earliest memory of using a computer

Dave Farquhar Retro Computing April 1, 2013July 11, 2022atari, cart, commodore, commodore vic 20, tape drive, video game

Gizmodo asked this weekend about earliest computer memories, and illustrated it with a computer that sported a 3.5″ floppy drive. Young whippersnappers.

My first memory was in 1981 or 1982. Dad went to see one of his coworkers in his home, and brought me along. He had a son a few years older than me, probably about 12 years old, and there in the living room was something I’d never seen before, connected to a television and sitting on a desk. “What’s that?” I asked.

“This is a computer,” he said. Then he inserted a Choplifter cartridge and taught me how to play. Read more

A quick fix for the Insignia NS20EM50A13 monitor’s biggest annoyance

Dave Farquhar Hardware March 31, 2013March 30, 2013insignia, VGA

I’ve written about the Insignia NS20EM50A13 monitor before. It’s a reasonably good low-end monitor with the annoying tendency to change the video input back to VGA any time your system goes to sleep or changes from text to graphics mode. I accidentally discovered this week–after using the monitor for months–that if you push the OK button on the front of the monitor, it brings up the input menu, allowing you to quickly flip it back to DVI without fumbling through the menus.

I still wish the monitor would let me set the default to DVI and make it stay that way, but this is an acceptable workaround for the price, at least for me.

We need to fix CISPA, not kill it

Dave Farquhar security March 29, 2013March 27, 2013CISPA, New York, New York City, PII

Here’s a good plan for fixing CISPA. And CISPA needs to be *fixed*, not stopped. We have three alternatives right now:

Secure the Internet
Voluntarily pare back the Internet
Wait for the Internet to fall apart and/or become too dangerous to use anymore

Given the unpleasant side effects of options 2 and 3, option 1 is all that’s left. Otherwise, the Internet will become a weapon of mass destruction. Keeping a hacktivist group or rogue nation from shutting down all gas and electric power in New York City on the coldest day in January is CISPA’s goal. Read more

The ethics of writing nefarious security instructions

Dave Farquhar security March 28, 2013November 3, 2025apple, Ars Technica, malware, oracle, password database, password list, passwords, unix

This week I posted a link to a video showing how to crack a WPS-enabled wifi network, and this week, Ars Technica wrote a firsthand account of cracking a password list. I’m sure this raises questions of ethics in some people’s minds. To be honest, spreading this kind of information makes me a little uncomfortable too, but I also think it’s necessary.

The Internet is at war. Please read this if you run a DNS server.

Dave Farquhar security March 27, 2013November 3, 2025spam

A Dutch ISP that acts as a spam haven is DDOSing Spamhaus, and they’re using DNS to do it. The attack is using spoofed DNS queries to create, basically, a smurf-like attack. And the sheer volume of traffic is likely to affect the Internet as a whole.

That might explain why my recruiters were complaining that it was taking forever to look up job postings today. (Yes, I can publicly admit that I’m talking to recruiters. That’s another story.)

But basically, if you run a DNS server, you need to check your configuration to keep lowlives from using your DNS as a weapon. Here is a useful page for those of you running BIND, the one of the most popular DNS servers.

This was the most common type of attack in 2012; it looks like some people are trying to up the ante in 2013. We can make it stop, but every sysadmin running a DNS server is going to have to pitch in to help.

Is this a good computer for the money in 2013?

Dave Farquhar Hardware March 27, 2013March 24, 2013amd, dell, intel, Intel Core

My realtor sent me some computer specs this past week and asked for my opinion on it, since I get paid to keep up with this stuff these days and he doesn’t.

I thought my critique of the system might help other people.