A security conference is usually a pretty good time and place to drop some new software (or the occasional 0-day) on the world and this year’s DerbyCon in Louisville, KY was no disappointment. Over the next few days, I’ll cover some of the new shinies that saw their first dawn at the conference as well as some of my general take-aways and talking points.
First up is a nifty piece of software called CookieCadger. Drawing its name from the verb to cadge - meaning to obtain by imposing on another’s generosity - CookieCadger is a spiritual successor to FireSheep.
FireSheep is a security toy released as a Firefox extension back in 2010 to demonstrate the need for SSL channels at the social networking sites that have become the backbone of our daily web consumption. It implemented a session impersonation attack by lifting session identifiers from cookies being transmitted over unencrypted web traffic. The project caught the attention of the intended parties, HTTPS traffic was enabled for the big players, and FireSheep drifted into the obscurity of vaporware.
Two years later, enter CookieCadger. Started by as a Iowa State graduate project by Matthew Sullivan, CookieCadger expands on the legacy of FireSheep and builds a considerably more robust toolkit from the same concept.
An attacker runs the software (written in Java, so it’s cross-platform from day one) on one or more network interfaces, presumably on older wireless or unswitched wired networks. For instance let’s say he’s in the corner of Joe’s Coffee Shack, a local draw known for its free wifi and open mic nights. All around him people are conducting web traffic happily over port 80, blissfully unaware or unconcerned with the truth that their data is literally flying through the air. The attacker’s machine is sniffing this traffic and extracting vulnerable session data from a packet capture. He doesn’t even need to be sniffing traffic live — he can load in a pcap file to do it, so don’t think you’re safe just because your traffic’s running through switched hardware.
As a blue team member, I’ve already started to come up with some practical applications for this application. The most obvious is to use it for your company’s web applications to verify whether you’re leaving yourselves vulnerable to this exact method of exploitation. I can also see this being used in layperson presentations to demonstrate what SSL encryption is, why it’s important, and what can happen if you believe it doesn’t matter to you.
CookieCadger is not free, but it’s a very modest $10 and that money goes direct to Hackers for Charity. I’ve already got my copy and I’ve been tinkering around with this at home. I recommend checking it out. The source code will be released in the near future (supposedly mid-October) after undergoing a post-hackfest code cleanup.
Check out Matthew Sullivan’s slides for the presentation here.
TAG Heuer Carrera 1887 “SpaceX” Watch
Omega and NASA have always had a long lasting relationship and now another luxury watch manufacturer is getting in the space game. This TAG Heuer Carrera 1887 features the SpaceX logo and both the Falcon 9 launch rocket and Dragon spacecraft - two of their most notable projects.
For those unaware of what SpaceX is, it’s a space transportation company founded by Elon Musk - the genius behind PayPal and Tesla Motors. The guy is basically a real life Tony Stark. Don’t be surprised if he starts fighting off super villains in near future.
I don’t commonly like chronograph-style watches because they violate every principle of simplicity ever uttered. This watch, however, peaks in epic territory on multiple levels. It’s an incredible stylish, understated chronograph that isn’t brazen with its window dressing. It commemorates one of the more important initiatives in modern space travel as well.
Game of Thrones, Rebranded
The super talented Nike designer and Game of Thrones obsessive Darrin Crescenzi put together this rebranding project and poster for HBO’s latest small screen hit. Something tells us even King Joffrey would approve.
This poster would be a classy addition to your geek den. I thought about it, but I’m already pretty short on wall space. Do what I could not: put this cool on your wall.
“ I still have two children. I need to take care of them. To hate [Breivik], it takes all your energy. From day one, he’s been a zero to me.
Freddy Lie, father of Elizabeth Lie who was slain in Anders Breivik’s assault on Utøya island. Quote from GQ’s “Is He Coming? Is He? Oh God, I Think He Is?” by Sean Flynn in the August 2012 issue.
Breivik was recently ruled sane by the Norwegian court and given the maximum sentence of 21 years for the attack that left 77 dead.
Mr. Armstrong (the real Mr. Armstrong). No one will ever have a better, more astronomically badass, profile photo. RIP.
It is our responsibility to keep the legacy of space travel alive. Curiosity needs to he just the beginning of the journey, not the end.
Rest in peace, Commander Armstrong. We owe you a debt our imaginations might never repay.
A good chunk of my time in the exhibition hall at GenCon was spent at the Flying Frog Productions booth. I fell in love with their games at GenCon 2011 and wanted to come back and drink deep of their geeky elixir this year.
FFP’s games seem like they start with a theme and grow from there. Last Night on Earth is the quintessential zombie title (and among the best of them to boot); Invasion from Outer Space hits the classic B-movie martian invasion theme; Touch of Evil covers the colonial supernatural thriller genre; and most recently Fortune & Glory tackles the globe-trotting, Nazi-fighting buried treasure seeker (a la Indiana Jones) trope head on.
Of all of FFP’s games, F&G probably has the most pieces. It’s the most intimidating looking at a distance and certainly has the heftiest price tag ($100 versus $60 for other base games). From the very start, however, you know you’re getting a lot of game. All of Flying Frog’s premier titles feature multiple scenarios and/or modes of play. In particular, Fortune and Glory is playable competitively, cooperatively, or even solitaire.
Full disclosure: Matt and I really wanted to demo this game at Gen Con last year, but missed the opportunity. We sprang at it this year.
Sitting down, we chose our characters for the game. I opted for Duke Dudley, a British nobleman whose wealth and patriotism were his unique advantages. (This decision may have been influenced by the fact that the photo model for the Duke was literally standing over my shoulder at the time.) Matt chose Doctor Zhukov, a mad Russian scientist whose scientific mind gave him other advantages. As with most FFP games, each character gets different dice-related properties as well asspecial abilities.
With all players’ characters chosen, the treasures of the game were revealed. For each of four colored markers, a treasure (“The Glove”) and an adventure (“Of Zeus”) are selected from different decks of cards and then combined. A location card places it randomly on the world map. This was a demo of the competitive mode of play, so the goal was the be the first player to amass a fortune of eight gold (foreshortened for brevity) and return to their home city claimed the day.
When the dice started rolling, the players were off after the titular fortune and glory. The world map is divided up into regional spaces; each space is one movement, as well as each section of ocean or city. Within the first turn, most players had made it to the location of one of the game’s hidden hidden treasures. Others, like yours truly, got stuck in Wales and ambushed by generic thugs.
Each adventure specifies a number of dangers. That’s a measure of the challenges a player must face before they can claim the treasure for their own. A danger card is flipped from a deck. It specifies a type of challenge - such as lore, agility, or cunning - a success threshold, and a required number of successes. Each player’s character card has a corresponding number of dice. That number of dice are rolled and the rolls that meet or exceed the threshold count towards their passing the challenge. If the challenge is met, the player earns glory points which are used as a secondary currency and may opt to continue towards the treasure or camp until later. If the challenge is failed, a cliffhanger ensues.
A cliffhanger is the logical escalation of a danger not triumphed. If you fail to meet the agility test of a daring airplane chase, you’ll flip the card and find yourself trying to escape a flaming wreck on a mountainside, having surrendered all the glory you amassed this turn. Pass this last-ditch effort and you’ll earn the danger token, get some consolation glory, and get to rest until the next turn. Fail, and you’ll sustain wounds that move you closer to ultimate defeat.
If you should succeed in passing all the dangers before the treasure, you take it and need to bring it to a city to fence. Bigger cities mean a bigger take. Drag your feet getting to safety and another adventurer might separate you from your treasure.
Enter a city, and you’ll need to flip a city card from another deck. This randomizes your trip into the city and ensures your run to ground might not be so run-of-the-mill. You might score some extra gear to help you out in the field, or you might bump into some Nazis.
Did I mention the Nazis? I should have. There are Nazis. They have a zeppelin, which is the universal symbol for intrigue, adventure, and Nazi shenanigans. At the end of every turn, a location card is revealed and a movement roll made. The zeppelin moves that many spaces along the shortest path to the indicated locale. If it reaches the location, it drops Nazi tokens on the field that will further complicate your quest. It’s not all gloom and doom aboard the Nazi airship, however. Each turn, the Third Reich is collecting lost gold of its own on the ship; should you be so daring and lucky as to sneak past the guards while in the same map space, you can steal the Nazi’s loot!
F&G is yet another quality product from a fantastic company. One thing I really respect about these guys is that every year, it’s the guys who are in the photo shoots for the game doing the demos and working the retail counter. They’re more than happy to sign a photo for you.
As for my demo, the Duke didn’t come out on top. A failed race for an artifact in Western Europe kept me busy while a flyboy out of San Francisco got lucky and dug up an artifact worth his requisite 8 gold in his back yard. Maybe next time…