I gave a presentation at this month’s Rochester 2600 meeting about competitive intelligence. The point was to give some background about competitive intelligence/corporate spying and make some analogizes to people in infosec. FWIW, you can check it out over here.

I’ve been putting some time into trying to improve my intelligence gathering capabilities. Normally we would call this recon during a pen test or OSINT gathering. But I’ve been thinking about it from the perspective of the CIA who refer to it as intelligence gathering. The ideas are basically same: collect information that provides you with some kind of insight into a target. For a pen test, I want to know information about the subject I’m testing. Maybe it’s network information, or job openings, or list of employees, all this type of data can be used during later phases of the assessment. For your organization, you may want to know when Anon is going to be launching an attack on your network or an employee who is leaking company secrets on her Facebook account.

Quick blog post — thought it would be funny to make an Instagram script that will download all the locations of a user account. You can find the details on how to use it on Github. Pretty straightforward: ./instagram.py (instagramID) (InstagramAPIToken) You’ll need to sign up for the InstagramAPI which you can do here: http://instagram.com/developer/ And you can find your friend’s InstagramID using this handy tool here: http://jelled.com/instagram/lookup-user-id Download the code from Github here: https://github.com/antitree/instastalk

Browser fingerprint tactics, like the ones demonstrated in Panopticlick have been used by marketing and website analytic types for years. It’s how they track a user’s activities across domains. Just include their piece of JavaScript at the bottom of your page and poof, you’re able to track visitors in a variety of ways. I don’t care much about using this technology for marketing, but I do care about using this type of activity for operational security purposes. Imagine using this technique as a counter-intelligence tactic. You don’t want to prevent someone from accessing information, but you do want to know who is doing it, especially if they have ill intentions in mind. IP addresses are adorable but hardly reliable when it comes to anyone that knows how to use a proxy, so using a fingerprint application, like Panopticlick, we can see who is visiting the site no matter what their locations appears to be.

Panopticlick is a project run by the EFF that highlights the privacy concerns related to being able to fingerprint your browser. It suddenly popped back up in /r/netsec like it was a new project. The site works by showing you the results of a full fledge browser fingerprint tool, letting you compare how similar or dissimilar you are to other visitors. This is done in a variety of ways. By looking at the user agent, screen resolution, fonts installed, plugins installed, versions of those plugins, and much more. You can read the Panopticlick whitepaper if you want to understand more about how it works.

Last year, I wrote a post outlining some of my focus points for the rest of the year. This is a review of those tasks and an updated perspective for the next year. Last Year Hardware Security Projects Last year, I generically noted that I’d like to get into more hardware security projects. I took on the Juke Box project which was a mixture between hardware hacking, radio, and mobile. I’ve also been doing a lot more soldering to work on Travis Goodspeed’s FaceDancer 11 and GoodFet. I think the new pile of hardware hacking tools in my office reflects a consistent interest in this.

Spicy Mango is a project that Chris Centore started and presented on at Derbycon this year. It’s difficult to describe completely but in essence, it is an intelligence collection and analysis engine that helps you parse large amounts of data to extract items of interest. For example, say that you wanted to keep track of your nym and how it was used on the net. You could do something like a Google Alert that sends you an email every time “AntiTree” appears in the search engine. With Spicy Mango, you can search multiple sources (such as forums, blogs, news outlets) for relevant data and then carve out what is actionable. You probably don’t want to see Tweets that you sent yourself but you might want to see them referencing your account.

I love excessively documented things. Design documents, protocols specs…whatever and Tor is one of those projects that I’ve always loved to randomly poke around into. I got sucked into Tor’s source code today and was entertained by the results. Beware, crypto time suck ahead. ControlPort Tor is controllable by making socket connections to it’s aptly named “ControlPort” usually on port 9051. The control port is not enabled by default if you’ve just installed Tor on Ubuntu or something, but it is enabled on the Windows packages that use front-ends like Vidalia. Anyways, this gives various third parties the ability to control all aspects of Tor on-the-fly.

Late next week, JustBill and I will be presenting at Defcon/303 Skytalks in Las Vegas. The presentation, Jukebox Jacking, is a project I’ve been working on for longer than I want to admit. The short version is that I’ve been messing around with a jukebox in my spare time as a weird side project. It started out as just a mobile hacking project and then turned into RF and hardware hacking. Here’s the link: https://skytalks.info/talks.html#8

BSidesROC is over. There’s no reason to really give you a blow by blow but I think it might be entertaining to see some of the feedback we received from attendees. Both years that we’ve done BSidesROC we’ve sent out a survey email right after the event with a very quick survey that gave us some feedback on what people thought about the event. I really do take it seriously but also some of the responses were very interesting.