Monday, August 09, 2010

MUST SEE FILM - The Bill Hicks Story

"Go back to bed, America, your government has figured out how it all transpired, go back to bed America, your government is in control again. Here, here's American Gladiators, watch this, shut up, go back to bed America, here is American Gladiators, here is 56 channels of it, watch these pituitary retards bang their fucking skulls together and congratulate you on living in the land of freedom. Here you go America—you are free to do as we tell you! You are free to do as we tell you!"

… We live in a world where John Lennon was murdered, yet Barry Manilow continues to put out fucking albums. God-dammit! If you're gonna kill somebody, have some fucking taste. I'll drive you to Kenny Rogers' house.

Here it is! The official 'redband' trailer for American The Bill Hicks Story
This groundbreaking new documentary uses a stunning new animation technique to tell the story of the modern cultural icon Bill Hicks.
Music: "Breathe Me" performed by Sia, courtesy of Island UK and Universal Music Operations Ltd. Written by Furler/Carey.

A film about Hicks' life and career, rumored to be directed by Ron Howard, is said to be in pre-production. Russell Crowe has been mentioned as one of the producers and may portray Hicks as well.[44]

A documentary entitled American: The Bill Hicks Story, based on interviews with his family and friends, premiered on March 12, 2010, at the South by Southwest Film Festival in Austin, Texas.[45] The film has gone on to screen at multiple festivals including SxSW, London Film Festival and Sheffield Doc/Fest.

Today, a young man on acid realized that all matter is merely energy condensed to a slow vibration — that we are all one consciousness experiencing itself subjectively. There is no such thing as death; life is only a dream, and we are the imagination of ourselves... Here's Tom with the weather!

In April 1993, while touring in Australia, Hicks started complaining of pains in his side, and on June 16 of that year, he was diagnosed with pancreatic cancer that had spread to his liver

He started receiving weekly chemotherapy, while still touring and also recording his album, Arizona Bay, with Kevin Booth. He was also working with comedian Fallon Woodland on a pilot episode of a new talk show, titled Counts of the Netherworld for Channel 4 at the time of his death. The budget and concept had been approved, and a pilot was filmed. The Counts of the Netherworld pilot was shown at the various Tenth Anniversary Tribute Night events around the world on February 26, 2004.

After being diagnosed with cancer, Hicks would often joke openly at performances exclaiming it would be his last. The public, however, was unaware of Hicks's condition. In reality, only a few close friends and family members knew of his disease. Hicks performed the actual final show of his career at Caroline's in New York on January 6, 1994. He moved back to his parents' house in Little Rock, Arkansas, shortly thereafter. He called his friends to say goodbye, before he stopped speaking on February 14[19], and re-read J.R.R. Tolkien's The Fellowship of the Ring.[20] He spent time with his parents, playing them the music he loved and showing them documentaries about his interests. He died of cancer in the presence of his parents at 11:20 p.m. on February 26, 1994. He was 32 years old.[21] Hicks was buried in the family plot in Leakesville, Mississippi.

On February 7, 1994, after his diagnosis with cancer, Hicks authored a short prayer on his perspective, wishes and thanks of his life, to be released after his death as his "last word",[18] ending with the words:

I left in love, in laughter, and in truth and wherever truth, love and laughter abide, I am there in spirit.

Hicks' mother, Mary, appeared on the January 30, 2009, episode of Late Show. Letterman played Hicks's routine in its entirety. Letterman took full responsibility for the original censorship and apologized to Mrs. Hicks. Letterman also declared he did not know what he was thinking when he pulled the routine from the original show in 1993. Letterman said, "It says more about me as a guy than it says about Bill because there was absolutely nothing wrong with that.

William Melvin "Bill" Hicks (December 16, 1961 – February 26, 1994) was an American stand-up comedian, philosopher and a satirist. His humor challenged mainstream beliefs, aiming to "enlighten people to think for themselves."[1] Hicks used a ribald approach to express his material, describing himself as "Chomsky with dick jokes."[1]  His jokes included general discussions about society, religion, politics, philosophy and personal issues. Hicks' material was often deliberately controversial and steeped in dark comedy. In both his stand-up performances and during interviews, he often criticized consumerism, superficiality, mediocrity and banality within the media and popular culture, describing them as oppressive tools of the ruling class, meant to "keep people stupid and apathetic.

On Jay Leno Image

"Selling Doritos on TV? What a fuckin' whore. And not even when he needed the money either, you know? If you're a young actor, I'll look the other way, but the guy makes $3 million a year, he decides to hock Doritos to make more money. You don't got enough money you fucking whore? You've got to sell snacks to bovine America now? It's Satan fucking him in the ass on national TV man . . . fuck . . ."


Bookmark and Share
posted by u2r2h at Monday, August 09, 2010 0 comments

Tuesday, August 03, 2010

GSM encryption easy - DEFCON 18


See you at the Rio in 2011

see -

All photos from WIRED.COM
nsl defcon eecue attack nija

LAS VEGAS — Roughly 10,000 computer hacking enthusiasts, poseurs, geeks, nerds and government agents gathered for DefCon this weekend. In its 18th year, the world's largest hacker convention draws people from all walks of life to learn about the latest hacking techniques.

Talks this year ranged from hardware hacker Chris Paget's demonstration of real-time cellphone eavesdropping, to defeating biometric locks with a hardware bypass, to the always popular Meet the Fed panel where hackers get to meet a group of federal agents involved in computer security. The talks aren't the only events of interest. There are dozens of popular contests, fundraisers and parties.

DefCon has a long history of either outgrowing or being thrown out of various hotels. This year marked the final year at the Riviera Hotel which has been straining to accommodate the annually increasing crowds. DefCon organizer Jeff Moss, AKA Dark Tangent, announced the new venue during the closing ceremony. Next year's DefCon will be held at the Rio, which has a much larger conference center along with more restaurants, bars and guest rooms than the Riviera.

Here is a look at some of the highlights of DefCon 18:

Above: The official DefCon badge (second from left) isn't the only electronic neckwear offered at the convention. Limited edition breathalyzer badges (left) from the Null Space Labs hacker space in Los Angeles were given to some attendees. The 303 hacking crew from Colorado gave out badges to their members (second from right) and the Ninja Networks gave out badges for their exclusive party

DHS, CIA, DOD, DefCon. Ninja Networks, Joint Chiefs of Staff/The Pentagon.

DefCon volunteer Cal positions an antenna for the cell phone eavesdropping talk on Saturday. The convention is run almost entirely by volunteers, known as goons, who do everything from security, to speaker wrangling to setting up and running the network.

EFF volunteer Funball gives Defcon attendee Zane a mohawk as part of an EFF fundraising effort.

Computer security professional Vyrus competes in the Capture the Packet contest. A new contest for Defcon 18, CTP was created by Riverside who also runs the always popular Wall of Sheep. The contestants are given captured network traffic and their job is to reassemble the message hidden inside the data

The infamous Wall of Sheep lists usernames and obfuscated passwords for DefCon attendees who were unlucky enough to send out their login information unecrypted over the conference's wireless network. This year the most common services on the wall of sheep were Twitter and Foursquare

A number of relatively ancient computers were on display in the Old School Computing room. The best part was that all the computers were working and attendees were encouraged to log in and play around.

It's that time of year. Defcon and Black Hat conventions are happening. Invited presenters are spilling the beans about security issues they have uncovered. One of the more controversial presentations explains how to affordably side step GSM encryption. That's a big deal since billions of people are still using GSM phones.
Some history

GSM encryption can be circumvented due to the trusting nature of the protocol. Fortunately, the following two factors have kept it safe:

    * The cost of equipment required to circumvent GSM encryption is astronomical.
    * Not just anyone can buy the equipment. You have to work for one of those three-letter organizations or have a badge.

Enter Chris Paget

It had to happen; cost is no longer an issue. Chris Paget is saying it's possible to intercept GSM phone calls on the cheap. That type of bravado created the drama Defcon is known for. So much so, that Mr. Paget wasn't sure he was going to give his talk.

A credible source indicated to Mr. Paget that AT&T (only AT&T and T-Mobile have GSM networks) might be considering a lawsuit. On top of that, the FCC let it be known they were concerned about unlawful interception of phone calls. After conferring with EFF lawyers, Mr. Paget went ahead with the presentation and live demonstration. Mr. Paget mentions his appreciation for their help in one of his blogs:

"I'd like to say a really big thank you to the EFF; without their assistance the talk would not have gone ahead (the demo certainly wouldn't have)."
Weak link

Mr. Paget uses what many consider a flaw in the GSM protocol. That being there is no mutual-authentication exchange between mobile phones and the network. Only the phone authenticates. It sends a unique International Mobile Subscriber Identity (IMSI) stored on the SIM to the cell tower it's trying to associate with.

It would appear that this weakness opens the door for Man-in-the-Middle (MitM) attacks. Yet, some argue that's not possible. The traffic is encrypted. Well, maybe not. The GSM protocol gives network controllers (cell towers) the option to force connected mobile phones to turn off encryption.
What that means

Like any MitM attack, the idea is to create a situation where a piece of hardware is able to interact with GSM mobile phones in the same manner as the telco provider's cell tower. Hardware devices capable of this are fittingly called IMSI-catchers.

Any number of things can happen after the IMSI-catcher is in control. Sensitive information such as IMSI, IMEI, and phone numbers can be captured. It's also possible to record the audio portion of each call.

Required equipment

Some friends of mine stressed that this is not new technology. Several companies sell IMSI-catchers, NeoSoft being one example. The catch is that the equipment is usually only sold to governmental agencies and law enforcement groups. Besides they are hugely expensive.

Therein lies the real significance of what Mr. Paget accomplished. He made an IMSI-catcher for around $1500 US. That includes the transceiver, two directional antennas, a notebook, OpenBTS a software-GSM access point, and Asterisk — software that acts as a gateway between GSM networks and VoIP networks. The following slide gives you an idea of the setup (courtesy of Dave Bullock and Wired):

Indications of an attack

There aren't strong indicators that a MitM attack is taking place. Mr. Paget did mention we need to be alert for the following oddities when making a phone call:

    * The phone is on a GSM network in a known 3G coverage area and the phone is 3G capable.
    * The receiving party is seeing an unusual phone number on caller-ID.
    * Paget's IMSI-catcher only captures outbound calls. Incoming calls go directly to voice mail.

Mr. Paget during his talk admitted the software could easily be upgraded to forward the caller's real phone number.
Possible workarounds

There is some recourse for people using AT&T and T-Mobile phones. Mr. Paget mentioned that BlackBerry phones from RIM may add a second layer of encryption and have a setting to disable GSM. Another possibility is AT&T's new encryption service. For the rest of us, it seems we need to make sure the 3G is displayed.
Final thoughts

Fortunately, this attack only works if your mobile phone is using a GSM network. CDMA and 3G networks are safe for now. The real concern is that this attack vector is no longer out of reach due to cost. Making it one more thing security-conscious people need to be aware of.

DefCon admin Lockheed gives details of the network usage during the DefCon closing ceremony. Against the wall are the volunteers who run the DefCon network

Bookmark and Share
posted by u2r2h at Tuesday, August 03, 2010 0 comments