So how many bits are in this instance of H1N1? The raw number of bits, by my count, is 26,022; the actual number of coding bits approximately 25,054 -- I say approximately because the virus does the equivalent of self-modifying code to create two proteins out of a single gene in some places (pretty interesting stuff actually), so it’s hard to say what counts as code and what counts as incidental non-executing NOP sleds that are required for self-modifying code.So it takes about 25 kilobits -- 3.2 kbytes -- of data to code for a virus that has a non-trivial chance of killing a human. This is more efficient than a computer virus, such as MyDoom, which rings in at around 22 kbytes.
It’s humbling that I could be killed by 3.2 kbytes of genetic data. Then again, with 850 Mbytes of data in my genome, there’s bound to be an exploit or two.
source : http://www.schneier.com
Denny Jean Cross
Thursday, 17 September 2009
Hacking Swine Flu
Friday, 11 September 2009
DOOMSDAY 2012 - Mimpi Buruk Antivirus Lokal
Doomsday 2012 adalah salah satu dari 5 WSar alias Worm Dasar yang penulis bahas pada sebuah buku dengan codename "Computer Worm III - The Biggest Secret Finally Revealed". Walaupun merupakan Worm Dasar yang sangat sederhana tetapi Doomsday 2012 saat artikel ini dimuat mampu bertahan dari scan engine antivirus lokal, baik yang mengaku antivirus terbaik didunia ataupun tidak.
Sengaja penulis publish lebih dahulu agar para pemberantas virus, worm, dkk dapat melakukan research dan tindakan-tindakan prefentif. Doomsday 2012 tidak tidak memiliki payload dan tidak melakukan pengrusakan pada file apapun, baik file system atau file dokumen lainnya..
Doomsday 2012 hanya memuat rutin pertahanan dan penyebaran saja.
Sambil mencari bug pada Doomsday 2012, penulis menantang anda membuat program removal untuk Doomsday 2012, 2 program terbaik yang mampu dengan tuntas membersihkan Doomsday 2012 baik file launcher ataupun infector (pada media storage seperti flashdisk atau jaringan) dan mengembalikan manipulasi yang dilakukan.. masing-masing berhak untuk mendapatkan 1 buah buku sesuai pilihan di http://www.tokomahal.com (hadiah langsung dari penulis) adapun persyaratannya adalah:
1. Program removal boleh dibuat dengan menggunakan bahasa pemrograman apapun
2. Program removal tidak menyertakan file pendukung lain yang terpisah (ocx, dll, dan lain sebagainya)
3. Filesize program removal tidak boleh lebih dari 1 Mb.
4. Jika program removal kompleks agar menyertakan cara penggunaannya.
5. Program removal akan dijalankan saat Doomsday 2012 aktif pada system Windows XP SP2 dengan system harddisk NTFS.
Cara pendaftaran sederhana, anda tinggal mengisi komentar pada artikel ini untuk alamat download program removal tersebut. (pengisian komentar juga bisa di lakukan tanpa registrasi di http://darmal.blog.friendster.com)
Pendaftaran dinyatakan berakhir pada tanggal 18 Juli 2009.
Dan jika ada pemenang (jika ada loh) akan diumumkan pada tanggal 21 Juli 2009 di http://darmal.blog.friendster.com
Dengan mendownload Doomsday 2012, berarti anda setuju untuk menanggung segala resiko dan berhati-hati sehingga Doomsday 2012 tidak terlepas dari pengawasan Anda..
Penulis tidak bertanggung jawab atas segala resiko dan penyalahgunaan yang terjadi.
DOWNLOAD DISINI : http://www.mediafire.com/?zvwzytcoezy
nb. Saya tidak akan terlalu heran jika tidak ada yang mampu melakukan pendaftaran, 3 antivirus lokal terbesar di Indonesia saja (PCMAV, ANSAV dan SMADAV) tidak sanggup menghentikan Doomsday 2012.. apalagi Anda.
Source : Achmad Darmal (www.jasakom.com)
Denny Jean Cross
Wednesday, 9 September 2009
Computer's Cool Quotes :
The paradox of our time in history is that we have taller buildings but shorter tempers, wider freeways, but narrower viewpoints. We spend more, but have less; we buy more, but enjoy less. We have bigger houses and smaller families, more conveniences, but less time. We have more degrees but less sense, more knowledge, but less judgment, more experts, yet more problems, more medicine, but less wellness. We drink too much, smoke too much, spend too recklessly, laugh too little, drive too fast, get too angry, stay up too late, get up too tired, read too little, watch TV too much, and pray too seldom. We have multiplied our possessions, but reduced our values. We talk too much, love too seldom, and hate too often. We've learned how to make a living, but not a life. We've added years to life not life to years. We've been all the way to the moon and back, but have trouble crossing the street to meet a new neighbor. We conquered outer space but not inner space. We've done larger things, but not better things. We've cleaned up the air, but polluted the soul. We've conquered the atom, but not our prejudice. We write more, but learn less. We plan more, but accomplish less. We've learned to rush, but not to wait. We build more computers to hold more information, to produce more copies than ever, but we communicate less and less. These are the times of fast foods and slow digestion, big men and small character, steep profits and shallow relationships. These are the days of two incomes but more divorce, fancier houses, but broken homes. These are days of quick trips, disposable diapers, throwaway morality, one night stands, overweight bodies, and pills that do everything from cheer, to quiet, to kill. It is a time when there is much in the showroom window and nothing in the stockroom. A time when technology can bring this letter to you, and a time when you can choose either to share this insight, or to just hit delete.
Denny J.C. Sihombing
source :http://www.coolquotescollection.com
Denny J.C. Sihombing
source :http://www.coolquotescollection.com
Tuesday, 21 July 2009
Missing money?
Source : http://neworder.box.sk/subject.php?subject=Out%20of%20the%20box
Cygnum writes: This one is guaranteed to drive you crazy till you solve it:
Three friends come to a hotel. They pay the receptionist 300$ for a room - 100$ each. Later that day, the receptionist regrets charging them so much so he gives the bellboy 50$ to give back to the three friends. The bellboy decides to steal 20 of those 50 dollars and he only gives back 10$ to each of the friends.
In the end, it turns out that the three friends payed 90$ each, plus there are 20 dollars in the bellboy's pocket - a total of 290$. Where are the missing ten dollars?
ReadMore...
Cygnum writes: This one is guaranteed to drive you crazy till you solve it:
Three friends come to a hotel. They pay the receptionist 300$ for a room - 100$ each. Later that day, the receptionist regrets charging them so much so he gives the bellboy 50$ to give back to the three friends. The bellboy decides to steal 20 of those 50 dollars and he only gives back 10$ to each of the friends.
In the end, it turns out that the three friends payed 90$ each, plus there are 20 dollars in the bellboy's pocket - a total of 290$. Where are the missing ten dollars?
ReadMore...
Saturday, 18 July 2009
MPI and Password Cracking
Source : http://neworder.box.sk/subject.php?subject=Articles%20-%3E%20Link
After sauntering through the web for many hours searching for GOOD documentation on this topic, I realized that it simply does not exist. I’ve been using MPI, both OpenMPI and MPICH2, for a little over two years and have become familiar with implementing it effectively in production environments. I also have experience with setting up scalable password cracking utilities that operate through MPI. With that said, I couldn’t sit on this knowledge anymore, and went through the laborious task of documenting it for public release. I will be updating this documentation in the future to include instructions on how to scale this to a full cluster. For now, it’ll let you utilize all the cores on a single PC for cracking, instead of just one core.
The goals:
• Setup a cluster like directory structure that is scalable
• Install OpenMPI
• Install John the Ripper MPI
• Run a simple test and crack a MD5 hash
Continued [pdf]
After sauntering through the web for many hours searching for GOOD documentation on this topic, I realized that it simply does not exist. I’ve been using MPI, both OpenMPI and MPICH2, for a little over two years and have become familiar with implementing it effectively in production environments. I also have experience with setting up scalable password cracking utilities that operate through MPI. With that said, I couldn’t sit on this knowledge anymore, and went through the laborious task of documenting it for public release. I will be updating this documentation in the future to include instructions on how to scale this to a full cluster. For now, it’ll let you utilize all the cores on a single PC for cracking, instead of just one core.
The goals:
• Setup a cluster like directory structure that is scalable
• Install OpenMPI
• Install John the Ripper MPI
• Run a simple test and crack a MD5 hash
Continued [pdf]
MPI and Password Cracking
Source : http://neworder.box.sk/subject.php?subject=Articles%20-%3E%20Link
After sauntering through the web for many hours searching for GOOD documentation on this topic, I realized that it simply does not exist. I’ve been using MPI, both OpenMPI and MPICH2, for a little over two years and have become familiar with implementing it effectively in production environments. I also have experience with setting up scalable password cracking utilities that operate through MPI. With that said, I couldn’t sit on this knowledge anymore, and went through the laborious task of documenting it for public release. I will be updating this documentation in the future to include instructions on how to scale this to a full cluster. For now, it’ll let you utilize all the cores on a single PC for cracking, instead of just one core.
The goals:
• Setup a cluster like directory structure that is scalable
• Install OpenMPI
• Install John the Ripper MPI
• Run a simple test and crack a MD5 hash
Continued [pdf]
After sauntering through the web for many hours searching for GOOD documentation on this topic, I realized that it simply does not exist. I’ve been using MPI, both OpenMPI and MPICH2, for a little over two years and have become familiar with implementing it effectively in production environments. I also have experience with setting up scalable password cracking utilities that operate through MPI. With that said, I couldn’t sit on this knowledge anymore, and went through the laborious task of documenting it for public release. I will be updating this documentation in the future to include instructions on how to scale this to a full cluster. For now, it’ll let you utilize all the cores on a single PC for cracking, instead of just one core.
The goals:
• Setup a cluster like directory structure that is scalable
• Install OpenMPI
• Install John the Ripper MPI
• Run a simple test and crack a MD5 hash
Continued [pdf]
MPI and Password Cracking
Source :http://neworder.box.sk/
After sauntering through the web for many hours searching for GOOD documentation on this topic, I realized that it simply does not exist. I’ve been using MPI, both OpenMPI and MPICH2, for a little over two years and have become familiar with implementing it effectively in production environments. I also have experience with setting up scalable password cracking utilities that operate through MPI. With that said, I couldn’t sit on this knowledge anymore, and went through the laborious task of documenting it for public release. I will be updating this documentation in the future to include instructions on how to scale this to a full cluster. For now, it’ll let you utilize all the cores on a single PC for cracking, instead of just one core.
The goals:
• Setup a cluster like directory structure that is scalable
• Install OpenMPI
• Install John the Ripper MPI
• Run a simple test and crack a MD5 hash
Continued [pdf]
After sauntering through the web for many hours searching for GOOD documentation on this topic, I realized that it simply does not exist. I’ve been using MPI, both OpenMPI and MPICH2, for a little over two years and have become familiar with implementing it effectively in production environments. I also have experience with setting up scalable password cracking utilities that operate through MPI. With that said, I couldn’t sit on this knowledge anymore, and went through the laborious task of documenting it for public release. I will be updating this documentation in the future to include instructions on how to scale this to a full cluster. For now, it’ll let you utilize all the cores on a single PC for cracking, instead of just one core.
The goals:
• Setup a cluster like directory structure that is scalable
• Install OpenMPI
• Install John the Ripper MPI
• Run a simple test and crack a MD5 hash
Continued [pdf]
Thursday, 16 July 2009
Better than bruteforce attack on AES
source : http://neworder.box.sk/subject.php?subject=Articles%20-%3E%20Link
here's a new cryptanalytic attack on AES that is better than brute force:
"Abstract. In this paper we present two related-key attacks on the full AES. For AES-256 we show the first key recovery attack that works for all the keys and has complexity 2^119, while the recent attack by Biryukov-Khovratovich-Nikolic works for a weak key class and has higher complexity. The second attack is the first cryptanalysis of the full AES-192. Both our attacks are boomerang attacks, which are based on the recent idea of finding local collisions in block ciphers and enhanced with the boomerang switching techniques to gain free rounds in the middle."
In an e-mail, the authors wrote: "We also expect that a careful analysis may reduce the complexities. As a preliminary result, we think that the complexity of the attack on AES-256 can be lowered from 2^119 to about 2^110.5 data and time. We believe that these results may shed a new light on the design of the key-schedules of block ciphers, but they pose no immediate threat for the real world applications that use AES."
Agreed. While this attack is better than brute force -- and some cryptographers will describe the algorithm as "broken" because of it -- it is still far, far beyond our capabilities of computation. The attack is, and probably forever will be, theoretical. But remember: attacks always get better, they never get worse. Others will continue to improve on these numbers. While there's no reason to panic, no reason to stop using AES, no reason to insist that NIST choose another encryption standard, this will certainly be a problem for some of the AES-based SHA-3 candidate hash functions.
Continued...
here's a new cryptanalytic attack on AES that is better than brute force:
"Abstract. In this paper we present two related-key attacks on the full AES. For AES-256 we show the first key recovery attack that works for all the keys and has complexity 2^119, while the recent attack by Biryukov-Khovratovich-Nikolic works for a weak key class and has higher complexity. The second attack is the first cryptanalysis of the full AES-192. Both our attacks are boomerang attacks, which are based on the recent idea of finding local collisions in block ciphers and enhanced with the boomerang switching techniques to gain free rounds in the middle."
In an e-mail, the authors wrote: "We also expect that a careful analysis may reduce the complexities. As a preliminary result, we think that the complexity of the attack on AES-256 can be lowered from 2^119 to about 2^110.5 data and time. We believe that these results may shed a new light on the design of the key-schedules of block ciphers, but they pose no immediate threat for the real world applications that use AES."
Agreed. While this attack is better than brute force -- and some cryptographers will describe the algorithm as "broken" because of it -- it is still far, far beyond our capabilities of computation. The attack is, and probably forever will be, theoretical. But remember: attacks always get better, they never get worse. Others will continue to improve on these numbers. While there's no reason to panic, no reason to stop using AES, no reason to insist that NIST choose another encryption standard, this will certainly be a problem for some of the AES-based SHA-3 candidate hash functions.
Continued...
Software Problems with a Breath Alcohol Detector
source : http://neworder.box.sk/subject.php?subject=Articles%20-%3E%20Link
This is an excellent lesson in the security problems inherent in trusting proprietary software:
After two years of attempting to get the computer based source code for the Alcotest 7110 MKIII-C, defense counsel in State v. Chun were successful in obtaining the code, and had it analyzed by Base One Technologies, Inc.
Continued..
Discuss Here
This is an excellent lesson in the security problems inherent in trusting proprietary software:
After two years of attempting to get the computer based source code for the Alcotest 7110 MKIII-C, defense counsel in State v. Chun were successful in obtaining the code, and had it analyzed by Base One Technologies, Inc.
Continued..
Discuss Here
Tuesday, 14 July 2009
Wireless Programming with J2ME: Cracking the Code
source:
http://www.forum.hackers-center.org
Part of the new Cracking the Code Series, Wireless Programming with J2ME provides a look at the code behind wireless Java applications.
Think of J2ME as a tiny version of Java specifically for mobile devices –– perfect for bringing powerful, robust applications to mobile phone, pagers, PDAs, and other handhelds. Writing applications for handheld and mobile devices is different than regular Java programming. Mobile developers have to deal with limited screen real estate, bandwidth and computing power. This book covers six wireless applications complete with Flow Diagrams and line–by–line code description. It covers all of J2ME including CDC,CLDC and MIDP with an emphasis on practical code.
download:
http://rapidshare.com/files/217402545/WPgrJ2MEHM.rar
http://www.forum.hackers-center.org
Part of the new Cracking the Code Series, Wireless Programming with J2ME provides a look at the code behind wireless Java applications.
Think of J2ME as a tiny version of Java specifically for mobile devices –– perfect for bringing powerful, robust applications to mobile phone, pagers, PDAs, and other handhelds. Writing applications for handheld and mobile devices is different than regular Java programming. Mobile developers have to deal with limited screen real estate, bandwidth and computing power. This book covers six wireless applications complete with Flow Diagrams and line–by–line code description. It covers all of J2ME including CDC,CLDC and MIDP with an emphasis on practical code.
download:
http://rapidshare.com/files/217402545/WPgrJ2MEHM.rar
Subscribe to:
Posts (Atom)