Instrumenting masscan for AFL fuzzing

This blog post is about work in progress. You probably don't want to read it.




So I saw this tweet today:




As it turns it, he's just fuzzing input files. This is good, he's apparently already found some bugs, but it's not a huge threat.

Instead, what really needs to be fuzzed is network input. This is chronic problem with AFL, which is designed for inserting files, not network traffic, into programs.

But making this work is actually pretty trivial. I just need to make a tiny change to masscan so that instead of opening a libpcap adapter, it instead opens a libpcap formatted file.

This change was trivial, successfully running it is tough. You have to configure the command-line so all IP addresses match up with the libpcap file content, which is a pain. I created a sample lipcap file and checked it into the project, along with a help document explaining it. Just git clone the project, run make, then run this command line to see it Continue reading

A former NASA chief just launched this AI startup to turbocharge neural computing

A new company launched Monday by former NASA chief Dan Goldin aims to deliver a major boost to the field of neural computing.KnuEdge's debut comes after 10 years in stealth; formerly it was called Intellisis. Now, along with its launch, it's introducing two products focused on neural computing: KnuVerse, software that focuses on military-grade voice recognition and authentication, and KnuPath, a processor designed to offer a new architecture for neural computing.To read this article in full or to leave a comment, please click here

Big Iron Xeons Get A Broadwell Compute And Memory Boost

Intel is coming to the finish line with its 14 nanometer chip making process with the launch of the “Broadwell” generation of Xeon E7 server processors in China today.

Why China? Because for reasons that are not immediately obvious but are completely beneficial to Intel, the Chinese market has for the past several years been adopting four-socket servers in large scale datacenters at a rate that is considerably higher than their peers in the rest of the world. These new Xeon E7 v4 processors will be a big hit for big iron there and anywhere else where having a big

Big Iron Xeons Get A Broadwell Compute And Memory Boost was written by Timothy Prickett Morgan at The Next Platform.

Intel’s next monster 24-core chip is made for high-performance computers

Intel continues to pump more horsepower in its chips, by releasing a 24-core processor for high-performance computers.The Xeon processor E7-8890 v4 chip is part of the Xeon E7-8800 v4 family of chips that Intel announced on Monday. It was announced just a week after Intel made headlines with a new 10-core Core chip for gaming code-named Broadwell-E.The 24-core chip will go, in many cases, into monster performer four- to eight-socket servers. An eight-socket system could have up to 192 cores, with support for up to 24TB of memory.In a data sheet, Intel estimated a 192-core system with 2TB of memory and two hard drives to be priced at about US$165,000. Add 24TB of memory, and the server price could skyrocket.To read this article in full or to leave a comment, please click here

iPhone 7 Rumor Rollup: WWDC invites; Storage party; 3-year cycles

It can be painful enough stretching out iPhone rumors for a year or two, but a new report suggests Apple is changing its cycle for major iPhone refreshes from 2 years to 3. In other words, yes, the iPhone 7 and iPhone 7 Plus could be as boring as headlines have claimed.Nikkei reports that a slowing smartphone market and a lack of room for enhancements have forced Apple to change its ways. Nikkei says look to 2017 if you want excitement:"On the other hand, the 2017 model will likely involve major enhancements and design changes, including adoption of an organic electroluminescent display. The new device will also be able to create more complex tactile vibrations on the display because of a tiny, but high-performance motor equipped inside."To read this article in full or to leave a comment, please click here

Nest CEO Tony Fadell set to leave the company

In an announcement that was rather sudden though perhaps not all that surprising, Tony Fadell on Friday said that he will be stepping down as the CEO of Nest. A legendary Silicon Valley figure, Fadell is not only credited as being the man behind the creation of the iPod but also played an important role in the early development of the iPhone. Following his departure from Apple in 2008, Fadell went on to co-found Nest where the company received numerous accolades for its thermostat.In early 2014, Google agreed to purchase Nest for $3.2 billion. At first glance, the acquisition seemed to be a smart strategic move, especially given the push towards smart appliances in the home. But over the past few years, Nest hasn't exactly performed up to expectations. In recent months, we've seen reports of employee discontent along with reports that the higher ups at Google were expecting more product rollouts from the Nest team.To read this article in full or to leave a comment, please click here

TeamViewer denies hack, blames hijacked accounts on password reuse

A plethora of people with the remote desktop tool TeamViewer have been in an uproar after their machines were remotely hijacked; in some cases over the past month or so, users had their bank or PayPal accounts sucked dry. TeamViewer denied it has been hacked and launched two new security measures.After experiencing a TeamViewer takeover, IBM security researcher Nick Bradley thinks password reuse may be the problem. Bradley said he was gaming on his PC when he lost control of his mouse and TeamViewer popped up. He killed the app and dashed downstairs to another PC which had TeamViewer.To read this article in full or to leave a comment, please click here

TeamViewer Hacked or Breached or Something

If you’re a user of TeamViewer, the very popular “remote support, remote access, and online meeting software” for Windows, OS X, Linux, Chrome OS, iOS and Android, you might want to take a second to change all of your passwords. In fact, before you finish this article, before you learn why you should change your TeamViewer passwords, go change them right now to be really strong passwords and take down any copies you usually leave running that aren’t absolutely necessary … it’s that big a deal. Okay? Done? Good. The reason for my urging you to take immediate action is that through as yet undetermined means, someone or ones have managed to acquire an unknown but apparently huge number of TeamViewer account credentials and as a consequence, a number of TeamViewer users claim to have suffered huge financial losses.To read this article in full or to leave a comment, please click here

Watching Steve Jobs stare slack-jawed at Muhammad Ali

Everyone who has a personal story about Muhammad Ali is sharing it today, including this remarkable anecdote from Dan Bricklin, father of the spreadsheet, originally posted online in 1999. “For those of you too young to remember Ali as the most famous person in the world, let me tell you about the one time I saw him in person. I was at Ben Rosen / Esther Dyson's PC conference in Palm Springs, California; January 1983, I think. Ali was attending a fighter's training camp at the same hotel. We were walking to some event outside. I was next to Steve Jobs and maybe Bill Gates was there. Ali walked down the street. I just remember how we all stopped to watch, mouths open, even Steve. I remember how well he carried himself and his tailored clothes. It made our industry seem small -- here were our top people and all we could do was stand and stare as ‘the Greatest’ walked by oblivious to us and our industry.”To read this article in full or to leave a comment, please click here

EVPN – the basics

So I decided to take a deep dive into eVPN, I’ll mostly be looking into VLAN-aware bundling, as per RFC 7432 – and mostly because I think this will fit more closely, with the types of deployments most of the customers are used to – good old IRB interfaces and bridge-tables!

As everyone knows, VPLS has been available for many years now and it’s pretty widely deployed, most of the customers I see have some flavour of VPLS configured on their networks and use it to good effect – so why eVPN? what’s the point in introducing a new technology if the current one appears to work fine.

The reality is that multipoint layer-2 VPNs (VPLS) were never quite as polished as layer-3 VPNs, when layer-3 VPNs were first invented they became, and still are the in many cases the “go to” technology for layer-3 connectivity across MPLS networks, and the technology itself hasn’t really changed that much for well over a decade. The same cannot be said for VPLS, over the years we’ve had many different iterations of the technology:

  • Vanilla VPLS
    • LDP signalled
    • BGP signalled
  • H-VPLS (hierarchical VPLS)
    • BGP based
    • LDP based
  • VPLS auto-discovery

Along with the different Continue reading

Ping on you! – Beta 2.0 is online

Nicer, more stable, AJAX/JSON enabled pingonyou.com and also preparations in background to introduce the 24/7 Monitoring feature.

So here we are. First a bit of short history, if you have seen the first version of the pingonyou.com, you probably had a sense of 90’s view of the page just by looking at it. Everything was static HTML and all updates were actually refreshing the whole page (including every new line in the ping functionality needed a whole site refresh!). This was also including the fact that the design and color selection was really very basic. If you want to have a look on the old version, simply go to previous articles on this blog (where pictures are) for a comparison or here is a picture of beta 1.0. But lets now focus on the new version which is available from today!

Ping on You – Beta 2.0

The first thing is the color-scheme, after trying out several dozens of combinations, the blue variant was the best overall that provide both good console readability and combined with the fact that the functions that it provides needed to be categorized much better. First everyone that comes Continue reading

Google’s Nest may become a different kind of IoT company after CEO Fadell leaves

Nest co-founder and CEO Tony Fadell is leaving the company, a move that may mark a shift in strategy for one of the early stars of the Internet of Things.Fadell founded the startup, which makes connected thermostats and other smart-home gear, in 2011 with co-founder Matt Rogers. Google bought Nest in 2014. In a blog post on Friday, Fadell didn’t say much about why he was leaving but said he would become an advisor to Alphabet, the parent company of Nest and Google, and its CEO, Larry Page.The resignation came after news reports that said Nest was suffering from internal turmoil. In his parting note, Fadell said the company was growing fast and had a bright future.To read this article in full or to leave a comment, please click here

Doing eDiscovery, Litigation Hold, and Addressing Journaling in Office 365

Retaining and “journaling” content has been a key requirement of organizations for years, however as organizations have migrated to Office 365, plus with Microsoft’s shift to new and improved eDiscovery tools, the process of “holding” and “searching” for content has changed.This article covers a whole new series of best practices that EVERY legal department, compliance officer, and content / Office 365 administrator needs to read, understand, and ensure they have Office 365 setup properly so that when the time comes and they need to do eDiscovery of content, that the information they are looking for has actually been held and managed for future look-up.To read this article in full or to leave a comment, please click here

The quantum era has begun, this CEO says

Quantum computing's full potential may still be years away, but there are plenty of benefits to be realized right now.So argues Vern Brownell, president and CEO of D-Wave Systems, whose namesake quantum system is already in its second generation.Launched 17 years ago by a team with roots at Canada's University of British Columbia, D-Wave introduced what it called "the world's first commercially available quantum computer" back in 2010. Since then the company has doubled the number of qubits, or quantum bits, in its machines roughly every year. Today, its D-Wave 2X system boasts more than 1,000.The company doesn't disclose its full customer list, but Google, NASA and Lockheed-Martin are all on it, D-Wave says. In a recent experiment, Google reported that D-Wave's technology outperformed a conventional machine by 100 million times.To read this article in full or to leave a comment, please click here

Maersk hopes drones can deliver sweet savings

Shipping giant Maersk Group made headlines earlier this year when it used a drone to deliver a bucket of cookies to a tanker at sea. That was just the beginning of an effort the company thinks could dramatically change its business.The company is evaluating ways to expand its use of drones and plans a bigger test later this year, said Markus Kuhn, a supply chain manager at Maersk, at the Drones Data X conference in San Francisco.In January, the company made a drone fly 250 meters from one of its barges to a tanker and drop off a batch of cookies. It's now looking for a drone-making partner for a test flight that would haul a 10-kilogram package for 10 kilometers.To read this article in full or to leave a comment, please click here

Next-Generation ThunderX2 ARM Targets Skylake Xeons

Networking chip maker Cavium is one of the ARM server chip upstarts that is taking on Intel’s hegemony in the datacenter, and is probably getting the most traction among its ARM peers in the past year with its ThunderX multicore processors.

The first-generation ThunderX chips are seeing the most interest from hyperscalers and HPC centers, plus a few cloud builders, telcos, and large enterprises, that want to explore the possibilities of a different server architecture, and they will be even more intrigued by the second-generation ThunderX2 processors, which Cavium unveiled earlier this week at the Computex trade show in Taipei,

Next-Generation ThunderX2 ARM Targets Skylake Xeons was written by Timothy Prickett Morgan at The Next Platform.

Microsoft continues campaign to shut down stupid software pirates

Microsoft this week filed another lawsuit in federal court accusing unidentified individuals with stealing its software by illegally activating more than 1,000 copies of Windows 7, Vista and 8, and Office 2010 and 2013.The suit, filed with a Seattle court on Wednesday, was the latest in a string of cases opened by the Redmond, Wash. company in an effort to quash piracy."Microsoft's cyberforensics have identified over one thousand product activations originating from IP address 66.51.73.111 ('the IP Address'), which is presently assigned to Earthlink Inc., and which, on information and belief, is being used by the Defendants in furtherance of the unlawful conduct alleged herein," Microsoft's lawyers wrote in the complaint.To read this article in full or to leave a comment, please click here

10% off Bose SoundLink Color Bluetooth Speaker- Deal Alert

The SoundLink Color from Bose is designed to be portable and durable, while still delivering the full, rich sound you would expect from Bose. Pairing is easy with simple voice prompts, and the unit can be paired with two devices, so when the first stops the second one can play. It comes in several stylish colors, has an auxiliary input jack for non-Bluetooth devices, and delivers up to 8 hours of music on a single charge. The speaker averages 4.5 out of 5 stars from nearly 5,000 customers (read reviews) and can be purchased at 10% off its regular listing price ($116 - See on Amazon).To read this article in full or to leave a comment, please click here

1 2,927 2,928 2,929 2,930 2,931 3,852