Two apps making the rounds this week that are built on top of the Foursquare platform. #Mom – HashtagMom.com A great idea that keeps Mom from worrying. Just add #mom to your check in and they will call or text your mother to let her know you arrived safely. I’ll be adopting this as soon [...]

link

Are you a Gmail user and you own an iPhone? You probably aren’t taking full advantage of either product. Want faster mail delivery or multiple calendars? Here is the advanced setup. The Better Setup for Gmail on iPhone Many people assume they should use the Google Mail option when adding their Gmail account to their [...]

link

[To my Readers: The following is an open letter that I’ve sent to my elected representatives. While I fully support the Internet Protest today I’ve chosen not take down my site because where else would I have the freedom and power to publish to the world… and isn’t that the point. Help fight Internet Censorship] [...]

link

Link: http://www.irongeek.com/i.php?page=videos/basic-setup-of-security-onion-snort-snorby-barnyard-pulledpork-daemonlogger
Thanks to Doug Burks for making building a Network Security Monitoring Server much easier. I mentioned Snort, Snorby, Barnyard, PulledPork and Daemonlogger in the title, but there is a lot more on the distro than that. This is a nice way to get an IDS up and running featuring pretty frontends without going into dependency hell.

link

At the beginning of each year I take time to organize and simplify my digital life and in 2012 I tackled a whale… email. My problem is not managing my inbox but rather I had too many email accounts. So I simplified and in the process decided to give Mozilla’s email client Thunderbird another look. [...]

link

A run down of the things I’m testing, trying, and liking… Recently Discovered iPhone apps I’m loving Garmin onDemand – $0.99 Requires active data connection. Terrific navigation app. Instantly became my go to map app. Twittelator Neue – $1.99 Best Twitter iPhone app I’ve ever used. Inline photos, intuitive controls and just plain awesome. AutoMD.com [...]

link

Link: http://www.irongeek.com/i.php?page=videos/networkminer-professional
This video was made to show some of the extra features of NetworkMiner Professional, like Pcap-over-IP, running on OS X under Mono, Export results to CSV / Excel, Geo IP localization, Host coloring support, and Command line scripting support.

link

Link:http://www.irongeek.com/i.php?page=videos/derbycon1/jamison-scheeres-social-engineering-is-a-fraud
Jamison gave me the go ahead to post his video from Derbycon. Now I just have to get off my lazy butt and do the video for the updated/professional version of NetworkMiner.

link

What is that star thing? and What does it do? There seems to be a lot of folks that haven’t really explored favoriting tweets or at least don’t see value of starring tweets of others so here’s a quick intro to one of the most overlooked little gems of Twitter. What is a Favorite? There [...]

link

Perhaps no other area has the mobile revolution so drastically improved as the world of travel. From where you eat to finding the nearest bathroom your smartphone (and tablet) may be the most valuable travel guides the world has ever created. Here’s how to add some tech to your next trip and ensure a smooth [...]

link

Updates To Homemade Hardware Keylogger/PHUKD Hybrid Fixed some bugs, added some features.

Change logs:

PS/2 Hardware Keylogger/PHUKD:

0.01:
* Holding mod keys did not always work for multi select. Got it working (at least I think I did).
* Nulls were getting into the logs, so I made an unhandled keycode exception.

USB Hardware Keylogger/PHUKD:

0.01:

* Holding mod keys did not always work for multi select. Got it working by taking out the key replay code,
and made held keys function better in the process. Also, it made the code simpler to read as I got rid
of a bunch of unneeded cruft code. :)
* Nulls were getting into the logs, so I made an unhandled keycode exception.
*Changed log brackets from <> to [].

0.02:
* Fixed bug in logging unknown keys.
* Added logging for keys [KEY_TAB] and [KEY_NON_US_NUM].
* Ctrl+Alt+S toggles the typing of raw bytes as they come in the serial connection.
* Converted ints to bytes in many places. I think their was a type casting problem causing weird issues.
* Fixed a buffer overflow issue caused by IncomingHIDReportIndex going over 18.
* Many other tiny changes.

link

Evernote is a vast and powerful system but it takes time to discover its place in your work flow. You’re confident that it solves a problem but you aren’t sure which one. Don’t worry, I think that may be the common experience. I had Evernote installed for months before I really began to use it [...]

link

I’m starting a new series on one of the most flexible and productive pieces of software I’ve ever used. Evernote. I find myself spending more time discussing Evernote in my presentations and having conversations about it on a weekly basis. I’ve become an unofficial evangelist because this beautiful and simple system has transformed how I [...]

link

Link: http://www.irongeek.com/i.php?page=videos/derbycon1/mainlist
Remember, these are coming out in waves. In this wave are all of the videos from the first day of the conference. In this wave:

Adrian, Dave, Martin: Welcome to DerbyCon 2011 – Intro to the con and events
KEYNOTE ~ HD MOORE – Acoustic Intrusions
Johnny Long – Hackers for Charity Update
Kevin Mitnick + Dave Kennedy – Adaptive Penetration Testing
The Penetration Testing Execution Standard (PTES) Panel
Bruce Potter – The Details Don’t Matter
Chris Nickerson – Compliance: An Assault on Reason
Pat McCoy & Chris Silvers – Hook, Line and Syncer: The Liar for Hire’s Ultimate Tacklebox
atlas – sploit me if you can
Jason Scott – Jason Scott’s Shareware Calvacade
Vlad Gostom & Joshua Marpet – Smile for the Grenade! Camera go Bang!

link

Send Later… Those are powerful words. It allows me to produce when I can and publish when I determine. I schedule blog posts and delay delivery time of emails (Tip: Try Boomerang for gmail) so scheduling tweets made sense to me from the first day I discovered the function. Scheduling tweets enables me to: Talk [...]

link

http://www.derbycon.com/
Thanks for making Derbycon a huge successes guys. Be sure to hit up @purehate_, @dave_rel1k or myself (@irongeek_adc) for suggestions on making next year even better. Next up for me are Hack3rcon and Skydogcon. Also, the videos from Derbycon will be coming out in waves soon. DigiP is working on the splash and title card art, and after I have that I can start rendering out the split screen versions. Thanks again.

link

Let’s keep this short and very sweet. I’ve tried every remote support and screen sharing technology on the planet and I’ve discovered a new favorite. So whether you need to help Mom block people on Facebook or share a presentation with 200 of your closest friends look no further than Join.me Simply stated: I’ve never [...]

link

Link: http://www.irongeek.com/i.php?page=security/derbycon-area-map
Putting this up to help attendees, speakers and sponsors find food, supplies, booze, ATMs, shipping and sites near the Derbycon hotel.

link

Link: http://www.irongeek.com/i.php?page=security/programmable-hid-usb-keystroke-dongle#Programming_examples_and_my_PHUKD_library
I put up the version 0.3 of the Programmable HID USB Keyboard/Mouse Dongle Library. It should now work with newer versions of the Arduino and the Teensyduino environments.

link

I’ve been meaning to talk to you about this for weeks but I’ve held out hope things would get better. We can’t keep going like this… I can’t keep making excuses. I don’t have space for you right now. Yes you’re beautiful and wonderful and your future is filled with promise but now just isn’t [...]

link

Mutillidae 2.1.0 release
Jeremy Druin has been at it again, with more upgrades to the webapp security teaching tool Mutillidae. In his words:

Well. Its finally here for better or worse. This version of Mutillidae has nearly every vulnerability known. And they come in bulk. There is all of the OWASP Top 10 plus another ten categories at least. The documentation has been upgraded extensively including the hints and installation instructions. The menu system has been redesigned again to make it easier for users to find the exploit they want to try. Current vulns that are not OWASP top 10 have been added including click-jacking, parameter pollution, cross site framing, and arbitrary file inclusion. I ripped out the MYSQL interface and replaced it with the new object oriented version that comes with PHP 5.3.0 called MYSQLi. The "i" is supposidly for improved. I also enhanced the presentation and output on many pages. Hopefully it is enterprise grade now. My goal is for pros to use this in training developers.

I added test scripts in the documentation folder. You might like some of them. Some are more fun than monkeys with bubble-gum.

link

I just discovered how to overcome a strange iPad/iPhone sync issue using Windows 7 and iTunes. Since it took a bit of digging I thought I’d share to this tip to help some Google searcher in the future. The Error "iTunes was unable to load data class information from sync services" "iTunes was unable to [...]

link

It’s no secret I’m a fan of Twitter Lists, I use them for listening to groups of people I value and for topics likes news and politics. They are also a great shortcut to finding quality people and seeing who others recommend. A few days ago Klout released a feature to import twitter lists and [...]

link

Back in the dark ages of Twitter (2009) @LG kick-started tweeting in Arkansas with the Arkansas Twitter Guide. The conversation has exponentially expanded and we are now seeing a meteoric rise of Arkansas specific hashtags. As an advocate of hashtag usage this is a great trend to keep Arkansans informed and spawn further conversation but [...]

link

Link: http://www.irongeek.com/i.php?page=videos/security-tips-for-the-small-business-from-70000-feet
A little while back Joe Hollingsworth and I were interviewed for an article in the Southern Indiana Business Source. The local Kiwanis club asked for a 25 min talk on the subject of the article, so we came up with this mandate:
Given only 25 minutes, tell us what a small business could do to help their security posture.
Well, it ended up being almost 40min and we did not get through all of the slides. The live video camera failed, so the audio in this video is what the laptop recorded. It may not be something most of my readers will be interested in, but it may help you present on a similar topic.

link

As our everyday lives become more ingrained with our social networks and smartphones becoming the norm it’s easy to see why the mobile communications space is getting white hot. Last spring SXSW was abuzz with a new breed of apps that were a hybrid of IM and texting that focused on enabling small groups of [...]

link

Link: http://www.irongeek.com/i.php?page=videos/cipherspaces-darknets-an-overview-of-attack-strategies
This is essentially the talk I gave at Defcon 19, but I had a little more time to cover the topic in this canned video:

Darknets/Cipherspaces such as Tor and I2P have been covered before in great detail. Sometimes it can be hard to follow attack strategies that have been used against them as the papers written on the topic have been academic and abstract. What this talk will attempt to do is step back and give an overview of the topic in a manner hopefully more conducive to the understanding of security practitioners, giving more concrete examples. While little to nothing in this talk will be "new and groundbreaking" it should lead to a better understanding of how encrypted anonymizing networks can be subverted to reveal identities.

link

Link: http://www.irongeek.com/i.php?page=reviews/dell-xp-mini-displayport-projector-fix
Ok, this is not security related, but I know a lot of people who do presentations and may run into these issues when they try to use an Apple Min-DisplayPort adapter with their new Windows 7 laptop. Hope it helps.

link

I’m often asked, most usually by a friend or client that recently suffered a virus infection, why are computer viruses so rampant? Who is writing them and why? This video is an excellent explanation to the driving forces behind the current state of computer viruses. Mikko Hyppönen shares the story behind PC viruses   Make [...]

link

Link:

http://www.irongeek.com/i.php?page=videos/oisf-2011
These are the presentations from the Ohio Information Security (OISF) Anniversary Event. The descriptions are largely Ligatted from the OISF website.

Endpoint Security Decisions - Kurt Roemer
Defending against XSS - Jason Montgomery
Project Ubertooth: Building a Better Bluetooth Adapter - Michael Ossmann
Making Windows 7 SP1 32/64bit Boot CD/DVD/USBs with Winbuilder - Adrian Crenshaw
Cloud Computing Security - Dr. James Walden

link

Link:http://www.irongeek.com/i.php?page=videos/aide-2011-summer
These are the presentations from the AIDE 2011 conference at Marshall University. We had some issues early on with the schedule not matching the talks, so descriptions are incomplete. The descriptions I do have are largely Ligatted from the AIDE website.

Social Networks - Evan Patterson
Who are you going to call? - Evan Patterson
WV Crimes requiring Electronic & Digital Evidence - Philip Morrison
Professionalism on the Witness Stand - Phillip Morrison
Common Darknet Weaknesses - Adrian "Irongeek" Crenshaw
Recent HIPAA/HITECH Changes - Caleb Knight
Hacking A Mature Security Program - David "ReL1K" Kennedy

link

I’m thrilled to be headed back to Wordcamp Fayetteville this year and whether you’re grizzled guru or just discovering WordPress you should really make plans to attend. The conference is Sat., July 30th at the Reynolds Center on the U of A campus and there are still tickets available. Wordcamp is an amazing opportunity to [...]

link

As I spend more time with Google+ and play with Facebook video chat I’m left with a single question – What happened to innovation at Twitter? The past year of social innovation. Since July 2010, Facebook has introduced: New Facebook Groups which are probably the best group technology the web has produced. Facebook Places Facebook [...]

link

Link: http://www.irongeek.com/i.php?page=videos/xboot-backtrack-winbuilder-dual-boot
This is a quick and dirty video to show how to make a multiboot thumbdrive with XBOOT. You can also create a multiboot CD/DVD by combining other ISOs. Operating Systems loaded on mine include: Backtrack 5, Winbuilder/Win7PE SE, DBAN, UBCD4Win, TAILS, Gparted, Ubuntu 11.04, etc.

link

This is the smartest social network I’ve ever used and it has more potential to change how I use the web than anything I’ve seen in a decade. What is it? -Facebook without the noise & junk. -Twitter with context & 1000x more functionality. -Friendfeed without the cacophony of aggregated content. Why it matters? It [...]

link

Link: http://www.irongeek.com/i.php?page=videos/portable-boot-devices-usb-cd-dvd      
This is a talk I did on making bootable USB drives/CDs/DVDs for my local ISSA. Think of it as a braindump and starting point for making your own.

link

I thought I might wait and write this post after I had everything just perfect but the simple fact is I’m pouring all my passion and time into a different path. I want to give you a heads up and invite you along for the ride. I’ve spent nearly 7 years blogging about technology and [...]

link

You can’t see it, yet it affects everyone on the web. Doing it well is the holy grail for sites like Google and Facebook but the better they get the less informed we may become. What is it? The Relevant Web. The rise of the Relevance Engine We are suffering from a digital deluge. Hundreds [...]

link

Rarely a week goes by without one of my friends losing contacts or photos due to a lost or malfunctioning iPhone so welcome to iPhone Backup 101. I’m a mobile warrior and the father of an 8 month old daughter so my iPhone data is literally priceless. I don’t take chances. You could take my [...]

link

There are thousands of sites and apps promising to keep us connected but which ones actually get the job done? I don’t need 15 ways to communicate just a shortlist that keeps my group informed and on the move. Here are 3 that I couldn’t do without. The Essentials Skype How many emails could you [...]

link