Yesterday I spent the day at Embedded World in Nuernbeg. Embedded World is quite small (no comparison with CeBIT) so it was not very crowed and therefore not too stressful. I really like small computers so I had a good time looking at stuff you only know from catalogues or web-shops. Some of the designs were even smaller then I thought. Since yesterday was the last day of the exhibition the exhibitors seem to be more generous with giveaways so I got some cool stuff for free. Maybe it is like this on every day of Embedded World.
Some guys from Princeton found a way to defeat disk encryption systems by extracting the key from the memory of a computer/laptop. While this is not really new (other people did that before), their way is quite cool. They remove the RAM module from the computer and read it in a other computer in order to do this without loosing the content of the RAM module they freeze the RAM module and with freeze they really mean freeze.
Check out the demo video.
Their paper explains it in all details. Read it if you use disk encryption and feel safe.
[1] Cold Boot Attacks on Encryption Keys (paper, video, faq, ...)
I have a N810 since Wednesday so here is my micro review.
Good:
- The Keyboard, I really love it. I noticed that I use it a lot (for everything possible).
- Hardware buttons. Screen maximize/minimize moved to the left. New screen-lock button. This is really improves usability, excellent!
- Look-and-feel, pretty awesome.
- Speakers, they make NOISE!!1
Bad:
- GPS fix time, almost unusable.
- Mini SD slot. Is there really not enough space to put in a normal-sized SD/MMC slot?
- Micro-USB, WTF?
- The keyboard layout, missing symbols (pipe and tab). See solution below.
In order to make the device hacker compatible one needs to modify the keyboard layout and at least add a PIPE and a TAB key. This can be easily done by editing the X11 keyboard layout. Mike Rowehl: This is Mobility had some small discussion in his blog. For now I made TAB to be Fn-Space and PIPE to be Shift-Minus. This way I don't loose either Euro nor Sterling/Pound.
Some must haves:
Configuration:update-rc.d -f metalayer-crawler0 remove (this thing sucks!)
gconftool -s -t string /system/osso/connectivity/IAP/DEFAULT/type DUMMY (you need this to play with the network)
Software:Statusbar Load-Applet (CPU and MEM usage)
IpHome Home Applet (show IP address)
Important command line utils: SSH, mtr, bluez-utils, nmap, socat, wireless-tools, dsniff, ...
New stuff I've been thinking about: Location Home-applet, shows current position (maybe with street name lookup). Temperature Home-applet (see internal-temp app). New hardware-keyboard-based version of xkbd-bthid, also I need to support Windows and MacOSX (this will take some time).
Any comments or ideas for applications?
Yea! I finally have a Nokia N810. I haven't done much yet since I was kind of busy the whole day. What I can say so far is: I like the keyboard.
More in the coming days.
Many thanks to my sponsor :-)
Somebody or some group seems to have found a exploitable buffer overflow in the iPhone's baseband processor. The baseband processor is the subsystem of the phone that talks to the GSM network. The overflow seems to be in the SIM Toolkit manager.
The exploit lets one upload code into the baseband, so one could insert some application into your iPhones baseband. The this application would be mostly undetectable since the memory can not be read from the application processor.
Lets see what happens with this little thing...
Source:From: steve To: gsm@lists.segfault.net Subject: [gsm] JerrySIM -> Executing shellcode on the iPhone baseband Hi, JerrySIM leaked yesterday. It was posted here: http://code.google.com/p/iphone-elite/wiki/JerrySim The exploit code has been removed shortly after but google cached it already :/ It's out. The program exploits a bug in the SIM Toolkit manager (which is running on the baseband) and thus enables the execution of shellcode directly on the baseband. This is good work. This has the potential to turn the iPhone into a listening device. It still requires a lot of work and I do not know if any of the iPhone hackers is working on it. regards, steve[1] code.google.com/p/iphone-elite/wiki/JerrySim
[2] Exploit code from Google cache