Tuesday, October 28, 2014

Nerd News: Dell Alienware external Graphics option

I've been interested in external GPU (eGPU) for some time, for all my posts on that click eGPU Label,since laptops are far more practical when you have to travel, but I don't care for 8+ lbs (4+ kilo) gaming laptops.

Heavy laptops like that aren't much more portable than some desktops, I helped a Nerd buddy drag his desktop around to many events when I was in high school.

So real interested in news from Dell Alienware about their "Graphics Amplifier", an external GPU bay designed to pair with their new 13" laptop.

Links to the eGPU:

Link to 13" Alienware laptop info:

Monday, October 27, 2014

Starcraft 2 Thoughts: Roach Baneling vs Terran

Symbol (Z) vs Flash (T)

Very nice Zerg play!

A few significant choices Symbol made worth pointing out IMO:
  • In his first attack, he made a point to focus down 4 Supply Depots (3 at third base, & 1 at wall in Natural), this supply blocked Terran for a bit.
  • He also destroyed the 2 Ebays that were part of the front wall.
  • He immediately withdrew after accomplishing these limited objectives (ie he didn't overextend).

I've blogged before about how strong Roach & Banelings with Air Support can be, see this TLO vs Satini game http://cliffsesportcorner.blogspot.com/2012/02/tlo-vs-satini.html, though I tend to favor Corrupters over the Mutas used here.

I prefer Corrupters because I feel they are more cost efficient vs Terran than Mutas.

Six (6) Corrupters will 2 shot Medivacs, so 6 to 12 Corrupters in early game, and in mid or late game Broodlords can be much more useful than Mutas.

Midgame I would use them more for harassment on certain maps that have dead air space behind bases.

You can fly 1 or 2 Corrupters behind a Terran base, and then upgrade them to Broodlord.

If you do that to 2 bases at same time, and have a Nydus network, you can drop Nydus in weak or undefended base with Broodlings providing vision & cover for Nydus.

Just click on the Starcraft 2 Thoughts Label for more posts like this, more Labels can be found at bottom left of every post and in Label cloud at left side of Blog.

IEM 2014 San Jose: Catz vs Creature

Interesting series
Catz (Z) vs Creature (P)

Monday, October 6, 2014

Nerd News: "Silk Road Lawyers Poke Holes in FBI’s Story"

Brian Krebs has an interesting article up,  http://krebsonsecurity.com/2014/10/silk-road-lawyers-poke-holes-in-fbis-story/, about the trial of alleged leader of Silk Road.

Short version, government's explanation for how they found the hidden servers appears to be BS.

This seems like they are hiding real way & means that they discovered the information.

Which, though IANAL, isn't legal as I understand it, in US Trials, there is a step called "Discovery" see http://www.americanbar.org/groups/public_education/resources/law_related_education_network/how_courts_work/discovery.html & http://en.wikipedia.org/wiki/Civil_discovery_under_United_States_federal_law.

So unlike TV or Movie Courtroom drama, there isn't surprise evidence introduced in the middle of the trial.

There are several reasons why information isn't supposed to be hidden during Discovery.

Discovery reduces wasting time, Judges generally have more cases than they can get to in any given time period, so as a practical matter, parties are encouraged to settle before Court date.

It also reduces some types of false testimony & evidence, or at least makes it easier to illuminate that it is occurring.

Friday, September 19, 2014

Security & Hacking: Apple iOS 8 & Data Extraction

People have been citing a statement on this page http://www.apple.com/privacy/government-information-requests/ as proof that with iOS 8 Apple can't extract data from devices secured with a passcode.

I don't think most people are reading Apple's statement with a critical enough mindset, here is last part of what Apple actually wrote about data extraction:

"So it's not technically feasible for us to respond to government warrants for the extraction of this data from devices in their possession running iOS 8."

The key part is "extraction of this data from devices in their [government] possession running iOS 8." Note my bolded emphasis.

What Apple is really saying, I think, is just like iOS 7 Apple needs devices in their possession to extract data, they can't do it remotely and didn't provide government agencies with the tools to do so either.

Here is a snippet from Apple's page Legal Process Guidelines U.S. Law EnforcementImportant Note, the original link "https://www.apple.com/legal/more-resources/law-enforcement/" to this information at Apple gets redirected to "https://www.apple.com/privacy/government-information-requests/" now, so if you don't have a copy of original page you will need to find cached version to verify:
 " I. Extracting Data from Passcode Locked iOS Devices
 Upon receipt of a valid search warrant, Apple can extract certain categories of active data from passcode locked iOS devices. Specifically, the user generated active files on an iOS device that are contained in Apple’s native apps and for which the data is not encrypted using the passcode (“user generated active files”), can be extracted and provided to law enforcement on external media. Apple can perform this data extraction process on iOS devices running iOS 4 or more recent versions of iOS. Please note the only categories of user generated active files that can be provided to law enforcement, pursuant to a valid search warrant, are: SMS, photos, videos, contacts, audio recording, and call history. Apple cannot provide: email, calendar entries, or any third-party App data." 

And from the FAQ section of that page:
"Can Apple provide me with the passcode of an iOS device that is currently locked?
No, Apple does not have access to a user’s passcode but may be able to extract some data from a locked device with a valid search warrant as described in the Guidelines."
So what it seems like to me, is that iOS 8 offers at best same protection as earlier versions, Apple can still extract data from from devices in their possession, though they worked hard to write a factually accurate statement that was misleading.

I also haven't noticed any comments about data from the coprocessor that tracks movement and other data on iPhone 5S and newer, even when phone is sleeping.

Additional Links of Interests:

Thursday, September 11, 2014

Tuesday, August 12, 2014

Nerd News: LastPass Back Up

LastPass has been down for a while, but according to LastPass and other reports it should be back up, though there may still be some issues.

Sounds like they only use 2 datacenters, or maybe even only single primary one with a "backup".
"Update: 1:28 pm EST

Though one of our data centers remains completely down, the service is generally stable and should be available to the majority of users (with the exception of login favicons). Some users may see connection errors but should still be able to access their data. We continue to work as quickly as possible to get the service back to 100%. "
       Source http://blog.lastpass.com/

"Aug 12, 2014 - One of LastPass' datacenters has been down since 3:57am EDT. The service is now running fully off one Herndon VA datacenter and we have been engaged with our provider all morning. Currently favicons/sprites are impacted. We are doing what we can to minimize the impact and apologize for the inconvenience. "

       Source https://lastpass.com/status.php

Also http://www.isitdownrightnow.com/lastpass.com.html 

For LastPass users that want an offline solution to prevent this type of problem in future consider LastPass Pocket

This is LastPass link specifically about offline access https://helpdesk.lastpass.com/password-manager-basics/your-lastpass-vault/offline-access-to-your-lastpass-vault/ 

Monday, August 11, 2014

Def Con 21: "Pentesting with an Army of Low-power Low-cost Devices"

Couldn't go to Def Con 22, waiting for vods to come out, so started watching some of the Def Con 21 Youtubes in the meanwhile.

I like this one about Pen Testing with cheap Arm devices by Dr. Philip Polstra aka Dr. Phil the Hacker his Twitter is ppolstra | https://twitter.com/ppolstra.

He uses the BeagleBoard Black as the starting point for his hardware.

Some useful links:
For new readers of my blog, I have labels at bottom left of every post & selected labels at left side of the blog to help find related posts.

These labels can be booked marked so you can just check topics your interested in, so for more posts like this you could click on: