The beginners guide to breaking website security with nothing more than a Pineapple

Posted on by

What you’re looking at in the image above is a little device about the size of a cigarette packet running a piece of firmware known as “Jasager” (which over in Germany means “The Yes Man”) based on OpenWrt (think of it as Linux for embedded devices). Selling for only $100, it packs Wi-Fi capabilities, a USB jack, a couple of RJ45 Ethernet connectors and implements a kernal mode wireless feature known as “Karma”.

via Troy Hunt: The beginners guide to breaking website security with nothing more than a Pineapple.

But why on earth would a victim connect to the Pineapple in the first place?! Well firstly, we’ve become alarmingly accustomed to connecting to random wireless access points whilst we’re out and about. When the average person is at the airport waiting for a flight and sees an SSID named “Free Airport Wi-Fi”, what are they going to do? Assume it’s an attacker’s honeypot and stay away from it or believe that it’s free airport Wi-Fi and dive right in? Exactly.

Ubiquiti Networks, Inc.

Posted on by

Ubiquiti Networks (NASDAQ: UBNT) is closing the digital divide by building network communication platforms for everyone and everywhere. With over 10 million devices deployed in over 180 countries, Ubiquiti is transforming under-networked businesses and communities. Our leading edge platforms, airMAX™, UniFi™, airFiber™, airVision™, mFi™ and EdgeMAX™ combine innovative technology, disruptive price performance and the support of a global user community to eliminate barriers to connectivity.

via About Us | Ubiquiti Networks, Inc..

Ubiquiti is a competitor of Ruckus wireless.  Here’s an interesting review using some of Ruckus’ products.

Another competitor is Xirrus.  And also Aruba and of course Cisco.

Inside Major League Baseball’s “Hypothesis Machine”

Posted on by

Baseball data, over 95% of which has been created over the last five years, will continue to mount—leading MLB decision-makers to invest in more powerful analytics tools. While there are plenty of business intelligence and database options, teams are now looking to supercomputing—or at least, the spawn of HPC—to help them gain the competitive edge.

via Inside Major League Baseball’s “Hypothesis Machine”.

Please.  The problem with current baseball analytics isn’t the deluge of data, it’s the deluge of crackpot theories that add more and more irrelevant variables to the mix.  Most baseball analytics misuse mathematics and created by people who are simply selling a website.

Speaking of selling a website; is this a good place to introduce the sister site to bucktownbell.com?  🙂

baseball.brandylion.com

All data in above data model crunched using perl,awk, and bash on a standard PC.  Baseball is not that complicated where it requires a supercomputer to crunch historical or current season data.  More  from the article…

He explained that what teams, just like governments and drug development researchers, are looking for is a “hypothesis machine” that will allow them to integrate multiple, deep data wells and pose several questions against the same data.

Washington University team builds out prototype to win first GlobalHack

Posted on by

Each team had to create an application that scores and weighs sales opportunities in Salesforce according to an algorithm, then displays the ranked opportunities in a graphical user interface.

Gabe Lozano, co-founder of the event and CEO at LockerDome, told Silicon Prairie News that the team built out all of the UI/UX, integrated it with Salesforce and created a prototype-grade algorithm within the 48-hour window. As a result, TopOPPS is going to expand upon the team’s work for the earliest versions of its software.

via Washington University team builds out prototype to win first GlobalHack – Silicon Prairie News.

Virtual AGC Home Page

Posted on by

The Apollo spacecraft used for lunar missions in the late 1960’s and early 1970’s was really two different spacecraft, the Command Module (CM) and the Lunar Module (LM).  The CM was used to get the three astronauts to the moon, and back again.  The LM was used to land two of the astronauts on the moon while the third astronaut remained in the CM, in orbit around the moon.

via Virtual AGC Home Page.

The Virtual AGC project provides a virtual machine which simulates the AGC, the DSKY, and some other portions of the guidance system.  In other words, if the virtual machine—which we call yaAGC—is given the same software which was originally run by the real AGCs, and is fed the same input signals encountered by the real AGCs during Apollo missions, then it will responds in the same way as the real AGCs did.  The Virtual AGC software is free of charge, can be obtained for Windows, Mac OS X, Linux, or as open source software source code so that it can be studied or modified.

What Michael Lewis Gets Wrong About High-Frequency Trading

Posted on by

The idea that retail investors are losing out to sophisticated speed traders is an old claim in the debate over HFT, and it’s pretty much been discredited. Speed traders aren’t competing against the ETrade guy, they’re competing with each other to fill the ETrade guy’s order. While Lewis does an admirable job in the book of burrowing into the ridiculously complicated system of how orders get routed, he misses badly by making this assumption.

via What Michael Lewis Gets Wrong About High-Frequency Trading – Businessweek.

Turkey Hijacking IP addresses for popular Global DNS providers

Posted on by

BGP hijack
Using the Turk Telekom looking glass we can see that AS9121 (Turk Telekom) has specific /32 routes for these IP addresses. Since this is the most specific route possible for an IPv4 address, this route will always be selected and the result is that traffic for this IP address is sent to this new bogus route.

via Turkey Hijacking IP addresses for popular Global DNS providers.

Intel unveils tiny $99 MinnowBoard Max open SBC

Posted on by

The MinnowBoard Max will go on sale early in the third quarter. Two versions will be offered initially: a $99 entry-level model, with a 1.46GHz single-core E3815 SoC and 1GB RAM; and a $129 model, equipped with a 1.33GHz dual-core E3825 SoC and 2GB RAM. Additional details will soon be available at Minnowboard.org as well as at CircuitCo’s MinnowBoard product page.

via Intel unveils tiny $99 MinnowBoard Max open SBC ·  LinuxGizmos.com.

An Adaptation From ‘Flash Boys: A Wall Street Revolt,’

Posted on by

The trouble with the stock market — with all of the public and private exchanges — was that they were fantastically gameable, and had been gamed: first by clever guys in small shops, and then by prop traders who moved inside the big Wall Street banks. That was the problem, Puz thought. From the point of view of the most sophisticated traders, the stock market wasn’t a mechanism for channeling capital to productive enterprise but a puzzle to be solved. “Investing shouldn’t be about gaming a system,” he says. “It should be about something else.”

via An Adaptation From ‘Flash Boys: A Wall Street Revolt,’ by Michael Lewis – NYTimes.com.

The same system that once gave us subprime-mortgage collateralized debt obligations no investor could possibly truly understand now gave us stock-market trades involving fractions of a penny that occurred at unsafe speeds using order types that no investor could possibly truly understand. That is why Brad Katsuyama’s desire to explain things so that others would understand was so seditious. He attacked the newly automated financial system at its core, where the money was made from its incomprehensibility.

Update:  For some highly technical information on High Frequency Trading I was pointed to this set of articles from ACM, Association of Computing Machinery.

Software upgrade at 655 million kilometres

Posted on by

Although Rosetta and MIDAS spent 957 days in hibernation, the MIDAS team back on Earth were busy learning how best to use MIDAS with tests on the Flight Spare (the identical twin instrument). As a result we have made a number of tweaks and enhancements to the software ready for our encounter with comet 67P/CG. After the passive checkout we know that we’re in good shape, so the next step is to upload and apply the software patches. The new software was tested both on the Flight Spare and on an instrument/processor simulator developed by the institute.

via Software upgrade at 655 million kilometres | Rosetta – ESA’s comet chaser.