.:Computer Defense:.

In playing with my iPad, I determined that editing code in vi via SSH just wasn't going to be possible (the on screen keyboard just doesn't work well for vi keyboard commands). That meant I had to look at AppStore alternatives. I came across two that advertised what I wanted to do; for i ($9.99) and Monkey Wrench ($6.99). Given that I'm used to Komodo IDE, which has a price tag of $245 I wasn't expecting much.

I decided to play with for i first and was impressed with a number of things. One of which was the addition of an extra row to the keyboard with most of the commonly used programming characters. This meant I wouldn't have to switch to numeric and then to symbols. It also included a tab key which was useful, since I work primarily with Python.  I wrote out a few lines of code and was happy with the speed. I couldn't type as quickly as I can on a keyboard, but I was quicker than some people I've seen attempt to write Python. Syntax highlighting, a built in web server (for file sharing), and some settings were all nice to have, along with the exceptional language support.

After I wrote out my quick demo script, I switched over to Monkey Wrench to do a comparison. The first thing I noticed was that it didn't look quite as nice. I'm not sure what it was, but it looked outdated.  What I did like about Monkey Wrench was the line numbering, however it was mostly a viewer and it felt like code editing was added as an after thought. I also didn't like that Monkey Wrench was written primarily for use with FTP and then local files were thrown in afterward. There was no need to select a language as I had in for i, I simply typed... syntax formatting need not apply right now (but it is listed as a planned future improvement). The keyboard, while it added extra characters, didn't had enough of them and coding was almost a pain (keys like = / ( and ) were missing ).

for i Pros

• Syntax Highlighting for numerous languages
• Attractive Interface
• Enhanced Keyboard
• Wifi File Sharing

for i Cons

• Lack of Line Numbering
• No SFTP support
• Copy/Paste support was extremely poor and inaccurate

Monkey Wrench Pros

• Line Numbering

Monkey Wrench Cons

• UI felt more like a viewer than an editor
• Lacking certain enhanced keyboard functionality
• No Syntax Highlighting
• Had to enter typing mode
• Wedged in a viewer and an editor instead of sharing the space for a single window.

In the end, I'll use for i for now but I'll keep both up-to-date and see what happens with them in the future. Either way, it's nice to see this type of app available... now if only Python was in the AppStore.

I experienced a ‘brief’ period of downtime ( ~24 hours) the other day on a server that I have hosted with 1and1. When I contacted them to find out about the outage, I was informed that my IP has been blackholed due to a DoS attack. I was surprised to discover that they hadn’t contacted me when they’d taken this action and, if I didn’t access my server daily, I wonder how long they would have continued to blackhole the IP. I asked for proof that my server was under attack and they sent me a snippet of the log:

12:57:25.528325 IP 64.233.180.94.53615 > 74.208.78.XXX.53:  5038 A? www.securitybloggers.net. (42)
12:57:25.586218 IP 64.233.180.94.38886 > 74.208.78.XXX.53:  27266 A? www.securitybloggers.net. (42)
12:57:25.606691 IP 64.233.180.94.50898 > 74.208.78.XXX.53:  5454 AAAA? www.securitybloggers.net. (42)
12:57:25.653284 IP 64.233.180.94.32922 > 74.208.78.XXX.53:  16830 A? www.securitybloggers.net. (42)

That IP, for those of you running to look it up, resolves to ni-out-f94.1e100.net. It turns out that 1e100.net is a Google domain. So, if I believe my hosting provider, I was DoSed by Google. I emailed 1and1 to point out that it was a Google domain and simply DNS traffic, and shortly after that my server was back up… at least in theory. In the end I had to reboot my server before it would respond… but at least I got it up at running.

Nothing exciting... just my latest pain.

This would normally go on SSLFail.com but due to a server outage, I decided to just post it here...

Tim Callan, SSL Evangelist for Verisign, has posted a brief comment that Twitter now enjoys the added cost... um... protection... of EV SSL. I decided to check this out, so I visited https://www.twitter.com and was greeted by my biggest internet pet peeve, a website where only the www or non-www version works properly.

I decided to remedy this and use https://twitter.com, however I still couldn't get any green demonstrating EV SSL

Of course, this was probably just a Firefox problem... I'll use the new kid in town, Chrome...

Hrm... now I'm confused, perhaps Firefox and Chrome both have some sort of problem, because I should be getting the glorious green that is EV SSL somewhere in my address bar. I figured I'd try Internet Explorer first though because I don't want to be accused of prematurely pointing out why Tim's comment is wrong and why EV SSL is useless.

Again, mixed content errors... this time complete with the famous IE pop-up.

Alas, all is not lost... EV SSL and the glorious green bar is available on Twitter. You simply need to provide your credentials on the page with the "broken SSL" and then, after login, you'll be presented with the wonderful green bar.

Now maybe it's just me... but it seems that this is sending the wrong message to most users.

It's been a while since I posted here (I'll add another post with links to my recent postings) but maybe this one will irritate enough people to make up for it

--

Last weekend involved more playing with my iPad and given that it’s my first Apple product since the original iPod mini, there are many things that I’d never played with. I decided that an interesting first step would be figure out why it’s so popular to jailbreak iDevices. It only took me about 30 seconds on Google to come across Spirit and the process was incredibly painless. I downloaded the app, connected my iPad and clicked Jailbreak. In a matter of minutes I had a jailbroken iPad with Cydia installed (GUI apt-get like program similar to Synaptic on Ubuntu).

Given that I spend a lot of time with Python and I’m a big fan of Metasploit and Nmap, I decided that I’d start with those apps. It was pretty impressive, to just click and install (although I did have to modify msfconsole to get it to run on its own). If I was a pentester, I’d see some serious benefits to a jailbroken iPad. However, I’m not so I continued to dig around. I had to install openssh-server and SSH into my host (there’s no terminal software for the iPad like there is for the iPhone) but that was easy enough. Now it’s time to investigate.

My biggest complaints about the iPad are:

1. Inability to play DRM wma files.
2. Inability to multitask.
3. No decent text editor.
4. No way to have portable python.

#4 was solved immediately but wouldn’t be useful without a Bluetooth keyboard and that limits the portable aspect. #1 is wishful thinking; it’s just never going to happen. That leaves #2 and #3, so we’ll explore those in more detail.

The inability to multitask is a big one for me. I’d like to have a browser and a game and email and IM open… but Mr. Jobs doesn’t want me to have that freedom. Multitasking is supposed to be one of the big things that jailbreaking gives you… I’m afraid we’ve been mislead. ProSwitcher was the first app I tried, and as soon I installed it I experienced my first stability issue… Switchboard crashed when I tried to open an app. So next I tried Multifl0w and was disappointed when the repository failed and I couldn’t try it. That left Backgrounder; which, based on what I’d read online, was my best chance. It allowed me to background applications (a partial win) however my chat still logged me off when the Window was in the background, so ultimately it was another fail. I suppose that I could have gone with full console applications, install screen and run a different console app in each window but that feels like it’s defeating the purpose of having an iPad (besides, I’ll SSH into a shell account for that functionality).

A decent text editor is something else I was excited for. I’ve recently stumbled across a source code editor in the AppStore that might solve my problems but I couldn’t bring myself to spend $10 on it just yet. In the meantime the first thought I had was ‘finally… vi’. Vi IMproved was available and I quickly installed it. It was useful but, similar to python, wasn’t overly useful without a real keyboard (the lack of ‘:’ on the main keyboard made it especially painful to use).

So all my dream iPad situations faded away but I figured I should still check to see what else was in Cydia. I have to say, I was impressed… Impressed by the sheer amount of crap that existed. I couldn’t find any useful functionality. There was software that would make the annoying mosquito sound (that’s only heard by people under 30) and software that allowed you to “shake body parts” and even software that simulated Bluetooth functionality. It didn’t give you Bluetooth functionality… It just looked like it was doing something. No software to add DUN support so that I could tether with my Blackberry. No cool office suites or useful tools, just a whole lot of useless, mindless programs.

Needless to say, my jailbroken iPad lasted less than 2 hours, at that point I did a full restore of the original OS and I’m happy that I did it. In those two hours I had the iPad crash once and Springboard about a half dozen times. I found no useful software and couldn’t accomplish any of the tasks I wanted to.

Should Python ever make it into the AppStore, even with a price tag, I’ll happily pay for it but I’m going to stick with my iPad in its default configuration. Should I ever get into pentesting, I’d probably change my mind, but it just doesn’t seem useful for anyone else to even consider.