Dave's Blog page 45

Search
My timeline on Mastodon

math - What is JavaScript's Max Int? What's the highest Integer value a Number can go to without losing precision? - Stack Overflow

2013 Feb 5, 11:23

In JavaScript numbers are 64bit floating point numbers which have 53 bits of mantissa. That means you can accurately represent [-2^53, 2^53] as integers in JavaScript. Aka [-9007199254740992, 9007199254740992].

PermalinkCommentsjavascript math integer technical programming

Retweet of TriciaLockwood

2013 Jan 9, 1:45
.@parisreview So is Paris any good or not
PermalinkComments

laughingsquid: The Truth About Phones on Airplanes

2013 Jan 7, 11:57


laughingsquid:

The Truth About Phones on Airplanes

PermalinkComments

How To Screen Capture on the Microsoft Surface RT - Surface...

2013 Jan 7, 11:44


How To Screen Capture on the Microsoft Surface RT - Surface Geeks Surface Geeks

tl;dr: hold windows logo on the surface (not keyboard) and press volume down button on the surface

PermalinkCommentstechnical surface windows

laughingsquid: Stick-N-Find, Tiny Bluetooth Stickers Help You...

2013 Jan 4, 5:35


laughingsquid:

Stick-N-Find, Tiny Bluetooth Stickers Help You Keep Track of Things

PermalinkComments

laughingsquid: Blind Man Shows How Blind People Use Instagram

2013 Jan 4, 5:34


laughingsquid:

Blind Man Shows How Blind People Use Instagram

PermalinkComments

thefrogman: Peanuts / Army of Darkness (Evil Dead III) tribute...

2012 Dec 27, 7:15


thefrogman:

Peanuts / Army of Darkness (Evil Dead III) tribute by Justin Hillgrove [website]

PermalinkCommentshumor peanuts army-of-darkness zombie

John Hodgman’s Apocalypse Survival 101 (by thnkrtv)

2012 Dec 17, 9:11


John Hodgman’s Apocalypse Survival 101 (by thnkrtv)

PermalinkCommentshumor video john-hodgman apocalypse

Stripe CTF - Level 8

2012 Dec 7, 2:07
Level 8 of the Stripe CTF is a password server that returns success: true if and only if the password provided matches the password stored directly via a RESTful API and optionally indirectly via a callback URI. The solution is side channel attack like a timing attack but with ports instead of time.

(I found this in my drafts folder and had intended to post a while ago.)

Code

    def nextServerCallback(self, data):
parsed_data = json.loads(data)
# Chunk was wrong!
if not parsed_data['success']:
# Defend against timing attacks
remaining_time = self.expectedRemainingTime()
self.log_info('Going to wait %s seconds before responding' %
remaining_time)
reactor.callLater(remaining_time, self.sendResult, False)
return

self.checkNext()

Issue

The password server breaks the target password into four pieces and stores each on a different server. When a password request is sent to the main server it makes requests to the sub-servers for each part of the password request. It does this in series and if any part fails, then it stops midway through. Password requests may also be made with corresponding URI callbacks and after the server decides on the password makes an HTTP request on the provided URI callbacks saying if the password was success: true or false.
A timing attack looks at how long it took for a password to be rejected and longer times could mean a longer prefix of the password was correct allowing for a directed brute force attack. Timing attacks are prevented in this case by code on the password server that attempts to wait the same amount of time, even if the first sub-server responds with false. However, the server uses sequential outgoing port numbers shared between the requests to the sub-servers and the callback URIs. Accordingly, we can examine the port numbers on our callback URIs to direct a brute force attack.
If the password provided is totally incorrect then the password server will contact one sub-server and then your callback URI. So if you see the remote server's port number go up by two when requesting your callback URI, you know the password is totally incorrect. If by three then you know the first fourth of the password is correct and the rest is incorrect. If by four then two fourths of the password is correct. If by five then four sub-servers were contacted so you need to rely on the actual content of the callback URI request of 'success: true' or 'false' since you can't tell from the port change if the password was totally correct or not.
The trick in the real world is false positives. The port numbers are sequential over the system, so if the password server is the only thing making outgoing requests then its port numbers will also be sequential, however other things on the system can interrupt this. This means that the password server could contact three sub-servers and normally you'd see the port number increase by four, but really it could increase by four or more because of other things running on the system. To counteract this I ran in cycles: brute forcing the first fourth of the password and removing any entry that gets a two port increase and keeping all others. Eventually I could remove all but the correct first fourth of the password. And so on for the next parts of the password.
I wrote my app to brute force this in Python. This was my first time writing Python code so it is not pretty.
PermalinkCommentsbrute-force password python side-channel technical web

Windows Remote Desktop via Internet

2012 Dec 7, 2:04
To setup my home Windows dev box to be accessible from outside I followed two main steps:
Last time I had to do this there was a service named dynamicdns.org which seems to still exist but no longer appears to be free. Instead I used dnsdynamic.org which is free and has a web API as well as links to and instructions for setting up native tools to dynamically update my IP address.
PermalinkComments

laughingsquid: Solitaire.exe, A Real Deck of Cards Inspired by...

2012 Nov 19, 4:56


laughingsquid:

Solitaire.exe, A Real Deck of Cards Inspired by the Windows 98 Solitaire PC Game

PermalinkCommentshumor solitare game cards windows

laughingsquid: Windows 95 Tips, Tricks, and Tweaks Some very...

2012 Nov 14, 5:39


laughingsquid:

Windows 95 Tips, Tricks, and Tweaks

Some very H. P. Lovecraft style redesigns of some classic Win95 UI.

PermalinkCommentshorror humor windows windows-95

The best cosplay of all time (by RayLiehm) Awesome car...

2012 Nov 14, 5:16


The best cosplay of all time (by RayLiehm)

Awesome car dealership wavy tube thingy costume.

PermalinkCommentshumor costume wavy video

A Slower Speed of Light Official Trailer — MIT Game Lab (by...

2012 Nov 13, 7:41


A Slower Speed of Light Official Trailer — MIT Game Lab (by Steven Schirra)

“A Slower Speed of Light is a first-person game in which players navigate a 3D space while picking up orbs that reduce the speed of light in increments. A custom-built, open-source relativistic graphics engine allows the speed of light in the game to approach the player’s own maximum walking speed. Visual effects of special relativity gradually become apparent to the player, increasing the challenge of gameplay. These effects, rendered in realtime to vertex accuracy, include the Doppler effect; the searchlight effect; time dilation; Lorentz transformation; and the runtime effect.

A production of the MIT Game Lab.

Play now for Mac and PC! http://gamelab.mit.edu/games/a-slower-speed-of-light/

PermalinkCommentsscience game video-game mit 3d light-speed

Visitor Tracking Without Cookies (or How To Abuse HTTP 301s) (scatmania.org)

2012 Nov 11, 1:26

Moral: laws should cover behavior not specific technologies. The implementation can change, laws shouldn’t take such dependencies.

PermalinkCommentshttp law legal technical 301 cookie privacy

thebluthcompany: Hey, guys, remember this? Please don’t forget...

2012 Nov 7, 6:06




thebluthcompany:

Hey, guys, remember this?

Please don’t forget to go out and vote! Find you polling place here.


Voting complete. Now we get more Arrested Development.

PermalinkCommentshumor vote election obama arrested-development

NOAA FAQ - "Why don't we try to destroy tropical cyclones by nuking them?"

2012 Nov 5, 5:28

This sounds like an Onion article but is actually a real article on NOAA’s website describing why we can’t use nukes to destroy tropical storms. This in the frequently asked questions.

PermalinkCommentshumor storm nuke noaa

Mario 3 recreated with CSS3 animations and media queries (mozilla.org)

2012 Nov 1, 2:48PermalinkCommentscss animation Mario smb3 video-game

(via Comedy: Great Job, Internet!: Here’s Patton...

2012 Oct 31, 6:47


(via Comedy: Great Job, Internet!: Here’s Patton Oswalt’s Halloween costume)

PermalinkCommentsadam-savage patton-oswalt spider-man Halloween

(via Real Myst “linking book”)

2012 Oct 30, 1:33


(via Real Myst “linking book”)

PermalinkCommentsgame humor video-game link book myst
Older EntriesNewer Entries Creative Commons License Some rights reserved.