[ Beneath the Waves ]
Health Burdock Gean!

I've been incredibly busy for the last 14 months (I guess that's what happens when you go into information security as a career), but here are a few updates:

There will be more sooner or later.

RMR ("Armour") Codes

A small update to mention a side-project I worked on earlier this year: Robust Machine Readable Codes - a 2D marking system with high levels of redundancy which is suitable for being stencil-painted (among other things).

Motorola Is Listening

The first security-related research I've done outside of work, and can therefore discuss publicly :). Motorola Is Listening, and the Python-based man-in-the-middle exploit (XMPPPeek) I developed as part of doing that research.


Motorola Is Listening certainly got a lot more attention than I expected. I've added a minor note near the top because a lot of the discussion I've seen is around the "MotoBlur" user interface, which the phone I used (the Droid X2) does not include.

I've also added a link to the UVIR Optics eBay store on the Filters page. They have some really nice filters available made out of hard-to-find (at least in the US) glass, and the prices are quite low.

Uh oh

I realized something while I was in the shower this morning - there may be a more serious security issue exposed by the mechanisms described in the Motorola Is Listening article. I've added a note near the top to this effect. It's entirely theoretical at this point, but I wanted to throw it out there in case anyone has more time to actively research this.

The hits keep coming

Another update to the Motorola Is Listening article - looks like I failed to notice an authentication-related problem until now.

A few more updates to the Motorola article

Added a bit more information and a table-of-contents to the Motorola Is Listening article.

DIY traffic-intercepting Linux VM build guide

As promised in the Motorola Is Listening and XMPPPeek articles, I've created a guide to building the type of Linux VM that I used for my testing: Multipurpose Man-in-the-Middle VM.

Some corrections and minor updates have been made to the XMPPPeek and Motorola Is Listening articles as well.

MitM VM build guide updates/corrections

I've made a few corrections and additions to the Multipurpose Man-in-the-Middle VM writeup. I'd forgotten to include the steps for manually chaining SSL certificates together when performing a custom MitM (e.g. for XMPP communication and socat), and I've updated the troubleshooting steps I had to use to get the network configuration to "stick" on one of my VMs.

I've also updated the traffic-forwarding scripts that are included with XMPPPeek.

Further updates to the Motorola article

I managed to track down the location-data-collecting component of Motorola's software on my phone - but before you get too excited, it was not enabled at the time. It's called "Little Sister", and I've added a section on it and a few other updates to the Motorola Is Listening article. I've also added a description of the hack/workaround I've used on my own device to prevent it from communicating with Motorola.

In the process of testing that hack/workaround, I learned something about HTTP proxies. Maybe it's common knowledge in some circles, but I sure hadn't run across it before. The details are in the HTTP Proxies and Loopback Addresses article.

I've made some minor corrections to the Multipurpose Man-in-the-Middle VM article as well, so if you've been giving that a shot and have run into trouble, those updates may help.

Looks like I forgot to actually upload the updated version of the XMPPPeek HTML file that included a link to the package with updated traffic-forwarding scripts. Sorry about that. It's been corrected.

[ Page Icon ]