High school 20 year reunion trip

I received notice from my mother that my high school class reunion was about to occur. The reunion committee sent the notice to her house; I'm not even sure how they got her address.

I talked with my girlfriend about this and we decided to make a trip out of it. It was very last minute and I knew this would be a tough test on our relationship. BTW, did I mention that we were going to drive the 1100 miles (each way)?

We started off on Wednesday night (August 6th) after I got out of work. We made it to Las Cruces, NM were we stayed the night at my aunt and uncle's house. This is the first time for my girlfriend to meet any member of my family. My aunt wouldn't let us go to sleep till about 2am! We woke up that morning around 8am, had breakfast and took off for San Antonio, TX. We made it to SA around 4pm and checked into the Red Roof Express near downtown. This hotel was nice at a great price. The parking was plentiful and free and the Internet was also free (you needed to get a connection card to enter a daily access code). We were only about 1 block away from the Riverwalk mall and thus the Riverwalk itself.

On Thursday night, we walked the Riverwalk and ate at Cafe Ole. We had a huge plate of chicken and steak fajitas and my gf got a margarita. The margarita was awesome. We had to order another glass 'cause we downed it so quickly. After dinner, we were both so full that I thought I was going to pass out into the Riverwalk!

Friday we spent some time at the mall. I forgot to pack t-shirts and it is so humid and hot that I was kicking myself for not bringing any loose and light shirts. I bought two shirts that were on sale and one which is now one of my new favorite shirts. When we asked the sales man about the size, he mentioned that the med would be too small for me and I should get a large. He was an Asian, gayish man...and it was just funny how he said. My gf was trying to get me to buy the shirts too small so that I would end up giving them to her.


We decided to go visit Shamoo at Sea World. We spent most of the day at the park and had a bit of an issue. I wanted to ride a roller coaster that was kinda rough, but my gf decided to "just say no!". I didn't want to wait in line and ride this coaster on my own, so I was a little disappointed. When we got back to our hotel, we decided to get more margaritas at the Cafe Ole restaurant. It was ugly! We ended up not talking, arguing and just ignoring one another. When we decided to leave, I let her guide us back (remember, we are only about 1 block away from our hotel). We ended up in the worst part of the ghetto! I joked that we started seeing dead people, which just were the homeless people sleeping on the streets. But after a bit more walking, the "dead" people were no longer in sight (this was not good). We stop at a crossing which was a feed to the freeway. We waited for about 25 minutes before my gf realized that you had to press the cross button to get the cross signal to come up. REALLY? Finally a glimmer of hope. I can finally see the glowing sign of our Red Roof hotel, but we had to first cross the darkest part of the ghetto area that only had a single bar (Krazy's, I think was the name) lighting up part of an intersection.

We made it alive!

Saturday morning, we made up with the usually couples make-up routine and tried to leave for Houston. I did say "tried". My truck had a metal pin stuck in the rear right tire. I changed it in the parking garage and spent the next 5 hours trying to find a Discount Tire to replace it!!! After a long wait and $125, I had a cheap, no white label, tire mounted. Now we are really off to Houston...really.

About 2 of driving we made it to downtown Houston. The Double Tree hotel was very close by to our off ramp and the valet was impressive. We checked and and got our warm cookies. The room was "swanky" nice. The view was from the 14th floor and just as nice. We started off by working out at the hotel's gym, which was small but nice. After about 1.5 hours at the gym we got ready for the reunion party. The room was kinda small, everyone was talking to everyone and I felt a bit uncomfortable. We immediately met up with someone who called out my name. It was Steve, someone how used to work at Taco Bell with my older sister. I was a bit surprised that he was at my reunion, since I thought he graduated before me. We then got some finger foods and met some other of my old class mates (JJ, Brian, ??). We walked outside the room and we talked on our own for a bit. I ended up telling my gf about some of my dark secrets from my past. I'm not too sure this was the best thing for me to do. It ended up back firing on me during our drive back. More about that later.

We decided to leave the reunion party and walk around downtown. As we were leaving, I heard someone call out my name. It was Jeff from my class. He and his gf went outside with us to just talk. This was probably the most memorable moments of the entire trip. I learned so much about Jeff and his past. Even though Jeff and I didn't spend a lot of time together during our High School years, I spent the most time with him during this reunion.

After our talk, my gf and I decided to do that walk downtown. We found the "hot spot" and stepped into an Irish Pub and had a drink. Walking back to our hotel we ran into a lot of tall, beautiful women. We both enjoyed this walk back.

Sunday morning and now for the long ride back. We tried finally found a place to get breakfast and my gf took over the driving. OMG, this was a nice change. I really enjoyed watching the Seinfeld episodes and just dozing off. We had two arguments dealing with lack of trust on my gf's side. I tried to convince her that there was nothing going on but it just wasn't enough. This sucks. We got home around 10pm and I asked her to not spend the night at my place and for her to go home. Let the drama begin. Needless to say, it went over badly. She finally went home and we didn't speak for about a week.

I text'ed my ex-gf and told her we can still be friends and that she owed me 1/2 the cost of the hotels. She finally responded with an email that just flamed me to hell. She mentioned that she wasn't going to pay me the agreed upon hotel cost because she cooked for me in the past. Huh? I'm not playing these childish games. I guess I learned a $150 lesson.

We finally made up and now whenever she talks about this trip, she says "it wasn't that bad". I'm starting to wonder if we were both on the same trip.

Las Vegas with Silvia (July 2009)

My new girlfriend (the divorced mom from Match.com, read my previous post) mentioned that she has never been to Las Vegas, NV and I felt it was my responsibility to "de-flower" her with the Sin City.

We drove from Albuquerque, leaving early on Saturday (7/11/09). We had tickets to see Chris Angel at the Luxor that day at 7pm. I turned on TomTom to get approximate time and it said we would arive arond 7:20pm! Shit! It turned out that TomTom f'ed up the time change..?

We arrived about 1.5 hours early and registered at the Holiday Inn Express. We got a AAA discount thanks to Silvia. This hotel was nice and close to the Luxor. Breakfast was good too.

We saw the Magic show and it wasn't that great. Silvia loved it but it was just a bit cheesy. The Cirque Des Le performed with Chris Angel, which was one of the only portions that I thought was good. We bought some drinks before the show and they were AWESOME! It was kinda weird when we first got there..we were early so the place was kinda empty but we sat right next to another older couple. After talking with this man, he told me they were from San Diego and he used to work in the tech industry and now works for the San Diego Psychiatric Hospital.. "Oh really?"

Next morning we checked out and went to Downtown. Walked the Freemont mall, played some BJ at Binions (had to validate our parking) and then saw the largest (former) gold nugget at the Golden Nugget hotel. Then we went to an Ed Hardy outlet store. Silvia bought me my first and only Ed Hardy shirt. Very comfortable. She bought some Calvin Kleen underwear.

Checked into the Luxor, the line was outrageous. Got into our room in the pyramid and we had 2 beds...WTF! I asked Silvia to call the desk to fix this and they told her to call back tomorrow around 1pm. OMG, I'm starting to get pissed. She called back asking for the hotel manager. They moved us to the West Tower (upgrade). The bell boy was very helpful and we tipped him with a $20...yea biatch we're high rollers!

This is starting to get very exciting now...and for Silvia, she was exstatic! We spent much of our time at the pool drinking a ton of Pina Coladas. We got in the hot tub when it wasn't too crowded. Lots of little kids in the hot tub took away from the mood, but it was still relaxing.

We went to eat at Hooters. This was Silvia's first Hooters experience. Lots of "firsts" for her on this trip. We also went to the Hard Rock Cafe. This kinda turned out ugly. We had an argument that lasted until the next morning. We went to bed mad, well, I wasn't mad, but she wasn't talking to me and I just kept my mouth shut.

We went to various hotels to view their goodies and outrageous gimmics. The Venetian was beautiful. We bought our Crazy Horse show tickets there. That night, we got dressed to the "nines" to watch the burlesque show at the MGM. The women were perfect! Carmen did only a couple of small dances and didn't look nearly as nice as the other women. We sat next to two Russian women, a mom and daughter. The daughter had a nice black dress. The mom took a nice photo of Silvia and myself.

We planned on going on the Hoover Dam tour but it was just way too hot and I was tired. Next time.

I hope you enjoy some of these photos.....

My new Match.com match....

I've signed up with Match.com, after deciding that I have to be more active in finding that right person for me. It has been a little slow but have had a couple of real promising matches.

The first was made after only a couple of days on my new service. She was recently divorced (which ironically, most of the women on Match are) and has shared custody of their child. We started off really strong and I found myself really falling for her. This went on for a few days when she didn't have her child with her. When the week started, her child came back and I was completely shut out (well mostly, I couldn't see her during this time). I understand that she didn't want me to meet her child yet, but I felt we could have done something more to see one another.

Well, after just over a week of not seeing her, I told her we should call it quits. This was so difficult for me to do since I was CRAZY about her, but I'm a person that just needs that time with my woman. I think about that moment everyday, whether or not I made the right choice. I also felt like I was smothering her a bit since she had a lot of things on her plate.

Now, I'm seeing another woman. She is awesome. We didn't start off strong, but seem to be getting better with one another as we spend more time with one another. We had a couple of "calling it quit" moments, but we have worked thru them. She if funny, attractive, adventurous and really tries to spend as much time with me as possible. I love that! Oh, and her dad loves to play tennis, so at least him and I will have a common interest, if/when I meet with him.

She is a bit younger than me, but that doesn't seem to be an issue with us. I just hope this works out for us. I want it to work and am willing to give it a fighting chance.

I'll try to put up some pictures of her if she is ok with it..in the near future. Stay tuned!

CS591 ST 008

Lab ?

I started work on Test 4. I have given answers to #1 and #2.

A comment was made by Jed on one of the questions, I believe #3. I need to go back over the videos to see if it needs to be rephrased.

CS591 ST 008

Lab 4 (cont)

This lab objective is to send a designated string to Ta server and hopes for a "pass" message in return. Ta has a firewall active which will look for certain key words which when received will send a RST command back to the client.

I have taken the message.txt file and broken up certain key words:
antithesis
consequence
fundamentally
consequence (not found in message.txt)
illuminated
viewpoint

I created a new file called message_new.txt with all these words broken apart onto the next line. The python program reads this new file and sends these lines via sockets over port 8084.

Currently it seems that my program hangs after sending all the message text lines. I'm not sure how to print out the "Success" or "Try Again" result text. One thing I've noticed is that the server uses printf("...") to send the result message but fprintf(stdout, "...") when sending the initial question string. I'm not too sure if this is causing my program from not receiving the final output of failure or success.

If I leave the program hung up, the server eventually returns a "Too slow" message and resets the socket connection.

Here is the source code in Python:
import socket
import time

s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect(("10.0.0.3", 8084))

fd=open("message_new.txt", "r")
lines=fd.readlines()
fd.close()

#get question message
print s.recv(1024)

for l in lines:

s.send(l.strip("\n"))
time.sleep(1)

#get pass/fail message - should be "Success!"
print s.recv(1024)

s.close()

I'm assuming this is working since there is no reset while sending the text lines. I just wish I could output the result message from the server to help verify this result.

CS591 ST 008

Lab 4

I downloaded all lab 4 files and read the instructions.

I compiled the server program with gcc on my Linux machine and ran it with port 8080. On another terminal while in the folder with the message file I ran the following command:
>cat message.txt | nc 127.0.0.1 8080

and got the following response:
>What is Prof. Crandall (a.k.a. Jed, a.k.a. J-Dub, whatever you prefer)'s favorite Von Clausewitz quote?
Success!

Now I need to look into how to send raw packets in C.

CS591 ST 008

Lab 3

- What are the IP addresses of all machines on the subnet? How many are there (if you think you've found them all, e-mail me to confirm rather than wasting your time looking for more since there really aren't that many)?
Answer: 192.168.33.2, 192.168.33.80, 192.168.33.22, 192.168.33.40


- What kind of BSD distribution is the BSD server running (e.g., OpenBSD? FreeBSD? NetBSD?)? Can you tell me the exact version?
Answer: Running (JUST GUESSING) : FreeBSD 5.x|6.X (89%)
Aggressive OS guesses: FreeBSD 5.4 or 5.5 (x86) (89%), FreeBSD 6.1-RELEASE through 6.2-BETA3 (x86) (88%), FreeNAS 0.671 (runs FreeBSD 6.1-STABLE) (87%)


- What other ports is the web server listening on besides the HTTP port 80? What else can you tell me about the web server?
Answer: Discovered open port 80/tcp on 192.168.33.80
Discovered open port 22/tcp on 192.168.33.80


- Are there any other machines on the subnet besides these two servers? What can you tell me about that/those machine/machines and the firewall rules that protect it/them? Is it likely intended to be a server or a client?
Answer:


Nmap information:
Different scan types are available for different machines, firewall rules, etc. The default scan is SYN (aka Half-open scan). This sends a SYN packet to the port and listens for a SYN/ACK for an open port of receives a RST for a closed port.

Other scan types can be used where SYN doesn't work. This can be NULL, FIN, XMAS, ACK, along with other types. The NULL scan leaves the TCP header empty. The FIN sets the TCP FIN bit. The XMAS sets the FIN, PSH, and URG bits in the TCP header.

By adding the -O -v options allows Nmap to try to determine the OS type of the machine you are scanning. These flag options allow for Fingerprint (type of device..eg printer, router), Running (OS family and generation), OS details, Uptime guess, etc. to be displayed and used to determine/guess the OS in question.

Here are some example commands I have used for this Lab:
nmap -n --scan-delay 1 ls -vvv -A -PN -p22 -sT 192.168.33.2 -oG output.txt
sudo nmap -sV -O -v 192.168.33.2
sudo nmap -O -v 192.168.33.80


(References - http://nmap.org/book/man.html; http://www.cyberciti.biz/tips/linux-scanning-network-for-open-ports.html; http://www.cyberciti.biz/tips/linux-scanning-network-for-open-ports.html)

CS591 ST 008

I've spent a few hours trying to find the magic address value for i[129].

After emailing with Jed, I've looked at the dump file and tried to relate it to the server2.c file. I'm just not too sure how to read this dump file. I'm looking for an address where the size value would be pushed onto the stack.

I'm done guessing. I"ve tried just about every address that I could possibly think would be a location for the stringLength variable being passed into the Capitalize function as the last parameter. I believe once I find the location of the stack for this function call, I would then need to add 8*511 to that address to represent offset location of the last char position in the array of data..?

I'll take my 0.
This is foo-bar'ed...I haven't even started to look at the new test...uggg.

Here is what I have:
the root jail break order-
strcat(myexploit, nopsled);
strcat(myexploit, mkdir);
strcat(myexploit, chroota);
strcat(myexploit, setuidzero);
strcat(myexploit, chdirloop);
strcat(myexploit, chrootdotdot);
strcat(myexploit, doexecve);

the i[129] value:
i[129] = 0x080487d0; //note, i've tried so many values from the dump file

the magic number for the printf:
//should be JMP ESP ..... 0xff 0xe4
printf("58623\n"); //little endian, so 0xe4 0xff

Seattle, WA - Pictures..

Spent most of the day today at the Pike's Market (Farmer's Market). This is in downtown Seattle right along the water edge. Mostly food items for sale such as seafood, vegtables and fruits. But also you can find other trinket items.

Here is a picture of the front area of the Farmer's Market.













Here is a nice view outside to the water side. I walked out thru a door and said "WOW", I gotta take a picture.


















This picture is in front of the Art Museum. This statue's hammer arm goes up and down. I think they call him "Hammer Man". I just thought it was cool to see.

Seattle, WA after work...

I went to downtown Seattle last night and really didn't get to see much. I thought it would be fun to go back during the daytime...well, at least after work. Booyaa, I hit traffic; no big deal (I'm from Houston biatches).

Pictures are from my camera phone, so quality is not the best. The Space Needle in daylight and a stadium (QWest Field) somewhere in downtown. I think I'm going to have to visit the Pike's Market this weekend ("fish tossing").

Redmond, WA

I arrived in Seattle,Wa yesterday after a 3 hour flight. I was lucky enough to have my company send me out to Redmond to work with my team in person. I have been working on this team for about 5 months and never seen them in person. It is nice to put a face to those voices.

Our work site is surrounded by the Microosft campus. Actually, I have been told that they will take over the remainder of the buildings in the near future.

It is Saint Patrick's day and my co-workers didn't seem to want to go out. I'm still a bit under the weather anyway; who knows..I might find a pub anyway.

Oh, did I forget to mention, this area is full of old white people. I feel like an ambassador for the South ;-)

Redmond, WA

I arrived in Seattle,Wa yesterday after a 3 hour flight. I was lucky enough to have my company send me out to Redmond to work with my team in person. I have been working on this team for about 5 months a never seen them in person. It is nice to put a face to those voices.

Our work site is surrounded by the Microsft campus. Actually, I have been told that they will take over the remainder of the buildings in the near future.

It is Saint Patrick's day and my co-workers didn't seem to want to go out. I'm still a bit under the weather anyway; who knows..I mi

CS591 ST 008

Lab 2 (due 3/11/09)

Ok, this is what I have done so far with lab2.

1) downloaded all files for lab2
2) combed thru lab2exploit.c program
3) combed thru server2.c program
4) updatd lab2exploit.c with new order of assembly commands
5) guessed a number to use for the string size which is larger than 32768 and less than 65536
6) ssh to shasta and passwd
7) ssh to Aleph and passwd (noticed I don't have a user space for diabloo)
8) on Aleph, played with: >% nc 10.0.0.2 8084

Some issues I have had up to this point are:
1) shasta and Aleph have been down almost every time I've tried to log onto them.
2) I'm not sure what the magic number should be. I know the concept of the exploit and the number being too large will be seen as a negative number with a short int variable and thus passes the if validation. Then when the buffer is filled it will be filled passed capacity, upto the return address for when the function finishes its operation. I'm just not sure what value to use to reach this area, and when reached, should this area be filled with another address where the actual asm code is located or should the asm code occupy this area (where the RA is located)?

CS591 ST 008

Lab 1.5 (due 3/4/09)

After reading Aleph One's paper "Smashing The Stack For Fun And Profit", it seems that the buffer overflow problem can teach us much about exploits in general.

Looking at The Basic Principles of Information Protection by Saltzer and Schroeder, one design principle in particular sticks out: Economy of Mechanism. This single rule seems to play a reverse role in exploits such as Buffer Overflows. High level languages such as C, have been designed to make programming easier for the user. Libraries with functions such as strcpy() were designed to make certain tasks as easy as possible (less complication), not knowing that this will actually cause more problems than it solves.

The lessons from Saltzer and Schroeder isn't that it is good enough to implement a few of these principles but all are very important. Yes, it is important to make your implementation as least complicated as possible but it must be cognizant of underlining issues.

So how does this lesson apply to other or all/most exploits. Most exploits are played off of the idea that something is being done that was not protected against and probably never thought about. I really liked the "Puzzle for February 15, 2006" about how General William T. Sherman used the act of surprise to fight his foes. With program vulnerability, the same follows true. Programs must be written to expect the unexpected. It is never possible to make a 100% full proof program, especially as the complexity and size grows, but it should be possible to ensure the Basic Principles are being implemented to the best of the programmer's abilities.

In my own personal opinion/experience, these principles should be part of every programmer's check list or programming standards. Coding tools (ie. valgrind) should be used to automatically check for the obvious errors (eg. strcpy() vs strncpy()) and other deprecated interfaces. Sometimes, a programmer needs the experience to be able to prevent exploits in his/er code. It is often the case that this experience is not available in a team and code is written without detail knowledge of what is really happening (eg. race conditions, dead locks, etc..).

It makes me cringe when I think about defects from a peer review I have performed were rejected, with the response "...it will just take too long..". This seems to be the attitude and direction many large companies instill in their workers...at least until they get audited...? (stepping down from soap box)

CS591 ST 008

Lab 0 (due 2/25/09)

Puzzle for January 4, 2006
A student discovers a flaw in the department's computer system. To ensure that the flaw really exists, she exploits it to gain extra privileges on the system. These privileges allow her to read any file on the system, whereas without the privileges, there are files that the student cannot read.
1)Given that there were files she was not supposed to be able to read, did the student act ethically in exploiting the flaw?
2)The computer system did not provide sufficient mechanisms to prevent the student from obtaining the additional privileges. Did she "break in" (that is, breach security) or was her action not a violation of security?
3)The student reports the problem to the department chairperson, who promptly files charges against the student for breaking in. Assuming that what the student did was a violation of security, did the chairperson act ethically?

Answer(s):
1) When this student exploited the system it made her indistinguishablefrom any other hacker/threat. Her actions are considered unethical.
2) This is the common explanation for many unethical action that are computer and non computer related. The idea that "not enough" protection gives one the right to break the weak protection and possibly steal, alter, etc procted data is wrong. There may never be 100% full proof protection for computers (or other entities for that matter). When the flaw was discovered, she should have reported immediately to the system administrator. It is not her responsibility to "check" the security up to the point of criminal actions.
3) This answer to this question was a bit more difficult for me to answer. I had to look up the formal definition of "ethical". It seems to be more about what is considered right and what is considered wrong in a professional. Although this could apply to our goverened laws, it deals more with social acceptable behaviour in a particular society. I would have to say that the chairperson responded rashly and unethical. When the student approached the chairperson, he/she must have thought that this was in good faith, and probably didn't require legal action.


Puzzle for March 10, 2006
A large software company has decided to develop a secure computer system. They have requested their top designers and programmers to create a viable design, and implement it. However, sensing a large market, the president of the company has asked that the product be completed as soon as possible without sacrificing quality. The marketing folks have been presenting the design of the system under development to major corporations and government agencies, all of whom have reacted enthusiastically. All have been promised a firm ship date.
To meet this date, the programmers must complete the product quickly so it can be tested. The programming is taking more time than was initially thought, and the testing time is being reduced to enable the product to be completed and shipped on time.
The president is beginning to get nervous about the quality of code and the design of the product. You are brought in as an independent consultant, and asked to check the work done so far, and if there are problems recommend changes. You check the design, which is clearly aimed at securing network communications, and then you check the code. There are no comments, and the code is not well modularized at all. When you speak with the programmers, they complain about pressure to write code quickly and the lack of time they feel they need.
1) Given what you know from the above, what questions would you raise about the design of the secure system?
2) What would you report as being the most serious impediment to getting this product out the door? In other words, what would your report identify as being the main security concerns here?

Answer(s):
1) If the design is well formed then the code should follow to also be well formed and modularized. This means the reduction of coupling and increase of cohesion. When designing. Saltzer/Schroeder's Design Principles should be used. This can include but not limited to, Economy of Mechanism, Complete Mediation and Fail Safe. I believe that the majority of time should be spent up front on the design. This time can be from the actual implementation, but also in the reviews and verification/validation of the design. Some design tools can also take a detail design and produce a good portion of the code needed. This can help to reduce time needed in the coding phase.
2) There is always concern when only one person has a particular knowledge. It is the case that employees move on to other programs or companies. It would be benefical, to help reduce future work from different developers, to write code with well documented comments and to use a well modularized code design. Also, if possible to use an Extreme Programming style to which 2 programmers are working together. While one codes the other "shoulder browses" to ensure errors are not made. This seems to work very well, but requires that both persons be on-board at the same time.

Puzzle for February 15, 2006
Saul Alinsky illustrated one of his rules of tactics for an organizer with the following example:
“The third rule is: Whenever possible go outside of the experience of the enemy. Here you want to cause confusion, fear, and retreat.
General William T. Sherman, whose name still causes a frenzied reaction throughout the South, provided a classic example of going outside the enemy's experience. Until Sherman, military tactics and strategies were based on standard patterns. All armies had fronts, rears, flanks, lines of communication, and lines of supply. Military campaigns were aimed at such standard objectives as rolling up the flanks of the enemy army or cutting the lines of supply or lines of communication, or moving around to attack from the rear. When Sherman cut loose on his famous March to the Sea, he had no front or rear lines of supplies or any other lines. He was on the loose and living on the land. The South, confronted with this new form of military invasion, reacted with confusion, panic, terror, and collapse. Sherman swept on to inevitable victory. It was the same tactic that, years later in the early days of World War II, the Nazi Panzer tank divisions emulated in their far-flung sweeps into enemy territory, as did our own General Patton with the American Third Armored Division.”
What does this have to do with computer security?
The passage is from pages 127–128 of Saul Alinsky’s book Rules for Radicals, published by Randmm House, Inc., New York, NY, copyright 1972.

Answer(s):
This has everything to do with computer security. Attacks are made almost solely on this idea. When security is enforced, it is based on what one would expect to be performed by their attackers. In order for most attacks to be successful, it helps to perform a task, or tasks, that was completely unexpected by the security enforcers. When an attack is not anticipated, then it is hard, nearly impossible, to protect your system against it.

CS591 ST 008

Lab 1 (due 2/25/09) 2nd week

I have talked with the professor about how to solve the 16 bit k3 key in this lab.
I have written up a pseudo code to help me gather my thoughts.
Email sent back to professor with my pseudo code example.
Sent this pseudo code to the chat mail list to get feedback.
Read chapters in book dealing with DES; not helpful.
I need to spend more time looking at linear.cpp for how this is done.
Used professor's new S-boxes in code.
I think I now finally understand what I need to do to find the key, the only part that seems difficult is the linear equations.
I still don't understand how a linear equation that is correct a high percent of the time means I have a potential K3? And what good is K3 going to do us without K1 and K2. We cannot decipher the secret.ciphertext without all the keys.

I have started putting the pseudo code into a C++ program. I'm trying to reuse most of sdes16v2.cc.

CS591 ST 008

Lab 0 (due 2/4/09)

Alright, after re-reading the instructions provided by Jed, I realized that I need to write something about my experience with this CITI course.

Ok, first of all, I finished this drudgery course. I cannot for the life of me understand how learning about co-authoring applies to the Security and Privacy course. The videos provided were comical and almost worthless, but the text explanations were very well written. It did seem like they would reiterate the same thing more than needed.

Also, Peer Review and Mentoring? Really? It was good reading, since it had close ties to work I do professionally...but not sure this has much use for our class.

Some of the questions in the quizzes just seemed "off".

I think there should be a more appropriate training available.


Lab 1 (due 2/25/09) 1st week

I have taken time to study the DES structure and in detail how the F function works.
I have looked over the 8 bit DES program given to us by our instructor trying to understand exactly how it works.
I have built this program and generated my own cipher text using the plain text pdf file.
I'm really starting to appreciate the DES Feistel structure. It reminds me of the guys on the street that move the 3 cards around and ask you to pick the Ace. There is a lot of bit "shuffling", duplication and remapping.
The area I'm confused with is how do we determine a "good" choice for K3? When do you know you have a good selection? I know Jed mentioned that when we use this key with the Q value and somehow we get a 50+% parity bit of 0, then it is good? Not too sure. I'll need to come in to Jed's office hours and just do an example by hand.
NOTE: Looking at linear.cpp I realized that it wants you to run the pc.cpp file as input to it...not using a file (unless you want to "linear.out < pc_outfile.txt").
Here is the result from running the linear program using the example key of 22B8FA:
Likely candidates for subkey K3:

Subkey Deviation
-----------------
da 346
fa 346
92 258
b2 258
ea 228

NICE! FA was my key3 and it has it listed at the top.

New TV Stand

Ok....if you have been to my house in the last few months, you have probably noticed the ice chest that held my TV. I have been given grief about it from time to time with good reason. I have been looking under Craigslist and on-line. I finally decided to use my Christmas gift cards to finally buy one that I can be proud of.

This TV stand I bought from Best Buy. It was kinda expense but well designed and uses nice materials (solid wood). It also has a TV high mount that allows the TV to swivel. The nice part of this swivel is that the pivot point is protruded out far enough to prevent the edge of my TV from hitting the wall.

Here is the link if you want to read more about it.