Wednesday, November 10, 2010
2:04 PM
"Easy being green, it is not."
I'll confess right here that I grew up a Star Trek fan and if you let me, could bore you with an endless stream of Trek trivia that would make you squirm with embarrassment. Hell, it would make me squirm with embarrassment, but it's my gift and my curse, I guess. That said, I did enjoy the Star Wars films. Well the first two, anyway. Especially The Empire Strikes Back, which is one of the best science fiction action adventures ever filmed. (Really though, have there been that many?) Anyway, I was invited to be a part of Star Wars, Visions, a truly wonderful collection of Star Wars images created by a wide variety of artists from many genres. No art direction was given whatsoever and the artist was left free to create whatever homage, reinterpretation or visual joke he or she felt inspired to do.
Whenever I get an assignment, especially such a wide open one, I begin to free-associate and see what connections my frayed synapses can make.
Below is a short ride on my train of thought:
'hmmm ...
Yoda...
he would be good to draw... and he was actually a puppet, wasn't he?
No, he was a muppet! And he was green, too.
I love muppets.
I wonder what I'll have for lunch...
Wait a minute! Wasn't Kermit the frog a muppet, too?
Wait! Wait! He was a GREEN muppet!
And they both lived in swamps!
What if they knew each other?
What if they actually hung out together??!!
Maybe I'll have a tuna sandwich...'
BlackSheep - A Tool to Detect Firesheep
UPDATE: an new version is available
UPDATE: BlackSheep for Linux is available here
UPDATE: If you use FileVault on MacOSX, you might be prompted for a password. See this thread for more information.
You've probably all heard of Firesheep by now, a Firefox add-on which lets anyone hijack a user's session to various popular web applications when they're using an open wireless network. While sniffing/stealing session credentials is nothing new, Firesheep exposes this capability to the masses by automating the process so that absolutely no technical know-how is required. Unfortunately, it is actually quite difficult to defend against Firesheep because most sites only permit SSL connections during the initial login, not while surfing other pages. As such, while your username and password are encrypted, your session ID is available to all other machines on the same network.
In a previous post, Mike showed how to detect the use of Firesheep on a local network by using Wireshark and Scapy. Well, today, we're releasing a new Firefox add-on which makes the detection of FireSheep available to everyone and we're calling it BlackSheep!
 |
| BlackSheep installed |
BlackSheep is a Firefox add-on which warns users if someone is using Firesheep on their network. It also indicates the IP address of the machine that is spying on you.
 |
| BlackSheep warns that someone is using FireSheep |
How BlackSheep works
To understand how BlackSheep works, we first need to understand the details of FireSheep. FireSheep listens to the HTTP traffic on port 80. When it identifies a transaction to a known site (Facebook, Google, Yahoo!, etc.), it looks for specific cookie values which are then used to identify a specific user. This phase of the attack cannot be detected as it is done passively.
When FireSheep identifies a user session, it then makes a request to the same site using the user's cookie values in order to retrieve user information such as their name, picture, etc. This active network activity is however visible to others on the local network.
BlackSheep detects the active connection made by Firesheep. It does this by making HTTP requests to random sites handled by FireSheep every 5 minutes (configurable) with fake values. BlackSheep then listens to all HTTP requests on the network to detect if somebody else is using the same fake values.
Use Firesheep to combat.... Firesheep!
BlackSheep is based on the FireSheep source code. It reuses the same network listening back-end and the list of sites and corresponding cookies, etc. This ensures that the fake traffic generated by BlackSheep is what Firesheep is expecting.
BlackSheep in action
First, install BlackSheep here. If you already have FireSheep installed, make sure it is disabled, otherwise BlackSheep will detect that you are using FireSheep.
Then select the correct network interface in the options menu (same as FireSheep).
 |
| BlackSheep preferences menu |
By default, BlackSheep generates fake traffic every 5 minutes. You can change this value in the option settings.
If Firesheep is detected, you will see the following warning in your current browser tab.
|
| BlackSheep notification |
Finally, here is a video of BlackSheep in action.
Surf safe!
Requirements
In order to install BlackSheep, you need:
- Mac OS X: 10.5 or newer on an Intel processor.
- Windows: XP or newer. Install Winpcap first!
- Linux: available here
- Firefox: 3.5 or newer. 32-bit only.
-- Julien
The Placebo Effect Not Just On Drugs
Read more of this story at Slashdot.
Chart Of The Day
Canadian Kamel Makhloufi has designed a pair of arresting graphs:
Each pixel represents a death: U.S. soldiers blue, Iraqi troops green, enemies grey, and civilians orange.
Nicaraguan Invasion? Blame Google Maps
An embarrassing error on Google Maps has been blamed for Nicaragua’s accidental invasion of Costa Rica. Last week, Nicaraguan troops crossed the border, took down a Costa Rican flag and defiantly raised their own flag on Costa Rican turf.
But the troops’ commander, Eden Pastora, told a Costa Rican newspaper, La Nacion, that his invasion was not his fault, because Google Maps mistakenly said the territory belonged to Nicaragua. Government officials in Nicaragua have also blamed a “bug in Google” for the error.
Now, the Organization of American States and UN Security Council are being called in to mediate the dispute, and find a solution to the problem caused by Google. “Costa Rica is seeing its dignity smeared and there is a sense of great national urgency,” said Costa Rica’s excellently-named President Laura Chinchilla.
The search giant has owned up and admitted to its mistake, saying that an error, by up to 2.7 kilometers, arose in the compilation of the border source data with the US Department of State. It has now received correct and accurate data, and is working on updating the map.
“Cartography is a complex undertaking, and borders are always changing” said Charlie Hale, geopolicy analyst at Google. Indeed, this particular border is a hotly contested issue, with dispute over who owns land around the San Juan River dating back to the mid-19th century.
It’s not the first time that Google’s messed up its maps. Earlier this year, Cambodia hit out against Google’s representation of the Thai-Cambodia border. And in September, Google completely misplaced the Florida town of Sunrise, frustrating local businesses and council officials.
Perhaps the most embarrassing thing for Google, though, is that competitor Microsoft has the border definition right on its maps. If Nicaraguan commander Pastora had used Bing Maps, the entire red-faced incident might never have happened.
Illo: Google
See Also:
"
Men: Your Laptop Is Probably Cooking Your Testicles [Warnings]
Ever wonder just how hot your balls get under your laptop? 'Within 10 or 15 minutes their scrotal temperature is already above what we consider safe,' says one doctor. Turns out that cooking your testicles is also bad for reproducing. More »
Kinect Injury: Kid Gets Elbow To The Face
We predicted a spate of Kinect injuries, and our prediction is coming true! In the Youtube clip below, a dad playing Kinect with his son throws out an elbow and clocks the youngster right in the face. Owwwww.
Enjoy the Kinect Injury Mayhem:
