SecuraBit

Before It Bytes!

DEFT 7 – A linux distro for forensics and more!

We stumbled across this distribution the other day while building a forensic workstation for the lab. SIFT just didn’t perform the way we wanted and DEFT seems to be rock solid out of the box with version 7 of their distro.

Check them out at http://www.deftlinux.net/2012/01/31/deft-7-ready-for-download/

They have a draft version of their english manual as well. This distro is based on the 3.0 kernel and is snappy as heck even on somewhat older hardware. Outstanding work guys!

What features do you want added to our website?

We already have a blog aggregation that we host at planet.securabit.com and our new exploit developer’s corner. There is also a guest form on our contact page, so if you’re interested in being on the show or doing an interview of any sort, please fill that out!

What else do you want us to have? Perhaps bringing back the forums or introducing a mailing list? Challenges? Pictures of cats with lockpicks?  Please leave comments!

Please note, if you want us to revive our forums, we’re going to conscript you into slave labor to admin them. Thanks 🙂

ThotCon and Hacking Tractors

This past weekend our newest SecuraBit co-host Dan Mitchell got a chance to attend Thotcon, a non-profit, non-commercial hacking conference held in the “Windy City”.  Here is what Dan had to say:

The conference benefits from strong support by a vibrant local hacking community and a nice mix of infosec professionals and underground hackers alike. I was impressed by the quality of the presentations and the amount of knowledge and information I was able to condense into my brain in just 10 short hours. On the topic of “time”, the conference kicked off with a most excellent presentation called “pwning time” by Mark Hardy. Mark, also known for his outstanding DEFCON presentation “A Hacker looks at 50” is a veteran in the industry and somebody who personifies the true “hacking” spirit. Mark’s presentation was ultimately a bevy of wisdom on how we can better manage our time and figure out “what we want to be when we grow up”. I recommend checking out what he has to say, it is truly inspirational. By far my favorite presentation was given by Chris Roberts and Jesse Diekman called “Planes, Trains and Automobiles”. It was during this presentation that I was introduced to “Tractor Jacking” i.e. Chris and Jesses’s successful attempt at remotely hacking into the OS of large industrial tracktors and taking them for a spin.  They also demonstrated how they where able to stand on a bridge and wirelessly hack into the OS (AUTOSAR) of passerby cars and do everything from disabling the ABS to grabbing and reading sensitive configuration files. The presentation was simultaneously frighting and hilarious and served as a reminder that a the vulnerability landscape extends far beyond mobile devices, cloud services, desktops and servers.

Dan had the opportunity to speak personally with Chris after his presentation and we will hopefully be arranging to get him on the show soon. All of the presentations will be available on the ThotCon website in the near future. If you are looking for a unique hacker con, one that is different from the run of mill cons we see every year, ThotCon is definitely worth checking out.