• Content count

  • Joined

  • Last visited

Community Reputation

1 Neutral

About feverdream

  • Rank
    SUPR3M3 31337 Mack Daddy P1MP

Profile Information

  • Interests
  • Location

Contact Methods

  • Website URL
  • ICQ
  1. Fast enough to be able to compile things fast while not being slowed down by the operating system (Even if I'm forced to taint it with vista), really. I may be running some VM's as well, so it needs to have a lot of RAM and hard drive space. This thing will mostly sit a=on my desk as a desktop replacment I can take home in order to work from home when I get the OK, so to me its just a portable desktop Dev box that will have Linux and Win dual booting on it for development, code writing, testing, etc. One thing I would love to have is monitor out support so that I can work with multiple monitors; I'm just not sure of the support for that in laptops.
  2. Yeah, but thats an online form to fill out and a small flat fee in my state.
  3. Think low level, I-got-to-be-able-to-flash-the-nand-then-validate-the-flash type stuff. At my last embedded systems gig, we did *everything* over a serial line, all the way up to using the serial line as our direct interface for automated unit/test cases. Then again, the product was an add in module that used that is its primary interface to a GPS and a few other bits, so it was to be expected. To give you an idea, I work in the Test side as a dev helping out the test team, so I have to be able to do everything the Devs will/can do, plus take it apart and do things they cant or wont think of as a member of Test. I'm hitting road blocks with suppliers for the laptop; They all want to sell me vista, and XP is much better for dev work if your going to have to use a win32 env. Even worse most of the laptops I feel could take the place of a desktop system running compilers, IDE's, probes, multiple monitors, etc are all considered gaming rigs and are more expensive. Luckily however tech has come a long way so converters for serial lines are cheap so thats taken care of: http://sewelldirect.com/usbtoserial.asp
  4. So is there anything we can do to assure that costs don't go up? As I said to you before Stank, I would really love to see a tax deductible charity created to hold the binrev assets/bills. At least then you can beg for money and feel good about giving people tax write offs, not to mention the other benefits.
  5. It looks like its only gold PLATTED. Look at the wearing around the coin slot.
  6. I was just informed that for my newest contracting gig, I need to buy a brand new laptop and equiptment to be used for embedded development (Think Cell Phones, PDA's, mp3 players, etc) and my pimps (Read: Contracting Agency) will gladly pay for half of the total cost of the laptop and any "reasonable" peripherals. The problem of course, is that some items - like serial ports - are not standard on todays laptops, and while I know windows devices will be part of that list, I want to also dual boot Linux for myself and so I need a good Distro other than my usual Gentoo; I'm hoping that other Dev/Test minded Linux people will share there experiences and recommend something "good" from a developers perspective so I do not have to manually compile and install an entire tool chain. I have prior experience with embedded dev on desktops, and am wondering what other differences I should expect working with a laptop. I'm also looking for a good list of "reasonable peripherals" that I can add to the bill, keeping in mind that from what I was told by my recruiter "If its embedded systems related we really cant turn it down since we don't know what exactly you will be doing on site" (This sort of thing is normal in contracting, btw). While I do intend to be honest, I also feel that if I can use anything at all to make the job easier (and thus me more productive), they can pay half the bill and I will gladly let them. So I need ideas on how to best handle this situation..
  7. Why are the costs getting bigger? Is that just bandwidth?
  8. What is an SFV? What is the 'correct' format to validate to? What is this used for?
  9. I have recently taken no small amount of delight in the finding and learning of the RLSH community. On that note, I have to wonder about the tools that could be created and used as part of the "Good Samaritan" efforts that is the goal of that community. Being an embedded devices/security guy at heart, and not finding a section on these forums for embedded devices or handhold tool creation, I would like to know: 1. Does anybody here develop these sort of tools? I know that being a hacker is partly about "tools to make tools" so it seems likly to me. 2. Is anybody here willing to start/help in the creation of such tools? Struictly from a EE/Hacking standpoint I think it could be a lot of fun. 3. Does anybody here have any interesting ideas can be used for this sort of tool creation that they do not mind sharing? I found a example of current tool development HERE, but data on how to build them is scarce and I would really like to learn more about the modifications required to make a strobe light so portable, for example.
  10. http://www.catb.org/esr/jargon/html/ http://catb.org/~esr/faqs/hacker-howto.html http://www.beej.us/guide/
  11. Sniffing is a very passive process so if you are talking about the host system sniffing its own connection, one way would be to check the state of the network card.
  12. Its important to note that just because your 'connected' to a ssl based site does not mean your secure; The server just negotiate down the connection until your at telnet if you want. All the little padlock in your browser really means is that your connected to the correct remote server port.
  13. You should disable direct root login access no matter what; Use su/sudo instead as needed. You can mitigate a large part of possible sshd attacks by forcing only public key authentication on your server, even if its for everything *except* for the users in a very specific sub group; It really depends on the SSHD your running as different servers - open ssh, RSIT, etc - support different options. I highly suggest you read your SSHd's docs and configure your sshd (try 'man sshd_config' on the command line) to the highest spec you can, and make sure that 'none' or any other weak config option is available in your outgoing Cypher or MAC requests. You can validate this simply by connecting to your SSHD's port on your system (Usually port 22) via telnet, taking the string you get prompted with and replying with it exactly,pressing enter, and then reading the output. You will get a bunch of what looks like junk (its actually the size part of the pascal string that makes up the data you are sent, but that a different topic) followed by readable text. Pressing [enter]foo[enter] after that will close the connection and put you back at your prompt. I know it may sound stupid, but if you see the word "none" in there, then you really need to step up your security. That means your allowing no security to be used by remote connections who choose to negotiate down to it, and thats about the same as using telnet but slower. Limit how people can connect and you limit how easy it is for people to attack. Many root kits only support the bare minimum HMAC and Cypher required for an SSH connection per the RFCs, so forcing people to use a better mac and cypher will actually do a lot of good.
  14. I live in the area. Looking to learn more about investing and all that.
  15. Who voted for the FX account? I know a guy who does that full time, works a few hours a night working the JPN/GBP cross pair and spends the rest of it doing whatever he wants.. So I'm trying to learn what I can from him using a demo account to get started at 1:100. I'm sort of lost on what to do next. Thats why I asked.