Mall « Madrock

Tag: Mall

Ham Radio Iphone applications

by Derek on Dec.21, 2009, under Amateur Radio

I have a Iphone and have been loading Ham applications onto it… Below is a list of some of them.

Amateur Radio Exam Prep for iPhone – Amateur Radio License exams are composed of questions from a pool. Use this application to practice all possible questions prior to taking your exam
CallBook for iPhone- CallBook is an Amateur Radio application that allows you to look up call signs via the free WM7D server, the QRZ Online subscription service or the HamCall subscription server and track active APRS stations on www.aprs.fi. Lookup results can be emailed and the QTH can be instantly viewed in the Maps application
Elmer for iPhone – iPhone Software to practice taking your Ham Radio Exam
Freq Finder: iPhone Repeater Directory – Freq Finder is an iPhone based Ham Radio Repeater Directory that locates repeaters based on the user location.
FreqLoader: iPhone companion for the mobile ham- FreqLoader is the perfect iPhone/iPod Touch companion for amateur radio operators, monitoring enthusiasts, shortwave listeners and anyone with an interest in the air waves. Whether you’re an active licensed ham or an avid scanner listener, FreqLoader will allow you to find what you’re looking for, keep track of your stations, maintain complete logs and share your finds with friends, groups and the world.
hamDXcluster for iPhone – DX Cluster for iPhone application
iLocator for iPhone – A small application for Apple iPhone that calculate grid locator from gps, wifi or gsm cells by IW2BSQ
iPhone Ham Radio Callsign Lookup- This webapp provides an iPhone-compatible lookup of Amateur Radio Callsigns. It provides the name, address, and license class (from the FCCÃ¢â‚¬â„¢s public records) of any US-Licensed Amateur Radio Operator.
Morse Key for iPhone – A free simple touchscreen-based CW Morse Code straight key. Practice sending Morse Code on your iPhone.
IBCNU APRS on the Iphone -Â The Live IBCNU feed can be found here.
APRS – how to configure the application can be found at http://www.aprs-is.net/Connecting.aspx. Find MapsÂ at http://www.openaprs.net/iphone/

UPDATE

EchoLink is finally available for the iPhone and iPod touch. It even allows me to use my Bluetooth car kit to have a QSO.

HAM’s who use EchoLink on the PC and Mac will appreciate the value of this on the iPhone.

5 Comments :Amateur Radio, amateur radio operator, ASP, DES, EchoLink, Iphone, iPod touch, iPodtouch, Mall, online, phone, Radio, script, server, web more...

Ham Radio Links

by Derek on Nov.29, 2009, under Amateur Radio

Amateur Packet Radio Australian

Aussiewide Packet Radio Network http://www.ampr.org.au/

AAPRA http://members.optusnet.com.au/aapra

Australian Amateur Packet radio directory http://www.wia.org.au/links/Packet Radio Directory 050703.PDF

Data Group Sub Committee WICEN Vic http://datagrp.vic.wicen.org.au/

Queensland APRS Users Group http://www.tech-software.net/

VK2KFJ’s Packet Radio Links page http://www.qsl.net/vk2kfj/pacradio.html

VK3JED http://quest.apana.org.au/~tl/vk3jed/

VK4TTT XROUTER http://xrouter.ampr.org.au/

VK4ZU http://www.users.on.net/~trevorb/

VK5 AX25 Packet Network Map (VK5AH) http://homepages.picknowl.com.au/wavetel/vk5pack.htm

Winlink

Winpack

10GHz data Link http://www.cck.net.au/areg/inside/projects/10ghz/10ghz.htm

International

About Digital Ham Radio http://home.teleport.com/~nb6z/about.htm

Amateur Packet Radio Gateways http://www.ampr-gates.net/frame_e.htm

Amateur Packet Radio, net 44, and AMPR.ORG `http://www.ampr.org/

American Febo Enterprises http://www.febo.com/index.html

ARRL HSMM Links http://www.arrl.org/hsmm/links.html

Athenian TCP/IP http://www.athnet.ampr.org/freeserv.htm

BayCom http://www.baycom.org/

BBS Hierarchical Addressing Protocol http://www.tapr.org/tapr/html/Fbbssig.html

Colin’s packet info http://website.lineone.net/~colin_mccord/Radio/packet_radio.htm

CHIFLEY A R CLUB http://hamgate.rpi.net.au/netstat.html

CHIFLEY A R CLUB http://hamgate.rpi.net.au/chifley/packet.html

CX2SA http://cx2sa.net/

digitalhamradio http://www.digitalham.net/

DRSTM (Data Radio Standard Test Methods) http://www.rocler.qc.ca/burt/drstm.html

Flexnet http://dl0td.afthd.tu-darmstadt.de/~flexnet/

FUNET http://www.funet.fi/pub/ham/packet/

FUNET ftp://ftp.funet.fi/pub/ham/packet/

F4DAY http://perso.wanadoo.fr/jf.fourcadier/index_e.htm

F6FBB http://www.f6fbb.org/

GB7DIP TNOS/PBBS http://www.qsl.net/gb7dip/access.html

GB7IMK http://www.gb7imk.co.uk/

G4JKQ http://www.btinternet.com/~g4jkq/

G4JKQ TCP/IP Telnet listing http://www.qsl.net/g4jkq/tcp.htm

G7JJF TNC Driver Support (WINTNC) http://www.g7jjf.demon.co.uk/

High speed (2 Mbit/s) data signaling project http://perso.wanadoo.fr/jf.fourcadier/haut_debit/projet/projet_e.htm

High speed packet http://hydra.carleton.ca/articles/hispeed.html

High Speed Packet radio http://www.lmrgroup.com/ke3ht/hspr.html

High-speed Packet Radio http://cacofonix.nt.tuwien.ac.at/~oe1kib/Radio/

KE5FX http://www.qsl.net/ke5fx/

K4ABT (home page) http://www.packetradio.com/

K4ABT (packet radio primer) http://www.packetradio.com/primer.htm

LinuxÂ® / Amateur Radio Information http://delbert.matlock.com/linux-radio.htm

Linux projects http://cacofonix.nt.tuwien.ac.at/~oe1kib/Linux/

Linux AX25-HOWTO http://tldp.org/HOWTO/AX25-HOWTO/

MPRG http://www.mprg.ampr.org/index.html

NNA http://www.btinternet.com/~nna/

Netterm http://www.cs.unca.edu/~edmiston/handouts/netterm.html

PA3CGO http://www.qsl.net/pa3gco/

Packet Cluster information http://cpcug.org/user/wfeidt/Misc/pctut.html

PacketÂ Info and Downloads http://www.packetradio.com/

Packet Links http://www.stack.serpukhov.su/~victor/hamradio/packet/packet.html

Packet Net (VK5 packet map) http://www.packetnet.org/

Packet Net (FBB software) http://www.packetnet.org/fbb.htm

PAcket Digital Amateur Network (PADAN) http://www.weaksignals.com/

PZT Software by G8PZT (Xrouter, PZT BBS) http://www.g8pzt.pwp.blueyonder.co.uk/software/software.htm

Radio-TNC Wiring Diagrams http://users3.ev1.net/~medcalf/ztx/wire/

RST http://www.qsl.net/on1blu/

Russian Packet http://www.stack.serpukhov.su/~victor/hamradio/packet/packet.html

Slovenian ATV/Packet http://lea.hamradio.si/~s51kq/

Sound Card Packet http://www.qsl.net/soundcardpacket/index.html

TAPR http://www.tapr.org/

TCP/IP Telnet listing http://www.btinternet.com/~g4jkq/tcp.htm

TNC-X http://www.tnc-x.com/

TPK http://www.f6fbb.org/f1ebn/index.htm

TNOS Central http://www.lantz.com/tnos/

TVIPUG http://www.tvipug.org

United Kingdom Internet Protocol http://www.gb7imk.co.uk/ukip/

VHF/UHF/Microwave Radio Propagation: A Primer for Digital Experimenter http://www.tapr.org/tapr/html/ve3jf.dcc97/ve3jf.dcc97.html

WA4DSY 56k RF Modem http://www.wa4dsy.net/

Yet Another 9k6 Modem http://www.microlet.com/yam/

1.2 GHz TRX http://www.ccr.jussieu.fr/physio/f6bvp/txenglish.html

9600 BAUD – A SHOPPERS GUIDE: http://www.g1gyc.demon.co.uk/martin/9600.htm

Sound Card Packet

ILINKBOARDS.com http://www.ilinkboards.com/

Sound Card Buddy http://www.sparetimegizmos.com/Hardware/SoundBuddy.htm

Soundcard Interfacing http://www.qsl.net/wm2u/interface.html

Sound Card Packet AGWPE (KC2RLM) http://www.patmedia.net/ralphmilnes/soundcardpacket/SV2AGW http://www.elcom.gr/sv2agw/ Sound Card Interface with Tone Keyer (WA8LMF) http://members.aol.com/wa8lmf/ham/tonekeyer.htm

QDG sound card interface

Return to Top

Winlink

Winlink! 2000 http://winlink.org/

Aussie Winlink http://www.aussiewinlink.org

Pactor Communications Australia http://www.pca.cc/

Winpack

Winpack home page http://www.peaksys.co.uk/

Winpack info http://www.g4fip.cwc.net/winpack.htm

Winpack info http://www2.tpg.com.au/users/peteglo/winpack.htm

Winpack info http://www.btinternet.com/~gb7omn/winpack.htm

TNCÂ information

General

Data Group Sub Committee WICEN Vic http://datagrp.vic.wicen.org.au/

Setting Your TNC’s Audio Drive Level http://www.febo.com/packet/layer-one/transmit.html

TNC and Radio mods http://www.johnmather.free-online.co.uk/tnc.htm

TNC 2 – MFJ 1270 – Tone Calibration Procedure http://datagrp.vic.wicen.org.au/mfjtones.htm

TNC Mods by Warren Stirling VK3XSW http://203.36.211.21/xswmods/

MFJ

Alignment of MFJ-1270B http://www.packetradio.com/1270algn.htm

MFJ-1270 Tone Calibration http://gyld.online.se/mods/misc/MFJ1270

MFJ-1270B mods http://www.mods.dk/mods.php3?radio=tnc&model=mfj-1270&selectid=1073#1073

MFJ 1270B Modifications http://203.36.211.21/xswmods/mfj1270b.htm

MFJ-1270B Electromagnetic Interference http://datagrp.vic.wicen.org.au/mfj_emi.htm

MFJ-1278B Care and maintenance http://www.qsl.net/ke4mob/

AEA

PK-88 Mods http://www.mods.dk/mods.php3?model=pk-88&radio=tnc

PK-88 birdie fix http://732.com/ham/mods/aea/pk88fix.htm

AEA radio and TNC mods http://www.k7on.com/mods/aea/mods/aeamod.txt

Other suppliers

BYONICS http://byonics.com/

Fox Delta http://www.foxdelta.com/

Hal Communications http://www.halcomm.com/AmateurProducts.htm

Kantronics http://www.kantronics.com/

PacComm http://www.paccomm.com/

PKTerm for Windows http://www.cssincorp.com/pkterm/

Small Wonder Labs http://www.smallwonderlabs.com/

The DXZone Digital and Packet Radio http://www.dxzone.com/catalog/Manufacturers/Digital_and_Packet_Radio/

Tigertronics http://www.tigertronics.com/

Timewave http://www.timewave.com/amprods.html

TNC-X – The Expandable TNC http://www.tnc-x.com/

YAM Modem http://www.nordlink.org/yam/

Gateways

Amateur Packet Radio Gateways http://www.ampr-gates.net

G4JKQ http://www.g4jkq.co.uk/

Packet gateways http://www.packetnet.org/packet_gateways.htm

Radio Gateway Project http://www.cisi.unito.it/radiogw/index.html

The Gateways Home Page http://www.ampr-gateways.org/

Return to Top

High-Speed Digital Networks and Multimedia (Amateur)

N5OOM’s HSMM Projects http://www.n5oom.org/hsmm/

ARRL High-Speed Digital Networks and Multimedia http://www.arrl.org/hsmm/

North Texas High Speed MultiMedia group http://groups.yahoo.com/group/ntms-hsmm/

San Antonio 802.11 http://home.satx.rr.com/wdubose/

Also take a look at the wireless LAN pages

APRS

Aus APRS http://www.radio-active.net.au/vk2_aprs.html

APRS http://www.radio-active.net.au/web/gpsaprs/aprsrept.html

APRS http://aprs.rutgers.edu/

APRS http://web.usna.navy.mil/~bruninga/aprs.html

APRS http://www.cave.org/aprs/

APRS http://www.ew.usna.edu/~bruninga/aprs.html

APRS in Adelaide http://vk5.aprs.net.au/

APRS+SA Home Page http://www.tapr.org/~kh2z/aprsplus/

APRS maps & stuff http://www.users.cloud9.net/~alan/ham/aprs/

APRS Maps for G4IDEs UI-VIEW http://www.gb7iph.demon.co.uk/APRS_Maps___Links/aprs_maps___links.html

AVR-Microcontroller http://www.qsl.net/dk5jg/aprs_karten/index.html

APRS in the UK http://www.aprsuk.net/

aprsworld http://www.aprsworld.net

APRS.DE http://www.aprs.de/

APRS-Berlin http://www.aprs-berlin.de/

APRS-Frankfurt http://www.aprs-frankfurt.de/

BYONICS (Electronics Projects for Amateur Radio) http://www.byonics.com/

CanAPRS http://www.canaprs.net/

Dansk APRS Gruppe http://www.aprs.dk/

findU.com http://www.findu.com/

France APRS http://www.franceaprs.net/

Kansas City APRS Working Group http://www.kcaprs.org/

KD4RDB http://wes.johnston.net/aprs/

Le Club ARPS France http://aprs.free.fr/

Live Australian APRS data maps http://www.aprs.net.au/japrs_live.html

NIAN http://nian.aprs.org/

N2YGK http://www.users.cloud9.net/~alan/ham/aprs/Ohio APRS NET http://www.ohioaprs.net/

Queensland APRS Users Group http://www.tech-software.net/

Tri-State APRS Working Group http://www.tawg.org/

Other Digital Modes

General HF-FAX http://www.hffax.de/index.html The Digital Ham Radio Revolution! http://home.teleport.com/~nb6z/about.htm NB6Z http://home.teleport.com/~nb6z/ ZL1BPU http://www.qsl.net/zl1bpu/

Morse Code

CW FACTS AND OPERATING TIPS http://www.magiclink.com/web/shurst/Page2.html

CW Operators’ QRP Club Inc. http://www.users.on.net/~zietz/qrp/club.htm

Fists Down Under http://fistsdownunder.morsekeys.com

FISTS DOWNUNDER http://www.fistsdownunder.org

LEARN MORSE CODE in one minute ! http://www.learnmorsecode.com/

MRX morse code http://www.mrx.com.au/

NZART CW program http://www.nzart.org.nz/nzart/Exam/morse.html

Not Morse Code, Slow Scan , Packet or APRS

HamDream by HB9TLK (digital radio) http://www.qslnet.de/member/hb9tlk/

JE3HHT, Makoto (Mako) Mori http://www.qsl.net/mmhamsoft/

PSK31 and other PC Magic http://www.psk31.com/

SIMPLE32 http://www.simple32.com/

WSJT ACTIVITY IN AU (follow link) http://www.tased.edu.au/tasonline/vk7wia/

Amateur Digital Radio

AR Digital Voice Communications http://www.hamradio-dv.org/

ARRL digital voice http://www.arrl.org/tis/info/digivoice.html

ARRL Digital Voice the next new mode? http://www.arrl.org/tis/info/pdf/0201028.pdf

Australian National D-Star http://www.dstar.org.au/

G4GUO (HF digital modems) http://www.chbrain.dircon.co.uk/index.html

Ham Radio digital info http://www.hamradio.com/pdf/dstar.pdf

ICOM America digital http://www.icomamerica.com/amateur/dstar/

TAPR digital http://www.tapr.org/tapr/dv/

Temple University Digital Voice Project http://www.temple.edu/k3tu/digital_voice.htm

Temple University Vocoder Redux http://www.temple.edu/k3tu/VocoderRedux.pdf

WinDRM – HF Digital Radio Mondiale http://n1su.com/windrm/

W2BRI’s Digital Voice Site http://www.standpipe.com/w2bri/fastmodem/fastmodem.htm

D-Star

Australian D-Star information http://www.dstar.org.au/

D-Star users http://www.d-starusers.org/

D-Star wikipedia http://en.wikipedia.org/wiki/D-STAR

ICOM America D-Star Forums http://www.icomamerica.com/en/support/forums/tt.asp?forumid=2

K5TIT http://www.k5tit.org/

Software Defined Radio

FlexRadio Systems Software Defined Radios http://www.flex-radio.com/

Rocky software for SoftRock-40 hardware http://www.dxatlas.com/rocky/

SDRadio – a Software Defined Radio http://digilander.libero.it/i2phd/sdradio/

SoftRock-40 Software Defined Radio http://www.amqrp.org/kits/softrock40/index.html

The Weaksignals pages og Alberto I2PHD (software) http://www.weaksignals.com/

Winrad software defined radio http://www.winrad.org/winrad/index.html

Digital Radio

BBC digital Radio http://www.bbc.co.uk/digitalradio/

DABdigital http://www.ukdigitalradio.com/home/default.asp

Digital Audio Broadcasting http://www.digitalradio.ca/

Digital Radio Broadcasting http://happy.emu.id.au/lab/info/digradio/index.html

Digital Radio is the sound of the future http://www.radio.cbc.ca/radio/digital-radio/drri.html

Digital Radio http://www.magi.com/~moted/dr/

Digital radio mondiale http://www.drm.org/indexdeuz.htm

DRDB http://www.drdb.org/

DRM – Digitaler Rundfunk unter 30 MHz http://www.b-kainka.de/drm.htm#dritte

SimplyRadios.com http://www.simplyradios.com/dab/dabhome.htm

Amateur Radio Direction Finding

Amateur Radio Direction Finding – ARDF http://www.nzart.org.nz/nzart/ar_info/ardf.html

Amateur Radio Direction Finding and Orienteering http://vkradio.com/ardf.html

Amateur Radio Direction Finding Webring http://www.qsl.net/vk3zpf/webring1.htm

Homing In http://members.aol.com/homingin/

RON GRAHAM ELECTRONICS (ARDF and more) http://users.mackay.net.au/~ron/

Victorian ARDF Group Inc. http://www.ardf.org.au/

Repeater Linking

There are currently There are 5 internet linking projects that I know ofÂ :-

IRLP,Â iPHONE, iLINK, eCHOLINK and WIN SYSTEM (May 2005)

EchoLink http://www.echolink.org/

Hamlink (K1RFD) http://www.hamlink.net/

KWARC (live audio) http://www.kwarc.org/listen/

Internet Linking http://www.qsl.net/g3zhi/index2.html

IRLP http://www.irlp.net/

IRLP status http://status.irlp.net

IRLP VK2RBM http://www.bmarc.oz-hams.org/irlp.html

IRLP VK4MTV http://www.throbware.com.au/irlp/

WIN SYSTEM http://www.winsystem.org/

Wires http://www.vxstd.com/en/wiresinfo-en/

iLINK

G4CDY-L Internet Gateway http://www.g4cdy.co.uk/

G7WFM Repeater Linking http://www.g7wfm.co.uk/

iLink http://www.aacnet.net./

VA3TO iLINK INTERFACE http://www.ilinkca.com/

VK2JTP iLINK gateway http://www.qsl.net/vk2jtp/

WB2REM & G4CDY’SÂ iLINK boards http://www.ilinkboards.com/

WB4FAY http://www.wb4fay.com/ilink_FAQ.html

INTERFACES

ILINKBOARDS.com http://www.ilinkboards.com/

laser diodes

A Lightwave Communication http://www.n1bug.net/tech/laser/alc_wa6ejo.html

A R Laser Communications http://www.qsl.net/wb9ajz/laser/laser.htm

Australian Optical DX Group http://groups.yahoo.com/group/Optical_DX/

Driver Enhancements http://www.misty.com/people/don/laserdps.htm#dpsdepm

European Laser Communications http://www.emn.org.uk/laser.htm

Laser Communications http://www.arrl.org/tis/info/laser.html

Laser Communications http://www.gbonline.com/~multiplx/wireless/laser/

Mike’s Electric Stuff http://www.netcomuk.co.uk/~wwl/electric.html

Ronja http://atrey.karlin.mff.cuni.cz/~clock/twibright/ronja/

Amateur Radio Licence

Amateur Regulations Examination Guide http://www.wiavic.org.au/edu/regs.html

AustralianÂ info http://www.wia.org.au/info/gettingstarted.html

radiofun http://www.alphalink.com.au/~parkerp/gateway.htm

Radio and electronics School http://www.radioelectronicschool.com/about_course.html

Worldwide Information on Licensing for Radio Amateurs by OH2MCN http://www.qsl.net/oh2mcn/license.htm

Amateur Radio Clubs and Organisations

Also see ATV link page

and VHF link page

Australian

Adelaide Hills Amateur Radio Society http://www.qsl.net/vk5bar/

Amateur Radio Victoria http://www.amateurradio.com.au/

APC news http://vk3apc.mdrc.org.au/apcnews/

Barossa Amateur Radio Club VK5BRC http://www.qsl.net/vk5brc/

Bayside and District A R Society http://www.freewebs.com/vk4bar/

Brisbane Amateur Radio Club http://www.qsl.net/vk4ba/index.html

Brisbane VHF Group

Central Coast Amateur Radio Club http://www.ccarc.org.au/

Central Goldfields A R Club http://www.cgfar.com/

CHIFLEY A R CLUB http://chifley.radiocorner.net/

Coffs Harbour & District Amateur Radio Club http://www.qsl.net/vk2ep/index.html

CW Operators’ QRP Club Inc. http://www.users.on.net/~zietz/qrp/club.htm

Darling Downs Radio Club http://www.qslnet.de/member/ddrc/

Eastern and Mountain District Radio Club http://www.emdrc.com.au

Gippsland Gate Radio and Electronics Club http://home.vicnet.net.au/~ggrec/

Gold Coast AR Society http://www.gcars.com.au/

Healesville Amateur Radio Group http://www.harg.org.au/

Historical Wireless Society of South East Queensland http://www.hws.org.au/

Ipswich Metro Radio Group http://imrg.ips-mesh.net/

Ipswich Radio Club http://www.vkradio.org.au/

Lockyer Valley Radio and Electronic Club Inc http://www.qsl.net/vk4wil/

Locan West http://www.loganwest.cableable.com

Manly-Warringah Radio Society http://www.qsl.net/vk2mb/

Mid North Coast Amateur Radio Group http://www.mncarg.org

NWTARIG http://vk7ax.tassie.net.au/nwtarig/

QRP Amateur Radio Club International http://www.qrparci.org/

Queensland APRS Users Group http://www.tech-software.net/

RADAR Club Inc http://radarclub.tripod.com

Radio Amateurs Old Timers Club Australia Inc http://www.raotc.org.au/

Radio Sport http://www.uq.net.au/radiosport/

Radio and Electronics Association of Southern Tasmania http://reast.asn.au/

Redcliffe & Districts Radio Club Inc. http://vk4rc.we.net.au/

Riverland Amateur Radio Club http://www.rrc.org.au/

South Australian Packet User Group Inc. (SAPUG) http://www.sapug.ampr.org/

SERG http://serg.mountgambier.org

South Coast AMATEUR RADIO Club http://www.scarc.org.au/

SOUTHSIDE AMATEUR RADIO SOCIETY http://www.qsl.net/vk4wss/

Summerland Amateur Radio Club Inc http://www.nor.com.au/community/sarc/

Sunshine Coast Amateur Radio Club http://vk4wis.org/Tablelands Radio and Electronics http://www.trec.aussiewide.com Townsville Amateur Radio Club http://vk4zz.no-ip.org/tarc/

Twin Cities Radio & Electronics Club http://members.iinet.net.au/~sargeant644/tcrec/index.html

VK Young Amateur Radio Operator’s Net http://www.geocities.com/vk_ya/

VK3APC http://www.mdrc.org.au/

VK3BEZ (WIA Eastern Zone Amateur Radio Club) http://www.qsl.net/vk3bez/

VK4WIL http://www.qsl.net/vk4wil/

West Australia Repeater Group http://www.warg.org.au

WESTLAKES AR Club http://www.westlakesarc.org.au/

WIA VK4 Qld http://www.wiaq.com/

WIA VK4 QNEWS NEWSROOM http://www.wiaq.com/qnews/upload/qnews.htm

WIA VK3 http://www.wiavic.org.au

WIA http://www.wia.org.au/ WICEN Australia http://www.wicen.org.au/ WIA WICEN Queensland page http://www.wiaq.com/wiaq/wicen.htm

WICEN Brisbane Qld

New Zealand

NZART http://www.nzart.org.nz/nzart/

NZART Branches http://www.nzart.org.nz/nzart/Branches/

Papakura Radio Club http://www.qsl.net/zl1vk/

Tauranga AR Club http://home.clear.net.nz/pages/chrisle/index.htm

Wanganui Amateur Radio Society Inc. http://www.zl2ja.org.nz/

Wellington VHF Group http://www.vhf.org.nz/

International

American QRP Club http://www.amqrp.org/index.html

ARAC Online http://homepage.ntlworld.com/mikeadams/index.htm

ARRL http://www.arrl.org/

Clear Lake Amateur Radio Club http://www.clarc.org/

FRARS http://www.frars.org.uk/

HKAR http://www.hkra.org/

HRDXA http://www.qsl.net/vr2dxa/

ISSARO http://www.issaro.net

KIDSHAMRADIO http://www.kidshamradio.com/

K2MFF Amateur Radio club http://www-ec.njit.edu/~k2mff/

K9IU Indiana University AR Club http://www.indiana.edu/~k9iu/

North TeXas Repeater Association http://www.ntxra.com/main_page.htm

N0WGE http://www.sckans.edu/~sireland/radio/

Peterlee Radio Club G0KVJ http://www.g0fbw.demon.co.uk/

The Repeater Builders Technical Information Page http://www.repeater-builder.com/rbtip/index.html#main-index

Richardson Wireless Klub http://www.k5rwk.org/

RADARS http://www.mbc.co.uk/RADARS/

RSGB http://www.rsgb.org/

SARL http://www.sarl.org.za/

Submarine Veterans Amateur Radio http://w0oog.50megs.com/

Southgate AR club http://www.southgatearc.org/index.htm

TEARA http://www.teara.org/

The 500 KC Experimental Group for Amateur Radio http://www.500kc.com/

Tucson Amateur Packet Radio http://www.tapr.org/

Winona Amateur Radio Club http://www.jarviscomputer.com/warc/

W6DEK 435 Los Angeles http://www.w6dek.com/

Amateur Radio

Australian

AmateurÂ RadioÂ Australia http://www.amateurradio.org.au/index4alt.htm

Amateur and other Links http://members.ozemail.com.au/~vk2wi/links.html

Australian AR Repeater Map http://vkham.com/australimaps.html

AMATEUR RADIO WIKI http://www.amateur-radio-wiki.net

HAM FAQ http://members.ozemail.com.au/~andrewd/hamradio/hamfaq.html

HAM SHACK COMPUTERS http://www4.tpgi.com.au/users/vk6pg/

Ham Radio in Australia with VK1DA http://members.ozemail.com.au/~andrewd/hamradio/

HF Radio Antenna Tuners http://www.users.bigpond.net.au/eagle33/elect/ant_tuner.htm

Queensland AR Repeater listings http://vkham.com/Repeater/vk4map.html

Radioactive Networks: Ham http://www.radio-active.net.au/web/ham/

Tony Hunt VK5AH (Home of Adelaides 10m Repeater) http://homepages.picknowl.com.au/wavetel/default.htm

VK Amateur Radio Page http://www.home.gil.com.au/~bpittman/

VK1DA’s Amateur Radio Web Directory http://members.ozemail.com.au/~andrewd/hamradio/radlink.html

VK1KEP http://www.pcug.org.au/~prellis/amateur/

VK1OD http://www.vk1od.net/

VK2AFL http://www.qsl.net/vk2afl/

VK2BA (AM radio) http://www.macnaughtonart.com/default.htm

VK3PA http://www.vk3pa.com/home.asp

VK3UKF http://members.fortunecity.co.uk/vk3ukf/index.html

VK3XPD http://www.users.bigpond.com/alandevlin/index.html

VK3YE’s Gateway to AR http://www.alphalink.com.au/~parkerp/gateway.htm

VK3ZQB http://members.datafast.net.au/vk3zqb/

VK4CEJ http://www.hfradio.org/vk4cej/hamlinks.html

VK4TEC http://www.tech-software.net/

VK4TUB http://www.vk4tub.org/

VK4ZGB http://members.optusnet.com.au/jamieb/index.html

VK4ZQ http://users.bigpond.net.au/vk4zq/

VK4ZU http://www.users.on.net/~trevorb/

VK5ARD http://www.vk5ard.com/

VK5BR http://users.tpg.com.au/users/ldbutler/

VK5KK http://www.ozemail.com.au/~tecknolt/index.html

VK7AX http://www.vk7ax.tassie.net.au/

VK8JJ http://www.qsl.net/vk8jj/

New Zealand

Micro Controller Projects for Radio Amateurs and Hobbyists http://www.qsl.net/zl1bpu/micro/index.htm

Precision Frequency Transmission and Reception http://www.qsl.net/zl1bpu/micro/Precision/index.htm

ZL2TZE http://zl2tze.ath.cx

ZL3TMB http://www.hamradio.co.nz/

International

AC6V’s AR & DX Reference http://www.ac6v.com/

A DTMF Beacon controller http://ns1.mesh.net/~g4fre/dtmf.htm

Amateur radio with Knoppix http://www.afu-knoppix.de/

Amateur Radio Resources http://hamster.ivey.uwo.ca/~amsoft/amsoft0.htm

Amateur Radio Soundblaster Software Collection http://www.muenster.de/~welp/sb.htm

AM fone.net http://www.amfone.net

AMRAD Low Frequency Web Page http://www.amrad.org/projects/lf/index.html

Colin’s site http://website.lineone.net/~colin_mccord/Radio/index.htm

CX2SA http://cx2sa.net/

DL4YHF http://www.qsl.net/dl4yhf/

Direction finding http://members.aol.com/homingin/

DSP Links http://users.iafrica.com/k/ku/kurient/dsp/links.html

Electric-web.org www.electric-web.org

EI4HQ http://www.4c.ucc.ie/~cjgebruers/index.htm

EI8IC http://www.qsl.net/ei8ic/

EHAM http://www.eham.net/

eQSL (electronic QSL) http://www.eqsl.cc/qslcard/

HamInfoBar http://www.haminfobar.co.uk/

Felix Meyer http://home.datacomm.ch/hb9abx/

ftp list http://ftp.pspt.fi/pub/ham/ftp.ucsd.edu/

FUNET http://www.funet.fi/pub/ham/

F4DAY http://perso.wanadoo.fr/jf.fourcadier/index_e.htm

Gateway to Amateur Radio http://www.alphalink.net.au/~parkerp/gabra.htm

Grid Square Locator http://www.arrl.org/locate/grid.html

G3PTO http://www.qsl.net/g3pto/

G4FGQ’s Software http://www.btinternet.com/~g4fgq.regp/

G4KLX (The [ON/]G4KLX Page) http://www.qslnet.de/member/g4klx/

HAM RADIO EQUIPMENT & ACCESSORIES http://www.area-ham.org/library/equip/equip.htm

Ham-Links http://www.k1dwu.net/ham-links/

HAMUNIVERSE.COM http://www.hamuniverse.com/

Hamview DSP software http://www.qsl.net/k3pgp/Hamview/hamview.htm

Harry’s PDF Library http://hem.passagen.se/sm0vpo/

HA8ET http://www.pollak.sulinet.hu/www/radio.html

Homebrew RF Test Equipment And Software http://www.qsl.net/n9zia/wireless/appendixF.html#10

KA7NOC http://www.magiclink.com/web/shurst/

KB4VOLÂ Â link site http://pages.prodigy.com/kb4vol/

KE5FX http://www.qsl.net/ke5fx/

KF6VTA & KG4TBJ http://www.geocities.com/silensiosham/index.html

KU4AY ham radio directory http://www.ku4ay.net/

KU5F Ham tools and links http://www.wtrt.net/~ku5s/

KU9Z AR links http://my.ais.net/~n9bkm/page1.htm

K1DWU http://www.k1dwu.net/

K1TTT http://www.k1ttt.net/

K1TTT Technical Reference http://www.k1ttt.net/technote/techref.html

K3PGP http://www.k3pgp.org/

K3TZ Ham Radio Experimentation http://www.qsl.net/k3tz/

K6XC (links) http://home.earthlink.net/~rluttringer/

Lighthouses (International Lighthouse/ Lightship Weekend) http://illw.net

Links2go http://www.links2go.net/more/www.ampr.org/

Links http://imc23.univ.trieste.it/links.html

Mels AMATEUR RADIO LINK’S http://www.users.zetnet.co.uk/melspage/amlinks.htm

Michael Todd Computers & Communications http://www.arcompanion.com/

MoDTS http://www.m0dts.co.uk/

n e o a m a t e u r . o r g http://neoamateur.org/

NT8N http://www.qsl.net/nt8n

NW7USÂ Â (Amateur and Shortwave Radio) http://hfradio.org/

N3EYR’s Radio Links http://www.isrv.com/~joel/radio.html

PD0RKC http://www.qsl.net/pd0rkc/

PI6ATV (ATV, Antenna, software, info) http://members.tripod.lycos.nl/PI6ATV/software.htm

QRP and SWL HomeBuilder http://www.qrp.pops.net/

Radio Links http://www.angelfire.com/ri/theboss1/

Radio Corner (forum) http://www.radiocorner.net

Ray Vaughan http://rayvaughan.com/

Reference http://www.panix.com/~clay/ham/

Simplex radio software http://perso.clubinternet.fr/f1orl/simplexg.htm

S-Meter http://www.smeter.net/

streaming radio programs http://live365.com/home/index.live

The DX Zone http://www.dxzone.com/catalog/Reference/Radio_Spectrum/

The Elmer HAMlet (information) http://www.qth.com/antenna/index.htm

VE1XYL and VE1ALQ http://www.qsl.net/ve1alq/downloads/tetrode-ps/pwrsup.htm

WB6VUB (links) http://www.mpicomputers.com/ham/

WL7LP http://www.geocities.com/TimesSquare/Castle/3782/wl7lp.html

WA6TWJ http://www.jps.net/nwr/wa6twj.htm

W2XO http://www.w2xo.pgh.pa.us/

XE1BEFÂ (DX, mods, links and more) http://www.geocities.com/xe1bef/

Communications Equipment

Australian

Andrews Communication Systems http://www.andrewscom.com.au/

AUSTRALIAN ENTERPRISE INDUSTRIAL http://www.spin.net.au/~aeitower/

BENELEC www.benelec.com.au

Bushcomm www.bushcomm.com.au

connektron www.connektron.com.au

G. & C. COMMUNICATIONS www.gccomm.com.au

Hamak (RM Products Italy) http://www.hamak.com.au/

Hamshack http://www.hamshack.com.au

Jenlex http://home.vicnet.net.au/~jenlex/

KENWOOD Australia http://www.kenwood.com.au/

Kyle Communications http://www.kyle.com.au/

ICOM Australia http://www.icom.net.au

Mini-kits http://www.minikits.com.au/

One Man Towers http://homepages.ihug.com.au/~aeitower/

OZGEAR http://www.ozgear.com.au/

Radio-Data (links) http://www.radio-data.net/

Radio Specialists (equipment connectors and antenna) http://www.radiospecialists.com.au

STRICTLY HAM http://www.strictlyham.com.au/

TET-EMTRON www.tet-emtron.com

Tower communications www.towercom.com.au

Townsville CB& Communications http://www.vk4tub.org/tcb/tcb.html

TTS Systems http://www.ttssystems.com.au/

VK4-ICE Communications http://www.vk4ice.com

WiNRADiO (PC based receivers) http://www.winradio.com.au

International

MFJ http://www.mfjenterprises.com/index.php

Vertex Standard http://www.vxstd.com/en/index.html

W7FG VINTAGE MANUALS CATALOGUE http://www.w7fg.com/index.html

Z Communications Company (repair of old radio equipment) http://home.comcast.net/~zcomco/

SCADA General Audit Questions

by Derek on Nov.05, 2009, under SCADA

General Questions

How can users gain access to the SCADA application?
Objective to consolidate access to all information sources â€“ i.e. to make access available to all users via a single interface
Are any RAS modems utilised within the SCADA environment?
Is the RAS call back feature utilised?
Is the mandatory RAS encryption feature used?
Are users allowed multiple attempts at authentication on the RAS?
Has the RAS auditing feature been enabled?
How is access between the business / corporate network and SCADA network controlled?
How is the administrator password controlled?
How is vendor access to the SCADA network controlled â€“ i.e. password changes after contract has been completed?
Are SLAâ€™s for outsourced support agreements reviewed on a periodic basis?
Are critical components of the SCADA Network supported by a UPS and are these batteries tested on a regular basis to ensure that they are reliable?
What capacity management and monitoring of critical SCADA network systems is performed (i.e. CPU utilisation and hard disk drive space)?
Are legal captions utilised during the login process to the SCADA application and associated infrastructure / devices?
Has an intrusion detection system (IDS) been deployed within the SCADA environment?
Has security been a focus within the development and deployment of the SCADA network?
Is there additional staff screenings performed when staff are hired to work within the SCADA environment (inclusive of vendors etc)?

Policies & Procedures

Is there a defined security strategy for the SCADA environment?
Who is responsible / accountable for security management within SCADA environment? Has the ownership of this responsibility been clearly defined and/or stated in any documentation?
Are there any periodic security reviews of the SCADA network performed?
What procedures are in place to handle the disposal of SCADA network media and devices? Additionally, is there a process in place for the disposal of confidential information / documentation?
Are there any policies or procedures covering the introduction of new devices to the SCADA environment?
What formal change control procedures exist for the SCADA environment?
Does a formal disaster recovery plan exist for the SCADA environment?
Does a formal business continuity plan exist for the SCADA environment?
Do physical and logical security standards differ significantly between SCADA sites?
Has a standard operating environment (SOE) minimum baseline standard been developed for systems being introduced into the SCADA environment?
What security logs are maintained for critical computer equipment and how often are the logs reviewed?
Who is responsible for the reviewing of security logs?
Has access to event logs been restricted?
Upon commencement of employment, are users provided with IT security information as part of the induction process? Additionally, are users provided with further information on security issues on a periodic basis?
What procedures exist to monitor dial-in access?
Is there a formally defined backup and recovery procedure?
Are encryption techniques and/or passwords applied to backup tapes?

Physical Access

How is physical access to SCADA terminals controlled?
Are SCADA control rooms segregated from other rooms?
What building security exists at remote sites to prevent unauthorised access?
What authentication methods are used at remote sites to allow access â€“ i.e. swipe cards?
Are external windows at remotes sites barred?
What alarm systems have been employed at remote sites?

Network Security

Have all deployed routers been configured to ensure the filtering of communications that are unauthorised or not required?
What traffic control and monitoring capabilities have been deployed â€“ i.e. all communication travels to a central point before traversing further on the network.
How are dial-in facilities to the SCADA environment secured?
How is suspicious or unusual activity on the SCADA WAN detected?
What firewall configurations have been set up to segregate the SCADA WAN from the United Water corporate network?
Are all key filtering devices on the network (such as routers and firewalls) configured to log all attempts to access the network? If so are they reviewed on a regular basis?
Have the auditing features of all routers and firewalls been enabled?
Has access to event logs been restricted?
How is the management of patches / hot fixes controlled in regards to firewalls and routers?
What backup and recovery measures are in place for network resources â€“ firewalls and routers?
Has SNMP been implemented on core infrastructure?
Has any wireless equipment been deployed within the SCADA environment â€“ has this been configured to a secure state?
Are all default passwords removed from SCADA devices after implementation?
Does a development environment exist to test changes prior to deployment into the SCADA network production environment?

Workstation Security

What operating systems (version) are installed on SCADA terminals?
Have operating system level passwords been activated on all SCADA terminals?
Do passwords have an indefinite expiry date?
What file and directory permission controls have been implemented on SCADA terminals to restrict unauthorised access by general users?
What logs are generated at the operating system level?
Has access to event logs been restricted?
What tools and services at the operating system level have been restricted for general users?
Who is responsible for patch management of SCADA terminals?
Has an audit feature been enabled for all SCADA terminals?
Are default services available with the operating system restricted?
Is virus protection implemented? Is this software manually or automatically updated?
Are shares enabled on SCADA terminals / workstations?
Are SCADA terminals backed up on a regular basis?
Is registry auditing of SCADA terminals performed?
Are user reviews and associated access rights performed on a regular basis?

SCADA Application Security

What are the username and password requirements of SCADA application?
Are session time out features activated?
Are complex passwords enforced to access the SCADA application?
Are user reviews and associated access rights performed on a regular basis?

System Penetration Testing

Internal penetration testing
External penetration testing
Password strength tests

Changes to the SCADA network

Please provide / list all potential changes being considered to the SCADA network.

Leave a Comment :access, account, authentication, bar, Card, Communications, Corporate, development, disaster recovery, encryption, environment, interface, ISP, Mall, network, operating systems, password, patch, Protection, SCADA, security, SLA, standards, support, technique more...

How To Hijack Fast Food Drive-Thru Frequencies

by Derek on Aug.16, 2009, under Security

This is an article I found on the Phone Losers site I thought I would copy here so I can give it a go at some stage.

How To Hijack Fast Food Drive-Thru Frequencies

A few years back, some friends and I were messing around with a Taco Bellâ€™s drive-thru frequencies. RijilV and isotek showed me how easy it was to hijack the frequencies of just about any fast food restaurant with a very simple mod to a ham radio. The radios they used were Yaesu VX-5 and VX-7 models. We had a few weeks of occasional fun, sitting a few parking lots away and saying all kinds of horrible things to potential fast food customers. For the most part, I didnâ€™t record any of it. But you can find a few clips of our fast food hijinks if you scroll down on the PLA Sound Clips Archive page.

Finally we decided to capture a bit of our FCC violations on video. But instead of capturing actual customers being harassed by us as they placed an order, I drove through the Taco Bell drive-thru myself with a video camera sitting on the dashboard. As I attempted to place my order, RijilV informed me of some crazy new Taco Bell policies and a manager immediately rushed out to explain to me that I wasnâ€™t actually talking to an employee. Here is that video:

After spending several years on Google Video and YouTube, itâ€™s been watched approximately 20,000 times. And of those 20,000 people who have viewed it, approximately all of them have emailed me and asked me what kind of radio we used and how can they use a radio to do the same thing. So in the spirit of April 1st and in order to quell the number of emails sent to me and posts on the PLA Forums asking the same thing, Iâ€™ve decided to write this tutorial to help those people out.

But Iâ€™m not going to explain how to modify a Yaesu VX5 or a Yaesu VX7. A simple Google search will show you how to modify these ham radios. The problem with these mods is that, even though theyâ€™re fairly simple, you have to buy the radios which could cost you anywhere from $200 – $400. Then, after removing a couple solder points, you have to learn how to use it, you have to look up fast food frequency lists, you have to understand the difference between the transmit frequencies and the receive frequencies and you have to scroll through PL tones using trial and error to find the correct one.

Or how about we do this a different way. A way that uses a couple items that you might already have in your home. You can easily modify most old CB radios in a way that will allow them to transmit directly to drive-thru frequencies. You wonâ€™t have to scroll through hundreds of possible drive-thru frequencies, because a CB radioâ€™s channels line up in exactly the same way as most drive-thruâ€™s channels, only at a higher frequency. How do you get your CB radio to run at a higher frequency? A simple replacement of the crystal inside, with a 6.5536 MHz crystal. This triples the megahertz that are broadcast on and there is no learning required. You just take the modified CB radio to a fast food restaurant and start broadcasting to the customers.

â€œBut RBCP, I donâ€™t have a 6.5536 MHz crystal lying around my house,â€ you might be whining at this point. But this isnâ€™t true. Just about any house has several 6.5536 MHz crystals in them if you know where to look. This just happens to be the exact same crystal that you can find in electric heaters, hair dryers, electric stoves, curling irons, electric hot water heaters, irons, and toasters. These crystals are in just about any item that has heated coils and are used to control the frequency of the heating elements so that they donâ€™t burn your house down.

So for this modification you needâ€¦

1 CB radio. It has to be a 40 channel CB radio with a digital display, which includes just about any CB radio manufactured after the mid 1980â€™s. The old 23 channel CBs from the 1970â€™s will not work. It can even be a walkie talkie CB radio. If you donâ€™t have one, you can find one at Goodwill or a yard sale for probably less than $10.

1 toaster. (Or other item with heating elements inside.) A toaster is the most ideal to use, because itâ€™s almost guaranteed to have the crystal inside of it. Itâ€™s more common to find curling irons and hair dryers that donâ€™t. Again, it should be a toaster manufactured within the past 20 years or so. Before that they didnâ€™t have crystal requirements for toaster manufacturers. (And incidentally, there were a lot more electrical house fires back then.) Goodwill will probably have a toaster for less than $10.

1 soldering iron and solder. Donâ€™t worry if you donâ€™t have soldering experience. Itâ€™s actually pretty easy. Click here for a soldering tutorial. You can purchase a soldering iron at Radio Shack or Sears for about $10.

A few screwdrivers

Even if you have to buy all these materials, youâ€™re only out $30. Thatâ€™s a lot better than the $300 you might end up spending on a Yaesu radio. And some of you might already have all these items so you donâ€™t have to pay anything. Ask a friend or a relative if theyâ€™ve got an old toaster or CB radio lying around that they donâ€™t need.

First youâ€™ll want to take apart your toaster. This isnâ€™t too hard. Just flip it upside down and start removing the screws. Youâ€™ll probably need to pull off the plastic lever and knobs before you remove the top of the toaster. Once you have the top off, youâ€™ll see a green or brown circuit board inside.

Flip the circuit board down and youâ€™ll see all the components on the other side, including the 6.5536 MHz crystal. The crystal is silver and will have 6.5 stamped on the side of it. In the picture below, Iâ€™ve used an arrow to show you where itâ€™s located.

The crystal is likely in a different spot in other toasters, but itâ€™s hard to mistake for any other electronic component. The crystal will have some form of 6.5 stamped on the side of it. In my toaster, it showed 6.55-12. While the official frequency needed is 6.5536 MHz, anything within 1.6 megahertz will work. So donâ€™t worry if your crystal just says 6.5 or 6.50 – itâ€™s all the same for our purposes.

Itâ€™s kind of hard to see what Iâ€™m doing in the picture above, but Iâ€™m heating up the leads on the crystal from underneath with my soldering iron to melt the solder, and Iâ€™m pulling on the crystal from above with a pair of needle nose pliers. It only takes a few seconds to get the crystal out of the toaster.

Now that the crystal is out of your toaster, throw your toaster away! Do not attempt to use it once the crystal is removed. Remember, the crystal is in there for safety and using your toaster without the crystal could burn your toast and/or start a kitchen fire. Itâ€™s likely your toaster wonâ€™t even turn on with the missing crystal, but please donâ€™t even try. Just throw it away.

As I mentioned before, just about any brand and model of CB radio will work, as long as it has the digital display on it. Which means, just about any CB radio manufactured after the mid 1980â€™s. These are the kinds of CB radios whose frequencies are controlled by a single crystal inside of them. For my mod, I used a Radio Shack TRC-207 walkie talkie CB radio, which is pictured above. I prefer using a walkie talkie CB radio because it doesnâ€™t requiring sticking a huge CB antenna on the roof of my car which might be noticed if a fast food employee starts looking around the parking lot for the culprits.

Taking apart your CB radio is just as easy as taking apart the toaster. Remove the screws and pop it open. You may or may not have to lift up the circuit board inside to find the crystal inside. In my particular model, the crystal actually plugged into a socket so I didnâ€™t need to even desolder the old crystal. I just pulled it out with my fingers and then plugged in the new 6.55 MHz crystal. I donâ€™t know how common this is, because in other CB radios that Iâ€™ve modified the crystal was soldered to the circuit board, just like in the toaster.

Put your CB back together and test it to make sure itâ€™s working. Youâ€™re finished! Obviously, you wonâ€™t be able to talk on normal CB channels anymore since your CB is transmitting and receiving at a much higher frequency now. But who cares, CB channels are lame anyway. Letâ€™s hop in the car and drive to our nearest fast food establishment to test it out.

Sit near the drive-thru and wait for a customer to pull up. While the customer is talking to the drive-thru speaker, start flipping through your channels until you hear them talking. Iâ€™ve found that most drive thrus end up being somewhere in the 16 – 25 channel range. Iâ€™ve never found one above channel 30 and only a few on channels 1 through 15. It all depends on how their drive-thru is set up and what frequencies theyâ€™re using. Anyway, push down your talk button and start talking to the customer.

The cool thing about using a CB radio to transmit on drive-thru frequencies is that a CB is designed to work for several miles. The headsets that those fast food people wear are only designed to work for about 100 feet. So you can easily overpower the employees, even if youâ€™re several parking lots away. In fact, you may be inadvertently screwing with several other drive-thrus in town without even knowing it. This is more likely when youâ€™re using the kind of CB radio thatâ€™s supposed to be installed in a car. Those usually run on 5 watts and can cover an entire city. This is another reason I like to use my walkie talkie. Itâ€™s lucky if it will work for even a mile, so Iâ€™m only harassing one restaurant at a time.

If you found this tutorial useful, you might also enjoy the video Iâ€™ve made on the same subject. It includes much of the same information in this tutorial, but also includes actual footage of us messing with a drive-thru with this CB mod. Enjoy!

You might also enjoy our original Taco Bell Takeover video, our Happy Birthday drive-thru video and our Drive-Thru Shenanigans video.

PLA TV: Hijacking Fast Food Frequencies [9:12m]: Download (4913)

Local Copy

4 Comments :access, antenna, broadcast, circuit, DES, difference, Digital, EFT, Electronic, frequency, hack, ISP, Mall, Material, phone, Pin, Radio, Restaurant, script, type, web more...

The EDinburgh Great Shiraz Challenge

by Derek on Jul.05, 2009, under Wine

Kerry and I went along to the EDinburgh Cellars Great Shiraz Challenge.

Between Kerry and I we tasted more than 25 great wines over a harrowing 2.5 hours of hustle and bustle in a huge tent in the ED’s carpark. It was great, we both thought that it was well worth the $30/head entry fee.

One of the great things was the amount of large and small wine companies presenting their spoils. Refreshingly many of the tasting areas were manned by the wine maker, winery owner or someone of similar stature. This made for great conversations and allowed us to find other great non-mainstream wineries on the day.

As Kerry (Wine group – 9yrs) and I (Corporate) both worked for SouthCorp (Prior to Fosters), we agreed that we would be looking for the special wines of the day. Well we did grab an RWT on the way out as the last tasting for the day – we are not stupid.

We had a great day overall and purchased and ordered some great wins at the Cellars after the event.

It was great catching up with Barb and Karel from Lengs and Cooter Wines and taste some of their great wines. Barb used to work at SouthCorp for many years and Karl worked at Telstra, but Kerry and I agree that they make great wines.

Of the wines in the winning list below our favourites are:

2006 Woodstock “The Stocks” Shiraz

2004 Bullers Caliope Shiraz

2006 Hentley Farm “The Beast” Shiraz

2005 d’Arenberg Dead Arm Shiraz

2006 Glaetzer ‘Bishop’ Shiraz

Other top votes from us for the day are:

2008 Mike Press Adelaide Hills Shiraz (It’s been a long time since we’ve tasted such a good cheap wine)

2007 Honey MoonVineyard Adelaide Hills Shiraz

2004 Lengs & Cooter Old Vines Shiraz

2004 Lengs & Cooter Reserve Shiraz

2005 Artful Dodger Barossa Shiraz

2007 Veronique Regions Shiraz

2006 Cape Jaffa La Lune Biodynamic Shiraz

2006 Ceravolo Sparkling Shiraz

2007 Yelland & Papps Greenock Shiraz

Results – Shiraz Challenge

Shiraz Day 2008 was a massive hit, with a record crowd of over 900 slurping through a field of just over 300 Shiraz. As always, we ask attendees to vote for their favourite wine of the day, and congratulations goes to Clarendon Hills for their superbly compelling 2006 Liandra Shiraz. Hereâ€™s the full list of the Top 20:

2006 Clarendon Hills Liandra Syrah

2005 Torbreck Factor Shiraz

2005 Langmeil Freedom 1843 Shiraz

2006 Hentley Farm ‘The Beast’ Shiraz

2005 Whistler Reserve Shiraz

2006 Penfolds RWT Shiraz

2005 Wild Witch Shiraz

2005 d’Arenberg Dead Arm Shiraz

2005 Dutschke St Jakobi Shiraz

2006 Woodstock ‘The Stocks’ Shiraz

2006 Brick Kiln Shiraz

2004 Bullers Caliope Shiraz

2006 Hentley Farm ‘The Beauty’

2005 Pikes ‘The E.W.P’ Shiraz

2004 Paracombe Somerville Shiraz

2006 Kalleske Greenock Shiraz

2005 Bendbrook Goat Track Shiraz

2004 Penfolds St Henri Shiraz

2004 Bethany Wines GR9 Reserve

2005 Paxton EJ Shiraz

TOP 20 UNDER $30:

2005 Tin Shed Melting Pot Shiraz

2004 Carlei Estate ‘Green Vineyard’

2004 Majella Shiraz

2007 Torbreck Woodcutters Shiraz

2005 Hugo Shiraz

2006 Tar & Roses Shiraz

2004 Whistler Shiraz

2005 2 Mates Shiraz McLaren Vale

2005 d’Arenberg Footbolt Shiraz

2006 Mitolo Jester Shiraz

2006 Guichen Bay Vineyards Reserve

2006 Pirathon Shiraz by Kalleske

2006 Scarpantoni Block 3 Shiraz

2006 Naked Run Barossa Shiraz

2006 Bird in Hand Shiraz

2006 O’Leary Walker Shiraz

2006 Glaetzer ‘Bishop’ Shiraz

2007 Paxton Quandong Shiraz

2006 Trevor Jones ‘Boots’ Shiraz

2005 Dutschke Gods Hill Road Shiraz

d’Arenberg

Leave a Comment :Adelaide, Adelaide Hills, arenberg, artful dodger, ASP, bar, Barossa, barossa shiraz, biodynamic, Cape Jaffa, cheap wine, cooter, Corporate, d'Arenberg, EDinburgh Cellars, EFT, Great Shiraz Challenge, Hidden, Kerry, Lengs and Cooter, Lengs and Cooter Wines, Mall, Mike Press, Penfolds, Pin, record crowd, RSA, Shiraz, SouthCorp, sparkling shiraz, Telstra, Veronique, Whistler, wine companies, wine group, wine maker, Woodstock, Yelland & Papps more...

Trojan software has been found in ATMs located in Eastern Europe

by Derek on Jun.25, 2009, under Banking and EFTPoS

This is Great, I want one of these cards and a list of ATMâ€™s.

http://www.sophos.com/blogs/gc/g/2009/03/18/details-diebold-atm-trojan-horse-case/

http://www.theregister.co.uk/2009/03/17/trojan_targets_diebold_atms/

From the Security Now Podcast http://www.grc.com/sn/sn-200.htm

Steve: It’s like, oh, goodness, yeah. It’s quite something. So the big news, though, I just sort of had to kind of smile because I told all of our listeners this was going to happen. I said just wait, this is a bad idea, we’re going to see how bad it is. Trojans have – Trojan software has been found in ATMs located in Eastern Europe.

Leo: Oh. Oh.

Steve: From many different vendors.

Leo: Oh, dear.

Steve: But what one thing do all of the trojan-infected ATMs have in common, Leo?

Leo: Let me guess.

Steve: Mm-hmm.

Leo: Windows?

Steve: Windows XP.

Leo: Ai yi yi.

Steve: The LSASS service is the manager of protected content in the system. It’s not quite the right acronym. I can’t think of what it is right now. But it’s like the main security service. And fake ones have been found in the Windows directory. The LSASS EXE normally lives in the Windows System32 directory. They were written in Borland’s Delphi.

Leo: You’re kidding.

Steve: No.

Leo: Well, that’s kind of sophisticated for a hacker. Wow.

Steve: And it’s considered, I mean, it’s commercial-grade code. It’s good code.

Leo: Oh, boy.

Steve: These are not remote installation Trojans. It’s believed that somebody had to have access to the machines.

Leo: Oh, even worse.

Steve: But they have special credit cards. When they swipe the special credit card in the infected machine, it accesses the trojan software, which among other things allows them to dump out all the cash from the machine. But in the meantime it’s logging all of the users’ information and PINs, which it’s able to dump out encrypted with DES encryption from the printer, from the ATM printer in the front of the machine.

Leo: Wow.

Steve: So the – and anyway, so it’s interesting to me. Again, it’s, you know, people defended the idea of implementing these things that I contend should never have been written in Windows. They say, well, but it’s easier to write them. And it’s like, yes.

Leave a Comment :access, Card, Credit, DES, encryption, hack, Mall, Pin, security, Shiraz, something more...

Corporate Phone Lockdown Links

by Derek on Dec.26, 2008, under Phones and Stuff

Hi,

I’m looking at some of the techniques used to lockdown the Iphone, Samsung, Sony and HDC mobile phones. I hope others find the links useful.

Iphone

Lock down the information on your iPhone and iPod touch

http://www.touchtip.com/iphone-and-ipod-touch/lock-down-the-information-on-your-iphone-and-ipod-touch/

iPhone’s PIM lockdown

http://forum.brighthand.com/showthread.php?t=264166&page=2

Apple ‘wise’ to lock down iPhone software

http://www.itnews.com.au/News/44505,apple-wise-to-lock-down-iphone-software.aspx

iPhone lockdown to boost on-demand services

http://www.pcmag.co.uk/vnunet/news/2194973/iphone-lockdown-benefits-firms

Wired’s Easy-Peasy iPhone Lockdown Checklist

http://www.tuaw.com/2007/09/28/wireds-easy-peasy-iphone-lockdown-checklist/

Gartner: iPhone 2.0 cuts business mustard

http://news.cnet.com/8301-1001_3-10016270-92.html

3G iPhone: The business perspective

http://news.cnet.com/3G-iPhone-The-business-perspective/2100-1041_3-6243471.html

What IT staff can do if the CEO gets an iPhone

http://www.infoworld.com/article/07/07/24/What-to-do-if-the-CEO-gets-an-iPhone_1.html

Iphone Hacking

http://www.9to5mac.com/hacked-iphoneOS-beats-Apple%27s-Updated-OS-hands-down-23459856

Iphone Enterprise

http://www.apple.com/iphone/enterprise/

http://www.apple.com/iphone/enterprise/integration.html

New Specification to Lock Down Mobile Phones

http://www.cio.com/article/24369/New_Specification_to_Lock_Down_Mobile_Phones

Samsung

Sony

HDC

———– Advertisement ———-
RapidRepair.com RapidRepair.com is dedicated to the service, repair, and modification of ALL iPod, iPhone, Zune, and other small electronic devices.

Leave a Comment :ASP, business perspective, Checklist, Corporate, Electronic, Enterprise, enterprise integration, hack, Hacking, integration, Iphone, lockdown, Mall, mobile phones, phone, php, Shiraz, technique more...

Amateur Radio and Radhaz

by Derek on Nov.04, 2008, under Amateur Radio

Something I have been very wary about for some year had begun to be better understood over the last few years.

I remember a doctor from an Adelaide hospital who presented at an IEEE meeting saying “on the record there hasn’t been enough research performed to prove that electromagnetic radiation causes cancer, but off the record I have seen enough cases where I am convinces it does”.

This simple statement and other examples provided during the presentation really drove home that we must be wary and respectful when using an existing near electromagnetic emitting devices.

This article came from the local South Australia Amature Radio Experimentes Group Website – Thanks for allthe great work. See link http://www.areg.org.au/info/radhaz/radhaz.html

General Background Information

The question of Radhaz has to be considered when you are constructing an Amateur Radio station that will operate near members of the general public as well as your self.

The responsibility for ensuring that the operation of an Amateur Radio transmitting station is operating with in the ARPANSA and ACMA guidelines is souly the responsibility of the amateur radio operator in control of the radio transmitter.

As the standard for Radiation Protection Standard for Maximum Exposure Levels to Radiofrequency Fields – 3 kHz to 300 GHz changes from time to time. The information on this web site will become out of date. AREG accepts no responsibility for the information presented on this page, the relative orginsations should be consolted for the latest up to date information.

For complete appraisal of your situation, you should consult one of the many orginsations that are NATA certified.

As of March 1st 2003, the Australian Communications & Media Authority (ACMA) introduced new limits for human exposure to electromagnetic radiation (EMR) covering all mobile transmitters such as remote controlled toys, walkie-talkies and hand held two-way radios as well as radio communications installations such as broadcast towers and amateur radio stations.

Under the new regulations, mandatory limits are set by the Australian Radiation Protection and Nuclear Safety Agency (ARPANSA) and people who hold a licence for a radiocommunications facility will have to comply, and in certain cases, hold records demonstrating compliance with the limits.

For a complete details on the ARPANSA standard, please refer to the link below and the ARPANSA web site.

http://www.arpansa.gov.au

maximum-exposure-levels-to-radiofrequency-fields

The RPS No:3 Standard is known as, Radiation Protection Standard for Maximum Exposure Levels to Radiofrequency Fields â€” 3 kHz to 300 GHz (2002).

This Standard specifies limits of human exposure to radiofrequency (RF) fields in the frequency range 3 kHz to 300 GHz, to prevent adverse health effects. These limits are defined in terms of basic restrictions for exposure of all or a part of the human body. Relevant derived reference levels are also provided as a practical means of showing compliance with the basic restrictions. In particular, this Standard specifies the following:

(a) Basic restrictions for occupational exposure with corresponding derived reference levels as a function of frequency.

(b) Basic restrictions for general public exposure, with corresponding derived reference levels as a function of frequency.

(c) Equipment and usage parameters in order to assist in the determination of compliance with this Standard.
The limits specified in this Standard are intended to be used as a basis for planning work procedures, designing protective facilities, the assessment of the efficacy of protective measures and practices, and guidance on health surveillance

IDEAS page is all about putting up design and other general ideas. These may include part circuits or drawings of things that we have thought other people may be interested in. In general don’t expect a complete package, as this page is only meant to give you some ideas on what we have done. So you can further your own experimentation.

1 Comment :Adelaide, Amateur Radio, amateur radio operator, amateur radio stations, AREG, arpansa, Australia, Australian, australian radiation protection, broadcast, circuit, Communications, DES, electromagnetic radiation, EMR, frequency, GHz, Guide, human exposure, Mall, mandatory limits, NATA, nuclear safety agency, Protection, Radhaz, Radiation, Radio, radio communications, Radiofrequency, remote controlled toys, Shiraz, something, transmitter, two way radios, walkie talkies, web more...

Secure Application Development links

by Derek on Oct.14, 2008, under Security

Hi,

I have been putting some secure application development documents together recently and have found some good general tutorials and guidelines which I thought I would post here.

Best Practices

The Ten Most Critical Web Application Security Vulnerabilities, 2004 Update, The Open Web Application Security Project. URL: http://www.owasp.org/documentation/topten
A Guide to Building Secure Web Applications, The Open Web Application Security Project. URL: http://www.owasp.org/documentation/guide
Improving Web Application Security: Threats and Countermeasures, Microsoft MSDN. URL: http://msdn.microsoft.com/library/default.asp?url=/library/enus/dnnetsec/html/ThreatCounter.asp
Authentication in ASP.NET: .NET Security Guidance, Microsoft MSDN. URL: http://msdn.microsoft.com/library/default.asp?url=/library/enus/dnbda/html/authaspdotnet.asp
Session Fixation Vulnerability in Web-Based Applications, ACROS Security. http://www.acros.si/papers/session_fixation.pdf
Writing Secure Code, Michael Howard and David LeBlanc, Microsoft Press.
Threat Modelling, Window Snyder, Microsoft Press.
10 Things You Shouldn’t Do with SQL Server (Data Access Developer “Don’ts”) http://www.dotnetjunkies.ddj.com/Article/86F0988E-FED4-414F-BA2E-D01D953C11BE.dcik
Ten dos and don’ts for secure coding http://searchsecurity.techtarget.com/tip/0,289483,sid14_gci1172049,00.html
Cross Site Scripting http://www.cert.org/archive/pdf/cross_site_scripting.pdf http://www.acunetix.com/websitesecurity/cross-site-scripting.htm
The Cross Site Scripting (XSS) FAQ http://www.cgisecurity.com/articles/xss-faq.shtml
XSS (Cross Site Scripting) Cheat Sheet http://ha.ckers.org/xss.html
SQL Injection Cheat Sheet http://ha.ckers.org/blog/20070315/sql-injection-cheat-sheet/

Other Resources

AusCERT is the national Computer Emergency Response Team for Australia http://www.auscert.org.au/
SANS Institute http://www.sans.org/free_resources.php

Leave a Comment :access, ASP, AusCERT, Australia, authentication, best practices, Countermeasures, data, development, Guide, Hidden, improving web application security, Injection, ISP, Mall, Microsoft, php, Pin, script, security, security guidance, security project, server, session fixation vulnerability, Shiraz, sql injection, text, Theme, threat, Threats, Vulnerabilities, vulnerability, web, web application security, writing secure code more...

Internet Banking Security Assessment Considerations

by Derek on Aug.05, 2008, under Banking and EFTPoS, Security

I was asked some time ago what sort of things may be considered when looking at Internet Banking.

Below is a list of things which could be considered. It was just a brain dump and as such may not be complete.

Don’t underestimate the value of standard for your infrastructure, website configuration,Â database engine configuration/architecture,staging environment and development/QA environments.

Some thoughts:

Many don’t lock accounts after X failed logins, this is normally done for good customer service, but leaves the system vulnerable.

- And all the other things expected for a remote login session (forced password changes, aging, etc))
- Tools such as Brutus may be use to brute force hack authenticated sessions.

Many allow session sequence numbers to be incremented, allowing an authenticated user to view other customer session.

- These may be server side, client side, cookie based, etc.
- Get someone to check the development methodologies and the code being used.
- Database query strings can be placed into test entry fields, allowing table dumps to browser.
- Check all pages served are secure and contain user authentication flags.

Customer data may not be segregated, this needs to be checked.
Customer data should not reside on the Web Server.

Authentication databases / system data should not reside on the webserver.
The databases should reside on a private/semi-private network.

- A different segment to the main banking system.

Webserver should be dual homed or equivalent (some VLAN techniques are good)

- Separate private and public network cards, monitoring/backup/administration
- Infrastructure set-up to explicitly deny inbound/outbound ports, private IP & monitoring escaping from the network.

At all data segregation points ensure rules are in place which appreciates the traffic though that point.

All customer data where possible should be sourced from a secure back-end database.

- This may be a staging environment. i.e. no the main banking system.
- This usually allows for transactions to appear real time to the customer.
- Many transactions may be batched in reality. (internal or external to the bank)

Ensure suitable rules have been set-up on firewalls.

- There should be inbound and outbound rules on firewalls and filtering routers.

Don’t allow any infrastructure on the front end to allow remote administrative connections. (telnet, etc.)

- Use the serial console port to connect to a server or back-end terminal server.

Look for the segregation / staging of online customer content from main banking systems

Ensure that a separate development / QA / production environment system and suitable process is in place.

Services not used by the system are active

- These should be disabled.

Port scan of the supporting infrastructure (routers /switches) and server(s).

- Investigate the reasons for all open ports.

Don’t use the main gateway for trusted partner access (clearing / RAS / etc.)
Do all that standard IIS checks and NT checks (Sample scripts, change management, patching methodologies, etc.)
Ensure denial of service precaution have been taken into account for all infrastructure and server equipment.
Check the adequacy of the escalation procedures used.

- Look for real-time monitoring and alerting.
- Look for responsibility matrix.
- Look for ownership of issues.

Consider upstream carrier(s) vulnerability (denial of service, IP spoofing, DNS hacking, etc)
Consider social engineering of customer, administrative, partner accounts / systems / infrastructure.

- Helpdesk procedures and policies and/or alternate technologies (Caller ID, Gateway IP, etc.).

Use dynamic passwords where possible (SecureID, TACACS, etc.).
Use encrypted tunnelling where needed (IPSec, Firewall 1, etc)
Consider looking at other customer authentication methods to enhance existing methods.

- Digital cert, IP address locked to account, etc.
- Consider use of CVV or CVN for bank issued cards.

Consider how passwords are distributed /changed for customers.

- Plain text email, telephone, etc.
- Can passwords be changed online?

Is additional authentication used between sections of the services once authenticated?
Consider what the customer has access to once authenticated.

- Look at SWIFT, RTGS, inter-bank transfers, access to credit cards, etc.
- If an attacker does get in, what can the do?

Use techniques to ensure pages, customer details are not cached at ISP, or client system.

- These are flags that can be set within pages.
- Normally SSL is cached, but some proxy vendors have been playing with techniques to do so.
- Caching of SSL pages on the client system can be turned on on some browsers.
- May banks use a Java (or similar) applet for all customer interaction, restricting all caching issues.

Ensure paper based and on-line liability clauses are available are address all effected areas.
Ensure within the customer sign-up process banking liability is reduced.

- I’ve seen statements like “use this system at your own risk, responsibility for any liability or claim will NOT……”
- Not very customer focused, but that’s what their legal department recommended.

All of the above can effect the security and/or operation of an on-line banking system.

Other things to consider:

External development and support of the application.
Ownership and management of the hardware/applications
Publishing points for new content (internal/private/trusted network or Internet)
Topology of front end.Â i.e. Security Architecture document should be in place and managed appropriately.
Are limited AP tests performed whenever changes are made to the environment? i.e. integrated AP into Change management process.
Database access. Is it buffered or is it live to the core banking systems.
What facilities are provided? Direct debit + Credit Card + SWIFT + ……. Consider different scenarios for your attack depending on the feature.
What other services are shared within the network segment that the Internet Banking service is running. Can this be used to compromise the Internet Banking site. eg. different support/business/development organisations with differing security strategies/profiles.
Consider all external supporting services within you AP. Look at internal/external DNS poisoning opportunities, mail relay, etc. What IPS’s do they use has the ISP any opportunity to access systems or supporting services which may affect Internet Banking.
Depending on the size of the Bank, many organisation do not use the same support groups for infrastructure and the application. As a result external connections to the infrastructure may be provided for an external support organisation to administer the infrastructure.
Look at the business and user authentication methods and paths (client side certs, secure ID, SMART Card, etc). Consider two factor authentication and modern user identification methods. eg. what is your favourite food in addition to normal usernames and passwords. Do system administration staff use dynamic passwords (secureID, etc)?
See if the Internet Banking application sends email to users which may contain interesting information.
Better access to the application can generally be gained after access to the system. i.e. get an legitimate account on the system. I have found that some sample/administration screens have been restricted to authenticated users only.
Consider social engineering the Help desk to have an account password reset.

7 Comments :access, account, administration infrastructure, architecture, attack, authenticate, authentication, bank, Banking, banking system, brute force hack, Brutus, Card, Credit, CVV, data, Debit, DES, development, development methodologies, Digital, DNS, EFT, environment, hack, Hacking, hardware, identification, infrastructure website, Internet, ipsec, ISP, JAVA, Mall, network, online, password, patch, Patching, phone, Pin, Relay, remote login, script, security, security architecture, server, server authentication, Shiraz, smart card, staging, support, SWIFT, technique, telnet, text, transaction, user authentication, vulnerability, Vulnerable, web more...

Breaking VISA PIN

by Derek on Jul.02, 2008, under Banking and EFTPoS

Below is an article I found recently. This one of the most comprehensive descriptions of PIN Verification Value (PVV) hacking.

I thought I would replicate it here for my local reference.

As comments have been made regarding the grammar used in the original text, I have corrected some of the obvious errors whilst maintaining the context of the original material.

http://69.46.26.132/~biggold1/fastget2you/tutorial.php

——– Original Text ———-

Foreword
Have you ever wonder what would happen if you lose your credit or debit card and someone finds it. Would this person be able to withdraw cash from an ATM guessing, somehow, your PIN? Moreover, if you were who finds someone’s card would you try to guess the PIN and take the chance to get some easy money? Of course the answer to both questions should be “no”. This work does not deal with the second question, it is a matter of personal ethics. Herewith I try to answer the first question.

All the information used for this work is public and can be freely found in Internet. The rest is a matter of mathematics and programming, thus we can learn something and have some fun. I reveal no secrets. Furthermore, the aim (and final conclusion) of this work is to demonstrate that PIN algorithms are still strong enough to provide sufficient security. We all know technology is not the weak point.

This work analyses one of the most common PIN algorithms, VISA PVV, used by many ATM cards (credit and debit cards) and tries to find out how resistant is to PIN guessing attacks. By “guessing” I do not mean choosing a random PIN and trying it in an ATM. It is well known that generally we are given three consecutive trials to enter the right PIN, if we fail ATM keeps the card. As VISA PIN is four digit long it’s easy to deduce that the chance for a random PIN guessing is 3/10000 = 0.0003, it seems low enough to be safe; it means you need to lose your card more than three thousand times (or losing more than three thousand cards at the same time until there is a reasonable chance of losing money.

What I really meant by “guessing” was breaking the PIN algorithm so that given any card you can immediately know the associated PIN. Therefore this document studies that possibility, analyzing the algorithm and proposing a method for the attack. Finally we give a tool which implements the attack and present results about the estimated chance to break the system. Note that as long as other banking security related algorithms (other PIN formats such as IBM PIN or card validation signatures such as CVV or CVC) are similar to VISA PIN, the same analysis can be done yielding nearly the same results and conclusions.

VISA PVV algorithm

One of the most common PIN algorithms is the VISA PIN Verification Value (PVV). The customer is given a PIN and a magnetic stripe card. Encoded in the magnetic stripe is a four digit number, called PVV. This number is a cryptographic signature of the PIN and other data related to the card. When a user enters his/her PIN the ATM reads the magnetic stripe, encrypts and sends all this information to a central computer. There a trial PVV is computed using the customer entered PIN and the card information with a cryptographic algorithm. The trial PVV is compared with the PVV stored in the card, if they match the central computer returns to the ATM authorization for the transaction. See in more detail.

The description of the PVV algorithm can be found in two documents linked in the previous page. In summary it consists in the encryption of a 8 byte (64 bit) string of data, called Transformed Security Parameter (TSP), with DES algorithm (DEA) in Electronic Code Book mode (ECB) using a secret 64 bit key. The PVV is derived from the output of the encryption process, which is a 8 byte string. The four digits of the PVV (from left to right) correspond to the first four decimal digits (from left to right) of the output from DES when considered as a 16 hexadecimal character (16 x 4 bit = 64 bit) string. If there are no four decimal digits among the 16 hexadecimal characters then the PVV is completed taken (from left to right) non decimal characters and decimalizing them by using the conversion A->0, B->1, C->2, D->3, E->4, F->5. Here is an example:

Output from DES: 0FAB9CDEFFE7DCBA

PVV: 0975

The strategy of avoiding decimalization by skipping characters until four decimal digits are found (which happens to be nearly all the times as we will see below) is very clever because it avoids an important bias in the distribution of digits which has been proven to be fatal for other systems, although the impact on this system would be much lower. See also a related problem not applying to VISA PVV.

The TSP, seen as a 16 hexadecimal character (64 bit) string, is formed (from left to right) with the 11 rightmost digits of the PAN (card number) excluding the last digit (check digit), one digit from 1 to 6 which selects the secret encrypting key and finally the four digits of the PIN. Here is an example:

PAN: 1234 5678 9012 3445
Key selector: 1
PIN: 2468

TSP: 5678901234412468

Obviously the problem of breaking VISA PIN consists in finding the secret encrypting key for DES. The method for that is to do a brute force search of the key space. Note that this is not the only method, one could try to find a weakness in DEA, many tried, but this old standard is still in wide use (now been replaced by AES and RSA, though). This demonstrates it is robust enough so that brute force is the only viable method (there are some better attacks but not practical in our case, for a summary see LASEC memo and for the dirty details see Biham & Shamir 1990, Biham & Shamir 1991, Matsui 1993, Biham & Biryukov 1994 and Heys 2001).

The key selector digit was very likely introduced to cover the possibility of a key compromise. In that case they just have to issue new cards using another key selector. Older cards can be substituted with new ones or simply the ATM can transparently write a new PVV (corresponding to the new key and keeping the same PIN) next time the customer uses his/her card. For the shake of security all users should be asked to change their PINs, however it would be embarrassing for the bank to explain the reason, so very likely they would not make such request.

Preparing the attack

A brute force attack consists in encrypting a TSP with known PVV using all possible encrypting keys and compare each obtained PVV with the known PVV. When a match is found we have a candidate key. But how many keys we have to try? As we said above the key is 64 bit long, this would mean we have to try 2^64 keys. However this is not true. Actually only 56 bits are effective in DES keys because one bit (the least significant) out of each octet was historically reserved as a checksum for the others; in practice those 8 bits (one for each of the 8 octets) are ignored.

Therefore the DES key space consists of 2^56 keys. If we try all these keys will we find one and only one match, corresponding to the bank secret key? Certainly not. We will obtain many matching keys. This is because the PVV is only a small part (one fourth) of the DES output. Furthermore the PVV is degenerated because some of the digits (those between 0 and 5 after the last, seen from left to right, digit between 6 and 9) may come from a decimal digit or from a decimalized hexadecimal digit of the DES output. Thus many keys will produce a DES output which yields to the same matching PVV.

Then what can we do to find the real key among those other false positive keys? Simply we have to encrypt a second different TSP, also with known PVV, but using only the candidate keys which gave a positive matching with the first TSP-PVV pair. However there is no guarantee we won’t get again many false positives along with the true key. If so, we will need a third TSP-PVV pair, repeat the process and so on.

Before we start our attack we have to know how many TSP-PVV pairs we will need. For that we have to calculate the probability for a random DES output to yield a matching PVV just by chance. There are several ways to calculate this number and here I will use a simple approach easy to understand but which requires some background in mathematics of probability.

A probability can always be seen as the ratio of favorable cases to possible cases. In our problem the number of possible cases is given by the permutation of 16 elements (the 0 to F hexadecimal digits) in a group of 16 of them (the 16 hexadecimal digits of the DES output). This is given by 16^16 ~ 1.8 * 10^19 which of course coincides with 2^64 (different numbers of 64 bits). This set of numbers can be separated into five categories:

Those with at least four decimal digits (0 to 9) among the 16 hexadecimal digits (0 to F) of the DES output.

Those with exactly only three decimal digits.

Those with exactly only two decimal digits.

Those with exactly only one decimal digit.

Those with no decimal digits (all between A and F).

Let’s calculate how many numbers fall in each category. If we label the 16 hexadecimal digits of the DES output as X1 to X16 then we can label the first four decimal digits of any given number of the first category as Xi, Xj, Xk and Xl. The number of different combinations with this profile is given by the product 6 i-1 * 10 * 6j-i-1 * 10 * 6k-j-1 * 10 * 6 l-k-1 * 10 * 1616-l where the 6′s come from the number of possibilities for an A to F digit, the 10′s come from the possibilities for a 0 to 9 digit, and the 16 comes from the possibilities for a 0 to F digit. Now the total numbers in the first category is simply given by the summation of this product over i, j, k, l from 1 to 16 but with i < j < k < l. If you do some math work you will see this equals to the product of 104/6 with the summation over i from 4 to 16 of (i-1) * (i-2) * (i-3) * 6i-4 * 16 16-i ~ 1.8 * 1019.

Analogously the number of cases in the second category is given by the summation over i, j, k from 1 to 16 with i < j < k of the product 6i-1 * 10 * 6j-i-1 * 10 * 6k-j-1 * 10 * 616-k which you can work it out to be 16!/(3! * (16-13)!) * 103 * 6 13 = 16 * 15 * 14/(3 * 2) * 103 * 613 = 56 * 104 * 613 ~ 7.3 * 1015. Similarly for the third category we have the summation over i, j from 1 to 16 with i < j of 6 i-1 * 10 * 6j-i-1 * 10 * 616-j which equals to 16!/(2! * (16-14)!) * 102 * 614 = 2 * 103 * 615 ~ 9.4 * 1014. Again, for the fourth category we have the summation over i from 1 to 16 of 6i-1 * 10 * 616-i = 160 * 615 ~ 7.5 * 1013. And finally the amount of cases in the fifth category is given by the permutation of six elements (A to F digits) in a group of 16, that is, 616 ~ 2.8 * 1012.

I hope you followed the calculations up to this point, the hard part is done. Now as a proof that everything is right you can sum the number of cases in the 5 categories and see it equals the total number of possible cases we calculated before. Do the operations using 64 bit numbers or rounding (for floats) or overflow (for integers) errors won’t let you get the exact result.

Up to now we have calculated the number of possible cases in each of the five categories, but we are interested in obtaining the number of favorable cases instead. It is very easy to derive the latter from the former as this is just fixing the combination of the four decimal digits (or the required hexadecimal digits if there are no four decimal digits) of the PVV instead of letting them free. In practice this means turning the 10′s in the formula above into 1′s and the required amount of 6′s into 1′s if there are no four decimal digits. That is, we have to divide the first result by 104, the second one by 103 * 6, the third one by 102 * 62 , the fourth one by 10 * 63 and the fifth one by 64 . Then the number of favorable cases in the five categories are approximately 1.8 * 1015, 1.2 * 1012, 2.6 * 1011 , 3.5 * 1010, 2.2 * 109 respectively.

Now we are able to obtain what is the probability for a DES output to match a PVV by chance. We just have to add the five numbers of favorable cases and divide it by the total number of possible cases. Doing this we obtain that the probability is very approximately 0.0001 or one out of ten thousand. Is it strange this well rounded result? Not at all, just have a look at the numbers we calculated above. The first category dominates by several orders of magnitude the number of favorable and possible cases. This is rather intuitive as it seems clear that it is very unlikely not having four decimal digits (10 chances out of 16 per digit) among 16 hexadecimal digits. We saw previously that the relationship between the number of possible and favorable cases in the first category was a division by 10^4, that’s where our result p = 0.0001 comes from.

Our aim for all these calculations was to find out how many TSP-PVV pairs we need to carry a successful brute force attack. Now we are able to calculate the expected number of false positives in a first search: it will be the number of trials times the probability for a single random false positive, i.e. t * p where t = 2^56, the size of the key space. This amounts to approximately 7.2 * 10^12, a rather big number. The expected number of false positives in the second search (restricted to the positive keys found in the first search) will be (t * p) * p, for a third search will be ((t * p) * p) * p and so on. Thus for n searches the expected number of false positives will be t * p^n.

We can obtain the number of searches required to expect just one false positive by expressing the equation t * p^n = 1 and solving for n. So n equals to the logarithm in base p of 1/t, which by properties of logarithms it yields n = log(1/t)/log(p) ~ 4.2. Since we cannot do a fractional search it is convenient to round up this number. Therefore what is the expected number of false positives if we perform five searches? It is t * p^5 ~ 0.0007 or approximately 1 out of 1400. Thus using five TSP-PVV pairs is safe to obtain the true secret key with no false positives.

The attack

Once we know we need five TSP-PVV pairs, how do we get them? Of course we need at least one card with known PIN, and due to the nature of the PVV algorithm, that’s the only thing we need. With other PIN systems, such as IBM, we would need five cards, however this is not necessary with VISA PVV algorithm. We just have to read the magnetic stripe and then change the PIN four times but reading the card after each change.

It is necessary to read the magnetic stripe of the card to get the PVV and the encrypting key selector. You can buy a commercial magnetic stripe reader or make one yourself following the instructions you can find in the previous page and links therein. Once you have a reader see this description of standard magnetic tracks to find out how to get the PVV from the data read. In that document the PVV field in tracks 1 and 2 is said to be five character long, but actually the true PVV consists of the last four digits. The first of the five digits is the key selector. I have only seen cards with a value of 1 in this digit, which is consistent with the standard and with the secret key never being compromised (and therefore they did not need to move to another key changing the selector).

I did a simple C program, getpvvkey.c, to perform the attack. It consists of a loop to try all possible keys to encrypt the first TSP, if the derived PVV matches the true PVV a new TSP is tried, and so on until there is a mismatch, in which case the key is discarded and a new one is tried, or the five derived PVVs match the corresponding true PVVs, in which case we can assume we got the bank secret key, however the loop goes on until it exhausts the key space. This is done to assure we find the true key because there is a chance (although very low) the first key found is a false positive.

It is expected the program would take a very long time to finish and to minimize the risks of a power cut, computer hang out, etc. it does checkpoints into the file getpvvkey.dat from time to time (the exact time depends on the speed of the computer, it’s around one hour for the fastest computers now in use). For the same reason if a positive key is found it is written on the file getpvvkey.key. The program only displays one message at the beginning, the starting position taken from the checkpoint file if any, after that nothing more is displayed.

The DES algorithm is a key point in the program, it is therefore very important to optimize its speed. I tested several implementations: libdes, SSLeay, openssl, cryptlib, nss, libgcrypt, catacomb, libtomcrypt, cryptopp, ufc-crypt. The DES functions of the first four are based on the same code by Eric Young and is the one which performed best (includes optimized C and x86 assembler code). Thus I chose libdes which was the original implementation and condensed all relevant code in the files encrypt.c (C version) and x86encrypt.s (x86 assembler version). The code is slightly modified to achieve some enhancements in a brute force attack: the initial permutation is a fixed common steep in each TSP encryption and therefore can be made just one time at the beginning. Another improvement is that I wrote a completely new setkey function (I called it nextkey) which is optimum for a brute force loop.

To get the program working you just have to type in the corresponding place five TSPs and their PVVs and then compile it. I have tested it only in UNIX platforms, using the makefile Makegetpvvkey to compile (use the command “make -f Makegetpvvkey”). It may compile on other systems but you may need to fix some things. Be sure that the definition of the type long64 corresponds to a 64 bit integer. In principle there is no dependence on the endianness of the processor. I have successfully compiled and run it on Pentium-Linux, Alpha-Tru64, Mips-Irix and Sparc-Solaris. If you do not have and do not want to install Linux (you don’t know what you are missing you still have the choice to run Linux on CD and use my program, see my page running Linux without installing it.

Once you have found the secret bank key if you want to find the PIN of an arbitrary card you just have to write a similar program (sorry I have not written it, I’m too lazy that would try all 10^4 PINs by generating the corresponding TSP, encrypting it with the (no longer) secret key, deriving the PVV and comparing it with the PVV in the magnetic stripe of the card. You will get one match for the true PIN. Only one match? Remember what we saw above, we have a chance of 0.0001 that a random encryption matches the PVV. We are trying 10000 PINs (and therefore TSPs) thus we expect 10000 * 0.0001 = 1 false positive on average.

This is a very interesting result, it means that, on average, each card has two valid PINs: the customer PIN and the expected false positive. I call it “false” but note that as long as it generates the true PVV it is a PIN as valid as the customer’s one. Furthermore, there is no way to know which is which, even for the ATM; only customer knows. Even if the false positive were not valid as PIN, you still have three trials at the ATM anyway, enough on average. Therefore the probability we calculated at the beginning of this document about random guessing of the PIN has to be corrected. Actually it is twice that value, i.e., it is 0.0006 or one out of more than 1600, still safely low.

Results

It is important to optimize the compilation of the program and to run it in the fastest possible processor due to the long expected run time. I found that the compiler optimization flag -O gets the better performance, thought some improvement is achieved adding the -fomit-frame-pointer flag on Pentium-Linux, the -spike flag on Alpha-Tru64, the -IPA flag on Mips-Irix and the -fast flag on Sparc-Solaris. Special flags (-DDES_PTR -DDES_RISC1 -DDES_RISC2 -DDES_UNROLL -DASM) for the DES code have generally benefits as well. All these flags have already been tested and I chose the best combination for each processor (see makefile) but you can try to fine tune other flags.

According to my tests the best performance is achieved with the AMD Athlon 1600 MHz processor, exceeding 3.4 million keys per second. Interestingly it gets better results than Intel Pentium IV 1800 MHz and 2000 MHz (see figures below, click on them to enlarge). I believe this is due to some I/O saturation, surely cache or memory access, that the AMD processor (which has half the cache of the Pentium) or the motherboard in which it is running, manages to avoid. In the first figure below you can see that the DES breaking speed of all processors has more or less a linear relationship with the processor speed, except for the two Intel Pentium I mentioned before. This is logical, it means that for a double processor speed you’ll get double breaking speed, but watch out for saturation effects, in this case it is better the AMD Athlon 1600 MHz, which will be even cheaper than the Intel Pentium 1800 MHz or 2000 MHz.

In the second figure we can see in more detail what we would call intrinsic DES break power of the processor. I get this value simply dividing the break speed by the processor speed, that is, we get the number of DES keys tried per second and per MHz. This is a measure of the performance of the processor type independently of its speed. The results show that the best processor for this task is the AMD Athlon, then comes the Alpha and very close after it is the Intel Pentium (except for the higher speed ones which perform very poor due to the saturation effect). Next is the Mips processor and in the last place is the Sparc. Some Alpha and Mips processors are located at bottom of scale because they are early releases not including enhancements of late versions. Note that I included the performance of x86 processors for C and assembler code as there is a big difference. It seems that gcc is not a good generator of optimized machine code, but of course we don’t know whether a manual optimization of assembler code for the other processors (Alpha, Mips, Sparc) would boost their results compared to the native C compilers (I did not use gcc for these other platforms) as it happens with the x86 processor.

Update

Here is an article where these techniques may have been used.

http://redtape.msnbc.com/2008/08/could-a-hacker.html

3 Comments :access, algorithm, atm cards, attack, bank, Banking, bar, Card, conclusion, Credit, CVV, data, Debit, debit card, debit cards, DES, difference, easy money, EFT, Electronic, encryption, hack, Hacking, Internet, ISP, logarithm, magnetic stripe, Mall, Material, mathematics, money, permutation, personal ethics, php, Pin, probability, PVV, Reader, RSA, script, security, Shiraz, something, technique, technology, text, transaction, TSP-PVV, type, Verification, VISA, weak point more...

Financial Transaction Processing

by Derek on Jul.02, 2008, under Banking and EFTPoS

I have been recently working inside one of the larger Banks in Australia.
Through this work I have been looking at the controls and mechanisms surrounding the processing of credit and debit cards around the Asia Pacific.

I get perform many security architecture and payment systems assessments.
Over the years I have always considered the protection of the card data as one of the key considerations.

Until yesterday I had never seen an CVV or PVV decryption tools. I think some scripted use of these tools could be very interesting.
The site hziggurat29.com

Many of the other tools on this site are also very unique and worth a look.
Big thanks to ziggurat29 for providing such awesome tools.

As many of these sites are of this nature are difficult to find and often seem to vanish over the years, I have chosen to replicate the the text from this page and provide local copies on the files.
It is worth periodically visiting the ziggurat29 site every now and again to see if any additional tools have been posted.

One of the more extraordinary files is the Atalla Hardware Security Module (HSM)Â and BogoAtalla for Linksys emulation (simulation) tools. So I wonder if Eracom and Thales are shaking in their boots. Some how I don’t think so.

——– ziggurat29 Text ———

These are all Windows command-line utilities (except where noted); execute with the -help option
to determine usage.

DUKPT Decrypt (<- the actual file to download)

This is a utility that will decrypt Encrypted PIN Blocks that have been produced via the DUKPT triple-DES method. I used this for testing the output of some PIN Pad software I had created, but is also handy for other debugging purposes.

VISA PVV Calculator (<- the actual
file to download)

This is a utility that will compute and verify PIN Verification Values that have been produced using the VISA PVV technique. It has a bunch of auxiliary functions, such as verifying and fixing a PAN (Luhn computations), creating and encrypting PIN blocks, decrypting and extracting PINs from encrypted PIN blocks, etc.

VISA CVV Calculator (<- the actual file to download)

This is a utility that will compute Card Verification Values that have been produced using the VISA CVV technique. MasterCard CVC uses the CVV algorithm, so it will work for that as well. It will compute CVV, CVV2, CVV3, iCVV, CAVV, since these are just variations on service code and the
format of the expiration date. Verification is simply comparing the computed value with what you have received, so there is no explicit verification function.

Atalla AKB Calculator (<- the actual file to download)

This is a utility that will both generate and decrypt Atalla AKB cryptograms. You will need the plaintext MFK to perform these operations. When decrypting, the MAC will also be checked and the results shown.

BogoAtalla (<- the actual file to
download)

This is an Atalla emulator (or simulator). This software emulation (simulation) of the well-known Atalla Hardware Security Module (HSM) that is used by banks and processors for cryptographic operations, such as verifying/translating PIN blocks, authorising transactions by verifying
CVV/CSC numbers, and performing key exchange procedures, was produced for testing purposes. This implementation is not of the complete HP Atalla command set, but rather the just
portions that I myself needed. That being said, it is complete enough if you are performing acquiring and/or issuing processing functions, and are using more modern schemes such as Visa PVV and DUKPT, and need to do generation, verification, and translation.

This runs as a listening socket server and handles the native Atalla command set. I have taken some liberties with the error return values and have not striven for high-fidelity there (i.e., you may get a different error response from native hardware), but definitely should get identical positive
responses. Some features implemented here would normally require purchasing premium commands, but all commands here implemented are available. Examples are generating PVV values and encrypting/decrypting plaintext PIN values.

BogoAtalla for Linksys (<- the actual file to download)

This is the Atalla emulator ported to Linux and build for installation on an OpenWRT system. Makes for a really cheap ($60 USD) development/test device.

Local Files

bogoatalla002
atallaakbcalc
bogoatalla_10-1_mipsel
dukptdecrypt
visacvvcalc
visapvvcalc

26 Comments :algorithm, architecture, Australia, bank, BogoAtalla, Card, card verification, computations, Credit, CVV, data, Debit, debit card, debit cards, decrypt, decryption, decryption tools, DES, development, DUKPT, EFT, emulation, emulator, Eracom, financial transaction, hardware, hardware security, HSM, Linksys, Mall, mechanisms, payment, Pin, pin pad, processing, Protection, PVV, SAP, script, security, security architecture, server, Shiraz, simulation tools, SLA, SMS, technique, text, Thales, transaction, triple des, utility, Verification, VISA more...

E-Commerce Glossary

by Derek on Jun.18, 2008, under Banking and EFTPoS

Acquiring Institution
The Financial Institution which holds the Merchant Account partaking in a financial transaction, typically the first bank involved in the processing of a payment.

Applet
A small computer program which facilitates the performance of particular tasks.

Bandwidth
The capacity of a server to carry or process information. The higher the bandwidth the faster graphics-laden web pages will download.

Browser
Short for Web browser, a software application used to locate and display Web pages. The two most popular browsers are Netscape Navigator and Microsoft Internet Explorer. Both of these are graphical browsers, which means that they can display graphics as well as text. In addition, most modern browsers can present multimedia information, including sound and video, though they require plug-ins for some formats.

Caching
The automatic copying and storage of frequently used information onto a computer system â€“ Typically caching is seen whilst surfing the internet (graphics, etc.) and used by Internet Services Providers (ISPâ€™s) to reduce the amount of data requested from the user onto the internet.

Issuer
The Financial Institution which issued the cardholder’s account and card.

Cardholder
The individual participating in the financial transaction whose card is being credited or debited.

Card Verification Data
The additional information printed on the card to be processed. This is used to verify if the card was present when the transaction was initiated.Â This is the additional digits imprinted on the card usually on the reverse side for VISA & Mastercard and on the front for AMEX.

Certificate
An x.509 certificate used to authenticate entities such as Merchants and Payment Gateways. Certificates can be used to identify and/or encrypt sensitive data such as card numbers and personal cardholder information.

CGI
Common Gateway Interface: A protocol that allows a Web page to run a program on a Web server. Forms, counters, and guest books are common examples of CGI programs.

Any piece of software can be a CGI program if it handles input and output according to the CGI standard. Usually a CGI program is a small program that takes data from a web server and does something with it, like putting the content of a form into an e-mail message, or turning the data into a database query. CGI “scripts” are just scripts which use CGI. CGI is often confused with Perl, which is a programming language, while CGI is an interface to the server from a particular program.

Client
A computer or software that requests a service of another computer system or process (a “server”). For example, a workstation requesting the contents of a file from a file server is a client of the file server. A web browser is commonly referred to as a client.

Clients and Servers
In general, all of the machines on the Internet can be categorised as two types: servers and clients. Those machines that provide services (like Web servers or FTP servers) to other machines are servers. And the machines that are used to connect to those services are clients.

When you connect to Yahoo at www.google.com to read a page, Google is providing a machine (probably a cluster of very large machines), for use on the Internet, to service your request. Google is providing a server. Your machine, on the other hand, is probably providing no services to anyone else on the Internet. Therefore, it is a user machine, also known as a client. It is possible and common for a machine to be both a server and a client !

Cookie
A file sent by some web servers to your computer’s hard drive to enable you to quickly and easily return to particular sites. Cookies give rise to privacy concerns as they are often used to store information used for marketing purposes.

The main purpose of cookies is to identify users and possibly prepare customised Web pages for them. When you enter a Web site using cookies, you may be asked to fill out a form providing such information as your name and interests. This information is packaged into a cookie and sent to your Web browser which stores it for later use. The next time you go to the same Web site, your browser will send the cookie to the Web server. The server can use this information to present you with custom Web pages. So, for example, instead of seeing just a generic welcome page you might see a welcome page with your name on it.

CRN
The Customer Receipt Number (CRN) is used to assist the card holder, the payment gateway and the transaction acquirer to confirm the transaction has been processed and to track the transaction throughout the end-to-end transaction process. This is often used when making enquiries about a transaction or for transaction tracking.

Cybersquatting
Bad faith, abusive domain name registration. Cybersquatters register company and product names as domain names with a view to selling them at inflated prices to the â€œrightfulâ€ owners.

/CVC
The additional information printed on the card to be processed. This is used to verify if the card was present when the transaction was initiated.Â This is the additional digits imprinted on the card usually on the reverse side for VISA & Mastercard and on the front for AMEX.

Database
A collection of data: part numbers, product codes, customer information, etc. It usually refers to data organised and stored on a computer that can be searched and retrieved by a computer program.

Deep link
A hypertext link directly to a web page, often bypassing home pages or other identifying pages.

Digital Certificate
A pop up window that allows you to identify the level of encryption used to secure a particular web site.

Digital Signature
A complex numeric “signature” designed to be used, in conjunction with special software, to authenticate the sender of a message and guarantee that the contents of the message have not been altered during transmission to the recipient. The EU has adopted legislation which makes electronic signatures legally valid. The Electronic Transaction Bill (Cth) 1999 has the same effect in Australia.

Domain Name
The plain English name given to a host destination on the Internet, for example, www.madrock.net. The suffix, dot.com is known as the generic top level domain, the prefix madrock. The domain name forms part of the Internet Address or URL.

A name that identifies one or more IP addresses. For example, the domain name microsoft.com represents about a dozen IP addresses. Domain names are used in URLs to identify particular Web pages. For example, in the URL http://www.madrock.net, the domain name is madrock.net.

Download
To transfer information from one computer to your computer.

Dynamic web page
A web document that is created from a database in real-time or “on the fly” at the same time it is being viewed, providing a continuous flow of new information and giving visitors a new experience each time they visit the web site.

Dynamic web sites offer the user the ability to interact with the web site. This interaction can take place in the form of a search for products, a questionnaire that automatically posts results or online polls. Basically, dynamic web pages and content are generated from the input of the user.

EC
Electronic Commerce.

Often referred to as simply e-commerce, business that is conducted over the Internet using any of the applications that rely on the Internet, such as e-mail, instant messaging, shopping carts, Web services, and FTP, among others. Electronic commerce can be between two businesses transmitting funds, goods, services and/or data or between a business and a customer.

ECI
The Electronic Commerce Indicator (ECI), is used to determine the source of the original transaction request. This is a program that the banks have developed and have mandated itâ€™s use.

Electronic Data Interchange (EDI)
Systems set up by businesses, which facilitate the electronic exchange of information.

Encryption
The process of scrambling data to prevent it being viewed by unauthorized persons.

Expiry Date
The date printed on the card indicating when the card will expire. Not to be confused with the card issue date found on some cards.

Firewall
An electronic security barrier and/or traffic filter.

Forms
Forms are web pages comprised of text and “fields” for a user to fill in with information. They are an excellent way of collecting and processing information from people visiting a web site, as well as allowing them to interact with web pages. Forms are written in HTML and processed by CGI programs.

Frame
A means of dividing a web screen into a number of compartments. Frames may give rise to legal disputes if web sites created by third parties are framed as your own.

FTP servers
One of the oldest of the Internet services, File Transfer Protocol makes it possible to move one or more files securely between computers while providing file security and organisation as well as transfer control.

Fulfilment
1. Process of supplying goods after an order has been received.
2. Process of reacting to a customer’s request, covering everything that has to happen from the time the customer places an order until they are completely satisfied.

Host
Any computer on a network that provides services or information to other computers on the network. A host is also called a server.

Integration
The software and/or business processes which combine the Merchant’s (website, back office, etc.) order processing system with the EFT Network Electronic Payment System.

IP address
Every computer connected to the Internet is assigned a unique number known as an Internet Protocol (IP) address. Since these numbers are usually assigned in country-based blocks, an IP address can often be used to identify the country from which a computer is connecting to the Internet.

Gateway
A system allowing incompatible computer networks to send and receive information.

HTML (Hypertext Markup Language)
Language used to translate text documents into a form which can be sent over the web.

Hyperlink
A highlighted phrase in a document which permits linking to another document or part of a document.

Internet Content Host (ICH)
Those who host or propose to host content on the Internet. Anybody who is responsible for a web site, news group or bulletin board that contains articles, graphics or other internet content provided by others. The host may/may not also produce their own content and/or provide access to the Internet through a carriage service, ie they may also be an ISP.

Internet Service Provider (ISP)
A company that provides an Internet connection through some kind of Internet carriage service, for example Sprint, Chello Broadband, Telstra Bigpond, Adam Internet, Internode. ISP’s may/may not also be ICHs.

Mail servers
Almost as ubiquitous and crucial as Web servers, mail servers move and store mail over corporate networks (via LANs and WANs) and across the Internet.

Merchant account
This is an account set up with a bank to process credit card orders from customers.

Merchant
The entity receiving payments for goods and/or services.

Merchant Account
The merchant’s account into which transactions are credited or debited.

Merchant Server
The software installed on the Merchant’s web sites or back office system to enable real-time or batched processing of financial transactions.

Merchant Server Administrator
The individual(s) responsible for the maintenance of the Merchant Server, including issuing and importing merchant certificates.

MTL
Merchant Transaction Layer (MTL)

PAN
Primary Account Number (PAN) is the number printed on the customers card to reference the cardholder’s financial account. This is typically the card number.

Payment Gateway
The Payment Gateway provides a central point of contact/transaction switching with the banking network for the Merchant Server software or devices. The EFT Networks Payment gateway provides advanced integrated reporting, merchant integration services (Mainframe, Mini, Windows, UNIX, OS400, Desktop/Server, EFT PoS Terminals. Loyalty systems, etc.) and Merchant/Bank customised solutions not offered by regional or global banking institutions.

An online system for real-time charging of credit cards when a customer places an order. Normally requires a merchant account.

A common question from merchants is “Do we have to change banks to use payment gateways?”

The answer is NO!Â – All you need to do is open a merchant facility with one of the supported banks, EFT Networks can ensure you open the correct one for your transaction needs. The merchant facility is then linked to a nominated bank account for example: Bank of New Zealand, ANZ, St George Bank, NAB, Commonwealth, Westpac, Bank of America, Bank of Scotland, Barclay’s, Bank of Queensland, etc. The money is then transferred at the end of each day from your merchant account to your nominated account.

“Pretty Good Privacy”
A type of encryption program used to scramble data.

Portal
A site that gathers together many sites under a common branding, for example, Yahoo and Excite.

Private key
The password which permits information to be decoded in a public key encryption system.

Public key
The password which is used to send a secure message in a public key encryption system.

Secure Certificate
A document that is used to certify that a user or organisation is who they say they are. They contain information about who it belongs to, who it was issued by, expiry date and information that can be used to check out the contents of the certificate. It is as an important part of the SSL system for establishing secure connections.

Server
A computer that provides a service to other computers (known as clients) on a network.

Shopping cart
A shopping cart is a piece of software that acts as an online store’s catalogue and ordering process. Typically, a shopping cart is the interface between a company’s Web site and its deeper infrastructure, allowing consumers to select merchandise; review what they have selected; make necessary modifications or additions; and purchase the merchandise.

Shopping carts can be sold as independent pieces of software so companies can integrate them into their own unique online solution, or they can be offered as a feature from a service that will create and host a company’s e-commerce site.

Spam
The use of email or newsgroups to send unsolicited information.

SSL
Short for Secure Sockets Layer, a protocol developed by Netscape for transmitting private documents via the Internet. SSL works by using a private key to encrypt data that’s transferred over the SSL connection. Both Netscape Navigator and Internet Explorer support SSL, and many Web sites use the protocol to obtain confidential user information, such as credit card numbers. By convention, URLs that require an SSL connection start with https: instead of http:.

Letting your customers know that you have SSL protection gives your site credibility and may encourage customers to deal with you in confidence.

A security protocol used to protect information – typically used between the cardholder’s web browser and the merchant’s webserver and throughout the transaction processing process. 128bit SSL is typical used as a minimum level within the Payment & Financial industries.

A Secure Server uses an SSL certificate. It is generally a piece of web space that can only be dealt with by using SSL ensuring that data transferred between the web space and the browser is encrypted.

Static web page
In web site terms, static means web pages that are not interactive. Because the web site visitor does not have any control over the information provided, the pages and information do not change with each visit. There is not a two-way communication between the user (client) and the web site (server) in a static page.

Uniform Resource Locator (URL)
An Internet address.

Web page
A specific group of related files on the web, which is usually viewed as a single document.

Web servers
At its core, a Web server serves static content to a Web browser by loading a file from a hard disk and serving it across the network to a user’s Web browser. This entire exchange is mediated by the browser and server talking to each other using HTTP.

Web site
A collection of web pages stored on a file server.

1 Comment :access, account, acquirer, Australia, authenticate, bank, Banking, bar, Card, card verification, Commerce, common gateway interface, Corporate, Credit, data, Debit, DES, Digital, Dust, EFT, Electronic, encryption, Explorer, financial institution, financial transaction, IEC, integration, interface, Internet, ISP, Mall, Merchant, Microsoft, money, network, online, password, payment, payment gateways, Pin, privacy, processing, Protection, reporting, script, security, server, Shiraz, SLA, something, support, Telstra, text, transaction, transmission, type, Verification, verification data, VISA, web more...

Debbie and Torsten’s Fellas Shop

by Derek on May.17, 2008, under Environment & People

Debbie and Torsten own the Fellas Gifts at the West Lakes Mall in South Australia.

Drop in to say hi, or contact them via email or phone.

Fellas Gifts is a gift shop where ‘it’s easy to shop for men’!

We offer and extensive range of products including collectables, unique gifts, puzzle games, bar ware, sports memorabillia and supporter gear and more! We also have chess sets, hipflasks, figurines, boats and nautical products, games, clocks, barometers and various licensed products and garments (Holden, Ford Jim Beam, Jack Daniels, Harley Davidson, Coca-Cola etc.)

Fellas Gifts offers you an extensive range of products from over 150 suppliers.

Shop T55

West Lakes Mall

111 West Lakes Bouldevard,

West Lakes SA 5021

westlakes_at_fellas.com.au

Phone: (08) 8353 0966

Fax: (08) 8353 0977

http://www.fellas.com.au/store_locations.html

Leave a Comment :Australia, bar, Fella, Fellas, fellas gifts, figurines, Ford, garments, Gifts, Harley Davidson, Holden, Jack Daniels, Jim Beam, Mall, phone, Shiraz, something, sports memorabillia, support more...

Lethal Toxins Entering Your Body

by Derek on May.04, 2008, under Environment & People

I recently read an article in a magazine and was shocked to see some of the toxic dangers which modern living introduce. Australian Men’s Health April 2008, by Susan Casey, pg 87.

I thought I would expand on this article here as a method of analysing some of the things Kerry and I need to be careful of. I hope this also assists others in understanding some of these dangers.

“Except for the small amount that’s been incinerated every bit of plastic ever manufactured still exists”

Toxic Articles	Polycarbonate Bottles (marked with a #7 in a triangle)	Cling wrap and plastic takeaway containers (marked with a #7)	Polystyrene cups and takeaway containers (marked with a #6)	Fast-food containers (with waxy lining) and non-stick (Teflon) pans.	Polyvinyl chloride (PVC), used in vinyl flooring, shower curtains and car interiors.
Dangerous Ingredients	Bisphenol A (BPA), a synthetic oestrogen, which can leach into the bottleâ€™s contents when heated.span>	Phthalates, a probable human carcinogen and endocrine disruptor, can seep into food (especially fatty foods, such as delis meats and cheeses).	Styrene, a possible human carcinogen, can leah into the contents of the cup.	Perfluoro-octanoic acid (PFOA), a grease-repelling flourotelomer chemical and likely human carcinogen, can transfer from the waxy-plastic coating onto the food inside, especially at high temperatures.	Vinyl chloride is a known human carcinogen that gives off gas into the surrounding air, so itâ€™s inhaled instead of ingested.span>
Linked to	Prostate cancer, reduced sperm count and reproductive-organ abnormalities, according to US studies at the universities of Missouri, Chicago and Cincinnati.	Reproductive problems like undescended testes and low sperm count, reveal researchers at New Yorkâ€™s University of Rochester and the Centres for Disease Control and Prevention in the US.span>	Cancer, warn scientists at the US Environmental Protection Agencyâ€™s (EPA) Office of Research and Development and the World Health Organisationâ€™s International Agency for Research on Cancer.	Cancer, lung and kidney damage, according to studies at the EPA and Environmental Working Group in the US.	Cancer and liver damage, predicts both the EA and the Centre for Health and Environmental Justice in the US.
How to reduce your exposure	Pots, pans and bottles made from stainless steel are a non-toxic alternative. If youâ€™re using polycarbonate, keep it out of the dishwasher and replace it every 60 days or if itâ€™s scratched. Plastic releases toxins over tie when damaged or exposed to high heat.	Keep it out of microwave and dishwasher. Donâ€™t store fatty or acidic foods in these containers, rather use waxed paper and buy meat wrapped in paper from the butcher. If you use plastic-wrapped cuts, trim the edges off where the product touched the wrapping.an>	Never drink hot liquids out of polystyrene ups. Use paper ones (those without a wax lining) whenever possible or a ceramic coffee mug. If your takeaway comes in polystyrene, transfer it to ceramic dish or glass as soon as possible.	The best alternatives to drive-through and delivery are sit-down restaurants and home cooking. At home, never use Teflon-coated pans. If you own any, replace with non-toxic cookware made from copper, cast iron or stainless steel.	Use natural materials for home flooring. Buy a shower curtain made from hemp â€“ which lasts longer and is naturally mildew-resistant. New vinyl gives off aerial toxins at highly concentrated levels, so open windows to air spaces where this material is present.span>

These are also great articles:

http://www.seattlepi.com/local/326907_plastic09.html

http://www.bravenewleaf.com/environment/2008/02/updated-repeat.html

Leave a Comment :Australia, Australian, DES, development, environment, ISP, Kerry, Mall, Material, Pin, Protection, pvc, Restaurant, Shiraz, text, toxins more...

Bluetooth – Security

by admin on Mar.24, 2008, under Bluetooth

Redirected from Bluetooth

Source

1 Bluetooth
2 Wireless- History
3 Wireless- Technologies
4 Bluetooth- Technical Introduction
5 Bluetooth- Advantages
6 Bluetooth- Applications
7 Bluetooth- Security Issues
7.1 The SNARF attack
7.2 The BACKDOOR attack
7.3 The BLUEBUG attack
7.4 Bluejacking
7.5 Warnibbling
8 Future of Bluetooth
9 See also:
10 Reference List

Bluetooth

Bluetooth is a new technology that utilises radio frequency waves as a way to communicate wirelessly between digital devices. It sets up personal area networks that incorporate all of a persons digital devices into one system for both convergence and convenience.

Wireless- History

Many people put the invention of [wireless] radio down to Guglielmo Marconi, who in 1895 sent the first radio telegraph transmission across the English Channel. Only twelve years later radio began being used in the public sphere. [Mathias, p.2] Up until then however, many wireless pioneers conducted trials across lakes where the antenna used to transmit the signal was longer than the distance across the lake. [Brodsky, p. 3] After its introduction the main use of wireless radio was for military communications where its first use was for the Boer War. [Flichy, p. 103] The invention of broadcast radio ensured the feasibility of wireless technologies. [Morrow, p. 2] By the 1920s, radio had become a well-recognised mass medium. [Flichy, p. 111] From the 1980s until now, wireless communications have been through several stages, from 1G (analogue signal), 2G (digital signal) and 3G (always on, faster data rate). [Lightman and Rojas, p. 3] The history of Bluetooth is a much more recent one, with the first Bluetooth-enabled products coming into existence in 2000. Named after Harald Blatand the first, king of Denmark around twelve hundred years ago, who joined the Danish and Norwegian kingdoms, Bluetooth technology is founded on this same unifying principle of being able to unite the computer and telecommunication industr[ies]. [Ganguli, p. 5] In 1994 the Ericsson Company began looking into the idea of replacing cables connecting accessories to mobile phones and computers with wireless links, and this became the main inspiration behind Bluetooth. [Morrow, p. 10]

Wireless- Technologies

Bluetooth is not the only wireless technology currently being developed and utilised. Other wireless technologies, including 802.11b, otherwise known as Wi-Fi, Infrared Data Association (IrDA), Ultra- Wideband Radio (UWB), and Home RF are being applied to similar technologies that Bluetooth use with mixed results. 802.11 is the most well known technology, excluding Bluetooth, and uses the same radio frequency, meaning that they are not compatible as they cause interference with each other. 802.11 is being implemented into universities in the US, Japan and China, as well as food and beverage shops where they are being used to identify students and customers. Even airports have taken up the 802.11 technology, with airports all over America, and three of Americas most prominent airlines promoting the use of it. [Lightman and Rojas, p. 202-3] Infrared Data Association is extremely inferior to that of Bluetooth. Its limitations include only being able to communicate point-to-point, needing a line of sight, and it has a speed of fifty- six kilobytes per second, whereas Bluetooth is one megabyte per second. [Ganguli, p. 17] The Ultra- Wideband Radio is superior to that of Bluetooth in that it can transmit at greater lengths (up to 70 metres), with only half of the power that Bluetooth uses. [Ganguli, p.17] HomeRF is a technology that is not very well known. It is used for data and voice communication and targeted for the residential market segment and does not serve enterprise- class WLANs, public access systems or fixed wireless Internet access. [Ganguli, p.17-18]

Bluetooth- Technical Introduction

Bluetooth is a short- range radio device that replaces cables with low power radio waves to connect electronic devices, whether they are portable or fixed. The Bluetooth device also uses frequency hopping to ensure a secure, quality link, and it uses ad hoc networks, meaning that it connects peer-to-peer. It can be operated worldwide and without a network because it uses the unlicensed Industrial- Scientific Medical (ISM) band for transmission that varies with a change in location. [Ganguli, p. 25-6] The Bluetooth user has the choice of point-to-point or point-to-multipoint links whereby communication can be held between two devices, or up to eight. [Ganguli, p. 96] When devices are communicating with each other they are known as piconets, and each device is designated as a master unit or slave unit, usually depending on who initiates the connection. However, both devices have the potential to be either a master or a slave. [Swaminatha and Elden, p. 49]

Bluetooth- Advantages

There are many advantages to using Bluetooth wireless technologies including the use of a radio frequency, the inexpensive cost of the device, replacing tedious cable connections, the low power use and implemented security measures. The use of an unlicensed radio frequency ensures that users do not need to gain a license in order to use it. Unlike Infrared which needs to have a line of sight in order to work, Bluetooth radio waves are omnidirectional and do not need a clear path. The device itself is relatively cheap and easy to use, one can be bought for around ten American dollars, and this price is currently decreasing. Compare this to the expensive cost of implementing hundreds of cables and wires into an office and there is no competition. Of course, this is the main reason for the take -up in Bluetooth -enabled devices; it does away with cables. Another of Bluetooths advantages is its low power use, ensuring that battery operated devices such as mobile phones and personal digital assistants wont have their battery life drained with the use of it. This low power consumption also guarantees minimal interruption from other radio operated and wireless devices that operate at a higher power. Bluetooth has several enabled security measures that ensures a level of privacy and security, including frequency hopping, whereby the device changes radio frequency sixteen hundred times per second. Also within the security tools are encryption and authentification mechanisms that guarantee little interference by unauthorised hackers. [Ganguli, p. 330] One of the best advantages of Bluetooth devices, especially the hands free device that connects to a mobile phone, is that it removes radiation from the brain region. [Tsang, p.1]

Bluetooth- Applications

The applications that are in development or current use for the Bluetooth technology include such areas as automotive, medical, industrial equipment, output equipment, digital -still cameras, computers, and communications systems. [Lightman and Rojas, p. 201] Bluetooth is an ad hoc network user, and therefore it may be used for social networking, i.e. people can meet and share files or link their Bluetooth devices together to play games or other such activities. [Smyth, p. 70] Using Bluetooth, a mobile phone can become a three- way phone, where at home it connects to a landline for cheaper calls, on the move it acts as a mobile phone and when it comes in contact with another Bluetooth-enabled phone it acts as a walkie- talkie. This walkie- talkie option allows for free interaction and communication, as Bluetooth is not connected to any telecommunications network. [Gupta, p.1] Bluetooth also allows automatic synchronization of your desktop, mobile computer, notebook and your mobile phone for the user to have all of their data managed as one. [Gupta, p.1]

Bluetooth- Security Issues

Bluetooth has several threats which range in level of risk and how widespread the action is. These threats have the ability to provide criminals with sensitive information on both corporate and personal levels. The only way to avoid such threats is for manufacturers, distributors, and consumers to be provided with more information on how they are committed, current attack activity and how to combat them. This information can be used on a technical level for manufacturers, it can be used by distributors at retail levels to teach consumers the risks and it can be used directly by consumers to be aware of the threats. The outcome of such research will allow end users of Bluetooth products to have an upper hand in this wireless warfare. Bluetooth security is in early stages with regards to both the attackers, their techniques and consumers understanding of these attacks. Some research has been conducted into what the attackers are doing and how they do it. Adam Laurie of A.L Digital Ltd http://www.thebunker.net/release-bluestumbler.htm is leading the research race in Bluetooth security and is often linked to academic resources. Laurie’s research has uncovered the following capabilities of Bluetooth attacks:

Confidential data such as the entire phone book, calender and the phone’s IMEI.
Complete memory contents of some mobile phones can be accessed by a previously trusted (“paired”) device that has since been removed from the trusted list.
Access can be gained to the AT command set of the device, giving full access to the higher level commands and channels, such as data, voice and messaging.

Attacks on Bluetooth devices at this stage are relatively new to consumers, and therefore are not widely seen as a real threat. Attacks such as the Bluejack attack are probably more recognised by consumers due to its perceived humorous and novelty nature as well as the ease to Bluejack someone. Users who allow their phone to be Bluejacked open the door to more serious attacks, such as the Backdoor attack which have a low level of awareness amongst consumers as attackers can attach to the device with out the users knowledge. Corporations are starting to understand the risks Bluetooth devices pose, Michael Ciarochi (in Brewin 2004) stated that ‘Bluetooth radios were included in laptop PCs that were being configured by an IT Engineer. It raises the possibility of opening a wireless back door into data stored on the PCs. Such a security weakness would be extremely attractive to hackers. Although Bluetooth invites hackers to such attacks; Bluetooth Venders are playing down the risks, Brewin (2004) said that ‘Bluetooth advocates last week dismissed growing security fears about the short-range wireless technology, saying any flaws are limited to a few mobile-phone models. They also detailed steps that users can take to secure Bluetooth devices’. There are many methods of Bluetooth attacks, the Snarf, the Backdoor, Bluebug, Bluejack and Warnibbling attack are the only recognised attacks at this early stage. Below are explanations of such attacks.

The SNARF attack

It is possible for attackers to connect to the device without alerting the user, once in the system sensitive data can be retrieved, such as the phone book, business cards, images, messages and voice messages.

http://www.salzburgresearch.at/research/gfx/bluesnarf_cebit2004.pdf

Local Copy: BlueSnarf_CeBIT2004.pdf

The BACKDOOR attack

The backdoor attack is a higher concern for Bluetooth users; it allows attackers to establishing a trust relationship through the “pairing” mechanism, but ensuring that the user can not see the target’s register of paired devices. In doing this attackers have access to all the data on the device, as well as access to use the modem or internet; WAP and GPRS gateways may be accessed without the owner’s knowledge or consent.

The BLUEBUG attack

This attack gives access to the AT command set, in other words it allows the attacker to make premium priced phone calls, allows the use of SMS, or connection the internet. Attackers can not only use the device for such fraudulent exercises it also allows identity theft to impersonate the user.

Bluejacking

Dibble (2004) explained that ‘Just as SMS was spawned, there’s a new craze that’s spreading across parts of Europe. Reportedly, it’s more prominent in the UK, but popular elsewhere too’. Bluejacking allows attackers to send messages to strangers in public via Bluetooth. When the phones ‘pair’ the attacked can write a message to the user. Although it may seem harmless at first, there is a downside. Once connected the attacker may then have access to any data on the users Bluetooth device, which has obvious concerns. Powell (2004: 22) explained that ‘Users can refuse any incoming message or data, so Bluejackers change their username to a short barb or compliment to beat you to the punch. For example, you might receive something along the lines of “Incoming message from: Dude, you’ve been Bluejacked.” Or, “Incoming message from: ROI is overrated.” Bluejacking is regarded as a smaller threat to Bluetooth as users being attacked are aware they have been Bluejacked. This does not mean however that they are aware that sensitive information is being accessed and used in a malicious manner.

http://www.bluejackq.com/

Warnibbling

Warnibbling is a hacking technique using Redfang, or similar software that allows hackers to reveal corporate or personal sensitive information. Redfang allows hackers to find Bluetooth devices in the area, once found, the software takes you through the process of accessing any data that is stored on that device. Redfang also allows non-discoverable devices to be found. Whitehouse explains when testing Redfang ‘One of the first obstacles we had to overcome was the discovery of non-discoverable devices (it was surprising to see the number of devices that dont by default implement this security measure)’. http://www.atstake.com/research/reports/acrobat/atstake_war_nibbling.pdf

Future of Bluetooth

Further information, and somewhat speculation is required for consumers and Bluetooth stakeholders on the future of Bluetooth. Such information will provide a clearer understanding of why security of Bluetooth must be improved. Luo and Lee (2004) provide a short term prediction of where Bluetooth is heading, Europe and Asian countries already offer electronic newspapers, subway tickets, and car parking fees via wireless devices. Collins (2003) says that Bluetooth devices ‘appear to be more secure than 802.11 wireless LANs. However, this situation may not last, as the Bluetooth technology becomes more widespread and attracts greater interest from the hacking community’.

http://www.arraydev.com/commerce/jibc/0402-10.htm

Reference List

Brodsky, I. (1995) Wireless: The Revolution in Personal Telecommunications, Massachussetts, USA: Artech House Inc, ISBN 0890067171 (Erin Watson)
Collins, G. (2003) Bluetooth Security. Byte.com [Online], Available: Acade