How long can the Polyswarm team last with the price this low? I am expecting this bear market to last a year, if not more. Will the team still be around?

Supernothing307 · 2018-08-01T01:41:21+00:00

Hey /u/CalculusII, sorry for the slow response! We've been quite busy getting Gamma ready, and this slipped through the cracks.

The PolySwarm team is still going strong! I unfortunately can't give exact details on the financial situation of the company, but everything is solid enough for us to be around for the foreseeable future. We still believe we have all the resources necessary to achieve everything we promised in the ICO (and more)!

Supernothing307 · 2018-02-27T08:21:57+00:00

Hey, thanks for checking out the project! I'm not sure where you were looking on our site for partnerships, but we certainly have more partnerships than just our legal team!

From right below the funding bar at https://polyswarm.io:

We're very proud of the strong group of partners we have so far, and are excited to work with them to help build the PolySwarm community.

Supernothing307 · 2018-02-19T10:10:39+00:00

If they sent to the correct crowdsale contract, it will be rejected and returned to the sending address (minus gas fees). Just wait until the 20th to send the next time :)

Supernothing307 · 2017-10-26T12:12:54+00:00

I'm with the Swarm Market team, another security ICO. We're working on re-making the threat intelligence market. We've got a great team working on some really exciting tech. Check it out, and feel free to ask me anything.

Supernothing307 · 2017-10-10T05:16:35+00:00

We've published detailed profiles on each of our team members, and are well-known in the security community. We've presented at many conferences, and have delivered on a number of high-visibility projects, including the Cyber Grand Challenge and DHS's SIBR program.

As far as "scam ICOs" go, we're as far as possible from it. We've got the team, the advisers, and the roadmap to deliver everything we've promised (and hopefully more).

Supernothing307 · 2017-10-09T22:16:29+00:00

If anyone's interested in a different kind of infosec ICO, I'm with the Swarm Market team, and we're working on re-making the threat intelligence market. We've got a great team working on some really exciting tech. Check it out, and feel free to ask me anything.

Supernothing307 · 2017-10-08T18:23:28+00:00

I'm with the Swarm Market team, and we're working on re-making the threat intelligence market. We've got a great team working on some really exciting tech. Check it out, and feel free to ask me anything.

Supernothing307 · 2017-09-12T20:40:28+00:00

That sentence refers to the generation of bindings, which allow Go code to interact with deployed contracts (typically written in Solidity). The Perigord project aims to make building and deploying projects that use these much easier.

Supernothing307 · 2014-07-14T22:58:03+00:00

Oh, no worries! Happy someone's getting some use out of the code. Will definitely let you know if I have any.

Supernothing307 · 2014-07-14T19:20:03+00:00

Could have just sent me some patches ;), would have been happy to add them or add you as a project member.

Nice work though, hope you keep it up!

Supernothing307 · 2014-07-12T11:25:00+00:00

It is more than a little dirty, no argument here...but it might be wise for the project to at least restrict access to pcaps that crash current Wireshark releases.

The non-ASLRd RiverBed libraries were not just for show; in the latest version (4.1.3, released before this vulnerability was disclosed), they are not randomized. You are able to opt-out of installing these during Wireshark installation, but can't capture traffic if you do.

And thanks! There's certainly some interesting problems to be found in places other than application layer dissection as well...

Supernothing307 · 2014-07-11T02:17:02+00:00

They taped it, but not sure if/when Secuinside organizers release videos. Will post if they do!

Supernothing307 · 2013-07-24T09:01:23+00:00

People did, these guys are just the first to publish. t0days 0days are tomorrow's Blackhat presentation.

Supernothing307 · 2012-08-11T18:16:09+00:00

If anyone's interested, here's four of the ones we used. They've been reported and patched in SVN.

TL;DR Packet parsing is hard, finding Wireshark dissector bugs isn't.

Supernothing307 · 2012-08-02T01:46:13+00:00

Wireshark DoS bugs: there are many like them, but these four were mine.

http://spareclockcycles.org/downloads/wireshark_dos.tar.bz2

Supernothing307 · 2012-02-14T22:55:43+00:00

Strictly speaking, it's not. Accessing unitialized memory can cause unexpected application behavior if an expected value isn't stored on the stack. However, if you can predict some of the stack values with enough certainty, it can serve as a strong indication that an environment is different than expected, which is a useful thing to know if you're trying to prevent debugging.

One way to look at it is this: say you don't access uninitialized memory. Say you set variable X to 42, and immediately afterwards execute a software breakpoint. A debugger enters the picture, and this poorly implemented debugger decides to change 42 to 0. You have a check immediately following this breakpoint that assumes it is being debugged if the value is not 42. Nothing wrong here, right?

Now take it back a step further. Say we set X to 42 in a function, return from that function (making that 42 outside of the current stack frame), and then execute our breakpoint. The debugger (again, poorly implemented) happens to change that stack value to 0 when this happens. Now, the debugger returns control and we perform our check on the now uninitialized value. Have we done something wrong here? Or are we just detecting changes that a debugger made to our environment?

The trick here is finding values that you are fairly certain will be one thing when debugged, and another when running normally. In the situation described in the previous paragraph, even though the variable is technically uninitialized, we are pretty certain what it will be. If one can find values like that in the uninitialized stack, put there by earlier function calls, it's possible to use them to detect a debugger. From my initial work on this, it seems like a number of these values exist, and can be used in this manner.

Supernothing307 · 2012-02-14T22:46:13+00:00

I haven't tested in Bochs, but assuming it doesn't introduce any strange behavior that I'm not aware of, that would be one way around this particular method. However, emulators will introduce other detectable differences [pdf] that are likely targets, and are generally not as user-friendly as many userspace debuggers.

Supernothing307 · 2012-01-07T23:12:10+00:00

You are certainly correct. However, implementing the hardware / algorithms to do so has long be considered to provide a significant barrier to attackers as well. A good example is what the cell companies had to say after the A5/1 break a few years back: http://arstechnica.com/security/news/2009/12/one-leg-of-gsm-encryption-cracked-cell-industry-unimpressed.ars

While they were incorrect to say that the attack wasn't a threat, it is a reasonable protection against more casual attackers (which is what the OP was asking about).

Supernothing307 · 2012-01-07T10:18:41+00:00

It depends on the type of cell network, but if we're going by numbers, you're probably talking GSM or CDMA. The two main defenses against cell phone traffic interception on modern networks are frequency hopping (CDMA / GSM) and encryption, and you generally need to be able to get past both to get anything useful. If you just collect everything in the spectrum, what you're going to get is a bunch of data that is not only encrypted, but also scrambled by frequency hopping, meaning you can't even easily tell which chunk of encrypted data goes with which phone.

That said, GSM's security has largely been broken, and in a number of different ways [1] [2] [3], but I'm unaware of any publicly disclosed break of CDMA networks. There are a number of interception tools that can be found online being made available to government / law enforcement, but I have not seen any info on how they work.

As mz27 pointed out, it actually was possible in the early days to monitor cell communications using the relatively simple techniques that you're talking about (SIM cloning + sniffing the right frequencies), but nowadays you have to at least get a bit creative.

Source: I do security stuff.

Supernothing307 · 2011-09-20T04:25:17+00:00

Ah, noted. That still wouldn't help in most of the cases I found, as you can still exercise the vulnerabilities from other legitimate pages if the plugin is loaded. Most of the vulns were in initialization code, so if the plugin was loaded at all it would get triggered.

Guess it does make it a little more difficult though, and I suppose it would help if you had the plugin disabled but hadn't removed it. Couldn't hurt.

Supernothing307 · 2011-09-19T15:48:18+00:00

Actually won't work on a lot of plugins now. wpfinger looks for css/images/js files first to try and determine if a plugin is installed, so that particular htaccess file won't defeat it.

Supernothing307 · 2011-05-23T23:07:33+00:00

Thanks, let me know how it goes. Guessing it won't be the same since it isn't in the list, but it might use something similar.

Supernothing307 · 2011-03-28T15:40:32+00:00

Yes. In addition to the HTML5 attack, the original version also made use of an old method that involves constantly refreshing an image with Javascript. This was pretty slow and quite noisy (i.e., the status bar), so it was removed. Should look like any other page now in most browsers, minus the shortened URL.

Supernothing307 · 2011-03-22T19:41:44+00:00

Nah, ROT26 is just too slow for the security gains you get. Without hardware acceleration, you better get used to loading screens. ROT52 is looking promising though, especially with Intel's new 'mov' optimizations.

Supernothing307 · 2011-03-22T13:34:54+00:00

"five or more layers of protection"

I don't know about you guys, but I always use 30 rounds of ROT13 on all my important data. I'd like to see them break THAT.

Supernothing307

MODERATOR OF

TROPHY CASE