For those of you whom are buying Acekard 2i's for the holidays, remember you need to flash the firmware using an older NDS or NDS Lite before you can use it in a NDSi.

It is not obvious on most forums, especially with some of them in other languages, but the NDSi was recently (like Sept/Oct) updated to a firmware v1.4. Newer NDSi come out of the box with this version of the firmware as well.This update is to prevent devices like the Acekard 2i from working.

The Acekard 2i is a good option for NDSi, but the current shipped firmware on the Acekard 2i does not support v1.4 of the NDSi firmware. So, you must update but the only way to do this is to do it on a NDS or NDS Lite. Afterward, you will see a Danny Phantom application for the Acekard 2i on the NDSi. All is good once you execute the app. though.

I did the following to get my AK2i card working in an NDSi...

0. Extracted contents of this file to the SD card. This will create an __aio directory.
1. Extracted the updated loader to the __aio/loaders directory on the SD card.
2. Extracted the updated firmware (.nds file) to the root of the SD card.
3. Put the AK2i card in a NDS or NDS Lite and update the firmware using the file you extracted in step 2 above.
4. Use AK2i card in any NDS [Lite|i].

Another good HOWTO.

Merry Yule and blessed be.

Recently, while looking over wireless security of various vendors and products, I noticed the large amount of 2WIRE routers used by residential customers of Bellsouth/AT&T. Looking over the documentation for these routers shows that the default WEP/WPA key is a 10 digit numeric key which on a barcode on the outside of the device.

Cracking 2WIRE router using WEP is trivial using aircrack-ng but cracking a device using WPA[2] meant that I needed a dictionary containing one of possible 10 digit keys which could be used. I created a small PERL script to generate a dictionary...

#!/usr/bin/perl
for(my $i = 0; $i < 9999999999; $i++) print sprintf("%010d\n", $i);


You then use this code to generate file, which is compressed, like so...

./10digits.pl | bzip2 -zc > 2wire.keys.bz2

So, standard WPA dictionary cracking would work fine using this dictionary, but it is very slow due to the size of the generated file. Well, coWPAtty can be used instead to generate a "rainbow-table" for a given ESSID.

genpmk -s 2WIRE123 -f 2wire.keys -d 2WIRE123.hash

This will generate a large file as well, in coWPAtty format, but the cracking stage will be much, much faster. Of course, you will need to know the ESSID of the 2WIRE router you are trying to crack the key for, but this is stupid easy to get as well if it is hidden.

Latz
-MikeD

So, the Whitehouse today released a list of protections they are aiming to have in the healthcare reform bills moving through both houses of Congress. Immediately, I am a little upset that there is no mention of a public option. I guess this would have been worded something like "guaranteed coverage for everyone". Unfortunately, looking over the list, they are instead looking to reform insurance companies rather than get rid of them which will mean that profits will still be the number one issue in healthcare for many years to come.

Many D's looking for something to happen this year are going to feel a little sore in a couple of years. R's and conservative D's, once in power again, are going to pounce on the opportunity to remove these provisions much like they did for the banking industry over the past 20-30yrs.

A couple of other notes I wanted to make...

1. No Discrimination for Pre-Existing Conditions.
This is supposed to be illegal now, but they can and do "discriminate" even if they do not call it that. Insurance companies say you "lied" or mislead them when signing up for service. I do not think this will change much really as long as companies are still allowed to operate.

2. No Exorbitant Out-of-Pocket Expenses, Deductibles or Co-Pays.
We all know how long this will last...don't we? The next pro-insurance party/group who gains control in Congress will raise these proposed minimums albeit very quietly...much like the Drug Act did during the Bush Admin.

3. No Cost-Sharing for Preventive Care.
I like this idea, but I can see how the insurance companies will get around it by simply stating that some procedure or technique is not "proven" to help prevent a said disease. They do this now for just about any treatment a doctor prescribes for Autism (i.e. speech therapy). What would stop them from stating the same for preventative care options.

4. No Dropping of Coverage for Seriously Ill
And who will stop them from dropping you because they think you will get "seriously ill" at some point in the future? They can "discriminate" by saying you did not fill out the right form or state you were 10pds over weight or, even more common, had a yeast infection.

I will not go over every item, but we can see that we are basically allowing the insurance companies to have more time to buy off more politicians and get most, if not all, of these provisions removed in the future. Profits are still running the healthcare system and until that changes, there will be a largely poor and unorganized part of the US society which will be uninsured and on the verge of possible bankruptcy.

The only real solution is a single-payer system. In absence of a single-payer system, a public option showed some promise to at least bring about a single-payer system at some point. But, neither are mentioned now and I am really worried that we are just putting off the fight again instead of tackling it and solving this issue for good.

-MikeD

I posted a couple new wallpapers I created. The first is of Dublin, Ireland looking West from Liffey St. bridge. The second is from a recent trip to Boulder, CO.

Preview/Download Boulder, CO

Preview/Download Dublin, Ireland

-Enjoy. MikeD

For anyone looking to upgrade their domain to 2008, you will need at some point to use RSAT. I found out quickly that they have this tool for Vista, but it was harder to find one for Windows 7. I use VMs, so running Vista is too much of a hog for me.

Anyway, I did happen to come across a link to download RSAT for Windows 7 (beta) within the MSDN blogs and thought I should post it here. Don't worry about the beta tag in the link, it also worked on my Windows RC1 install.

Latz.
-MikeD

A recent opinion from the CA Supreme Court with regard to Prop 8 is on my server as a mirror. You can view it here.

Latz.
-MikeD

So, I use a script to grab weather updates for conky. Unfortunately, the text on the advisories can be too long and ruin the formatting.

So, I needed to make a XSLT modification to the weather.xslt file, on line 56...
</xsl:text><xsl:value-of select="substring(/weather/swa/a/t, 0, 50)"/>

Basically, we just use the substring function to only show the first 50 characters of the advisory. Thought this would be of use to some.

Latz.

I am working on a tool for use in scanning a php.ini file for common security issues. In the plans are also to report some information like the memory sizes and max upload/post sizes.

Until then, if you have ever had an issue reviewing Javascript, this place may help you out. If you are like me, I absolutely hate one-liner .js files. This place does not transcribe obfuscated Javascript, but it does a great job of making readable JS, more readable. Especially good for security auditors.

You can also use the PERL module JavaScript::Beautifier which can be installed via CPAN.

Latz

Got the new site design finally up and running. Incorporating the picora framework, heavily coded, and a theme subsystem which I think is quite nice. This will allow me to develop other themes and designs and more quickly develop modules for the site as needed.


Some things are still under development, so please bare with me for a couple of days. I also need to change some external links for things like the WindowMaker themes.


Enjoy! -Mike