A NullPointer

Posted on by
4

Well if you have been on my twitter stream, you would know that i had an issue with a NullPointerException getting thrown in a Java program.

The program was part of a quick and dirty proof-of-technology or PoT. The aim here was to have a program listen to the events from a broker and based on the events the program was required to get the details from the broker environment. The events that were of interest to me where create, update and delete.

The standalone program was structured like this:

The initialize() function returns a broker connection object and is used by the retrieveDetails() function to get the details from the broker.

The program worked perfectly for update and delete events. But when the create event was triggered the broker object was unable to get the details. It always returned null thus throwing the NullPointerException.

Well the solution to this was to create a new broker object within the retrieveDetails() function if the event is create. And it worked.

I have no idea why it didn’t work the way it was designed initially. It might be because the broker object was already created before the create event. But that could not be the reason as the broker object is only used to retrieve the details about the flow from the deployed broker and doesn’t really hold any information. It is similar to the database connection object which is used to query the details from the database.

0

The impressive Black Sunday Hack

Posted on by
Reply

I read about the Black Sunday Hack for the first time on Coding Horror and has remained one of my all time favorite reads. Jeff Atwood has his own style of writing and rarely quotes articles the way they are unless the original article is impressive enough. He quoted the original Slashdot article entirely. Let me too do the same.

This article about the Black Sunday Hack, still remains to date as one of the most impressive hacks i have ever come to know. Here is the original Slashdot article:

“Allow me to give you some background.

“One of the original smart cards, entitled ‘H’ cards for Hughes, had design flaws which were discovered by the hacking community. These flaws enabled the extremely bright hacking community to reverse engineer their design, and to create smart card writers. The writers enabled the hackers to read and write to the smart card, and allowed them to change their subscription model to receive all the channels. Since the technology of satellite television is broadcast only, meaning you cannot send information TO the satellite, the system requires a phone line to communicate with DirecTV. The hackers could re-write their smart cards and receive all the channels, and unplug their phone lines leaving no way for DirecTV to track the abuse. DirecTV had built a mechanism into their system that allowed the updating of these smart cards through the satellite stream. Every receiver was designed to ‘apply’ these updates when it received them to the cards. DirecTV applied updates that looked for hacked cards, and then attempted to destroy the cards by writing updates that disabled them. The hacking community replied with yet another piece of hardware, an ‘unlooper,’ that repaired the damage. The hacker community then designed software that trojanized the card, and removed the capability of the receivers to update the card. DirecTV could only send updates to the cards, and then require the updates be present in order to receive video. Each month or so, DirecTV would send an update. 10 or 15 minutes later, the hacking community would update the software to work around the latest fixes. This was the status quo for almost two years. ‘H’ cards regularly sold on eBay for over $400.00. It was apparent that DirecTV had lost this battle, relegating DirecTV to hunting down Web sites that discussed their product and using their legal team to sue and intimidate them into submission.

“Four months ago, however, DirecTV began sending several updates at a time, breaking their pattern. While the hacking community was able to bypass these batches, they did not understand the reasoning behind them. Never before had DirecTV sent 4 and 5 updates at a time, yet alone send these batches every week. Many postulated they were simply trying to annoy the community into submission. The updates contained useless pieces of computer code that were then required to be present on the card in order to receive the transmission. The hacking community accommodated this in their software, applying these updates in their hacking software. Not until the final batch of updates were sent through the stream did the hacking community understand DirecTV. Like a final piece of a puzzle allowing the entire picture, the final updates made all the useless bits of computer code join into a dynamic program, existing on the card itself. This dynamic program changed the entire way the older technology worked. In a masterful, planned, and orchestrated manner, DirecTV had updated the old and ailing technology. The hacking community responded, but cautiously, understanding that this new ability for DirecTV to apply more advanced logic in the receiver was a dangerous new weapon. It was still possible to bypass the protections and receive the programming, but DirecTV had not pulled the trigger of this new weapon.

“Last Sunday night, at 8:30 pm est, DirecTV fired their new gun. One week before the Super Bowl, DirecTV launched a series of attacks against the hackers of their product. DirecTV sent programmatic code in the stream, using their new dynamic code ally, that hunted down hacked smart cards and destroyed them. The IRC DirecTV channels overflowed with thousands of people who had lost the ability to watch their stolen TV. The hacking community by and large lost not only their ability to watch TV, but the cards themselves were likely permanently destroyed. Some estimate that in one evening, 100,000 smart cards were destroyed, removing 98% of the hacking communities’ ability to steal their signal. To add a little pizzazz to the operation, DirecTV personally “signed” the anti-hacker attack. The first 8 computer bytes of all hacked cards were rewritten to read “GAME OVER”.  

The hacker Christopher Tarnovsky was the man behind the whole counter-attack. Also watch the impressive video.

0

Story of the Most Menacing Malware in History

Posted on by
Reply

I always believe that a true passionate hacker will go to the end of the world (or /dev/null ) just to understand why something is happening or to find a good explanation.

These engineers did exactly the same. They went beyond what they did everyday just to put a logical reason to something.

“…What the inspectors didn’t know was that the answer they were seeking was hidden all around them, buried in the disk space and memory of Natanz’s computers. Months earlier, in June 2009, someone had silently unleashed a sophisticated and destructive digital worm that had been slithering its way through computers in Iran with just one aim — to sabotage the country’s uranium enrichment program and prevent President Mahmoud Ahmadinejad from building a nuclear weapon…”

Read Wired article: How Digital Detectives Deciphered Stuxnet, the Most Menacing Malware in History

This is the most captivating article since the article about the Black Sunday Hack and the hacker, Christopher Tarnovsky, who was behind it. About that in my next post.

0

Samsung Galaxy S running Darky’s ROM

Posted on by
Reply

After Allajunaki decided not to leave my ass unless and until i flash my Galaxy S, i decided to give it a go.

Finally after almost 16hrs of nonstop flashing, reflashing, getting into reboot cycles and testing couple of ROMs, i settled with Darky’s ROM. Here are my phone running Darky’s ROM.

Here are the steps - [ODIN] Darky’s Resurrection Edition 10.1 (GT-I9000 ONLY for now)

Now waiting for my wife’s android phone to arrive… so that i can flash that too muhaha

0