Archive for June, 2011


The oldest domain names on the internet

Filed Under: history
Jun.24, 2011

I recently came across a list of the first hundred domain names that were registered on the internet.  As cool as it was, there was not a lot of information first off and second, I was curious about how many were still relevant to their original purpose.  For sake of your attention span, I’m going to focus on the first ten names that were ever registered:

1. 15-Mar-1985 SYMBOLICS.COM Hmmm, sounds kind of familiar but I don’t even recall why.   When you go there today, it’s a parking page that acknowledges that it was the first registered name and states, “We are seeking to develop this into a useful and beneficial organization for the betterment of humanity.”
2. 24-Apr-1985 BBN.COM Never heard of this one.  Now it’s a redirect to www.cdl.com which is a Singapore-based real estate conglomerate.
3. 24-May-1985 THINK.COM This one now points to www.thinkquest.com which is owned by oracle.  At a glance, it’s a bit unclear what their purpose is.  I have to wonder why point such a valuable domain at something like this and not explain it’s purpose a bit better.
4. 11-Jul-1985 MCC.COM Clearly another wasted historical domain.  This one points to www.stimulusgrantapproval.com
5. 30-Sep-1985 DEC.COM Here is the first one that I legitimately and fondly remember.  DEC was the maker of the Alpha family of processors and MANY other innovations before them.  In their final days, the DEC Alphas were affordable desktop supercomputers.  Affordable should have an asterisk because even the clones I was building in 1997 were roughly $10k but that’s another story.  Unfortunately for the computing world, DEC sold out to Compaq in the late nineties only to be later dissolved by HP which is where the domain now points.
6. 07-Nov-1985 NORTHROP.COM This is just a redirect for Northrop-Grumman, a sloppy and nasty redirect at that.  Click the link to see what I mean.
7. 09-Jan-1986 XEROX.COM Aha!  Here’s the first domain name on the entire list that is A) still relevant B) doesn’t redirect to another URL. 
8. 17-Jan-1986 SRI.COM “SRI International is an independent, nonprofit research institute conducting client-sponsored research and development for government agencies, commercial businesses, foundations, and other organizations. SRI also brings its innovations to the marketplace by licensing its intellectual property and creating new ventures.” At least they appear to be the original domain owner.  Oddly, there is ANOTHER SRI which is also a research organization who owns the .org.
9. 03-Mar-1986 HP.COM Love ‘em or hate ‘em, HP has been around and on the internet for a long time.  This is the second out of all ten domains that still actually points to the same place it always has and is still the same company with the same purpose as in 1986.
10. 05-Mar-1986 BELLCORE.COM Bellcore redirects to www.telcordia.com/.

So out of 10 domains, 3 of them still point to the sites they were originally registered to.  Seems like a bit of a waste to me.

read more

Find my iPhone

Filed Under: security
Jun.09, 2011

I was listening to a comedy podcast and one of the guys told this awesome story about how he got his iPad back from someone who stole it at a super market.  One of the OTHER guys on the show had just lost his iPhone a couple of weeks before that and lamented about how he wished he had set up a program to track it’s location.  Luckily, after that event, everyone else on the show enabled Apple’s free app “Find my iPhone”.  Find my iPhone works on any newer iDevices such as ipads, 4th gen iPod Touches and 3g+ iPhones.

Enabling it is simple.  You go and download the free app from the app store.  Then you enable a mobile me account which seems partially deprecated but is still used for this service.  To enable it, you go into settings -> mail, contacts -> add account -> mobile me.  You then sign in with you Apple ID.  At that point, you may or may not be required to confirm your email address.  After all that, you slide a switch to enable find my iphone.

When all that is done, you can sign into the app and track the device you are on, which is pretty useless or you can track any other devices that you have access to track.  If you only have one device, you can sign into the Find my iPhone web app here:

http://www.apple.com/mobileme/features/find-my-iphone.html

So for all of the collective bitching about how iPhones track your location, this seems like a pretty fair trade to me overall.  This does bring up points though of subpoenas and forensics where it’s conceivable that you could be arrested for something, the police can confiscate and search your iPhone without a warrant and then potentially see that you have this app installed and contact Apple to retrieve records beyond what the phone itself stores.  If your story doesn’t match what the records say, you could be in deep shit really quick.  This reminds me of an EXCELLENT video I saw on YouTube the other day about how you should never talk to the police under any circumstances since you can nearly never help your case.  It was a presentation give by a lawyer and a police officer:

http://www.youtube.com/watch?v=6wXkI4t7nuc

Tags:
read more

Every used router tells a story

Filed Under: security
Jun.03, 2011

I’ve been buying WRT54G variants at thrift stores for probably a year now.  It’s a little obsessive actually.  I would say I’ve purchased about 15-20 of them now.  My wife asks why I do it and I’m not sure I have a great answer.  Some of them I’ve used to set up my own network, others I’ve swapped out with friends and family to get them onto better, more stable hardware and still others I’ve bricked and experimented with.

Today I was at Goodwill up in Mount Vernon, WA.  Somewhat of a podunk, low-tech place.  I wasn’t particularly expecting to find a router but I did.  It was a shiny WRT54G v2.2 for $5.99.  I couldn’t pass it up at that price but honestly I will pay up to $12.99 for them so this was a score.

Anyways, I was remembering the Samy location tool story we ran on ISD Podcast a couple weeks back.  I decided to check out the MAC address for this router and see where it came from.  First I tried the address on the bottom of the router not really expecting it to work.  Unsurprising enough, it didn’t work.  Then I remembered something that one of the other guys on ISD said… all the MAC addresses on the router are within a few digits so I incremented the last byte of the address a couple times and low and behold, I was presented with an EXACT location in Edmonds, WA.  It was so precise in fact that it even gave me a street address.  For reference Edmonds is 50 miles from Mount Vernon and there are at least 15 thrift stores closer to Edmonds than this one so I’m not sure why it ended up way out there.

This was a little bit startling.  I’m not even entirely sure what the implications are but this does seem like a security risk to me.  With the address, I am able to obtain the home owner’s name although but with no guarantee that the router lived in that house.  Furthermore, I’m able to see what the name of the WiFi was.  In this case, it was “Jayne1″.  Popping in the street address, I found this was a small condo building.  If I wanted to dig further, I’m sure I could find which unit “Jayne” lives in.  She did change the default password so I could see anything further without a bit more effort than I’m willing to put out at the moment.

If nothing else, the creepy factor here is pretty high.  Lesson here should be to reset your router config at minimum before sending your old router out to pasture.

Tags:
read more
Powered by WordPress. Theme: Motion by 85ideas.