... perhaps the next 42 should be a bit less dark ;)

I was reading  Colin O'Flynn's excellent "Forget Not the Humble Timing Attack" article in PoC | GTFO this morning, and I thought I should check how easy timing attacks would be in Java (I know, I know...). 

Anyway, turns out the System.nanoTime() is quite handy. Here's the sample demo that uses it to measure method invocation times for different key sizes:

import java.util.UUID;
import java.util.Arrays;

public class TimingPoC {

    private static char[] secret = UUID.randomUUID().toString().toCharArray();

    /** leaky password check **/
    public boolean checkSecret(char[] pwd) {
        for (int i=0; i<pwd.length; i++) {
            if (pwd[i] != secret[i]) {
                return false;
            }
        }
        return true;
    }

    public void start() {
        for (int i=1; i<secret.length; i++) {
            char[] candidate = Arrays.copyOfRange(secret, 0, i);
            long[] times = new long[5];
            for (int it=0; it<times.length; it++) {
                long start = System.nanoTime();
                checkSecret(candidate);
                times[it] = (System.nanoTime() - start);
            }
            Arrays.sort(times);
            System.out.println(i + "\t" + times[(int)Math.floor(times.length/2)]);
        }
    }

}

 And here are the corresponding (nanosecond) response times:

One simple linear regression later...

Call:
lm(formula = call_time ~ key_length)

Residuals:
    Min      1Q  Median      3Q     Max 
-37.185 -21.977 -10.429  -1.134 214.983 

Coefficients:
            Estimate Std. Error t value Pr(>|t|)    
(Intercept) 111.9210    16.7010   6.701 1.24e-07 ***
key_length   16.5838     0.8092  20.495  < 2e-16 ***
---
Signif. codes:  0 ‘***’ 0.001 ‘**’ 0.01 ‘*’ 0.05 ‘.’ 0.1 ‘ ’ 1

Residual standard error: 48.35 on 33 degrees of freedom
Multiple R-squared:  0.9272,    Adjusted R-squared:  0.925 
F-statistic:   420 on 1 and 33 DF,  p-value: < 2.2e-16

We can easily conclude that every extra character in the key length increases the method response time by 16.5 nanoseconds, which is the information that given naive password check information leaks. Now, all we need to do is keep increasing test key length until response times stop growing, and we'll have our target key size.

One thing to keep in mind with the approach above is that, on a modern OS, given times will not be deterministic. So repeated measurements are needed in order to get a "smoothed" value (in the code above value used is the median of 5 measurements). That said, though, in purely statistical terms, even more measurements would yield a more stable estimate, in this particular case, it's not necessarily true. Here's an example of a median based on 5000 samples:

Why do you think this is the case? :) 

Just a little teaser poster I'm working on...

DRAFT - Please Ignore | Hackaday article coming up

"The future is already here – it's just not evenly distributed," goes the clichéd William Gibson quote. Growing up on all the Cyberpunk literature and spending more-than-healthy amount of time obsessing with Fred Gallagher's Megatokyo series, I always imagined for Japan to be at the very tail of this distribution. The place where Future lives. Though it has been decades since the Bubble have burst, and there is no way this could still be the case, there was something romantic about believing it just might be. So I opted for keeping the dream alive and never actually visited the place.

Not until, a few weeks ago, [Bilke] - one of our crazy sysadmin guys that keeps Hackaday.io alive, made me do it. He found these cheap tickets from LA and next thing you know - we were flying out for a 48-hours-in-Tokyo weekend. With no time to prepare, we reached out to [Akiba] from Freaklabs and [Emery] from Tokyo Hackerspace for some tips. By the time we landed, emails were waiting for us, with our full schedule completely worked out. It's great to know that, no matter where you are, there's always a friendly local hacker willing to help.

Pass the immigration, we took the JR Narita Express line into to the City that Friday evening. Then a Taxi because we couldn't understand a word in katakana and then the JR Yamanote Metro line once we have figured things out. Checked out all the major places we have ever heard of (Shinjuku, Shibuya, Roppongi, Ginza...) and because the jet lag was not letting us sleep anyway.

And then, some time way past midnight, it hit me - Future Shock, but the kind I never expected.

It's as if you were hoping to land somewhere on the opening pages of Neuromancer, but ended up in the middle of Studio Ghibli movie instead. While all the neon and tech gimmicks seem to be there, the future they're portraying feels strangely anachronistic - like a dream from the distant past. Something straight off Nintendo or Sega Corp drafting tables from the mid-80ies. And decades later, still showing no signs of decay. Everything is perfectly tight, clean, well preserved, smiling with a distinct kawaii touch. A retro futuristic utopia.

It's is certainly what I hoped for, but the whole thing quickly grows on you. And you begin to feel at home...

Akihabara

The next day, we got on the Metro and went straight to a place we intentionally skipped the night before - Akihabara Electric City. There we met with [Emery], [Taylan], [James], [Shingo] and [Mariko] from Tokyo Hackerspace and they gave us the grand tour. It was spectacular. The place is a sort of Geek Wonderland where every corner hides a place you never came looking for, but can't resist getting in. You might come to Akihabara looking for electronic components for your latest project but leave as Train Otaku, 1998 Sega Dreamcast owner with a bag full of games, or falling in love with yet another obscure Manga which will end up consuming a better part of your life. Cosplay characters are roaming the streets and moe girls are advertising all sorts of maid cafes. Electronics is everywhere, across large number of small places, each with a slightly different focus. One of the shops we came in was specializing in electronics components and books about the occult! Cthulhu loves the smell of burning silicon.

Hopefully our video with the amazing Tokyo Hackerspace crew will give you a better sense of what it is like to be a hacker living in a place like this.

Shingo & Mariko's Home Studio

Having spent the better part of the day navigating the Akihabara maze and completely depleted by all the sensory overload, we were more than excited when Shingo and Mariko invited us to visit their home studio, for some downtime and beers. It's located in Akihabara, walking distance from all the main attractions, and it's a hacker's dream... apartment doubling as mini fabrication lab, with husband & wife science-geek team relentlessly working on new projects and ideas. We...

Like it or not, a whole new wave of Hardware Startups is coming our way. Crowdfunding campaigns are making it possible for everyone with an idea to "test the waters", tech-savvy Angel investors are eager to help successful ones cross over, and Venture Capitalists are sitting on the other side, always on the lookout for potential additions to their "hardware portfolio". It's these billion-dollar acquisitions that made everyone jump on the bandwagon, and there's no going back. At least for now.

That's all great, and we want to believe that good things will come out of this whole frenzy. But instead of staying on the sidelines, we thought we should get involved and start asking some hard questions. After all, these guys didn't think they will be able to get away with just some nicely produced videos and a couple of high-res photos, right?

For our first issue, we picked a relatively innocent target - Spark.io, guys behind the Spark Core development board. By embracing Open Source and Open Hardware as the core part of their strategy, Spark has so far been a positive example in the sea of otherwise dull (and potentially creepy) IoT "platforms". So we thought we should give Zach Supalla, CEO of Spark a call...

South by Southwest 2014 is approaching, bringing along the usual tech-startup-launch frenzy, streets filled with party buses and endless hordes of geeks drinking themselves into oblivion. Although Interactive traditionally draws from software crowds (most of which with hopes of becoming the next Twitter or Foursquare), hardware is getting to be too-big-to-ignore and year after year more and more hardware-related events are starting to pop up. After all, SXSW is about about revolutionary things and new technologies that are shaping our future. And we all know hardware is where it's at.

So here it is, SXSW2014 guide for the Hardware-minded ...