The VMware vSphere Blog today has posted the second part to VM identification:

In Part 1 of this article, I provide an overview of how to uniquely identify a virtual machine in both a vSphere vCenter and vCloud Director environment. In this article, we will look at an example environment and show you how to extract the information needed to uniquely identify a VM using both the vSphere API and vCloud API.

The Easy Bay Express has an interesting article that tries to identify officers involved in protests by reviewing footage for unique markings on their uniform.

Two stripes and a star, OPD’s insignia for acting sergeants, are visible on the officer’s left sleeve. In both clips, the officer is holding his shotgun with his right hand on the trigger, his helmet visor is up and the numbers “35” are visible on his helmet. According to an OPD roster of the three-digit helmet numbers assigned to individual officers and the personnel detail for October 25, Officer Robert Roche is the only one with a helmet number beginning with “35” who was assigned to a Tango Team that night. Roche’s helmet number that night was “357,” according to OPD records.

[…]

Sergeant Chris Bolton, chief of staff to Police Chief Howard Jordan, said the investigation into the [October 25, Marine veteran Scott] Olsen incident is ongoing. “Any known or alleged uses of force against Mr. Olsen are assigned to an independent investigator,” Bolton said in a statement. “Based on available video, photographs, and reports, the department has identified several officers that they are subjects of those open investigations.” Bolton added, however, that “no investigative findings or discipline have been announced or imposed.”

Rapid 7 has announced with Metasploit 4.2 a brute force attack on weak passwords in vSphere web services APIs (vmware-api). Their repository also shows updates to the ESX scanner as well as a few admin scripts.

• vmauthd_version : Discovers the version details for a vmauthd service
• esx_fingerprint : Fingerprints (down to the build number) of a stand-alone ESX server
• vmware_http_login : Attempts to brute force local VMware credentials via the Web Services interface
• vmauthd_login : Attempts to brute force local VMware credentials via the vmauthd service
• vmware_enum_users : Enumerates both local and domain VMware user accounts
• vmware_enum_permissions : Enumerates locally-defined user and group permissions on a VMware instance
• vmware_enum_sessions : Enumerates active VMware login sessions
• vmware_enum_vms : Enumerates all local virtual machines on the local VMware instance
• vmware_host_details : Discovers host hardware and software details of the VMware host machine
• poweroff_vm : Powers off a virtual machine via the VMware Web Services interface
• poweron_vm : Powers on a virtual machine via the VMware Web Services interface
• tag_vm : Writes a user-defined “tag” to the VMware logs as proof of compromise
• vmware_screenshot_stealer : Grabs screenshots of VMware guest operating systems as proof of compromise
• terminate_esx_sessions : Disconnects a user from the ESX server

Finding weak passwords is a great example of old threats and vulnerabilities applied to new environments. VMware gives consumers the ability to set strong password restrictions but that does not mean systems will always be configured properly. These tests are an excellent way to validate vSphere hardening procedures in an organization.

Come see me and Bruce Schneier at the RSA Conference in San Francisco discuss his new book, Liars and Outliers: Enabling the Trust that Society Needs to Thrive. He was kind enough to mention me by name on his blog:

At the end of February, I’ll be at the RSA Conference in San Francisco. In addition to my other speaking events, Davi Ottenheimer will interview me about the book at something called The Author’s Studio. I’ll be doing two one-hour book signings at the conference bookstore. And, and this is the best news of all, HP has bought 1,000 copies of the book and will be giving them away at their booth. I’ll be doing a couple of signings there as well.

We will be in the Crypto Commons, Wednesday, February 29th from 10:20 am – 10:50 am

Crypto Commons will be the home for new events at RSA Conference 2012 this year. One of these new events will be the debut of the Security “Author’s Studio.” Come spend 30 minutes watching and participating in a live interview with a well-known author who is also speaking at the Conference. The interview will be done by a selected delegate and will include questions from the audience. A book signing will follow.

The book has just been published and already is getting many rave reviews for his treatment of game theory and his thorough study of trust. He is clearly one of the best writers alive and is known for an amazing ability to synthesise, distil and explain complex security theory in a very accessible and entertaining format.

We don’t demand a background check on the plumber who shows up to fix the leaky sink. We don’t do a chemical analysis on food we eat.

Trust and cooperation are the first problems we had to solve before we could become a social species. In the 21st century, they have become the most important problems we need to solve—again. Our global society has become so large and complex that our traditional trust mechanisms no longer work.

I don’t know about you but I don’t background check the plumber because I use a different set of controls instead. It’s not like I actually trust the plumber. And I have been known to do chemical analysis of food. Perhaps you can imagine how this interview will go. :)

Below is a video on YouTube I found with Bruce introducing the core dilemma he addresses in the book (20 views so far).

After I watched it a few times (to help get the view numbers up) an alternative title came to mind: Life with Parasites.

Now just imagine my voice interrupting him to ask if we really should judge the outliers as a parasite absolutely or does the dichotomy break when we introduce a few degrees of relativism. Given one person’s parasite could be another person’s provider, does the dichotomy give way to a cycle of rewards?

To put it another way, why is it after a bombing that a bus driver is more likely to return to driving a bus than a passenger is likely to return to riding one? Is it trust? I say no but maybe Bruce can convince me otherwise.

Hope to see you there.