August 2007

Bank Holiday weekends are just plain great, not only do I get to slouch around, enjoy the sun and do sweet F.A. but if I’m real lucky, I get to try out a new game. This one is Bioshock, and it’s a corker. So good in fact, that even though I spent around twenty hours completing the game on medium skill setting, I’m now playing through it on hard.

This single-player only game is a near perfect representation of what can be achieved if the medium is understood and used well. It’s not often a game provokes emotional response from the player, but this one does it at least twice on each game-level. Bioshock is set in a underwater utopia, that through elitist corruption and arrogance (and a civil war) has fallen into a dystopia of genetically spliced scavengers who prowl the levels seeking ADAM. ADAM is the enabler of genetic splicing in Bioshock, and is hard to come by through moral means. The only source of ADAM for the player is via the Little Sisters, genetically modified and conditioned girls who roam the city (accompanied by their protectors) extracting ADAM from the dead.

Unfortunately for 2k, the developers of Bioshock, the launch of the game has been marred by a DRM fiasco. The installer uses SecuROM to not only validate the install, check for disc presence, but it also limits the amount of installs per user! At launch this was set at two, and there was no revocation tool. Now, it’s set at five and a revocation tool is being worked on. 2k have stated that they will remove all DRM components at some point in the future.

Being a System Shock fan, it’s a bitter pill to swallow.

To wrap, here’s a quick video of a Little Sister being rescued…

Any *hat worth their salt will probably tell you a lot of technical reconnaissance, enumeration and planning goes into a vulnerability assessment or attack. However, the same group will also inform you, in some circumstances it’s far easier to have someone let you into a system, than to force entry. Social Engineering carries it’s own form of information reconnaissance, enumeration and planning, but it’s an entirely different tool-set.

Google is a great first stop for many searches, but it doesn’t provide relational links to re-construct a person’s (or organisation’s) entire web-presence, including their relationships with other subjects and resources. This is where Paterva’s Evolution offering comes into play. To assess the power of the engine, there is a simplified web interface, however for graphical representation of association, there’s also a GUI based interface for Windows, *nix, and MacOS.

This is a very powerful and interesting way of manipulating search data via objects. This tool is a social engineer’s and auditor’s gold mine, and will probably also be gracing the desktop of any budding cyber-stalker :-| However, it’s all public information that’s available via searching through a number of online tools. What’s unique here is the ease of the search, and the representation of relationships and data. A great test is to audit just how much data you’ve leaked onto the Internet.