HiR Information Report

Links for 2009-11-07 [del.icio.us]

Sun, 08 Nov 2009 00:00:00 PST

Episode173 - PaulDotCom Security Weekly
HiR's Evil Wifi gets props on PaulDotCom, h/t @CoryKennedy

Links for 2009-11-06 [del.icio.us]

Sat, 07 Nov 2009 00:00:00 PST

Working with XML in newLISP | Artful Code
For you newLISP fans. I'm currently working on something related to XML and newLISP, so this bookmark is just as much for me to find it again as it is for people who play with newLISP.

Schrödinger's Hacker

noreply@blogger.com (Ax0n) — Wed, 04 Nov 2009 16:12:00 +0000

Apparently, it started here, then spread like wildfire through the security mailing lists and twitterverse. str0ke, of Milw0rm, was no longer among the living.

I had my doubts. One entry on a blogspot blog doesn't usually constitute breaking news, and there was no more authoritative source. Some people who saw my skepticism told me that it'd be pretty screwed up to fake a death of someone like str0ke. All I can say? Madoff. Lori Drew. Fake Facebook deaths. Bonnie Sweeten. There are some f'd up people in the world, and a lot of them do f'd up things over the Internet.

Str0ke is still alive and well. Or is he?

Related:
Rehi, Milw0rm

Links for 2009-11-03 [del.icio.us]

Wed, 04 Nov 2009 00:00:00 PST

Loopt Shifts Its Strategy To Tap The Pulse Of Location
Loopt seems to be finding its niche. I like geolocation services for certain things, but I'm not on loopt.
GV Screwups
Google Voice mis-translations. I have some doozeys on my own Google Voice account. There's always some funny stuff.
command line calculator | commandlinefu.com
calc(){ awk "BEGIN{ print $* }" ;} #That's hawt.
MJRainey - El Silbo
This double-sideband (DSB) radiotelephone transmitter is powered entirely by the instantaneous (not stored) energy produced in the operator's voice. - An impressive read, and probably an easy project for the novice.

Smoking (Cloud) Crack

noreply@blogger.com (Ax0n) — Wed, 04 Nov 2009 00:58:00 +0000

Making waves in the infosec blogosphere today: Cracking a PGP-protected ZIP file using Amazon's EC2 cloud computing infrastructure. There's some interesting data presented, especially when extrapolating the cost involved with breaking the encryption. There are a number of flaws in the write-up, though. I'll take it to task here, then cover some of the important and extremely valid points that the write-up did make.

This was a brute force password attack

If you happen to intercept PGP communication between two people, there's no password in the world that can decrypt it. The password (or passphrase) only unlocks the secret key, which is actually needed to decrypt the communication. If you don't have the secret key, your options for recovering the encrypted content are mathematically tantamount to nil. If you do have someone's secret key file, that person did something very wrong and stupid. The proper thing for that person to do when there's reason to believe their secret key is compromised: revoke the key, and tell everyone that the key has been compromised! I cover some of this in my GPG Key Management & Signing Article. Some Cloud Crack™ was being smoked by someone, as the crackers had access to the secret key, which shouldn't ever happen.

It doesn't always cost millions of dollars for CPU cycles.

Ages ago, my friend Bob had distributed.net agents running on 90% of the lab computers at the college he attended. These were all fairly new computers, too. Have physical access to 100 computers? You can probably spawn 100 instances of EDPR. For free. As in free beer. Okay, free beer plus the cost of the EDPR entitlements.

Plain old CPU cycles are so '90s. These days, we have the ability to harness compute power of FPGAs, and thanks to things like the CUDA architecture, Graphics Processing Units (GPUs) as well. These technologies take traditional CPU cycle density and cost paradigms and turn them inside out. It doesn't come cheap, but it's surprisingly affordable, more efficient, and denser than building racks of x86 machines. The author spoke of a corporate espionage scenario, with budgets of around $1M to compromise a competitor's data. $1M would go a very long way with FPGA or CUDA technology.

Finally, there's the black-hat side. Botnet zombies are cheap. Spammers, scammers, and malware tycoons know this. If you have some skills, free time and lack a moral compass, you can roll your own botnet or hijack someone else's botnet zombies for free. Again, as in free beer. Don't think it happens? Don't kid yourself.

Brute Forcing is real

While brute force doesn't work against PGP in a perfect world, it does work almost anywhere a password is involved, and the numbers don't lie. An attack like this against an encrypted TrueCrypt volume, for example, would be bone-chilling if it succeeded. Normal "protected" zip files, documents, and accounts are vulnerable, and there are multiple tools to brute force almost any kind of password.

Longer is better, for the most part

Long, simple passphrases win out over short, complex passwords when it comes to brute force. Still, if you use something that's easy to guess, like the first sentence of the book currently marked as your favorite on some social networking site, you might be in trouble. The ways you choose, guard, and use your passwords are parts of a very complex problem that not even the best in the industry can agree on a solution for. Good luck with that.

If all else fails, there's always rubber-hose cryptanalysis. Remember, you can't hide secrets from the future with math.

Links for 2009-11-02 [del.icio.us]

Tue, 03 Nov 2009 00:00:00 PST

The Secret Shame of Social Networking: How Silicon Valley Got Hooked on Scammers - Facebook - Gawker
If you ever wondered what the point was of all those inane facebook apps (and other social media hijinks) this is your answer.
PortSwigger.net - web application security: If politicians were HTTP status codes
Who didn't see OBL as 404 before even clicking?
Schneier on Security: The FBI and Wiretaps
It's ECHELON!
Lifestyle Hackers - CSO Online - Security and Risk
I probably fall into the "Lifestyle Hacker" category to a certain extent.
The Top Internet Memes of 2009
Sup dawg, we heard United breaks wolf t-shirts, and I'mma let them finish, but balloon boy had the best Internet meme ever.
Google Wave: A Complete Guide
Mashable's guide to Google Wave.

The Pavlovian yes box

noreply@blogger.com (Asmodian X) — Mon, 02 Nov 2009 21:00:00 +0000

In the technology field we like to "train" people how to do things. But many people do not understand the difference between training and education. To educate someone means that they have an understanding of how to perform a task and to understand why it works. To train someone on a subject only gives them part of that equation. A person who has been trained on a subject only knows a process to accomplish a task but does not know how or why that process works.

For years, Internet technology has trained people to use the Internet in a certain way. We train people to break up the search queries into key words instead of whole sentences. We train people to "Google" it rather than to fully research a topic using traditional library media or trusted resources. And finally we train people to click on "YES" when any question is presented to them when they click on a link.

So when Microsoft released Internet Explorer 8, help-desk's around the world were deluged with angry calls about websites which suddenly stopped working. The problem was that Microsoft, rather than passively continuing its part in training users to press "YES" to continue, now requires a "NO" to continue.

My hope is that people actually are forced to read what they are agreeing to. And when they do finally read it, they start asking very important questions like what they are agreeing to exactly. The most common issue is with websites is when they mix secured and unsecured content. To most people so long as only their private information is being sent on the encrypted channel, they are satisfied. However the problem really lies with authentication, most authentication uses a session ID variable which is given to the user with every transaction. Unless special measures are taken this session ID can leak out of the secured session and become available to someone who is eavesdropping. That person can then usurp the connection and pretend to be the user.

This is not all the users' fault of course; the developers take the blame too. It isn't until recently that people have started to do exactly what they are supposed to do and complain and make sure that all of their secured website links are SSL aware. Popular web applications like Wordpress are pretty dumb when it comes to this issue; there are of course plug-ins which patch this issue, as well as some all or nothing solutions which force everything to be SSL but nothing very elegant. The real issue with web apps is when dealing with plug-ins and 3rd party software which are not forced to follow any convention when creating content or linking.

Other web security related articles at H-i-R:

Windows 7: Is its success really a surprise?

noreply@blogger.com (Ax0n) — Mon, 02 Nov 2009 17:55:00 +0000

I've been messing with Windows 7 since the beta, and my wife has the Ultimate edition installed on her laptop (having replaced Vista, for the most part).

Most people agree: Windows 7 is good. But really, when faced with the following choices, how could Windows 7 NOT succeed?

Windows XP, a decade-old platform that's been patched to hell
Vista, a chubby three-year-old toddler replete with nagging, resource-hogging character flaws
Windows 7, the shiny hotness built after pay-to-participate beta testers shook out Vista's worst features and bugs over the course of 3 years

(this post is loosely based on an IM conversation with another friend of mine in the financial IT sector)

CCCKC: Hack-o-Lanterns revisited

noreply@blogger.com (Ax0n) — Fri, 30 Oct 2009 13:38:00 +0000

Since I already made my own Life Glider Hack-O-Lantern, I didn't participate, but several people brought pumpkins down to the CCCKC Hackerspace last night to carve out their geeky designs. I left before most of them were completed, but I noticed they showed up in the CCCKC flickr pool this morning. Some of these are pretty nifty! I particularly enjoyed the LED-illuminated Hack-o-Lanterns. Check out that microprocessor-driven Cylon!

There are more geeky jack-o-lanterns over at Geeks Are Sexy. Also: Some tips for hosting a Halloween party.

Twitter Lists = all the @SecurityTwits in one place!

noreply@blogger.com (Ax0n) — Fri, 30 Oct 2009 03:08:00 +0000

Twitter rolled out lists to everyone today. The thing I'm most excited about is the ability to follow all of the Security Twits with a single click. I already follow quite a few of them, probably more than half, since I primarily use Twitter for security news and interacting with people of that mindset. SecurityTwits also created lists for Security Companies, Blogs & Research (of which HiR is included), Media, and Events.

HiR even has a list of our authors!

You are able to make lists to share with others, too. All of the Twitter accounts from your local 2600 group or hackerspace, your fantasy football pals, or comedy troupe, for example. Also, like SecurityTwits, there are already a bunch of public Twitter lists out there that you might be interested in following. Mashable has a good catalog of lists started.

Related: Roll your own hive-mind

Humor (kind of): Hardened OpenBSD installation

noreply@blogger.com (Ax0n) — Fri, 30 Oct 2009 01:09:00 +0000

So my buddy James a.k.a. n0b0d4 a.k.a. Genesyswave who you may know best for his posts on SecurityCatalyst, decides to be funny. Or maybe he was being serious. A few hours after mentioning the OAMP post, he asked if I had a post about installing OpenBSD securely.

Well, not as such...

So, here's a walk-through:

Insert CD. You can download the ISO for free.
Boot from it. You might need to tweak your boot settings.
Follow the prompts.

See the OpenBSD 4.6 installation article for some helpful screen shots.

Voila. You have a hardened, secure OpenBSD install. If you want a really secure installation, I recommend not enabling X11 or SSH. hah.

update: In my fanboy-induced haze, I must admit that I didn't even think to mention patching. There are already three reliability (potential DOS/Crash) fixes for OpenBSD as of writing, and it's not even been out for but a week or so. It goes without saying that no one is perfect. OpenBSD has patches, just like every other operating system.

Patching OpenBSD is not nearly as easy as it is on most popular Linux distributions, but the OpenBSD FAQ covers patching better than I could cover it here. To tell the truth, the patching process is one of my big gripes. To patch OpenBSD, go to the OpenBSD 4.6 Errata (patches) page and download the patches. Read the comments and follow the instructions. Note: you'll almost always need a full source tree to patch OpenBSD.

Links for 2009-10-28 [del.icio.us]

Thu, 29 Oct 2009 00:00:00 PDT

Hackers Access Llywelyn's Pub Credit Server - Kansas City News Story - KMBC Kansas City
This is goofy. First off, "Credit Server" would indicate a payment processor breach. Not likely the case if this one place is the only one targeted. My guess is an insider was skimming. That means this is hardly news. Also, disgruntled insiders are not always "hackers". Epic lulz for calling them "cyber hackers" z0mgl33th4x0rs!
funny-pictures-cat-waits-for-program-to-load.jpg
This was me last night, trying to futz with OpenBSD in VirtualBox while doing all my usual goofing off in Firefox on my Mac with only 1GB of RAM. Firefox was not happy. Yes, I am linking to a lolcat. what of it?
Resolving problems unmounting partitions
I've known about using lsof and fuser for a long time, but they've saved me many times so I thought I'd share. They're not AIX-Only, and it's a handy trick to know.
xkcd. Via gopher://
I think I may be showing my age.

Hack-o-Lantern

noreply@blogger.com (Ax0n) — Thu, 29 Oct 2009 02:30:00 +0000

Earlier this week, my wife and I carved pumpkins. Lacking any semblance of artistic skill, I traced a circular object nine times onto the face of my pumpkin, carved out five holes, and ran a dremel around the other four. My wife's handiwork on the left is more aesthetically pleasing.

The Glider is one of the smallest moving self-perpetuating patterns in Conway's Game Of Life, which is a zero-player game that functions as a demonstration of cellular automation. It has a few very simple rules. In 2003, Eric S. Raymond proposed that hackers adopt the glider as their emblem. Read his Hacker Emblem FAQ to figure out why he thinks it's a good emblem. I agree with most of it, and I'm completely fascinated by Conway's Game Of Life. So this is just plain cool to me on many levels. Here's a java implementation of Life for you to tinker with.

Let's see your pumpkins!

OAMP: OpenBSD 4.6 + Chroot Apache + MySQL + PHP

noreply@blogger.com (Ax0n) — Wed, 28 Oct 2009 12:16:00 +0000

Introduction
I'm combining the OAMP howto with chroot from the start this time because it's really the proper and secure thing to do. You can read more about how chroot works in my last article about it, but the premise is that chrooting Apache limits the amount of damage that can be caused by vulnerabilities in web applications. Keep in mind that we'll be accessing MySQL from within the chroot in this article, so all content within MySQL is potentially at risk if you're serving up SQLi-vulnerable content. The best things the average sysadmin can do to protect the server is to keep webapps and system patches up-to-date, and to perform periodic database dumps and system-wide backups.

I will walk through the commands here without showing the output they generate. You can reference my OAMP walk-through from OpenBSD 4.4 if you want to see example output, which should look similar for OpenBSD 4.6. The output shouldn't matter much, because I'll walk you through everything here.

Preparation
To start off, I make sure that a user-level admin account has access to run anything as root from sudo. Note: all the administrative commands in this post begin with "sudo" for a reason. To do this, I add my admin account to the wheel group. You can do this during the adduser process or with usermod, but if you created a non-root admin user during the OpenBSD 4.6 installation process, that user will be in the wheel group by default. All you need to do is add a sudo rule for the wheel group. It's commented out in /etc/sudoers.

$ su -
Password:
# visudo
... or use whatever editor you want on /etc/sudoers. Not recommended.

Find the line that grants access to the wheel group, and uncomment it. It's about 35-40 lines down in the default configuration. Optionally, there's a NOPASSWD version of the same, a few lines down. I don't recommend using this option on a production server, but it may make system management more friendly on your development servers and workstations.

%wheel ALL=(ALL) SETENV: ALL
-- or --
%wheel ALL=(ALL) NOPASSWD: SETENV: ALL

I also set up the path for pkg_add by adding these lines to my user-level account's .profile, then logging out and back in to reload the profile. I usually use an OpenBSD mirror, like ftp5.usa.openbsd.org instead of the main FTP site. You can also use any of the http mirrors in this path.
vi .profile

PKG_PATH=ftp://ftp5.usa.openbsd.org/pub/OpenBSD/4.6/packages/i386/
export PKG_PATH

Installing Packages
Installing php5-mysql and mysql-server will fetch all of the dependencies for OAMP. This particular version of PHP comes pre-compiled with the suhosin hardened PHP patches in place, which is a nice touch! This process may take a while depending on your connection speed. There are eight or nine packages in total, including php5-core and some perl modules that MySQL depends on for its management tools.

sudo pkg_add php5-mysql mysql-server

Next, copy the PHP + MySQL sample files into place

sudo cp /var/www/conf/modules.sample/php5.conf \    /var/www/conf/modules/

sudo cp /var/www/conf/php5.sample/mysql.ini \
    /var/www/conf/php5/

Run the script to get the default MySQL database installed, start MySQL and set a MySQL root password.

sudo /usr/local/bin/mysql_install_db

sudo /usr/local/share/mysql/mysql.server start

sudo /usr/local/bin/mysqladmin \
   -u root password 'your-password'

At this point, both MySQL and PHP are installed and set up with a default configuration that will probably work fine for most applications.

Chroot Setup
Most AMP packages only need somewhere to store Session information and a way to get to the MySQL socket. Since the real /tmp contains information that is not needed for Apache, we'll just create a new tmp directory specifically for Apache within /var/www and make it world-writable with the "sticky bit" set (exactly like the real /tmp)

sudo mkdir /var/www/tmp
sudo chmod 1777 /var/www/tmp

Next, reproduce the directory structure for the MySQL socket under /var/www.

sudo mkdir -p /var/www/var/run/mysql  # -p creates subdirs as needed

Start Apache and MySQL at boot
Set apache to start on boot by editing /etc/rc.conf. Find the httpd_flags line in the file, change NO to "" -- literally, two double quotes as shown below.

sudo vi /etc/rc.conf

# use -u to disable chroot, see httpd(8)
httpd_flags=""
 -or-
httpd_flags="-u" #disables chroot. You can if you want.

Then, make sure that MySQL starts at boot and that the real mysql.sock file gets hard linked into the new directory by editing /etc/rc.local. I also added a line to remove the old hard link before starting MySQL. The end of my /etc/rc.local looks like this:

rm /var/www/var/run/mysql/mysql.sock
/usr/local/share/mysql/mysql.server start
ln /var/run/mysql/mysql.sock /var/www/var/run/mysql/mysql.sock

After getting all of the services set up to start automatically, I usually reboot to make sure everything starts up as expected.

sudo reboot

Testing
Once the system comes back online, the most basic test of Apache and PHP is to create a phpinfo script. This can be done with one line of shell-fu, which will launch "tee" with root permissions to write the phpinfo.php file.

echo "<?php phpinfo(); ?>" | sudo tee /var/www/htdocs/phpinfo.php

Then, navigate to http://your.openbsd.ip.address/phpinfo.php in your web browser. It should load a nice-looking document containing details about PHP's configuration. In particular, check for MySQL.

To really put our fresh chrooted OAMP installation through its paces, I downloaded the latest version of Wordpress, then followed the instructions using "the famous 5-minute install", which is way beyond the scope of this article. It's as simple as creating a database, setting up a privileged user for that database, editing a configuration file and copying wordpress into /var/www/htdocs (or a subdirectory) before accessing the control panel to finish up.

The wordpress install worked without changing anything from the instructions, and it's all running under chroot without any problems!

If you find that things are not working well with a particular AMP application, check file permissions, and copy or create hard links to files or directories that are needed. Example: sometimes you need a fake /etc/password file, some tools from /usr/bin or a /dev structure to be replicated within the chroot environment. Add these only as needed.

Links for 2009-10-27 [del.icio.us]

Wed, 28 Oct 2009 00:00:00 PDT

Google Wave as a Tool for Hacking | Social Hacking
@theharmonyguy has some fun with BeEF and Google Wave. Turns out Wave is currently a pretty good platform for launching your next attack.
When Geeks Have Twins [PIC]
I think the shirts should have been labeled "yy" and "p" but hey, it works.
People read more than books
Jason Kottke rants about the current state of ebook readers. Hey, if I had access to something that would not just load eBooks, but pick up my RSS Feeds on top of providing rich, color images to go with it... I'd be in. As long as it had good battery life.

Installing OpenBSD 4.6, Virtual machine snapshots

noreply@blogger.com (Ax0n) — Wed, 28 Oct 2009 04:52:00 +0000

OpenBSD's install process changed for the first time in a very long time with the release of 4.6.

For the most part, I feel like the changes are for the better. The install script asks fewer questions, and one can almost accept all the default options without worrying about much of anything. I've already installed it on a few of my systems, but in preparation for my upcoming article on getting OpenBSD, Apache, MySQL and PHP playing together nicely in a chroot environment, I decided to install it in VirtualBox.

Here you can see a new feature towards the top of the screen shot. OpenBSD now asks if you wish to create an initial non-root user. This user will be automatically placed in the wheel group, which has certain administrative abilities in OpenBSD.

At the bottom of this screen shot you can see the partitioning setup. This is similar to the old manual disk partitioning from pre-4.6 installs. It's worth reading up on the OpenBSD installation FAQ, which has a detailed section on setting up disks. Notice that I'm doing a fresh install over OpenBSD 4.5, so the partition table is laid out in OpenBSD's "Whole Disk" mode already. Your partition table may look different.

After that, you get the disklabel, which now has an "auto" option by default for setting up the slices, similar to FreeBSD. I just pressed enter and watched as the filesystems were created.

The installation set selection changed aesthetically, but it's the same as before, there's just not one item per line anymore.

When I test things out, I like the ability to use snapshots in a virtual machine environment. This isn't a unique feature to VirtualBox. I know VMWare can do it as well. I shut down the VM and made a pristine snapshot right after installation, then I started the VM, logged in, got some things configured the way I want (sudo, bash, and PKG_PATH) and made another snapshot after shutting down one more time.

In preparing another OAMP article, snapshots are nice because as I try to get OAMP working, I usually run into snags. Snapshots enable the VM to go back to a previous state and start over from a specific point in time without doing a fresh installation.

Once I think I have the installation procedure down solid, I can revert to the base install one more time and make sure my instructions work. Obviously, virtual machine snapshots have many great uses for both desktop and server instances alike. This is a look into one way I utilize them. For servers, this is a life-saver for backing out of a change gone bad, but it's no substitute for testing changes properly before deploying them to production.

One of our readers has already tried the instructions for OpenBSD 4.5 on his new OpenBSD 4.6 installation with some problems. I'll see if I can reproduce the issue and come up with instructions to work through them. Look for an OAMP Chroot article for OpenBSD 4.6 coming soon!

Links for 2009-10-26 [del.icio.us]

Tue, 27 Oct 2009 00:00:00 PDT

Using Evil WiFi To Educate Users & IT Admins - Evil Bytes Blog - Dark Reading
Some HiR link love on Dark Reading
Mid-Missouri nuclear plant still using dial-up Internet access - Kansas City Star
SCADA and/or other control systems are probably air-gapped (as they should be) but may still be potentially accessible via dial-up. That's not uncommon at all. I really don't see why a power plant needs always-on broadband, though. Especially if they've gone this long without it to no ill effect. It sounds like NRCC isn't thinking things all the way through.
Room362.com - Blog - Getting your n00b fill of security
Mubix shares some links to resources for those looking to get started with security.
Unix Wear: Solaris IPSec with preshared keys
Getting IPSec working on Solaris. I think it'll work with OpenSolaris as well, but haven't tested it yet.
Maker's Schedule, Manager's Schedule
A solid essay on how meetings can completely hose the working day of thought-workers, makers and hackers.
ldd arbitrary code execution - good coders code, great reuse
A clever, well-documented code execution exploit with ldd

Giving OpenSolaris another shot

noreply@blogger.com (Ax0n) — Tue, 27 Oct 2009 03:55:00 +0000

I've got Planet Solaris in my RSS reader, as you probably see some of the content from there in the semi-frequent Delicious Links RSS entries (or on the sidebar). I also follow a few of the Planet Solaris folks on twitter. As such, I read a lot about OpenSolaris.

I've tried it before, in a Parallels VM on my MacBook, but never really gave it a go of things on a decent desktop system until tonight. The system I'm using isn't wired, so I was pleased to see that OpenSolaris picked up my USB WiFi adapter and had no problems connecting to my encrypted network (although there's that network manager annoyance where you, for some reason, have to type in your network key TWICE).

I'm currently running it in Live CD mode, and it's pretty responsive. Granted, I'm running it on 2GB of RAM, so that probably helps a great deal. When I get a chance to swap out hard drives, I'll likely install it permanently to see how it goes.

Daily, I use Solaris, AIX, Windows XP, and Linux. The gnome desktop environment within OpenSolaris is familiar, with a very Ubuntu-inspired default configuration. It's certainly much different than my Solaris 10 "Java Desktop" interface at the office. The default theme is pretty slick, and doesn't make me want to search for ways to cast out the demons of angry fruit salad.

I'll have another update in a while after I settle in with OpenSolaris a little more.

Quick Steampunk Book Review: Boneshaker

noreply@blogger.com (Frogman) — Sun, 25 Oct 2009 21:16:00 +0000

Cherie Priest has done something in Boneshaker I once thought foolhardy and absurd. She has given Steampunkers the world over a good reason to wear googles.

In Priest's alternate history world the Blight has caused the citizens in early Seattle to don elaborate headgear and rock the hell out while running from roving hoards of the rotting undead. The Blight also gives Priest a good reason to have airship pirates, mad scientists and mysterious Chinamen running the streets in a wasted urban landscape. In a strange parallel, she also has a tough lady as a retro-mechanical version of Gibson's Ratz from Neuromancer as bartender in the ex-patriot bar Maynard's.

Overall I liked this book, but I absolutely loved how Priest didn't go over the top with the Steam-ification of things. Not a single person went around with brass watch gears sewn to the lapels of their great coat! Top hats with random gears? NONE! This book is about the nitty gritty of life in an alternate history and these people don't have the time for silly and useless glommifications that seem to be substituting for style in the modern Steampunk fashion trends. Priest has done something I thought was almost impossible and thankfully skipped right over the silly parts of the genre. Until I read Boneshaker I thought Steampunk goggles were among the worst parts of it, right down there with the airship pirate theme. She has lifted them from the depths of absurdity and made them a necessary and believable part of the landscape for the book. Inside the novel is also her own version of a BFG, and the effects of the Blight give it a good reason to exist. None of the characters use silly little raygun pistols and I'm pretty sure I never read the word aether in the book.

Thanks, Ms. Priest! You've redeemed Steampunk from the downward spiral of mindless fashion trends and useless gizmos.

Dissecting a Simplex lock

noreply@blogger.com (Ax0n) — Fri, 23 Oct 2009 02:31:00 +0000

Some guys at CCCKC brought part of an old-school Simplex lock down to the cave. I've always wondered exactly how they work and what kinds of vulnerabilities they have.

Pushbutton locks like this (and older designs with the buttons arranged in a pentagon shape) have been around for ages, but I've never had one in my hands before. I have always guessed that:

They are 100% mechanical (requiring no electricity)
The order doesn't matter.
Any combination from 1-5 digits would be viable
Each button can only be pressed once

I'll explain how these hypotheses work out as I go along.

Starting out, you can see where the inner door knob will attach on the other side of the wall. The nub at the top (or, to the left in this photo) is strange to me. As it turns out, it's used to reset the combination.

Once open, the lock mechanism inside is covered by a metal shroud. Some pivoting arms can be seen.

Here, I have swung the arm going to the combination mechanism out of the way, and I'm pulling the shield away. There's no power in here, so hypothesis #1 is true.

Here, I've re-attached the arm with the shield removed. Every time a button is pressed, the pawl associated with it rotates a little. The bar seen across the top of them will increment any of the lower numbers at the same time. If you press "1", only the first pawl moves. If you press "3", then pawls 1, 2, and 3 move at the same time. This means that the order in which buttons are pressed DOES matter. Hypothesis #2 is false.

Here is the other side of the combination mechanics. Visible is a gate with 5 fingers. When the outer knob is turned and the gate can't fit into the pawls (wrong combination) the furthest left bar (vertical in this photo) stays upright. The pivoting arm buckles, and the inner knob does not turn. The bolt work (not visible) is not withdrawn.

When the gate is aligned, the pivoting arms are allowed to swing up a bit (angled left a bit in this photo), and the inner knob is caught. The bolt is withdrawn and the door is allowed to open.

To reset the combination:

Enter the current combo
Activate the combination reset. I'm activating it with my finger in the above photo, but twisting that nub in the first photo does the same thing. It should "click" when you get it pressed. You do not need to hold the button.
Turn the door knob to clear the combination.
Enter the desired combination.
Turn the door knob again.
Test the new combination. You don't want to get locked out!

So what about hypotheses #3 and #4?

I got a few surprises:

If you accidentally turn the knob twice during a combination reset, you end up completely clearing the combination. If this happens, the door will open without you entering anything. Obviously, if you DO enter something in this state, it'll be wrong and won't open.
More than one button can be pressed at a time, and it's part of the combination. You can require any combination of keys to be pressed simultaneously, up to and including all five at once. 2/3, 1, 4, 5 is a valid combo, and you can't press 2, 3, 1, 4, 5 or 3, 2, 1, 4, 5 to make it work.

#3 was incorrect on a technicality. Any combination of 0-5 keypresses is valid.

#4 is correct. Once a button's been pressed, pressing it again does nothing, but you CAN press multiple at once to increase the complexity of the combination.

All in all, this was a fun little way to spend an hour or so at the cave. I was happy to finally get to learn how these fascinating relics work. As with any combination lock, once you can see the mechanics of it while you mess with it, it's pretty easy to get it to pop open.

The sheer reliability and simplicity of the mechanics leaves me in awe. It's no wonder you can still see these in airports, hospitals, post offices and elsewhere. This is certainly one of the more clever locks I've dealt with.

Props to Rob K for helping me get some higher quality shots of the combination mechanics.

Viral marketing

noreply@blogger.com (Ax0n) — Thu, 22 Oct 2009 03:42:00 +0000

As seen in my Facebook notifications. Facebook apps in general are shady business, but this just seems downright predatory.

For those who don't know, any application you add potentially gives the author carte blanche access to anything you can see on Facebook. Friends' updates, list of friends' friends, not to mention almost anything you've bothered to fill out about yourself. Think about that before you go handing the keys to the kingdom over to LivingSocial or any of the other application developers.

Security.

2600 Article: Roll Your Own Hive-Mind

noreply@blogger.com (Ax0n) — Mon, 19 Oct 2009 23:09:00 +0000

Editorial comment: This initially showed up in the Autumn 2009 issue of 2600: The Hacker Quarterly,Volume 26 Number 3, which is on stands now! I wrote it almost a year ago. Today, I would say that Google Reader's new options make it a very important part of my personal hive-mind, allowing me to crowd-source my news by hand-picking a relatively small group of people who reliably share and comment on things that I find pertinent, urgent or fascinating -- often near real-time. At the time of writing, sharing with people in Google Reader wasn't nearly as intuitive so it got a lot less play. In the past few months, though, it has grown up to become far more than just an online RSS aggregator and a web filter evasion tool to me.

While I don't feel like this is my best work, I do make a habit of publishing all of my printed articles here after they've hit the newsstand.

There's no doubt that social networking is all the rage on the Internet these days. Places like MySpace and Facebook have become ubiquitous social hubs that start out as a circle of your real-life friends. Eventually, others join in that you've probably never met and might never meet in your lifetime. Your reasons for befriending them may be many: interesting photos or content, similar interests, or simply because they're a friend of a friend (of a friend of a friend). Maybe, you just like to compete in the popularity contest to see how many e-friends you can collect.

LinkedIn has a business focus. Maybe that's where you keep all of your professional contacts or hunt for job opportunities. Brightkite is a location-aware microblog with photo hosting ability; Like Twitter on steroids. Maybe that's how you find out who hangs out at your favorite local places to try to find new friends. Friendfeed can aggregate most content from your other social network accounts. Maybe that's where you go to get your 50,000 foot view of your online social sphere.

What if you wanted to craft a specialized hive-mind, though? I'm interested in security, and I've found that online, quite a few security geeks have blogs, twitter accounts, facebook profiles and the like.

Instead of just looking for your existing friends online, you can leverage microblogging services like Twitter to find and follow like-minded strangers. Obviously, self-described social media addicts have no problem finding their cliques, but everyone from World of Warcraft Gamers to Bacon-lovers can find a niche in most social networks. Security nerds like me have SecurityTwits.

The people you follow will frequently ask or answer questions of other folks. You can follow them as well, and pretty soon you end up with a news-feed of data you're interested in. Assuming enough of them follow you back, you will have a powerful hive mind at your fingertips: This collective will give input on ideas from within itself. It will refine, disprove, or validate answers given to questions within the collective. It will link to fascinating content elsewhere on the web that other members might not otherwise find. It will challenge you to participate by giving as much as you get.

I've found that this hive-mind functionality works best on lightweight services like the aforementioned Twitter, or with link-sharing tools like Delicious, Digg, and Google Reader. Facebook and MySpace are far too cumbersome and broad-sweeping in their content to be used efficiently. Plus, most of the services I mentioned have easy-to-use RSS feeds that can be indexed, processed, aggregated, and searched later.

Of course, if you want people in your niche to acknowledge your existence on these social networks, you need to establish your presence with relevant content that's as equally interesting to them as their content is to you. Jumping onto Twitter and following every single member of SecurityTwits, for example, won't immediately integrate you into the hive. By lurking, however, you can learn a lot.

OpenBSD 4.6 is released

noreply@blogger.com (Ax0n) — Mon, 19 Oct 2009 01:24:00 +0000

Normally, OpenBSD is released every May 1 and November 1. The team was really trying to push 4.6 out the door by October 1, but problems with the CDs held it back. Still, they managed to ship the CDs early, and decided to release OpenBSD 4.6 today. I've been offline almost all day, so I just now saw it.

As always, the new release brings more hardware support and improved functionality. Check out the release notes for details. Order your 3-CD set, or hit the mirrors to download installation media images.

On cloud computing

noreply@blogger.com (Ax0n) — Mon, 12 Oct 2009 11:45:00 +0000

It seems everyone is blaming a general failure of cloud computing for the massive data loss that hit Danger, Microsoft and T-Mobile over the weekend.

From what I've read, a failed storage upgrade occurred without a good, solid backup in place. That sounds a lot more like a failure in backup, planning and design than a failure of cloud computing to me. Had the storage folks at my office made the same mistakes, that's what would have been said -- right before the human resources folks came to "have a talk" with the team.

It just so happens that T-Mobile's sidekick phones rely on a lot of back-end storage, so there's the whole "cloud" element to things. I'm not familiar enough with the Danger platform to know how easy it is to back up your own data, but I'd hope it's possible.

I think it goes for any service where you've entrusted storage of your data to someone else: make sure you back it up yourself, if you think it's important. The difference with the Danger/T-Mo disaster, I think, is that it was a lot less obvious to end-users that the data wasn't all stored permanently on the phone. Clearly, "cloud computing" was collateral damage in the wake of a much more mundane failure. The fact that it was completely avoidable offers little comfort for those affected.

Shifting gears: Along comes this piece on how e-mail is becoming less and less relevant.
The thing that separates e-mail as we know it from other messaging platforms is the fact that e-mail is decentralized. Using information stored in DNS, all Internet-facing e-mail servers can properly send mail to the correct server for a given address. IRC is another decentralized communication protocol. The days of decentralized infrastructure are fading fast, though, being replaced by walled gardens that want your constant attention, and many of them requiring a separate account and password. These walled gardens are supposed to be "the new way" of communicating.

You can't easily backup everything you've received through Twitter or Facebook, and the people who communicate with you there have to have accounts. Sure, anyone can get an account. What about Google Wave? Very few of the people I REALLY want to collaborate with have an account. So, while I do see a lot of value in these services for certain things, I don't think that any of them are quite ready to fill the roll that e-mail currently provides. Chiefly: if I have a local e-mail client running on my system, I don't need to suckle at the teat of the Interwebs in order to rifle through my data. It's right there, on my computer. Web mail has indeed blurred the line, but the good web-mail providers still offer mechanisms to back-up your data or use an offline mail client such as Thunderbird.

OpenID somewhat fixes the need to have multiple accounts and passwords scattered all over the web, but shifting authentication "into the cloud" just means that each OpenID account we have will be more catastrophic if compromised. OpenID is tantamount to using the same username and password everywhere, and we know how well that works for security.

How do you backup your cloud data? Well, for starters, you can try a native-client RSS aggregator such as Liferea. One thing that "Cloud" is doing is making syndication possible through ubiquitous RSS feeds. Backups won't work perfectly on every site, for example: you won't actually download all of the photos from Flickr with RSS, you'll only get links to them. It will nicely archive text content, though. This is good for things such as blog posts, twitter conversations and the like.

Solving transit questions with PHP

noreply@blogger.com (Ax0n) — Fri, 02 Oct 2009 20:56:00 +0000

When I saw Visualmotive's "Walk or Bus?" chart, I was fascinated. I love stuff like this! It answers the question of "If I have to be somewhere, is it going to be faster to wait for a bus, or just start hiking?"

I am a multi-mode commuter. I often use my bike combined with the bus to get myself downtown. Sometimes, I also need to get around the city. I almost always do this on my bike unless it's somewhere really close. Still, I felt compelled to create a chart that included bicycling, as well as walking.

The top header is how long you'll have to wait for the bus.Where there's a gray bus icon, it's faster to wait for the bus. Where there's a blue bicycle, it's faster to hop on the bike and ride. The yellow jogging man represents a brisk walking pace and the green foot represents trudging along with an average gait. I extended the chart out to 4.0 miles, which is about how far one can get on a bicycle in an urban setting within half an hour at 8 MPH. These are just guidelines, of course. Some people are considerably faster on bicycles. Others are slower. Same with walking and the bus, actually.

Click for big:

I ended up making a quick program in PHP to draw the main part of the above chart for me. I sourced the icons from the same place Visualmotive did (icons.mysitemyway.com) but opted to modify their icon colors, then added the headers manually in GIMP. I'll upload a .zip file (and link to it) later, with the icons.

The algorithm is pretty straightforward. Urban buses probably average 15 MPH with all their stops included, or about 4 minutes for every mile. Most people can get around on a bicycle at an average speed of 8 MPH (7:30) and so on and so forth as commented in the code below.

The code is pretty simple and very ugly. Not only did I use tables (ew) but I also barf out HTML with PHP. This is why I say there's a massive difference between programmers (like me) and developers (who code for a living).


<html><head><title>Walk, Bike, or Bus?</title></head><body>
<TABLE cellpadding='0' cellspacing='0'><TR>
<TD></TD><TD><CENTER>1</CENTER></TD><TD><CENTER>2</CENTER></TD>
<TD><CENTER>3</CENTER></TD><TD><CENTER>4</CENTER></TD>
<TD><CENTER>5</CENTER></TD><TD><CENTER>6</CENTER></TD>
<TD><CENTER>7</CENTER></TD><TD><CENTER>8</CENTER></TD>
<TD><CENTER>9</CENTER></TD><TD><CENTER>10</CENTER></TD>
<TD><CENTER>11</CENTER></TD><TD><CENTER>12</CENTER></TD>
<TD><CENTER>13</CENTER></TD><TD><CENTER>14</CENTER></TD>
<TD><CENTER>15</CENTER></TD><TD><CENTER>16</CENTER></TD>
<TD><CENTER>17</CENTER></TD><TD><CENTER>18</CENTER></TD>
<TD><CENTER>19</CENTER></TD><TD><CENTER>20</CENTER></TD>
<TD><CENTER>21</CENTER></TD><TD><CENTER>22</CENTER></TD>
<TD><CENTER>23</CENTER></TD><TD><CENTER>24</CENTER></TD>
<TD><CENTER>25</CENTER></TD><TD><CENTER>26</CENTER></TD>
<TD><CENTER>27</CENTER></TD><TD><CENTER>28</CENTER></TD>
<TD><CENTER>29</CENTER></TD><TD><CENTER>30</CENTER></TD></TR><TR>
<!-- Model View Controller what? -->
<?php
$Miles=.2; # .2 Miles. Just walk it. Jeez.
while ($Miles <= 4.0){
$Miles=$Miles+.1;
$TravelTime['Bus'] = $Miles * 4; # Bus ! 15 MPH (4:00 mile)
$TravelTime['Bike'] = $Miles * 7.5; # Bike ~ 8 MPH (7:30 mile)
$TravelTime['Brisk'] = $Miles * 15; # Brisk walk ~ 4 MPH (15:00)
$TravelTime['Walk'] = $Miles * 20; # Walk ~ 3 MPH (20:00)
$Mins=0;
print "<TR><TD><CENTER>$Miles</CENTER></TD>";
while ($Mins < 30){
   print "<TD><CENTER>";
   $Mins++;
   if ($Mins >= $TravelTime['Walk'])
       {print "<IMG WIDTH='45' SRC='img/iconwalk.png'>";}
   elseif ($Mins >= $TravelTime['Brisk'])
       {print "<IMG WIDTH='45' SRC='img/iconbrisk.png'>";}
   elseif ($Mins >= $TravelTime['Bike'])
       {print "<IMG WIDTH='45' SRC='img/iconbike.png'>";}
   else
       {print "<IMG WIDTH='45' SRC='img/iconbus.png'>";}
   print "</CENTER></TD>";
}
print "</TR>"; #I know you're not supposed to print HTML. Byte Me.
}
?></body></html>
So, what started as a desire to have a cool chart to share with other bicycling/pedestrian friends of mine turned into an exercise in algorithms last night, with a little bit of PHP programming tossed into the mix. This is yet another example of a quick-n-dirty program I wrote for something simple.

Hacker Fuel Review: Starbucks VIA Instant Coffee

noreply@blogger.com (Ax0n) — Wed, 30 Sep 2009 15:35:00 +0000

I'm kind of a coffee snob. Not an ultimate connoisseur, but a bit of a snob. I usually drink one or two mugs (~16oz each) of pressed coffee per day. I have a press pot at my desk, and another at home. I grind fresh, locally-roasted beans with a conical burr coffee mill, and bring them to work to brew. I drink my coffee black, as $DEITY intended. (Sorry to bite your style, liquidmatrix guys, it's CATCHY!)

I occasionally partake in a fatty, chocolaty, girly mocha. Since most of the coffee shops in a reasonable distance to my office provide espresso drinks that are either unpredictable or predictably acrid, I opt for Starbucks. It's close. It tastes the same every time, and it's tolerable. That, and the people who work there are friendly, giving me the occasional hook-up.

This time, the "hook up" was a few samples of their new Starbucks VIA product. I put "hook up" in quotes because I'm pretty sure that they're supposed to hand these out to everyone that bothers to enter the store. "It's not instant coffee," Eric said, trying to eschew the stigma associated with the crystallized offal sold as classic instant coughee, "It's micro-ground soluble whole-bean coffee. You'll probably like it." I could instantly tell that the manager had been to training about this product. After all, Instant Coffee Is Serious Business. You can tell from the advertisement floating around on YouTube.

Reluctantly, I took the packets -- disturbingly packaged not entirely unlike individual serving Taster's Choice instant coffee. Heebie jeebies!

When it was time for my mid-morning coffee, I glanced over at my little container of recently-roasted, even-more-recently-ground beans, Then at my stainless steel press pot. Then over to this little pouch of coffee dust. I took the plunge, opting to try Italian Roast, the boldest (their words, not mine) of the samples gifted to me.

Supposedly, one Starbucks VIA packet is scientifically engineered to dissolve in eight fluid ounces of clean, piping-hot water for an imbibery experience that's indistinguishable from a freshly-brewed cup-o-joe from the Starbucks down the street. That's not really saying much, now, is it?

Reaction:
I have to admit, it's not as bad as I'd thought. It certainly is no replacement for my press pot and fresh-ground coffee snobbery, but it works. And it's caffeinated. Or maybe it's the placebo effect that's keeping my brain-aches at bay and giving me a slight boost. The finely-ground coffee leaves a familiar and comforting layer of sediment at the bottom of the mug that one does not encounter with traditional instant coffee.

I skipped the precise measurement of water and suggest you do the same. Put the coffee powder (which really is whole-bean coffee, finely ground!) into you favorite caffeine-quaffing vessel, and add hot water a bit at a time. Sample it frequently until it strikes a balance you like.

Would I buy it?
I forgot to check the asking price on the way out. It certainly does compete with the taste of a $1.50 cup-of-joe, but I doubt I'd pay more than 50 cents each for the privilege of mixing this stuff up myself. It's hands-down the best instant coffee I've had. It'd work in a pinch, and would probably be great for backpacking or office coffee emergencies.

KC2600: this Friday

noreply@blogger.com (Ax0n) — Tue, 29 Sep 2009 14:55:00 +0000

This Friday. Oak Park Mall food court in Overland Park, KS. 5:00 PM. As of right now, there are no demonstrations planned, but bring any geeky projects you have been working on, or just hang out and discuss crypto, security, computing, telephony and world domination with us!

Composite memories of things that didn't quite happen

noreply@blogger.com (Ax0n) — Tue, 29 Sep 2009 02:05:00 +0000

I love music, and for some reason, a lot of times music will bring back memories. Likewise, sometimes remembering things in the past makes a song pop into my head. Almost always, these songs and memories are tied together in my brain, bi-directionally. Usually, the memories are tied with songs I was listening to (or had stuck in my head) when the event happened.

Does this sound weird enough yet?

Examples:

The Starecase remix of Vega, by Paul van Dyk reminds me of a weekend spent installing a wet nitrous oxide system in my friend's car.
Anomaly, by Libra reminds me of my first attempts at programming Lego Mindstorms with the NQC framework.
Save Yourself by Stabbing Westward reminds me of scavenging at Hobby Lobby on a cloudy saturday for materials to finish the final project of B&W Photography class in college.
Nine Inch Nails' cover of Joy Division's Dead Souls reminds me of countless hours spent browsing Silicon Toad's ancient treasure trove, The Infinity Void. (+5 Hacker Points to anyone who can tell me the connection there)

So, I offer up a perplexing conundum that's been bothering me for a few months now. One song conjures up a composite memory. Not two memories. A composite one -- a brain indexing clusterfuck. A lie, for all intents and purposes. A memory I can see in my mind's eye as clear as day, just as if it happened, but it couldn't have.

I got my very first digital audio player for Christmas in 1998. Eager to try it out, I uploaded a few songs to it as soon as I got it out of the package. I just grabbed whatever I had, but I remember the first song I played through it was "The Way U Like It" by Frankie Bones.

Now that song brings back memories of listening to my music player while being an apprentice to my grandfather.

Details so real -- the scent of lunch: Campbell's ramen noodles (a favorite of mine back in the day, I can't find them now), I'm twiddling some frob on the desk in the kitchen's dining area, near the central control for the house-wide intercom and AM/FM Radio system that my grandmother used to page us with when it was time to eat. A bright day -- I saw the cardinal outside that my grandma named "DumDum" because he'd run into the storm door repeatedly each morning. And, of course, Frankie Bones at full blast on the head cans plugged into my new portable music player. My brain thinks this was all real -- all happening together as one event.

Problems:

I apprenticed with my grandfather for half a year in 1995.
My grandfather died in January of 1997.
I got the audio player in December of 1998.
The Way U Like It was debuted as a track on 12" Vinyl in the UK: August 9, 1999.

I've heard that dreams are mostly comprised of things we've seen in the past and assemble in our asleep imagination. Is it that kind of composition that leads to waking anomalies such as this one -- so real and vivid yet so blatently impossible? Am I the only one?

Explanations:

It's possible that I got the date wrong on the audio player. It was released to market before Christmas of 1998, but it's possible that I got it in 1999. I definitely got it for Christmas (or did I?! Mom? Dad? Help a guy out here! Do you still have the reciept for that thing?!) If I got it in '99, the song was already out and I'd probably already come across it by Christmas. That still doesn't explain the other discrepancies.
My grandmother lived at the house several years after grandpa died. It's possible I was listening to that song on that music player at my grandparents' house, sometime after the song was released. In this case, I wasn't apprenticing with my grandpa, and it certainly wasn't the first song I copied to the music player.
I have a history of epilepsy -- that could possibly be part of the composite memory debacle.

I can't think of any other anomalies like this one, though, where something just doesn't add up. It could be because there aren't any other composite memories, or it could be that the ones I have aren't so easily questioned. Don't ask my brain to differentiate between them. It still thinks the memory is real.

I'm not sure what point I was hoping to make with this one, other than wondering how much of what we remember really happened as we recall, and how much of it is a jumbled mess of things that actually happened, just not in the way we remember.

Booting Linux and Windows on separate drives

noreply@blogger.com (Ax0n) — Thu, 24 Sep 2009 02:12:00 +0000

Normally, installing Windows isn't something I'd do. Not for friends. Not for family, and not for myself. My wife dual-boots Ubuntu and Vista on her laptop -- Vista because that's what shipped with it, and World Of Warcraft runs fine under it. She's plenty competent to keep it cleaned up, secure, and able to restore her stuff from backups if something goes wrong. She's probably better at Windows (at least Vista) than I am, and certainly doesn't need my help very often. As for me, I just didn't think I NEEDED Windows for much...

That is, until I found out how much better my employer's VPN works from Windows. It doesn't work well from MacOS, barely works under Ubuntu, and oddly, works okay under Solaris 10, but it's far from perfect. A few days ago, I logged into the VPN from the Corporate-mandated Windows XP Work PC in the office and was kind of in awe. We're talking an order of magnitude better, on a logarithmic scale. Figures, right? With all the after-hours remote work I'm finding myself doing more and more often these days, it looks like I'm installing Windows!

As a self-proclaimed Operating System Junkie, I suppose it wouldn't hurt to dabble in Windows just a little. After all, my wife's already running a game server on Win2k. What can it hurt?

The only machine I have laying around that I felt would do Windows justice is an old Dell PowerEdge tower server, which spends most of its time running Ubuntu. I didn't feel like re-partitioning or re-installing everything, so I unplugged the Ubuntu hard drive, scared up an old 20GB drive for Windows, bolted it into place, then went to town installing Windows. My goal was to move the Windows hard drive to the secondary IDE controller once installed, then figure out how to get GRUB to boot Windows.

From here, I'm assuming that:

You have a Linux distro installed on the first hard drive booting with GRUB
You have swapped the Linux hard drive out for a fresh one (also the first hard drive) and installed Windows to it.
Afterward, you have put both hard drives in, with Linux as the Master on the Primary IDE controller (or the first SATA drive)

First, I wanted to make sure that the BIOS saw all my hardware. At this point, my setup was like this:

hd0 - Primary Master: 80GB HDD, Linux
hd1 - Primary Slave: Optical drive (DVD±RW, etc)
hd2 - Secondary Master: 20GB HDD, Windows

Next, I made certain that Linux booted properly. This, as expected, worked just fine. I rebooted, and paused GRUB's boot process and entered CLI mode to try to boot Windows. Initially, I tried this, which I thought should work:

grub> rootnoverify (hd2,0)  # Select partition, don't mount it
grub> chainloader +1        # Calls the first sector, should be Windows loader
grub> boot                  # What do you think?

Starting up ...

Yeah, right. It locks up. Doesn't even try.

Reading up on the GRUB documentation, I found the map command. Score! This tricks the BIOS into swapping drives around.

grub> map (hd0) (hd2)       # Maps hd2 (as above) to hd0
grub> map (hd2) (hd0)       # ... and vice versa ...
grub> rootnoverify (hd2,0)
grub> chainloader +1   
grub> boot

Amazingly, map did the trick and Windows started booting. It thinks it's running on C: and that Linux is on the secondary Master. Now, to take this and make a "Windows" option in the GRUB menu. Boot into Linux and add these lines to the end of /boot/grub/menu.lst:

title          Windows
map            (hd0) (hd2)
map            (hd2) (hd0)
rootnoverify   (hd2,0)
chainloader    +1

While you're in there, you may want to look for the Timeout line as well, and increase it. I chose not to, because I'll be booting to Windows very rarely.

Then, update GRUB's configuration, since it has to write data to the boot sector on the Linux drive. On debian-based systems, it's:

$ sudo update-grub

Now, give it a reboot and make sure that both Windows and Linux boot from GRUB as expected. This little project actually went easier than I'd expected, mostly thanks to GRUB's documentation. While extensive and technical, it is well-organized.

By the way, I tested the VPN for about 9 hours today and it was rock solid the whole time. Better than I can say for the other operating systems I've tried it with. At least I got some benefit from using Windows. If only I had awesome coffee, an IBM Model M and my MX Revolution mouse at the office every day. And if I could work in my pajamas.

Now, if you'll excuse me, I need to go take a shower with concentrated chlorine bleach and a cheese grater to get rid of all this Microsoft residue.

Verizon Wireless customers: Privacy Fail

noreply@blogger.com (Ax0n) — Fri, 18 Sep 2009 13:13:00 +0000

I got this lovely IED of Privacy Fail in my inbox this morning. See the circled text. It looks like we get opted-in by default! If you don't want to be sold and traded at Verizon's every whim, you should probably try to hunt this down or access the setting in your VZW account.

Update: According to Mike Fratto (@mfratto) it's old news. How long have we been opted in, anyways!? He points out in your account, go to VZW→My Profile→View/Edit Privacy(CPNI) Settings to change

Gustav, the hackerspace twitter-bot

noreply@blogger.com (Ax0n) — Sun, 13 Sep 2009 00:38:00 +0000

Early on in Cowtown Computer Congress' progress, Gustav became our official mascot. When Jestin bought Gustav at a garage-sale, he was a "butler" statue that held a tray. This was probably for halloween candy. Gustav's primitive electronics could sense people nearby with a photocell and do simple actions like breathe and move his eyes. Mostly, though, he just looked kind of cool. We formally adopted Gustav as Professor Emeritus of our hackerspace.

Over the last year or so, we've changed his clothes, added accessories, "facial hair", a remote speaker with a voice changer and swapped out all his circuitry with some homebrew stuff. Usually, Gustav just sits there with a smirk on his face, watching over the hackerspace. Sometimes, he finds his way over to the door and startles people when they first enter the space too. Such an ornery guy.

As CCCKC's official mascot, he has a twitter account. That's in addition to the CCCKC twitter account that's used more for CCCKC-related news.

Since Gustav watches over our hackerspace, I thought it appropriate to empower him to let others know when people are hanging out with him. This is done with a motion sensor. The first time Gustav sees activity, he will tweet about it. As long as people keep moving around, he observes stoically. When the hackerspace remains idle (currently, I'm using 30 minutes as the time-out), he tweets again to notify others that things have gone quiet. I didn't want to clutter the CCCKC twitter feed with such minutiae as the comings-and-goings of hackers on a daily basis, so Gustav chronicles their activity dutifully in his own feed.

This solves the problem of passively letting others know when there's something going on, but keeps privacy at a maximum. Without calling or visiting, there's no way to tell who is doing what at CCCKC, just that there's something going on. This solution avoids the problems posed by public-access webcams and other solutions that might give away too much information for some peoples' comfort.

Hardware

An old 1U Rackmount x86 system I had laying around
X10 TM751 Transceiver
X10 CM11A Bi-Directional Serial Interface
X10 MS13A "Hawkeye" motion sensor

The Hawkeye motion sensors are pretty weak. I eventually want to buy six more ($60 total at the evil website that sells them) so that full coverage can be had for all the rooms at CCCKC. They simply send an RF signal to the X10 Transceiver.

The signal is then placed on the electrical system for any peripherals to detect. In this case, the only peripheral for now is the CM11A serial interface. I could have the motion detector turn lights on and off, sound a chime, or perform several other actions if I wanted. For now, I'm interested in getting the motion detector input to the computer.

The CM11A can sense X10 network data on the electrical system, and can also send X10 network data as well.

Software

OpenBSD is a spartan operating system that works well on slow systems. It has a minimal installation footprint but maintains a rich developer environment for compiling software. It was chosen because it was already installed on the 1U system I am using for the project, and because I've already used Heyu on OpenBSD in the past without any problems.

Curl is a command line tool for transferring files with URL syntax. It's lightweight and works well. Its only job will be to update Twitter from within a shell script.

Heyu is a software package with the ability to make sense of the X10 data and act on it. It's quite extensible, but I'm only using it to trigger a shell script.

Configuration

Compiling and installing heyu on OpenBSD is straight-forward. Unpack the tarball, run "make" and then as root, run "make install"

This is the heyu configuration file I put together. There isn't a default configuration file installed, so heyu isn't "install and go" by any means. This file is /etc/heyu/x10config

TTY             /dev/tty00
HOUSECODE       C
SCRIPT_MODE  HEYUHELPER

The HEYUHELPER Script Mode just tells heyu to look for a script in the path called "heyuhelper" and run it. It passes some X10 parameters in the arguments, but for the time being, I am not using them. The above configuration is almost the simplest one you can put together and have a working Heyu install.

To make heyu start automatically at boot, I placed the following in /etc/rc.local:

/usr/local/bin/heyu -c /etc/heyu/x10config start

The "heyuhelper" script mentioned above, is just a quick line of shell in /usr/local/bin/heyuhelper that appends an epoch timestamp to a log file. This can be extended quite a bit to address individual sensors for determining which rooms are in use. For now, I'm keeping it simple. As configured, any X10 trigger on the house-code Heyu is monitoring will append a timestamp to the log file.

#!/bin/sh
date +%s >> /var/log/motion.log

The final piece of the puzzle is a script: /usr/local/bin/cavecheck.sh, that runs from cron.

#!/bin/sh
curdtme=`date +%s`
lastdtme=`tail -1 /var/log/motion.log`
dif=`expr $curdtme - $lastdtme`

if [ "$dif" -lt 1800 ]
then
if [ ! -e "/var/log/caveactive" ]
then
/usr/local/bin/curl --basic --user "username:somepass" \
-d status="#ccckc: Hackers are in the cave!" \
http://twitter.com/statuses/update.xml
touch /var/log/caveactive
fi
fi

if [ "$dif" -gt 1800 ]
then
if [ -e "/var/log/caveactive" ]
then
/usr/local/bin/curl --basic --user "username:somepass" \
-d status="#ccckc is kinda quiet..." \
http://twitter.com/statuses/update.xml
rm /var/log/caveactive
fi
fi

The cron entry itself is pretty easy. I added this to /var/cron/tabs/root so that it runs once every minute.

*       *       *       *       *       /usr/local/bin/cavecheck.sh

Once configured, I rebooted the system to make sure that everything came up automatically the way it should. If you're not down for that, simply sending a HUP signal to cron and starting heyu manually should work fine.

Once I get more motion sensors and all of the rooms are being monitored, I'll probably turn the timeout down to 15 minutes or less.

Quick Project: 1/8" stereo adapter for my phone

noreply@blogger.com (Ax0n) — Mon, 31 Aug 2009 04:10:00 +0000

My Wife's EnV Touch has a 1/8" jack, higher-res webcam with auto-focus, a better browser and a few other features I really wish this one had. I'm just not a fan of touch-screen phones.

I'm not sure why they went with the dinky 1/16" jack on the Env3, and I'm getting tired of using whatever 1/16" stereo headphones I can find with all of my phones. I want to use whatever headphones are laying around! All of the 1/16" adapters I've found only have 3 contacts, which means they don't quite line up right with the 4-contact jack (Common, left, right, and microphone) found on many mobile phones and result in only getting one of the two stereo channels. This isn't acceptable to me. I needed something better.

I gutted a portable DVD player that broke, and un-soldered a headphone jack. I also scavenged some other parts from it for later, such as the speakers, various two-color LEDs, switches and a few SMT components.

I also found a stereo mobile phone headset in a parking lot a few weeks back. The headphones had been run over and are useless. I cut them off, then soldered the new headphone jack to the wires. Common (usually plain copper color) goes to the highest ring. Left and right go to the other ring and the tip respectively. Or maybe I have left and right reversed. I'm not one to care.

I used heat shrink tubing to hold the entire assembly together. The end result still has a microphone built in, so I can now use any 1/8" headphone as a stereo headset with my new phone.

Total cost: $0.00. The entire thing was built from junk parts and expendable materials I had laying around, such as shrink tube and solder. I'm pretty sure this will find its way to There, I Fixed It.