Back when I was 9 years old (1999) one of our school projects was to build a time capsule for the millennium, the idea being to fill it with things from the first year, and to open it again later in time.

Many people went time capsule crazy around this time, possibly, in part, due to the popular BBC Children’s TV show Blue Peter opening their boxes.

I decided, at the time, to open mine 10 years from sealing it. I actually forgot about doing this, until something reminded me of it whilst my girlfriend was still here. So I fished it down.

My Time Capsule

Ok, I admit, I’m not really much of an artist, or a builder, so this box doesn’t really look like much. But after being in the loft for 11 years, I couldn’t remember everything I’d put into it.

Opening the lid of the box

So, first thing to do was to remove the two screws that held the lid on.

The lid comes off!

When I took the lid off, I had no idea what the piece of paper stuffed in the top contained.

A map of the Millennium Dome

Upon closer inspection, it turns out it was a map of the Millennium Dome, which hosted The Millennium Experience, a huge exhibition in Greenwich, London, which celebrated the the turn of the millennium. The exhibition itself was considered a failure due to less visitors than expected.

The Marconi voting card used to get visitors' opinions at the Millennium Dome

At the dome, as a bit of a social experiment, there were various terminals asking yes and no questions, and each person that visited got a voting card with a unique diamond shaped bar-code in the centre, which depending on the way it was inserted into the terminal, would add a vote of either yes or no to the question that was being asked. My voting card was also found in the box.

A ticket to get into The Centre for Life

Next (well, this came out of the box before the voting card, but it makes more sense to put the Dome stuff together), a little closer to home, was a ticket to get into Newcastle’s Centre for Life, which opened in 2000. The Centre for Life is a science museum and research facility open to the public.

A Pokémon card showing "Pikachu"

Collecting Pokémon trading cards was still quite popular by school kids in 2000, so I included one in the box.

A shiny set of coins in circulation in 2000, head side up

The tail side of the coins

Finally, in the box, was a bag containing a new set of coins in circulation at the time. After being kept in the box for 11 years, they were still shiny.

The date I bagged the coins and sealed up the box (31st December 2000)

The bag I put the coins in had the date that I put the contents of the box together. It took me a year to collect the new coins, so the box wasn’t sealed until the 31st December, just in time for the new year!

It was great to look back at these things.  One day I’ll make another box, and maybe keep it sealed for many more years!

Did anyone else make a time capsule? And if you did, when are you planning to open it?

Cheers

Happy new year from Robert Ian Hawdon, and OP-EZY International

Cheers

Please accept with no obligation, implied or implicit, best wishes for an
environmentally conscious, socially responsible, low stress,
non-addictive, gender neutral celebration of the WINTER SOLSTICE holiday,
practiced within the most enjoyable traditions of the religious persuasion
of your choice, or secular practices of your choice, with respect for the
religious/secular persuasions and/or traditions of others, or their choice
not to practice religious or secular traditions at all.

In addition, please also accept best wishes for a fiscally successful,
personally fulfilling and medically uncomplicated recognition of the onset
of the generally accepted calendar year 2012, but not without due respect
for the calendars of choice of other cultures whose contributions to
society have helped make this country great (not to imply that this
country is necessarily greater than any other country or area of choice),
and without regard to the race, creed, colour, age, physical ability,
Religious faith or sexual orientation of the wishers.

This wish is limited to the customary and usual good tidings for a period
of one year, or until the issuance of a subsequent holiday greeting,
whichever comes first. ” Holiday ” is not intended to, nor shall it be
considered, limited to the usual Judeo-Christian celebrations or
observances, or to such activities of any organized or ad hoc religious
community, group, individual or belief (or lack thereof).

Note: By accepting this greeting, you are accepting these terms. This
greeting is subject to clarification or withdrawal, and is revocable at
the sole discretion of the wisher at any time, for any reason or for no
reason at all. This greeting is freely transferable with no alteration to
the original greeting. This greeting implies no promise by the wisher to
actually implement any of the wishes for the wisher her/himself or others,
or responsibility for the consequences which may arise from the
implementation or non-implementation of it.

This greeting is void where prohibited by law.

Please check with your physician before accepting this, or any other
greetings.

Merry Christmas to all and good night!

A new law put forward in the US is threatening to, once again, limit freedom of speech online. SOPA (Stop Online Piracy Act) will give large companies, if passed, the ability to punish those who use or distribute copyrighted material. This sounds good, right? But then you probe deeper to find that it’ll be almost imposable to claim anything as fair use. (That baby video you uploaded, you know, the one where Mother Bloggs, is playing some music in the background, will be totally illegal and you could get sued for uploading it).

The companies backing SOPA though, have made one fundamental flaw, and that is, in the past, they have promoted the use of file sharing sites and software. This is where we, the average internet users, can fight back.

Mike Mozart, a popular YouTube video blogger has put together a whole bunch of evidence against the companies backing SOPA in the hopes that the act will not be passed. At this point, I’m going to stop rambling and allow you to watch the video.

The original video has been rehosted on this site in case it’s pulled down from YouTube, but to save on bandwidth, please attempt to watch the video from the link to YouTube here:

Original Video on YouTube thanks to JeepersMedia

Go to http://onecandleinthedark.blogspot.com and http://www.cbsyousuck.com for thousands of pages of evidence and links to the original source research on the Internet Wayback Machine.

This is just a quick post to highlight the current issue regarding the future of the internet as we know it. Spread the word.

Cheers

Disclaimer: This article has been written for entertainment & educational purposes only. Hacking into someone’s online accounts is ILLEGAL without their consent. The victim used in the demonstration portion of this article is purely fictitious, and any resemblance to a real person, living or dead, is purely coincidental. Robert Ian Hawdon, Dave’s Blog & OP-EZY can’t be held responsible for any misuse of the information provided in this article.

Right, now that’s out of the way, we may begin…

Introduction

The other day, I took my eye off the ball and left my computer unattended, and I came back to the following message on facebook:

A frape!

I am a tool, Michael ******* is better than me at everything including arts and crafts and the guitar. I have no friends.

This is known as being Fraped (a mash up of the words: Facebook & Raped), and the quote used here, is a quote from Family Guy which has ended up being used by a few mates I know for practically every frape message!

I said to him, “I’ll get you back, when you least expect it!”

So, I decided to take things to the next level, by hacking his account!

But how is that done? Well, the method I’m about to show you is a vulnerability to anyone using a wireless network to access their account, and this issue doesn’t only apply to facebook, but any online system that requires authentication and displays their site on an unsecured web page. Stick around to the end to find out how you can take measures to secure your facebook account from this kind of attack.

 The Preparation

So the first thing that has to be done is to analyse the network the target is connecting from. If they are using a wired network (using Ethernet cables) then you’re probably out of luck, due to the way new networking solutions, such as switches, work. But the biggest weakness is a wireless network.

At our flat, our wireless network is a WPA2 Personal secured network. The level of security is considered so great, that as of yet, it is not possible to crack this kind of encryption, at least, in a sensible amount of time. But brute forcing, and packet sniffing isn’t the only way to break through the first hurdle of wireless security.

Social engineering can be used to gain access to the network, once someone with malicious intent has access to the wireless network, it’s only a matter of time before they will attack your online accounts.

So now, lets say we know what kind of Wireless encryption is being used, we also know the key to access the network, where do we go from here?

We will need the MAC address of the wireless access point and, to make things easier, the MAC address of the target computer (the one the victim will be using to access their online account). MAC addresses can be found by packet sniffing, but a good place to start is to see if you can gain access to the administration pages of the wireless access point.

Router status page showing its MAC address and channel number

MAC and IP address of each machine on the network

In some cases, the default administrator’s password on the access point hasn’t been changed, if this is the case, it’s very easy to find the above information.

Finally, we need a machine that we can use to monitor the network. I used my trusty MacBook running a copy of Backtrack Linux 5. This system is designed with penetration testing in mind, and has all the tools required to check the security of a network.

Backtrack Linux 5

Optionally, we also need another computer that can access the network in managed mode (the way systems usually connect to a wireless network), as when a network card is in monitoring mode, it can no longer participate in the network’s regular traffic. If your machine has two network cards, you’ll be able to use one for networking, and the other for monitoring.

Gathering the Packets of Data

Now we are ready to start the attack, I’ve decided to attack another mate, Gary Newbigin, for being a bit of an idiot

Gary Newbigin's profile

Firstly, we start by opening a terminal on Backtrack, and punching out the following command:

 # ifconfig wlan0 up

This will active the wireless interface on backtrack.

Next, we’ll create a dummy interface, in monitoring mode, to analyse information picked up by the card:

# airmon-ng start wlan0

This will create a new interface called mon0

Creating monitoring interface

Now, we’ll start monitoring the packets the card is picking up from the access point. We’ll need the MAC address of the access point, and the channel the access point is broadcasting on:

# airodump-ng mon0 –bssid xx:xx:xx:xx:xx:xx –channel x

(replace the first set of xs with the MAC address, and the other x with the channel number)

Monitoring

Now we’re ready to start collecting this traffic. We’ll be using Wireshark for this, which can be found in:

Applications –> Backtrack –> Information Gathering –> Network Analysis –> Network Traffic Analysis –> Wireshark

Wireshark

Now, before we can start, we need to tell Wireshark how to decipher the WPA2 encryption:

Edit –> Preferences –> 802.11

Here you need to check the box to enable deciphering, and input the key in this format:

wpa-pwd:yourwpapassword:SSID

Telling Wireshark our WPA2 Key

Wireshark is now ready to start collecting packets, we’ll start by going to:

Capture –> Interfaces

Click the settings button for the mon0 interface, make sure “Promiscuous Mode” is selected, and start.

Wireshark Capture Options

Wireshark will now start displaying the packets it’s collected. This is where we see one of the features of WPA encryption in action. The data we are receiving is still scrambled, as we are missing one more piece of information.

Starting capture

WPA uses a one time key known as an EAPOL (Extensible Authentication Protocol Over LAN), which is a 4 way handshake. To be able to start deciphering the WPA encryption, we need to capture this handshake.

For this, fire up another terminal, and type the following command:

# aireplay-ng -0 1 -a xx:xx:xx:xx:xx:xx -c yy:yy:yy:yy:yy:yy mon0

Again, the xs are the access point’s MAC address, and the ys are the target computer’s MAC address. This will kick that machine off the network, forcing it to reconnect and go through the EAPOL process again.

Forcing the 4 way handshake

This time, Wireshark will have captured this, and all traffic on that client will be appearing in plain text.

Filtering and Extracting the Relevant Data

Now we are receiving useful packets, but they’re mixed in with lots of useless traffic, we need to filter these down to the specific machine. From the admin pages of the access point, the DHCP page shows each MAC address and the IP associated with it. We’re also looking for http packets, so we’ll apply the following filter to Wireshark:

ip.addr xxx.xxx.xxx.xxx and http

Replace the xs with the IP address of your victims machine. Press enter and the packets should be filtered.

Filtered Packets

Now, Facebook’s servers are hosted on IP addresses starting with 69, so we should start looking for results where data is being sent from your victims machine, to an IP starting with 69.

A packet destined for Facebook

We can see from this screenshot, that in this particular packet, there is a Facebook cookie. This is included so that you don’t have to keep typing in your username and password each time you follow a link. This is sent to Facebook every time you view or refresh a page.

We can copy Gary’s session cookie by right clicking on the cookie line –> Copy –> Bytes –> Printable Text Only

Copying the cookie

At this point, as we don’t have any managed network access on this machine, we have to paste the cookie’s contents into a text file, and save it to a USB drive.

Pasting the Cookie

Exploiting the Data We’ve Extracted

Next, we need to open up a browser. In this case, Firefox. Install Greasemonkey if you don’t have it already, and install the Cookie Injection user script from this website (Mirror copy).

Go to the Facebook website, and make sure you’re logged out. At the password screen, press ALT+C and paste the cookie contents into the box that appears and press OK.

Injecting Cookie

You’ll be told that the cookies were written.

Cookie Written

Finally, refresh the page, and we’re now in Gary’s account.

Logged in as Gary Newbigin

“What’s Just Happened?”

So you may be wondering what you’ve just done. To summarize,what we have just done, is monitored our friend’s wireless network data, and patiently waited for him to send a request to Facebook. This request had what’s known as a session cookie embedded in it, which allows Facebook to know which user requested it and if he had authorisation to do so (by being logged in).

What we just did was steal this cookie, inject it into our browser to trick Facebook into thinking that we’re Gary Newbigin, and we should have access to his account. As Facebook doesn’t check which copy of the browser the cookie is for, it accepts our spoofed request, and will allow us access, all the time Gary is also online.

As the cookie is set to expire as soon as Gary logs out, it’s important that anything we do with this access is done before he logs out.

Fraping Gary

As you can see, I’ve fraped him from the comfort of my own machine, leaving him baffled as to how it was done.

After we’ve done this, it’s also important that we don’t log out of Gary’s account, by instead, navigate away from Facebook, and clear the browser’s cookies. If we log out, the cookie expires, and the real Gary is also logged out.

Logged out of Facebook

So, what can hackers gain from this?

Depends what they’re looking for, as this attack was performed when our victim was already logged in, it was impossible to recover his password. If we’d caught the crucial packet used to log in, we would have seen his username and password stored in a packet.

Obviously, as we are logged in as him, we can view anything he has access too, personal information, private photos, his friends photos.

Email address

This is a huge security threat, as Facebook has enough data stored on it, to get a decent amount of information about any one person!

But surely, like you said, WPA is so difficult to crack…

Yes, whilst this is true, it’s not impossible, sooner or later it’ll be cracked, and as I just showed, if you know enough data about the network, you can still break in!

If you are using WEP, or an unsecured network, the risk is far worse, as the 4 way handshake method isn’t used, and once the WEP key has been cracked, (or no key is used at all) all the data for that network will appear in Wireshark for anyone to see.

As most public wireless hotspots run unsecured, this makes hacking a real issue in the outside world. But…

What can we do?

Well, in terms of Facebook, it’s really simple. In your account options, there is a setting to turn HTTPS on by default. This means all communication with Facebook is secured by SSL, which is an encryption system. Although the data past around the network you’re connected to could potentially be at risk, the data you are sending is already scrambled making it impossible to capture what you’re doing.

Turning on HTTPS

Sadly, some applications used in Facebook require the user to leave HTTPS, this means once that application is used, your data is at risk again.

If you’re using a public Wifi access point, a VPN (Virtual Private Network) is the safest way to work online. They are secure, but sadly providers can charge a bit for their service. All your data is routed through their server, meaning it’s a case of trusting what they do.

Finally, if you’ve got the know how, you could tunnel your home internet connection securely via SSH, this is a bit more technically advanced, and will be the topic for another post.

So, in conclusion, you might want to have a double take on the security of the network you’re using before accessing personal data!

Cheers

You may, or may not, have noticed the new domain name for this blog: http://robertianhawdon.me.uk/blog/

This was basically done, as I have plans to put some more work I have done online, separate from OP-EZY.

Anyone who’s bookmarked pages from the blog’s old location should updated them, but the server is set up to forward you to the right place anyway.

Cheers.

So, I stumbled upon this the other day and decided to share, not sure how common this knowledge is, but it was certainly news to me.

Standard Keyboard view on iPhone

To enable easy access to emoticons (emoji), you will need to go into the settings of your iDevice, it’s important to note that there’s no jailbreakary used here!

Keyboard Settings

1. Press the home button to get back to the springboard (the screen with your apps)
2. (Optional) Press the home button again to go to the first page of apps (if your settings app is located there)
3. Open Settings
4. Tap “General”
5. Tap “Keyboard”
6. Tap “International Keyboards”
7. Tap “Add New Keyboard…”
8. Select the “Emoji” keyboard
9. Press the Home button
   

   Emoji "Language"

Now, launch an app that uses the keyboard (messages will do fine), and get the keyboard to appear (start writing a message)

A new key (a globe – international keyboard) will appear between to the “123″ and Space keys (or the “123″ and “Siri” key if using an iPhone 4S), and tapping this will show the huge selection of emoticons you can use.

Emoji Keyboard

For best results, the recipient of any message should be using an iDevice, but sending messages to any device won’t restrict you from using emoticons.

More information can be found at the following Apple Knowledge Base article: iOS: Understanding emoji

Cheers

I’ve moved out from my parents’ house in to a student flat (though the OP-EZY servers are still back home), and I’m now studying Network Systems at the University of Sunderland. This is taking up a fair bit of my time, so I haven’t been able to spend as much time managing this blog as I’d like to.

In OP-EZY news, the OP-EZY main site is being redesigned, running on our own CMS (Content Management System) – MagicPage. This should hopefully be ready before Christmas. We also have a second server, dedicated to running ASP.NET sites. This server is running Windows Server 2008 R2.

With this new server online, I am able to host the website I made for the “Web Development” module at Gateshead College. You can view it here: The Bill Quay Cricket Club

Finally, there’s a slight possibility that there could be some developments in regards to Intacta.Code, which I’ve been interested in for some time, so watch this space!

That’s about all for now, hopefully there will be a few more posts this month, so again, watch this space.

Cheers

It was about 9 or 10 years ago, I was with my parents at Costco, and I spotted a colourful box on the shelf that said “Assorted Mini Fruity Gels”…

Inside this box was about 90 little cups, about the size of those UHT milk cups you sometimes get with coffee in cafés,with plastic lids. Inside these cups were, what only could be described as Jelly, but in the centre of it, was a hard lump. These lumps were, presumably, supposed to resemble a chunk of fruit, but in fact, they were a piece of fermented coconut known as “Nata de coco”

The jelly itself had a strange texture, it wasn’t like the usual jelly you’d usually get from the supermarket, this stuff was a little firmer than that. But of course, before I could find that out, I had to figure out how to extract the jelly from the cup. I tried sucking until it came out, but after having a few of them, I realised you’re supposed to pinch the bottoms of them and the jelly would break free.

A few months later, a message got sent around school, telling teachers to check pupils packed lunches for these and to confiscate them, as the FSA (Food Standards Agency) was calling for a national recall after a few children choked to death (by using the sucking technique to extract the jellies from their packaging!)

Now, I just so happen to have the tub these things came in, as we reused the box to hold grit for driving in the winter:

In a way, it’s a shame these snacks were pulled off the market, as they were actually quite good, but understandably, as they were the cause of deaths in children, action needed to be taken.

Sometimes you do end up thinking “What if it was me?” as afterall, the FSA said the choking usually happened if one was to try and suck the jelly out of the containers, and, as a kid, it took me a while to figure out how you were actually supposed to eat these things!

On the other hand, do we need to ask does health and safety take things too far?

I’ll let you decide.

Cheers

Well, the decision not to upgrade came a few months ago when I heard a rumour that the following were not going to be included in Lion:

• Front row
• Java
• Rosetta

Now lets look at these in a bit more detail, starting with Front row. This was pretty much Apple’s attempt at making any Mac into a large iPod. It was designed so you could use your Mac as a media centre, easily allowing you to navigate through your iTunes library, from the comfort of your armchair with the use of a remote control. This wasn’t as popular as expected, and Apple have decided to drop it from OS X starting with Lion.

Next, Java. It’s important to note, that Apple doesn’t own Java, and by removing it from the default install won’t make too much of an impact, it just means that if you need to run a Java based program, then you’ll need to visit the Java website and download the Java runtime environment, and everything should just work.

But really makes me want to stick with Snow Leopard is the fact Lion has no option to install Rosetta. Back in 2006, Steve Jobs announced that Macs were switching from using Power PC processors to Intel ones. As the two processors use a different set of instructions, programs needed to be rewritten to use the Intel instruction set. Some programs (Adobe Creative Suite 2 and Microsoft Office:mac 2004 for example) were expensive to buy and/or didn’t have Intel compatible versions on the market yet. For this, Apple created Rosetta, a Power PC compatibility layer, which allowed PPC code to run on the newer Intel Macs. It worked so well, some users were oblivious to the fact the system was even emulating another!

A dialogue more people will be seeing over the next few months!

Looking at the app store comments for Lion, many of the comments seem to be regarding the fact that Adobe programs from the CS2 range no longer work, others complain that Office 2004 isn’t working. It seems that Apple’s prediction that no-one in 2011 will be using PPC applications might have been off a little!

Now, I don’t have many PPC only applications running on my Mac, but it would be nice to be able to run one should I need to. Also, on my very slow internet connection, I can’t really be bothered to wait hours for this update to download only for it to break applications that haven’t been updated for a long time!

On the plus side, I guess it means people will stop using MSIE 5 on Macs now

Is the lack of PPC support affecting you? Leave a comment or answer the poll above.

Cheers