Tuesday, 12 November 2013 at 22:15
In the past day or two an interesting piece of news has been making the rounds. Earlier this year the police department of the city of Seattle, Washington set up its own wireless mesh network
for what many people are saying is for the purpose of keeping people under surveillance. The hardware was purchased from Aruba Networks
; it is unknown whether or not the company set up the gear, or if another outfit was contracted for installation and maintenance. Each of the nodes is apparently broadcasting frames containing ESSIDs
that reflect its location (such as 4th Avenue and Union Street
), which is probably why some people noticed in the first place. The nodes are undoubtedly handling more traffic but without packet captures there's no way of knowing (hint hint, cough cough). The Seattle PD isn't saying much
so all we have to go on is a handful of facts, knowledge of how wireless networks work, and I'm sorry to say a lot of ill-informed rumors. Let's try to sort things out as best we can.
The first logical question to ask is, why use wi-fi? The best hypothesis I can come up with is that police may not be able to gain access to cellular records in what they consider a timely fashion. It is well known and understood that cellular providers track the IMEI
of every cellphone that pings every tower on the cellular network at what time, and that information can be handed over to law enforcement (and other) agencies without warning. Cell companies maintain detailed inventories of their gear, maps of where every cellular tower is, and what cellular nodes are positioned where on them. Log a certain IMEI on a certain transceiver on a certain tower and you know roughly where that device is. Log the same IMEI on several transceivers on several towers and you can figure out where the device is in a lot more detail. Analyze the pattern that IMEI makes and you can plot the device's trajectory on a map. However, that often means hitting up several cellular providers at the same time and hoping that they all respond fast enough for police to find someone. That probably isn't the case. Wi-fi gear is much less expensive than cellular equipment (even if it was technically paid for by DHS and not the city of Seattle per se) and requires less bureaucratic overhead (such as FCC licensing) to deploy.
In case you're curious, here are a few ways you can find out the IMEI on your mobile device
It seems plausible to state that this network could be used, in part at least to track people based upon the locations of their mobile devices. Smartphones, tablets, and MP3 players which are wireless enabled will, if they are not powered down or if wireless is not disabled, periodically probe for the presence of wireless networks they've been a part of in the past by sending association frames
in the hope that the access point is still out there and will respond. Those association frames
contain, among other things, the MAC address
of the wireless chipset in the device, the ESSID of the access point, the supported data rates of the chipset, and any additional capabilities of the device (which may be sufficiently unique to help fingerprint a device, and later the device's owner). While this leaks some potentially identifiable data (like the name of your network at home), it could also just as easily broadcast the network name of any of the bazillion Starbucks franchises undoubtedly squatting on corners in Seattle like mushrooms after a summer rain ('attwifi', if you care). It is possible that apps installed on or semipermanently baked into the firmware of your device may broadcast additional identifying data, but without a packet capture
there really isn't any way of knowing.
As an aside, MAC addresses are not globally unique. You can bet your goldfish that at least ten other people on the planet have wireless devices that have the same MAC address
. However, there are 2^48 possible MAC addresses, which is a big but finite number, and it is statistically unlikely that two mobile users will have the same MAC in Seattle. That seems sufficient to follow the movements of a single mobile device. Taking into account the set of ESSIDs the mobile device may try to associate with provides additional information with which to uniquely identify the owner of a device. Additionally, the wireless MACs of mobile devices are notoriously difficult to change, even if the device has been rooted. The wireless chips may not support soft MAC changes (but pretend that they do). The chips may power cycle themselves to get back to a known-good state and ask to be reconfigured without the user knowing after they've been frobbed, too. If the sensors also sniff other forms of traffic emitted by mobile devices that traffic can be characterized and used to identify the device (and then its owner) more precisely.
The countermeasures for this are remarkably simple: Turn wi-fi off on your mobile device before you leave. Not only will you save the battery, but you won't be trackable via wi-fi emissions. The more paranoid are advised to pull the batteries on their mobiles entirely, if feasible.
It would not surprise me one bit to discover that this network had several other uses. Radio communications in cities, especially densely packed ones are unreliable. Line of sight is key for radio, and if you don't have it (and you usually don't in big cities) there's a good chance that your signal might not get through at all. Sometimes buildings are so large that they prevent any signal at all from propagating very far. Sometimes buildings refract RF in such a way that the signal goes in the wrong direction or scatters so much that you can't make anything out. Repeaters aren't found everywhere, just in a few strategic locations, and being able to hit one with a radio isn't a sure bet. Mesh networks are, in fact, a good way of setting up reliable comms in such areas because they can work around many of those environmental obstacles. Additionally digital radios are becoming more and more popular with law enforcement agencies, and digital modes readily lend themselves to working in mesh topologies. So, I would be unsurprised to find that these units in Seattle were set up with mesh repeaters to make police radio communications more reliable. Were I solving such a problem, that's what I would do.
I will concede the possibility that the wi-fi ESSIDs broadcast from the nodes could be for the purpose of remote maintenance. So much kit these days plugs into the Net so it can be managed remotely, and industrial grade wireless access devices are no exception (I've worked with too many of them over the years). Naming the device after its location is good practice in that it's self documenting; to put it another way, you don't need a Captain Midnight Secret Decoder Ring to figure out that the AP air5Pohk is at Sixth Avenue and Union, it would logically call itself 6th&Union. On the other hand, for a municipal project this is really, really bad practice. If you announce what something is and where it is, chances are somebody's going to get curious and go poking around. Like the people who wrote these news articles
and then you have to contend not only with the press but with people who take it upon themselves to cause trouble for you. This possibility doesn't seem to jive with official statements to the effect of, "Yes, this is a mesh network," not without more data from the field.
The mailing lists of a couple of projects that I monitor (as well the ones I'm part of) have also had some discussions about these news articles. Mainly, they're concerned that the reputation of community wireless networks will be adversely impacted. The big concern is that, due to the fact that a municipal mesh project in Seattle is in a position to put an entire city under surveillance, our own projects might be thought of in the same way. Some might think that we're setting up our own surveillance network, when in fact we're not. This could hurt the adoption of community wireless networks across the country (moreso than state and local laws already have
). It's also too much to tell people to look at our code and see for themselves. Let's face it, there are a lot more non-coders than there are coders, and that's just going to make people more mistrustful. The best, and really the only thing we can do is be personally active in our communities. We can't just set up a bunch of equipment and hope people are going to use it, we have to tell people about it. We have to tell people what it is, what it's for, and more importantly who it's for. They're going to come to us with their fears, especially due to news articles like that. And we're going to have to lay those fears to rest however we can.
It means stepping away from the keyboard and being people and not hackers for a time.
Sunday, 10 November 2013 at 03:43
On our way out west, Jason and I visited Petrified Forest National Park
in Arizona. We weren't able to tour the entire park because we were on a fairly strict schedule (we had to get through Arizona in one shot because our route took us near precisely zero hotels or rest stops) but we did stop off at the visitor's center for a short time to browse the exhibits in the plaza. Here are the pictures we took.
Wednesday, 06 November 2013 at 00:23
In August of 2013 the wonderful folks at Geeks Without Bounds
held an unconference
at the MIT Media Lab
called Catalytic Converter
. I was invited to both attend and present, and when I wasn't in session I wandered around Cambridge as well as the Media Lab. Cutting to the chase, here are the photographs I took during my visit
. I saw some very impressive things there, and I wanted to share them with all of you in the hope that you'd partake of some of the wonder I felt.
Oh, there was also an active Byzantium
mesh at MIT for a while. :)
Friday, 01 November 2013 at 21:15
Very busy at the new job. Still settling in at the new doss. Putting in long hours. Feels like good, productive days, though.
Sunday, 13 October 2013 at 22:02
Obligatory warning: If you are fandom-averse, you might want to skip right to the photographs
Some months ago, a good friend of mine
dragged me kicking and screaming into the Homestuck
fandom by way of a novel length fanfic she and a friend are writing
I won't tell you about Homestuck
. That's not what this post is about. I will, however, tell you about the latest project to come off of my workbench, which was building as functional a replica of Jade's lunchtop computer as possible.
Cutting to the chase, after being infected with the Homestuck
meme and searching for something to do for the Mini-Maker Faire (because HacDC
was gifted with a table) I got it in my head to build something to show off. It didn't take very long to settle on Jade's lunchtop computer
. I did some calculations on the back of a napkin and came up with the following requirements:
- Lightweight. A child must be able to carry it around easily.
- As self contained as possible.
- Functional. A child has to be able to use it to carry out 'real' tasks. An adult has to be able to use it to carry out 'real' tasks as well.
- It has to have a display built in.
- It has to have more processing power than a toy.
- It has to be portable.
- It has to resemble the lunchtop computer in Homestuck as much as possible.
Implementing an immersive holographic display is beyond the capability of current technology, so that was out. I didn't have time to integrate my Leap Motion
either but that's not entirely off the table yet. There were many things I was able to accomplish, however...
More under the cut...
Sunday, 15 September 2013 at 21:41
I haven't seen this get a whole lot of love recently, so I thought I'd boost the signal in some small way.
On Sunday, 29 September 2013 between 1200 and 1700 EST5EDT there will be a Mini Maker Faire in Silver Spring, Maryland
. If you've never heard of Maker Faire
, it's a series of events organized and thrown by Make Magazine
that are collectively billed as the Greatest Show-and-Tell on Earth. At a Maker Faire you can see everything
from 3d printing demonstrations to singing Tesla coils, combat robots to kite photography, and everything in between. Mini-Maker Faires are, as the name suggests, smaller local events which are community-driven and not organized by Make Magazine. You can see many of the same things there but they're not as huge as the regional ones.
The Silver Spring 'Faire will be held at the Silver Spring Civic Building
(One Veterans Place; Silver Spring, MD; 20910). It's free to attend but if you want to enter any of the raffles being held you'll have to register on Eventbrite
. NASA will have a team there doing interactive projects with the kids and you'll be able to help build a giant marble racetrack. Discovery Communications
will be demonstrating a pumpkin trebuchet
. DC's Central Kitchen will be talking about their edible urban garden. There will be aluminum aerogami, and HacDC
will have a booth there, and we'll be demonstrating some of our projects. We'll also be doing live demos of Project Byzantium
at the 'Faire. The full list of exhibits, displays, and activities can be found here
Bring your families! Bring your kids! Bring your classrooms! Bring your projects!
Saturday, 31 August 2013 at 17:49
In the wake of Chelsea (nee Bradley) Manning's sentence of 35 years in military prison
for leaking the massive volume of documents now known as Cablegate to the media organization Wikileaks, there is now a hard as diamond legal precedent that criminalizes whistleblowing, the act of making evidence of misconduct, fraud, unethical, or illegal activity known. It is widely believed (often correctly so) that disclosing such activities to what are considered the proper channels will result in serious repercussions. It is also widely believed that such disclosures will have little to no positive effect because those reported on are often positioned in the chain of command such that little to nothing can be done about the allegations. Power is a privilege and an end unto itself.
Manning's conviction implies that whistleblowing is in itself an illegal activity. Even though there is an agency of the United States government
dedicated to investigating and prosecuting wrongdoing
reported by civil servants and contractors there is still a process that must be followed. That process takes time to run its course, which can amount to months or years. Months or years in which whistleblowers could potentially be charged with crimes (real or invented) before the OSC has a chance of carrying out the duties it is charged with. Duties such as investigating fraud and embezzlement
or abuse of subordinates and possibly misuse of personal information
Technically speaking, whistleblowing is supposed to be protected under federal law and enacting reprisals or outright retaliation against whistleblowers is illegal. It is entirely conceivable that, when faced of the prospect of being brought up on charges because they've been found out, bad actors within the government will file trumped up criminal charges against whistleblowers, neatly sidestepping the anti-reprisal laws. Charges like misappropriation of government funds (discovering wrongdoing on billable hours (which are basically the taxpayer's dime)), misuse of government computer systems under the Computer Fraud and Abuse Act
(a statue which is so poorly written that incrementing a digit in a URL is technically a felony
, so reading an incriminating document can certainly fall into this category), or disclosure of sensitive materials (overclassification
of materials is a known problem with no clear answer in sight). Long before the bad actors can be brought to account the whistleblowers could be charged, brought to trial, and ruined if not convicted for trying to do the right thing.
It is my considered opinion that, at least within the federal sphere (and this includes contractors), the reporting of misconduct and wrongdoing is going to decline over the next several years. During this time it will be interesting to keep an eye on civilian and government bodies of law (as opposed to military law, which is a whole 'nother smoke) to see what transpires. While cases that are specifically whistleblowing will decline, cases against whistleblowers (though we won't necessarily know it) will increase somewhat. If all of the facts were known it would be interesting to cross-reference those cases against recorded instances of internal whistleblowing to see what patterns emerge. There is no reason to expect laws that are meant to protect whistleblowers to will be effective
now or in the future. There is also a possibility that resignations will increase during the same period of time because it's much easier (and safer) to find someplace new to work than it is to try to change things from within.
Monday, 19 August 2013 at 15:19
On the Internet, there exists a meme called Godwin's Law
. Simply put, "As a Usenet
discussion grows longer, the probability of a comparison involving Nazis or Hitler approaches one," (where probabilities are specified as floating point values between 0.0 (0%) and 1.0 (100%)). It is usually at this point that the discussion is considered completely derailed and no longer worth following.
It seems that a similar phenomenon is occurring more and more often in the twenty-first century, in which online discussions of cryptographic or security software will eventually lead to someone bringing up Ken Thompson's famous paper Reflections on Trusting Trust
as a way of refuting the notion that any software you care to name could plausibly have been backdoored because a cleverly subverted toolchain can not only backdoor the security software during compilation, but can also reinstall the backdooring functionality if it detects that it's recompiling itself. It is assumed that everyone taking part in the discussion will not go to the trouble of writing their own toolchains
from scratch, thus almost ensuring that all of the code in question is free from tampering.
Therefore, I propose forking a version of this meme called Thompson's Law: As a discussion of cryptographic software grows longer, the probability that someone will mention a self-backdooring, backdoor installing toolchain can be used to compromise said software approaches one.
I further propose that, when this happens, one participant (and only one) replies with the word "Cheers!" and nothing else, because at that point really the only thing left to do is go to the pub.
Sunday, 18 August 2013 at 18:37
Since the NSA revelations began coming a couple of times a week for the past month, an all too common set of dialogues has been cropping up again and again and again in practically every forum that one would care to visit. While the discussion itself isn't perfectly replicated the overall pattern is. It goes something like this:
- Brief description of vulnerability. Mitigating tactic.
- Mention of a vulnerability elsewhere in the user's system.
- Description of a slightly more esoteric vulnerability.
- Use another system.
- Encrypt everything.
- Quantum computer.
- Use Tor.
- Tor can't protect against country-level surveillance.
- NSA backdoor.
- The NSA has thousands of 0-day exploits stockpiled for everything from my Commodore-64 to Cray Unicos.
- Mention of a highly esoteric hardware level attack.
- Malware used to surreptitiously dump contents of RAM, including crypto keys.
- Evil Maid Attack.
- Mention of a backdoored software development chain compromising the software as it's compiled.
- See? I told you! NSA backdoor!
- Open source software is safer.
- CryptoCat vulnerability that received stupid amounts of press coverage.
- Mention of circuitry backdoored at the factory.
- Link to unclassified US military research paper about backdoored circuitry discovered in the field.
- We're all screwed.
- User never posts again, presumably because they've given up on the Internet.
The implicit assumption here is that every single user on the Net is being overseen by a neigh omniscent government agency that, at the drop of a hat will crack your computer and go rifling through everything you've ever written, posted, sent, or thought to look for a reason to throw a black bag over your head and drag you to Guantanamo Bay. There is no way to prove or disprove such an assertion, just as there is no way to prove or disprove that a particular server hasn't been compromised. There is a further assumption that everybody online - you, me, your friendly neighborhood sysadmin, the folks who run your ISP, and everybody else out there - are presumed to be potentially dangerous, which is why we're all under surveillance. I can't refuse that assertion, either, because there is a wealth of evidence that suggests that this is, in fact the case. When you have a state apparatus trying to fight a fourth generation war
but the very nature of the world we live in now operates in a fifth generation
mode by default, the only real strategy that has any hope of succeeding is to treat everybody as a potential enemy combatant.
In all of these discussions, very few people (if any) openly talk about risk management
, or the process of figuring out what risks you're taking with a given hardware and software configuration, which are high, medium, or low priority, which are irrelevant, and figuring out what to do about it. Any vulnerability that we know of is assumed to be actively and aggressively exploited by agencies unknown (read: intelligence agencies) for the purpose of information collection. Any shred of basic common sense (such as installing updates when they're made available
) never even blows past the discussion, and if it does nobody seems to notice (they certainly don't respond if they see it).
News flash, denizens of the Internet: Nothing is perfect. Nothing. People seem to want to eliminate any and all risk entirely, i.e., they want perfect safety and security. There is no such thing, nor will there ever be such a thing. None of the existing models, from time based security
to language theoretic security
to game theory
say anything about eliminating the possibility of being pwned. Risks and dangers can be analyzed, mitigated, and planned for but you can never catch all of the edge and corner cases.
Another implicit assumption made in this body of discourse seem to be that all of everybody's encrypted comms are being decrypted and read for content, when in fact this is only half true. For all intents and purposes, all of our comms are, in fact, being intercepted but there is no evidence at all that they are being successfully decrypted. In fact, a good case has been made for discarding a large double-digit percentage of the traffic
because it's simply not useful. To an intel agency, who's running a torrent of the latest Hollywood blockbuster or is downloading porn isn't particularly useful. Realtime communications - two-way, three-way, more-way voice, video, and text chat - are where people are interacting with one another and making plans. That is, unless we start seeing orders to deep cover operatives to start blowing up airplanes or releasing biochemical weapons on public mass transit lines spoken by the actors in porn clips, in which case rule 34
will be proven to be a fundamental law of the universe. But I digress.
Additionally, a basic assumption of cryptography since Elizabethan times is that your communications are being intercepted by a silent, passive attacker. The point of encrypting traffic is to make all of those already intercepted communications as difficult as possible for the attacker to make any sense of. If you send a signal of any kind, there is a non-zero probability that someone who isn't the intended recipient will hear it. Them's the breaks. If you don't want anybody to know you're there, then you can't act or speak because you'd be leaking bits of information
. It should also be pointed out that it's recently been confirmed that it's easier to dodge crypto entirely by compromising the endpoints rather than trying to break the cryptosystems themselves, so there's no guarantee that encryption will keep you safe. Several of the surveillance oriented malware strains I've run into out there have been designed to do just this - grab content just before encryption and just after decryption.
One last thing: Sufficiently paranoid and motivated agencies don't need reasons to kidnap you and fly you to a black site to be imprisoned and tortured for years. Your surly tweets and blog posts would just be icing on the cake if they decided you were a threat. Skin color has been shown to be more than sufficient. Where you go to worship if you worship is a reasonable justification today. If somebody who can get away with it thinks they need to disappear you, they will do so regardless of how much information they have actually collected on you.
So, where does this leave us? What course of action shall we take?
Beats the hell out of me.
There. I said it.
The only advice I can give you is this: Use your brains, that's what you've got them for. Consider what you actually, really do: Are you writing software? Are you politically active? Are you a researcher or a scientist? Do you work in a sensitive field, like information security, aerospace engineering, or consulting? Do you do human rights volunteer or professional work? Great. For what you actually do
, what is the worst that could happen if you got pwned somehow? What would happen if your notes or your pre-commit codebase were corrupted? What about your list of contacts at work? What would happen if your contact list fell into the hands of people who could commit murder and get away with it? In what industry do you write your software for? Do people who could be shot at use your software? Do you say anything that could get you or they people you work with arrested? These are hard questions to answer but you have to ask them, and follow up on any other questions that come to mind.
Plan your strategy from there. Start with keeping your kit patched, move on to keeping your kit hardened, and then start thinking about how you use it all. Don't stop this process. When updates come out, install and test them. Do everything the same way each and every time, without fail. If it seems too hard to do every time, suck it up and do it anyway. If you get lazy, you'll screw up. If you screw up, you lose.
Sunday, 04 August 2013 at 20:56
I've updated my .plan file
again. The usual warnings about profanity, NSFW content, and the other stuff still apply.
Sunday, 04 August 2013 at 00:54
A couple of weeks ago, HacDC
added a new tool to the workshop, a laser cutter
from Full Spectrum
(which, I've just discovered, was a Kickstarter campaign
). We've been saving up for it for a while, but one of the nights I was there I got to see its unboxing
and (with the permission of the folks there) I took some pictures.
Here they are.
Saturday, 03 August 2013 at 21:30
A couple of weekends ago Lyssa, Laurelindel and I did something that we've wanted to do for months, which was visit the International Spy Museum
in downtown DC. This year their big thing is a 50 year James Bond retrospective
, where they had props and models from the movies on display in addition to their other exhibits. Unfortunately, my camera was in macro mode
the whole time so not all of the pictures I took came out the way I'd hoped. I kept the best of the photographs.
Here they are.
Talking about the Spy Museum over dinner, we made a few observations. The Spy Museum is interesting and has lots of nifty exhibits, but it also puts a friendly face on the intel community. There is context for everything, but being from an image vulnerable culture it doesn't really hit home. Some of the things that happen in the intel community would make one's blood run cold if they were known. When you think about it, when the stakes involve global power there isn't much room for ethics or personal mores, there's a job to do and it has to get done one way or another. It also tries to make spying seem fun and interesting, and there are a lot of exhibits which kids are going to like. They even have kids-only nights and sleepovers at the museum with special activities. I think that bears a little consideration.
Saturday, 03 August 2013 at 21:23
A couple of months ago we ported Byzantium Linux to the RaspberryPi
. I took a couple of photographs during the development sprint and then promptly forgotten that I'd done so. While cleaning out my camera's SD card a few days ago I rediscovered them.
Here are the pictures.
Saturday, 03 August 2013 at 21:10
Some photographs from a concert on 4 July 2013 - 2013: A Space Oddity
, featuring Ego Likeness and Voltaire.
Thursday, 01 August 2013 at 14:14
For no good reason today I decided to run some cryptsetup
benchmarks on Windbringer
. The only really significant change to the systemware configuration is that Windbringer is now running Linux kernel version 3.9.4-1-ARCH.
[drwho@windbringer ~]$ cryptsetup benchmark
# Tests are approximate using memory only (no storage IO).
PBKDF2-sha1 407688 iterations per second
PBKDF2-sha256 222155 iterations per second
PBKDF2-sha512 144511 iterations per second
PBKDF2-ripemd160 334367 iterations per second
PBKDF2-whirlpool 187245 iterations per second
# Algorithm | Key | Encryption | Decryption
aes-cbc 128b 563.0 MiB/s 1862.0 MiB/s
serpent-cbc 128b 67.7 MiB/s 281.0 MiB/s
twofish-cbc 128b 158.2 MiB/s 300.0 MiB/s
aes-cbc 256b 417.0 MiB/s 1448.0 MiB/s
serpent-cbc 256b 67.3 MiB/s 279.0 MiB/s
twofish-cbc 256b 158.0 MiB/s 304.0 MiB/s
aes-xts 256b 1045.0 MiB/s 1055.0 MiB/s
serpent-xts 256b 257.2 MiB/s 247.0 MiB/s
twofish-xts 256b 267.2 MiB/s 269.0 MiB/s
aes-xts 512b 879.0 MiB/s 871.1 MiB/s
serpent-xts 512b 260.0 MiB/s 243.3 MiB/s
twofish-xts 512b 261.0 MiB/s 263.0 MiB/s
Wednesday, 31 July 2013 at 14:26
At the DC Cryptoparty in October of 2012
I did two presentations: One on GnuPG
and one on whole disk encryption. While I'd put the GnuPG presentation
online I hadn't done the same for the disk encryption one because I had to update it after the cryptoparty to take into account new information acquired that afternoon regarding MacOSX and Windows. I did so, converted the OpenOffice Presentation deck into a PDF, PGP signed them, and uploaded them this afternoon.
v1.0 of the WDE presentation is now available for download:
- cryptoparty-whole_disk_encryption-v1.0.odp (v1.0)
- cryptoparty-whole_disk_encryption-v1.0.pdf (v1.0)
This work by The Doctor [412/724/301/703] [ZS]
is published under a Creative Commons By Attribution / Noncommercial / Share Alike v3.0 License
Monday, 29 July 2013 at 18:50
Older denizens of the Net probably remember the name Gareth Branwyn
. His name and visage were well known amongst people who were active in what came to be known as the cyberculture
of the late 1980's and early 1990's, that weird mish-mash of hacker culture, people who identified as cyberpunks
, psychedelic culture, rave
culture, and other tiny social groups so far out on the fringe that they never really coalesced but instead moved in the cracks and fissues left in the wake of those other groups. Most of us remember two major projects he worked on at the time, the Beyond Cyberpunk
hypermedia stack for the Macintosh, and what became known later as The Cyberpunk Manifesto
, excerpted by Billy Idol on the album Cyberpunk
, but Gareth's a prolific author and many of us lost track of everything he wrote between then and now.
Those of you who are cringing at the sight of any or all of those words that you'd hoped the rest of the world had forgotten may continue to do so. Those of you who are carefully keeping a poker face are no doubt remembering that you came of age during that era of history and how it helped shape you into the person you are now. Continue reading.
More recently Gareth's been working as the Editorial Director for Make Magazine
but lately he's gone back to freelancing. Gareth has launched a Kickstarter campaign
to raise money to publish an anthology of his essays, entitled Borg Like Me
. Some of these essays were written about the unusual technological subcultures he was observing and interacting with at the time. Some of them are long-lost columns from zines that you may recall, such as Mondo 2000
and Boing Boing
(which regenerated into the groupblog we all known and love), and some of them are his uniquely insightful and witty essays about life, death, health, sex, technology, and the wild and crazy worlds we live in. Other essays lined up for the Borg Like Me
project are about the luminaries and infamous folks that he's met and run with, the adventures he's had on the fringes of modern society, language and jargon, prosthetic implant surgery, and.. hell, just check out the project's Kickstarter page. He does a better job of talking about it than I do. If nothing else, scan the list of pledge rewards and think back to the slightly less crazy, more youthful times of your hybrid online/offline lives and see if any neurons fire.
I've been a fan of his work since I was quite small. I'm not ashamed to say that I encountered The Cyberpunk Manifesto
at a formative moment in my life and it was one of the works which inspired me to live my Neuromancer-meets-Buckaroo Banzai roller coaster ride of a life it is today. I kicked some money into this campaign because I very much want to see his project come to fruition, and I strongly recommend that you do the same. Gareth's work has always been top notch and thought provoking, and when that ebook hits your inbox (or the dead tree hits your doorstep, if that's the way you roll) you will not regret a single solitary second of this reading experience.
Show Gareth some love.
Friday, 26 July 2013 at 20:56
, much of my spare time in the past two weeks has been spent making two more Scalemate plushies
so I could give one of them to my little nephew Brandon this weekend as a "Hi, welcome to the world" present. I wanted to make two of them in case I messed up, and also to have a choice of which one to give him because they weren't going to be identical or perfect, but ideally better than the first one I sewed. I wanted them to be fairly bright and cheerful looking, the better to get his attention, so I opted for blue and safety orange
so they'd be nice and visible. The second Scalemate was sewn by hand to good effect. The third scalemate is the result of an attempt to make one on my sewing machine, an attempt which I aborted after two botched seams. Sewing machines and heavy fleece don't seem to go together. The pieces of fabric that comprise the head have some weird looking seams on the closeup because the thickness of the fabric meant that there wasn't enough clearance between the bottom of the presser foot and the throat plate and the feed dogs couldn't move the fleece past the needle. After half an hour of fighting and swearing I gave up and sewed the third by hand.
I didn't give them button eyes because Brandon's only two months old and I was concerned that an eye would come off and he'd try to swallow it, so Lyssa has volunteered to embroider eyes on the one I'm going to give him. The one I don't give him will have eyes added later. I also discovered that using a ladder stitch to attach the paws and head results in seams that look messy, but a single running loop stitch works just fine. I went around each seam twice to reinforce it and they look pretty good if I do say so myself.
Here's a link to the gallery.
Friday, 26 July 2013 at 20:20
And, to all of the hardworking system admins at Dreamhost
.. thanks for everything! You're doing a great job. Happy System Administrator's Day
Sunday, 21 July 2013 at 17:49
Since v0.5b of Byzantium Linux hit the Net, all of us have been taking the opportunity to get a little R&R before proceeding to the fifth and final milestone, which is writing up everything that happened in the previous six months. That's going to be a lot of stuff, but we've got good notes, a bunch of blog posts, and no shortage of lessons learned through the development process. I think when we sit down and get to work, we'll get it knocked out, edited, and published in not a very much time. I'll also be in a rush to get some material together because I'll be going back on the conference circuit in a few weeks, and even though it's technically an unconference
, I find that I still operate better when I have a handful of bullet points to hang stuff off of.
For what it's worth, I'm taking a couple of days off to recuperate before I pick up where I left off. I ran myself into the ground with the last two milestones (the amateur radio project was much harder than any of us predicted, and two weeks to incorporate a bunch of new stuff to get another release together was, in hindsight, not a good idea) and a few of us are getting over being sick as a result. I'm more or less back on my feet but dealing with a persistent headache that's made concentration difficult. I'm also dealing with worsened chronic pain that's been both distracting me as well as keeping me awake at night. I'm planning out a couple of lifestyle changes that I hope will get the pain back under control. I'm also going to make some more progress on the sewing project I have on deck, namely the plushie for my little nephew, whom I'll be meeting for the first time next weekend.
More under the cut...