checkers and chess - noun phrase - A situation where two or more actors in a situation are using entirely different strategies, working toward two entirely different goals, or are following entirely unrelated ideologies. With sufficient cluelessness the actors in question may never actually come into conflict, even though they may be convinced they are fighting tooth and nail with one another. The end result is a complete and total waste of time, money, and energy.
For a couple of years now, I've had my eye on the community of people who've had RFID or NFC chips implanted somewhere in their bodies, usually in the back of the hand. If you've ever used a badge to unlock a door at work or tapped your phone on a point-of-sale terminal to buy something, you've used one of these two technologies in your everyday life to do something useful. What I've wanted to do for a while was use an implanted chip as a second authentication factor to my servers for better security. As for why I couldn't just use something like a key fob or a card or something.. there were a bunch of reasons, most of them having to do with only being able to find what I needed in bulk or the cost being too high because the equipment was aimed at corporate IT departments, where they have a need to crank out a couple of dozen ID badges an hour. There is also the fact that, while I've been curious about various forms of body modification over the years I never really got into into them for a couple of reasons that probably aren't terribly interesting so why not do something useful?
Due to the fact that not everybody is going to be okay with me talking about an elective medical procedure, I'm going to put the rest of this article after the fold.Click for the rest of the article...
I haven't actually been on vacation lately, not really. I decided that I needed to go off and do some different stuff for a while. I've been in a rut lately and decided that I needed to shuffle some stuff around. I swapped out the "writing rambling computer nerd blog posts" module for teaching myself a couple of new things and spending some of my downtime offline, curled up with cinnamon tea and a stack of books. Getting away from a screen for a while seems to have done me some good, and I'm almost back up to my old reading pace of five or six books a week. I'd all but forgotten how much dead tree books weigh after the fixed mass of a tablet for so long. The wireless router at home that I set up to replace the astoundingly shitty DSL modem-cum-wireless access point that Annoying, Trying, and Twisted insists we use is starting to act flaky, which suggests that it's reached the end of its functional life, not unexpectedly since this model tends to have overheating problems. A few weeks back I picked up a new router, a Linksys WRT 1200 AC and promptly made a few hardware modifications to it, which is to say I cracked open the case, unbolted the heat sinks, scraped the crappy thermal tape off of the chips and applied decent heatsink grease, and put the router back together. I'm considering wiring a small cooling fan onto the motherboard, maybe on one of the development ports. Lately I've flashed OpenWRT onto the unit and set up quality of service and monitoring so I can keep an eye on things. I'm still working out how to patch it into my exocortex for realtime status monitoring. From a practical standpoint I can install Python on the new router, but doing so leaves next to no room for anything else. I have to think about it some more. I do NOT want to use SNMP if I can help it.
If you thought you were going to escape computer nerd-related rambling, you were sorely mistaken.Click for the rest of the article...
Longtime readers are aware that I've been a customer of Dreamhost for quite a few years now, and by and large they've done all right by me. They haven't complained (much) about all the stuff I have running there, and I try to keep my hosted databases in good condition. However, the server they have my stuff on is starting to act wonky. Periodic outages mostly, but when my Wallabag installation started throwing all sorts of errors and generally not working right, that got under my skin in a fairly big hurry. I reinstalled. I upgraded to the latest stable release. I installed the latest commit from the source code repository. 401 and 500 errors as far as the eye could see whenever I tried to do anything regardless of what I did.
In a misguided attempt to figure out what was going on, I bit the bullet and installed PHP on one of my servers, along with all of the usual dependencies and tried to replicate my setup at Dreamhost. What that was a bit tricky and took some debugging I eventually got it to work. It was getting my data out of the sorta-kinda-broken setup that proved troublesome.Click for the rest of the article...
Disclaimer: The content of this post does not reflect my current employer, or any of my clients at present. I've pulled details from my work history dating back about 20 years and stitched them into a more-or-less coherent narrative without being specific about any one company or client because, as unfashionable as it may be, I take my NDAs seriously. If you want to get into an IT genitalia measuring contest please close this tab, I don't care and have no interest.
Time was, back in the days of the home 8-bit computers, we were very limited in what we could do in more than one way. Without even a proper reset button or development tools other than the built-in BASIC interpreter if something went wrong there was really no way that you could debug it. If you happened to be hacking code in any serious way on the Commodore chances are you'd shelled out good money for a debugger or disassembler and had at least a couple of reference books nearby. If you were doing everything in BASIC then either you were growing your program a few lines at a time or using some code you got out of a magazine to do low level programming from inside of BASIC (an exercise fraught with frustration, let me tell you). Even then, if something went sideways it was difficult to figure out where you went wrong and fix it. The tools just weren't common at the time. All you could really do was turn off the machine, wait a few seconds, turn it back on, and give it another shot in the hope that the machine wouldn't lock up on you again.Click for the rest of the article...
Yup, I've updated my .plan file yet again. The usual warnings about NSFW content apply.
disasterbation - noun - Idly fantasizing about possible catastrophes (World War III, EMP strikes, nexus collapse, civil war, simulation hypothesis system shutdown, full-blown hyper-blight) without considering their likelihood or their possible solutions and preventions. Very common in the prepper and futurist communities.
Source: M. Alan Kazlev (updated a bit and cross-referenced by me)
A couple of weeks ago, one of my co-workers mentioned in passing that he'd surprised himself by adding an SSD (solid state drive) to his file server at home. To recap a bit, Leandra, my primary server at home has a sizable RAID-5 array storing all of my data. However, one of the tradeoffs is that stuff recently written to the array is a little slow to be read back. It's really not noticeable unless you're logged in and running commands, and even then the lag is something like one or two seconds. Noticeable but not actually problematic. At any rate, I'd been wanting to do some tinkering lately and had an Amazon order planned because I wanted to do some electronic work on my warwalking rig so I figured that, depending on the cost, I might add an SDD to my order. Much to my surprise, a 120 gigabyte SSD is incredibly cheap, I paid a hair under $20us for a Kingston A400. Emminently affordable.Click for the rest of the article...
My notes from Thotcon 0x0a:
Hacking Con Badges for Fun and Profit
- Given by an EE
- Badge hacking started with DC23, HHV.
- Turned his DC23 record-badge into an analog clock.
- AND!XOR's DC24 independent badge.
- Maple Mini STM32.
- Live spectrum analysis of 20-20KHz as an add-on.
- Mic, pre-amp, FFT running on the uc.
- Wired into the badge, rock-and-roll.
- Inspiration and OSINT - look at the badge when it's announced, think about it
- Get ideas
- PoC - if you don't have this, you're not going to have anything
- dev & debug
- DC25 - NRF52 - 503.party
- Blow up any images you can and start thinking.
- BMD-300 module
- OxVox - synthesizer and firmware for the badge.
- Thotcon 0x09 badge - Thotcoin miner
- Arduino to toggle the pin to mine as many coins as possible
- Spoiler alert: 0 coins
- ESP8266, similar to the Sparkfun devkit. Picaxe x4.
- Rewrote the firmware in the EPROM that holds the coin count and changed the value. :)
- Added a speaker and amp, built a CW repeater for morse code.
- It's not a badge, it's a development board. Changes how you think about it.
- Addons - badges for your badges.
- DC26 shitty add-on connector, four-pin I2C interface, VCC is marked. Male pins. 0.1" pin pitch.
- Master badges have female headers.
- SAO Genie, based on TPM Genie, PoC for I2C sniffing.
- Badge -> SAO Genie -> Addon to monitor traffic, serial interface to hook to a computer.
- Destination address, packet contents. Passthrough, inject, modify, block packets.
- DCZIA badge - 4x4 keyboard
- Crappy audio processing unit to make a sequencer or a synth.
Click for the rest of the article...