May 25 2019
Disclaimer: The content of this post does not reflect my current employer, or any of my clients at present. I've pulled details from my work history dating back about 20 years and stitched them into a more-or-less coherent narrative without being specific about any one company or client because, as unfashionable as it may be, I take my NDAs seriously. If you want to get into an IT genitalia measuring contest please close this tab, I don't care and have no interest.
Time was, back in the days of the home 8-bit computers, we were very limited in what we could do in more than one way. Without even a proper reset button or development tools other than the built-in BASIC interpreter if something went wrong there was really no way that you could debug it. If you happened to be hacking code in any serious way on the Commodore chances are you'd shelled out good money for a debugger or disassembler and had at least a couple of reference books nearby. If you were doing everything in BASIC then either you were growing your program a few lines at a time or using some code you got out of a magazine to do low level programming from inside of BASIC (an exercise fraught with frustration, let me tell you). Even then, if something went sideways it was difficult to figure out where you went wrong and fix it. The tools just weren't common at the time. All you could really do was turn off the machine, wait a few seconds, turn it back on, and give it another shot in the hope that the machine wouldn't lock up on you again.
Apr 30 2017
A couple of months ago for my Lesser Feast I decided to treat myself to a toy that I've had my eye on for a couple of months: A Pi-Top laptop kit. My fascination with the Raspberry Pi aside (which includes, to be honest, being able to run a rack full of servers in my office without needing to install a 40U rack and a new 220 power feed), it strikes me as being a very useful thing to have under one's desk as a backup deck or possibly a general purpose software development computer. Most laptops have one unique motherboard per model and if you want to upgrade (or need to replace it) you're pretty much limited to buying a brand-new laptop. To upgrade a Pi-Top you just need to buy a new RaspberryPi, slide a panel aside, and swap a few cables, a system design that I think could be useful indeed. It also has remarkably few components; the screws and fasteners aside, the PiTop is composed of only a few modules: A base with a battery, a keyboard and touchpad panel, a lid with display, a black lexan access panel, a hub circuit board that ties everything together, and a RasPi. You can get a couple of modules to go with it, such as a prototype board for electrical engineering experiments and modular speakers, all of which attach to a sliding rail and plug into a unique pinset on the hub. I'm not an electrical engineer by any means but I have built many a kit over the years, and from eyeballing it it looked like a fairly simple build. I didn't document the build with photographs or anything because I didn't think to do so at the time. Sorry.
Jan 02 2017
20170107: It's not "group name" it's "Group ID." I don't know how to find that yet.
The communications program Signal by Open Whisper Systems is unique in several respects. Firstly, its barrier to entry is minimal. You can search for it in the Google Play online store or Apple iOS appstore and it's waiting there for you at no cost. Second, it's designed for security by default, i.e., you don't have to mess around with it to make it work, and it does does the right thing automatically and enforces strong encryption by default (unlike a lot of personal security software). It interoperates seamlessly with people who don't use Signal but you have the option to invite them to install it with a single tap. Its protocol is an open standard that multiple companies have implemented, so theoretically anyone can write their own implementation of the client (Android, iOS) or server, or compile it for themselves. It's an SMS/MMS application, so you can use it as your default text messaging client on your mobile, plus it can do text message conferencing with multiple people automatically (it's a great way to keep in touch with friends if you're at the same con). There's even a desktop Signal client that runs inside of Google Chrome or Chromium (source code for the interested and curious).
So, why, exactly am I posting about Signal?
There is a little-known command-line implementation of Signal that I've been experimenting with because I eventually plan on writing a bot for my exocortex. In playing around with it, I've come to realize that it's not particularly friendly to use at all, and I might have to break down and use the dbus interface to do anything useful with it. Which I don't look forward to, but that's not the point. The point is, I've compiled some notes about how to use the command line version of Signal and I wanted to put them online in case somebody will find them helpful.
Jan 01 2017
Here's to the sysadmins, who fight to keep everything up and running. And reboot printers along the way.
Here's to tier-1 tech support, who know the answers but are only allowed to recite from their scripts.
Here's to the pen testers, who keep plugging away.
Here's to desktop support, who occasionally see things they can never unsee.
Here's to the red team, who throw everything from Devo costumes to pork chops to ballroom gowns to the kitchen sink at the mission.
Here's to the hacktivists, who toil endlessly to make the world a better place.
Here's to the open source hackers, whose thankless tasks are labors of love.
Here's to the whistleblowers, who lay everything on the line to try to set things right.
Here's to the lawyers, who honestly answer the question "So, how much trouble could I get in if I did this?"
Here's to the reversers, who yank out their hair while asking the question "What the hell does this even mean?" over and over again.
Here's to the hackers who submit talks to DefCon every year but never get accepted. You keep trying, over and over again.
Here's to the people with the honest questions, who uncover horrors never before dreamed.
Here's to the newbies, who spend long hours punching away to learn arcane skills to satisfy their own curiosity.
Here's to you.
May 28 2016
UPDATE: Now that the official HOPE schedule has been published I can say that I'll be speaking in the Noether room on Sunday, 24 July 2016 at 2:00pm EST4EDT.
UPDATE: The Internet Society will be livestreaming video of the talks as they happen. Here's the page listing all of the livestreams.
I found out last weekend (yes, I've been sitting on this - timed posts are the busy blogger's friend) that the talk I submitted for The Eleventh HOPE in July of 2016 was accepted. I will be giving a presentation on Exocortex, my latest work (of mad science), entitled Constructing Exocortices with Huginn and Halo at some point that weekend. I'll be talking about both Huginn (I asked Andrew if he would present with me; he declined because he may not be able to attend HOPE this year (and Andrew, if somehow you can fit it into your busy schedule I'd really like it if you did..)) and Exocortex Halo. To be more specific, I'll be talking a little bit about how they work - what agents do and how they fit together to process information individually to carry out more complex tasks. I'll also be talking about how Halo's constructs send and receive information to and from Huginn to accomplish more sophisticated things (like generate the speech that gets played over a VoIP link or send commands to a personal search engine to index an entire site to sort through later).
This also puts me on the hook to come up with some really off-the-wall but useful stuff to show off. Thankfully I've got several hundred off-the-wall ideas already written down. Now where are my d10's...
When I know where my talk fits into the HOPE schedule I'll post with the specifics. I'd really appreciate it if everyone spread the word about my talk (and thank you in advance if you do).