hacklab.to

Uncategorized

Java @ Hacklab

by on Jan.16, 2009, under Uncategorized

There’s a new JUG in town!

Jonathan, Andrew and I are starting a new Java Users Group in Toronto. Our group is meant to
hold better appeal for geeks/hackers, to actually hold a meeting every month, and to put a bigger emphasis on socialization with and contributions from all group members. Through 5-minute lightning talks (impromptu and prepared are always welcome), we hope everyone will have a chance to participate.

Vital stats:

Meeting night: 3rd Thursday of each month
Start time: 7:15
Location: the hacklab
Web Site: http://tjug.ca

The monthly agenda will include:

* group discussion of recent Java-related headlines
* lightning talks from anyone who has something to show&tell
* a robocode battle
* at most one longer-format prepared talk (30-45 minutes max)
* a visit to a nearby pub!

We hope you’ll join us for a fun evening of Java!

Comments Off on Java @ Hacklab more...


Interesting MITM with otr conversation log

by on Dec.05, 2008, under Uncategorized

I got some strange IM from someone. Halfway through  I figure out we’ve
been setup somehow with a relay in the middle and both of us see the
other as some other identity. When the person says he is using adium, I
thought it was a perfect chance to fire up OTR to see what would happen
with this MITM scenario….  Funny enough, it revealed the identity of
the other user to me :)

(My AIM identity is letoams)

(06:17:38 PM) SensitiveCoho: Hey.
(06:18:16 PM) letoams: bot?
(06:18:36 PM) SensitiveCoho: are you a bot?
(06:18:53 PM) letoams: are you are you are you a bot?
(06:19:14 PM) SensitiveCoho: no
(06:19:17 PM) SensitiveCoho: i’m human
(06:19:28 PM) letoams: ok then
(06:19:57 PM) SensitiveCoho: who are you?
(06:20:13 PM) letoams: if you dont know why are you talking to me?
(06:20:26 PM) SensitiveCoho: i want to know why you’re talking to me
(06:20:48 PM) letoams: you started?
(06:20:52 PM) letoams: (06:17:38 PM) SensitiveCoho: Hey.
(06:21:12 PM) SensitiveCoho: i’m not SensitiveCoho
(06:21:30 PM) letoams: that’s what i see
(06:21:31 PM) SensitiveCoho: embarrassedcoho
6:17

Hi!
(06:21:40 PM) SensitiveCoho: i see you as “embarrassedcoho”
(06:21:48 PM) letoams: that’s not my name :)
(06:22:00 PM) letoams: funny. must be some bot connecting two random im
identities
(06:22:06 PM) SensitiveCoho: maybe
(06:22:20 PM) SensitiveCoho: you on mac/pc?
(06:22:27 PM) letoams: linux
(06:22:32 PM) SensitiveCoho: i’m on mac
(06:22:33 PM) letoams: not infected here :P
(06:22:37 PM) SensitiveCoho: using adium
(06:22:57 PM) SensitiveCoho: adium’s been weird today … bugging me that yahoo
messenger network is down for mainenance
(06:23:00 PM) letoams: really? let’s try otr then. that would defeat a man in
the middle attack
(06:23:02 PM) SensitiveCoho: it just keeps telling me this over and over
(06:23:03 PM) Attempting to start a private conversation with SensitiveCoho…
(06:23:12 PM) SensitiveCoho: otr?
(06:23:14 PM) sensitivecoho has not been authenticated yet.  You should
authenticate this buddy.
[Image] (06:23:14 PM) Unverified conversation with SensitiveCoho started.
(06:23:26 PM) The following message received from sensitivecoho was not
encrypted: [error]
(06:23:29 PM) The following message received from sensitivecoho was not
encrypted: [hmm]
(06:23:30 PM) letoams: its privacy crypto built into adium and pidgin
(06:23:33 PM) OTR Error: You sent encrypted data to logicbus, who wasn’t
expecting it.
(06:23:45 PM) Successfully refreshed the unverified conversation with
SensitiveCoho.
(06:23:45 PM) The last message to sensitivecoho was resent.
(06:23:47 PM) letoams: haha
(06:23:47 PM) The following message received from sensitivecoho was not
encrypted: [could this be due to a compromised password?]
[Image] (06:23:53 PM) Private conversation with SensitiveCoho lost.
(06:23:56 PM) OTR Error: You sent encrypted data to logicbus, who wasn’t
expecting it.
(06:23:59 PM) SensitiveCoho: i can’t read what you’re saying
(06:24:02 PM) OTR Error: You sent encrypted data to logicbus, who wasn’t
expecting it.
(06:24:03 PM) letoams: awesome. the MITM does otr too
(06:24:20 PM) sensitivecoho is contacting you from an unrecognized computer.
You should authenticate this buddy.
[Image] (06:24:21 PM) Unverified conversation with SensitiveCoho started.
(06:24:23 PM) The following message received from sensitivecoho was not
encrypted: [i read that]
[Image] (06:24:29 PM) Private conversation with SensitiveCoho lost.
(06:24:38 PM) SensitiveCoho: very strange
(06:24:40 PM) letoams: i think we blew up the mitm thing.
(06:25:06 PM) letoams: you know anyone in Toronto?
(06:29:13 PM) The encrypted message received from sensitivecoho is unreadable,
as you are not currently communicating privately.
[Image] (06:29:34 PM) Unverified conversation with SensitiveCoho started.
[Image] (06:29:34 PM) Unverified conversation with SensitiveCoho started.
[Image] (06:32:21 PM) Private conversation with SensitiveCoho lost.
(06:32:27 PM) letoams: is your handle logicbus ?
(06:32:41 PM) The encrypted message received from sensitivecoho is unreadable,
as you are not currently communicating privately.
(06:33:02 PM) SensitiveCoho: how did you figure that out
(06:33:11 PM) letoams: (06:23:33 PM) OTR Error: You sent encrypted data to
logicbus, who wasn’t expecting it.
(06:33:15 PM) letoams: otr told me
(06:33:26 PM) SensitiveCoho: hmm
(06:33:34 PM) SensitiveCoho: i just see “embarrassedcoho” for those msgs
(06:33:44 PM) SensitiveCoho: i suppose that could be a client thing
(06:33:49 PM) SensitiveCoho: i guess you have an advantage over me
(06:34:08 PM) letoams: still curious what is going on here. (my AIM is letoams)
(06:34:16 PM) SensitiveCoho: yeah
(06:34:41 PM) SensitiveCoho: i googled embarrassedcoho
(06:34:48 PM) SensitiveCoho: didn’t come up with anything helpful
(06:35:42 PM) letoams: me neither
(06:36:22 PM) letoams: anyway. gotta go. have a nice life :)
(06:36:35 PM) SensitiveCoho: peace

Anyone what this double-blind bot MITM thing is? Someone’s research project?

1 Comment :, more...

RFID-proof duct tape wallet making

by on Nov.26, 2008, under Uncategorized

Posting this well in advance so that people show up!

Tuesday Dec. 9th I’ll be making duct tape wallets and would love for others to participate too!  I’ll have some tape available, and instructions, but please bring tape too if you want to make your own.

I’ll have enough heavy duty tin foil for a zillion wallets, so don’t worry about that.

It’s on our google calendar, of course:

-Leigh

Comments Off on RFID-proof duct tape wallet making : more...

Hacker Math

by on Oct.16, 2008, under Uncategorized

I’m a mathtard. I admit it.

Which isn’t such a great thing to be in this line of work. I’m no slouch – I’ve rocked the occasional Smith Chart, understand basic calculus, and learned to hate LaPlace transforms – but when people start throwing formulae up on the board and proceed to analyze and then code something up based on it, I get lost very easy.

So I proceeded to bug Shardy the other day as to whether he’d be up for doing the occasional math lecture at HackLab. I wanted to learn more about the ideas, math and implementation of Markov Chains. He seemed cool with it, but now I think I might see about trying to leech even more from the guy’s brain.

Would people mind helping me come up with a list of ideas for Math talks? Let’s focus on stuff germane to cryptology, protocols and compsec.

1 Comment more...

Monthly lock pick & swap meet?

by on Oct.16, 2008, under Uncategorized

Locks and Lockpicking, sometimes called ‘Locksport’ (yet another ‘politically correct’ term I abhor) is commonly seen at hacker conventions. If there isn’t an outright “Lockpick Village” or vendors selling picks and books, then at the very least a small group will unofficially congregate at some table or empty corner to talk and trade techniques.

I bet most people reading this have tried lock picking, and if not, it was only for lack of tools. But that shouldn’t be a reason any longer; it’s very easy to order the equipment online, and failing that, simple to make yourself. Street sweeper bristles, a cheap file and paper clips will do.

Starting off I had a real knack at opening locks, or at least thought I did, until I handed the tools to my brother who halved my picking times within a day. They then made their way to a roommate of his and she more than halved his times. Fun for the whole family!

While we’re at it, let’s give thanks for living in the Great White North where possession of lockpicking tools is entirely legal. Unless, of course, you’re using them to commit a criminal offense.

Now on to business… I would like to gauge the interest in holding some kind of monthly lockpicking meet-up at the wonderful HackLab space. I have several ideas and goals in mind:

1. Get new people involved, and equip them with tools so they can pursue this hobby

2. Bring like minded people together to share tips and techniques

3. Lend and/or trade various locks and lock collections, or create collections, so that there’s a wide range of interesting gear for people to learn and progress on

I’ve developed a pretty decent collections of locks that I will be happy to put into rotation. Some are modified with reduced pin counts to make learning easier, or cutaway so that you can study the action. Some have never been opened by anyone via picking – be the first!

Additionally, I hand manufacture 5 piece lockpicking kits, in small quantities and of tolerable quality. I will give them away, free of charge, to anyone who signs up and pays for HackLab membership. If regular meetups do come about, rest assured enough temp equipment will be provided for everyone who attends the session (within reason).

4 Comments more...

Testing my blog while waiting for the xbox to boot Linux

by on Sep.16, 2008, under Uncategorized

Testing 01 10 11?

Comments Off on Testing my blog while waiting for the xbox to boot Linux more...

Looking for something?

Use the form below to search the site:

Still not finding what you're looking for? Drop a comment on a post or contact us so we can take care of it!