Unconference Friday

Jun. 27th, 2016 10:15 pm
azurelunatic: Raven looking at the golden apple.  (shiny)
[personal profile] azurelunatic
I again woke up early enough to get to nearly the beginning of the day, the planning session for the unconference. It was quiet enough to check email and such in the corner of the hacker lounge. Later, I went over to the buttons table and put together a few buttons with [personal profile] shadowspar and [personal profile] silveradept. [personal profile] shadowspar shared half a lemon creme doughnut with me, which (predictably) got yellowish-white delicious lemon-flavored goo all over my hands and probably face as well. Commentary was made.

It turns out that it's really hard to do tiny buttons with multiple colors of glitter-paper, so my first attempt at a bi pride glitterbutton went very badly. The second attempt was better.

There was an afternoon trip to Knit/Purl, a Local Yarn Shop. [staff profile] denise and [personal profile] kareila wound up early, I came next (followed by [personal profile] silveradept, on a mission of What Craft Supplies Have They Got, Anyway), and F and [personal profile] shadowspar joined shortly thereafter.

I escaped relatively lightly, with only one skein of yarn, which matches my hair. There was a collective attempt by all five fiber artists to get [personal profile] silveradept to join the cult club, but they resisted valiantly. I did, however, successfully coach them through Intro To Chain Stitch, and by the time the yarn group was leaving the yarn shop, they had progressed to making firm if not super even stitches at a pretty good clip.

Conference wrap-up ensued, with what-went-well and what-could-be-improved, followed by a group effort at cleaning up. There's only a one-hour window to get the truck loaded, so it has to go quickly. Fortunately, we are nothing if not helpful, and there was a lot of furniture-slinging.

Eventually the hacker lounge was at a furniture-to-workers ratio where my presence would have been more hindrance than help, so I wandered out into the lobby. Farewells were said. I threatened to get perhaps over-emotional, and fled to the sidewalk where I could have a little more space.

Then it was over! Silver walked me to the correct streetcar stop, and I headed back to my dorm and started packing up and planning for next year. F had an early-ish flight out, but I slept overnight before checking out Saturday morning and making the long drive home.

Thursday at the conference:

Jun. 27th, 2016 05:47 pm
azurelunatic: Teddybear that contains ethernet switch.  (teddyborg)
[personal profile] azurelunatic
Woke up early enough to hit the morning keynote, which surprised me! I was waking up earlier and earlier each morning there.

Attended the long-form morning "Exit Condition" talk, which was very good and also I definitely had to due to helping bounce the name around! There are so many good and interrelated talks at this conference. "Exit Condition" was about the three options when things aren't going well: GTFO, yell, or duck and cover. My talk was on applied yelling. Last year, Heidi Waterhouse did a talk on whistleblowing, which is a specific kind of applied yelling. I recommend all three as a set.

Parts of the greater #Dreamwidth crew went down to the diner from Tuesday night and had a nice quiet introvert lunch, during which time the following interlude occured:

Azz: *reading email* *sudden double facepalm* *helpless giggles*
Rah: "Silver, did you break Azz?"
Silver: (unaware of where I was in my inbox) "No?"
Azz: "YES."

Much hilarity at my expense ensued, including F coming over, reading my phone screen, and then wordlessly slapping me on the back in such a 100% bro-tastic way that I sat up straight and (mock)protested "HOW DID YOU JUST MISGENDER ME WITH A BACKSLAP?!?!?!" because seriously, HOW EVEN do you do that???

The afternoon was excellent as well. I vaguely recall sitting out for a session? But I was nowhere near as exhausted as I was last year, even on insufficient sleep.

But then it was party time. I found a quiet corner, and some of the usual suspects joined. I took a moment to leave a birthday voicemail for a certain vividly colored geekfriend, then rejoined and spent much of the evening comparing notes and cracking up with the crew.

Despite the lack of intoxicants at the party, I was in a bit of a pleasantly mentally addled state when it came time to walk back to the dorm, enough so that F found it prudent to get some rooibos tea into me before packing me off to bed.
kaberett: Overlaid Mars & Venus symbols, with Swiss Army knife tools at other positions around the central circle. (Default)
[personal profile] kaberett
  1. Oral-B Pro-Expert Clean Mint toothpaste. Blue, sparkly, and cinnamon-flavoured. I don't understand why it's called Clean Mint. It contains, as best I can tell, no mint, apart from a slight cold sensation. The flavour compound is cinnamal. It is blue and sparkly and cinnamon.
  2. UltraDEX mouthwash (previously RetarDEX). Optional mint-flavoured sachet. Absent the optional mint-flavoured sachet, it tastes slightly of chlorine.


(I am Not A Fan of mint-flavoured things if they are anything other than field/garden mint, in which case I love them; peppermint and spearmint are Not My Friends because, approximately, they taste too loud, and given that I am utterly unwilling to floss because hands and only reliably brush my teeth twice a day if I'm living with someone who will coax me on the topic at bedtime because executive dysfunction and also hands, my dentist is much happier when I am using mouthwash. I am aware that other people feel similarly about mint, and a partially overlapping set of people are in a similar position with respect to this specific healthwork. Here are the things I use, people, and may they bring you if not actual joy then at least diminished resentfulness.)

Steam and elastic bonds

Jun. 27th, 2016 06:39 pm
hairyears: (Default)
[personal profile] hairyears
All the news about share prices, especially prominent UK banks...

We live in interesting times.
.
...Isn't it interesting that nobody mentions bond prices in the newspapers, even though the bond market is much, much bigger than equities?

All right, maybe it isn't. Bond traders are rather dull chaps, and nothing about them will ever fill all that space between the adverts for mortgages and pensions.

But this dull stuff is quite important for banks.

Because of where I work, it would be improper for me to comment on specific institutions or on the minutiae of how companies are capitalised; so I must urge you to conduct your own researches.
gerald_duck: (frontal)
[personal profile] gerald_duck
This is a fascinating article about the Scotland-UK-EU situation.

Something I realise I may never have mentioned: while there's little meeting between my political vies and the SNP's, I feel strongly that they're good at politics: honest, plain speaking, constructive and trustworthy. I wish there were more politicians like that and fewer playing silly games elsewhere in this mess.

Indeed, it's rare for even an editorial from the BBC to say something like "To be clear again, this is a genuine, governmental search. Ms Sturgeon is not bluffing or deploying guile. She, authentically, wants ideas as to how to proceed." of a politician.

That article discusses a lot of interesting and important questions that appear to be up in the air, but I've thought of a couple more.

Firstly, if a Member State triggers the Article 50 process, and then divides into two states, what happens to the process? Who's then committed to the exit: either, neither or both halves? I've never noticed any clear procedures even for the case when a Member State bifurcates without having first triggered Article 50 — and I'm assuming any such provisions would have got mentioned during the Scottish Independence referendum had they existed.

Secondly, if EU law or treaties make specific reference to the UK — as many do — what happens to those laws or treaties if the UK bifurcates.

I suspect the answer in both cases is a great big "nobody knows".

A friend opined this afternoon that a constitutional convention now seems called for in the UK; I tend to agree.

Nothing ventured, nothing gamed

Jun. 26th, 2016 12:14 pm
hairyears: (Default)
[personal profile] hairyears
I hear stories from independent game developers that startups have closed down - the Venture Capital agreement had a Brexit clause and the VC's have pulled the plug.

Anyone got any corroboration? I'd heard about Brexit 'break' clauses in real estate purchases, but I was completely unaware of their existence in Venture Capital agreements...

Ich bin ein bin-liner... )

I have a handful of friends who kinda disappeared off the radar in the last few months - I never paid it much attention - but they've turned up in Europe's new hot hi-tech hub: Berlin.

I'm happy to admit that they are quite a bit smarter than me; and somewhat uneasy with the thought of how much smarter they are turning out to be.

Articles and Particles and Parties

Jun. 25th, 2016 10:05 am
hairyears: (Default)
[personal profile] hairyears
Reassuring words from David Allen Green about Article 50 and the real 'ejector handle' of a British Exit:

Why the Article 50 notification is important

The short version is: we haven't done it yet, and we probably won't next week.

We probably will, eventually, but events are overtaking us... )

The legal barrier of Article 50 is real, and we have yet to cross it: but it may end up as a mere recognition of the way we live a year from now.

Thought for the day

Jun. 24th, 2016 06:47 pm
gerald_duck: (mallard)
[personal profile] gerald_duck
[The EU] came out of the heads of clever, Catholic, left wing, French bureaucrats, and most Brits have got problems with at least three of those five.
— Lord Hennessy (PM programme, Radio 4)

I'm not certain how accurate that is, but it certainly seems one of the more measured and interesting observations to have been made today.

As I said in the other place...

Jun. 24th, 2016 11:52 am
kaberett: Sketch of a "colourless, hamsterish"  animal having a paddy. (anxiety creature)
[personal profile] kaberett
... the time from waking up to the first hate speech directed at me by a Leave voter was three hours.

She was an NHS employee providing me with necessary medical care.

She told me that Leave was a good result for the NHS -- because it can't cope with all the people who don't work, don't contribute, demand scans and MRIs, expect free prescriptions, even expect free paracetamol rather than buying it themselves.

She was cutting a dressing off my hand.

She asked me what I thought.

I thought: every single one of those things you listed describes me. I thought: I have just been told by a medical professional that I don't deserve care. I thought: there is no way I'm telling you you just described me. I thought: I'm terrified.

I'm white. I'm third generation. English isn't my first language but people can't tell unless I tell them and I certainly *sound* posh. I don't look Jewish until you put me in a room with the rest of that side of my family. I can, if necessary, leave the house without a wheelchair.

I pass. This is what I got while passing. I am terrified for the people who can't.

Order of the Bath

Jun. 24th, 2016 08:23 am
hairyears: (Default)
[personal profile] hairyears
Europe has launched the Golgafrinchan Ark 'B'.

Welcome aboard, fellow telephone-sanitisers.


An explanation, for those who have forgotten the Hitch-Hikers Guide to the Galaxy... )
kaberett: Overlaid Mars & Venus symbols, with Swiss Army knife tools at other positions around the central circle. (Default)
[personal profile] kaberett
The context is, naturally, Brexit; and equally naturally, that Leave supporters started telling each other that they should take pens along to polling stations, cast their votes in ink, and then leave the pen behind To Be Helpful. In case, I suppose, of some spectre of people rubbing out their marks and replacing them with something else. (For those of you unfamiliar with how the UK does this, you cast votes using a terribly quaint system of applying pencil to paper and sticking it in a box.)

Reproducing here for posterity and (well, there's a chance) interest. (Original.)

Read more... )

Yes, I typed the majority of that out one-handed on the auxiliary internet device's touchscreen, because typing still hurts. It is important and I had a feelings.

Reading Wednesday, uh Thursday

Jun. 23rd, 2016 04:05 pm
naath: (Default)
[personal profile] naath
Read: Children of Earth and Sky, GGK. I liked this, Sarantium has fallen to the Asharites, but this book is more about trade and intrigue than fighting.

Reading: League of Dragons, Novik. The final Temeraire :(

Wednesday conference fun!

Jun. 23rd, 2016 01:49 am
azurelunatic: Azz, <user name="sorcha007" site="livejournal.com">, and Darkside, with glowing magic sparkles & dragon in Azz's hair.  (tricircle)
[personal profile] azurelunatic
I woke up before 9, even, but spent a leisurely morning getting ready for the day. I got in for the last session of the morning, and after that the little group I was in went for lunch at the food trucks. We wound up in the park to eat, and a good time was had by all!

More sessions in the afternoon. I livetweeted Rah's. Then there was Storytime With Rah down in the hacker lounge. This was followed by dinner -- we went to the pizza place that the lunch train was headed to, but opted to have dinner in the park, where there was More Storytime. Also kitten pictures. I talked about my experiences being too well equipped with coping mechanisms to have any hyperactivity manifest itself, and there was discussion of how people self-medicate for AD(H)D with stimulants, and how some people really seriously avoid cocaine even when trying other drugs, because they suspect it may be *too effective* (and it's illegal).

I headed for the tram line that would take me back, and on my way called Darkside and wished him a happy birthday. Also I came out to him as agender. He wasn't quite sure what to do with that information; I let him know that there really wasn't any substantial difference, just I was tired of being put in gendered boxes that I had approximately no attachment to. Also he wants to hear my talk. ;)

Clippy has turned out useful in "remembering" what the whiteboard setup was like in conference rooms. I am so pleased that Simon Illyan was one of my role models, and that I have had so much early training in the sort of self-reflection that involves looking back at past selves and trying to not judge them too harshly. Self-acceptance, and self-forgiveness aimed at not being *that* kind of asshole again, is an amazing thing.

Also my tactic of writing down my daily annoyances in the course of my Talk About My Day is helpful in the going back to figure out When That Fucking Thing Became A Thing Anyway.

I am trying to set up for tomorrow morning, since I seem to be getting more and more functional at the conference, rather than less.

(And then there was BPAL testing and card reading with F, which took a substantial two hours together, and was definitely informative. My skin makes light florals much better behaved.)

Brexit feels

Jun. 22nd, 2016 09:17 pm
happydork: A graph-theoretic tree in the shape of a dog, with the caption "Tree (with bark)" (Default)
[personal profile] happydork
These are not thoughts; these are very much feels:

Cut because you may not want to think about it )

If you, too, have a whole bunch of feels, come huddle with me in this dreamwidth bunker as we wait out the judgement day...

Status update!

Jun. 22nd, 2016 07:54 pm
kaberett: Overlaid Mars & Venus symbols, with Swiss Army knife tools at other positions around the central circle. (Default)
[personal profile] kaberett
In new flat.

Minor hand injury is making typing awkward for a few days so I am... going to be even slower than usual at replies, sorry.

Brief details. )

Yet another quickie EU question.

Jun. 22nd, 2016 02:03 pm
gerald_duck: (mallard)
[personal profile] gerald_duck
I've seen many, many debates about various EU-related topics run along these lines:

"The EU is doing $THING wrong. If we want to do it right, we have to leave."
"No, we should stay in the EU and help to make it better."

There's this whole "The EU is far from perfect but…" narrative.

But: we've now been part of the EU since its inception a generation ago. If $THING can be fixed, why hasn't it been fixed already?

("$THING is genuinely difficult. If we left the EU we'd soon discover just how hard it is." might be a more compelling argument. But it's tempting to assume that if the remain camp doesn't make that case, it can't be true.)

OSB ho!

Jun. 21st, 2016 11:18 pm
azurelunatic: a bunch of grapes on the vine (Default)
[personal profile] azurelunatic
Arrived in Portland safe and sound with traveling companion! Trip was lovely and included Hamilton sing-alongs, a bag of cherries shaped like butts, chat about our respective talks, and good old-fashioned gossip. I'd taken the last leg of the journey, so my executive function was diminished (12:30, not as much sleep as I'd have wanted) and so F went to confer with the lodging gods.

We are staying in Portland State University's summer dorm-filler project, which is unfancy but adequate -- when things are going right.

This evening did not feature many things going right. Chief among them was my executive function having gone sleepybyebye, so (apparently after them failing to find our info, and not having room in the dorm they said we'd be assigned to) F found parking, and I had a smol meltdown over having no idea what things I needed to take up to the room (under the assumption that we'd have to be moving the next day). Also we had one key-and-keycard between the two of us, and one car key.

We managed to fox-goose-and-grain ourselves into the building with no actual tears shed, though I did swear at whatever snotassed weaselfucks were responsible for the accessibility.

By the time I got horizontal it was 2:30. Then I woke up at 6.

Oh, and I had to speak today.

I went down and fed the meter, then once the hours for the housing office arrived, I went over for that and had a chat. (They had actually opened at 7, not 9; it was the *student* housing department that opened at 9. I feel that any collective misreading was entirely justified based on the hour.) I got the parking pass, a second key-and-keycard lanyard, and bagged myself a parking space near the elevator in the nearby parking garage.

Then I faceplanted on my bed and didn't re-attain consciousness until around noon.

I headed off to the conference upon waking up, picking up some lunch on the way. I there cranked away diligently upon my slides, and listened to someone I was sharing a time slot with rehearse. I also learned that there had been a sudden unavailability of the people who had been going to do video of the sessions, which filled me with woe because a) there are a lot of people who are looking forward to my talk, and b) I was up against some really interesting looking things.

I saw [personal profile] silveradept and the ritual hug of greeting was exchanged. \o/

Then it was time to give my talk. [staff profile] denise, [personal profile] kareila, and [personal profile] shadowspar were all there!

The room seemed interested, and I think I mostly remembered to use the microphone (good for recording purposes; the a/v guy said they were doing audio at least) and [personal profile] kareila got some room audio to boot! So I may be able to get a rough transcription up at some point.

The next talk that a number of us gravitated to was on the history of emoji! Great fun.

I then presented [staff profile] denise with the crocheting project that I had been somewhat successfully keeping under my hat for Quite Some Time, ever since I finished [personal profile] fu's dreamsheep (Dreamsheep Beta).

This is Dreamsheep Gamma, and it comes with some surprises. (Why is this dreamsheep different from all other dreamsheep?) D says there may be a photoshoot.

This is, like, *layers* of fanworks.

Dreamwidth started as a fanwork determined to make it pro (and successfully so). The dreamsheep icon (by [personal profile] helens78) was fanart conceptually inspired by the concept of Dreamwidth. The crocheted dreamsheep were a transformation of medium, somewhat analogous to making podfic of a fic. Dreamsheep Gamma is, additionally, a crossover.

After that a few of us decided that dinner was in order, and shortly there was a little diner graced by the sorts of giggling, friendly chatter, and toasts that five DW-affiliated people tend to get up to.

Our party started splitting after that, and I got in and fairly immediately peeled off my clothing. I was correct to not try to additionally wear shorts under The Pink Skirt. (Outfit: Pink Skirt, turquoise toeless tights, black sequined sleeveless shirt, tiara, and Jacket of Holding.) One shower later, I felt human again...

F popped in with a friend, but has popped out again; at some point I'll be attaining horizontality. I have marked my schedule-badge with little green dots on things I want to see, and bold green squares next to the can't-miss things, and green blocking off that slot.

The captive portal thing here is Not Done Badly from a UX perspective. I'm impressed that it's not horrible.

EU Great Debate - huh?

Jun. 22nd, 2016 05:09 am
gerald_duck: (frontal)
[personal profile] gerald_duck
(No, I'm not doing great at sleep hygiene at the moment; why do you ask?)

In her closing statements for the Great Debate, Ruth Davidson refers to the EU as "the biggest single market in the world".

That's… cobblers, isn't it? China and India are both larger by population, and the USA is larger by GDP.

I've bought some more awful IoT stuff

Jun. 21st, 2016 03:13 pm
[personal profile] mjg59
I bought some awful WiFi lightbulbs a few months ago. The short version: they introduced terrible vulnerabilities on your network, they violated the GPL and they were also just bad at being lightbulbs. Since then I've bought some other Internet of Things devices, and since people seem to have a bizarre level of fascination with figuring out just what kind of fractal of poor design choices these things frequently embody, I thought I'd oblige.

Today we're going to be talking about the KanKun SP3, a plug that's been around for a while. The idea here is pretty simple - there's lots of devices that you'd like to be able to turn on and off in a programmatic way, and rather than rewiring them the simplest thing to do is just to insert a control device in between the wall and the device andn ow you can turn your foot bath on and off from your phone. Most vendors go further and also allow you to program timers and even provide some sort of remote tunneling protocol so you can turn off your lights from the comfort of somebody else's home.

The KanKun has all of these features and a bunch more, although when I say "features" I kind of mean the opposite. I plugged mine in and followed the install instructions. As is pretty typical, this took the form of the plug bringing up its own Wifi access point, the app on the phone connecting to it and sending configuration data, and the plug then using that data to join your network. Except it didn't work. I connected to the plug's network, gave it my SSID and password and waited. Nothing happened. No useful diagnostic data. Eventually I plugged my phone into my laptop and ran adb logcat, and the Android debug logs told me that the app was trying to modify a network that it hadn't created. Apparently this isn't permitted as of Android 6, but the app was handling this denial by just trying again. I deleted the network from the system settings, restarted the app, and this time the app created the network record and could modify it. It still didn't work, but that's because it let me give it a 5GHz network and it only has a 2.4GHz radio, so one reset later and I finally had it online.

The first thing I normally do to one of these things is run nmap with the -O argument, which gives you an indication of what OS it's running. I didn't really need to in this case, because if I just telnetted to port 22 I got a dropbear ssh banner. Googling turned up the root password ("p9z34c") and I was logged into a lightly hacked (and fairly obsolete) OpenWRT environment.

It turns out that here's a whole community of people playing with these plugs, and it's common for people to install CGI scripts on them so they can turn them on and off via an API. At first this sounds somewhat confusing, because if the phone app can control the plug then there clearly is some kind of API, right? Well ha yeah ok that's a great question and oh good lord do things start getting bad quickly at this point.

I'd grabbed the apk for the app and a copy of jadx, an incredibly useful piece of code that's surprisingly good at turning compiled Android apps into something resembling Java source. I dug through that for a while before figuring out that before packets were being sent, they were being handed off to some sort of encryption code. I couldn't find that in the app, but there was a native ARM library shipped with it. Running strings on that showed functions with names matching the calls in the Java code, so that made sense. There were also references to AES, which explained why when I ran tcpdump I only saw bizarre garbage packets.

But what was surprising was that most of these packets were substantially similar. There were a load that were identical other than a 16-byte chunk in the middle. That plus the fact that every payload length was a multiple of 16 bytes strongly indicated that AES was being used in ECB mode. In ECB mode each plaintext is split up into 16-byte chunks and encrypted with the same key. The same plaintext will always result in the same encrypted output. This implied that the packets were substantially similar and that the encryption key was static.

Some more digging showed that someone had figured out the encryption key last year, and that someone else had written some tools to control the plug without needing to modify it. The protocol is basically ascii and consists mostly of the MAC address of the target device, a password and a command. This is then encrypted and sent to the device's IP address. The device then sends a challenge packet containing a random number. The app has to decrypt this, obtain the random number, create a response, encrypt that and send it before the command takes effect. This avoids the most obvious weakness around using ECB - since the same plaintext always encrypts to the same ciphertext, you could just watch encrypted packets go past and replay them to get the same effect, even if you didn't have the encryption key. Using a random number in a challenge forces you to prove that you actually have the key.

At least, it would do if the numbers were actually random. It turns out that the plug is just calling rand(). Further, it turns out that it never calls srand(). This means that the plug will always generate the same sequence of challenges after a reboot, which means you can still carry out replay attacks if you can reboot the plug. Strong work.

But there was still the question of how the remote control works, since the code on github only worked locally. tcpdumping the traffic from the server and trying to decrypt it in the same way as local packets worked fine, and showed that the only difference was that the packet started "wan" rather than "lan". The server decrypts the packet, looks at the MAC address, re-encrypts it and sends it over the tunnel to the plug that registered with that address.

That's not really a great deal of authentication. The protocol permits a password, but the app doesn't insist on it - some quick playing suggests that about 90% of these devices still use the default password. And the devices are all based on the same wifi module, so the MAC addresses are all in the same range. The process of sending status check packets to the server with every MAC address wouldn't take that long and would tell you how many of these devices are out there. If they're using the default password, that's enough to have full control over them.

There's some other failings. The github repo mentioned earlier includes a script that allows arbitrary command execution - the wifi configuration information is passed to the system() command, so leaving a semicolon in the middle of it will result in your own commands being executed. Thankfully this doesn't seem to be true of the daemon that's listening for the remote control packets, which seems to restrict its use of system() to data entirely under its control. But even if you change the default root password, anyone on your local network can get root on the plug. So that's a thing. It also downloads firmware updates over http and doesn't appear to check signatures on them, so there's the potential for MITM attacks on the plug itself. The remote control server is on AWS unless your timezone is GMT+8, in which case it's in China. Sorry, Western Australia.

It's running Linux and includes Busybox and dnsmasq, so plenty of GPLed code. I emailed the manufacturer asking for a copy and got told that they wouldn't give it to me, which is unsurprising but still disappointing.

The use of AES is still somewhat confusing, given the relatively small amount of security it provides. One thing I've wondered is whether it's not actually intended to provide security at all. The remote servers need to accept connections from anywhere and funnel decent amounts of traffic around from phones to switches. If that weren't restricted in any way, competitors would be able to use existing servers rather than setting up their own. Using AES at least provides a minor obstacle that might encourage them to set up their own server.

Overall: the hardware seems fine, the software is shoddy and the security is terrible. If you have one of these, set a strong password. There's no rate-limiting on the server, so a weak password will be broken pretty quickly. It's also infringing my copyright, so I'd recommend against it on that point alone.