Tonight (Thursday) a new club will be using the Rochester hackerspace as a meeting ground for its first event. The Rochester TOOOL (yes three O’s) chapter is starting up organized by Jason Ross. What’s a Jason Ross and what’s a TOOOL right? Jason is the newest Interlock member and comes from a background in security – computer security, network security, physical security.. secure all the things!
Why Lock Picking?
It’s happened to the best of us, your bloodshot eyes open to find that you’ve been strapped to a bed with handcuffs again. What do you do to get out? Call for help? Wait until the lady comes back to break your legs like in Misery? No, you know how the locking mechanism works on a pair of handcuffs and you shim your way out and escape through the window to freedom.
Lock picking is learning about how locks work which turns them into a puzzle. The number of pins in a tumbler tells you how difficult the lock is. What does it mean when a pair of handcuffs are double locked? What are security pins? What’s the difference between a wafer lock and a pin tumbler? If you have these questions, TOOOL is the group to talk with to have them answered.
TOOOL is The Open Organization Of Lockpickers. These guys love to learn and teach about locks, lock picking, and physical security. The difference between TOOOL and a normal locksmith, is first they don’t do it for money, second, they exchange information about locks and lock picking openly, and third, they have more of a sense of humor than your standard locksmith. To become a locksmith, normally you’d have to learn through an apprenticeship. TOOOL on the other hand will be giving presentations to the community, teaching people how to pick locks, and helping spread the knowledge about lock picking openly to the community.
Is having a pair of lock picks legal? Is it against the law to know how to lock pick? What if TSA finds a set of lock picks in your bag?? These are all boring, but serious questions that TOOOL will answer. Here’s a hint, do you think Interlock would promote illegal activity on their blog?
What to expect at the meeting:
The meeting is open to the public and is meant to be the first of future meetings. There will be a presentation of some kind related to lock picking and a lot of discussion about how future meetings will happen. The organization requires that you become a member in order to keep up to date on the groups activities but there will also be public non-member, public meetings in the future. If you can’t come to tonight’s meeting but you’re interested in learning about how the group works, you can email Jason Ross.
Rochester TOOOL Chapter meeting starts at 7pm on 4/19 at Interlock.
from Antitree on April 19th, 20120 Comments
This morning a few members stopped by to meet reporters from YNN. Seth Voorhees and Veronica Chiesi were given the nickle tour, and then chatted with Bill, Von, Brian and myself. Thankfully they weren’t scared away by the level of geek in the room.
Brian wowed them with his always crowd pleasing custom pen plot-matrix printer he’s famous for. The picture above is the pre-printed artist’s rendition of Seth holding his mic.
Von, Brian, and Bill put on their smart hats and answered questions about Interlock. Von, showed off the ham radio room and his skills for speaking with human beings. Bill spoke about his background, why he has been involved with Interlock, and included some razzle dazzle by printing on the 3D printer.
Brian, with his boyish good looks, sparkled on camera while showing off his knowledge of all things blinky. I have to admit that while it’s nice to have Interlock get some PR, my first goal in setting up the interview was to get Brian’s face on TV. If you’ve met Brian, you’ll know that he’s a very intelligent, multi-faceted, multi-facial-haired, reluctant leader. I think that he is a very good representation of what the modern hacker/maker looks and acts like. But, he’s also not the normal talking head you would see on TV which is why I want to get him out there even more. I’m giggling right now thinking about seeing him on YNN now.
Feeling bad for the quiet bear-hat wearing man on the couch, YNN even included me in a quick interview. I worked with Bill and Von on a lock picking demo that I hope makes to air. Veronica even challenged me to a lock picking contest where I had to go from nothing in my hands, pick up the tools, and pick the lock. I surprisingly aced it picking a 4 pin lock. (Thanks TOOOL) This will never be on the air of course.
UPDATE: Check out the story here:
Thanks to Von Brian and Bill for taking the time to come out and intelligently represent the group. We don’t know when/if the story will air. Surprisingly, some people have more important things to hear about than local hackerspaces but we’ll let you know when.
from Antitree on March 28th, 20120 Comments
Hello hackers. Look at your office. Now look at the hackerspace. Now back at your office. Now back to the space. Sadly, your office doesn’t look like the hacker space. Do you know what the new hackerspace looks like? No? Well now’s your opportunity. I’m on a horse.
Tomorrow, Friday 3/16, at 7pm we are throwing an open house at the space. Of course it’s free, we just want to show off our new digs. It’s probably a perfect time for you to visit if you’ve never been. Or if you’ve only seen the old tiny space, see what we have to offer now.
Just so we can figure out how many people are coming, click on this link to get a ticket:
Here’s what to expect:
Hacking makes you hungry. As a reward for stopping by on a Friday night, we’ll be feeding you. Members are bringing in food in a pot-luck style. Mostly things to nibble at so bring an appetite. Eating and hacking; does it get better? Well… yeah but it’s still pretty cool right?
The most common question that we get. “What are you working on?” To try and answer that, we’ve created mini presentations about what people do at the space. Here’s what we have so far:
- Amateur radio workshop run by JustBill and Walter
- Introduction to lockpicking run by Antitree
- 3D printer presentation and possible demo by Berticus
- Basics of electronics run by RoboAlex
- Bicycle repair run by BinaryMan
Here are some things to check out while you’re at the space:
- Rooms: Meeting room, hang out room, table hackers room, workshop area, Ham shack
- Network infrastructure
- Pen plotters
- 3D printers
- Metal lathe and wood working tools
- Ham radio shack
- Electronics workbench
from Antitree on March 15th, 20120 Comments
I thought I’d do a primer about NFC since Samsung’s Galaxy Nexus is getting a lot of press about it. You may have heard of Google Wallet or how NFC is going to be built into smart phones in the future. Maybe you haven’t thought about how it works or how to hack it. As a side[side(side)] project I’ve been working on NFC research with (as always for me) a specific focus on the security perspectives. This is an overview of NFC to maybe peak your interest.
Near Field Communication is a way to transmit information between intelligent devices. I know you’re already thinking Bluetooth but wait. NFC has a limitation that says in its spec that it can’t be more than .2m away from its partner during communication. It may be a bit more depending on the implementation but the thing to remember here is that the protocol itself is what limits the distance, not just the hardware. (Quit pointing that gigantic antenna at my pocket right now!) It transmits on the HF band 13.56MHz, a frequency already used by some RFID chips and fun devices like the Proxmark 3.
Here’s what’s different about NFC: There are three different modes.
- Reader/Writer: Commonly used in smart posters or smart stickers. Think QR code but subtle.
- Peer to Peer: Data is exchanged back and forth between devices; securely exchange credit cards, give your friend your home WIFI settings, or exchange business cards.
- Card Emulation: A device acts like a contactless smart card. What if you could use your phone as a bus pass instead of keeping that flimsy magstripe pass in your pocket?
NFC != RFID
Lets take care of that up front. NFC sounds a lot like RFID (they share the whole RF thing) and it seems to get stored in people’s heads that way because NFC has the card emulation mode where it emulates at “tag” or an RFID chip. RFID isn’t usually much more than a tag blindly broadcasting data hoping a receiver picks it up. Passive tags (or little antennas without a power source) sit and wait for an RFID reader to come by to energize them. They get all excited and tell the reader everything they know. Imagine a dog just waiting at the door for it’s owner to come home. The active RFID tags have a battery in them that constantly broadcasts itself to anyone that will listen. Kind of like that annoying friend you have that tells you everything about their life even though you never asked. NFC on the other hand is like an intelligent college student. She can have an intimate conversation with you, she can make a presentation in front of a class, but she can still get drunk and act stupid if that’s what everyone else is doing at the party.
NFC is not a new technology
We’ve seen them in European phones since 2003 or 4 and they’ve been hacked on for just as long. The folks at the Chaos Computer Club have been hacking on NFC since it’s original inception; when manufacturers like Nokia started installing it into their feature phones, AKA dumb phones. It never made it across the water – some may say due to some FCC regulations on the 13.56 frequency but I’ll leave that topic to the Ham guys.
If you haven’t already, you should put on your tin foil hat now. NFC is a way for corporations to take over our bodies, man! Well…most likely not. But you’re already thinking about the security problems as soon as I wrote “credit card.” I’m going to save this whole discussion for another day but the tl;dr version is that NFC has been designed with security in mind but a lot is left up to the developer to implement securely. We all know how well that works especially for mobile app developers so I’m sure everything is going to be fine, right? Maybe next time I’ll tell you about the butt sniffing attack. No seriously.
Android and The Galaxy Nexus
How is Android implementing NFC in the Galaxy Nexus? Here’s an example of a peer to peer mode connection: When you put a Galaxy Nexus next to another Galaxy Nexus, the phone will make an NFC connection as long as both phones are unlocked. If the app that you have open supports NFC (i.e. Google Maps) it will allow you to communicate data from your app to the other device. Some examples of this are sharing contact information, location data, websites, etc but apparently it’s going to be used for games or whatever developers can think of.
The Reader/Writer mode will allow you to take an NFC tag and shove it next to the phone. Depending on the data stored on the card, it will open an appropriate app to view the content. In the case of an NFC tag that is contains a URL, it will automatically go to that page. Ask me about some of the NFC tags I’ve made at a 2600 meeting sometime.
If you want to see a much better post that’s chock full of info check this out: http://www.engadget.com/2011/06/10/engadget-primed-what-is-nfc-and-why-do-we-care/
Here’ s a random YouTube video of two guys with Galaxy Nexuses so I don’t have to make one: http://www.youtube.com/watch?v=ZQSc4uiakv4
from Antitree on December 21st, 20110 Comments
Last Thursday’s Do night, JustBill brought in his HF rig to try out on our club antennas. Bill is an expert user on several digital communications modes including PSK31. PSK31 or “Phase Shift Keying, 31 Baud” is a digital radio modulation mode, used primarily in the amateur radio field to conduct real-time keyboard-to-keyboard informal text chat between amateur radio operators. After we got his rig set up and interfaced to Ham Radio Deluxe running on the club computer, we started a session on 40 meters and keyboard chatted with a guy in Spain. We also chatted with a Ham in Wisconsin and another in Alabama. We heard a Russian station but not quite enough signal to get to him with 50 watts. Here’s a link to a wiki on PSK31:
JustBill at the controls….with aliens supervising
We also got an old Radio Shack HTX-202 operating APRS (Automatic Packet Reporting System) with UI-View32 (an ancient client software for radio packet hosting) and the ProComm TNC to communicate to the radio. K2HAX is on the map! APRS is an important tool for position reporting, remote telemetry, text messaging anyone anyplace, and local coordination of emergency training events. For a cool view of current APRS activity around K2HAX, go here.
’73 – N2ZVP – rochbert
from Antitree on December 13th, 20110 Comments