.:[ a broken lcd ]:.

For the past two weeks, I have been working on a new smart card project. I’m using a low-end card for development and testing; it is certainly not a cryptographically strong card. The card is a ZeitControl Professional BasicCard ZC5.4; it has a processor supporting public key cryptography using elliptic curves over the field GF(2^167) which in theory provides the same cryptographic strength as 1024-bit RSA keys, 128-bit AES for session keys, and SHA-1 as a message digest algorithm. As previously stated, not cryptographically very secure but at 6 USD per card, financially affordable to develop a basic smart card platform. Unfortunately, it uses a modified form of BASIC (called ZC-BASIC) as the card language (which may also be used to develop the terminal aka PC-side application). Fortunately, it includes a Java API to use for terminal applications.

I’ve finished writing 90% of the card software at this point, with only encryption and decryption routines needing to be finished. I also have a terminal driver written in ZC-BASIC done, which merely allows testing of finished card commands.

The current phase of the project is researching some methods for implementing encryption / decryption, and writing the Java terminal software. At this point, I have the card service finished to implement all the card commands currently coded. Unfortunately, my Java skills are weak so I still need some work learning Swing and more Java to finish the terminal.

For those interested, there is a sourceforge page up; the ZeitControl IDE (which is woefully simple) is available from the ZeitControl website.

September 25, 2009, 8:23am

I picked up an episode of a TV show off the iTunes store. I figured since the music was all DRM free, so would the videos. That is definitely not the case. Fortunately, a while back, I had torrented Requiem; however, the latest versions of iTunes render Requiem useless. Using an archival site, I found iTunes version 8.0, installed it on the Windows virtual machine I have on my laptop, and tried running Requiem. Nothing. Kept getting the error that the file could not be decrypted.Then I realized that I had forgotten to authorize that iTunes instance with my ITMS account. Once that was done, I was able to start decrypting the file. About five minutes (or less) later, my .MP4 was ready and worked fine on my eeePC running Linux, although mplayer didn’t have the h.264 codec while VLC worked just fine.

Now, what could an honest, law-abiding citizen such as myself possibly want with circumventing DRM? That’s stealing, isn’t it? Well the problem is that I only run Windows in a virtual machine. Sure, I buy music from ITMS, but that’s in a virtual machine where I then copy the (now) DRM-free music to my Linux music library, load it on to my iPod, and generally also transfer it to my OpenSolaris install on my laptop. Trying to play movies on the virtual machine is like trying to watch YouTube on dialup. Ain’t gonna happen. A decrypted file is necessary for me to actually watch the video files on anything other than a tiny iPod Classic screen.

August 31, 2009, 7:24pm

I started learning Java this week for a project idea I had. I’m using the Java Tutorials bundled with the NetBeans IDE StarterKit DVD. This is the first time in learning a new language (and I’ve used C, C++, perl, python, various flavours of BASIC, PHP, and assembly on a couple different platforms) that I’ve learned about inheritance before learning about basic I/O. Well, to be fair, I know how to output things to the screen. I just don’t know how to input them. That lesson comes in the second trail, “Essential Classes,” right after Exception Handling. What a crazy world.

*** DANGER: HERE BE POLITICAL RAMBLINGS ***

*** DON’T PANIC ***

Also, Japan has a different political party in power for the first time in 50 years. I’m skeptical, as I always am of polichickens as I find they’re the same the world over, but hopefully Japan doesn’t get screwed over by the promise of change as we seem to have been. All this last election did for me was reinforce the knowledge that both major political parties are different faces of the same coin, two poisons of different flavors, blah blah blah. You know, the Republicrat party.

August 31, 2009, 3:09am

[Flash 9 is required to listen to audio.]

Here is the second track, as promised. I guess I should mention that this one is called Arpanet (that’s right, a song called Arpanet!), and is the second track on the album.

August 29, 2009, 7:52pm

[Flash 9 is required to listen to audio.]

I just picked up a new CD today called “Hackers Versus Crackers” by Arthur Dellea. So far it seems like real good material and the best part is, it only costs $8. So I’m posting the last track (Unix And Linux) as a preview. The CD is a mix of electronica and some classic kind of rock type tunes. I’ll post another track tomorrow with a more rocky tune to it. And yes, I bought it based on the title (and previewing a couple of tracks).

August 29, 2009, 3:23am

// wrote these on the bus headed in and out of Golden, didn’t get a chance to
// submit them before now.

Current Location: on the bus in Downtown Denver (39.737 N / 104.993 W )
20090825 - 1100 MST / 1700 UTC


Listening to Vernor Vinge’s SALT (Seminars on Long Term Thinking) talk on why
the Singularity* might not happen. To risk restating the podcast, which is
available online (check out, as a matter of fact, The Long Now organization at
http://www.longnow.org), Vinge gives the following as reasons why the
Singularity might not in fact occur:

1. Mutually assured destruction actually does occur,
2. Our civilization enters into a golden age, and we enter into a form
of transhumanism that obsoletes the idea of the Singularity, or
3. A wheel of time scenario in which humanity cycles through periods
of long runs, only to suffer near extinctions requiring the rebuilding
of society (i.e. the Roman Empire on a global scale, a real mind twister
when you look at how globally interdependent the planent is now).

I’ve been tossing around the idea of the Singularity as being a force or major
event in the cyberpunk novel I’m very slowly working on, and it certainly
provides some food for thought concerning the future. He notes that “younger
older people”, with their wisdom, would be good for humanity, and that research
into productive longevity of the human race would be a good policy decision.
Their insights into events of the past and the course of history to that point
through their lives would help with the aims of the Long Now. This could be an
interesting scenario, much like the character of Conover, the sumggler lord, in
the cyberpunk novel Metrophage.

I’ve also noted preparations for my upcoming business trip do not take all of my
time or even always most. Operating under this parameter, I’ve decided to start
using some of my free and currently unemployed time to earnestly study Java and
how to write webapps, and integrating Java, PHP, and possibly perl or python or
(my ultimate goal), lisp. Definitely not Ruby though.

I have two small projects I want to develop first:

1. a java SFTP program to provide a unified, cross-platform tool for
providing a free SFTP GUI for whatever operating system being run (as
long as said OS runs Java) to learn some secure network programming
techniques in Java, and
2. a tumblr notepad like program to write new posts from your desktop
(maybe some sort of desktop widget) to learn how to do HTTP interfacing.

Both of these will work towards a program that was originally suggested to me
by a systems administrator at my last job (where I worked as a student network
administrator) that could provide the first real cash flow and name for Epic
Secure Data Systems, but I need to come up with some intermediate projects to
work on to lead me there.

We’ll see what happens down the road.

————————————————————————————————————————

Current Location: The bus (headed back to Denver) (39.738 N / 105.156 W)
20090825 - 1536 MST / 2136 UTC

Had a few more thoughts based on things that Vinge mentioned in the Q&A section
of his speech. Some of these he ended up more or less saying anyways.  There are
certainly some interesting perspectives here though:

1. The possibility that the Singularity occurs as a rapid chain reaction,
or, as Vinge put it, “an explosion rather than progress.”

2.Think about the idea that the Singularity could (at least initially)
be isolated to the military-industrial complex.

3. The Singularity may be the byproduct of a new type of arms races.

4. If one side in an arms race gets to it first fast enough to take
advantage, could we end up with a one-sided singularity? If both get to
it at the same time, could an informational form of MAD (not necessarily
limited to the originl MAD idea of deterrence) take place? Either way.
how does this affect the outcome / situation regarding the Singularity?

5. One thing Vinge does talk about is a possibility assuming we begin the
colonoization of extraterrestrial locations (asteroids, planets, other
star systems): how does the Singularity propagate through to the remotest
systems? What effect does this have on the scenario and on society?

6. If the Singularity dominates mankind, how will that change the
social power structure? Maybe the Singularity won’t dominate, but “simply”
overthrow the status quo.

I’m falling asleep as I type, the result of no sleep last night. Hopefully, the
skipping of a night will allow to at least temporarily reset my sleep schedule.
Also I would like to expand more on this, but I’m barely coherent as it is. So
this will be it for now, and I will definitely be spell-checking again tomorrow.

August 26, 2009, 12:45am

Owing to my not-hacker adventures, I haven’t done much with the computer lately. But last night, due to a large bout of insomnia, I reinstalled OpenSolaris on my laptop (I was running kubuntu) and I saved 15G for OpenBSD. We’ll see how things turn out…

Sometimes, Wally, I wonder if I’m like you. Except instead of changing hardware, I change operating systems.

August 25, 2009, 3:11pm

With the Soekris and some OpenBSD network security projects that jumped up, I haven’t had time to work on the Secure Data Haven.

One of my fellow HOTSC hackers was able to get Gentoo installed (no hardened kernel yet) by sitting down and finangling with the kernel. The harddrives are currently being encrypted, a process that has taken over 24 hours so far and will likely take up to three days.

Once this is finished, with tor, OTR, freenet and the rest installed, then will come the part of the show where we get the hardened kernel working.

March 29, 2009, 3:41am

I am using my Soekris net4501 as an OpenBSD VPN / firewall / router (still getting it set up and configured, I hate it when school gets in the way of hacking) and found the following BIOS settings useful:

> set BootDelay=2

> set FastBoot=Enabled

With FastBoot enabled, you need to hit Control + P to enter the monitor pretty much while it’s posting, otherwise you’ll miss it. It boots a lot faster this way.

Other useful settings may be to change the baud rate or CPU speed. As per the manual, to display a list of parameters and their values, issue the command ‘show’.

That’s all for now, folks.

March 28, 2009, 10:22pm

It’s always best practice to make sure your device firmware is up to date. So, when I got my Soekris net4501 and saw it came with BIOS version 1.26a and the latest version is 1.33, I decided to update the firmware. I used the following software (keep in mind I am running OpenBSD 4.4 on the laptop I’m doing this from):

• picocom - not in ports but on the web. My terminal software of choice.
• lrzsz - needs to be installed from ports. It is under comms.

First thing is to download the latest image from the soekris website, which is named something along the lines of b4501_133.bin. Next, pull open the terminal, ensuring of course that your connection settings are correct. For the net4501, it’s 19200 baud, 8N1, no flow control. Also, you need to set your send command when starting picocom (—send-cmd). In this case, since we are using lrzsz, that means we use lsx. Make sure to pass the following options: -vv (verbose mode), -b (we are transferring a binary file, not an ASCII one!), and -X (use the Xmodem protocol).

Armed with this, I set out to update the BIOS. Obviously, upon booting you will need to drop into the monitor and use the download command. However, I kept getting NAK errors and the updates failed, looking like:

*** file: /usr/export/home/brokenlcd/b4501_133.bin
lsx -X -b -vv /usr/export/home/brokenlcd/b4501_133.bin
Sending /usr/export/home/brokenlcd/b4501_133.bin, 608 blocks: Give your local XMODEM receive command now.
Xmodem sectors/kbytes sent: 0/ 0kRetry 0: NAK on sector
Retry 0: Got 72 for sector ACK
Retry 0: NAK on sector
Retry 0: Got 6f for sector ACK
Retry 0: NAK on sector
Retry 0: Got 6f for sector ACK
Retry 0: NAK on sector
Retry 0: Got 6f for sector ACK
Retry 0: NAK on sector
Retry 0: Got 6f for sector ACK
Retry 0: NAK on sector
Retry 0: Got 6f for sector ACK
Retry 0: NAK on sector
Retry 0: Got 6f for sector ACK
Retry 0: NAK on sector
Retry 0: Got 2a for sector ACK
Retry 0: NAK on sector
Retry 0: Got 6f for sector ACK

While searching out the possible errors online, I discovered that there is an undocumented option to the download command. When I told the BIOS to ‘download -‘, it worked like a charm. It uploaded the 76k BIOS update and then I ran flashupdate. Now:

comBIOS ver. 1.33 20080103 Copyright (C) 2000-2007 Soekris Engineering.

and shortly thereafter, OpenBSD boots. Mission accomplished, batman.

March 28, 2009, 9:45pm