2015.04.15 – Cops Take Out Suspect Marana, AZ

Being in Tucson, AZ right now, I see the police pulling people over all the time.  They regularly pull over semis looking for illegals and drugs.  On my way to work sometimes I see 5 pulled over on the highway.  I have seen them pulled over while doing the speed limit.  From what I have read they can pull them over just to check there ‘log’.

Anyways, today I seen the video of the cop hitting the suspect in AZ.  From what I have read, the guy robbed a store, set fire to a church, stole a car, stole a gun, loaded it, shot it…

Then this:  http://www.youtube.com/watch?v=LVByrAm0bi8

Everything going on right now, with use of unjustifiable force, and this guy still takes this guy out.  When you see stuff like this you wish it did not have to happen, but in this case, it had to.  You know what?  The suspect is still alive too.

What a weird way to do it.  But it worked, and this time it was justified.  The news is speculating he was about to go on a shooting spree, others have said that he wanted to be killed by the police.

2015.03.00 – Monthly Update

w00t.  AZ is treating me well.  Lots to do.  I am going to be starting a project here soon so stay tuned.  I just have a ton going on right now but I wanted to get some of these links out and this post is already a few days late.

See you next month.


JO – https://www.youtube.com/watch?v=uiN_-AEhTpk

Looks like in depth resource on android security:  http://www.droidsec.org/wiki/

The Truecrypt Audit of 7.1a phase one is done:  https://opencryptoaudit.org/reports/iSec_Final_Open_Crypto_Audit_Project_TrueCrypt_Security_Assessment.pdf

Home of the Stoned bootkit: http://www.stoned-vienna.com/

Diceware Passphase Generator: http://world.std.com/~reinhold/diceware.html

Create Some Encryption:

CipherSaber:  http://ciphersaber.gurus.org/

AES:  https://github.com/moserware/AES-Illustrated


2015 – First Update of the New Year

General Stuff
What to say.  It has been a while since I have updated you guys, been really busy with the transition to Tucson, AZ.  AZ is nice, and right now, cool.  They say it will get hotter here in a bit.  We will see how good things are then.

Working on a few projects but just finally got everything setup at home two days ago.  I visited a hackerspace here but was throughly turned off.  More arts and crafts then hacks and live a little.  Still I may go back.  Anymore some of them I find are more of a utility and not a commune.

Mount Lemmon
We finally drove up the mountain right near us.  Something like 9000 feet.  We liked the sights and hopefully we will get some pictures up soon.  It was really cool and we were looking forward to eating once we got to the top of the mountain.

We looked at all three restaurants and a fudge maker too.  I was really surprised to see so much stuff up there.  There is a very small town at the top.  Summerhaven is the name of it and it is pretty cool.  I suppose they call it that because it stays cool during the summer there.

We ate at the Sawmill restaurant there and it was very good.  They were turning guests away though because they had some special valentines day dinner scheduled.  I just did not know what to think when I saw someone who biked all the way up the mountain get turned away because they were closing early to get ready.  Hours and hours of biking and you get to the top and get turned away.  I assume he went somewhere else but it seemed like Sawmill was the only restaurant with variety.  It seemed like the other restaurant would only have cookies and pizza.  They turned away many other guests too.

I am going to do this:  http://skycenter.arizona.edu/programs/public/skynights  I have wanted to do something like that since Hawaii.  The observatory in Hawaii was on the big island and I do not even know if I could visit it.  I really do want to.

pfSense Firewall

The QoS burst setting is broken in pfSense.  https://redmine.pfsense.org/issues/3933  I really needed this feature too so it sucks.  We are on a BW limited line at work and this would really help with large downloads.  I think I may have to put another/different router in the mix.

Centurylink is the perfect example of a bureaucracy.  I recently had the pleasure of doing business with them and they took days to weeks to respond to emails.  They never pick up the phone.  Ever.  Everything with them was slow and they had steps that they had to go through to slow things down more.  They would ask for information, and then act on it months later.  All these milestones that mean nothing.

Once our connection was up, it immediately went down.  They had some bad copper somewhere.  The funny part is, they sent me an email telling me it was messed up (Automation).  They would only act on it until I confirmed that yes, things do not work.

I did learn for any long runs on a T1 from demarc to router you should use Premises Cable.  See my wiki and google for more info.  It is disputed what a ‘long’ run is.  It was not applicable to my situation.

Wireless Signal
That link above has one of the best representations that I have seen of wireless signal.  That it is just like a lightsource, with ‘beams’ that can be blocked.

You can receive images from the ISS on 145.800MHz channel using RTL-SDR and a simple antenna.


Coolest thing Ever:  http://djer.roe.ac.uk/vsa/vvv/iipmooviewer-2.0-beta/vvvgps5.html


The Game Of Life

Einstein Lecture

Media Consumption
Jupiter Ascending – I think that it was good.  I would have change some things, but I think the ratings it is getting are not justified.  I think the entire cleaning toilets thing was a bad idea.  The best part of the sound track was in the credits, they should have moved that forward.  It felt like some of the acting was rushed.  It reminded me of dune though, with how the universe is ran.

Caught up on The American’s and now working on Marvell right now.

 John Oliver is back!


WEEKLY UPDATE – 2014.12.07

And the packing has begun.  We are getting ready to move again and things are working out.  Things get simpler when you take away all the crap getting in the way of your life.  I think we are on to something here.  Lets see how Arizona works out.


Yes.  Yes.  YES!  http://en.wikipedia.org/wiki/Space_Launch_System


Got to watch splashdown live.  It rocked.

Stay Away From My Phone
I was talking to the blackphone people about the baseband and the lower firmwares of the phone that they make.  I really need to look more into this but I would assume an un exploitable device would need to have its lower level firmware audited.

See here:  http://en.wikipedia.org/wiki/Baseband_processor

So I saw an email in my inbox about the PiPhone and I was immediately interested.  It uses the Sim900 GSM/GPRS module and AT commands for communication to the network and such.  I emailed Elecfreaks about how open the device is because I am interested.

This needs to happen and I think one of the bigger parts of this is how the devices need to be FCC certified.  I do not know of any open device that gives access to these firmwares.  I think cell could happen with a proper SDR and such but I do not know much about that either.  What do they use to setup those fake cell phone towers?  I think I have some info about that on the wiki.  Still it is all interesting.

Internet Stuff

Wiki Updates

Communist Comcast

Comcast Sucks!

Comcast Sucks!

So, I had this idea and wanted to up it and post it somewhere.  Ever since I received a cable modem from one of these guys with neutered upload speeds I knew what their game was about.

ETFs, terrible customer service, crappy contracts.  Funny thing is.  I have a business side connection and residential connection.  Getting support on the business side is easy.  They will be out THAT DAY.  Even late at night.

Do you know how hard it is to get a tech out for a residential connection?  Usually they want to charge you money.  Even after that they may show up…they may not.

HackSphereLabs – Weekly Update – 2014.11.25

Sorry for the week without updates and the late release of this one.  Been pretty busy over the past week.  The good news is, vacation is coming…so I should have a few days off to get my act together :p


Finally recieved my Blu-Ray buner!  After hours and hours of reading I have finally received my burner.  I decided to try the USB 3.0 interface out, now that I know my laptop has express card slots.  Besides, I think I have a defective eSATA express card from startech that I have to get replaced.

I tried to get the firmware update but alas…the download server was in maintenance mode.  I am going to update here in a bit once it comes back online.  I did a test burn with the RE media that I purchased and it seemed only to hold at 1x.  k3b stated it was going to burn at 2x, but still it seemed to hover at 1x.  I have to look into that next after this firmware update.

2010 Chevy Equinox Drive Image
So I wanted to get an image of my cars hard drive so I do not rely on the car manufacture when the drive goes bad.  I initially thought it would be easy, just pop the drive out and plug it into a IDE to USB bridge.  Nope, the drive was locked.  You can sniff the password using an oscilloscope.  But I do not have one, and I was not going to go through all that right now.

I decided to have the car unlock the drive, keep power to it, and then use the IDE to USB bridge.  It worked great.  It was a pain getting the male to male adapter and cable to the back of the radio, in the hard drive slot, but after that…it was pretty easy.

The only thing I noticed was that I needed to move the cable immediately to the adapter, or I think the hard drive would re-lock it self.  At least that is what I had to do in the end.  With a laptop in the car, I unplugged the cable from the radio with the car running, shutting the car off at the same time, and plugged it into the adapter.

I then dd ed the drive to an image, multiple times, compared the checksums to see if they match, and I plan to put it back in here in a bit.  I am going to loop the image ready only and explore a bit…later on.

Wiki Post About It:  http://wiki.hackspherelabs.com/index.php?title=2010_Chevy_Equinox#Copying_the_Hard_Drive

If you have not been watching Outernet, you should be now.  I cannot wait to setup a receiver similar to this:  https://discuss.outernet.is/t/buillding-myself-an-orx-outernet-receiver/652/13

This is a perfect solution to a problem.  A problem that will no longer exist.

Bunn Coffee Maker

We have to clean our Bunn Coffee pot out because it starts right when you put the water in no matter what.  Take a look at the pic I took when I opened ours up.  There are two screws on this model that are under the flap that you open on top.  After that it just pops up.  I think you should clean yours if you have one.


Video Demo of Cleaning Similar Model

Triclosan Alert

This is the second thing about Triclosan I have read about in a while.  The stuff is great for cleanliness, but it seems like it has long term health consequences.  It is the main ingredient in most antibacterial soaps.

Quote “Triclosan is an antimicrobial commonly found in soaps, shampoos, toothpastes and many other household items. Despite its widespread use, researchers at University of California, San Diego School of Medicine report potentially serious consequences of long-term exposure to the chemical. The study, published Nov. 17 by Proceedings of the National Academy of Sciences, shows that triclosan causes liver fibrosis and cancer in laboratory mice through molecular mechanisms that are also relevant in humans.”

Quote: “Tukey, Hammock and their teams, including Mei-Fei Yueh, PhD, found that triclosan disrupted liver integrity and compromised liver function in mouse models. Mice exposed to triclosan for six months (roughly equivalent to 18 human years) were more susceptible to chemical-induced liver tumors. Their tumors were also larger and more frequent than in mice not exposed to triclosan.

The study suggests triclosan may do its damage by interfering with the constitutive androstane receptor, a protein responsible for detoxifying (clearing away) foreign chemicals in the body. To compensate for this stress, liver cells proliferate and turn fibrotic over time. Repeated triclosan exposure and continued liver fibrosis eventually promote tumor formation.”

John Oliver
Salmon Cannon

Video Stuff
This is old, but I watched it again and wanted to post it:  RAID SSD’s

HackSphereLabs – Weekly Update – 2014.11.10

Another HackSphereLabs post…

What to say…what to say.  It has been a busy week.  Getting ready for my move to AZ and general travel requirements.  Past that, getting general stuff done.   A lot of tasks completed and I am sure there will be many more.

I have been looking into USB 3.0 vs eSATA for the below Blu-Ray stuff and I would have to say that USB 3.0 opens up some possibilities.  Sure there is hotswap eSATA but USB is a bit better for portability.  The faster speed really helps and I can, if I want, use 1 to 2 TB drives to backup to…with parity of course.  (bit rot anyone?).  It looks like the Chocolatey project is making progress.  Hopefully I can use it soon to manage all this Windows machines that I need to update.

Work is going to get busy, really soon.  We have to move the project too.

I have been messing with the tools to build an Archlinux live CD…I want to start making a custom live CD for my needs and hopefully others.  I discovered that parted magic is no longer free.  This sucks as it is a good product…it looks that the guy has even raised his prices.  I was just looking into it because it has nwipe installed, but so does system rescue disk…so whatever.  Gparted here I come…I may still purchase a copy.

The Amazing Amazon Echo!
http://imgur.com/pwqXvYU – Enough Said.

I have been doing some research on Blue-Ray because I am about to purchase a Blu-ray drive.  So confusing, not really confusing…but a decent amount of information from competing copy protections and formats.  The standard stuff, firmware to unlock regions along with a neat riplock protection that on some drives will slow down the read of a video disc.  How nice huh?

Take a look at some of the notes on the page if you are interested.

External Drive Box
Coming from my look into blu-ray I have decided that it would be best to get a full size drive.  There is more support for them overall, they are faster, etc.  I was looking for an in expensive esata drive case and I cannot find much in the optical drive range.  40$ for the cheapest and $84 dollars for the good stuff.

What a joke…I just want a metal box, power supply and a e-sata cable.  No circuits.  (Except in the power supply).  I am looking into building my own here:  http://wiki.hackspherelabs.com/index.php?title=Optical_Drive_Box

Looks like I am going to get WH16NS40 and a Vantec NST-530S3-BK.  After talking to the folks over at Vantec all I have to do is take out the USB to SATA PCB bridge and put a SATA to eSATA cable in.  Really.  Simple.  It will save me over 40$ on an enclosure.  The only USB 3.0 enclosure I can find, where I can do the same thing, and still have USB 3.0 is the $83 Addonics enclosure SESU3CS.  It is nice, but too much.

The next thing I need to figure out is media.

I changed a fuel pressure regulator in the Trailblazer and tightened up some pre vacuum lines that come off the resonator box and head to the regulator and crankcase….night and day.  I think it has also solved my bucking and chugging with regard to cruise control.  I have to update the post at gmtnation and a few other places.

I will get replies to my DDWRT post.  I hate forums.

http://shinytoylabs.com/jargon/#RUN EVERYTHING AS ROOT

Hard Ticket To Hawaii
I cannot wait to do stuff like this
Let’s See if This Works
I still have to watch the WWII stuff
Stuff About Vietnam
This is Smart
Oliver and Lowes, Home Depot
GM is Stupid
Daylight Savings Time
Useless Wireless Hat
John Oliver – Lottery

Survival Library


I will get replies to my DDWRT post.  I hate forums.

Survival Library

HSL Wiki Edits

HSL – 2014.11.01 – WEEKLY UPDATE

Another hackspherelabs post.

Somehow I missed the news about SMP mode and memtest86+.  SMP mode will allow multi threaded memory testing….I found out about it after wondering why the Dell Diagnostics seems to do multi threaded testing but memtest86+ does not.  It does…you hit F2 on start to activate it.  I do not know if it auto selects SMP mode on different systems.  Seems to work really good and is faster.  Also did you know the Ubuntu build of 4.20 gave false positives?  I would assume the SMP test would test each cores connection/path to the memory too (are they even different, or do they pipe through the same path in the end, I do not design processors)…but who knows if that is any different then the old way.

Windows Rant

Where do they find these people.  Reading Joe Belfiore’s bio, it looks like the guy was hard working…so I guess I can look past the new age look.  They have to have this guy in hair and makeup before he goes on.  Still…whatever, what do I expect?  He seems kinda cool.  But in this and other videos they talk about UI changes like they are new features.  DRM for corporate data?  Is that what we are talking about here in the beginning?  I mean they talk about windows features (maximize, minimize) like they have not been around since the first version of Windows.  (Windows, like windows you move and drag around…the basic concepts…)  THEY ARE BRINGING IT BACK WOW, you are blowing me away with all these new features.  Vintage…  I mean I get it.  UI has to be approached in this demo…especially when you shoved a touchscreen interface down the throat of PC users.  Touch is great…for people that have touch screens.  It seems like this has a good balance, but please, if I use a mouse and keyboard, stop hiding all the things that people need to get to in submenu after submenu.  If I have to hover my mouse for a second, you are wasting my time.

What about bootable ReFS volumes?  What about security?  And why all this cloud stuff?  Where is the button to disable the cloud in one step?  I cannot wait to spend hours and days of my time creating policies so Windows 10 does not leak data out when a user searches for a file…or transfers a picture from a camera, or whatever cloud stuff MS is planning to add to the OS.

I already know people at Microsoft know users do not know what they want.  They released Windows 8…

How about you open source the networking code for audit?  Filesystem code?  Parts of the kernel?(I can ask right?).  Encryption stuff?  How about a version of Office that works natively on Linux?  They have to protect the code.  Protect it!

Why are there so many different versions of the same thing?  Holy hell.  I cannot wait to purchase Windows 10 Ultimate Enterprise Business Premium Cloud Office, just so I can encrypt stuff and create word documents.  Does my license allow creating clone images?  I better get Master Enterprise Double Basic Platinum for that. /sarcasm

How about 1 version, with everything…at a lower price.  You could sell more copies of stuff everyone wants, and your product will actually be used, by everyone, to do everything.  I think every loyal Windows user that I know is now an OSX user…that is saying something.

I will never use Windows ever again if I can avoid it.  I do that pretty well right now.  But I know I will still have to spend my days, explaining to people, why this stuff hardly ever works the way it should.

Internet Links
Translators – https://www.youtube.com/watch?v=QplQL5eAxlY
Supreme Court – https://www.youtube.com/watch?v=fJ9prhPV2PI
Koch Brothers – http://news.yahoo.com/jon-stewart-daily-show-koch-brothers-video-133739372.html

Graphic Images of the Syrian Civil War:  http://imgur.com/a/3gxfb

This site is neat.  I think I have a book to add to it:  http://blog.survivorlibrary.com/

They have a torrent on the site too so you can leech the info.

Teenage Mutant Ninja Turtles (The New One) – Pretty cool.
Caught Up on Walking Dead
Marvel Agents of Shield (Catching Up)

Things to Look at Later
Consumer Router Mods:  At least a power Supply:  http://www.dd-wrt.com/phpBB2/viewtopic.php?t=54242




Scratch Pad

HSL – 10.19.14 – WEEKLY UPDATE

Here is the weekly update from HackSphereLabs:

So i finally made the decision I needed to with source (one of my laptops).  It is a toughbook and I originally wanted to get another drive caddy for it, for a second hard drive that I wanted to swap out and put another OS on.  The drive caddys are $70, the recreated ones from china are 75…what a joke.  I still want to get one but instead I undertook the task of resizing my lvm in a luks container.  I did not back it up and just jumped in.  The result is here.  I was successful but at the end I thought I had messed up.  When issuing the command df -H it was showing a root partition bigger then the logical volume.  It ended up being that LVM and gdisk use powers of 1024 to represent drive space.  I really thought most software used powers of 1000, specifically in Linux.  I was wrong and a df -h showed me everything was fine.

I also built a easy vid.me/uRl scraper with python, selenium, and firefox.  The site has a decent amount of content from China and India.  Specifically tv shows and other crap.  Along with the normal stuff you would get from a site that allows NSFW content.  The one thing that bothered me was the fact that they had nothing truly interesting.  Nothing useful that I have never seen before.  Owell, I will have to look elsewhere.

Selenium is really cool, controls Firefox in a variety of ways and builds a new temp profile every run.

Now that I have the space cleared up I am going to get a copy of backtrack/kali installed and start messing with some of these peripherals I have laying around.  Pentesting time?  I really need to get some work done on Momentary but I have lost touch with the other group member.

Lets get back to the gym too and get back on some of this consulting stuff.  I want to have some cash for the move in another month.

I have to get N’s Scentsy website setup too.

I really want to start using the HD camera to make videos, I think I have to come up with some ideas.  Possibly link into the pentesting project?  Plus I have to make that job video.

I should publish that vid.me python deal too.  Added to ToDo.

I had a job interview with a company in Cali.  Made it all the way to the end, and then nothing.  From what I heard they did not hire anyone.  Whats the deal!  Cali would have been expensive and now I am looking forward to AZ.  I think the company in Cali did not want to pay what I wanted to work there.  They really had some pretty low salary expectations for Cali.  I think they want to appeal to the single male that has room mates or something.  They said I would get another interview for another position…but nothing.  Whatevs!

I have a lot going on at work right now and I need to focus on some of the IT stuff that needs to get done.  I have been working in excel for at least a week strait and it is driving my crazy!  I linked a bunch of documents together so I have to do less work in the future.  That raise is supposed to kick in by the end of the month.

My virtualization infrastructure at the house needs upgraded.  It is on Debian squeeze and I want to put the domUs on local drives instead of the network.  My network infrastructure is secure, but not fast between routed networks.  I had to reboot my main nas and virtualization server as two domu’s where frozen…there was a kernel panic in the logs…

I have ran out of space on my NAS and this is a problem.  I may have to get some drives to back stuff up to, start archiving to blueray, or expand the NAS.  I have two of them and the second is too small to accept the zfs send from the first for clone, so I have to do something  I could erase the second and use it but what would I have for backup?  Something does need to happen soon.  I am down to 140gb out of 6 terrabytes.  It would be nice to get 5 (1 as spare) 6 TB drives…but even then, how do I back that up.  I think I need a new backup plan.

I could keep both NAS units how they are and just get two 6TB drives and use those to export a clone of the data to.  I just may do that.  I do not think I have any more external sata ports though.  I will have to see if I could add one to each, if I have any more ports free. I could even use a vendor based device and hack it with openindiana to accept zfs sends…like a two or three bay nas device.  I could use USB, I will have to see if that will suck.

One of the NAS units use ECC while the other does not…I would like to get rid of the other that does not while also keeping the protection of the ECC on the one.  If I attach drives to clone to I could do both and use the ECCless NAS for things that are not critical.  I can then see if I can put ECC in it (I do not think it is supported with that motherboard).

There is just not that much mini hardware out there with ECC I think.  AppliedMicro makes something but it looks like they only have other vendors building products around there 64bit ecc process.  The only thing I see right now is the HP’s Moonshot with the m400 cartridge.  It looks to have ecc memory.  It looks to be a system board with no vga output, and can only be integrated into a Moonshot chassis.  The moonshot must have management in it.

I wonder if I could take one of those blade servers, power it, and put video to it.  The front of them take a funky connector/3 way adapter cable that takes the one connector on the front and turns it into vga, serial, and usb.  They call it a SUV cable.  Quote:  “Connect the SUV cable to the SUV port on the Server Blade. Access the blade using the serial port (RS232 port) on the SUV cable, which is the cable with 3 ports or serial, USB and VGA.”

The connector on the back of the blade looks like it handles IO and from what I have read briefly it looks like the IO is a bus that interfaces with a mezzanine ethernet card installed in the chasis which links with physical ports on the chases  (through some type of board) and the pcie bus on the blade board.  I still bet you may be able to make it work…if there is a digital interface between those three things, a chassis would be needed.

I could also fall back to the HP Proliant Microserver.  It looks like it may be the perfect solution really.  I would basically be building another nas but with less drives:




I looks like the cheapest one on ebay right now is 225…

It seems like any enterprise servers are going to be too big for my needs.  Even SAS 1U or 2U servers are pretty long and the system board is about the same length, so no way to make it smaller.

I also looked into some used spam filters/firewalls and a lot of them do not come with VGA ports and are just as much as the hp microserver.  Nothing really cheap on ebay.  Looking at the barracuda stuff, the 610 is the first one to come with ECC memory.  Not that I would use them as spam filters but the cheapest one is $300 on ebay, and if you do use it, you would need to purchase a license.  What a rip.

We have to start prepping for Arizona.  HSV to Marana is 1639.2 miles.  That is 318.73 in gas for the trailblazer and 286.86 for the equinox @ 3.50 a gallon.  That does not include costs to get to HSV.  That is just 605.59 dollars just for gas.  This is not including cost to move to HSV for a few weeks and the drop in cash.  The HSV lodging I think I can work out though at a min.  SAV to HSV is 411 miles so 80 dollars trailblazer and 72 dollars equinox.

We also have pet fees in AZ on apartments that we would have to deal with:  *$200.00 non-refundable pet fee / $200.00 refundable $25.00 pet rent (1) pet / $40.00 pet rent (2) pets *Breed restrictions apply

The money these people make off of us and they constantly push the limits.  In other places I have had companies a thousand less then what they usually offer.  They act like they are not making money off us!  I think I may have to use another company or find my own.  We need to start working on that.  Basecamp task added!

I saw a video of some WA cops speeding and getting spotted via air enforcement.  Just shows you how serious they really take the speed limit into account.  Not that I do not always respect limits, it is just they are always so slow to start off with.  55 on a highway?  55 on a down hill straightaway?  It gets complicated when other people really do not know how to drive.  Why should I go slower because other people suck?  Speedtraps?  Air enforcement?

Grr!  what a waste of time.  They keep talking about driverless cars like they are the best think to ever happen.  While they are nice, I still think, I would like to drive myself sometimes.  What about the feel of the road?

But it got me thinking about how much more restrictive speeding is going to be in the future.  Right now we have posted limits that most ignore and a lot of good cops only go after the true idiots.  But can you imagine when they start using UAV’s to really do this right and they are everywhere?  UAVs the destruction of freedom.  Air enforcement may be king someday.  How do you stop this?  Can it be stopped?

I think it will be like those absurd red light cameras.  Where they decrease the timing of the light to catch more people.  Or where they cause more accidents because people slam on the breaks and get rear ended.  Let darwin work man.  People should pay attention when they drive and problem solved.

Lucy was decent and we are catching up on the Walking Dead.  Also re watched the last 3 Harry Potters. N is watching sons of anarchy.


Post Located At:  http://www.hackspherelabs.com/2014/10/20/hsl-10-19-14-weekly-update/


HSL – 10.04.14 – WEEKLY UPDATE

I have been looking into getting back into pentesting again.  Kali Linux looks promising and I am waiting on the funds for another drive.  I may just grab the drive back that I gave someone and they have not used yet.  64GB crucial SSD should do well.  I have been going back and fourth about repartitioning one of my encrypted disks and just dual booting but it just seems like way too much of a hassle and I like the idea of an isolated drive that I can swap.  I think it would be a good way to get into tutorial mode again…it has been a while since I released a guide.  I usually just pump info into the wiki.

I have two nice dell monitors that I need to get together and put on the main system.  Displaylink is great!

I am impressed with the updated linux support for some of the HP laser printers that I have to use.  A lot of the bugs have been ironed out in the Archlinux package which is nice.  Though I just had a friend mention that Linux printer support is horrid.

My python project is a bit halted right now but all is not lost.  I just need to get it up into get and move forward that way as it will make the project more portable and solve some of the problems I have been having moving computers around and such.

I was looking at vid.me and was wondering why there is not a public indexer out there….you can just change the url and look at any video…there are no privacy settings and after seeing what people post on there…I think they think some of those videos are private…  It seems that they do not use a or b in there vids…the best way to find a vid url group is to start with a url ending in z.  So tYz….99 percent of the time something like tYc would not work, but 99 percent of the time, tYd would load just fine.  I may build an indexer.

I am working on using tracmor again at work for inventory and asset control…it looks like it is going to be perfect…may have to customize some things.

Firefox keeps crashing on both my of Archlinux boxes.  I have to look into this.  Archlinux also changed the way system dumps are processed.

I have to get rid of all my useless hosting!  Not even using it really…..

The last few weeks have been good.  Making progress and the vehicle has been treating us well.  We put many thousands into it to make it the way it needs to be.  We are going to be taking a trip and I have a few things to accomplish but over all it should be decent.  The last day is going to be harsh.  15 hour drives are not fun :/  Getting the cash situation straitened out.  That seems to be better.  Overall getting back in the swing of things after being in Hawaii really.  I guess the island of Hawaii affected me a bit more then I understood.  Too much vacation mode in my mind.  Need to focus on the grind and the simple things really.  I have halted the job search for a bit to focus on the next move to AZ.  It is up and coming and I need to get things lined up before I push forward.

Comcast customer service is trash.  I spent 8+hrs on various chats with them which ended up with them telling me I have to pay to have someone come out to fix whatever causes my modem to go offline 5-6 times a day and range for a bit before it reconnects.  If they merge with timewarner I do not know what to say…it is just going to get worse.  I believe in a free market but these guys have to be manipulating it!  On the other end I have a client that has timewarner and we had a call about something else.  Night and day…it was a 5 min call, got all the info I needed.  Still that time warner rep was reading script and I am sure if he was having the same problems I was having he would have had the same problems.

I ended up getting someone to come out by asking our leasing agent to get a hold of Comcast for me.  They have something like 20 accounts so maybe it was easier.  Comcast did not show for the fist appointment one weekend, did not call or anything.  I called 4 hours after they were supposed to show and got the you will be next speech.  Still nothing.  Never showed, never called to reschedule.

I got the appointment rescheduled for the next weekend and the guy showed up.  Well almost.  I was walking the dog and saw a Comcast guy drive up to the gate, search the gate names for entry for about 30 seconds (how can you even find my name in the first place in that amount of time, those things suck) and then park in the parking lot.  I put the dog away, and walked up to him…he was watching netflix or at least listening to music in the parking lot.  When I asked him if he was there for me he said yes.  He said he called someone and asked how it was supposed to get in.   He did not call me though, you know, the number on the invoice. (who did he call?)

The guy was just going to sit in the parking lot, and do whatever, and then move on!  All he did was replace the modem with a different brand.  (did you know that all the Comcast modems look the same but have different manufactures? (serious))  It seems to be working but who knows.  I have friends in the apartment complex that had the same problems as me.  I wonder if they all have bad modems.  The funny part is, that as I was leading the guy to my apartment, another guy started asking him what is up because he has the same problems that I do.  I think they all have bad modems, or the cable network at the complex is broke.

Anyways, Comcast in GA is horrid.  Funny thing is, I paid like 300 a month for 100MBIT DS and 10MBIT US in Tacoma, WA while I was there and did not have any problems.  Though, the installers constantly ‘joked’ (harassed is more like it) that no one would ever need this fast of speed.  I actually thought it was 100/100 and not 100/10…and when I called the rep to ask what was up the guy acted like I was an idiot and started to ignore me.  I guess his and Comcast’s Internet must be just to good for me.  I figured they would monitor usage and use the statistics on my account as most probably do not have the 100/10 package and use it restrict people in the future so I maxed that connection as much as I could, when I could.  Download to /dev/null!

Residential Internet is crap.  Even Google really.  I find it a joke that they make themselves out to look like the good guys but there TOS prohibits severs and such.  They should have a tagline like:  “Break Our Rules Faster with Google Fiber”.  I should be able to MAX that connection 24/7 and they should not say a word. Owell, there goes the future.

As of late in some of these places I go, I get BW limits on total data transfered.  In fact I am in one of Comcasts 300GB ‘test’ areas.  I am glad to be one of the select group that Comcast is screwing over.  It feels great.  Thanks Comcast.  I once had that problem with ATT fiber too.  (I never hit the caps though, I try and stay under if I can)  I asked an ATT rep if I could just get a business line instead if I wanted and they told me I need to show ‘proof’ that I had a business.  WHAT WHAT WHAT?!?  I guess my peasant status is not enough to get full unlimited, unfiltered access to the Internet.  My money is no good.  I am not worthy!  I could be dangerous with all that bandwidth.

Idiots.  The lot of them.

Dam.  A lot of text above.  At least I got that info out and should not have to type it again in the future.  I can just reference this!

Kaplan university, props to you too.  I know a special someone who ran out of financial aid at the end and took a loan out from the school.  What they did not tell her is that she will not get her degree or transcript until the ‘loan’ is paid off.  Thanks guys!


ArthrD3nt…keep up man!

Still working on Startrek Voyager…the 2nd time around.  Re watching all eps again.


HSL – Autochimp Intergration – 2014.09.22

So, if you are receiving this message you are on my blog mailing list.  Don’t you feel special?  I know, I know…I would to.  Lets see what we can do with this.


Test Message 1

Lastpass is Garbage

What is wrong with everyone.  Am I the only one not taking crazy pills?  Is it the same people that say encryption is 100% safe and no computer could crack that in a million years that are creating these services?

Who ever thought storing the keys to your life online at lastpass.com was safe?  Here is a quote:  “All sensitive data is encrypted and decrypted locally before syncing with LastPass. Your key never leaves your device, and is never shared with LastPass. Your data stays accessible only to you.”

Whew.  I mean, I was worried that you where syncing an ever changing encrypted file, with a known syntax, and the same encryption key.  That one password should keep me safe.  Thanks.

These people are nuts.  They act like, if it is encrypted, it is safe.  No, no it is not.  Encryption is a small layer of security, it is not like it cannot be decrypted?

You can give the passwords to your kingdom away.  I will keep mine close.

The Internet

A story….

I would not be possible. This would not be possible. People have been using the Internet for so long we forget what it really is. Does anyone really remember what it was like before the Internet? How slow information used to move? How limited access to information was? Who controlled the flow of knowledge globally?

Why do you think any of us are like we are today? When I was a child no Internet existed and instead I had nothing but books. I love books.

My first computer was the key to the door that opened everything else in my life. The Internet was just the path. Networking protocol and information. I had more knowledge at my fingertips then at any public library, anywhere. I had more knowledge then any other human in any other previous generation. I did not need to worry about censorship or belief. It was the one place, the only place, that one could be free and not get punished for it.

I could learn anything and everything…and I did. I still do.

We have more information at our fingertips then any other generation ever and considering the growth of knowledge and data every second, one could say the same in that manner. Every second our combined knowledge grows because of the Internet.

There have been and still are many enemies to that freedom. The more I read about them the more angry I get. The more I participate in what people think the Internet is the more I know they have no idea what it represents and what it has given us and continues to give us.

Unlimited, unconstrained, access to information and people. I still can not understand why people and organizations like you want to take this away? You should be ashamed. If you were to head to the streets and start burning down libraries and setting up theaters there would be riots. You are taking advantage of peoples lack of understanding of technology and people like me know it.

It could be that the Internet has leveled the playing field in so may ways that someone or something somewhere wants to stop this. It could be possibly that they are losing control of ancient business models, outdated information control methods, and populace development influence. It could be that they want to crush that freedom and bring the world back to a place where they control it.

I for one will not stand for this and I think I know plenty of people who think the same way. Especially considering that they too have similar stories. That they too realize how important this information and how fast it moves between people and systems is.

Politically, when the Internet was young I used to hope that the US government would make constructive simple laws the same way I thought freedom in this country is. Laws regarding the Internet have turned out to be nothing but a disaster. Restriction, after restriction, after restriction. Unenforceable restrictions even. Where are the laws protecting freedom on the Internet?

The Internet is a freedom that should be protected. It is an essential tool that has become the pen and paper of the modern generation and if you should choose to infringe on that right or limit that right you are an enemy to the very fabric that this nation was founded upon.

Generate XRAY Easy

Very Cool.

To Whom It May Concern