Aloha From Hawaii : Kauai Day 1

Penelope and I touched down in Hawaii today for a friend's wedding. We're staying at the Kauai Marriot in Lihue. Before we left I picked up a waterproof camera, the Olympus Stylus 850, which I'm very happy with so far. I love having a waterproof ultracompact camera. Here are a few shots from today:

Check out the rest of our Hawaii photo gallery.

Downtown Los Angeles Walkabout 1

Now that I'm 30 I've decided it is time to lose some weight. Part of that will involve adjusting my diet to lower my caloric intake. Another part will involve exercise. I am making the exercise part fun by going for an hour walk every day around Downtown and shooting photos along the way. I plan on going a different way each day to avoid monotony, today I walked over to Little Tokyo to drop off a Demand Warrant for DLANC. Here are a few photos I shot along the way:

You can check out the rest of my Downtown Walkabout photos here.

Update I totally forgot to mention that these were shot with my brand new lens, the Canon EF 16-35mm f/2.8 L II. So far I'm really digging it. Also Jim Winstead pointed out the irony of my first choice of photo in a post about losing weight!

DLANC CERT Training Session 1 of 3 : This Saturday: September 8th!

The time has come for the first of the three Downtown Los Angeles Neighborhood Council's (DLANC) Community Emergency Response Team (CERT) training sessions! The training will begin this Saturday, September 8th, starting at 8:30am and running to 4:30pm at the Los Angeles Theatre, located at 615 S Broadway in Downtown Los Angeles. DLANC is sponsoring the training and is providing delicious lunches from the Corner Bakery.

There is no charge for the training or the meals, the only thing you need to bring is your thinking cap and note-taking supplies.

Please be sure to RSVP to cert@eecue.com with your full name and phone number if you are planning on coming.

Black Hat 2007 : Day 1 : Assorted

Ok, I'm getting tired, I didn't get much sleep last night after driving from LA to Vegas. Here are some photos I shot at the last group of sessions:

Black Hat 2007 : Day 1 : Phil Zimmermann

In case you haven't noticed I'm liveblogging Black Hat 2007. I just watched the end of Phil Zimmermann's talk about his new VoIP encryption product / SDK: ZPhone. Z-Phone is an application that allows you to make secure, encrypted phone calls over the internet using standard VoIP protocols. As with Zimmerman's other well known project PGP, the source code and software is given away for free.

During the question and answer session he talked about his disdain for software patents, but added that he had recently applied for a patent for the ZPhone protocol, with an interesting twist. He is using the patent for good, and here is how: Part of the patent states that any time a key is copied and stored (which would allow a party to monitor / wiretap the call) a flag is set on that session that designates the wiretapping. This won't prevent interested parties from not using the flag, but it will prevent them from using the free license for ZPhone and thus force them to disclose that their product is wiretap friendly.

Here are some photos from the talk:

I just heard this random quote in the press pen: "Our experience is to stay off the wireless network at Defcon, we actually got hacked into a few years ago." I bring my own out of band connection with me to all security conventions and even with that I still do all my surfing / blogging / emailing through an ssh tunnel to a trusted server.

Black Hat 2007 : Day 1 : Dan Kaminsky

Dan Kaminsky just gave a talk about the nasty things that service providers are doing to your network traffic, how it relates to network neutrality and how to detect it. Basically nearly all router manufacturers are working on technology to do hostile things to your internet traffic, including slowing certain parts of it, monitoring it, modifying it in real time to do mean things like put their own ads in your web pages or worst of all, storing it and selling it.

Dan stated that this kind of trickery is going to either make web advertising obsolete, or force most if not all web traffic to be encrypted. If ISPs don't wake up and realize that what they're doing is wrong and bad the effect on the current internet ad market will be bad. I never thought of network neutrality as more than just shaping traffic or preferred routing, but Dan opened my eyes to the ugly things that vendors and ISPs are doing to our data.

Here are some photos from his talk:

His grandma is in the audience, and he was giving away some of her cookies to people who asked good questions:

Black Hat 2007 : Day 1 : Richard Clarke + Swag Bag

I'm attending the Black Hat Briefings in Las Vegas. I just caught the tail end of Richard Clarke's keynote speech. One thing he said in a final question that I thought was really cool and spot on is that the government should be monitoring terrorists and hacking in to their computers, but should not be monitoring everyday citizens. I wish more government (or former government) officials felt this way as well.

This Black Hat is the largest ever with over 4,000 attendants. They completely streamlined the registration process and it is operating much more smoothly than last year.

Here are some photos from his talk:

And here is what came in the swag bag:

Lupe Fiasco : Coachella 2007 Sunday : Part 1

Here are some photos from Lupe Fiasco's set:

Pharoahe Monch : Coachella Saturday : Part 1

Here are some of the photos I shot during Pharoahe Monch:

I am going to try and catch Ghostface Killah, Ozomatli and Red Hot Chili Peppers later. Here are the rest of my Coachella Saturday photos on flickr.

Xeni Jardin is live blogging from coachella as well and has this very detailed post up on BoingBoing.

Brother Ali, Toki Wright, Flostradamus and Kid Sister : Coachella Friday : Part 1

Here are some of the photos I have taken so far today:

I caught a few minutes of Flostradamus featuring Kid Sister:

I then had some water and headed back over to the main stage to watch Brother Ali and Toki Wright:

I got a photo of the large bottles of CO₂ on the main stage... I'm guessing for an effect during Bjork's set. My EVDO is getting a much better signal now so the photos are uploading faster. I'll be shooting photos of Stephen Marley and Amy Winehouse and uploading them in a few hours, probably around 8pm. Keep and eye out for updates here or blogging.la.

Here are my: Coachella Thursday Photos and Coachella Friday Photos.

Black Hat 2006 Day 1 - Sidewinder

Frequently you find a speaker who is covering a very interesting topic, but may not quite have a firm grasp on keeping a crowd interested. Public speaking is not a skill that I have mastered, and I feel that the folks that were talking about Sidewinder are in the same boat. Sidewinder is a promising piece of software that Shawn Embleton, Sherri Sparks and Ryan Cunningham are working on. Sidewinder is a fuzzer that uses genetic algorithms to evolve the fuzzed input in order to get the funky data to the place in the code where you want it. The next logical step of their application is to add some software to create exploits once you get to the place in the code where you suspect a vulnerability may exist. Keep an eye on these three, I see big things coming from their collective intelligence in the next few years.

Update I had a chance to speak with Shawn about the Sidewinder application and he told me it was all coded in just a few months. He isn't sure if he will have time to continue development on the application, but I encouraged him to as I feel it is a great concept and could grow to be one of the best fuzzers out there.

Black Hat Day 1 - Registration

I am attending a 2 day security convention in Las Vegas called Black Hat. The flight in from LAX was short, although I did get the old TSA hassle, for the first time ever I was directed to stand in the little search corral and the frisked me, then swapped my bags and fed that to the spectrometer, I heard from another attendee that people all over the country are getting extra hassles.

I showed up at Caesar's Palace right at 8am to get my credentials and everything went smoothly. The line for the general credentials was insanely long, but luckily there was a press line that was only a dozen or so people deep. Jeff Moss will be giving his intro in a few minutes and then the keynote: "Fighting Organized Cyber Crime", which should be interesting. I'll get some photos of the speakers and try and upload them and give an update between talks. The photo above is of the free swag you get upon registration... a pretty good haul.

Coachella Day 1

Photos and words.

Coachella Day 1

Photos and words.

New Furby Hacking : Part 1 : Skinning

Yesterday I went and bought the New Furby which just came out in October this year. The new Furby is a pretty darn advanced toy for only $30, if you haven't seen one before they are basically armless Mogwais with beaks. New Furbys are powered by the Sensory Inc's RSC-4128 which is a multi-purpose microprocessor that does everything from voice recognition to text-to-speach to IO to DTMF output. After reading through the white paper for the RSC-4128 I was pretty sure that the Furby would be quite the hackable robot, so I decided to take a look inside and see what hacking would entail.

WARNING : If you take apart Furby it will never be the same once you put it back together, unless you are really good with a sewing needle.

I started by removing the feet which are fastened to Furby with a triangular security screw. The Boxer 62 piece security bit set that I bought at Fry's a few years back contained a triangular bit that was just slightly too large to fit the Furby foot screws, so I filed it down a tad and in it went. After taking off the feet, the clawed under-feet were exposed which were surrounded with little fur booties that just slid off with a little tug. Once I removed the under-feet I could see how the fur was attached to the skeleton.

The fur is glued on in 2 places, which i cut with a sharp knife. The fur also has plastic tabs that go into the base of Furby, which can be pulled out with a little effort. Once you have the base of the fur free from Furby you will have to open up the back of his little fur suit, this back is lightly sewn with just a few stitches and opens easily once you free the first stitch, almost like it was made to come open easily.

After you have opened the back of the suit you can slide it over his head, you will have to snip the small threads at the tips of his ears to get it off over his head, don't snip the big white threads that loop through the plastic ear guides, this is used to track the location of the ears. You will also have to snip the thread on the tip of his mohawk support and the thread wrapped around his eyebrow mover.

Then comes the tricky part and that is the last screw that holds the plastic eye and mouth guides onto the center of the face, at first I tried just pushing a screwdriver right between his eyes and turning but I couldn't get a hold of the screw. Next I tried just twisting the whole thing, but this seemed like it was going to mess up the eyelashes. Finally I just pulled hard on it and it the plastic flexed and popped off the screw. Now Furby is hairless and looks like a cyborg version of Mr. Potato head, sans-bucket of parts.

Furby's shell is closed by 6 screws and once they are removed you can open it up and see the goodies inside. After his shell is open, you will have to unwind the zig-zagging red and black wires, which I think are some kind of antenna to allow the Furby to communicate with its brethren. After you have released and unwound the wires you will need to cut the microphone, as there is no way to get it out of the shell without cutting it. Once you cut the wires in the middle, you will need to strip off the insulation so that the mic can pass through the grommet. The grommet has two sides, to get it out first pry out the outer grommet from the front of the shell and then push on the leads to drive the mic forward and out of the shell. You can then pull out the the rear grommet and use them together to protect the mic although it isn't really necessary.

After pulling the mic, I stripped the cut leads and removed the old leads from the motherboard, then I soldered the mic back on to the mic traces on the motherboard. I suppose this was the first actual hack. I then screwed back on the under-feet, stood Furby up, and switched it on. He worked fine and responded to my request to tell a joke.

I then removed the silicone mouth which was fastened by two screws to the face, once it was free from the face i had to clip two little silicone loops that attached to the beak and tongue, this will probably prevent the Furby from ever working the same again, although I suppose gluing would be possible.

The next step was to take a look at the motherboard. The motherboard is fastened to Furby with two screws, once you pull it off you will have to remove several snap in connectors, but to really get a good look at it I had to snip the feeding switch leads. Cutting the feeding switch wires was actually a good thing, because it makes feeding Furby much easier (just short the wires together). Here are pictures of the motherboard, the ROM/RAM daughter card and the transistor daughter card. The epoxy blob in the center of the MB is the RSC-4128, I am not yet sure what the other blob is.

The coolest thing I saw once I opened up Furby was that the board designers were nice enough to leave nice large pads for the RSC-4128 diagnostic interface, which hopefully should allow programming of the Furby. I am not sure, but I think the diagnostic port is a serial interface. I have ordered the development kit from Sensory Inc, and I'm sure this will help answer some of my questions. If I do end up being able to alter the programming / data on the Furby here are some things I plan on doing:

• Give Furby a more colorful vocabulary
• Teach Furby some tasteless jokes
• Change Furby's voice tone to be less cute and more evil
• Give Furby a funny accent and maybe a lisp and a twitch
• Hook up some of the unused I/O ports to control other things (the chips has 24 I/O ports with 10mA outputs)
• Expand Furby's memory
• Utilize the voice recording function of the RSC-4128
• Make Furby a voice controlled DTMF dialer
• Utilize the MIDI synth contained in the RSC-4128

Here is what I plan on doing even if I can change the code or data:

• Add nicer switches to the make the Skeletal Furby easier to
• Pet
• Feed
• Tickle
• Turn off
• LEDs that light up when Furby moves
• Volume control for the speaker
• Put the Furby head on a Robosapien body

Here are some relevant links:

• New Furby Hack photo gallery
• Sensory Inc Furby Press Release
• Sensory Inc RSC-4x Family Info
• RSC-4128 Data Sheet (497k PDF)
• Sensory Inc Dev Kit Order Form
• First Gen Furby Hack Site
• First Gen Furby Autopsy
• Permalink
• Comments

Only 1 Day Left to Bid on My Autions!!!

so don't sleep.... here is what i have for sale:


IBM Thinkpad $5.00
Neon Genesis Evangelion 0:2 $10.00
Neon Genesis Evangelion 0:1 $10.00
Tupak Shakur: Before I Wake $10.00
Queen of the Damned $10.00
The Opportunists $10.00
Strange Days $10.00
Fritz the Cat $10.00
The Replacement Killers $10.00
Xetex Geiger Counter $20.00
Symbol Wireless Barcode Scanner PDA $40.00
IBM Hub 3299-2 NPFA Type II $5.00
Orckit DSL modem
Fluke 80T-IR Infrared Temperature Probe $40.00
2.4ghz antenna ceiling mount s2403bh $20.00
Rave MP3 Player $8.50
AT&T Cable modem $20.00
Ricochet USB Modem $5.00
Conar Model 202 Frequency Counter
Alinco DJ-S41 $31.00
Ezonics EZ Cam Digital Camera/Webcam USB $20.00
Aceco Frequency Counter $10.50
ICOM IC-Q7A $79.01
AOR AR8200MKII w/computer interface and more $113.50
Fujitsu 10GB Laptop HD $10.00


so place your bids!