I installed FreeBSD 6.1 on my corp laptop tonight. The following are notable:

• acpi_ibm doesn't appear to read much of anything useful. hotkey values work. Little else
• cpufreq works
• wacom stylus input magic works via X 'wacom' driver. Shows up as /dev/cuad1
• ath0 works
• bge0 works
• sata works
• Tablet buttons (rotate/tools/esc/enter/ctrlaltdel) are received by X (viewable by xev(1))

wacom was not properly calibrated initially. Guess-and-check method of screwing with calibration values made everything happy.

I'll post configs and other notes later. Naptime.

Being that we can't really control all of the hops between ourselves and every end point on the internet, can we really be sure our traffic is secure?

Food for thought: My home vpn is a very simple poptop setup. It does not use certificates. How do I verify that my vpn connection is untainted? How difficult would it be to intercept my vpn connection request with a rogue vpn?

Let's say I'm on Google's free wifi here in Mountain View, and someone's being naughty by putting up the following rogue services: dhcp, dns, and vpn. It is trivial to advertise a route on the network and redirect vpn connections to a rogue vpn service. This vpn service could use the intended vpn as an authentication service. In doing so, the "bad guy" can quite easily join the two vpn tunnels such that the victim has no idea he has been victimized.

Put simply, how hard would it be for me, personally, to do this? Tools that come to mind, are: FreeRadius, Poptop server, isc-dhcp server, BIND 9, pf. Tack on a trivial script to interrupt the normal network services such as DHCP and DNS, and you've got something that can easily be deployed on a laptop.

I'm sure there are technologies to prevent this kind of MITM attack on vpns, right? IPSec, perhaps? I don't know. More research is required.

How secure are you on your favorite wifi hotspot? How secure are the "secure" services we rely on?

BarCamp Stanford has come and gone. Like prior BarCamp events, it ends with new friends and new knowledge.

This BarCamp was like the others I have attended: different. There were fewer tracks and sessions. The time organization was more ad-hoc than structured. One session set was organized using a method called open space. This camp was special to me in that I met *way* more people this time.

Friday

Friday night's BBQ was a fantastic idea. I showed up around 5:45pm and met up with Chris Messina. Shortly after, Nima and others returned with food. More folks flowed in as the evening progressed. The selection of food was quite nice - grilled peppers and pineapples, sausages, salad, and portabellas. It always takes me a little while to warm up to social situations, being whatever I am that makes me shy. As such, I tried to be useful and aided in food preparation. After grabbing a sausage and some grilled peppers for snacking, I floated around aquainting myself with people I haven't met and catching up with folks I knew from previous BarCamp events. Dick Karpinski had lots of interesting things to talk about, as did others. I met some fine folks from Yahoo! and other local companies. Lots of user interface and public policy people were present, aswell, which made for a better BarCamp.

The BBQ closed around 10pm with Todd giving some remarks about the event and calling for those who were sleeping on campus to follow him. I went home for the night.

Saturday

At Tantek's suggestion, I gave a session loosely titled "Corporate firewall bypass for fun and profit." I covered using PuTTY to encrypt your more general traffic such as web and mail with both local port forwarding and dynamic (SOCKS5) forwarding. I went over how you can bypass even draconian firewalls with simple tunneling over ssh. I also covered why you especially want encrypted traffic on an open wireless network. I finished up with coverage of arp poisoning, nat traversal, and a few other things. Those in attendance seemed pleased with the content. Thanks to those who came!

The next session was on online identity, and how to fix it. I was aware of most of the problems discussed, but hadn't heard of any of the technologies geared towards solutions. Notes can be found on the BarCamp wiki, here. There was lots of good discussion, most of which I don't recall the details of. It was heavily attended.

Lunch time: Stanford's SSP sponsored pizza. Woot!

After lunch, I attended a microformat discussion lead by Tantek Celik. I learned quite a bit more about microformats. Notes from this session can be found here. I'm fairly convinced that microformats are a good thing. The best part about them is that many of the microformat standards are simply microformat implementations of existing standards, such as hCard (a microformat version of vCard).

The next session I attended was on the idea of community. Notes can be found here. I must confess I wasn't paying too much attention, as I was busy doing other things such as hacking on a few random ideas or updating the wiki notes. A short way through the presentation, someone came in and announced that the Busycle had arrived and was open for riders.

I ran downstairs to take a ride. This thing sat about 12 people plus the driver. Everyone had to pedal to get it moving. We also had to synchronize not pedalling when the driver needed to shift gears. It was really fun to ride.

The next session was directed using "open space" - something I hadn't had experience with before. There were very many sessions held at the same time. Everyone split into small groups in different parts of the camp area to have discussions. The discussion I attended was "Best/Worst AJAX UI" - which had very little to cover. It ran mostly with some of us showing demos of cool/crappy applications. One of the guys from Yahoo! showed off their maps and finance interfaces. We also showed Meebo and YouOS as interestingly unique class of applications - these applications don't suffer from the "broken back button" syndrome that many "Web 2.0" (I hate that buzzword) applications often suffer. This is likely due to the desktop-feel of those two applications.

The day closed with a few remarks about where/how the night should progress. We split up into groups and ventured from Stanford into downtown Palo Alto. I ended up at a Thai restaurant. After dinner, we collected at a bar called Blue Chalk. I had a beer, and later left with some folks to go back to the dorms for the night.

I stayed at the dorms until most folks went to sleep. I remembered I had brought no clothes or toothbrush, so I drove home around 1am.

Sunday

Sunday was super cool. There were a few morning presentations on mashup tools and tricks. Bjorn Hartman gave a presentation on mashup tools. It was cool to see someone mash flickr and hardware together. Kent Brewster gave a demo of SpiffY!Search.

After that, ideas were thrown up for mashpit groups. People broke into a few groups: identity "2.0", Coworking, Decentralized Coworking, flickr slideshow video mashup, technology and politics, and educative systems. I kept to myself and worked on a Selenium mashup of my own.

Notes on my selenium mashup can be found here.

The flickr slideshow movie generator was very cool. The demo allowed you to search flickr for text and generate a video clip of any number of photos, automatically. Certainly faster than manually finding pictures and gluing them together yourself in a video, eh?

The other groups had other interesting presentations, but weren't doing software so had nothing to demo. The coworking group came up with some cool stuff, as did the tech policy group.

At the end of the camp, Silona Bonewald mentioned that I should attend the League of Technical Voters' 48-hour hackathon in October. I've put it on my calendar. Current plan is to attend. </BarCampStanford>

Until next time, BarCampers!

This weekend was incredible. I'll post a review when I have time tomorrow. Huge thanks to Stanford and it's Symbolic Systems Program for sponsoring pizza and the venue. More thanks to Microsoft for sponsoring the BBQ.

BarCampEarth @ Stanford starts on Friday. I'm not sure what I'll present on just yet.

I'll brainstorm tonight and hopefully come up with something. If you're reading this and in the Bay Area, you should go! If you aren't in the bay area, check out all the other BarCamp Earth's happening.

http://www.barcamp.org/

I've got my usb mouse working with the new moused. Most of the code in the module is ripped from usbhidctl(1). Now that I *actually* know how things work, I found that the read() wasn't actually one with side effects. Good.

You'll need the new moused framework for this module.

Basic instructions:

1. Download my moused framework (newpsm project on this site)
2. Recompile your kernel without "device ums"
3. Build moused, build the usbmouse module.
4. Run moused: ./moused -m usbmouse -d /dev/uhid0

If it doesn't work, let me know.

moused-usbmouse.tar.gz

Future plans:

• Rewrite ugly bits
• Port ums(4) hacks for broken mice
• Test with more mice
• Write uhid joypad support

I started working on usb (usbhid) mouse support for my newpsm/newmoused project. So far so good, I can probe /dev/uhidX devices and figure out if it's a mouse or not. Thankfully, usb hid is very easy. Unfortunately, FreeBSD (NetBSD's) implementation is somewhat crazy with the voodoo.

To see what I mean, look at: src/usr.sbin/usbhidct/usbhid.c.

Look near line 230 (the only read() call in the file). Notice the read() call, but 'dbuf' is NEVER used meaningfully. More specifically, the read is mostly ignored and a loop is done over the 'hids' list. Looks like read()s on usbhid devices pushes data to special places in memory which can be found by using hid_start_parse(). A read() shouldn't be doing this. This is the job for an ioctl() or something. read(), to me, says "give me data so I can use it" - not "update some magic places in memory, thanks"

Eek.

This isn't particularly software-related, but I figured I'd note it anway.

I noticed yesterday that despite having a decent TV connected to a digital cable box, that the image was still ghosted, presumably due to noise. Moving cables around didn't fix the problem, but in the process I noticed composite video output on the cable box. I took a shot that using composite would produce better quality signal and plugged an RCA AV cable in. Viola! Ghosting went away, and the picture is much less blurry. I wouldn't have expected coax to be more susceptible to noise, but perhaps the circuitry modulating the coax signal was picking up noise that the composite video circuitry was not.

Problem solved.

DC14 has come and gone, and with it went several gallons of liqour.

This year's focus seemed to be generally on a debugging technique called fuzzing. Bruce Potter's talk this year was as entertaining as last year's talk, with the exception that he didn't scream out "Bow to my firewall!" - oh well. This year he talked about trusted computing; it was a good presentation. Dan Kaminsky's talk covered a lot of neat things, but I was put off by how full of himself he seems to be, whatever. I made an effort to attend a dns hackery talk, but the speaker was horrible at maintaining focus and presenting, so I left a few minutes into the talk.

Things I need to play with: squid reverse ssl proxy, scapy, some generic tcp proxy thing I don't remember the name of, and a host of other new-to-me technologies. Exploitation for fun and profit, good times!