Wow, so this month's talk isn't actually about Android this time. That means no more Lt. Cmdr Data jokes and I just don't know what to do about that. Well I could keep making Lt. Cmdr Data jokes, but it just wouldn't be appropriate since the next topic doesn't have anything to do with androids, or even Star Trek. But we'll continue on with our mission... boldly... where someone may or may not have gone before.
Oh, and while we are on the subject; The prime Trek universe is the only true Star Trek! That Abrams/Kelvin Timeline is crap. I know I've said it many times before, but I'm stating it again!
Admittedly, I'm saying it mostly just because I'm trying to work the word "prime" into the conversation so I can then bring up prime numbers, and from there some ham-fisted segue into the actual topic. There were probably other ways to bring up prime numbers in the context of Star Trek. Like in the season three episode of TNG titled "Allegiance". Captain Picard taps out prime numbers on a keypad, so his captures will know he is intelligent and comprehend mathematics. I think they did it in the film/book, Contact, as well, but then it wouldn't be a Star Trek reference. And if I'm honest with myself, that's not much better than the awkward transition of a topic that I've already made.
This is usually the time where people start to frustratingly demand what my point is. Well, from what I hear, prime numbers are important to things like encryption and the algorithms that love them. And that's where we start getting closer to the actual topic for the next STL2600 + DC314 meetup. Or at least I think it is. I'm hoping to find out for sure during the presentation. I think the answer is... math?
The point is that Perri has been gracious enough to offer a talk on cracking RSA challenges. I thought this sounded really... really... hard, but I've been assured it's as easy as playing Mastermind. The board game that is, not the terrible 1997 movie where a mustached Patrick Stewart plays the villain (Seriously... it happened: https://www.imdb.com/title/tt0119630/).
Though I'm still a little suspicious, because that assurance came along with a lot what I think might have been math in the explanation. I'm taking Perri's word for it though. Still might want to bring a pencil, pad of paper, and a supercomputer for this one. Perri's bringing some challenges we'll be able to try out for ourselves.
September is our annual local 2600 PGP Key-Signing Party! Food, People, and Cryptography! What could be more fun?
If you already have a PGP key-pair, bring the fingerprint with you and some ID so everyone can verify and sign your public key. The more people you can get to sign your key, the more trustworthy it is!
If you have an android device, you can make things easier by using the APG or OpenKeychain app:
Also checkout https://keybase.io/
That's the easiest way we've found to manage your keys. They support text input, QR code, or even NFC. There are some lesser iOS apps that will get the job done as well. And we'll have paper for those that want to keep it old school.
If you don't have a key, don't worry! We'll be more than happy to help set you one up.
Remember, it's also a party! Feel free to bring food and drink to share.
Seems like we do this every year or something...
The following is a transcript of a recording Bob made. He claims it was "just in case they needed evidence". It contains a conversation he observed me having a with one of my cats:
What? Seriously? We are doing Android stuff again?
How many Lt. Cmdr Data jokes do you think I actually have?
It doesn't matter that I stole most of them from the internet! That doesn't mean there's an infinite supply of Data jokes!
Can we go a different direction maybe, like make a joke about Big Data?
No, I don't mean Tasha Yar's nickname for his anatomical correctness. I mean the other kind of big data.
I guess you are right, that doesn't really tie into Android subject matter. What about a Westworld joke?
Good point, nothing could be funnier than that Westword Rick Roll they did earlier this year. (https://youtu.be/W7oeROkyPgs) So we are just going to fall back on the usual?
It's settled then, we post another picture of Data with a bit of incoherent rambling and a summary of the topic.
So at the next STL2600 + DC314 meetup, the Android OS will take center stage again. Bob is is finally going to take the plunge and fulfill one of his oldest fantasies right in front of is all. You guessed it! He's put together a walkthrough for configuring your basic Android mobile device to give you the best possible combination of security and privacy the platform can offer. And with DEFCON happening the following week, this is the perfect preparatory protect for anyone planning to attend that most hostile environment for networkable devices.
On a side note, this is still the actual transcript. Bob looks like he's kind of freaking out right now while I scream all of this at him. He's just dropped the recorder and is running away. Bob! Where are you going?
Bob! I thought we were going to get a beer next, and then go shopping for friendship bracelets!
Bob!... BOB!... Dammit... He was my ride home.
Oh well. See everyone Friday at the next STL2600 + DC314 mee- *click*
The recording reached the end of the tape.
How about that? The Data jokes keep coming.
At the next STL2600 + DC314 meetup, an we have an old friend in town. Nik has been off studying in the far far... far east. So far east in fact, she ended up on the west coast. She's learned the ancient secrets of data recovery. Yup, she's going to whip out her snake and use it to time travel back to 1800's. While there she'll play a bit of poker and hang out with Mark Twain. Then to top things off, send a secret message back to the future by rubbing iron filings in her eye!
Of course by "whip out her snake" I mean cover some basic DIY recovery techniques. Which means "time travelling back to the 1800's" is a metaphor for touching on the history and myths of data recovery. Obviously by "playing poker" and "hanging out with Mark Twain" I mean she'll discuss why some methods work better on certain brands of hard disks. All right, maybe confidential messages transmitted by ocular dispersion of ferrous crumbs is a bit of an obscure reference to a live demonstration. But seriously, do I have to explain everything?
But if you do want to follow along with the demo, go ahead an download Access Data's FTK Imager (http://marketing.accessdata.com/ftk-imager-3.4.3-download).
Oh, and one more fun fact: Since Data's head is still buried under San Francisco with all of his memories of the first six season, ST:TNG should still be canon. Even in the crappy rebooted Star Trek universe.
Woo! Forgot to get the description up in time to hit the "Announce" button, so I have a choice to make. Either cancel and re-add the meetup, or just update the post and hope for the best. I don't know which it'll be, but I'm sure you'll have figured out which by the time you read this... If you are reading this, that is.
We are coming to a close on our series on Android pen-testing. Don't worry, I'm sure I'll come up with other excuses to post's weird pictures of Data from Star Trek: The Next Generation. Oh, and there is also a presentation next Friday as well, if you are interested. I just assume everyone comes for the Data pics, but the truth is we've got a lot of educational shit going on too!
As I was saying, Anarchy is finishing up his trilogy of talks on ways to probe the orifices of the Android operating system by revealing to us the secrets of exported broadcast receivers. (I don't care if you grammar nazis say that's a run-on sentence or not. I'm sticking with it!) So let's destabilize this positronic matrix and use some fucking contractions at the next STL2600 + DC314 Meetup! Be there, or B4!
I was really expecting to be inspired to come up with a bunch of clever android jokes about Vision by seeing Avengers: Infinity War. That didn't work out as planned at all, and now I'm bereft with grief over *spoiler redacted* and *spoiler redacted*. So now I'm not sure what I'm going to do. Probably just revert to Data jokes again. They never fail, right?
How many Soong-type androids does it take to change a light bulb?... Okay, I don't know. I haven't come up with a punchline yet.
Though I did find this one I thought was pretty funny: How many Cardassians does it take to change a light bulb? Depends on how many lights you see!
That's enough of an attempt at shenanigans for now. Let's just cut to the chase, shall we? At the upcoming STL2600 + DC314, Anarchy will be continuing his series on Android app pen-testing. Part two will focus on exploiting exported content providers and insecure file storage. Meanwhile, enjoy the attached photo of Data dressed in drag.
You know, if you start googling about androids in pop culture looking for inspiration to write a 2600 description, you risk falling down a very deep rabbit hole.
For example, I just spent the past hour and a half trying to figure out what movie this guy saw as a kid. I don't even know him! Just some random question posted to Sci-Fi Stack Exchange over a year ago because he couldn't remember what the movie was. He just said that had some androids fighting on a space ship and I thought it sounded kind of cool. And no, I didn't find it.
But I don't have the time now to write a clever Blade Runner parody like I was originally planning too. C'est la vie, I guess. Unless you're a stinking skinjob, that is.
So if you've guessed that all this little rant about androids, is because the topic for the upcoming STL2600 + DC314 meetup has something to do with the Android OS, well good for you. But let's be honest, it wasn't really that big of a leap, now was it?
So yes, at the next STL2600 + DC314 meeting, we are going to learn how to do some Android app pen-testing. Anarchy is back and will be our designated Blade Runner through this upcoming 3 part series. The first of the three is going to be setting things up for your pen-test, as well as getting into intent spoofing. So come find out what happens when over 80% of the smartphone market comes under fire.
Right now I Need you all to realize how special you all are to me. Because right now I'm lit like InitEch after Milton quit at the end of Office Space. I was at a beer festiVal, so I've been drinking non-stop sincE 6:00. Oh, don't give me that look! It's not like I do this daily... well not always "daily". I mean when you sleep a full 36 hours afteRwards, that's at least one day in there between drinks, right? This isn't about me anyway! I'm tryinG to bare my sOle here. They're gel iNserts... No? Okay, fiNe. I'm trying to bAre my soul here.
Like I said, I've had a bit to drink. Why else would I be resorting to footwear humor? My point, as flimsy as it miGht be, is that as sure as I'll have a headache tomorrow mornIng all I want to do right now is sleep while leVitating a good 4-5 inches above my matrEss. That's how we normal human non-interdimensional-aliens do it, right? But I can't because I'm committed... and committed to all of you to making sure this meetup post get's updated at some point before the actual meetup takes place. Because that's hOw we normal human non-interdimensional-aliens experience *snickers* "time". Amiright?! But that's how important you are all to me. I'm sacrificing my human-sleep, so I can make sure you all are aware of what is going on at the next STL2600 + DC314 Meetup. You are welcome!
And because of our linear timeline, none of you have anY idea what this months topic is yet. Because I've been rambling on pretty nonsensically for a couple of passages now. It's like I've just been spewing a bunch of nOnesense to cover up the fact there is something else going on entirely. Like if I were a cyberspace version of Elon MUsk, and I decided to build a tunnel under all the other traffic on the Internets so I can send my packets along unobstructed.
Well surprise! That's exactly what we are going to talk about. Now I know most of our regulars already know how VPN's work. But it was expressed to me that there's a lot of people out there who are interested in VPN, and the benefits of anonymity, but don't quite no where to start. So Bob and I have decided to help them out. We are going to put together a VPN rUndown. We are going to take a look at the various VPN providers out there and compare them. Then touch on how to setup a VPN for your home network, for those of your out there who want something a little bit more soPhisticated. It may not sound like much, but in my current inebriated state, it sure seems like there is a lot to talk about on the subject.
I'm out of bad jokes, so see you all next Friday.
So sometimes a shiny new toy comes out that is just drool-tastic. And on paper it sounds pretty freaking awesome, provided it works like my Saturday morning cartoons say it does. But shockingly, we live in a world were the coolest gadgets don't live up to the hype. Honestly, I'm still super bummed that my original Lazer Tag set didn't give me Jedi-like powers and let me travel through time like on the cartoon. (Curse you Jamie Jaren and those filthy Skugs!)
Sure, some parents loved their kids more than others, so not only did you have a Super Nintendo, Sega Genesis, and a TurboGrafx 16, but you also had the Neo Geo so everyone wanted to kick in you inbetween player 1 and player 2. Those kids might not know what I'm talking about.
But the rest of us know about having to make that gamble. Which system is going to win out? Which is going to generate the least amount of ridicule among your peers? Well it's another one of those times.
Fortuntely, Thom is a brave enough man to take that gamble for us. I'm talking about Librem laptops from Purism. Open hardware designed for privacy in mind, just as the average STL2600 + DC314 cares about.
Purism is long on promises of no backdoors, no bloatware, no Superfish. And even if it's as they promised, there still the question if the hardware adds up to a laptop you can be productive with. Or does it belong at the bottom of a pile of broken V-tech toys at a Goodwill? The answer to these questions start with forking over at least $1200.
Thom was willing to take the bet. He got himself one of these bad boys and has been taking it for a spin. So next Friday, in what could be his farewell presentation before moving to the west coast, he's agreed to give us the lowdown on his Purism laptop.
• What we'll do
Woo-wee! January's a commin' and it's colder than a snowman's carrot stick out there. But we're certainly not about to let that stop us from having our regularly monthly hootenanny. Bob's lassoed us up a herd of messaging apps that are secured so tightly, that some other wild west cliche would apply! So get ready for a Secure Messaging Rodeo Round-Up!
In the meantime, this "cowboy" joke isn't quite working out the way I had hoped so I'm just going to drop it. But since I've gotta get some kind of description posted, and I'm too tired to start over, we are going to push forward. At the next STL2600 + DC314, we'll be fondling a grab-bag of secure messaging clients that will make it difficult, or at the very least somewhat annoying for anyone who might be a bit too nosy. Whether it's a larger older sibling, or some other 2600 regulars whom I know for a fact possess some of the tools necessary to get up into your business if they wanted. (Yeah, you know I'm looking at you!)
Any-insert-interrogative-word, the point is with these apps, your secrets will stay secret. Your privates will remain private. And your requested and mutually agreed upon exclusive genital image exchanges will remain exclusive... Well at least while in transit. Once it's received, you can't control what the recipient is going to do with it. But that's a different problem to solve.
Remember the words of Benjamin Hackerstein: "Three people can keep a secret, if two of them are dead. Provided you've salted and burned the bones so you can't resurrect their spirits like in that show Supernatural."
BH was certainly one of our most eccentric founding fathers. See you Friday.
( The picture's a Dick pic. Get it?! )
• What to bring
• Important to know