Wed, 24 Feb 2010

Shmoocon 2010: Now With Photos AND VIDEO!

I put up Drew's and Jordan's photos up from Shmoocon 2010. They are up here.

posted at: 13:02 | tags: | path: /entries/generic | permanent link to this entry

Tue, 09 Feb 2010

Shmoocon 2010 Aftermath

Shmoocon happened this past weekend. I'd give a full review/write-up of it but I've been insanely pressed for time lately. If you were there and we got a chance to meet for the first time or if you are someone I've known from before and I got to see you again I'd like to say thank you for making it a great conference for me. I'll be posting Jordan's and Drew's pictures to flickr when I have them as I forgot my camera (again). Expect a link to them here when I have them online.

posted at: 09:21 | tags: | path: /entries/generic | permanent link to this entry

Fri, 27 Feb 2009

Is This Thing On?

ShmooCon was great this year. The Hack or Halo team pulled off another great year. My writings on the situation are over here. My friends over at White Wolf Security (who provided the hardware for HoH again and provided some of the most entertaining pieces of the game) did a write up also. The VM from the event is online and I'd be glad to answer any questions people have about things.

Now that things have moved on from Shmoocon I've been keeping quiet and just doing a few FreeBSD things here and there. I've got some bigger things I want to work on but just don't have much time or desire right now. I've been spending a fair amount of time bouldering which is actually quite draining on me, but I do enjoy it immensely. I hope to have some exciting news to share here soon, but I'm awaiting some emails first. Stay tuned as I hope to get back into posting things more often.

posted at: 16:32 | tags: , | path: /entries/generic | permanent link to this entry

Fri, 30 Jan 2009

Shmoocon 2009 + New(?) Job

I've been overly quiet the past month or so, and for good reason. I've been herding cats while doing a little bit of work myself to prepare for Shmoocon 2009. I'll be doing security and helping out with Hack or Halo again this year. If you're going to be at the conference stop me and say 'hi.'

In other news I've been unemployed this week, and will be unemployed next week. A while ago I wrote "In a few weeks I'll be starting a new job working on and with FreeBSD. It will be a lot of fun and a huge learning experience for me. I'm certainly looking forward to it, and to sharing all that I can here." While it was a huge learning experience for me it turned out to have nothing at all to do with FreeBSD. I was supposed to be working on using the ports infrastructure (something I know a fair amount about) to help develop a product for Cisco. It turns out that I was a Linux Kernel programmer (something I know very little about). The whole situation was a result of some of the worst timing possible and a heavy dose of silly political situations. At the end of the day I was doing a job I neither wanted nor interviewed for. I consider myself extremely lucky to have such good people at my old job (MITRE) who wanted to hire me back. The end result is that I will be back at a job I like with good people (as opposed to good people at a job I did not like) while still being able to live where I want to live. Considering the tough economic conditions I consider myself extremely lucky to have everything work out the way it did.

posted at: 09:50 | tags: , | path: /entries/geek | permanent link to this entry

Tue, 19 Feb 2008

Hack or Halo 2008 VM Released

We just today got around to releasing the HoH 2008 VM. I even did some fancy ASCII art graphics on the README, but they display poorly in anything other than vi :). Go get the torrent from the link provided and enjoy. Obviously, this is just the single VM we used to host almost all the puzzles. We were unable to give away the 2 Windows VMs due to the fact that I don't want to go to jail.

Any questions can be directed to Jordan or myself since we were the two responsible for wrangling all the puzzles this year (others implemented a lot of them, but we were ultimately in charge). If you have any comments or suggestions on HoH please send them to me and I'll forward them to our internal list, since we have no public facing list.

posted at: 21:44 | tags: , | path: /entries/geek | permanent link to this entry

Fri, 08 Feb 2008

Shmoocon 2008 - Pre Game!

Once again, I'm in charge of the Hack portion of Hack or Halo for Shmoocon. This is now my 3rd year working on HoH and my 2nd year being in charge of the Hack portion. It is also my 4th year doing security for the conference. I'm one of the small minority which has been doing security from the very first Shmoocon. Off the top of my head I can only think of 4 people that have been doing it from the start - and one of them is me. :)

HoH this year will be awesome. I've been slacking on it this week but I'm hoping to sit down and finish up the last few details tomorrow (I'm at zero motivation tonight). We have plans to give away the code, VMs, clues and answer sheets like we did last year. Over the past year I've had a lot of people come up to me and tell me they really enjoyed the new direction we took HoH in last year. We are going in the same direction again this year and now that people know what to expect I'm thinking they will have even more fun with it this year.

If you're going to be at Shmoocon ask any of the security or HoH folks for me and say "hi." I'd love to sit and chat with anyone who reads this. And, for the record I'm fairly certain that Jordan and I will be wearing our pajama pants again.

posted at: 20:34 | tags: , , | path: /entries/geek | permanent link to this entry

Tue, 27 Mar 2007

It Was Real And It was Fun, But Was It Real Fun?

Shmoocon was this past weekend. I worked both security and Hack or Halo (HoH) this year. Actually, last year I worked security and HoH also, but really only ported some C code over to Win32 for the event then worked mostly as a wrangler during the event.

This year was entirely different. I was responsible for making sure the Hack portion of the event worked. After quickly realizing I was in over my head I managed to rope Jordan into helping out. Together we managed to pull it off pretty well. We spent a couple of days before the conference sitting in my apartment hacking out the rest of the puzzles that we had no motivation to finish in the weeks prior to him flying out here. His ability to hack things together in short notice is quite astounding.

The only major problem was when we arrived at the conference on Friday and none of the VMs would start and Windows had completely hosed the permissions on the directory with all the VMs in it. Luckily I backed up all the VMs Wednesday night (Thursday early morning?) before going to bed and we simply copied them over and left the busted ones on the drive since we couldn't do anything to the broken directory. We would reset the permissions to something sane and Windows would instantly break them again. Technically I owe Jordan quite a few drinks for saving my butt on this one as I was more than willing to put all my eggs in one basket and not backup the VMs. It was at his insistence that I backed them up and it was the only thing that saved us. I was not looking forward to having to fix that broken directory. I still have no clue what caused it but I don't really care.

The only other problem was when I misread the clue sheet given to the players and announced a change to a puzzle which really wasn't necessary. It really didn't matter because the guy who won was a few puzzles ahead at the end. If anyone wants to complain I really don't care because I devoted many nights/weekends away from my fiancee to make this happen. It was a free event at the conference that everyone seemed to have fun with, so a mistake like that can be shrugged off in my opinion.

Honestly, I'm extremely pleased with the way everything turned out. Once we fired up the VMs we just let them run and never had to reset/reboot/tweak anything. Things just worked and I was quite happy with the event. Jordan and I even had time to sneak out the back entrance of the room and do an interview with the Hak5 guys.

Richard and I have been emailing back and forth in order to get the packet captures in my hands. Hopefully I will have them in a day or two and will then work on getting the VMs, packet captures and documentation online. I've also got some preliminary stats on the puzzles sitting on my desk. I'll be sure to write those up and do my best to get them online also. I'm still looking for someone to host (seed? My bittorrent-fu is weak) the torrent since it will be somewhat large[1]. If you happen to be any of the guys from Canada who played in the second round and gave me your email address regarding possibly hosting the torrent please contact me. I think I lost your email address.

I'm also slowly digging out from email, both at work and at home, and getting my other projects back on track. I'll likely be spending some time this week playing with netgraph in FreeBSD and updating/fixing my ports that broke in the month or so that most of my focus was elsewhere. First things first, I've taken down my fileserver (RST, dual 366MHZ with a bunch of disk) and slapped the disk in ACK (my main development box, which is a duplicate of syn (AMD64 Dual Core 2.something GHZ with a metric pound of RAM and disk)). I'll probably setup some kind of mirror or raid setup now that I have a lot of drives and space in there. And while I'm at it I'm also in dire need of a general update of everything on that box. The handshake timeouts on bge(4) devices are getting annoying and they were fixed in 1.178 of src/sys/dev/bge/if_bge.c and I'm still at 1.173. While I'm at it I'm going to upgrade all my ports which need it (including the gettext bump a week or so ago). Hopefully my development environment will be back online soon and I can make with the fun again.

[1]: I screwed up and made the disks for the VMs as pre-allocated. I also didn't care about the size so they are quite large (the FreeBSD VM which was all of the puzzles except 2) is 25GB. I'll see about trying to convert them to dynamic (if that's even the right term) disks before getting them online.

posted at: 09:15 | tags: , | path: /entries/generic | permanent link to this entry