It’s another year of BSidesROC, a local hacker con that we put together. Our sixth year actually. Not everyone really cares about how BSidesROC has changed over the years but it’s hard not to at least mention them for posterity and laugh at our failures. I think that BSidesROC has evolved with the times or at least updated their memes. Year one was all about the memes and just messing around and to be honest, we didn’t care if anyone even showed up.

This post on hackernews got my attention. It’s a IoT based visualization showing your activities and health metrics. It’s very flashy and interesting looking, like you’re going to see it in an episode of CSI Cyber. The term “actionable” I’ve usually applied to government types discussing the latest threat intel but we can also take it to apply with our visualizations. Actionable visualizations, should provides the viewer with brand new information that could not have been easily concluded before.

I don’t remember the exact conversation, but Jason Ross inspired me to buy DRWND.com, as in Drone + PWND = DRWND. I’ve owned it for a bit waiting for some specific data so that I could use it as an informational site about DRWN attacks. As IANA web developer, this has been interesting and terrible but simple enough to share. www.drwnd.com I won’t assume the site makes any sense right now so I can summarize it like this: It takes a data feed of all known locations of drone strikes and plots them Circle size reflects the number of people killed Circle color reflect the percentage of the deaths that were civilians and/or children in an RGB manner Red – civilians Green – expected targets or unknowns Blue – children <li style="text-align: left;"> For example the done strike in Pakistan that is purple reflects that people were mostly civilians and children </li> All this being said, the data comes from Dronestre.

PhantomJS is a headless browser that when you use Selenium, turns into a powerful, scriptable tool for scraping or automated web testing in even JavaScript heavy applications. We’ve known that browsers are being fingerprinted and used for identifying individual visits on a website for a long time. This technology is a common feature of your web analytics tools. They want to know as much as possible about their users so why not collect identifying information.

I’ve updated the Raspberry Bridge build to 1.5.1Beta to update a few things and address a couple issues. The main changes are: updated Tor to latest stable release updated obfsproxy updated OS including some security patches Download Torrent: http://rbb.antitree.com/torrents/RBBlatest.torrent More info: http://rbb.antitree.com/

The Meek Protocol has recently been getting a lot of attention since the Tor project made a few blog posts about it. Meek is a censorship evasion protocol that users a tactic called “domain fronting” to evade DPI-based censorship tactics. The idea is that using a CDN such as Google, Akamai, or Cloudflare, you can proxy connections (using the TLS SNI extension) so that if an adversary wanted to block or drop your connection, they would need to block connections to the CDN, like Google; mutually assured destruction.

Over at rbb.antitree.com, you’ll see the details of a new project of mine: To build a Raspberry Pi environment to make it easy for anyone to run a Tor Bridge node. The goal here has been to release an RBP image that is minimalist (in terms of storage consumption as well as resource consumption) and provides the necessary tools to run and maintain a Tor Bridge Node on a Raspberry Pi.

If you’re like me, you’re probably getting inundated with posts about how the latest revelations show that NSA specifically tracks Tor users and the privacy conscious. I wanted to provide some perspective of how XKeyscore fits into an overall surveillance system before jumping out of our collective pants. As I’ve written about before, the Intelligence Lifecycle (something that the NSA and other Five Eyes know all to well) consists more-or-less of these key phases: Identify, Collect, Process, Analyze, and Disseminate.

Chutney is a tool designed to let you build your own private Tor network instance in minutes. It does so by using configuration templates of directory authorities, bridges, relays, clients, and a variety of combinations in between. It comes with a few examples to get you started. Executing this command, for example ./chutney configure networks/basic will build a ten client network made up of three directory authorities, five relays, and two clients.

BSidesROC is over. I thought it might be interesting to give a behind-the-scenes look at some of the stuff that makes BSidesROC run. OPs We have “Ops”. A few years ago we decided to try to organize BSides like an IRC network where each channel has an Op and an Op controls what happens in that channel. So for us Ops are trusted volunteers, and the channels are facets of BSidesROC such as the website, Hacker Battleship, or T-shirts.

Rochester’s version of a Security B-Sides is coming up next week. There’s a rush to finalize everything and there might be a question about this new event I’ve referenced as “Privacy Workshop”, “OPSEC Training”, or just AntiTree talks for 3 hours. The Privacy Workshop Track is something that came out of an ad-hoc event that @CJP has been doing for the last couple of BSidesROC’s. He would walk in and say “I want to do a key signing party” and we’d go “Awesome!

Last year, I was bit by the idea of intel as a research project. I presented at BSidesDetroit on the topic of corporate espionage and the contrast between HUMINT and TECHINT. My Defcon Skytalk was titled “Bringin Intelligence Back To The Hacker Community” and I did a GRRConCon talk on the capabilities and structure of a normal private intelligence campaign. The research had a side-affect of replacing a generally apathetic outlook on the topic, with a more specific abhorrence toward the intelligence community as a whole — specifically private intelligence groups working under the auspices of the U.

For a few years now, I’ve been stating my plans for the rest of the year, and reviewing how the previous year went. Here’s the review: Last Year Major Con Presentation One of my goals was to be accepted into a “Major Con” for some definition of that word. This year I presented at Derbycon, GRRCon, Defcon Skytalks, BSides Detroit, and the Rochester Security Summit. I will say that my moon shot was to be accepted into 30C3 but I was aptly turned down.

Last night at Interlock Rochester, someone did a lightning talk on Liberte Linux — one of those anonymity Linux distros similar to TAILS and the like. Everything seemed pretty standard for an anonymity machine, all traffic was tunneled over Tor using iptables, only certain software was able to be installed, full disk encryption, memory wiping — But one thing stuck out, this service called “Cables.” Cables Communication: Cables (or Cable I really don’t know) is designed by a person that goes by the name, Maxim Kammerer.

Halloween time again. Last year I tried to do a simple little hardware project to make my emoticon pumpkins glow. That’s cute and all but not very difficult. This year, I decided to work on this idea I’ve had for more than a year and a half. **The Brain – a silicone based brain with controllable LEDs inside. **I have some ideas of what to do next with it, but this first iteration is just to be a fun decoration for Halloween.