Like last year, I recorded a short podcast for my birthday. I’ve been sick lately so there’s a lot of weird breathyness from me trying not to cough.
29
March 9th, 2010retweet.py 10 billion bug
March 8th, 2010
This weekend @SanMo (original post) started freaking out and reposting the same tweets over and over again. Code superstar Chris Finke wasn’t available to help me track down the issue so I reanimated Chris Nelson for assistance. My initial thought was that Twitter had changed the way it served mentions. retweet.py stores the status_id of each status it retweets in a sqlite database so it doesn’t repeat itself. Browsing the database, I noticed that the two tweets it was repeating were the first with ids above 10 billion (a recent milestone). Chris pointed out that running sqlite> SELECT MAX(status_id) FROM retweets; Returned the id ’9663742534′ and not the true maximum. The table that retweet.py creates has two text columns, one for status_id and one for the timestamp. Changing the status_id column to integer causes MAX() to work properly (I’m not sure what the technical reason behind this failure is). To get retweet.py running again, I did the following (via Chris) from the command line:
# sqlite3 sanmo.sqlite
sqlite> CREATE TABLE retweets2 (status_id INTEGER PRIMARY KEY, timestamp TEXT);
sqlite> INSERT INTO retweets2 SELECT * FROM retweets;
sqlite> DROP TABLE retweets;
sqlite> ALTER TABLE retweets2 RENAME TO retweets;
sqlite> .quit
That will shift all the old data into a new table. The initial database creation routine needs to be fixed in retweet.py and will probably be in version 1.3. The fix above works for me but your mileage may vary.
StarCraft II Beta Patch 1
February 26th, 2010
Last week Blizzard launched one of the most anticipated beta tests ever. StarCraft 2 has been in various playable forms since its announcement in 2007, but this is the first time players have had access to the game outside of special events. The original StarCraft was released in 1998 and has spent the last 12 years as one of the most popular multiplayer online games. The game is played professionally in South Korea where games are broadcast on three different channels dedicated to professional gaming.
SSH over HTTP proxy
February 11th, 2010This is a fun little trick I learned while traveling this weekend. When I’m not on my home network, I often use ssh -D to dynamically forward all of my traffic via SOCKS proxy to a remote server. This weekend though, I found myself trapped in a network with only an HTTP proxy to access the internet, so I couldn’t even check my email via HTTPS. The solution was to use connect.c to relay SSH through the HTTP proxy. I temporarily added two lines to my SSH config that proxied all host connections through the HTTP proxy.
Host *
ProxyCommand connect -H xxx.xx.xxx.x:80 %h %p
Then I set up my SSH SOCKS proxy as usual.
ssh -ND 8822 eliot@example.org
I used connect.c, but a friend had success with corkscrew.
Managing Buzz
February 10th, 2010
Google rolled out Buzz recently and it’s started messing with my inbox (my Google profile). The first issue is that by default it puts an item in your Inbox every time someone comments on something you’ve posted or on something you’ve commented on. This item looks like a new email and I get an alert on my phone for new email. My group of friends is already used to commenting on Shared Items in Google Reader so I’ve been getting these emails all the time. I created the filter above in Gmail to take all of these items, which start with Buzz:, and tuck them away in the label ‘bz’ (‘Buzz’, like ‘Inbox’, is a reserved system label).
If you absolutely hate unread counts, you can go a little further. You have the option of hiding the Buzz label in Gmail’s Label settings. This will tuck it away next to Spam in the more labels drop down. That way you can check it at your leisure instead of being compelled by the unread count.
UPDATE:
If you just want to turn Buzz off, you can find it at the bottom of Gmail.
Eliot Phillips, the flyer
February 9th, 2010
A few weeks ago I told my friend Chris Nelson that I was going to print up new business cards for ShmooCon. He argued that club flyers would get way more attention and nextdayflyers.com makes it stupid easy. I mocked up the front, which you can see on the left and asked, “Like this?”. He said he’d pay for half if I bothered to go through with it; that’s all I needed to hear.
I had spotted the image on the left on some random Tumblr. I used TinEye to dig up the larger (laser-free) original. It’s apparently from a Rossin calendar created in the 80′s. Our graphic designer friend @skrike redrew the lasers for me—they look great in black light. The image on the back of the card comes from We Have Lasers!
I enjoyed making the flyers and everyone had a good laugh (picture of one in the wild). This isn’t something I’d hand out most places, but ShmooCon has a fun lighthearted atmosphere.
ShmooBall turret
February 7th, 2010
I’m back in Los Angeles but I thought I’d leave you with one last image from ShmooCon. Larry Pesce from PaulDotCom has been been bringing new ShmooBall guns to the conference for the past few years. ShmooBalls are foam balls given to the conference attendees so they can throw them at speakers they disagree with.
This year Larry brought a turret mounted to a Power Wheels. You can see the 2008 and 2009 versions on Hack a Day.
Bluetooth keyboard attacks
February 6th, 2010
Michael Ossmann gave a really interesting talk on bluetooth keyboard security at ShmooCon. He specifically covered the bluetooth HID profile from 2003 and the bluetooth 1.2 spec from the same time, which all current keyboards on the market implement. He covered many attacks on the system that take advantage of bluetooth not authenticating its devices.
Pico’s FPGA based DES cracking cluster
February 6th, 2010
As was bound to happen, I put the finishing touches on my GPU post and immediately ran into David Hulton (h1kari) at Pico Computing‘s ShmooCon booth. As the organizer of ToorCon, he was the person that originally introduced me to the power of the FPGA.
Airpwn TCP hijack, we’re serious this time
February 5th, 2010
For having to fill a last minute ShmooCon opening, dragorn delivered a very provoking talk. You may know him for his indispensable wifi tool, Kismet. He blew through 100 slides in 20 minutes and I’m sure I’ll miss the finer points but it really turned out to be something potentially incredible (and destructive). He laid the ground work by discussing how open public wifi hotspots are so heavily used. Many of us understand the risk but he set out to show even more unexplored territory.
