telecomix

...now browsing by tag

 
almedalen Arwen blackthrow censur conference debatt dld flattr fra Föreläsning ggm10 göteborg hacknight i2p information informationspolitik integritet Internet internval kampanj Kandidering kultur kunskapssamhället maloki pirater Piratpartiet piratskutan plugin Riksdagen riksdagskandidat sammarbete segling svartkast telecomix turné twitter ung pirat upphovsrätt utfrågning val2010 valturné votering värmland wordpress öppenhet
 

Summary of Hacknight #2

Thursday, June 24th, 2010

Hacknight
We drove down to Hacknight #2 at Forskningsavdelningen a Hackerspace in Malmö. I was thrilled to be in the car with “my boys” from GHS and Telecomix here in Gothenburg. There’s always a special feeling taking the car somewhere together, there’s bonding and talking about the most wicked things. We actually got some good ideas out of it. But this ain’t the time nor the place to tell about it.

Utkanten

Hacknight #2 started with a talk about Crypto Activism by chrisk, which was a presentation about Telecomix Crypto Munitions Bureau. Since it’s part of the Telecomix network, and I’m part of that there wasn’t really much there that I didn’t know, but it was a good presentation. Chris is really good at this stuff. I like the whole cypherspace and cyberspace difference.

brokep - Peter Sunde about the Pirate Baybrokep (aka Peter Sunde) talking about the Pirate Bay. There were some new things in there that I hadn’t heard before. The biggest joy of it though was to see him present it.
The whole story about the Pirate Bay is quite amazing, and I really love the responsibility that they have taken since they realized what a big influence they have on the online community.
I managed to walk up later and introduce myself as well. I have this small Flattr spreading idea. We’ll see how it works out.

Samira Ariadad about Netbased CommonsSamira Ariadad – Netbased Commons, Shared areas, both in real life and in cyberspace. There are some restrictions online, but most often not more than a registration that does not cost anything. In real life there are not as many common areas to reside. Hopefully we’ll be able to open this up more. She opened some interesting thoughts in my head. and I thank her for that.

I missed the presentation of Mandos but caught the guys discussing it later in the night, and it seems really interesting. Will be interesting to see how things develop with it.

Raccoon – Blackthrow, earlier the same week Agent x had made a presentation about the Blackthrow at the Telecomix Conference. Raccoon was supposed to be the original presenter, so I was glad to see him present it here instead. I like the whole idea about the blackthrow, and there area some great ideas coming out of it as we speak. We’ll see how many hears it will take for the blackthrows, blackworms and blacksplashes to conquer the world!

After the presentations there were lots of hours left. The beers started flowing, I must admit I had already started, and the night wore on. I got to talk to a lot of interesting people. Working through some of the ideas I had in my head and so forth.

Micke Jämtsved went with us on the trip down. He’s actually from Stockholm, but had stayed in Gothenburg since the Telecomix Conference there.
Also agent Nipe, who is one of the Pirate Party’s prime candidates (personal opinion), was there. He had brought the RepRap, but was soon on his way to spend two days at Dreamhack.
Forskningsavdelningen them selves seem pretty happy about the turnout of the event.

NRLI, Northern Lights, a vodcast crew attended the event as well. They had a little corner where they interviewed a lot of people. Will be interesting to see the footage later.
Some pictures were taken by different people

On the drive home we talked a lot about what how amazing we all thought the night had been. We also buzzed a lot about how both Telecomix and Gothenburg Hackerspace can carry on their work to save the world. Some of it involved more road trips, conferences and blackthrows!

Posted in Föreläsning, Internet, Konferens | 3 Responses »
Tags: , , , , , , , ,

raccoon – Blackthrow

Saturday, June 19th, 2010

Svartkast - I'm installing it for u nau

Blackthrow – Svartkast
I wrote about an earlier persentation during the Telecomix Conference

It’s about being able to setup a computer in a hidden place to collect information and send it to somewhere.
THe name is derived from Black box, and you throw it away, thus Blackthrow.

Kamakazie box. You might not be able to physicly reach it.

Blackfax, black cylinder paper loop.

It can be used for “bad” stuff. But it can also be used for good stuff in places where free speech is prohibited, since the governments are survailed all the time. This is a usage area.

You should put these boxes in strategic places all over the city. Through which you can build up a mesh network and use it for whatever you want.

There are alot of different ways to connect them and use them.

You can use any machine that can use linux, to build a Blackthrow. Single board devices is a good choice.

Make sure the machine can not be traced back to you. If you would use it for whatever reason the government might not like, it is in your best interest to protect yourself.
Clean it up from fingerprints or whatever you can. Labels, and marks. Use ram disks or memory disks.

Use TOR, use the reverse services, hidden services. So you can connect immedietly to that machine.

There are two examples of versions you can make of this. The “svartplask” which basically is black splash and the “svartmask” which means black worm.
The Splash you make waterproof and throw into the water. And the worm you burry in the ground.

Posted in Föreläsning, Internet, Konferens | 3 Responses »
Tags: , , , , , , ,

chrisk – Crypto Activism

Saturday, June 19th, 2010

Telecomix Crypto Munitions Bureau.

Chris starts with explaining how the Telecomix Crypto Munitions Bureau. It promotes the public knowledge of computer cryptography and software that can hide you on the internet.

Cyphernetics is the study of how to controll regulatory systems of any kind; technological, social, biological and mathematical systems. Cyphernetics, on the other hand, is similar to the study of sybernetics, but does not rely on that the entire system is known or controlled from one single point. Rather, cyphernetics is the study of how to do things in states of chaos and uncertianty.

Cybernetics was developed in the aftermath of the second world war.
In biology cybernetics is how to control an ecosystem.

Cybernetics Alpha, is hierarchical structur. With a leader/central nod, Government for example. Like the Soviet.

Cybernetics Beta, decentralized cybernetics system. Not a single top. Have a parliament, with constitutional rights. Dispursed power into the lower parts of the system.

In history these two systems, Alpha and Beta, they produced the Internet.
During the cold war both US and Russia was working nuclear weapons. In the US they wanted to construct a system where computers could survive a nuclear attack. The Alpha and Beta system would fail under it. They had to build a system that would not.
A distributed network can surive, since it will find more than one way.

Technological development isn’t really rational.

Cypher, means code. Code produces an uncertainty relations. The lolcat can be encrypted. We can produce an uncertainty relations with the cat. We hide the cat in a box, in the tunnels.

We need more people to work with us. Join us!

Usefull links
crypto.telecomix.org
cryptoanarchy.org
werebuild.eu
interfax.werebuild.eu
christopherkullenberg.i2p (the presentation)

Posted in Föreläsning, Internet, Konferens | 1 Response »
Tags: , , , , ,

Telecomix Conference ended

Thursday, June 17th, 2010

It has been two amazing days. Even though I was late both days. I’ve enjoyed the lectures, the people and what I’ve learnt. This is definitely something I can see myself doing again, and I actually am when going to Hacknight #2 in Malmö.

Collection of lectures I attended:
Agent Felix Atari on Internt and AFK tunnels, I really liked the connection and similarities between tunnels on the internet and AFK/IRL/Meatspace. It was a really interesting lecture, and I felt that it expanded my mind a bit more.

Agent kugg on the security of pptp
Agent kugg and this subject really surprised me. I havt realized that when coming accross different protocolls you will need more than one proxy to become anonymous, but never really implemented it properly. I learnt alot and feel ready to go online in a more sneaky way.

Agent x on blackthrow, I missed most of this lecture, and Agent x wasn’t the original presenter which might have made the lecture a bit more confusing. I like the idea and thought behind the blackthrow, and I think that it can continue to become an interesting thing to work with. Especially in the educational way that chrisk described.

Agent jwalck on i2p, I missed some of this, since I was late today as well. I got a look into the interface of working with i2p which really made me less scared to go on and trying it myself. As I have been before. I’m pretty convinced that I will be putting up a i2p exitnod at my house very soon.

Agent endrazine on Zero Crypto, this lecture I was convinced would go right over my head with a woooosh sound. But it didn’t. I’m aware that my notes are messy, but he went at a quick rate which caused me to not have time to write down everything like I was supposed to. I might make it look better in a day or two when I’ve looked through the slideshow that was provided by him, through my blog.

Overall I’m really satisfied with this 0 cost 2 day conferense, and there is talk among the Telecomixers to put together a guide for how you can build one yourself.

Good luck and take care out there all hackerfriends!

Posted in Internet, Konferens | 1 Response »
Tags: , , , , , , ,

Agent endrazine – Zero Crypto

Thursday, June 17th, 2010

Start: 14:37
What: Agent endrazine
Full disk encryption : distributed (via cloud computing) brute forcing preboot authentication passwords using x86 real mode bootloader instrumentation. This talk attempts to provide orders of magnitude regarding what is and what is not computingly breakable (and at what price !) regarding HD encryption. Featuring a heavy load of harcore 16b real mode assembly and live demos of the brute forcing of Lilo,Grub (MD5 mode) and Truecrypt. I will also cover the Bitlocker/Truecrypt plain text password leakage I previously disclosed at Defcon, briefly.
Watch it: on Bambuser

The only way to keep data secret is to encrypt it. The best way to keep it is full way full disk encryption.

Introduction

Goals of the talk is to demonstrant that there is to brute force a preboot authentication password. The ones in bios, or in bootloaders.
Give an estimation of how much it would cost in cracking on full encryption software using a generic instrumention methodology.

Cryptographic softare is mostly legalized in both North and south america and europe.
Wikipedia: In China, a license is still required to use cryptography. Many countries have tight restrictions on the use of cryptography. Among the more restrictive are laws in Belarus, Kazakhstan, Mongolia, Pakistan, Russia, Singapore, Tunisia, and Vietnam.

Cryptography from a government point of view is a superinteresting target. DES was designed to be resistant to differential cryptanalysis, a power ful and general cryptanalytic technique knwon to NSA and IBM, became publicly known when it was rediscovered in the late 1980s.
Cryptographic softwhere can be backdoored, this is a reality.

Non Tech people will say: “if it fails just go for brutefroce.
But how do you do it? There are no public tools. If you want to bruteforce it you will have to write your own operating system to brute forice it.

Keyboards internals

Endrazine gives us a Boot sequence overview, in order to further explain the full disk encryption.
CPU – > Bios EEprom – > IVT, RAM, Bootloader, Kernel.

Bios internals for keyboard management

Interaction with the keyboard, we need to understand the whole chain from the computer to the keyboard.
In your keyboard there’s a Pic, in the motherboard as well. Unified key scan codes. The data from the keyboard is stored in the bios keyboard buffer.
The password will be saved in physical memory forever.

Brute forcer design

The challanges are instalation and initial control flow modification (bios firmware, other media, mbr replacling/patching)
maintaining control (bp, ivt hijack, reroutning)
Get the source code.

Experimental Results

It is doable
The cost of hashing algorithms (md5..) is negligible in the cracking process
hashing algorithms: we tried 700 passwords in 30s. truecrypt: 10s/password (wohw!)
Time taken: Irrelevant (cloud computing)
With enough computer power you can break any given password within 1 hour.
Check the slides for more results.

Conclusion & bonus!

Bruteforcing is physically doable for both hashing algorithms and complex symetric systems
Bruteforcing remains unpratical against truecrypt so far (6 passwords / minutes, recommended pass phrases of length 20)

Not using TPM like technologies allows attackers to take advantages of distrubuted comput ing making the brute time irrelevant.

Presentation slide

Posted in Föreläsning, Internet, Konferens | 2 Responses »
Tags: , , , , ,

Agent jwalck on I2P

Thursday, June 17th, 2010

Start: 13:37
What: Setting up websites and running advanced services in the i2p-darknet. Agent Jaywalk will present how you may publish websites, blogs and other services without risking corporate or government repression.
Watch it: on bambuser

Sources and destination. It’s what you have in routing i2p.
If you work a server it’s as easy as running a server on vanilla internet. Except that it’s hidden
If its down its down if its up its up.
eepsites. experimental deepsites. Noone will know who uses the stuff on the sites.

Agent jwalck goes through how it looks when a i2p is set up.
On the default site you get all the information how to host the i2p and, how to regetser a domain and so forth.

The server setup is similar to the setup for the client.
Always backup the destination key. the information will be lost if you lose it. The domain-name will die.

I2p has started to increase lately and is up and coming again. Continued developments will be interesting.

Posted in Föreläsning, Internet, Konferens | 2 Responses »
Tags: , , ,

Telecomix Conference Day 1 complete

Thursday, June 17th, 2010

Today has been a long day. It has been educational and fun with awesome company. I couldn’t have expected better company today.
If you are interested you can read I’ve documented about the conference thus far.
After the lectures and talks we went out for beers and food. We had a really enjoyable evening and I’m glad I joined. Me and the delightful ponny left the guys in Slottskogen quite early, but were both satisfied with the day.

Unfortunately I missed the picnic with the Geek Girls here in Gothenburg, but I will have to join them another time.

For anyone in Gothenburg tomorrow you are welcome to It-university when we continue the Telecomix Conference with workshops at 09.37.

If my arms feel up to it, I will be bringing one of my servers to pimp and setup as something. I’m not completely convinced what to make of it yet. Ideas and advice will be most welcome in the comments below. TOR, i2p? Something else?

Don’t miss out on the Telecomix Microblogging system which is a decentralization and Open verison of Twitter.

Posted in Riksdagen | 1 Response »
Tags: , ,

Agent X on Blackthrow, Svartkast

Wednesday, June 16th, 2010

Start: 16:37
What: Presentation of the svartkast technology
raccoon xor from the GHS munitions factory presents the svartkast technology and how to deploy cipherspace nodes in existing infrastructure. The svartkast can be used to create secure and completely decentralized (owner-free) channels of communication to be used in situations where freedom of speech is critical, and in situations where it is impossible to interact with the ordinary Internets without having a traceable origin. Example scenarios are during war-time, in regimes that throttle the Internet connectivity (Iran, China). Usage of svartkast, or similar technology, is however definitely not limited to these circumstances. Everyone has the right to communicate freely, without corporations and authorities surveilling our correspondence.

Damn smokes, missed most of the presentation.

The idea with the Blackthrow is to build a small computer that can be hidden inside government agencies or corporations. It connects to the TOR or I2P networks and publishes its SSH server as a hidden service in any of these networks.

It’s for an educational purpose. Building it will give you a learning experience about network and the technologies used.

It’s a proof of concept that it’s impossible to stop people to talk about whatever they want.

Posted in Föreläsning, Internet, Konferens | 3 Responses »
Tags: , , , , , ,

Agent kugg on the Security of PPTP

Wednesday, June 16th, 2010

Start: 15:37
What: Agent Kugg talks about the security of PPTP
Many larger VPN companies use PPTP for securing their customers. Kugg will talk about PPTP and show some de-anonymisation weaknesses for different setups. These techniques are actually used by government and private agencies to identify individuals using VPN.
Watch it: On bambuser

Don’t miss Hacknight!

Poptop and misconfigurations
The misconfigurations cause you to be not as anonymous as you think you are.

What is a VPN service?
It’s a virtual private network. It creates a local interface on your
What is a proxy?
It’s a relay of a request.

Errors:
You need a proxy for every thing. FTP, Gopher, SOCKS host.
It can be easy to fuck up here. It is often used as a deanonymisation

Flash don’t care, about your proxy. It will work with your real IP.
WSword, if you have a link in or to a document, it will reveal your IP.
Quicktime as well.
These does not respect your proxy settings.

Check www.decloak.net for information about how you’ve failed in your protection.
Proxy-Authenticate, for TOR-nods and such. Gmail, has Flash objects to figure out your real IP.

Velcme to the virtual private network! Everyone in the virtual network are on the same network. Which is a problem. You are exposing your entire harddrive, domain and mac adress.
nbtscan -m .t2000 -qv -s/
When scanning the network we find alot of information about the connected machines. Through this search, ones a day, you can find patterns, and start following the information you get.
It’s bad that they will get exposed. The people who are not exposed are the ones who are not showed in the list, but they are still pointed out.

On Bittorrent Anti Piratbyrån is found to have used Ipv6 to detect your real IP.

    PPTP Creates VPNetworks
    If Clients are not seperate they will expose each other
    IPv6 and pptp don’t match turn ipv6 off?
    Ms windows firewalls are stupid
    The known authentication mechanisms for pptp authentication are to weak. (EAP-TLS works if there are a public key exhange)
    Web browsers are dangers and hard to harden

Endusers needs help!
We need to detect flaws and expose them, and fix them. Make up new services.
Try and support OpenVPN
Teach SSH and share
Never leave a darknet

These are good systems, they just need to grow and be nurished and formed into something better.

Don’t miss Hacknight!

Posted in Föreläsning, Internet, Konferens | 6 Responses »
Tags: , , , , ,

Agent Felix Atari on Internet and AFK Tunnels

Wednesday, June 16th, 2010

Start: 14:37
What: Agent Felix Atari talks about the Internet and AFK tunnels
The act of tunneling has gone through a socio-political change in recent years. It is no longer associated with closed groups, sect-like behavious and hiding away from the mainstream. This talk will argue that developing tunneling technology is the very prerequisite for remaining open at the surface and feature an exposé from dark nets to sunny mexican pirate markets.
Watch it: On bambuser

Since I was late I missed some of the presentation, and I will write what I caught.

Agent Felix Atari made an interesting analogy about the layers of communications in a way of layers in the jungle. It’s not just a plain surface.

Tunnels can only be closed off at the entrances, but the tunnels are still there and the information within the tunnel is still safe.

A problem with tunnels is that the laws can’t stop what goes through them. The communication, may it be of product or just normal communication, will find a way anyway. It undermines this binary power of borders.
The border between Mexico and US is made as an example.

No matter if you have a border or not, there is a slow degredation. The borders will move. Even if they have to go into the ground.

Surveilance wont stop or fully control. It will only make it slower, but never stop the process completely since the information always can go through tunnels.

Ciphersspace is just as cyberspace, but a little slower.

Discussion:
There are tunnels who are ever ending, and with no entrances.
Examples of being cut off from earth, in tunnels making a living in there.

Have you studied the similarities between the i2p tunnels and physical tunnels? With enough force you can destroy physical tunnels, and you should be able to with i2p as well?
Tunnels are temporary, they are built, and moved and rebuilt and so on. You can fortify them, if they are used for a longer time. Within filesharing you move a tunnel to somewhere else when a vonerability is found.

The information that is submitted through tunnels are usually short messages, which makes tunnels work even though they are slow.
Cipherspare sites have different esteics since they are slower, and need to be able to go through easier. It’s going back to web 1.0.

Could the tunnels be exploited? At the mexican us border, where mexican put up sweatshops near the border in mexico. So people move closer to the border to get the jobs and pay. The transportation from mexico to the US gets deminished. IS there anything similar going on in i2p?
Tunnels attrackt all different kind of activity. Look at the mexican border, drugs, and so forth. Tunnels often operate in intense zones.
Yes tunnels can be exploited.
If you want to spread something, you could create a buzz in the tunnels that there’s a leak, and have it spread back to the surface.

Erupted in a discussion about urination and bushes. Remove places where people can pee, and then “stake out” the areas where you have to go to pee, and catch you in the act.

Leaks and infiltration is a way to get out information from hidden tunnels, It can be tunnels in the government communication or other hidden. There are tunnels everywhere.

Posted in Föreläsning, Internet, Konferens | 2 Responses »
Tags: , , , , , ,

Försenad till Telecomix Conference

Wednesday, June 16th, 2010

Jag var försenad hit, så det kan gå. Men nu är jag här och det kommer bli två mycket intressanta dagar med föreläsningar och aktiviteter/workshops.

Ser många härliga personer här redan nu. För att nämna några:
Isak Gerson, Jimmy ‘HerrKanin’ Callin, Christopher ‘chrisk’ Kullenberg, Rikard ‘razor’ Fröberg, Göran Widham, Mikael Jämtsved och Magnus ‘monki’ Eriksson, som just nu föreläser.

Uppdateringar kommer fortlöpa under dagen.

Posted in Föreläsning, Internet, Konferens | 1 Response »
Tags: , ,

Telecomix Conference

Sunday, June 13th, 2010

Telecomix Conference är en konferens från Telecomix och Werebuild.Eu. Den kommer hållas den 16-17 juni på IT-universitet, Forskningsgången 6, Göteborg. Den Officiella inbjudningen.

Som en del av Telecomix/Werebuild kommer jag finnas där båda dagarna. [edit: omformulerar en olycklig formulering] Jag är i hjärtat aktivist, jag är mångt och oftast alltid aktivist. Jag älskar gräsrotsrörelser och att kaosklustra, så som vi gör i Telecomix/Werebuild. Samtidigt är jag riksdagskandidat för Piratpartiet. Jag anser att det är viktigt att jag visar här på min kampanjblogg att jag även är aktivist.
Några andra aktivistinriktade riksdagskandidater från Piratpartiet jag vet kommer vara där är Kalle Vedin och Gustav Nipe.
Flertalet andra aktivister/agenter och random folk kommer vara där. Ska bli spännande att se blandningen av människor!

Jag hoppas vi ses där!

Information in English and Official letter of invitation

Posted in Internet, Val 2010 | 2 Responses »
Tags: , , , ,