Nov 162014
 

Are you worried that you’re not paranoid enough about your communications security and want to improve your OpSec? Edward Snowden says to trust in encryption, but you still need to worry about the systems that run it:

Encryption works. Properly implemented strong crypto systems are one of the few things that you can rely on. Unfortunately, endpoint security is so terrifically weak that NSA can frequently find ways around it.

One step towards going “Full-Snowden” is with hardware storage of your PGP secret keys! The Yubikey Neo and Neo-N USB tokens are a neat (and not too expensive) way to keep the secret part of your RSA2048 keys locked in a hardware device rather than stored as a file on your harddrive. The hardware tokens are compatible with the OpenPGP card protocol, which recent versions of gnupg support out-of-the-box. All of the public-key cryptography happens inside the tamper-proof device, so your secret key is never decrypted in the memory nor stored on disk of your machine.

Since setting up the key pairs and transferring the secret ones to the device can be tricky the first time, I wrote a brief guide to configuring Yubikeys as OpenPGP crypto-hardware tokens. They integrate nicely with Apple’s Mail.app (or mutt with gpg-agent), so there is one less excuse for not protecting your email.

Nov 162014
 

chairface_moon_sticker-p217483163803015319qjcl_400

Due to a fire the laser is down again this week. Laser night will be open for hacking, but alas no lazzzoring. You may have noticed we’ve been experiencing a lot of downtime lately. This is the current state of the laser:

The laser is old

Our laser has been in pretty consistent use for seven years. Many projects and even companies have been built on it. We’ve done our best to do regular maintenance and upgrades, but it’s nobody’s job and so it doesn’t always get done.

The laser is abused

Not all materials are created equal. We try to make sure people do burn tests to make sure we’re not doing damage to the laser, but it’s not perfect. Even wood and acrylic can be hard on it when doing long jobs with thick material. Everything that is lasered away ends up gunking up the lenses and mirrors.

The laser needs more air

The ventilation system that we have hooked up to the laser is also old and it’s underpowered at this point. We need new blower, hoses and filters. This will be a significant upgrade, and we may not have the finances to do this ourselves.

So that’s where we’re at. Stay tuned, we’re putting together a plan and we’re probably going to need help. Thanks for your patience and support!

Update: We’ve been working on the ventilation system this week, and work continues on figuring out the power problems. We hope to have the laser back in action in a week or so. Thanks for your patience!

Hack Holyoke

 Uncategorized  No Responses »
Nov 102014
 

Hardware checkout at Hack Holyoke
Last Friday was the Hack Holyoke 24-hour embedded systems hackathon, held at Mt Holyoke College. Of the 200 participants, well over half were women from the Seven Sisters schools and many were attending their first hackathon.

Hack Holyoke dance party
One of the distinguishing features of this hackathon was a 2am dance party! Every event should include one.

You can read @HackHolyoke twitter stream and read on for some photos of a few of the teams.

Continue reading »

Sep 112014
 

T400_Front_Image
The Pax Instruments T400 temperature datalogger is on Kickstarter right now! The T400 is a project of NYC Resistor’s own Charles Pax of Pax Instruments.

The Pax Instruments T400 datalogger is an open source four-channel thermocouple temperature datalogger based on the Arduino™ Leonardo platform. It is ready to use out of the box with the features you want most. Measurements can be logged to MicoSD card, printed to serial port, and graphed. The T400 is a great tool for anything from live thermal process monitoring in the lab to long-term environmental data collection in the field.

Professional design
8ca665d1_o
The Pax Instruments T400 datalogger is designed to be out of the box ready for professionals and hobbyists alike. If you need a temperature datalogger that works every time, this is the device for you.

Open source spirit
img_20140801_192520
The hardware and software design files are available to you at no cost to use, modify, or redistribute. This allows you and others to extend the devices capabilities or tailor it to your specific application.

Arduino™ Compatible
arduinocommunitylogo1
Arduino™-compatible hardware means while hacking on the platform you will be able leverage the work of others while sharing your own work with large community of hackers and makers. Sharing is caring.

MicroSD slot
img_20140801_192215
Readings can be saved to a microSD card in standard CSV format for processing in Microsoft Excel, LibreOffice, or your favorite data analysis tool.

USB serial port
img_20140801_191755
Readings can captured live via the USB serial port. This is perfect for live process monitoring in lab experiments or connecting to an internet-enabled device.

Mini-TC connectors
img_20140801_192815
Thermocouples connect via standard mini thermocouple connectors. The T400 is compatible with a wide variety of K-type thermocouple sensor types from stainless steel probes to rolling surface-contact sensors.

If you’re ready to support the Pax Instruments T400 datalogger, head over to the T400 Kickstarter campaign or for more information take a look at the T400 product page. If you’d like a look under the hood, check out the Pax Instrument sources on Github.

Sep 042014
 

Hopper Interactive Disassembly
Want to get started with reverse engineering on i386, x86-64 or ARM systems? The Hopper disassembler makes it easy! Or at least easier to understand what is going on in binaries, firmware dumps and other random executables that you might encounter.

This four hour class is taught by Trammell Hudson, the original author of the Magic Lantern firmware for Canon DSLR cameras, and will cover initial exploration of files, annotating functions, discovering common patterns and using the control-flow graph / pseudo-code generator to understand what the assembly is doing.

Experience with programming, but not necessarily assembly language, is necessary, as is a Mac or Linux laptop. Buy your tickets here!