Since Har2009, a hackerfestival/conference in the Netherlands, our little hackerspace in Utrecht, RandomData, has been quite close with the guys from Hack in the Box. I have to admit that I'd never heard of this security group from Malaysia back then. We were talking about the conferences that they were giving in different places around the world and about them willing to come to The Netherlands for their next conference. We were all excited.
In 2010 the fist HiTB conference was an actual happening. Lots of guys from the hackerspace community, 2600nl and other friends of Randomdata+Hack in the Box joined up as volunteers to make this an experience to remember. For hackerspaces, there was a special area of the conference to set-up and show off your projects which was visited by a dozen of people who had nothing to do with the con, but who were just interested. Of course, with every start of something, we ran into some minor problems but in the end, it was a successful conference. They would continue to host conferences in Amsterdam.
Months of preparation it took the guys from HiTB and the volunteers to get the conference of 2011 set up. This year a lot of guys from the Dutch hackerspace community volunteered to make this another unforgettable experience. Because the guys behind HiTB and HiTB.nl saw how enthusiastic the hackerspaces scene was, this year they turned it up a notch. There was an actual hackerspace challenge, sponsored by ITQ. No space knew what it was about or what to bring. After social engineering a bit, I found out that we were going to play with Lego! Too bad my skillz aren't that good, or I would've been able to found out more. Spaces from our neighbouring countries entered the challenge as well hailing from Belgium and France.
The challenge was awesome, to say the least. We were to play with Lego NXT(c) \o/. The challenge was to build a robot of some kind, using only the bits provided and the things that you brought with you to the conference. It was not allowed to go out and buy stuff, only allowed to hack the stuff you had with you to build "extras". The ITQ stand had something which resembled a battleground, at least - that's what we made of it. But after explanation of the challenge, the objective was that you would program your robot so that it would automatically drive to a light, which was placed on one of the four corners of the "battlefield". The first one to arrive would gain a point and this with a time limit of a few minutes. You could gain extra points by obstructing the opposing robot and having nice code or a cool looking robot.
Because RandomData and HiTB are so close, all our members kinda volunteered for the con so it was a small problem to actually get guys to show off our (amazing and oh-so-many) projects. Good thing [com]buster was able to get time off work and was glad to join myself with the showing-off, who is an excellent coder where as I am horrible at it.
The building of the our robot, it was lots of fun and good experience. It was cool to see what path our hackerspace friends took, some started with the basics, others thought that the language provided by Lego was inferior and started by making the NXT brick speak a different language. I saw another space who just started to build a dragon out of it. Our road was less spectacular. We just wanted to get the robot working with all the different sensors so it would be able to compete in the challenge, then worry about arming ourselves for the obstruction bonus points. The challenge had certain hours to build, only five on the first day and three on the second.
At the end of the second day every space had a working robot out and proudly set them ready to play in the challenge. At this point, we found that our robot was actually doing very well. We saw that some robots were using sensors for the black lines at the end of the field, so they would know where to stop. Fifteen minutes before the start of the challenge we thought up a little idea; To add black markers to the side of our robot which would write on the ground, where ever we went. The idea was good but the lines were too thin. The lines our robot made, the perfection... It could be sold as art! Another idea we had was to build a lightdome on top of our robot. Seeing the objective was too be the first at the light, we thought this might sidetrack some robots. After some soldering and failing, we saw that bitlair (highlight/url) was building a bulldozer-like robot which would pick up anything it would drive against. We added some extra lego-bar protection instead of a lightdome.
After thirty minutes of stealing the show at the conference, the challenge was done. After some quick calculations of the ITQ team, RandomData was pronounced the winner, huzzah! Bitlair and their bulldozer robot came second, I think it was whitespace(0x20) from Gent, Belgium who came third. RandomData takes home a 1000 euro cheque to spend on our space!
Overall, it was a very cool conference and we're all looking forward to next year's event!
Normally, I would never really rant on our beloved blog but seeing no-one from our space really wants to blog stuff, I'll try to keep it alive with my ranting about the "security questions" as back-up to a password. :) Yesterday I received my new mobile phone, a Sony Ericcson Xperia Neo. I was browsing the security options to look for screen lock and to set passwords...
Yesterday I received my new mobile phone, a Sony Ericcson
Xperia Neo. I was browsing the security options to look for screen lock and to
set passwords, this because I'm a suPeRseCuReHax0r-man of course! Cool, I can
set my own "pattern" to draw as password, I kinda like that. It's not
like numbers where a lot of people use default numbers like "1111",
"0000" or "1337" and of course easy to remember numbers
like dates for example. On the other hand, I think a pattern is a bit easier to
steal while shoulder surfing, but that's another issue.
After setting my own pattern I get a pop-up; "Security
question - You need to select a security question as a backup solution, in case
you forget the pattern." where I can only select "OK". Now I get
to choose between four options, the questions are set - I can't make my own. I
need to choose between:
What is your mother’s maiden name?
What is your place of birth?
What is your favourite place?
What is your favourite film?
The first two questions are pretty easy to find out if you
know the name of the owner of the phone, they are set and unchangeable. The
latter two are usually easy to find if the owner of phone uses social media
like Facebook for example, other than that – they seem pretty easy to social
This is 2011, this phone is brand new and they make security
“errors” like this. It annoys me. This is not the first time I’ve seen it, it’s
a well-known flaw in security at a lot of sites. Half of the time some kid’s Hotmail
gets hacked, it’s because he or she set a stupid security question which got
answered by someone who knows how Google works.
People who are into security or those who are more aware of
it know that entering something like this is silly. That’s not the problem. It
becomes a problem when kids, elderly people or just people who don’t have a
lot of experience with technology set these
answers, they don’t second-guess when technology comes up with a question, they
just add it and are happy about it. I expected people at a huge company like
Sony-Ericcson to foresee stupid flaws like this, especially because it’s been
known for years.
A solution? A temporary solution could be entering a random
answer. What is my mother’s maiden name? Well, it’s “tUm$Gjfk%p” of course! It’s
the only solution I can think of at the moment, seeing I have to enter
something.But, I’d like to see this "feature" to be gone or fixed in an upcoming patch.
This isn’t really a lash-out towards Sony-Ericsson, I just
get annoyed by these big companies with lots of money that still make stupid mistakes like this. We
have a Dutch saying which translates to “It was the drop that made the bucket
overflow” which suits the reason why I wrote this blog perfectly but now I have to use the English “the straw
that broke the camel's back". :)
Submitted by Anonymous (not verified) on Mon, 12/13/2010 - 13:01
13 Dec 2010 - PERSBERICHT: 10 december 2010(English translation in extended version)In reactie op de recente berichtgeving rondom de aanvallen op verschillende websites en de arrestatie van een tiener uit de regio Haaglanden organiseert het lokale hackerhonk 'Revelation Space' in Den Haag op 18 december 2010 een bijeenkomst over ethisch hacken. Dit met medewerking van o.a.
Submitted by Anonymous (not verified) on Sat, 12/11/2010 - 15:16
It's all about the future... in the near future CCC camp is coming up. Randomdata is going to join together with other hackerspaces and groups of the BeNeLux. Our dream is called Hack Square (H2X), a nice square filled with hackers, geeks, projects and much more. The sky is NOT the limit.What to expect?
Submitted by Anonymous (not verified) on Wed, 10/27/2010 - 12:31
A 12 hour flight and you are in Kuala Lumpur where the friends of HiTB and Hackerspace KL are waiting for you. This is what Deathzor, Thursley, beloved friend DrWhax and myself found as soon as we arrived in KL.
Submitted by Anonymous (not verified) on Tue, 10/05/2010 - 15:33
So, last week I was in Ireland and wanted to meet up with the 2600ie guys. Some confusion inside my head lead to writing down a phone-number wrong and I missed that event. The day after they invited me to come to their hackerspace, TOG, in the center of Dublin for "A few pints and a movie". How could I not accept?
Submitted by Anonymous (not verified) on Sun, 08/29/2010 - 19:13
One minute you are driving along the scenic Dutch landscape and the next you are surrounded by a bunch of geeks, tents and network cables. A few of us (fish_, [com]buster, and myself) had the pleasure of attending eth0 (an outdoor computer event:eth-0.nl).Together with some people from the 2600nl meetings we created our own little tent-village.