Wales Comic Con 2011 – The Review

Sunday 5th June 2011, I arrived at the campus of NEWI*1 GlynDwr University for Wales Comic Con. This was my first visit to this event since I missed out last year due to Vampiric Eye Disease causing me to be unable to leave the house during the daylight hours.

Upon arriving at the campus I immediately encountered a slight Problem. In an attempt to prevent others for making the same mistake, I tweeted “Note to self: when going to a con, check location before leaving house. #walescomiccon.” Yes, I knew it was on the Campus, but there were dozens of buildings/complexes that could be housing it. Luckily as I was pulling my car into a car-park, I spotted a couple of StormTroopers*2 standing guard at the door to the sports centre. And when a marine walked out of the building followed by an Alien with a dog collar, I KNEW where it was. (more…)

Doctors 2.0

Yesterday I gave in to the masses, who had been giving me a hard time for not going to the doctor with my “Vampire Eye“.

So I woke up yesterday, got dressed up in my Ninja Gi, loaded up with all the weapons and tools of the Ninja, and prepared for the dangerous, and arduous task that is trying to book an appointment at my medical centre. And was I in for a surprise.

I get ready with the house phone, my mobile, & a scripted PBX to attempt the impossible first step, actually getting hold of someone. I dial and……. I get an automated welcome message, welcoming me to the medical centre, informing me my call may be recorded for training purposes and telling me i shall have options to pick from.  WOW. My Doctors place has got themselves a decent phone system that’s not some old woman sat at a desk moving wires about.

I then get to the menu system of the phone call. “Press one for…..” there then followed a huge list of all the possible reasons you may press option one. Then SILENCE, I waited, and waited, but still there was silence. “OK? so the first part of the menu is press 1 or press 1” I pressed 1, and the phone started ringing and I got a real person.  Yes their automated phone messaging system goes. Press 1 and get person. They have managed to add a pointless step in the process of PHONE-RINGS->ANSWER-PHONE.

I get my appointment and dutifully turn up at the surgery on time. Only its all different, its bigger, better, and different. In fact its like they had built a huge new building next to the original, then knocked down the original to make additional car parking spaces. Well the old place had been there for dozens of years, and was a bit small and dingy.

I enter the posh new building to be greeted by a large wall mounted flat screen TV with the word “Welcome” on it in a button like box. I then touched the button on the screen like you do, it changed to two buttons [Male] & [Female] “Wow, they really gone to town on making the patients feel comfortable while waiting, they even supply company for you“. I quickly pressed the [Female] button, it now asked for a D.O.B. “wow. I wonder if they ask for my preferred hair colour and such?”  I hit a few random options for a birth date, and waited for my order to arrive.

The screen in front of me said “Welcome Mrs ***** ****** ******, please take a seat in the waiting area.” *SHIT* its a login system, not a online ordering thing. I hit reset, and put my details in, and made my way to sit innocently in the waiting room. Where there was an even bigger flat screen TV informing me that “smoking is bad” “unsafe sex is bad” “yada yada yada” and occasional beeping and telling someone they should go to room **.  Modern technology is great, instead of the old yellowing posters telling me everything fun is bad for me, they now get to do it in wide screen, high definition.

After all that, the Doc told me nothing I didn’t already know, and I was in with him for about 3 minutes. This is why I never bother going to see the Doctor.

Britain’s Got Computer Talent.

On Monday the 26th July 2010 the UK Minister for Security Declares Cyber Security Challenge UK Open.

The Cyber Security Challenge is a series of national online games and competitions that will test the cyber security abilities of individuals and teams from every walk of life. It is designed to excite and inspire anyone considering a career in the cyber security industry.

The Challenge will identify talented individuals capable of becoming part of the UK’s cyber security profession now and in the future.

Why should I participate?

Participation in the Challenge offers three fantastic opportunities:

  1. The Challenge will award more than 30 superb prizes. These will include:
    • Places on the Detica Academy
    • Funded or part-funded places for masters-level university security courses
    • Funded security courses provided by SANS Institute.
    • Memberships of trade bodies and professional associations
    • Professional mentoring sessions
    • Time on the CREST penetration test rig
    • Delegate passes to industry conferences
    • An internship at one of the UK’s premier security companies
    • Prizes will be allocated based on individuals’ ambitions and the stage they are at in their career.
  2. The Challenge will provide participants with the opportunity to use world-class technology and facilities that would otherwise be inaccessible.
  3. It will also provide a way for individuals to meet with, work with, and learn from some of the UK’s most prominent organisations in cyber security, education and politics.
    Those who demonstrate excellent levels of skill and talent will be exposed to potential employers who will look favourably on anyone who can perform well throughout the Challenge.
  4. The Challenge offers an opportunity for all participants to publicly demonstrate their cyber security skills and build their reputation with peers and potential employers as the UK’s most talented security experts.

The first challenge to get yourself started with is up here

Get playing!.

Hackers 1 : Network Admin 0

I forget exactly when this incident happened. I do remember it was towards the end of the University season (either the year end, or midway). It was in my second to last year in University, and everyone was rushing about trying to finish papers, coursework and get everything handed in on time.

Of course the Lords of Chaos were out in force, and the Universities Network was down, and had been for about a week, people were seriously starting to panic.  The network at the time was Windows 95 running of a Novell network. Now somehow (no info was ever posted) the windows image had become corrupted.  You could log onto the network, and it would copy the global copy of windows to your workstation ok, only winsock, and several other network important files/libs were corrupt meaning windows could not talk to the network.  This had a knock-on problem of all the program files & user data were stored on network drives.  Basically you were left with a corrupt and damaged version of windows that was of no use to anyone.

Now some of the computer labs had computers that also had local copies of windows on them, for specific software/applications. Unfortunately these were not set up to use the network, or the internet, in fact they had been set up specifically to be unable to use the network. (for security and to help prevent the pirating of specialised software)

After a few days of no net-access a friend and myself got fed up and decided to do something about it. We found one of the small labs with local copy windows machines, and using some of the libraries off the corrupt net-work versions, plus manually rewriting sever config files we were able to get two machines fully running on the uni’s network, and hence the internet. So there we were happily using the internet to plan the weekends fun when a Lecturer wandered into the lab.

“What are you guys doing in here?”

“err, just finishing some coursework to email in”

“What, do you think I’m stupid? The network is down”

I pointed at my screen and invited her to come look, pointing at a couple of websites to show it was working, and pointed out since we were desperate to finish our coursework we “fixed” the two machines we were using. She looked thoughtful for a while, then asked could we do the same to all the others in the lab, since she had an important lesson that afternoon that she had already put off once due to the broken network.

It was another week and a half before they fixed the network and all the universities computers were usable. But for that week and a half there was one small computer lab that was fully functional, and its location was spread about like a secret. After all, if everyone knew about it, you’d never get a free computer.

I like to think we helped a few people be a little less stressed in the run up to exams.

Reclaiming the word Hacker

As The Next HOPE draws near I figured now would be an appropriate time for me to say a few words about the misappropriation of the term “Hacker“. To quote Randal from Clerks II. “I’m taking it back

How often do you seen mention these days like :-

  • “Hacker steals hundreds of credit card details” (Hello, that’s not Hacking its credit card fraud).
  • “Hacker defaces ****’s website” (Try Vandalism not Hacking.)
  • “Hacker steals companies data to sell” (Try Industrial Espionage)

Yes there are people out there that do illegal things, a lot of them can be described as Skript Kiddies, crackers, thieves, vandal, humans. Yes there are Hackers that do illegal things, but that does not mean all Hackers do. There was a case in the UK a few years ago of a doctor who killed hundreds of his patients, does that make all doctors mass murderers?

Wikipedia describes the origin of the term Hack as thus :-

The term “hack” was first used by US university computing centre staff in the mid-1960s. The context determined whether the complimentary or derogatory meanings were implied. Phrases such as “ugly hack” or “quick hack” generally referred to the latter meaning; phrases such as “cool hack” or “neat hack”, to the former. In modern computer programming, a “hack” can refer to a solution or method which functions correctly but which is “ugly” in its concept, which works outside the accepted structures and norms of the environment, or which is not easily extendible or maintainable. The programmer keeps beating on it until a solution is found.

In a similar vein, a “hack” may refer to works outside of computer programming. For example, a math hack means a clever solution to a mathematical problem. The GNU General Public License has been described as a copyright hack because it cleverly uses the copyright laws for a purpose the lawmakers did not foresee. All of these uses now also seem to be spreading beyond MIT as well.

The term should be kept as it was originally intended, to describe those people who are curious about how things work, whether it be computers, networks, phones, electronics, maths, whatever. People who find ways to use things in ways that was not in the original specification. We used to cherish these people as innovators, explorers, etc. (Well apart from the early days when the church would burn them as heretics). We should go back to using “Hacker” as a positive description, and just call criminals “Criminals”.  So Media People pay attention, I’m taking the word Hackers back.

To aid in the takeback, I will be posting a series of old Hacks, & examples of Hacking. None of them Illegal, none that caused Harm, Injury, disfigurement. There may have been some upset caused by some, but only in a “How come he can do that? why cant I? It’s not Fair”. They are all just examples of someone being curious, someone using things for more than they were designed for, someone helping others thanks to his playing.

“Better dead than Red” But Even Better “Red Dead Redemption”

At the weekend I had a cunning plan. A plan so cunning, you could say “it was as cunning as a fox  who’s just been appointed Professor of Cunning at Oxford University“. Now that’s cunning!

Before I tell my cunning plan, I need to set the scene, or at least explain the events leading up to “The Cunning Plan“.  It all starts on a Saturday morning, not any old Saturday morning but the start of a three day Bank Holiday weekend. It starts with a man with a stupidly long list of things he really needs to do, and no inclination to do any of them. Well I’d been putting off stuff for weeks/months/years. I am spod watch me idle!

So I really needed to make some headway into the growing pile that was the task-list. It was while contemplating this that “The Cunning Plan” was hatched.

You see it came to me as if whispered into my ear by the angel or devil that sits on my shoulder (I always get those two mixed up). I would get myself the game “Red Dead Redemption” that I had read so much about on different peoples Blog’s and which so far had good write-ups.  So I would go get myself this game and place it in a prominent position. And if I completed a load of tasks then I could treat myself to playing the game. I am Male, Watch me get bribed!

Plan formed, I quickly made a list of the most pressing tasks on my Whiteboard and headed out to the shops. The first shop I tried was sold out, The second did not even have it listed as a released game, The third shop turned out to be a cake shop, The fourth was a constitutional right, Luckily the fifth was more promising.  I just had one pitfall to pass.

I entered the shop to be confronted by a series of displays for the iPad, There was box’s of them all looking new and shiny. I know I’m waiting for the none mac tablets to be released but I am a geek, I love new technology. The draw of the shiny almost drew me in, but I rolled a 20 on my resist willpower, and was able to pass.  I made it to the game section to spot the “SOLD OUT” sign on the Xbox360 section of the game. Luckily they had one left in the PS3 section, so I was saved, the game bought, and I returned home.

So there I was, Task list on whiteboard, prize for completion in hand. What could go wrong?

Well, the thing is the game may not have worked, and needed replacing which would annoy me after completing my tasks. So what harm could there be in just throwing it into ps3 and checking its ok. I could just watch the intro and then turn it off when I was sure it worked. I could do that couldn’t I?

And that was the moment “The Cunning Plan” failed. and the weekend vanished. In my defence the game is great. Wide open landscapes to ride over, all the wildlife, random encounters, missions, fun. I don’t think I’ve done any of the plot elements of the game yet. I’ve just wandered the land killing & Skinning animals, shooting the rope on people being hanged, and generally killing people. Oh and I’m on my eighth or ninth horse.  I’ve met several people walking alone in the desert who’ve asked for help, only to pull me off my mount and ride off on it when I’ve gone to help. Which means I then have to shoot my horse dead so it falls on the horse thief while i then walk over and shoot them in the legs and arms, and leave them lying bleeding on the floor.

Oh. I guess I could just shoot the rider dead and leave the horse alive? Hummm never considered that.

I do recommend the game to anyone. Unless you really have other stuff you need to do first.