Physicist, hacker. Enjoys avant-guarde literature probably a bit too much. Open source advocate and contributor, both for software and hardware. Follow these posts on the Fediverse by @gergely@gergely.imreh.net
Last year I’ve moved back to London after living eight years in Asia.
No Man’s Land
(2016 December) I was reading a few volumes of Pinter’s collected plays, and was feeling very envious of New York, that they had Patrick Stewart and Ian McKellen putting a dual production of Waiting for Godot and No Man’s Land on stage there. But then I was lucky enough to catch No Man’s Land in London, and that was a really intense kick-off for my theatre season.
Theatre of the absurd is maybe my favorite, and this one makes a really good watch. The play is not perfect, though, the long monologue towards the end made me switch off, regardless how good the delivery was. But it was superb setup, superb acting (though Sir Ian had the better part), and very memorable. I think it’s a pretty good introduction to British culture as well, I’m definitely drinking much more since (alcoholism is one of the central elements).
The second season of Mr. Robot has just finished last week. While it’s one of the most amazing thing I’ve ever seen, it is also held as the TV show with the closest depiction how computer hacking works for real (see for example Quora or Reddit). Looks like it inspired a lot of people to “try out” the tools the characters use on the show (adding to the popularity of Kali Linux, or the Wickr chat app for example), which does feel a natural way to relate to your favorite characters, in a geek way.
I couldn’t resist either, and tried to dig a bit deeper, learning some geek (ie. not professional) lessons about how hacking works, party from the events in the show directly, partly by following for a few steps what were done in the show, and deconstructing the results. Here’s what I’ve collected so far:
Social engineering is likely a big part, a crucial enabler of most “successful” hacks. The show works with characters so it might be biased towards human actions, but it makes sense that social engineering can open door where the “bits” are closed. All the shows main hacks I remember included social engineering (not going to spoil here anything). This also made me a lot more aware in life, for example when talking with my bank online, or trying to get official things done in a way that it involves trust. Very much seems to me, that social engineering vulnerabilities and “opportunities” are really abound, and that makes me a lot more careful. For example, when calling to the bank, my verification data is three pieces of information that is available online or relatively easy, and I think of how I’ve seen such situation abused (in fiction, mind you), then I get a little jumpy. Not sure how other countries are like, but it feels like so many weak points in Taiwan, that she is just protected by the language barrier from western hackers/scammers – but sure that doesn’t deter another hostile nation. So yeah, my lessons is trying to improve on things, be mindful of trust-based situations encountered, while do be more confident to get things done better (in a non-malicious way of course), as confidence is one of the key ingredients of social engineering as well.
Taiwan has a very interesting attitude towards technology (for better or worse), and it is fun to try out anything new that comes up here (for a certain definition of “fun”). When the news hit late last month, that the National Immigration Agency opens Internet ID application to foreign residents, I was there to get mine as soon as it was available. The “Internet ID” refers to a “Citizen Digital Certificate”, also called MOICA, a smart card that supposed to make a lot of services available through a web browser or other government-produced software (e.g. filing taxes online). For Taiwanese citizens MOICA seems to be available at least since 2003 (according to the news report I’ve managed to dig up), but this is the first time it available for us foreigners living here.
In this rather graphic post I try to summarize the process of getting a MOICA card as a foreigner in Taiwan, setting it up, and some (opinionated) lessons to learn from it.
The Process
The process of getting and setting up the card is outlined in this leaflet that I’ve picked up.
Though – not surprisingly – in practice everything is a lot more complicated than these 8 bulletpoints.
My father picked me up from school one day and we played hooky and went to the beach. It was too cold to go in the water so we sat on a blanket and ate pizza. When I got home my sneakers were full of sand and I dumped it on my bedroom floor. I didn’t know the difference, I was six. My mother screamed at me for the mess but he wasn’t mad. He said that billions of years ago the world ‘s shifting and ocean moving brought that sand to that spot on the beach and then I took it away. Every day he said we change the world. Which is a nice thought until I think about how many days and lifetimes I would need to bring a shoe full of sand home until there is no beach. Until it made a difference to anyone. Every day we change the world. But to change the world in a way that means anything that take more time that most people have. it never happens all at once. Its slow. Its methodical. Its exhausting. We don’t all have the stomach for it.
This week I got a Wio Link prototype from a friend at Seeed Studio. It is an ESP8266-based little Internet of Things board with 6 Grove connectors for easy device connectivity, wifi networking, and controlled over an app & the Internet. For a quick project I wanted to hook it up with Home Assistant, an open source home automation platform that I read a lot about lately. The main focus was to have a first impression of both parts, and build up some experience for future, more serious projects.
The target solution: light up an LED if a particular person is at home location. Sort of a basic alarm system, though notice that the location of the LED was not mentioned – it can actually be anywhere in the world, as long as there’s Internet connectivity.
Wio Link was introduced in Seeed’s Kickstarter campaign, where they have raised more than 8x of their original target. It looks like a neat little board, and was happy to try out when I got my hands on one.
Their wiki page has quite a bit of information, so it was easy to get started. Connect to power, hold down the configure button till the LED lights up in a “breathing” pattern, connect through their Wio Link app, set up the wireless network settings and so on. Once connected, can define what kind of devices are attached to the board, and it looks like most of Grove devices are represented there. I only had a Grove LED at hand, so added it (“Generic Digital Output”), updated it, which created a new firmware and pushed onto the device.
The first update took a couple of minutes, but it’s pretty straightforward. The device then also has an API link, which brings up a web page with all the options to query, control, and reset the attached accessories (in my case that’s the one digital output).