Category Archives: Computers

I’ve learned this about hacking, inspired by Mr. Robot

The second season of Mr. Robot has just finished last week. While it’s one of the most amazing thing I’ve ever seen, it is also held as the TV show with the closest depiction how computer hacking works for real (see for example Quora or Reddit). Looks like  it inspired a lot of people to “try out” the tools the characters use on the show (adding to the popularity of Kali Linux, or the Wickr chat app for example), which does feel a natural way to relate to your favorite characters, in a geek way.

I couldn’t resist either, and tried to dig a bit deeper, learning some geek (ie. not professional) lessons about how hacking works, party from the events in the show directly, partly by following for a few steps what were done in the show, and deconstructing the results. Here’s what I’ve collected so far:

Social engineering is likely a big part, a crucial enabler of most “successful” hacks. The show works with characters so it might be biased towards human actions, but it makes sense that social engineering can open door where the “bits” are closed. All the shows main hacks I remember included social engineering (not going to spoil here anything). This also made me a lot more aware in life, for example when talking with my bank online, or trying to get official things done in a way that it involves trust. Very much seems to me, that social engineering vulnerabilities and “opportunities” are really abound, and that makes me a lot more careful. For example, when calling to the bank, my verification data is three pieces of information that is available online or relatively easy, and I think of how I’ve seen such situation abused (in fiction, mind you), then I get a little jumpy. Not sure how other countries are like, but it feels like so many weak points in Taiwan, that she is just protected by the language barrier from western hackers/scammers – but sure that doesn’t deter another hostile nation. So yeah, my lessons is trying to improve on things, be mindful of trust-based situations encountered, while do be more confident to get things done better (in a non-malicious way of course), as confidence is one of the key ingredients of social engineering as well.

Continue reading I’ve learned this about hacking, inspired by Mr. Robot

Taiwan Citizen Digital Certificate

Taiwan has a very interesting attitude towards technology (for better or worse), and it is fun to try out anything new that comes up here (for a certain definition of “fun”). When the news hit late last month, that the National Immigration Agency opens Internet ID application to foreign residents, I was there to get mine as soon as it was available. The “Internet ID” refers to a “Citizen Digital Certificate”, also called MOICA, a smart card that supposed to make a lot of services available through a web browser or other government-produced software (e.g. filing taxes online). For Taiwanese citizens MOICA seems to be available at least since 2003 (according to the news report I’ve managed to dig up), but this is the first time it available for us foreigners living here.

In this rather graphic post I try to summarize the process of getting a MOICA card as a foreigner in Taiwan, setting it up, and some (opinionated) lessons to learn from it.

The Process

The process of getting and setting up the card is outlined in this leaflet that I’ve picked up.

MOICA Application English
Click to see large scan. Wow.

Though – not surprisingly – in practice everything is a lot more complicated than these 8 bulletpoints.

Continue reading Taiwan Citizen Digital Certificate

Home Automation Mix-and-Match

This week I got a Wio Link prototype from a friend at Seeed Studio. It is an ESP8266-based little Internet of Things board with 6 Grove connectors for easy device connectivity, wifi networking, and controlled over an app & the Internet. For a quick project I wanted to hook it up with Home Assistant, an open source home automation platform that I read a lot about lately. The main focus was to have a first impression of both parts, and build up some experience for future, more serious projects.

The target solution: light up an LED if a particular person is at home location. Sort of a basic alarm system, though notice that the location of the LED was not mentioned – it can actually be anywhere in the world, as long as there’s Internet connectivity.

I’ve used the Wio Link, a Grove LED light, an Olimex OLinuXino Lime2 board running ArchLinux for the server, and a Buffalo router with DD-WRT system installed.

Wio Link

Wio Link was introduced in Seeed’s Kickstarter campaign, where they have raised more than 8x of their original target. It looks like a neat little board, and was happy to try out when I got my hands on one.

Their wiki page has quite a bit of information, so it was easy to get started. Connect to power, hold down the configure button till the LED lights up in a “breathing” pattern, connect through their Wio Link app, set up the wireless network settings and so on. Once connected, can define what kind of devices are attached to the board, and it looks like most of Grove devices are represented there. I only had a Grove LED at hand, so added it (“Generic Digital Output”), updated it, which created a new firmware and pushed onto the device.

Wio Link setup process (left to right): add device, update firmware, check status
Wio Link setup process (left to right): add device, update firmware, check status

The first update took a couple of minutes, but it’s pretty straightforward. The device then also has an API link, which brings up a web page with all the options to query, control, and reset the attached accessories (in my case that’s the one digital output).

Continue reading Home Automation Mix-and-Match

Scratch Your Robot Itch

Recently I’ve been experimenting with the Scratch programming language, created by the Lifelong Kindergarten Group at MIT. It’s a fun environment that uses visual programming: drag-and-drop pieces of code blocks, and control objects on a stage, and the stage itself. It has quite a bit more depth to it, than the expression “visual programming language” implies, with it’s internal messaging system, multitasking, and event-driven approach. While it was originally aimed at creating interactive graphics and animations (see this TEDx talk by Prof. Mitch Resnick on the background), it is now evolving into new territories with the Scratch Experimental Extensions.

Continue reading Scratch Your Robot Itch

Language of the Month: Rust, the results

Every now and then I do a “Language of the Month” feature when I spend one month to learn a new programming language. This last month in November I’ve spent with Rust, and it’s time to take stock. Will look at the impression I had in this short time, show one project that I get done in Rust, and some ideas what I’d like to do with Rust in the future!

Experience

According to my time log, I have spent about 20 hours this month learning Rust. That’s way too little to have a good understanding, but definitely enough to have some educated guesses (and excitement, and horror , as appropriate). This time I’m generally very impressed as Rust comes across as indeed a very modern and smart language, although that modernness is mostly in the tooling and non-essential parts. It is also changing very quickly, for good and bad. Here are some, admittedly subjective and incomplete list of observations. Good is what I like, Bad what’s less nice IMHO, and Ugly is what’s imperfect or confusing (at this stage of my Rust learning):

Good

It’s great to see that documentation is a not an afterthought, but a core part, that is making use a lot of modern development experience. Having a standard way to include example code in docstrings and actual tests are run on them to make sure the examples are also up-to-date with the code is a very cool concept. Also being able to auto-generate HTML documentation from the code is probably going to be standard in most new languages (I think Go does that also, and other languages have gained similar optional tools)

Continue reading Language of the Month: Rust, the results