I’ve learned this about hacking, inspired by Mr. Robot

The second season of Mr. Robot has just finished last week. While it’s one of the most amazing thing I’ve ever seen, it is also held as the TV show with the closest depiction how computer hacking works for real (see for example Quora or Reddit). Looks like  it inspired a lot of people to “try out” the tools the characters use on the show (adding to the popularity of Kali Linux, or the Wickr chat app for example), which does feel a natural way to relate to your favorite characters, in a geek way.

I couldn’t resist either, and tried to dig a bit deeper, learning some geek (ie. not professional) lessons about how hacking works, party from the events in the show directly, partly by following for a few steps what were done in the show, and deconstructing the results. Here’s what I’ve collected so far:

Social engineering is likely a big part, a crucial enabler of most “successful” hacks. The show works with characters so it might be biased towards human actions, but it makes sense that social engineering can open door where the “bits” are closed. All the shows main hacks I remember included social engineering (not going to spoil here anything). This also made me a lot more aware in life, for example when talking with my bank online, or trying to get official things done in a way that it involves trust. Very much seems to me, that social engineering vulnerabilities and “opportunities” are really abound, and that makes me a lot more careful. For example, when calling to the bank, my verification data is three pieces of information that is available online or relatively easy, and I think of how I’ve seen such situation abused (in fiction, mind you), then I get a little jumpy. Not sure how other countries are like, but it feels like so many weak points in Taiwan, that she is just protected by the language barrier from western hackers/scammers – but sure that doesn’t deter another hostile nation. So yeah, my lessons is trying to improve on things, be mindful of trust-based situations encountered, while do be more confident to get things done better (in a non-malicious way of course), as confidence is one of the key ingredients of social engineering as well.

Continue reading “I’ve learned this about hacking, inspired by Mr. Robot”

Changing the World

My father picked me up from school one day and we played hooky and went to the beach. It was too cold to go in the water so we sat on a blanket and ate pizza. When I got home my sneakers were full of sand and I dumped it on my bedroom floor. I didn’t know the difference, I was six. My mother screamed at me for the mess but he wasn’t mad. He said that billions of years ago the world ‘s shifting and ocean moving brought that sand to that spot on the beach and then I took it away. Every day he said we change the world. Which is a nice thought until I think about how many days and lifetimes I would need to bring a shoe full of sand home until there is no beach. Until it made a difference to anyone. Every day we change the world. But to change the world in a way that means anything that take more time that most people have. it never happens all at once. Its slow. Its methodical. Its exhausting. We don’t all have the stomach for it.

— Mr. Robot (eps1.4_3xpl0its.wmv)

Is there an Uncanny Valley for hardware projects?

The concept of the Uncanny Valley comes from robotics, its hypothesis says that when humanoid robots move and feel almost, but not completely like the real thing, they can be more off-putting than the robots that have less human likeness.

Working on quite a few hardware projects these days, I started to wonder (okay, say it out loud: worry), that there’s an uncanny valley for hardware projects as well. My theory goes such that hardware projects that are almost, but not completely professional can be more off-putting (or underwhelming) than less advanced, clearly maker projects and prototypes.

Continue reading “Is there an Uncanny Valley for hardware projects?”

I know less now than I did as a kid

As part of my new-year reflections and resolutions, I’ve looked at how well-rounded human being I am. How do I look at the things around me, and how are my interests? Are they wide enough, are they deep enough (by whatever metric)? I came to the conclusion that I knew much more as a kid than I know now as an adult, regressed in a lot of areas, and it’s worth taking a look at why that could have happened & what does it really mean? Do I need to be worried about that?

Let’s see some examples of things that occupied the mind of kid-me and now-me…

Kid-me knew more

Dinosaurs & Prehistory

Triceratops
Triceratops

I don’t think there are many kids who were not fascinated by dinosaurs! I had a bunch of books about them, and about other prehistoric creatures. It’s amazing to see life forms that are not found anymore, and also see how they connect to animals living now. It’s a whole different world that is amazing to imagine. This also includes prehistoric people, their ways of living, a much simpler, very different way of being. This put everything into perspective, gained an appreciation to looooong times, and change all around us on earth.

Continue reading “I know less now than I did as a kid”

Beyond the Kickstarter model for science crowdfunding

In the startup world people pitch ideas quite often in the shorthand of “we are X for Y”, drawing on an existing (and successful) “X” and a new market or audience “Y”. It’s very convenient, while have to be extremely careful not to be sucked in by its simplicity and really equate it with “we are doing everything completely the same as X, just for Y”. One such combination where I consider that very harmful is the topic of science crowdfunding, and the multitude of sites being “Kickstarter for Science”.

The Kickstarter model works very well, when there are things to give away, when the end results are physical products, or can produce something physical related to the project (for example postcards and DVDs for performance and art).  For most of the science projects, that just doesn’t work, quite often there’s nothing really to give away for a wide audience, that would attract enough funding (though will come back to this later). I think the whole model of what do supporters get needs to modified, and on a higher level, have to answer the question of “What is the purpose of all this?”

Laser sign built for the lab
Laser sign built for the lab

To get to some possible answer, first a bit of exploration. One of the first things to see is who could be the beneficiary of the project? The star professors working at big universities, they often have more money from grants than they can spend, probably they are not the first ones to think of. On the other hand, there are smaller colleges with ambitious researchers and students. There science fair students. There are independent scientists, hackerspaces, non-profits. The funds for many of these are a problem, but there are even more common problems I heard so far: lack of knowledge and lack of community/connections. The latter can affect very successful professors as well, in less well connected places (like here in Taiwan).

Another insight I got from watching Zack Braff’s reply to his critics, over his Kickstarter campaign for a new movie project. In that video he mentions what got him onto Kickstarter in the beginning: being able to have a backstage view to awesome projects, by receiving first-hand experience of the makers. That’s what he put at the centre of his campaign too: (paraphrasing) “If you fund me, I’ll be able to show you how a movie is made from beginning to the end, like you’ve never seen it before” (and apparently 46,520 people thinks it’s an awesome idea, myself included). Maybe that backstage view would be motivating to just enough people to support a particular science project that they are interested in?

So to come back to the question of purpose: what if the driving principle was “Promoting and enhancing Open Science“? Would this be a focused enough mission to create a sustainable model?

Fitting this into the previous examples: what if science fair students can get support for their projects: monetary from family and community who has such vested interest in them, but beyond that, the project would also try to connect those students with professors in the field their project is, while providing feedback and education to do their projects in a transparent, responsible, and interesting way. Besides the benefit of getting their projects done, could this create better scientist and more interested public in the long run?

Similarly for independent scientists and professors alike, openness, collaboration, and more transparency could enable them to do better and more science. I feel, as Tim O’Reilly said about writers, for scientists as well the problem is not that someone will steal your idea, but that nobody have heard about what you are doing.

That’s not to say, that scientists should spend all their time promoting their research, but to make it accessible. People should be able to see how a great lab-book looks like, what raw data is, what is a failed experiment and why did it fail, see how long certain things take in the lab, what is the thought process of a discovery. This is of course some overhead – when people are writing things up, they are not doing the experiment. On the other hand, I am a firm believer, that taking some time to think and being “forced” into putting thoughts down into coherent form has an amazing positive benefit on the long run. That’s how real understanding can come about too, and it will make a better scientist, compared to putting short-term efficiency as top priority.

All in all, I think a platform that have a priority list of first Openness, then Collaboration, and finally Funding would work the best for the mission of enabling more people doing more and better science. Some sign of this I can already see from existing places, like the experience of the Serengeti Live project which found collaboration with Zooniverse.

There are a LOT of science crowdfunding websites (as I’ve seen many on a list on Reddit), though many of them are closing down or inactive as founders moved on, like IAmScientist, Petridish. There are others still going on, for example Microryza, which I admire as founded by scientists since they wanted to get funded as well, though I think the reward of nicely formatted report at the end of each funded project falls short its potential.

Who will build something based on this and will it work? I don’t know yet, but I’ll sure do everything I can for Open Science and discovery in the meantime, and work to become a better scientist myself.