Monthly Archives: May 2011

HSBNE Update

There's been a few awesome hackery things occurring lately, namely:

Our lathe is now operational! After a champion effort by Shawn, Lemming, Buzz, and Seppo our shiny new lathe is up and running. Predictably the first useful thing made on it was something pyromaniacal by Lemming, but fortunately nobody was injured.

Tjhowse brought in his furnace and melted down some old scrap aluminium. The melt was then cast it into cylindrical ingots for lathe practice. Recycling! You're welcome, environment.

https://picasaweb.google.com/117424517722074474896/Forge?authkey=Gv1sRgCPfuk9Cps__j3QE#


The Queensland Robotics Sports Club brough their Robowars arena into HSBNE recently and threw a heap of bladed, wedged and hooked mechanical monstrosities into a ring to smash eachother apart. Good times were had by all, with the possibly exception of the poor bloody robots.

There's a batch of incredible slow-mo videos of the carnage here:
Wonda vs Wombot http://www.youtube.com/watch?v=SGRQagpcY18
Aggressor Jr vs Kitbot http://www.youtube.com/watch?v=9pmyWon8cMI
Aggressor Jr vs Stig http://www.youtube.com/watch?v=AUfUbtzaRYo
Kruger vs Hellcat Jr http://www.youtube.com/watch?v=0H7QPCyYHBc
Kruger vs Hover http://www.youtube.com/watch?v=IsadTVudkHg
Stig vs Kruger http://www.youtube.com/watch?v=mwOwe9sLgLQ
Stig vs Kruger (Final) http://www.youtube.com/watch?v=11BKsox7QoM
Vendetta vs Sky Turtle http://www.youtube.com/watch?v=Qtizc-Mrm2Y
Vendetta vs WedgeBot http://www.youtube.com/watch?v=7elLFwlahKM
Vendetta vs Wombot http://www.youtube.com/watch?v=C8zawWyOTgA
Wombot vs WedgeBot http://www.youtube.com/watch?v=NGun7KYoQcs
Wonda vs WedgeBot http://www.youtube.com/watch?v=wW468iBfjy8

And some full-speed videos here:
http://www.youtube.com/watch?v=cuLvip8wFeg - Naked Turtle VS Wombot
http://www.youtube.com/watch?v=RQTYXtpPU1E - Aggressir Jr VS Stig
http://www.youtube.com/watch?v=fPdJz5cVSsI - Fury Jr VS Hellcat Jr
http://www.youtube.com/watch?v=MjRkAWkwOG4 - Kruger VS KitBo
http://www.youtube.com/watch?v=bx_VnwaYTXw - The wEdge VS Vendetta
http://www.youtube.com/watch?v=-r1_wuSisN0- Vendetta VS Naked Turtle
http://www.youtube.com/watch?v=iLKrUk4NktY- Wander VS Wombot
http://www.youtube.com/watch?v=rkZHQv3h9T8- Stig VS Kruger
http://www.youtube.com/watch?v=3K80PzVETi8 - Aggressor Jr VS Fury Jr
http://www.youtube.com/watch?v=KCSwruA5oZ8 - The wEdge VS Wander

James continues to work on his Prusa, the latest addition to the Hackerspace's family of 3D printers. So far he's managed to damage or destroy pretty much every piece of equipment, circuitry and hope needed to complete the project, but he's still soldering (geddit) along. (Hey! I'm not that incompetent! - pelrun)

In a related note, a new batch of opaque black PLA filament has been ordered for the Hackerspace's Mendel. It was ordered from mendel-parts, so with any luck it'll arrive before the earth is swallowed by the giant space-worm Kaaed'tha in 2044.

Sony Ericcson Xperia Neo :-(

Android

Normally, I would never really rant on our beloved blog but seeing no-one from our space really wants to blog stuff, I'll try to keep it alive with my ranting about the "security questions" as back-up to a password. :) Yesterday I received my new mobile phone, a Sony Ericcson Xperia Neo. I was browsing the security options to look for screen lock and to set passwords...

Yesterday I received my new mobile phone, a Sony Ericcson
Xperia Neo. I was browsing the security options to look for screen lock and to
set passwords, this because I'm a suPeRseCuReHax0r-man of course! Cool, I can
set my own "pattern" to draw as password, I kinda like that. It's not
like numbers where a lot of people use default numbers like "1111",
"0000" or "1337" and of course easy to remember numbers
like dates for example. On the other hand, I think a pattern is a bit easier to
steal while shoulder surfing, but that's another issue.

After setting my own pattern I get a pop-up; "Security
question - You need to select a security question as a backup solution, in case
you forget the pattern." where I can only select "OK". Now I get
to choose between four options, the questions are set - I can't make my own. I
need to choose between:

  • What is your mother’s maiden name?
  • What is your place of birth?
  • What is your favourite place?
  • What is your favourite film?

The first two questions are pretty easy to find out if you
know the name of the owner of the phone, they are set and unchangeable. The
latter two are usually easy to find if the owner of phone uses social media
like Facebook for example, other than that – they seem pretty easy to social
engineer.

This is 2011, this phone is brand new and they make security
“errors” like this. It annoys me. This is not the first time I’ve seen it, it’s
a well-known flaw in security at a lot of sites. Half of the time some kid’s Hotmail
gets hacked, it’s because he or she set a stupid security question which got
answered by someone who knows how Google works.

People who are into security or those who are more aware of
it know that entering something like this is silly. That’s not the problem. It
becomes a problem when kids, elderly people or just people who don’t have a
lot of experience with technology set these
answers, they don’t second-guess when technology comes up with a question, they
just add it and are happy about it. I expected people at a huge company like
Sony-Ericcson to foresee stupid flaws like this, especially because it’s been
known for years.

A solution? A temporary solution could be entering a random
answer. What is my mother’s maiden name? Well, it’s “tUm$Gjfk%p” of course! It’s
the only solution I can think of at the moment, seeing I have to enter
something.  But, I’d like to see this "feature" to be gone or fixed in an upcoming patch.

This isn’t really a lash-out towards Sony-Ericsson, I just
get annoyed by these big companies with lots of money that still make stupid mistakes like this. We
have a Dutch saying which translates to “It was the drop that made the bucket
overflow” which suits the reason why I wrote this blog perfectly but now I have to use the English “the straw
that broke the camel's back". :)

Problemas privados y Problemas Públicos, Hackaton de Innovación Abierta.

Ayer hicimos nuestra Primera Hackaton de Innovación Abierta. Y estamos felices, porque en un mismo espacio tuvimos Problemas privados (Predecir la existencia de saldo de un cliente celular prepago) como el que ofreció Binaria y Problemas Públicos (Publicidad Oficial y Compras Municipales) como los que apoyó y esponsoreó Poder Ciudadano. También contamos con el apoyo […]