The next Breakerfaire meeting will take place at DoesLiverpool on the 11th of December, 2012 at 7pm. There will be one talk, followed by drinks and networking.
Bio: Paul is a self-confessed security geek and enthusiastic speaker. Since graduating in Electronic Engineering at Durham University in 2009, he has worked for several security organisations and kept up a personal interest in security.
Abstract:
Title: “Beneath the surface: an introduction to Information Hiding”
In this talk, we discuss three types of information hiding; steganography, fingerprinting and covert channels. We consider the motivations behind the use of each technique, real world examples and the fundamental problems with such techniques.
Arduinos are cool. Very, very cool. For those who don’t know, they’re basically little computers that you can hold in your hand that allow you to add interactivity and functionality to things that otherwise would be static and immobile. They’re used extensively in the arts and industry and they are regularly used to make amazing stuff.
Take for example, the Bubblino. A small, smiling, spherical piece of plastic that currently resides in my local hackerspace that was created by Adrian McEwen. Whenever someone posts a tweet that mentions ‘@doesliverpool‘, it shoots out a jet of soap bubbles.
Bubblino – From Flickr user ‘nutted’
It’s probably worth noting that Adrian along with fellow Liverpudlian Arduino expert Hakim Cassimally, have a book coming out soon that promises to be excellent. It’s all about using creativity and embedded systems to make cool stuff. You can buy it here, if you’re so inclined!
People have also used these Arduino devices to solve serious, real-world issues. In Oakland, California there is a startup called Kijani Grows that aims to address the issue of world hunger by using these tiny microcontrollers alongside Aquaponic technologies in order to cheaply, intensively produce organic food. All this, whilst using far less water than conventional farming methods and no soil whatsoever.
So, what about these Shrimp things then?
Well, whilst Arduinos are very, very cool, they’re also not particularly cheap. In Maplins (an UK electronics retailed) an Arduino Uno (the entry-level one) costs around £25 (USD $40). If you are a school or a university and you intend to give one to each student in a computer science class, it can start to get really expensive. Likewise, if you have a project where your microcontrollers will be exposed to the elements, you might want to find an alternative to spending £25 every time it rains.
Now, the really amazing thing about Arduinos is that every layer of the platform is open source. From the Processing IDE based development tools to the schematics of the device itself. That has resulted in a deluge of Arduino compatible clones flooding the market. Now, these are fairly cheap. But what if you wanted to go even cheaper? What if you wanted to make your own Arduino?
That’s where the Shrimp project comes in. The brainchild of Cefn Hoile; it aims to teach people how to create their own Arduno clones for less than a fiver. All you need is some solderless prototyping board, a bunch of capacitors and resistors, an ATMEGA chip, an FTDI cable and a bit of patience. The recipe is available here, along with schematics and other guidance you’ll need in order to create your very own Shrimp.
Not So Harduino
If you’re wondering, I was able to construct a prima facie Arduino Uno in about five minutes and was able to write a simple program that flashed an LED light on and off. In other words, the “Hello World” of Arduino. That in itself also took me about five minutes.
An Arduino Shrimp
It’s probably worth noting that there are some resistors and switches missing which are needed if you want to do anything more than flash a light on and off. Still, it’s not bad for a proof of concept.
Are you more likely to get into Arduino programming now that the cost of entry has decreased significantly? Are you put off by the extra steps involved in order to create a Shrimp? Would you buy Let me know in the comments!
The next Breakerfaire will be held at 7pm next Tuesday at DoesLiverpool. This is located on the fourth floor of the Gostins building on Hanover Street. There will be a talk followed by networking and socializing at a nearby pub.
We hope to see you there.
Why is my blog selling boner pills? – Ian Williams
A question that is asked far too much these days. Ian will be exploring the dark side of web applications and demonstrating the mistakes that are often made by developers when setting up web sites. Set from a beginners perspective Ian will show what tools are available to us to learn about common web application security problems and practice these offensive techniques against live sites, all without being sent to prison for hacking!
tl;dr Update your WordPress.
Ian Williams was an Information Security Analyst for RWE IT UK, the IT provider for RWEnpower and one of the largest utilities in the UK but is currently transitioning to work as a Pen Tester, Researcher and QSA at Xiphos Research Labs. Ian is rather new to the security field having moved into it from a career in Wintel server support and software packaging and distribution. Always being one to have a tinker with things security had become a natural fit with Ian obtaining GIAC certifications GCIH, GAWN and GPEN in the 5 years since he started in the industry. Ian is a passionate supporter of the UK information security community and is working to pay back all of the support he has gained in the last 5 years by organising local security meetings such as OWASP and 2600 and speaking as a new commer to the industry, in the hope it will encourage more of the IT tinkerers to come over to the dark side!
Ian Williams GCIH GAWN GPEN
OWASP Birmingham Board Member
A shameless pun on Makerfaire which will undoubtedly result in me being sent a cease and desist for blatant trademark infringement.
A community driven security conference in Liverpool, England, held monthly at DoesLiverpool.
So, yeah. I’ve decided to run a regular security meetup, and the chaps at DoesLiverpool have been foolish kind enough to host it. Now, you may be wondering why you should bother when you have OWASP Leeds and OWASP Birmingham within spitting distance*. Well, here’s a good few reasons why.
DoesLiverpool is full of genuinely nice, smart people.
It’ll have some amazing talks from members of the community, as well as respected security professionals who are at the top of their game.
The venue is as central as you can possibly be, and within walkiing distance of some of the best bars, pubs, clubs and restaurants Liverpool has to offer.
The venue has lasers. Does OWASP have lasers? No. Enough said.
Talks will be about the entire spectrum of security, from secure development, to web application hacking to network security.
Dude. Lasers!
If you’re convinced, the inaugural session is at 7pm on the 17th of July, and will be held on the third tuesday of each month. Any questions, just pop me an email or send me a tweet.
* Spitting distance provided that you are able to project saliva with the force of an artillery cannon.
