WOW! FRIDAY Network Club was RAD!

Minds blow by Friday Network Club. we’re learning all about some sweet networking tools and tricks. Thanks Samy!

“so many insecurities. and, so many people haven’t thought of. you should think about this.” –Samy

next time:
transparent mitm

Read the rest of this entry »

Network/Mobile Sniffing, Protocol Deobfuscation, Reverse Engineering

BE THERE FRIDAY, June 20th at 8p for what will prove to be a very informative class with Samy Kamkar

FREE and open to the public!

Network/Mobile Sniffing, Protocol Deobfuscation, Reverse Engineering

To go over some of the cross-over, I think what we’ll do for this class is go through a real-world and step-by-step walk-through of an encrypted, obfuscated, undocumented protocol on the Android or iOS stack which was NOT open source (source was NOT in Android), yet binaries included in all Android installations (and similarly iOS). From reasons to investigate these funny packets and how I ultimately found Android (and iPhone, and Windows 8 mobile) were sending massive amounts of encrypted, obfuscated GPS/geolocation data and MAC addresses of all networks around you (correlated to GPS) and storing it all, from every single smartphone.

Even when you turned GPS off.

So we’ll go over:

top-down approach of trying to examine something undocumented
wireless/network sniffing
mobile sniffing
packet injection
man in the middle attacks (SSL and non-SSL)/decrypting SSL connections
unknown protocol investigation

By the end of the class, not only do I hope you will be able to do this process or use any of these methods yourself in other areas, but you will be able to manipulate Google/Apple Maps’ Traffic, meaning you can make Venice Blvd look green for fast or red for slow (for anyone using Google/Apple Maps) to reroute them, and you will be able to find the physical address of anyone by obtaining their router’s MAC address (which you can often get by having them visit a page without authorization — more will be discussed in the class). That wasn’t my intention, but a side effect of learning about one thing opens up some pretty crazy, unexpected possibilities.

By the end you should have a basic understanding of doing this process yourself, have a pretty good toolchain for this type of research, and also be able to use any of these a la carte for useful reasons in the future.

Pure Data Patching Circle This Sunday June 22nd

We will be having a patching circle on Sunday 6/22 from noon to 4 pm at CRASH Space.

What is Pure Data (Pd)? Pd is an open source visual programming language used by artists and musicians all around the world. It’s creator, Miller Puckette, teaches computer music at UCSD, and was the creator of the original version of Max/MSP.

A patching circle is an informal gathering of anyone who is interested in patching languages (Pure Data, Max/MSP/Jitter, etc.).  Beginners and experienced patchers are welcome.  Open to everyone – work on personal or professional projects, school work, or just patch quietly to yourself, in a room full of other people patching patches and helping other people patch.

Free and open to the public (donations to CRASH Space are welcome, of course).

CRASH Kit Build In Santa Monica – CANCELLED

UPDATE – this event has been cancelled. We will be scheduling a Drawdio kit build night at CRASH Space in the near future.

On June 21st at 11 AM, CRASH Space will be running a kit build event at the 1450 Ocean Avenue Camera Obscura building.

camera obscura

We will be building the Adafruit Drawdio kit. It turns a pencil into a musical instrument. It’s super easy to build and a great way to learn how to solder (don’t worry, we’ll teach you. We’ll have all the tools you need.


Sign up for the event here. Cost is $38 ($20 to sign up, $18 for the kit).

(Camera Obscura photo by Scott Garner)

Femgineers are the Future!

Our friends over DIYgirls continue to trailblaze the future for our young girl hackers. They are holding a 5 week STEM summer camp for girls entering 6th, 7th and 8th grade with some truly amazing programming. Check out the schedule below and be totally jelly if you’re not a young woman because it’s going to be fantastic.

You can still participate by sponsoring a cool kid to attend. Click below for more info or email if you have any questions.