Just discovered mentions in titles
This is just microblogging, a small mention, in my last post regarding
Enrique Comba an Insitute for biocomputation and physics of complex systems,
I just discovered I can reference in wordpress titles people names,
and they’ll get a mention in their timeline.
Obviously this only works if you have wordpress associated with twitter.
I know, that MAKES completly sense, It’s just I’ve never seen anybody doing it.
Meeting with @ecomba at @Bifi_institute
We had Enrique comba at institute for biocomputation and physics
of complex systems this thursday.
I had to say it was an interesting experience, we were talking about his
interesting filosophy (enterprise filosophy), and programming metodologies,
mainly, I had interest in the following:
- Paired development.
- Pair exchange, each 25 minutes.
- Using VIM with screen for paired development =)
The last one is obvious why I was interested in it, as a fervent VIM user,
and console entusiast.
Pair exchange each 25 minutes was the best idea I’ve heard in a while.
It allows all your partners to have knowledge of all the projects in the enterprise,
and keep going, keep without loosing any interest in the project.
If you were already using pomodoro for tasks in paired development,
shouln’t be too hard to adapt to this new method. As soon as I have a
chance (wich may be never, but nvm) I want to try it.
And paired development allows you to discuss things, talk, and so on without being really distracted (you know, while you develop, you’re going to talk about work, just that). I tend to speak even being alone while developing, it really helps me concentrate, and with more people, it’s kinda… more confortable and less awkward than alone 
Furnivall Talk at Libre Software Worl conference
Next week I’ll be speaker at Libre Software Worl conference, in the Furnivall: A framework for developing crowdsourcing applications talk.
Libre software world conference is an event, organised in spain (and predominantly spanish) about open source with an enterprise and professional intent.
You can have a look at It’s web site for more information.
Furnivall is an open source framework for develoing crowdsourcing
It helps to organize batches of tasks, collect them form volunteers and do all the related housekeeping.
A popular similar work is Bossa. Also, Furnivall is heavily inspired in BOINC.
Furnivall is being developed at ibercivis in the institute for biocomputation and physics of complex systems, available at ibercivis’ github
Bash and linux security talks
I recently (yesterday in fact) gave two talks, about shell and linux security respectively.
They ended up being almost 3h (I can’t help it, once I start talking, I wont shut up), with a higher level than I expected, but I think they were nice anyway.
At least I hope they’ll remember some of the “You must not do this” things I repeated over and over, as that can save them from a zombie apocalipse.
I made a small presentation (mostly a guide) with a script using bash4 capabilities to process an RST file.
That script is now availble at my codesamples github repository , among other bash4 and python samples.
Most important topics where:
- “Quote, Quote again, Quote I said!”
- “Use as little external tools as possible, bash is powerful enough”
What keeps me busy
I’ve been thinking about what keeps me busy lately, and well, I found a lot of things, stuff that need a better time and project management, I want to get a job from here to april and well, I can’t keep going at this rythm forever
— Projects I own —
– Projects hosted in cli-apps.org (mostly small, but useful scripts) –
EPTuzsa – Cli tool to access tuzsa.es bus data.
YABS – Yet another batery status viewer
OneMangaDownloader – Downloads stuff from onemanga (onemanga is defunct)
RevConn – Reverse connection interface
DebCleaner – Makes some cleanup tasks on debian
Airosperl – Gtk perl interface to aircrack-ng, airoscript style (unmantained)
CPIM – Console Peronal Information Manager, a set of tools to integrate a PIM TUI
DiGenPy – Wireless default key dictionary generator.
Python-Tuenti – Python interface to tuenti, a spanish closed social network
— Projects in wich I participate –
Copisterio – Management and main development, previous perl version and current in python.
Theta – Development, ported it from C to C++.
Aircrack-ng – Development of the Airoscript-ng component.
You can have a look at my ohloh profile, but you’ll find it uncomplete (Adding update this to my todo list )
About my desvinculation with wifislax
I’ve got to clear this: I’ve nothing to do with their “wifislax version” of airoscript.
I’ve even been banned from the forum for not being sattisfied with their code releasing politics.
The main story centers around them, using a modified version of airoscript to launch trough wine a windows application that they promised it’ll be open source, and the windows binary it’s been out for two months, the sources are still closed.
This post is to make clear I dont have anything to do with that airoscript version, neither me or the aircrack-ng team, we don’t include barely-legal, not-open source windows-only applications.
I saw this as a totatl discortesy and an insult, and they just banned me, after insulting all my region, by telling a (ok, it was a troll) troll from my region that we were from “cromañolandia”, something like cromañoland.
So, I personally offered help to chinitiw, (probably the one who made that abomination in airoscript, but nevermid) and some others, personally, apart from the seguridadwireless community. I tell it now: I’m not using wifislax, never, neither trusting their community.
I’ll continue making good open source projects while they continue doing whatever they call it.
Breaking tuenti privacy
Working late on the downgrade hacklab Ruffo and Nineain, we saw some similarities between profile image url and standard image url.
Never tough tuenti whould have such a stupid problem in their profile privacity, analising the url of the images and the url of the little profile unaccesible image we managed to get the full image from there, just deleting the first hash and what we believe is an identification of the image type, and there we go, we get the full image for a non-friend profile.
For now the code to download a profile image is part of the tuenti on-going library, available for all in
http://xayon.net/oN
strainer=SoupStrainer('div', {"class" : "h"})
name=unicode([tag for tag in BeautifulSoup(response, parseOnlyThese=strainer)][0].string).encode('utf-8') reg=re.search('http://perfiles(.*).tuenti.net/(.*)" alt', response)
a=reg.group(2).split('/')
url = "http://imagenes2.tuenti.net/%s/%s/%s/600/%s/%s/%s" %(a[1],a[2],a[3],a[5],a[6],a[7])
thread.start_new_thread(os.system, ('wget -O "%s_%s.jpg " %s' %(name, id_, url),))
I got all div with “h” class to get the name, then make a regex to look for the profile image url, and re-create the new image (note: I use thread to make downloads parallell, this can be a little tricky on slow computers)
This is all the code quality I managed to do at 4:00am, so don’t worry, I’ll make the code better.
Integrating android with irssi
Ok, so you have an android phone and you’re an avid irssi user, right now, there’s no irssi for the android platform, so you’ll need an ssh server with irssi, I recomend screen (read my previous posts) to keep irssi running.
To integrate android with irssi, install the connectbot-irssi app on the android that will give you some extra keys (as ctrl) that you can use to control irssi and screen.
But, wait! There’s more, you can control irssi with the touch screen with a single irssi plugin!
The plugin itself is called “mouse”, just that, the plugin that allows mouse gestures also works for the android touch screen, you can make a custom config (I recommend you so), it’s on the irssi-scripts package in debian.
To load it, just execute from within irssi:
/script load mouse
And so, you’re ready for it, connect to your server and test changing the channels by sliding your finger right to left and so.
How to live with the console as a god like myself
Hi there, I’m here to show you my god-like console skills. No, really, I’ve worked hard on having a full, centralized, console-based Personal Information Manager and I’m willing to share all that knowledge, so, read and profit!
First of all, let’s define the concept of pim, let’s see what we need…
- Mail User Agent
- Contact Manager
- Calendar / Journal
- Event manager
- Instant messaging (not part of a standard PIM, but integrated in mine)
For that, I’ll use Vim (with journal plugin, and editing the remind file), Mutt (with abook), and irssi (with bitlbee). I’ve that enclosed on a screen session. In a near future I’ll explain how to integrate it with android.
Why did I open this weblog?
I’ve been wondering myself why I’ve just opened this blog. The reason seems to be pretty simple: to write stuff.
I’ll have two blogs, one, http://www.degeneratedlabs.net will be dedicated to security, and this one, well, I’ll put some of my work, some ideas, code, everything my mind can puke.
