Who's down for a trip to Springfield, MO this weekend?

Midwest-region hackers.

Darren from Hak5 will be kicking it in Springfield, MO this weekend (April 24-29th, actually) and I'm planning on heading down there to hang out, get a few drinks, and what have you. Drop a comment and I'll try to get more info to you.

Shell script for Flickr/Blogger Goodness

Embed your Flickr images into blogger while linking to their page (as opposed to just the image itself). Like this (not my image, just an interesting one I found):



Just edit the flickrbase url in the script, and enjoy. Run the script with the image URL in the command-line, and it gives you the HTML to paste into blogger.

Note, this won't link to other peoples' flickr pages as-is, nor can it tell you the username for any given flickr image. If you want to embed someone else's flickr images, you'll need to edit the flickrbase url to match that of the person whose images you wish to use. Although I don't advise shameless ripping of other peoples' stuff.

Script is available here:
http://stuff.h-i-r.net/blogstuff/fr.sh

Why high-sec locks are pickable

Ross Kinard put out this paper on high sec locks earlier this month (found via [blackbag] today).

It outlines why several high-security locks are still vulnerable to manipulation and picking. Although it's often a more complex task to pick a Medeco or a Mul-T-Lock, the same flaws in manufacturing and normal wear end up creating many of the same vulnerabilities. It's just more difficult to pick these locks because there are more hoops to jump through, if you will.

Ross discusses the Two-Stage method of unlocking -- something that few lock manufacturers employ -- and why it's crucial to making a lock more difficult to pick. Ross uses Abloy's Disc Blocking System as an example of a very strong system that is highly resistant to straight-forward manipulation attacks.

If you like physical security, lockpicking, high-res photos of locky goodness and technical diagrams, this is a great read. It's not terribly verbose, either. I think it also goes without saying that Blackbag belongs in your RSS reader. Right now.

Hak.5 - Shmoocon Special

The Hak.5 guys went to Shmoocon and pumped out an hour.5 long interview with five high-profile hackers. Vista (in)security, GSM Cracking, SSD/Flash data recovery, and the new version of BackTrack are covered, among other things. It's worth a watch, but don't get caught slacking off at work! An hour and a half is a long lunch break.

Hak.5 Season 3 Ep. 8

Exploiting Online Games

Kansas City native game hacker, tinkerer and developer Josh Kriegshauser discussed Greg Hoglund and Gary McGraw's book, Exploiting Online Games.  Josh is an old friend, former co-worker, and former classmate to various HiR writers.  He went from tinkering with Ultima Online while he was in school, to being a big name in the MMO industry in the last decade.  

I found Josh's discussion about the book interesting, and thought I'd share it here.  I'm definitely not a gamer in any sense of the word, but things like this interest me enough that I'm seriously considering picking up a copy.