Zac's Blog
An equal mix of development stories (mostly the what-went-wrongs), short news posts, and feature announcements, together with the occasional grand pronouncements on the state of tech or the ethics of creation.
An equal mix of development stories (mostly the what-went-wrongs), short news posts, and feature announcements, together with the occasional grand pronouncements on the state of tech or the ethics of creation.
2024-04-22 00:00:00 -0500
In a previous post, I was pretty clear that new projects and new subject areas were coming to Arcana Labs. While part of that is going to be a bit of an overhaul to the site to support it and make it more portfolio than business, I do have one small announcement I wanted to make before I dig into that heavy lift.
2024-04-07 00:00:00 -0500
This post is a long time in coming, but march was a bit of a trip. Things are changing and moving around in my personal and professional life, and that means the Lab’s nature is changing to. Welcome to reality, everyone - the only constant is change.
2024-02-27 05:00:00 -0600
It’s not just you - for the last several months I’ve been talking about pretty much exclusively the 0.4.0 firmware update for PETI, and with such a close eye on that (admittedly large) prize, it can be hard to see where the rest of the project is going. That’s why, for this week’s blog post, I want to take a step back, and look at the current roadmap for updates that should lead us more or less all the way up to the 1.0 firmware update - the “release” version.
2024-02-06 05:00:00 -0600
Just last time, I talked about how I’ve been working on making some changes to how fonts are handled in PETI; specifically, switching to a more standard font “source” format that would allow more choice on the developer end, insofar as what tools would be usable for editing the fotns. We chiefly did this by creating a FontX2-format exporter for the older fontedit editor, since fontx2 is a relatively simple bitmap font format used by lots of other embedded devlopers, and usable for quite a few different font editors. The simplicity of the format gave me a pretty clear idea for how to get the fonts included directly into PETI’s source code, which itself gave me some ideas for working toward one of the loftier end-goals of the project.
2024-01-24 05:00:00 -0600
When it comes to PETI firmware updates, it’s a small secret that they rarely come out according to plan. The next firmware update, 0.4.0, is no exception - dedicated readers will remember that I had originally promised that release by Christmas, on the heels of a mid-autumn release of the current version, 0.3.0. The update was supposed to support the ability for the pet to sleep and for the implementation of the game’s native evolution system, so it should come as no small shock to anyone that in actual fact its being blocked by - font development. If that doesn’t seem to make sense to you, jump below the cut and we’ll have a look at what’s going on here.
2024-01-18 05:00:00 -0600
Those who keep a weather eye on the horizon that is the Lab Discord’s Announcements Channel will be less shocked by this news than others, but around Christmas time last year I got entirely too fed up with the use of my twitch profile to try and bankroll the lab, and I made a lot of grumbly noises about needing to change that pathway. Friends, let me bet the first to tell you that I’ve finally followed through on that mechanism.
2024-01-04 05:00:00 -0600
Tapestry is the oldest code project of mine that can be said to fall under the Arcana Labs umbrella - in fact, it’s so old that the project itself has persisted through two full rebrands and renamings of the lab - Kensho Security Labs, and Patch Savage Labs before that. While I’m sure I’m now its only continuous user, the fact remains it is, at least for me, a profoundly useful backup utility… when it works… and sadly, it no longer works.
2023-12-20 05:00:00 -0600
Tapestry is the oldest code project of mine that can be said to fall under the Arcana Labs umbrella - in fact, it’s so old that the project itself has persisted through two full rebrands and renamings of the lab - Kensho Security Labs, and Patch Savage Labs before that. While I’m sure I’m now its only continuous user, the fact remains it is, at least for me, a profoundly useful backup utility… when it works.
2023-12-03 05:00:00 -0600
Our major project, PETI, was supposed to recieve a major firmware update “around christmastime” that was going to add in two new major features: the ability for the pet to sleep (including a battery-saving mode to shut off the screen after a while while it’s sleeping) and the ability for the pet to evolve from one form to another. I started creating that update two months ago, back around mid-october, hot on the heals of the 0.3.0 firmware update, and I’m bundling in a large number of bugfixes to go with it, such as issues that were silently introduced with the previous firmware updates that had to do with handling higher-address fonts and stuff like that. The release of 0.4.0 was going to be a major feather in my cap, done on time - it would have marked the first time since the start of the project I’d actually managed a quarterly feature update, and sleep and evolution were the last two major features that were considered part of the magic version 1.0 milestone set; everything else after this is window dressing, tweaks, and refinements, with the only major feature to release after this being the expansion header standards, which are a stretch goal onto the project anyway.
2023-10-17 05:00:00 -0500
Having finally decided to get off my backside over the last few weeks and make the templating changes that would let me make a proper project page for the Model II, I have decided that this is as good a time as any to go ahead and do a follow up blog post to the series from last summer on the Model II. It’s been over a year since I put that keyboard into use and I used it for most of that year, so let’s talk about what worked, didn’t, and what comes next for that project if I want to really get my money’s worth out of it.
2023-10-08 05:00:00 -0500
Back in May of this year, we made some announcements about more or less spinning down portions of the lab. Now, we’re reversing that decision, and taking the time to announce some other new efforts coming to the lab in the year to come.
2023-10-04 05:00:00 -0500
A few weeks ago, I published the PETI 0.3.0 firmware update! This update included mostly power management changes and display driver fixes. Here’s a quick look at how to get it, what it does, and what’s coming next in 0.4.0, which I’m hoping to get out later this year.
2023-09-08 08:00:00 -0500
I set an incredibly light and easy goal for myself going into the first month or two of fall 2023: fix the power management problem that is reducing battery life to about 10% of what my back-of-the-napkin math had me expecting it to be. The culpret seemed immediately obvious: clearly, we are writing to the display too often.
2023-08-18 08:32:00 -0500
This announcement here, on my own site, is actually a couple weeks late, but I finally got around to finishing the service manuals for the PETI development kit and making the development kits available on Tindie as DIY assembly kits! In part due to the through-hole design making assembly easy (though a tad prohibitively time-expensive when doing large numbers of them) and TI’s licensing around what I can and cannot do with the development hardware they themselves designed that make up part of the kit, I decided to opt for the route of selling the Development Kits as Do It Yourself kits consising of the PCBs for the Controller Board and the Rear Expansion Board.
2023-05-23 08:30:00 -0500
Today we’ll talk about something changing around the lab, dive fairly deep in to the state of our currently-flagship project, PETI, and drill down into some side projects for the back half of the year. We start in with bad news and then it just gets better and better as you go, so tear the proverbial bandage off under the cut.
2023-02-27 06:30:00 -0600
Last time I wrote a fair bit on the idea of productivity. I think I even took some time to explain that I was counting the winter out from actively pushing on technical projects - which hasn’t been entirely true - and focusing instead on “Rest and Preparation”. For better or worse, I’ve ultimately done far more of the latter than the former, so I find myself walking into a spring meant to “Spring Forth” but feeling instead like what I really need is a “spring break”. Why? Rest is more than it seems.
2023-02-04 06:30:00 -0600
As I mentioned in the last post, I’ve been taking the winter season as a general period of rest and relaxation. Part of that has been putting a lot of thought into the ideas of “wellness” and “productivity”, which are both pretty loaded terms in common parlance, much to my annoyance.
2023-01-11 06:30:00 -0600
As a bit of a new experiment, for this year when doing my quarterly goalsetting and planning I’ve decided to also bear in mind two additional ideas: CGPGrey’s Themes-over-Resolutions Framework and Seasonality. In our part of the world, it’s currently meteorlogical winter; a time when the animals that can’t just escape to the global south are resting, and the seeds of plants like Lavender, Lupines, Sage, and a whole lot of bulbs are currently stuck in the ground halfway froze solid, biding their time for an inevitable explosion of vitality come spring. I like this imagery a lot. It helps me hold on to an understanding of the importance of a desperately miserable season while I’m stuck in a body with a brain that goes completely haywire once we start to enter astronomical winter and lose all our daylight.
2022-11-29 06:30:00 -0600
Last week in our quarterly update post I mentioned implementing a Mersenne Twister for PETI. This was a bald-faced lie, made possible by not consulting my notes. A Mersenne Twister would have been much more effective than the Linear Congruential Generator I implemented instead. I want to talk about how we got there, as well as what is wrong with it.
2022-11-23 07:30:00 -0600
Turns out the autumn was mostly a low point for us, but be that as it may, some things actually did get done here in the labs. There was work done on all of our major projects as well as new possible projects and improvements identified, not least of all being an action plan for PETI and a possible “feature” update to Tapestry. Click through to see what’s been going on and what we’re planning over the winter.
2022-08-21 07:30:00 -0500
It’s been quite a while since the last time I provided an update on any of the active and upcoming projects at Arcana Labs, and part of that is the busy summer. We’re going to have a quick little chat here about projects like the Model 2, PETI, Illuminated Arcana, livestreams, and even a new project.
2022-07-19 07:30:00 -0500
The first two articles in this series talked about designing and building a mechanical keyboard - the Arcana Labs Model 2. This is a speciality keyboard that I custom designed to fit a very specific set of space and functionality constraints, and while a fair amount of work went into meeting those constraints broadly, there was a lot that did go wrong from a design perspective before laser ever met stock and solder ever met iron.
2022-07-14 07:30:00 -0500
Earlier on, I discussed the process I went through trying to design the Arcana Labs Model 2, a specialty mechanical keyboard that had to fit a space constraint while also including some kind of pointing device. That post dealt largely with the process of design at a high level; how I came up with the necessary constraints, and what tools I used to facilitate things. This post is going to deal with assembly, as well as the process of getting the firmware working.
2022-07-12 04:30:00 -0500
Enterprise operations having been interrupted by the sudden disappearance or modification of a FOSS dependancy happens so often that we have a term for it - a “leftpad moment”. Industry got a reminder of this yesterday when the developer of popular python module atomicwrites pulled their file in response to security policy changes from PyPI.
2022-07-11 01:30:00 -0500
If you’re a member of the #secret_projects_chan on the Arcana Labs Discord or have been following me on twitter for any real length of time, you probably know that I have been designing and building a mechanical keyboard; a project I’ve been working on for the better part of half a year. As is tradition for secret projects, now that it’s more or less complete, I’m documenting it retroactively in a small series of posts on the site. This post is about the process I went through in order to design the keyboard, both conceptually and in real, preparing-for-manufacture terms.
2022-04-25 16:30:00 -0500
I’m not going to pretend to be quite as old as the internet. For one thing, I have friends who are as old as the internet. For another thing, we’d have to define what I mean by internet at that point, and that’d be tedious. I am, however, Old Enough To Know Better, and in the spirit of manually regressing to my childhood habits, I’m about to spew some OpinionsTM on today’s news of a takeover of twitter by Elon Musk.
2022-04-17 09:30:00 -0500
Frequent fliers in the lab are likely familiar with the practice of “lab nights” here, where I was (nominally) regularly hosting a live-streamed work session on my twitch channel - so much so that one of the Illuminated Arcana flags is actually hidden in the most recent video on that channel. This practice has had its upsides and downsides.
2022-04-12 05:30:00 -0500
If you’ve noticed there haven’t been any lab notes in the last little while, you’d be right, and there’s a very simple reason for that - there’s not really been any Lab Activities since the last one. Well, okay, maybe one small thing.
2022-03-15 06:30:00 -0500
One of the great truisms of making things (the precise definitions of ‘making’ and ‘things’ being surprisingly flexible) is that there’s always room for a nice side project, and since the last update on PETI, that’s exactly what I’ve been working on. A short time ago I acquired a Saleae Logic 8 USB Logic Analyzer, and while it’s sort of pushing the envelope of what a logic analyzer is used for, I decided to take the opportunity to stretch its functionality into a sorely needed utility - video capture for PETI’s main display over USB.
2022-03-03 09:30:00 -0600
Was there a firmware update to PETI? I must have done a refactor of the Display driver code. It’s sort of a tradition at this point, but to be fair it’s not the totality of the 0.1.0 firmware update. Let’s see what’s new.
2022-02-14 10:30:00 -0600
Getting flexed on by the James Webb Space Telescope, turning AnComm Simulator into even more of a chore, turning your helpful FDM robot into a helpful SMD robot, an itty bitty Kaiju, the sudden appearance of a Shining Trapezohedron, and one or two more, all under the cut.
2022-02-11 09:00:00 -0600
It’s not necessarily what you’d expect me to be working on in the weeks immediately following getting my hands on the prototypes of the rear expansion board, but it turns out that implementing at least a proof-of-concept version of the alert drivers took about four hours, and I’m ready to move on to something that was done wrong the last time it was implemented; the display refactor. Click through to the full article for some details.
2022-01-31 09:00:00 -0600
As something sort of new, and since a busy work life has made it harder to work on PETI (which has made it harder to grab lab notes), I’ve taken the time to collate a list of the cool things I found this week. I want to make this a regular feature going forward; maybe weekly might not hold the water, but that’s the idea for now.
2022-01-16 15:00:00 -0600
Members of the #PETI channel on the Arcana Labs Discord Server may have already known this, but late last year I developed a plan to sell a small number of PETI Development Kits early. The plan was to have my prototype of the Rear Expansion Board milled, then either assemble or package them as kits together with the necessary components, TI Launchpad for MSP430FR5994, and other accessory boards. The idea was that if I sold the small number of extras I would have from that particular PCBWay order, it would help defray costs going into the last little streth of development.
2021-12-30 05:00:00 -0600
The categorization features of the site sort of discourage it, but I thought I might go ahead and put together a sort of year-end megapost and just recap everything. Everything. Because why not? Jump through the cut and we’ll take a stroll down past and future a bit here.
2021-12-01 05:00:00 -0600
What’s it been, the better part of a month? Three weeks? Time flies. A lot has happened around the lab in those three weeks: PETI got a new version, I broke some stuff, and I fixed some stuff. Hop in to see the full update.
2021-11-10 05:00:00 -0600
Considering I called this punch during the previous update, it should come as no real surprise to anyone that the most recent release of PETI code, v 0.0.5, is mostly about menus. Indeed, you could even go so far as to call it as the Menu Update. In this update, we’ve added the custom menu that displays the pet’s current status, as well as the all-important text menu generator, which will let us avoid making too many more special-purpose menus.
2021-10-31 09:00:00 -0500
Last Time Around, we talked a little bit about the hardware backplane and audio. Spoiler alert: that is now a solved problem. While PETI itself doesn’t use it, I’ve proofed the timing circuit and I’ll be ordering those boards eventually, which will be a good time to talk about that a bit more and implement it into the PETI software itself. Instead, I’ve been putting work into solving a problem with the main menu screen: drawing the icon-based main game menu, released as PETI firmware v 0.0.4.
2021-09-14 09:00:00 -0500
As you probably recall from the previous update, the last little push for the PETI development kit is the “back board”, an extra expansion on the existing dev kit that will add key functionality like the battery pack to the device. One such feature is the ability to do auditory alters via a small speaker. In the true spirit of known and unknown unknowns, I went 100% Dunning-Kreuger and decided that this would be relatively trivial, and since it was the part of the back circuit I understood the least, it would be the first part of the board I would proof the concept of.
2021-08-27 09:00:00 -0500
Wasn’t there an update for Tapestry coming out this month? Weren’t you going to keep working on PETI? Did anything get done at the labs, come to think of it? Actually, yeah. Lots of things have happened. Let’s talk about those.
2021-07-27 14:00:00 -0500
Circumstance and mood have conspired to make this, the final week of July, on of two periods of paid leave from work which I’ll be able to take this summer. As a result, I spent monday night and a good chunk of yesterday updating and recompiling PETI’s firmware. Last night I published this firmware update’s source [here (permalink)] as the 0.0.3 release. This version adds a new demo functionality, replacing the old demo with a menu which allows you to cycle through the various forms PETI can take, and view all four of their currently-supported animations: idle, face right, face left, and eating. I’ll go back through and add support for the sleeping animation at around the same time I add sleeping into the game.
2021-07-01 08:00:00 -0500
Tapestery is probably the oldest project most Arcana Labs followers would remember me working on. It began two iterations of identity ago, back when this was “Patch Savage Labs”, followed through the Kensho Security Labs Rebrand, and three jobs and several years later, it’s still with us - a bespoke backup utility nobody asked for.
2021-06-11 08:00:00 -0500
PETI has a text-based interface; I think I’ve said that enough times by now for everyone to have it burned into their brain, but in case I haven’t - almost everything PETI can display on its screen is functionally text, in that it is comprised of cells of a given size (8 by 8, 8 by 12, or 16 by 16 pixels), and the display library treats each row of such cells as a string of text, referencing a font to determine which pixels to turn on or off depending on the size needed. This places some constraints and labouriousness on managing the display which I want to talk about today, because it’s what I’ve been working on.
2021-05-13 08:00:00 -0500
While calling it an operating system is overstating the complexity involved dramatically, the fact remains that I have had a very productive week in that the two most convoluted portions of the PETI firmware is now in place - the two systems which manage the central game state object and decide what is drawn on the screen and when. Step on through and we’ll talk about how that was done, and the pitfalls I found along the way.
2021-05-04 23:00:00 -0500
24 hours ago, I was absolutely certain I had attained a dubious electrical engineering right of passage, and blown up my first development board. I was certain of this because I had tested it extensively. Twelve hours ago, I learned I was wrong.
2021-04-22 16:00:00 -0500
It’s been a while since I’ve done an update on PETI, the implemented-in-hardware virtual pet I’ve been designing, and that’s true for a very good reason: I’ve taken and killed it, stone dead.
2021-04-16 22:00:00 -0500
While it started as a one-day-build (itself taking several saturday afternoon livestreams), Pyminder is quickly becoming an Actual Project, at least in the sense of needing iterative refinement. I’m not sure anything I’ve ever written - code or otherwise - has stood without revision, so I suppose I should not be surprised. One of those improvements - perhaps the most pressing - has been updating the pyminder code to support the use of TLS.
2021-03-20 22:15:00 -0500
Over the last few days I’ve taken the decision to entirely rebrand Kensho Security Labs as Arcana Labs. While the full set of changes will take (knowing me) a few months to implement, I wanted to talk right away about why the name is changing and what the rebrand means for our projects, as the decision was not taken lightly or trivially.
2021-02-11 16:00:00 -0600
People who follow along on social media might have noticed that I have been livestreaming a software project I’m working on that involves using a Raspberry Pi 3A+ and a Pimoroni GFX Hat to let me, effectively, run cron jobs that print messages to the LCD based on their results. I’ve been doing so using the popular python module Flask to expose a RESTful API, which isn’t exactly secured in the current implementation, and I’ve been doing that for a very particular reason: this is a local-host only service on a lab-facing device.
2021-02-05 22:15:00 -0600
Recently - this very morning, in fact - it was suggested that I move credential storage for Tapestry out of the “no, you’re not allowed” space and into the local system keyring by use of the python library module of the same name. After a quick review I decided I would, and the current version of the development code for Tapestry already includes the necessary changes. I did however want to talk about why this decision was made and why you may or may not want to use it.
2021-01-17 10:00:00 -0600
If you follow me on twitter, or made the inference from my december posts, you’re probably aware that I’ve taken delivery of the new lab machine and I’m in the process of provisioning it. In a sense, this post is partly a proof of concept that most of that provisioning work is done on the linux side of the machine, but it’s also an able distraction from a highly frustrating technical week - which means it’s going to be a little different from our usual content. Don’t worry though. Skip to the bottom for a general lab update.
2020-12-24 11:30:00 -0600
Just a few moments ago, I finally set (the PETI and PETI-Helpers repos)[https://github.com/zadammac/peti] public! This update has been a long time coming, but it’s also not the end of this project. In a way, it’s merely the beginning.
2020-12-07 11:30:00 -0600
Over this weekend, as you may have read, I suffered a catastrophic drive failure that lead to more or less burning the whole weekend on restoring my laptop to function and recovering from the failure. Amusingly, for someone who literally developed custom backup software, this went much worse than intended and resulted in the most recent recoverable state being roughly this exact date last year. Woops!
2020-12-06 19:15:00 -0600
Late on saturday night, I was preparing to do a livestream with a few friends wherein we were going to hang out and be creative in our various idiosyncratic ways. Part of this process, in this instances, involved using a particularly janky technologies stack to use my phone’s camera as the webcam output for the live stream through discord. This is a sane and safe thing to do - I’ve done it a number of times in the past - and then it happened.
2020-11-25 23:15:00 -0600
Two weeks? More or less. We’re on company time, after all.
2020-11-08 23:15:00 -0600
I’m about 90% certain that at some point not that long ago I said I was going to update this blog more often going forward, but here we are, back on the ‘once a month, more or less’ update cadence. And on the one hand that probably bears some leverage for an apology, but on the other hand, it’s exactly what I want to talk about. But before that, let’s do the actual LabNotes update on both our active projects: PETI and Yosegi!
2020-10-02 20:15:00 -0500
Last time we talked about PETI, I spent a few hundred words bloviating over getting trapped in a state of not having an ISR to handle an Interrupt that I couldn’t resolve because it didn’t occur during debugging, and thus couldn’t be identified. To be honest, I still haven’t identified the relevant interrupt. What I did do, though, was heavily troubleshoot my SPI_WriteLine function, resolving whatever issue was raising the interrupt in the process, so close enough.
2020-09-15 22:30:00 -0500
Over the last two weeks (read: about half a dozen lab hours) I’ve manage to break my stalemate on PETI. For those keeping track, I have been fiendishly attempting to not have to engineer a display driver by instead porting a display driver so badly that I’ve rewritten much of its functionality essentially from scratch.
2020-09-01 22:30:00 -0500
You wouldn’t think a one-man lab had quarters… and truth be told, we really sort of don’t. Since Kensho Security Labs has never actually turned over any revenue, it doesn’t qualify for registration as a business and doesn’t have a fiscal year. That said, I’ve long cultivated a personal habit of chopping the year up broadly into quarters and acting upon that, which is something I’ve written upon extensively in the past. As might have been appropriate to help end the spiral of burnout that was late July and much of August, I’ve been going through one of those quarterly planning processes. A lot of it has touched upon what I wanted to do for Kensho Sec, so I thought it’d be a good time to make some announcements - in lieu of lab notes, of which I have none.
2020-08-25 21:55:00 -0500
As I’m sure is the case the corporate world over, or at least in North America, August can be a zany time. The dog days of summer are peak PTO hours, which means everyone and their dog are taking their leave, myself included. The practical upshot of this was that I was insanely busy for much of august, and while I was on PTO last week, it didn’t leave a ton of energy for serious projects - just a bit of light gaming and a brief dabble with the first Yosegi box, Rokkakei.
2020-08-04 23:00:00 -0500
It’s been a while since I’ve done a lab update, hasn’t it? Always the way. The problem here is that I haven’t been working on PETI much - it requires some significant set-up to get started on, and you have to be in the mood for bashing your head against undiagnosable SPI issues. I have a few pet theories (and a few dumb hacks to try and provide more visibility into that bus), but I haven’t had the time to really act on them yet, just due to all the limitations here at home.
2020-07-18 23:00:00 -0500
As I mentioned in last week’s lab notes, I was gated behind purchasing some textbooks before I could make much more headway on PETI. Thanks to a fortunate and well-timed Humble Book Bundle, I was able to get not just the documentation I needed but a wealth of other materials that I’m sure will be useful moving forward. I also took the downtime to start laying in the groundwork for a new long-term project and initiative for Kensho Security Labs, which I’ll detail below.
2020-07-13 09:00:00 -0500
Since last week’s lab notes went out, with the exception of more or less wrapping up the server redesign, I’ve essentially been working on PETI to the exclusion of all other tech projects. Embedded is new hat for me, as is the C programming language which the TI assembler uses to program the Texas Instruments MP430 which will form this thing’s brain.
2020-07-06 00:30:00 -0500
As I alluded to in yesterday’s Lab Notes update, I was revisiting my web development and service stack. Previously, I had a two-machine approach to doing development and hosting for Kensho Security Labs and Sanity Line, where I was doing most of the development in a highly simplified local apache arrangement, and hosting the resulting static sites using my improvised server.
2020-07-05 09:16:00 -0500
Several friends of the Lab have suggested I blog more about all the various projects I’m working on at KSL, whether those projects are ready for release or not. This is actually sort of a return to the origin of the blog - if you dive into the archives you’ll find plenty of notes on projects that never quite got of the ground - like Tarnished Tale.
2020-05-09 19:00:00 -0500
Obscurity is a HackTheBox machine that was recently retired from their active selection, but is still playable on the VIP networks. I decided to make an attack on Obscurity back in January, when I decided that I was going to spend a good chunk of 2020 coding less and hacking more.
2020-05-05 13:00:00 -0500
OpenAdmin is a HackTheBox machine that was recently retired from their active selection, but is still playable on the VIP networks. I decided to make an attack on Obscurity back in April 2020, as part of my general effort to get better at this sort of thing.
2020-04-19 15:30:00 -0500
If I’m likely to be known for anything, it’s probably the magpie-like way in which I acquire new projects to work on. I’ve always been a bit of a classical overachiever, perhaps not in the sense of actual achievements, but in the sense of attempting to achieve many things at once. Longtime followers of this blog, or people who know me in really any way, are no doubt well aware that at any given point in time I’m working on several things at once: two or three coding projects, something I want to build, some new skill to develop, or even just a few complicated tasks in open world games.
2020-04-03 08:30:00 -0500
The recent changes to the way we socialize, as we all helpfully isolate ourselves in order to combat the spread of SARS-Cov-2 and the COVID-19 it spreads, have forced a lot of us into being much more “online” than we typically were before. For many, the most obvious change has been the adoption of personal teleconferencing through platforms like Zoom, Skype, and so-forth.
2019-12-19 23:00:00 -0600
It’s been a little over a year since I embarked on a project I was referring to as Enumpi - a project that’s been through the better part of half a dozen design iterations since then. I’ve talked about Enumpi here before - repeatedly - and at length regarding its design and how the project had become complex enough to warrant being handled as three seperate projects.
2019-11-25 08:00:00 -0600
Around this time last year, as a joke that roughly corresponded with the anniversary of the birth of the man who headed the design of the damn thing, I implemented a general solution that was meant to account for most models of the Enigma cipher machine. Enigma is a polyalphabetic substitution cipher of some renown for its use by the THird Reich during WWII, and breaking the enigma is considered a seminal point in both the allied odds of victory for that war, and the history of general computing. This is a story told well by better and I strongly encourage you to break into it.
2019-11-15 15:00:00 -0600
Around this time last year, I embarked on a project to create a set-it-and-forget-it network enumeration device using the Raspberry Pi 3 platform, which I detailed in two guides, here and here. While the version of the EnumPi that this project produced was roughly suitable to the intended use case, the project itself really got me thinking about generalizing the solution and making it a bit more robust.
2019-10-19 22:30:00 -0500
One of the great things about the most popular linux distros for the desktop right now is that they all work more or less out of the box. This is great for people like me, who are just looking for a quick, relatively free, no-cost OS in order to get up off the ground and start working right away. For a few years now, my daily driver had been Ubuntu. But with the 18.04 LTS release, I started becoming more aware of the limitations of the operating system. For the past few months I’ve been pondering a change, and today, I bit the proverbial bullet and transitioned my daily driver, now known as Nostromo (a somewhat-modified Lenovo IdeaPad 310), to Devuan.
2019-10-13 18:30:00 -0500
By far the biggest project being worked on right now at Kensho Security Labs is not Tapestry, but Enumpi. But that doesn’t mean we’ve let Tapestry fall completely by the website. We just released version 2.0.2 of the software, bringing some admittedly-minor changes to the software that brings you safe, secure, store-anywhere backup functionality. All we did, really, was add a few functional bypasses called when the program is in testing mode to allow bypassing some forced interaction steps.
2019-09-15 19:00:00 -0500
Of the various projects underway at Kensho Security Labs, Tapestry is probably both the flagship project and the most mature codebase. To date, the project has seen some 14 releases across 471 commits on master.
2019-04-20 19:00:00 -0500
Teacher was the first HackTheBox machine I attempted to pwn after creating the Enumpi, my (primitive) network enumeration tool. Because of that, I figured out extremely quickly that it was hosting something I’m actually really familiar with through my day job - a Learning Management System. This was one of the harder boxes I’ve worked on to date, mostly because it really was designed around working you back down to basics. Everything from initial foothold exploitation to finally getting the root flag took ages (around two month’s worth of Sundays), all because it relied on really basic information that I just didn’t have fully grocked. It was a highly valuable experience, and my recommendation to you if you have VIP is to dig the machine out of retirement and give it a test yourself. You’ll be glad you did.
2019-04-17 18:00:00 -0500
Tapestry 2.0 was released yesterday, and while I slapped together a quick release on the topic at the time, I wanted to follow along that idea with a “lessons learned” retrospective on our testing and development process.
2019-04-16 18:00:00 -0500
Tapestry 2.0 was released this afternoon. I wanted to throw together a quick blog post about it so that I could plug the new features, explain the major changes, and drop some hints about what we might see in future releases (and when we might expect those). A future blog post is going to offer a retrospective on the 2.0.0 rewrite as a project in its own right!
2019-03-23 00:00:00 -0500
layout: post title: “HTB Post-Root Writeup: Frolic” date: 2019-03-23 08:00 -300 categories: HTB —-
2019-03-08 00:00:00 -0600
layout: post title: “Tapestry 2.0 Releasing Soon!” date: 2019-02-08 23:00 -400 categories: Tapestry —-
2019-01-25 00:00:00 -0600
layout: post title: “Soft Skills for Technicals” date: 2019-01-22 23:00 -400 categories: General —-
2018-10-22 00:00:00 -0500
layout: post title: “Open Letter Regarding the New SQLite CoC” date: 2018-10-22 10:00 -300 categories: Tapestry —-
2018-09-20 00:00:00 -0500
layout: post title: “Tapestry 1.1 and 2.0 News!” date: 2018-09-20 10:00 -300 categories: Tapestry —
2018-08-06 21:00:00 -0500
I got into software development the long way around, but I did it for a reason.
2018-07-25 17:00:00 -0500
As is often the case with aspiring and current Security Professionals, I’m something of a security enthusiast. This makes itself fairly well known if you ever get within about ten feet of my laptop - it’s absolutely bedecked with stickers from the EFF proclaiming my dissent for unsupervised search and my believe that privacy is a universal right. This usually leads to at least one or two eyebrows getting raised, and there’s almost always a conversation that follows - one I rarely articulate well.
2018-06-04 12:00:00 -0500
For a young infosec guy without industry experience, lviging somewhere where the industry barely exists, few options are immediately available to ply your trade besides freelancing. Being under-networked, this meant spinning up a Fiverr profile and essentially hoping for the best. I didn’t take the pursuit especially seriously. I was busy, with Tarnished Tale, Tapestry, and trying to find work more permanent than my soon-to-expire contract with Computers For Schools.
2018-06-04 12:00:00 -0500
For a young infosec guy without industry experience, lviging somewhere where the industry barely exists, few options are immediately available to ply your trade besides freelancing. Being under-networked, this meant spinning up a Fiverr profile and essentially hoping for the best. I didn’t take the pursuit especially seriously. I was busy, with Tarnished Tale, Tapestry, and trying to find work more permanent than my soon-to-expire contract with Computers For Schools.
2018-05-20 09:00:00 -0500
For locksport enthusiasts or others with an interest in physical security (or security in general, for that matter), no phrase comes in as frustrating a sentiment as “Locks are for honest people.” While the statement is true, the sentiment with which it is usually proclaimed is a misguided and dangerous attitude. Dangerous, because those who believe it often take inappropriate measures on the basis of its advice. On the backbone of this sentiment, we have become a society that expects, and even accepts, our physical security practice to be compromised. But, just as there is more to driving than a car, there is more to security than merely a lock.
2018-05-01 13:00:00 -0500
While they’re few and far between, I know at least a few other streamers who use OBS Studio with linux in order to livestream or screen-capture whatever it is they are trying to record. Some of you probably even use Ubuntu, and if, like me, they just upgraded to Ubuntu 18.04, there’s a distinct possibility they broke some of their capture system!
2018-04-26 13:00:00 -0500
Key Escrow is the formal name for a design of cryptographic system which includes what some people call a “Golden Key.” It refers to any crypto system where a master key could be used to bypass the security provided by individual user’s keys.
2018-03-03 20:00:00 -0600
2018-03-03 20:00:00 -0600
Don’t call me Shirley.
2018-01-31 20:30:00 -0600
2018-01-21 20:00:00 -0600
In a sense that’s actually true. Tapestry’s purpose was to create an absolutely-trusted backup. That is to say, a user familiar with the program’s operation can create a backup with trust it has not leaked data, store it with trust that it is illegible to remote users, and recover it in the trust it has not been tampered with. However, this approach works precisely because it discards trust in as many factors as possible.
2018-01-13 11:30:00 -0600
Biometrics as a security technology has been in the public eye for some time now (at least since my childhood in the 90s), but it’s back in vogue now with the advent of new technologies, such as facial recognition, which were recently widely adopted by Apple in their new iOS devices, and less recently by Android developers around four or five years ago, when it started showing up on their devices. It’s sort of the epitome of security technology. We can do away with cumbersome password-based authentication because no two people have the same face/fingerprints/DNA/whatever.
2017-12-31 08:30:00 -0600
Today is the end of a lot. For one, it’s the end of the calendar year - a year a lot of us consider to be suboptimal. It’s also the end of an era - tomorrow I’m participating in the very last service Vault 29 will ever carry out.
2017-12-26 08:30:00 -0600
While I’ve always been a fairly technical person (I can’t remember the first time I used a computer, for example), 2017 is probably best ddescribed as the year I became Technical. This was the year I went from goofing around with simple LUA scripts to building fairly complicated bits of software, the year I started in on hardware development, and in general the year that I went from merely having a passing interest in technology and security to being the year I went into practice.
2017-11-28 08:30:00 -0600
“That which is of the nature to be born is of the nature to die.”
2017-11-09 05:00:00 -0600
Tarnished Tale has been developed from the outset to be the basis for a game called Layer: A Tarnished Tale. In this series, we’re going to explore some exemplars of the various races features in the game.
2017-11-05 05:00:00 -0600
Tarnished Tale is proceeding abreast as one might expect, and after a brief diversion to implement the new communications protocol (vaguely) and some improvements to the logging system we’re finally into the character management subsystem in terms of the development focus!
2017-11-03 09:35:00 -0500
With Praxis the original goal was always to eventually be able to clone setups. In this week’s case, I was trying to clone the setup I was using for Polaris, the server that hosts my vanity website. I was planning on introducing other elements to that server over time, both public-side and behind the scenes, and it struck me that nowhere in the professional world would you ever experiment by tinkering with Prod.
2017-10-27 20:30:00 -0500
When I set out to create Tarnished Tale I wanted to keep things simple. I’m a fairly impatient person, and even when I’m chasing quality I try to take the most expedient path. That’s why I used websockets and bcrypt rather than implementing my own communications protocol and cryptography. Well, that and it’s a bad idea to roll your own crypto.
2017-10-24 11:00:00 -0500
Tarnished Tale isn’t merely just a vanity project or a distraction. When I said in the readme and prospectus that one of the objectives was to develop a secure MUD engine, I meant it.
2017-10-18 04:00:00 -0500
Since Tapestry[https://www.github.com/ZAdamMac/Patchs-Tapestry] is getting close to the end of its active development period and moving toward the back burner, I’m able to focus a little more attention on Tarnished Tale, that goofy little MUD system I’m building.
2017-10-10 06:30:00 -0500
The trouble with being more toolsmith than true developer is that most of the projects you find useful to construct aren’t really marketable. Tool niches are already filled, with multiple solutions with full dev teams and legions of marketeers. Therefore, if I’m being realistic, I should realize any tool I make, however I generalize it, is going to be niche and bespoke to my uses.
2017-09-24 06:30:00 -0500
Hi there! I am Patches, the host of the show Hacking With Dog!
2017-09-08 06:30:00 -0500
In spite of two gigantic sidequests - some Tarnished Tale work and work on the Patch Savage Labs Website - work on Tapestry has continued more or less apace. As expected, there’s nothing major coming down the pipe for 0.3.1, but I thought I’d talk about it anyway since the release will be delayed until somewhere around the end of the month.
2017-08-24 06:30:00 -0500
Those of you who are following my twitter have probably noticed me dropping hints about having a new project, and I’m happy to say that those hints are actually relevant. I do have a new project - on the back burner while I tidy up a few details on some ongoing, older projects, but one that I think will (productively) use up quite a bit more time and attention as I progress out of the preliminary research stage and into actual development.
2017-08-23 09:00:00 -0500
Tapestry v.0.3.0 has finally gone live! It should come as no surprise that this release doesn’t fully support windows, and this much is indicated both by the program itself if you attempt to run it in windows, and the readme itself.
2017-08-20 22:40:00 -0500
Two months ago, I announced that Tapestry v.0.3.0 was “coming out soon”. And that much is true. What is less certain is what v.0.3.0 is going to look like - and how much that future is going to have to change.
2017-07-15 22:40:00 -0500
You might remember that over one month ago, I announced that Tapestry v.0.3.0 was going to have a whole bunch of new features included in it that weren’t there before, and I am happy to say that all of those features work, for versions of work. So where the hell is it? I did a bad.
2017-06-10 10:40:00 -0500
Tapestry’s next release was intended to be a small set of fixes, finally fixing the passphrase support for Tapestry-generated PGP keys in both the generator and the recovery modes, and a few related small cleaning changes to the way it outputs files. However, a small change in my work environment (and the discovery that somehow my laptop is suitable for hosting a Win7 VM) meant that what was to be 0.2.3 is instead going to be 0.3.0!
2017-05-26 10:00:00 -0500
If you’re wondering why TarnishedTale doesn’t have its own repository like Tapestry does, the principle reason is that it doesn’t yet work, in any sense of the word (at present, it actively throws errors when you attempt to launch the server at all.) In lieu of that, and because debugging is a little too frustrating to do before work, I thought I’d take the time to talk a bit about how it’s intended to work.
2017-05-24 10:40:06 -0500
Computer science, in general, is one of those fields where the more learning you do, the more you want to do. In a lot of ways you can go on in this way indefinitely. There’s always something new to build, some new function to uncover, some new software tool to play with.
2017-05-22 12:00:00 -0500
It all started as a half-joking statement on a Discord channel. I remarked that I found the typical aspects of penetration testing in games to be lacking - this followed on after a conversation about my incredibly stupid “Virtual Access Control Lab” build I did in Minecraft. (It wasn’t finished. No link for you.) I joked that the sorts of games that always had the most promise for being the corporate iSpy types were all either boring as hell, or glossed over the interesting aspects of breaking and entering.
2017-05-21 10:40:06 -0500
Tapestry has a very odd design. Not odd in that it is novel (I’m almost certain it isn’t) or odd in its extreme pecularity, but odd in that it is oddly specific. A traditional backup tool functions not unlike a drive snapshot. It pulls your files, and often your applications and OS settings, every time it is run. Contrast with Tapestry, which by default only grabs your Documents and Photos - Music and Videos, too, if run inclusively.
2017-05-20 10:40:06 -0500
Tapestry is my specialized backup automation tool, currently in version 0.2.2. The project started as a simple exercise in automating what was, for me, a rather complex task. Naturally, it has since sprawled considerably as an exercise in generalizing its use. It is presently written in Python 2.7.12 with dependencies on Python-GNUPG and Gnu Privacy Guard.