Zac's Blog

An equal mix of development stories (mostly the what-went-wrongs), short news posts, and feature announcements, together with the occasional grand pronouncements on the state of tech or the ethics of creation.

Lab Notes: Riding the Wave

2021-09-14 09:00:00 -0500

As you probably recall from the previous update, the last little push for the PETI development kit is the “back board”, an extra expansion on the existing dev kit that will add key functionality like the battery pack to the device. One such feature is the ability to do auditory alters via a small speaker. In the true spirit of known and unknown unknowns, I went 100% Dunning-Kreuger and decided that this would be relatively trivial, and since it was the part of the back circuit I understood the least, it would be the first part of the board I would proof the concept of.

Lab Notes: A Lazy August

2021-08-27 09:00:00 -0500

Wasn’t there an update for Tapestry coming out this month? Weren’t you going to keep working on PETI? Did anything get done at the labs, come to think of it? Actually, yeah. Lots of things have happened. Let’s talk about those.

Lab Notes: Releasing PETI 3.0

2021-07-27 14:00:00 -0500

Circumstance and mood have conspired to make this, the final week of July, on of two periods of paid leave from work which I’ll be able to take this summer. As a result, I spent monday night and a good chunk of yesterday updating and recompiling PETI’s firmware. Last night I published this firmware update’s source [here (permalink)] as the 0.0.3 release. This version adds a new demo functionality, replacing the old demo with a menu which allows you to cycle through the various forms PETI can take, and view all four of their currently-supported animations: idle, face right, face left, and eating. I’ll go back through and add support for the sleeping animation at around the same time I add sleeping into the game.

Reviving Tapestry

2021-07-01 08:00:00 -0500

Tapestery is probably the oldest project most Arcana Labs followers would remember me working on. It began two iterations of identity ago, back when this was “Patch Savage Labs”, followed through the Kensho Security Labs Rebrand, and three jobs and several years later, it’s still with us - a bespoke backup utility nobody asked for.

LabNotes: Expanding the PETI Character Set

2021-06-11 08:00:00 -0500

PETI has a text-based interface; I think I’ve said that enough times by now for everyone to have it burned into their brain, but in case I haven’t - almost everything PETI can display on its screen is functionally text, in that it is comprised of cells of a given size (8 by 8, 8 by 12, or 16 by 16 pixels), and the display library treats each row of such cells as a string of text, referencing a font to determine which pixels to turn on or off depending on the size needed. This places some constraints and labouriousness on managing the display which I want to talk about today, because it’s what I’ve been working on.

LabNotes: PETI OS

2021-05-13 08:00:00 -0500

While calling it an operating system is overstating the complexity involved dramatically, the fact remains that I have had a very productive week in that the two most convoluted portions of the PETI firmware is now in place - the two systems which manage the central game state object and decide what is drawn on the screen and when. Step on through and we’ll talk about how that was done, and the pitfalls I found along the way.

LabNotes: Rebottling the Blue Smoke

2021-05-04 23:00:00 -0500

24 hours ago, I was absolutely certain I had attained a dubious electrical engineering right of passage, and blown up my first development board. I was certain of this because I had tested it extensively. Twelve hours ago, I learned I was wrong.

LabNotes: Blue Smoke Edition

2021-04-22 16:00:00 -0500

It’s been a while since I’ve done an update on PETI, the implemented-in-hardware virtual pet I’ve been designing, and that’s true for a very good reason: I’ve taken and killed it, stone dead.

LabNotes: Adding TLS to Pyminder

2021-04-16 22:00:00 -0500

While it started as a one-day-build (itself taking several saturday afternoon livestreams), Pyminder is quickly becoming an Actual Project, at least in the sense of needing iterative refinement. I’m not sure anything I’ve ever written - code or otherwise - has stood without revision, so I suppose I should not be surprised. One of those improvements - perhaps the most pressing - has been updating the pyminder code to support the use of TLS.

Kensho Security Labs to become Arcana Labs

2021-03-20 22:15:00 -0500

Over the last few days I’ve taken the decision to entirely rebrand Kensho Security Labs as Arcana Labs. While the full set of changes will take (knowing me) a few months to implement, I wanted to talk right away about why the name is changing and what the rebrand means for our projects, as the decision was not taken lightly or trivially.

Pyminder's Unsecure Design

2021-02-11 16:00:00 -0600

People who follow along on social media might have noticed that I have been livestreaming a software project I’m working on that involves using a Raspberry Pi 3A+ and a Pimoroni GFX Hat to let me, effectively, run cron jobs that print messages to the LCD based on their results. I’ve been doing so using the popular python module Flask to expose a RESTful API, which isn’t exactly secured in the current implementation, and I’ve been doing that for a very particular reason: this is a local-host only service on a lab-facing device.

Adding System Keyring Functionality to Tapestry

2021-02-05 22:15:00 -0600

Recently - this very morning, in fact - it was suggested that I move credential storage for Tapestry out of the “no, you’re not allowed” space and into the local system keyring by use of the python library module of the same name. After a quick review I decided I would, and the current version of the development code for Tapestry already includes the necessary changes. I did however want to talk about why this decision was made and why you may or may not want to use it.

Off Topic: The Force Metaphor and a Middle Path

2021-01-17 10:00:00 -0600

If you follow me on twitter, or made the inference from my december posts, you’re probably aware that I’ve taken delivery of the new lab machine and I’m in the process of provisioning it. In a sense, this post is partly a proof of concept that most of that provisioning work is done on the linux side of the machine, but it’s also an able distraction from a highly frustrating technical week - which means it’s going to be a little different from our usual content. Don’t worry though. Skip to the bottom for a general lab update.

PETI Design Docs Made Public

2020-12-24 11:30:00 -0600

Just a few moments ago, I finally set (the PETI and PETI-Helpers repos)[https://github.com/zadammac/peti] public! This update has been a long time coming, but it’s also not the end of this project. In a way, it’s merely the beginning.

Let's Autopsy Jupiter's Failure

2020-12-07 11:30:00 -0600

Over this weekend, as you may have read, I suffered a catastrophic drive failure that lead to more or less burning the whole weekend on restoring my laptop to function and recovering from the failure. Amusingly, for someone who literally developed custom backup software, this went much worse than intended and resulted in the most recent recoverable state being roughly this exact date last year. Woops!

System Meltdown, or, Jupiter Ate My Homework

2020-12-06 19:15:00 -0600

Late on saturday night, I was preparing to do a livestream with a few friends wherein we were going to hang out and be creative in our various idiosyncratic ways. Part of this process, in this instances, involved using a particularly janky technologies stack to use my phone’s camera as the webcam output for the live stream through discord. This is a sane and safe thing to do - I’ve done it a number of times in the past - and then it happened.

Lab Notes: PETI Tooling and the deal with Rokkakei

2020-11-25 23:15:00 -0600

Two weeks? More or less. We’re on company time, after all.

Lab Notes: PETI Needs a Shave; Yosegi Updates

2020-11-08 23:15:00 -0600

I’m about 90% certain that at some point not that long ago I said I was going to update this blog more often going forward, but here we are, back on the ‘once a month, more or less’ update cadence. And on the one hand that probably bears some leverage for an apology, but on the other hand, it’s exactly what I want to talk about. But before that, let’s do the actual LabNotes update on both our active projects: PETI and Yosegi!

PETI: What is a Byte? Why are those Letters Backwards?

2020-10-02 20:15:00 -0500

Last time we talked about PETI, I spent a few hundred words bloviating over getting trapped in a state of not having an ISR to handle an Interrupt that I couldn’t resolve because it didn’t occur during debugging, and thus couldn’t be identified. To be honest, I still haven’t identified the relevant interrupt. What I did do, though, was heavily troubleshoot my SPI_WriteLine function, resolving whatever issue was raising the interrupt in the process, so close enough.

PETI: ISR Traps, Solder Debugging, And Lazineering

2020-09-15 22:30:00 -0500

Over the last two weeks (read: about half a dozen lab hours) I’ve manage to break my stalemate on PETI. For those keeping track, I have been fiendishly attempting to not have to engineer a display driver by instead porting a display driver so badly that I’ve rewritten much of its functionality essentially from scratch.

A Quarterly Update

2020-09-01 22:30:00 -0500

You wouldn’t think a one-man lab had quarters… and truth be told, we really sort of don’t. Since Kensho Security Labs has never actually turned over any revenue, it doesn’t qualify for registration as a business and doesn’t have a fiscal year. That said, I’ve long cultivated a personal habit of chopping the year up broadly into quarters and acting upon that, which is something I’ve written upon extensively in the past. As might have been appropriate to help end the spiral of burnout that was late July and much of August, I’ve been going through one of those quarterly planning processes. A lot of it has touched upon what I wanted to do for Kensho Sec, so I thought it’d be a good time to make some announcements - in lieu of lab notes, of which I have none.

Lab Notes #5: Revealing Rokkakei and The Importance of Chapter 26

2020-08-25 21:55:00 -0500

As I’m sure is the case the corporate world over, or at least in North America, August can be a zany time. The dog days of summer are peak PTO hours, which means everyone and their dog are taking their leave, myself included. The practical upshot of this was that I was insanely busy for much of august, and while I was on PTO last week, it didn’t leave a ton of energy for serious projects - just a bit of light gaming and a brief dabble with the first Yosegi box, Rokkakei.

Lab Notes #4: The Problem With Secret Projects

2020-08-04 23:00:00 -0500

It’s been a while since I’ve done a lab update, hasn’t it? Always the way. The problem here is that I haven’t been working on PETI much - it requires some significant set-up to get started on, and you have to be in the mood for bashing your head against undiagnosable SPI issues. I have a few pet theories (and a few dumb hacks to try and provide more visibility into that bus), but I haven’t had the time to really act on them yet, just due to all the limitations here at home.

Lab Notes #3: PETI? Yosegi

2020-07-18 23:00:00 -0500

As I mentioned in last week’s lab notes, I was gated behind purchasing some textbooks before I could make much more headway on PETI. Thanks to a fortunate and well-timed Humble Book Bundle, I was able to get not just the documentation I needed but a wealth of other materials that I’m sure will be useful moving forward. I also took the downtime to start laying in the groundwork for a new long-term project and initiative for Kensho Security Labs, which I’ll detail below.

Lab Notes #2: PETI Problems

2020-07-13 09:00:00 -0500

Since last week’s lab notes went out, with the exception of more or less wrapping up the server redesign, I’ve essentially been working on PETI to the exclusion of all other tech projects. Embedded is new hat for me, as is the C programming language which the TI assembler uses to program the Texas Instruments MP430 which will form this thing’s brain.

Polaris II: Electric Boogaloo

2020-07-06 00:30:00 -0500

As I alluded to in yesterday’s Lab Notes update, I was revisiting my web development and service stack. Previously, I had a two-machine approach to doing development and hosting for Kensho Security Labs and Sanity Line, where I was doing most of the development in a highly simplified local apache arrangement, and hosting the resulting static sites using my improvised server.

Lab Notes #1: Your Weekend Update

2020-07-05 09:16:00 -0500

Several friends of the Lab have suggested I blog more about all the various projects I’m working on at KSL, whether those projects are ready for release or not. This is actually sort of a return to the origin of the blog - if you dive into the archives you’ll find plenty of notes on projects that never quite got of the ground - like Tarnished Tale.

HTB Post-Root Writeup: Obscurity

2020-05-09 19:00:00 -0500

Obscurity is a HackTheBox machine that was recently retired from their active selection, but is still playable on the VIP networks. I decided to make an attack on Obscurity back in January, when I decided that I was going to spend a good chunk of 2020 coding less and hacking more.

HTB Post-Root Writeup: OpenAdmin

2020-05-05 13:00:00 -0500

OpenAdmin is a HackTheBox machine that was recently retired from their active selection, but is still playable on the VIP networks. I decided to make an attack on Obscurity back in April 2020, as part of my general effort to get better at this sort of thing.

Getting Things Done: Dodging Helmetfire by Offboarding the Brain

2020-04-19 15:30:00 -0500

Getting Things Done Is State Management

If I’m likely to be known for anything, it’s probably the magpie-like way in which I acquire new projects to work on. I’ve always been a bit of a classical overachiever, perhaps not in the sense of actual achievements, but in the sense of attempting to achieve many things at once. Longtime followers of this blog, or people who know me in really any way, are no doubt well aware that at any given point in time I’m working on several things at once: two or three coding projects, something I want to build, some new skill to develop, or even just a few complicated tasks in open world games.

Good-Enough Security

2020-04-03 08:30:00 -0500

The recent changes to the way we socialize, as we all helpfully isolate ourselves in order to combat the spread of SARS-Cov-2 and the COVID-19 it spreads, have forced a lot of us into being much more “online” than we typically were before. For many, the most obvious change has been the adoption of personal teleconferencing through platforms like Zoom, Skype, and so-forth.

The Future of the Enumpi Project

2019-12-19 23:00:00 -0600

It’s been a little over a year since I embarked on a project I was referring to as Enumpi - a project that’s been through the better part of half a dozen design iterations since then. I’ve talked about Enumpi here before - repeatedly - and at length regarding its design and how the project had become complex enough to warrant being handled as three seperate projects.

(Re)Modelling Enigma: Misadventures in Emulation

2019-11-25 08:00:00 -0600

Around this time last year, as a joke that roughly corresponded with the anniversary of the birth of the man who headed the design of the damn thing, I implemented a general solution that was meant to account for most models of the Enigma cipher machine. Enigma is a polyalphabetic substitution cipher of some renown for its use by the THird Reich during WWII, and breaking the enigma is considered a seminal point in both the allied odds of victory for that war, and the history of general computing. This is a story told well by better and I strongly encourage you to break into it.

Enumpi Project Update: Finally Making Headway Edition

2019-11-15 15:00:00 -0600

Around this time last year, I embarked on a project to create a set-it-and-forget-it network enumeration device using the Raspberry Pi 3 platform, which I detailed in two guides, here and here. While the version of the EnumPi that this project produced was roughly suitable to the intended use case, the project itself really got me thinking about generalizing the solution and making it a bit more robust.

KSLabs Upgrade: Deploying Devuan

2019-10-19 22:30:00 -0500

One of the great things about the most popular linux distros for the desktop right now is that they all work more or less out of the box. This is great for people like me, who are just looking for a quick, relatively free, no-cost OS in order to get up off the ground and start working right away. For a few years now, my daily driver had been Ubuntu. But with the 18.04 LTS release, I started becoming more aware of the limitations of the operating system. For the past few months I’ve been pondering a change, and today, I bit the proverbial bullet and transitioned my daily driver, now known as Nostromo (a somewhat-modified Lenovo IdeaPad 310), to Devuan.

Tapestry 2.0.2: The Tester's Rewrite

2019-10-13 18:30:00 -0500

By far the biggest project being worked on right now at Kensho Security Labs is not Tapestry, but Enumpi. But that doesn’t mean we’ve let Tapestry fall completely by the website. We just released version 2.0.2 of the software, bringing some admittedly-minor changes to the software that brings you safe, secure, store-anywhere backup functionality. All we did, really, was add a few functional bypasses called when the program is in testing mode to allow bypassing some forced interaction steps.

Tapestry, The Future, and Simplifying

2019-09-15 19:00:00 -0500

Of the various projects underway at Kensho Security Labs, Tapestry is probably both the flagship project and the most mature codebase. To date, the project has seen some 14 releases across 471 commits on master.

HTB Post-Root Writeup: Teacher

2019-04-20 19:00:00 -0500

Teacher was the first HackTheBox machine I attempted to pwn after creating the Enumpi, my (primitive) network enumeration tool. Because of that, I figured out extremely quickly that it was hosting something I’m actually really familiar with through my day job - a Learning Management System. This was one of the harder boxes I’ve worked on to date, mostly because it really was designed around working you back down to basics. Everything from initial foothold exploitation to finally getting the root flag took ages (around two month’s worth of Sundays), all because it relied on really basic information that I just didn’t have fully grocked. It was a highly valuable experience, and my recommendation to you if you have VIP is to dig the machine out of retirement and give it a test yourself. You’ll be glad you did.

Tapestry 2.0's Development: A Postmortem

2019-04-17 18:00:00 -0500

Tapestry 2.0 was released yesterday, and while I slapped together a quick release on the topic at the time, I wanted to follow along that idea with a “lessons learned” retrospective on our testing and development process.

Tapestry 2.0 Is Now Available!

2019-04-16 18:00:00 -0500

Tapestry 2.0 was released this afternoon. I wanted to throw together a quick blog post about it so that I could plug the new features, explain the major changes, and drop some hints about what we might see in future releases (and when we might expect those). A future blog post is going to offer a retrospective on the 2.0.0 rewrite as a project in its own right!

Htb Writeup Frolic

2019-03-23 00:00:00 -0500


layout: post title: “HTB Post-Root Writeup: Frolic” date: 2019-03-23 08:00 -300 categories: HTB —-

Tapestry 2 Release Impending

2019-03-08 00:00:00 -0600


layout: post title: “Tapestry 2.0 Releasing Soon!” date: 2019-02-08 23:00 -400 categories: Tapestry —-

Soft Skills For Technicals

2019-01-25 00:00:00 -0600


layout: post title: “Soft Skills for Technicals” date: 2019-01-22 23:00 -400 categories: General —-

Sqlite Open Letter

2018-10-22 00:00:00 -0500


layout: post title: “Open Letter Regarding the New SQLite CoC” date: 2018-10-22 10:00 -300 categories: Tapestry —-

Tapestry

2018-09-20 00:00:00 -0500


layout: post title: “Tapestry 1.1 and 2.0 News!” date: 2018-09-20 10:00 -300 categories: Tapestry —

Change of Tack: The Future of Tapestry

2018-08-06 21:00:00 -0500

Why I Do This

I got into software development the long way around, but I did it for a reason.

You DO Have Something to Hide

2018-07-25 17:00:00 -0500

As is often the case with aspiring and current Security Professionals, I’m something of a security enthusiast. This makes itself fairly well known if you ever get within about ten feet of my laptop - it’s absolutely bedecked with stickers from the EFF proclaiming my dissent for unsupervised search and my believe that privacy is a universal right. This usually leads to at least one or two eyebrows getting raised, and there’s almost always a conversation that follows - one I rarely articulate well.

How I Screwed Up (and Fixed) Hacking for Money

2018-06-04 12:00:00 -0500

For a young infosec guy without industry experience, lviging somewhere where the industry barely exists, few options are immediately available to ply your trade besides freelancing. Being under-networked, this meant spinning up a Fiverr profile and essentially hoping for the best. I didn’t take the pursuit especially seriously. I was busy, with Tarnished Tale, Tapestry, and trying to find work more permanent than my soon-to-expire contract with Computers For Schools.

How I Screwed Up (and Fixed) Hacking for Money

2018-06-04 12:00:00 -0500

For a young infosec guy without industry experience, lviging somewhere where the industry barely exists, few options are immediately available to ply your trade besides freelancing. Being under-networked, this meant spinning up a Fiverr profile and essentially hoping for the best. I didn’t take the pursuit especially seriously. I was busy, with Tarnished Tale, Tapestry, and trying to find work more permanent than my soon-to-expire contract with Computers For Schools.

Maxminally Adequate Security

2018-05-20 09:00:00 -0500

For locksport enthusiasts or others with an interest in physical security (or security in general, for that matter), no phrase comes in as frustrating a sentiment as “Locks are for honest people.” While the statement is true, the sentiment with which it is usually proclaimed is a misguided and dangerous attitude. Dangerous, because those who believe it often take inappropriate measures on the basis of its advice. On the backbone of this sentiment, we have become a society that expects, and even accepts, our physical security practice to be compromised. But, just as there is more to driving than a car, there is more to security than merely a lock.

Fixing Bad Xcomposite Captures in OBS

2018-05-01 13:00:00 -0500

While they’re few and far between, I know at least a few other streamers who use OBS Studio with linux in order to livestream or screen-capture whatever it is they are trying to record. Some of you probably even use Ubuntu, and if, like me, they just upgraded to Ubuntu 18.04, there’s a distinct possibility they broke some of their capture system!

Why Key Escrow Will NEVER Work

2018-04-26 13:00:00 -0500

What’s This Business?

Key Escrow is the formal name for a design of cryptographic system which includes what some people call a “Golden Key.” It refers to any crypto system where a master key could be used to bypass the security provided by individual user’s keys.

Introducing Loom

2018-03-03 20:00:00 -0600

Tapestry is a Fantastic Tool But It’s Missing a Major Feature

Trust No One: Eliminating Trust in Tarnished Tale

2018-03-03 20:00:00 -0600

Surely, you can’t be about to suggest it’s possible to eliminate trust in Online Gaming?

Don’t call me Shirley.

Tapestry's Test Hash: MP5‽ Really?

2018-02-16 20:30:00 -0600

Tapestry Is Getting Real

Y'all MFs Need Backups: Some Evangelism

2018-01-31 20:30:00 -0600

Defense In Depth: It’s Redundancy All the Way Down!

Trust No One: Eliminating Trust in Tapestry's Design

2018-01-21 20:00:00 -0600

Wait, I thought the whole point of Tapestry was to establish trust?

In a sense that’s actually true. Tapestry’s purpose was to create an absolutely-trusted backup. That is to say, a user familiar with the program’s operation can create a backup with trust it has not leaked data, store it with trust that it is illegible to remote users, and recover it in the trust it has not been tampered with. However, this approach works precisely because it discards trust in as many factors as possible.

Your Face is Not A Secret: Why Biometrics aren't Authentication Tokens

2018-01-13 11:30:00 -0600

Biometrics as a security technology has been in the public eye for some time now (at least since my childhood in the 90s), but it’s back in vogue now with the advent of new technologies, such as facial recognition, which were recently widely adopted by Apple in their new iOS devices, and less recently by Android developers around four or five years ago, when it started showing up on their devices. It’s sort of the epitome of security technology. We can do away with cumbersome password-based authentication because no two people have the same face/fingerprints/DNA/whatever.

Coming In Hot: 2018 as Manic-Me Sees It

2017-12-31 08:30:00 -0600

Today is the end of a lot. For one, it’s the end of the calendar year - a year a lot of us consider to be suboptimal. It’s also the end of an era - tomorrow I’m participating in the very last service Vault 29 will ever carry out.

Live Fast, Die Smart: 2017 Retrospective

2017-12-26 08:30:00 -0600

While I’ve always been a fairly technical person (I can’t remember the first time I used a computer, for example), 2017 is probably best ddescribed as the year I became Technical. This was the year I went from goofing around with simple LUA scripts to building fairly complicated bits of software, the year I started in on hardware development, and in general the year that I went from merely having a passing interest in technology and security to being the year I went into practice.

Change of Venue: Vault 29 Post-Mortem

2017-11-28 08:30:00 -0600

“That which is of the nature to be born is of the nature to die.”

Layer Profiles: Melasari Paragon Hera Ironspine

2017-11-09 05:00:00 -0600

Tarnished Tale has been developed from the outset to be the basis for a game called Layer: A Tarnished Tale. In this series, we’re going to explore some exemplars of the various races features in the game.

TT: Character System - How to Skills!

2017-11-05 05:00:00 -0600

Tarnished Tale is proceeding abreast as one might expect, and after a brief diversion to implement the new communications protocol (vaguely) and some improvements to the logging system we’re finally into the character management subsystem in terms of the development focus!

Firewalls Behind Firewalls: A Praxis Adventure.

2017-11-03 09:35:00 -0500

With Praxis the original goal was always to eventually be able to clone setups. In this week’s case, I was trying to clone the setup I was using for Polaris, the server that hosts my vanity website. I was planning on introducing other elements to that server over time, both public-side and behind the scenes, and it struck me that nowhere in the professional world would you ever experiment by tinkering with Prod.

Complicating TT: Protocolizing Communications

2017-10-27 20:30:00 -0500

When I set out to create Tarnished Tale I wanted to keep things simple. I’m a fairly impatient person, and even when I’m chasing quality I try to take the most expedient path. That’s why I used websockets and bcrypt rather than implementing my own communications protocol and cryptography. Well, that and it’s a bad idea to roll your own crypto.

TT Security: Adding Output Sanitization

2017-10-24 11:00:00 -0500

Tarnished Tale isn’t merely just a vanity project or a distraction. When I said in the readme and prospectus that one of the objectives was to develop a secure MUD engine, I meant it.

Tarnished Tale To Get New Admin Panels

2017-10-18 04:00:00 -0500

Since Tapestry[https://www.github.com/ZAdamMac/Patchs-Tapestry] is getting close to the end of its active development period and moving toward the back burner, I’m able to focus a little more attention on Tarnished Tale, that goofy little MUD system I’m building.

Tapestry in Version 1.0

2017-10-10 06:30:00 -0500

The trouble with being more toolsmith than true developer is that most of the projects you find useful to construct aren’t really marketable. Tool niches are already filled, with multiple solutions with full dev teams and legions of marketeers. Therefore, if I’m being realistic, I should realize any tool I make, however I generalize it, is going to be niche and bespoke to my uses.

Improvising A Server

2017-09-24 06:30:00 -0500

Hi there! I am Patches, the host of the show Hacking With Dog!

Tapestry 0.3.1 Preview!

2017-09-08 06:30:00 -0500

In spite of two gigantic sidequests - some Tarnished Tale work and work on the Patch Savage Labs Website - work on Tapestry has continued more or less apace. As expected, there’s nothing major coming down the pipe for 0.3.1, but I thought I’d talk about it anyway since the release will be delayed until somewhere around the end of the month.

Hints for Project Clair

2017-08-24 06:30:00 -0500

Those of you who are following my twitter have probably noticed me dropping hints about having a new project, and I’m happy to say that those hints are actually relevant. I do have a new project - on the back burner while I tidy up a few details on some ongoing, older projects, but one that I think will (productively) use up quite a bit more time and attention as I progress out of the preliminary research stage and into actual development.

Tapestry 0.3.0 is now Live!

2017-08-23 09:00:00 -0500

Tapestry v.0.3.0 has finally gone live! It should come as no surprise that this release doesn’t fully support windows, and this much is indicated both by the program itself if you attempt to run it in windows, and the readme itself.

The Future of Tapestry

2017-08-20 22:40:00 -0500

Two months ago, I announced that Tapestry v.0.3.0 was “coming out soon”. And that much is true. What is less certain is what v.0.3.0 is going to look like - and how much that future is going to have to change.

Hacking Tapestry: Some Changes

2017-07-15 22:40:00 -0500

You might remember that over one month ago, I announced that Tapestry v.0.3.0 was going to have a whole bunch of new features included in it that weren’t there before, and I am happy to say that all of those features work, for versions of work. So where the hell is it? I did a bad.

Sneak Peak at Tapestry 0.3.0!

2017-06-10 10:40:00 -0500

Tapestry’s next release was intended to be a small set of fixes, finally fixing the passphrase support for Tapestry-generated PGP keys in both the generator and the recovery modes, and a few related small cleaning changes to the way it outputs files. However, a small change in my work environment (and the discovery that somehow my laptop is suitable for hosting a Win7 VM) meant that what was to be 0.2.3 is instead going to be 0.3.0!

Anatomy of TarnishedTale

2017-05-26 10:00:00 -0500

If you’re wondering why TarnishedTale doesn’t have its own repository like Tapestry does, the principle reason is that it doesn’t yet work, in any sense of the word (at present, it actively throws errors when you attempt to launch the server at all.) In lieu of that, and because debugging is a little too frustrating to do before work, I thought I’d take the time to talk a bit about how it’s intended to work.

The Minilab: Moving Forward

2017-05-24 10:40:06 -0500

Computer science, in general, is one of those fields where the more learning you do, the more you want to do. In a lot of ways you can go on in this way indefinitely. There’s always something new to build, some new function to uncover, some new software tool to play with.

TarnishedTale: Overview

2017-05-22 12:00:00 -0500

It all started as a half-joking statement on a Discord channel. I remarked that I found the typical aspects of penetration testing in games to be lacking - this followed on after a conversation about my incredibly stupid “Virtual Access Control Lab” build I did in Minecraft. (It wasn’t finished. No link for you.) I joked that the sorts of games that always had the most promise for being the corporate iSpy types were all either boring as hell, or glossed over the interesting aspects of breaking and entering.

The Why of Tapestry

2017-05-21 10:40:06 -0500

Tapestry has a very odd design. Not odd in that it is novel (I’m almost certain it isn’t) or odd in its extreme pecularity, but odd in that it is oddly specific. A traditional backup tool functions not unlike a drive snapshot. It pulls your files, and often your applications and OS settings, every time it is run. Contrast with Tapestry, which by default only grabs your Documents and Photos - Music and Videos, too, if run inclusively.

Introducing Tapestry!

2017-05-20 10:40:06 -0500

Tapestry is my specialized backup automation tool, currently in version 0.2.2. The project started as a simple exercise in automating what was, for me, a rather complex task. Naturally, it has since sprawled considerably as an exercise in generalizing its use. It is presently written in Python 2.7.12 with dependencies on Python-GNUPG and Gnu Privacy Guard.