Hacker Movie Festival

buildscc | 04 May 2010 | | events

We should throw a hacker movie festival on campus. This would require cooking copious amounts of popcorn and projecting classic hacker movies onto the walls of a BU machine room or otherwise questionably fitting cyberpunk-y location. Or just securing room 330 in CAS, depending on how many collective strings we can pull.

Possible movies:

  • WarGames
  • TRON
  • The Manhattan Project
  • Sneakers
  • The Pirates of Silicon Valley
  • Hackers
  • Takedown
  • Antitrust
  • Johnny Mnemonic
  • 23 (1998)
  • RevolutionOS

What say ye, oh undulating masses of techies? Comment below.

Also, thanks to Prof. Kinraide for this idea :D

Possible additional Movies or snippits:

  • The Conversation (1974) - You can never be too paranoid ;-)
  • Ghost in the Shell (1995) - or just the scene with the reality loop.
  • Ghost in the Shell 2: Innocence (2004) - or just the uber cool scene where the firewall (complete with robot “watchdogs”) is breached on the robot production ship.
  • Possible TV episodes or snippits: La Femme Nikita: #215 “Fuzzy Logic” - [Birkoff] (TENSE VOICE) Sir, I’m sorry, we’re in the middle of a multiple anomaly. There is also some episode where birkoff actually feeds actual *nix commands (a ps pipe and then a kill I think) to an operative in the field :-)
  • La Femme Nikita: #103 “Simone” Ah, here it is… BIRKOFF: Sit down at the main keyboard. (Nikita scoots over to the keyboard, staying low) Type exactly what I tell you. PS dash E. PS dash… All right. That’s got to be it. It’s the only process I don’t recognize. All right, type this in; Kill, space, minus-nine, space, 313. Okay? You got that? That should do it. […] Tense seconds shoot past as automatic gunfire rattles all around.
  • Dr. Who - all of it. IMHO Dr. Who is the media character I’ve seen that best exemplifies the hacker (sometimes called “ethical hacker” since media have conflated “hacker” to mean “cracker”).

Musical Stairs Original Plan

buildscc | 23 Apr 2010 | | projects

Original Plan

This document was the original inception of the Musical Stairs project.

Overview

The musical stairs project is an attempt at making the main staircase in the GSU make noise when you step on each stair. Think the piano floor at FAO Schwarz, but in stair form.

Mailing List

Listserve_Commands| musicalstairs-list@bu.edu

Wanna be on it? Email vryoung@bu.edu

Technical

So far, the plan is to use IR LEDs at one end of each step and IR sensors at the other end, so when someone steps on the stair, the sensor no longer sees the light. The sensor then sends a signal to an Arduino, which processes the signals from all the steps and sends the information to a computer at the top of the stairs. That computer is responsible for making the noise. Current plans involve not only a direct-note mode, but possibly a song mode.

Staircase

Mounting

The current plan is to attach the sensors directly to the side of the stairs with double-sided tape or similar adhesive. For non-flat components, they might need to be mounted in epoxy/acrylic/hot-melt first, then attached. Wires will be run along the side of the step and down underneath to North side of the stairs (closest to the window). Those wires will be run to the top of the stairs, where any Arduinos and computers will be located.

Possible Sensor Alternatives

A possible alternative to the IR sensor might be some sort of microphone which would pickup sound on the surface of the stair. I tested it personally, but with a mini-amplifying speaker and a specially designed microphone. However, amplifying the sound off a surface might be easier than amplifying a wave from an IR LED way out of range, because you can’t tell between ambient light and the light form the LED. Costs and specifics are unknown.

Possible component (a piezo vibration sensor): http://www.sparkfun.com/commerce/product_info.php?products_id=9196

  • Nik Huntoon and Chris Woodall

Upcoming Meetings

Dates to be announced.

Build Session

~ This weekend (April 23rd-25th) in BUILDS We should have new IR LEDs and sensors in, so we’re going to play with them, figure out their range, test mounting strategies, etc. If you want to learn how to solder or do Arduino stuff, there should be some of that going on at various points.

Members

  • Valerie Young (Project Leader)
  • John-Nicholas Furst (Project Leader)
  • Russell Shomberg
  • Nicholas Colasuonno
  • Danny Cooper
  • Christopher Woodall

What is BUILDS?

buildscc | 22 Apr 2010 | | about

BUILDS

What is BUILDS?

The poor student, Jack, had been seeking for at least four years. He was a hard seeker; he was very, very honest and sincere. He practiced all that was told to him, he visited many masters, he undertook many internships. He did all that was humanly possible. He practiced coding katas, he mastered Matlab, he did this and that – but all to no avail. Nothing was happening; in fact, his frustration was growing more and more. The more the methods failed, the more and more frustrated he became.

He had read all the Hacker scriptures – there are hundreds of them. It is said about this Jack that he had the Art of Computer Programming in his room, and he was constantly reading, day and night. And his memory was so perfect he could recite whole passages of the Jargon File – but still nothing happened.

Then one day he burned his whole library. Seeing those scriptures in the fire he laughed. He left the university, he left his advisor, and he went to live in a ruined temple. He forgot all about coding kata, he forgot all about matlab, he forgot all about practicing this and that. He forgot all about virtue; he forgot all about discipline, and he never went inside the university to code again.

But as he was living in that ruined temple it happened. He was mowing down the weeds around the temple – not a very techie thing to do. Not anything specific, not anything special, just taking the weeds out. When he threw away a bit of broken tile, it clattered against a bamboo tree – in that moment it happened. In that very clattering of the tile against the bamboo, a shock, a jerk happened and his mind stopped for a moment. In that very moment he realized BUILDS.

BUILDS in the News

buildscc | 20 Apr 2010 | | news

Since our inception at the beginning of this year, BUILDS has appeared regularly in student news outlets and in the official university press, BU Today. Check out what the 4th Estate has to say about our space:

BU Today Article – “A Place to Hack or Just Hang”

http://www.bu.edu/today/node/10468

A great article that goes a bit more in-depth about the philosophy and inner-mechanics of the BUILDS hackerspace.

Daily Free Press Article – “‘Hacker Space’ Invites Free Creativity, Collaboration…”

http://bit.ly/budfp

A great article from the DFP about the BUILDS Open House – slash- hackerspace unveiling last January.

Daily Free Press Article – “ID Numbers Found Online Raise Student Concern”

http://bit.ly/buidcards

An article introducing the BU ID Audit Project. Also, a great example of why it’s important to edit your robots.txt file when working on a sensitive security audit over mediawiki

BUILDS Project: Buffer Overflows in gsubmit

buildscc | 20 Apr 2010 | | news

In mid February, BUILDS found a Buffer Overflow exploit in gsubmit, an assignment submission tool actively used in the Boston University Computer Science Department. Upon discovering the vulnerability and authoring a proof of concept exploit, the CS Department and Lab Administrators were made aware of the problem. A new version of gsubmit which fixed these problems was installed on March 19, 2010, the day that BUILDS presented a poster and demo on this topic at the BU Computer Science Research Open House.

In the course of this project, work started on developing a tool that can statically analyze an ELF binary object for potential security vulnerabilities. Dubbed “Low Hanging Fruit”, this tool aims to discover possible problems in the binary, such as unchecked buffers, potentially dangerous library calls (such as the system() function), format string exploit attack vectors, etc. Development is ongoing, using the libelf and libdisasm libraries.

Submitted poster (with a full writeup of the hack)

Project contact: Kyle Brogle broglekATbuDOTedu

BUILDS Security: Buffer Overflows in gsubmit

buildscc | 26 Mar 2010 | | projects

BUILDS Security: Buffer Overflows in gsubmit

In mid February, BUILDS found a Buffer Overflow exploit in gsubmit, an assignment submission tool actively used in the Boston University Computer Science Department. Upon discovering the vulnerability and authoring a proof of concept exploit, the CS Department and Lab Administrators were made aware of the problem. A new version of gsubmit which fixed these problems was installed on March 19, 2010, the day that BUILDS presented a poster and demo on this topic at the BU Computer Science Research Open House [1].

Paper

Low Hanging Fruit

In the course of this project, work started on developing a tool that can statically analyze an ELF binary object for potential security vulnerabilities. Dubbed “Low Hanging Fruit”, this tool aims to discover possible problems in the binary, such as unchecked buffers, potentially dangerous library calls (such as the system() function), format string exploit attack vectors, etc. Development is ongoing, using the libelf and libdisasm libraries.

Future Work

  • Continue development of Low-Hanging Fruit
  • Use the vulnerable version of gsubmit as a tool to experiment with defeating different methods of Linux and gcc security.
  • Possibly adapt a more generalized version of our research for presentation to a wider audience.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25