neonascent

(Edit: I’ve found the perfect set of network analysis tools. See the last section of this entry.)

Have been investigating WiFi security recently in preparation for beefing up my brothers WAN settings. Installed two wireless packet sniffers; Airopeek (for NIC drivers) and airsnort, but my D-Link AirPlus G+ DWL-G650+ is not supported, as it uses Texas Instruments chipset. This took a while to realise, as DWL-650 and DWL-G650 are both supported, but apparently D-Link has a habit of naming their cards very similar irrespective of differing chipsets even between different revisions of the same model!

(The two packet sniffers require a specially modified driver that allows the wireless cards to run in “promiscuous” mode, i.e. accepting all packets regardless of their MAC address target.)

Cain and Abel is proving a scarily effective tool. Using APR (Address Resolution Protocol Poisoning Routing) to have traffic routed to it even on a switched network, and allow man-in-the-middle attacks of HTTPS sessions via certificate faking (As the faked certificate cannot be properly signed, the client-side browser will pop up a message prompting for an okay - except for the digital sig it is identical to the original, and users almost always accept without thinking). This is all ethernet based, but similar man-in-the-middle attacks can be done with a SSID clone wireless access point powerful enough to unsurp the legitimate one. The takehome message here is to always use SSL for sensitive information, and never accept a security certificate unless you completely trust it!

A great selection of Linux network security tools is bundled together on a Linux Live CD. The distro is called BackTrack (available via Remote-Expoit.org) and is the perfect environment from which to work. Checking discussions on that site will help you find a good wireless card that supports promiscuous mode, but as a general rule the Atheros chip set cards do.

Musical Instrument Digital Interface, or MIDI, is an industry-standard electronic communications protocol that defines each musical note in an electronic musical instrument such as a synthesizer, precisely and concisely, allowing electronic musical instruments and computers to exchange data, or “talk”, with each other. MIDI does not transmit audio - it simply transmits digital information about a music performance. (from Wikipedia entry)

Many may know that I’m a keen musician with some sound engineering experience. This project is to combine music and geekery interests and see what comes out of the mix. Yesturday I completed my first MIDI device. It is just a test of concept really; the first step in hopefully some more advanced MIDI/sound manipulation.

I use a PIC16F84 chip at 4Mhz to directly talk to whatever MIDI device the circuit is connected to. The homebrewed MIDI transmit code was taken from Ross Bencina’s site on MIDI development with PIC and Basic Stamp which, if you are interested, is a great resource.

Here is some of the technical material to help you get started quickly on your own MIDI project:

• My rejigged source code for 4Mhz operation (I also add turning on the “Okay” LED)
• Link to annotated circuit schematic
• PIC16F84 Datasheet (comprehensive programming information and specs)

Edit: If you are experimenting at all with MIDI output devices, you will probably benifit from a computer based MIDI monitoring program. This lets you examine the raw MIDI data being sent by your device, and helps greatly in troubleshooting. I am currently using the aptly titled MIDI Monitor found at OBD Software as it is free and does a fine job.

Edit: I’ve recently completed a remote automation project that lets you turn 110-240vac devices on and off via the a webpage or WAP on a mobile phone. It’s a very fun project! If you’d be interested in a write-up (schematics, code, etc) then leave a comment here, and I’ll get writing!

I’m sure many of you have seen this already, but as I’ve found lots of friends hadn’t; here you go.

Jeff Han of New York University has develped as touch screen that can detect multiple touches at the same time. Not impressed? Take a look at the video: this allows for an inspiringly intuative new breed of user interface, with example applications allowing Minority Report style interaction.

The system uses FTIR (frustrated total internal reflection) of side lighting, and when one touches the screen this light is scattered away from the finger, and picked up by a camera underneath.

via Boing Boing:

A new suite of free and open tools let you watch TV, make TV, and recommend TV in a way that’s easier, cheaper and more accessible than ever before.

A pakage like the Democracy suite was inevitable - combining the technologies of RSS (syndication/subscription), BitTorrent (scalable distribution), and VLC (multi-format, multi-platform video player) to form an essential tool for the new internet-based grassroots video distribution model.

Democracy has just been released as beta for PC, with a Mac version already released and Linux on the way. It seems well-suited to take its place as an ubiquitous technology to replace conventional TV.

The experience of Democracy is great. Fire it up, pick some channels, and leave it running. Flip to it whenever you want to watch your video — it’s as easy as turning on a TV…

I’m sure those of you who pay an interest to this blog will know that my colleagues and I are working on an epidsodal, free-range video narrative called Carrie & Vostok (more information through its dedicated site). Essentially it brings the stylistic diversity of the world’s budding video poducers/artists together in a conceptually coherent narrative about two characters - capturing the postmodern nature of different gazes apon any scenario. I don’t really need to explain how Democracy has arrived at the perfect time to fit the needs of this project. Serendipity or providence?

• Link to Democracy website

I don’t want to sound too geeky, but this is a post on the theme of graphic narratives, as opposed to “cartoons”. Naming anything a cartoon or comic really tends to beg the question of affective intent of the content.

I recently discovered “Oh no Robot”; a search engine that searches through the drawn text in graphic narratives. This in itself is fantastically amusing, often surprising, and useful.

After a few indescriminate searches, I managed to stumble apon Whispered Apologies. Whispered Apologies…

…is a collaborative comic strip! You design a comic, pictures but no words, and send it in. Then Ryan and Joey and friends will add dialogue and narration to make your comic illustrative of wacky adventures or even quiet moments of reflection and self-awareness. The process is explained here. The result is a new comic, full of excitement and love!

A good number of the narratives are zany and amusing, and there are a few that are deeply moving - I suggest you check it out.

As an aside; disconnectedness of drawing from writing produced the very weird stories of cult classic childrens’ program The Magic Roundabout. Animation was produced in France, and dubbing into English was done without the original script!

• Link to Oh no robots searchengine
• Link to Whispered Apologies

I’ve just migrated to a brand new, cheap, fast Aussie server. The company is MD Web hosting, and they are very reasonably priced and have a full compliment of useful tools and features. Compared to the hosting that came with my Namesecure domain names, this is like being in a candy store. Here’s some immediate improvements:

• I’ve now got plenty of subdomains to play with. I’ve set up the following:
  • blog.neonascent.net - goes to my blog
  • it.neonascent.net - goes to my IT consulting page
  • carrievostok.neonascent.net - goes to the carrie and vostok site
• Addon domains lets me serve more than one completely independant site from the same space:
  • neonascent.net - Blog, IT consulting, online gallery, misc.
  • dirtysuzie.net - Site for an art project I’m working on
• I’ve got true domain parking, instead of the useless web forwarding namesecure was giving:
  • muchmojo.com, neonascent.com and neonascent.org - go to neonascent.net
  • dirtysuzie.com - goes to dirtysuzie.net

If you notice any problems with the site, please shout out! (Webmaster AT neonascent DOT net) Thankyou!

The Java and Web software blog Simple Thoughts has posted a list of 10 Simple Tips for Better Blogging. I know that there are a few avid bloggers who read muchmojo (though I’m not suggesting that they read it avidly!), and I thought I’d link to it.

Ironically the entry on the original blog is so noisy from Google ads and the like that I feel it would be better to just quote it here. As it leans towards informing “professional bloggers” who are aiming at a blog income, I have trimmed off vestiges of capitalist-whoredomery and cut it down to 8:

1. Blog about topics which are truly interesting to you. This will help you succeed in the long run.

2. Host your blog on your own server with your own domain name. Avoid free blog hosting on blogspot or wordpress.com (unless you are Robert Scoble). It provides better perception to your blog and more configurability among other benefits. Use a Blogging software like WordPress or Movable Type. I use WordPress.

3. Post with a fixed schedule, preferably once a day or once every two days, if possible. Missing the weekends is fine.
Note: Do not be afraid to take days off. Blogging shouldn’t be a chore.
Disclaimer: I sometimes break this rule.

4. Try to write in proper polished language, unless you are blogging solely for highly targeted audience like gangsters.
Note: Personally I hate reading blogs with poor english. It casts a bad light on the author.

5. Choose a decent theme for your blog matching the target audience. Don’t choose too bold colors for business blogs. In general all standard web design principles apply.
For example if you are targeting teenage girls (as audience) then a smattering of pink may not be out of place.

6. Track what your audience wants and deliver more of it.

7. Unless it is a personal blog stay away from too many “had a hangover today” post or talking about your personal life.

<snip , snip!>

10. Provide an interactive experience. Allow comments in your blogs. Respond politely to comments.

Muchmojo seemingly “score” around 5/8 - I guess I should be happy. Of course the list is just a guide, and there are always exceptions to the rule. Without any financial interests in the blog, it will most likely be unrealistic to expect personal blogs to be on dedicated servers instead of free services - Muchmojo has this luxury mainly because I’m a geek.