Hosted Unifi controller with Let’s Encrypt SSL take 2!

Unifi Dashboard with SSL

I visited this idea months ago, but for anyone who implemented it, it has been a nightmare.  Each subsequent Unifi controller update broke the https in new and exciting ways.  After remaining a very squeaky wheel with Ubiquity support, they’ve pushed out a version that should permanently resolve the problems. They even made promises of native Let’s Encrypt support.  All this will prove true of false with time, but for now i wanted to share my working procedure for Unifi controller version 5.9.32.

This solution required me to become more familiar with Java’s keytool then i would have otherwise.  Unifi has a hardcoded keytool path and password, don’t change that (thanks Corey F @ubnt). i don’t think alias matter, but they must be consistent.  I used mykey.  We start by generating a key and a code signing request for our domain.  For permissions reasons, we will want to do this as root. . .
cd /var/lib/unifi
keytool -genkeypair -alias mykey -keyalg RSA -keysize 2048 -keystore keystore -dname "" -storepass aircontrolenterprise

Now we export the csr file we will give to Let’s Encrypt.
keytool -certreq -alias mykey -keystore keystore -file -ext -storepass aircontrolenterprise

Now we run the interactive certbot script to prove the domain is actually yours before they hand out a cert.  Follow the instructions you can use DNS or hosting a file to verify.
certbot certonly --manual --csr

Continue reading “Hosted Unifi controller with Let’s Encrypt SSL take 2!”

More then printing out, I’m printing up! Experiments with my first 3D printer!

3D Printing: My Third PrintWhen a colleague offered me a great price to buy his barely used Monoprice Maker Select V2 , I was instantly transported into the future. No more waiting for amazon deliveries, now i can download things straight into reality from the inerwebz!  Well, that’s almost what happened.

The learning curve was not as steep as i expected. my 3rd print was actually perfect; or would have been if i hadn’t run out of filament.  Funny story… i inherited with the printer a 1Kg spool of PLA. Unfortunately, the Monoprice Maker Select’s included spool holder doesn’t support large spools like this one.  So I had to maintain the slack on the spool or break off pieces for prints.  That is no way to live. The very next pint was of course was Maker Select V2 Spool Holder Mod by toastedsilicon

3D Printing: Monoprice Maker Select V2 Spool Mod Continue reading “More then printing out, I’m printing up! Experiments with my first 3D printer!”

Back to reality after another amazing DEFCON!

I met a pile of incredible people.  Bought some amazing toys (for science), some i’ve even got working.  Saw some talks and demos.  Talked to some of my heroes and listened to even more.  I saw Ladar Levison talk about epoxying your ports and adding thermite to your hard drives.  I played with the ECU of a fake car!  now i just have finish building the DarkNet Badge!  enjoy my pictures. The hat data is still being analyzed.  I’ll try to build something out of it eventually.

DEFCON26 - Badge Acquired DEFCON26 - Car Hacking Village Badge DEFCON26 - Blockchain Badge DEFCON26 - Show us what you got?! Battlefield Las Vegas - Mac-10 Battlefield Las Vegas - Tank Collection Battlefield Las Vegas - Tank crushing car Battlefield Las Vegas - Tank crushing car close
Continue reading “Back to reality after another amazing DEFCON!”

Introducing DEFCam or how i made a hat for DEFCON!

DEFCam hat

This is a silly project that i have spent probably too much time on.  First I thought, why not time-lapse my upcoming defcon trip.  Then i thought, why not live stream it.  So… I started with a Pi Zero and a Pi Camera v1.  Wired some pins to the GPIO for power.  Made a custom wire and hot glued it into the hat.  Done!

DEFCam - pi zero cam case

DEFCam - prototypeDEFCam - original wiringDEFCam - can see itself
Continue reading “Introducing DEFCam or how i made a hat for DEFCON!”

My Defcon 26 Short Story Contest Entry Part 1! Finally!

Defcon Short story contest entry by be3n

Chapter 1 : Knowledge Distribution and Collection

In a large lecture hall only moderately filled, Yohan stood before a class of first year computer science students.  The dark rings under his brown eyes and matted light brown hair highlighted his rumpled and unkempt appearance. He was of average height with broad shoulders and a bit of a barrel chest.  Barely older than his students, he hardly had their attention as he began to speak.

“Infinite monkeys pounding on keyboards will eventually produce Shakespeare!  We’ve all heard this. Is that machine learning? Are these nearly infinite transistors your army of monkeys?”, he asks.  A few students timidly raised hands before he answered himself, “No, we are not leveraging the power of infinite monkeys here.  Here we teach learning systems not just how to learn, but how to teach themselves to learn even better,” he continued. The students started to raise eyes from their glowing screens to follow Yohan as he slowly drew their attention.

Speaking enthusiastically, his eyes began to brighten, “Your model is derived by the learning systems analysis of the data you feed it. Bad data creates bad learning. One famous example from the early days of machine learning was an Army effort to train a system to detect tanks from aerial reconnaissance.  The scientists working on the project did not notice at the time that all the photographs taken containing tanks in the sample were taken on overcast days. Most of the photos that did not contain tanks, had been taken on sunny days. In the end, they did not train the model to detect tanks, but instead to detect cloudy weather.  If you are not careful this can happen to you.

“False assumptions lead to false predictions and the model degrades.  It is increasingly important to properly select the data points for your matrix as well as allowing for the training of weights and biases assigned to these data points.

“Just like our tank example, we can find other false assumptions.  The racist biases that lead to the idea that immigrants bring crime can also be attributed to a bad learning data set.  In our immigrant example, that learning data set could be the content produced by Fox News. Bias is not always bad, we need them to judge the significance of our data.  For another example, say you wanted to go out to eat. In order to select a location, you might ask a friend, Paul for his favorite restaurant. He suggests a Bowling alley diner.  Does this choice reflect bias? Might it help to know going in that Paul’s favorite food is hot dogs and bowls every weekend as part of a league? Should it affect the significance you mentally apply to his suggestion?  These are the weights and biases that we apply in our everyday decision making. These same sort of weights and biases must be trained into the learning model. And they are, every time. It is usually not possible to eliminate input bias entirely..” Many in the class seemed a bit perplexed by all this new information.

“Rule of acquisition #74 states that knowledge equals profit.  In our case knowledge equals model. The more training you can supply, the more points in your matrix, the greater and more accurate the predictability.  How many of you have worked with confusion matrices?” Someone called out, “They’re all confusion matrices to me,” but Yohan didn’t reply, he just waited patiently. . In time nearly all the students raised their hands. .  That was a good sign. He continued his lecture going over some examples of using bias of various data to increase the flexibility of the model. . . By the time he was talking about practical uses for stochastic gradiants, most of his students’ attention had wandered. Continue reading “My Defcon 26 Short Story Contest Entry Part 1! Finally!”

Last minute writing contest entry received!

Defcon short story submission received!

It came down to the wire, but I got my story submitted.  Well, half of it anyway.  yea, i ended my story with the classic “To Be Continued”  Now i need to set to work on the conclusion.

Thanks to Sora, Paul, and my wife for not killing me while I got crazier and crazier over this project.

I will post both Part 1 and Part 2 here at some point.  Official Entries can be found here.  I want to  finish one more pass of edits first.  But get to reading, only 1 week to vote!

My first purchase from a KeyMe kiosk and I have notes!

KeyMe Kiosk

I have used MinuteKEY in the past to easily bypass DO NOT COPY keys. Today’s errand was more about a quick solution then a security bypass. I was just copying normal keys today.  Here is what i learned.  With MinuteKEY, you could only make batch copies of the same key.  In fact, the MinuteKEY kiosk locked your key into the machine until all the copying is done.  There were zero protections against DO NOT COPY keys.  They do however print keys right there in a variety of styles and colors.

MinuteKey - DO NOT COPY close Continue reading “My first purchase from a KeyMe kiosk and I have notes!”