My first purchase from a KeyMe kiosk and I have notes!

KeyMe Kiosk

I have used MinuteKEY before. To easily bypass DO NOT COPY keys quite successfully. Todays errand was more about a quick solution then a security bypass. I was just copying normal keys today.  Here is what i learned.  With MinuteKEY, you could only make batch copies of the same key.  In fact, the MinuteKEY kiosk locked your key into the machine until all the copying is done.  There were zero protections against DO NOT COPY keys.  They do however print keys right there in a variety of styles and colors.

MinuteKey - DO NOT COPY close

MinuteKey - DO NOT COPYMinuteKey Workings
None of that is true with KeyMe.  First off, the interface is much easier to use (despite misleading or outdated instructions).  you can batch different keys at once witch is very handy. They offer to mail you cut keys of different styles, but the only ones cut in the machine are basic brass and brass with a bottle opener.  They offer a novel approach to DO NOT COPY with a Store Employee Check Required screen.  The 3 digit code is cute, but can easily be shoulder surfed.  Apart from that, with the batching of keys, there is no way for the Store Employee to even know which key you are copying at that moment.  Unlike the MinuteKey, nothing is locked in place.  The machine is already ready to scan another key.

KeyMe - Kiosk (close)KeyMe - employee check
Final observation on an interesting feature that i want to investigate further.  KeyMe kiosks allow you to store your key on their system protected by your fingerprint.  That’s just the start.  With the app, you can take a picture of a key and have it printed at a kiosk.  Send keys to friends/family/subordinates though the system.  I will just say that i am both intrigued and terrified by these novel ideas.  what are your thoughts?

Last days of the #dailyshowlibrary!

tiny hands tweeting

This small exhibit includes audio/video recordings from the Daily Show cast as well as Trump Survivors.  Even a set with a golden toilet and props to pose with. (i had to grab a tie, but it wasn’t long enough for me).  We were given name tags upon our arrival complete with nickname (mine was “Buzzkill be3n”).  you can see the whole exhibit in under an hour.  well worth the visit!

Sunday June 17th is the last day in LA.  631 N Robertson Blvd. 12pm-10pm.


be3n Trump #dailyshowlibrary set with golden toiletTrump mentions the worldactual trump fake cake from inauguration Trump twitter word cloudTrump Nick-Names
Trump - gone but not forgotten Daily Show Library be3n Daily Show - trump v trump

Hosted Unifi controller with Let’s Encrypt SSL!

Unifi controller with SSL from Let's Encrypt

I have been consolidating some of my sites onto a single hosted Unifi controller.  Documentation was outdated so I am going to post some useful info here. My original plan was to setup a basic apache2 site, use certbot to generate my certificates and then install them into the Unifi controller. The first frustration is that you cannot simply install the certs you want into the unifi controller.  second frustration, java.  once you get over that, it’s super easy.

I had some issues with the initial migration.  i ended up having to start over.  handy command to remove unifi controller with all it’s configuration and data. apt-get remove unifi --purge Just remember, you will need to reinstall Unifi after. It will be bran new and back to the wizard.

Getting started with SSL, I learned mostly from here.  First create a CSR with unifi through command line…
cd /usr/lib/unifi
java -jar lib/ace.jar new_cert <hostname> <company> <city> <state> <country>

this creates unifi_certificate.csr.der and unifi_certificate.csr.pem inside the data directory where you already are (/usr/lib/unifi/).  Now we need to feed the CSR into certbot.  Note that at this point,  i already have apache2 installed with a very simple virutalhost and site setup with the domain i am creating a cert for.  Here is the command to feed the CSR generated by Unifi into certbot to be certified:
certbot certonly --apache --csr /usr/lib/unifi/data/unifi_certificate.csr.der

Certbot will make sure that domain is yours (and your apache config is working) and then output a signed cert and a chain that is almost everything you need to install the certificate back into the Unifi controller.  Still in /usr/lib/unifi/data/ 0000_cert.pem is my signed cert and 0001_chain.pem is my signed cert plus the intermediate certificate. what’s missing is Let’s Encrypt’s Root certificate to validate the intermediate certificate and thus complete the chain of trust.

Continue reading “Hosted Unifi controller with Let’s Encrypt SSL!”

It’s finally fixed!

 

As you can see, it did turn out to be hardware, a GPU and CPU (ouch!).  The flash storage was not it, but I figured that out eventually. This has been an issue since October!  With many fixes attempted.  It was a bit of a blow to my pride eventually having to turn to Apple, but they stepped up and got it done with only mild frustration on my part.   Plus, they picked up the tab as my warranty is certainly expired.  There comes a time when you realize that a fix would require more parts then you had at hand.  I have been enjoying my functional desktop again, just in time for the new iMac Pro to make it obsolete.

New Toys – Myo Armband & Leap Motion interface devices!

Myo Armband & Leap Motion interface devices

Trading technology with my friends left me with some exciting new toys.  Now with a bit more time since these devices were introduced there are lots of interesting demos for each. Though similar, these are very different devices and not intended to be used together.  I am excited to see what they are capable of.  Anything to replace the flat pointer driven systems we seem to be stuck with. I think I’ll integrate my Leap Motion with the Oculus i have on loan.  So far, it’s hard to type without triggering my Myo Constantly.