Well, my day was canceled and my phone needs a rebuild, so it’s maintenance day! finally getting to some much needed upgrades That i have been putting off. please excuse the dust and potential outages.
I’m back in Vegas for Defcon and it’s going swimmingly. so much so that i might get some actual swimming in.
Thanks to the late night help of Professor Franklin i have improved and redeployed the Defcam!
Google doesn’t think my account has been hacked or that I have lost control. They seem to genuinely believe that i am not authorized to pay with this “instrument” and that my intentions is fraud. This all started with a neglected Google Play account. So neglected that i never replaced the credit card on file and the one there had been reported lost in 2013. I logged into the account to buy a $4 app for some android cameras i was playing with. I purchased the app without error or incident 2 days ago. . .
I use the app with the cameras problem free for 2 days. In the end, one camera was a little glitchy, so i decided to restore it to factory settings and set it up new. This is when it all went very bad. When i logged into the store i couldn’t find the purchased app in my account and it wouldn’t let me buy it again. It was giving me strange errors about lack of internet or an error code: OR-IEH-01. It was at this point that i noticed the email about payment information being needed. I never received any emails about the purchase being canceled (apparently it was). This is when i decided to call customer service. The support agent interrupted me repeatedly, imparted the same explanation over and over, all the while asking me to submit a credit card statement from 2013. The incompetence was staggering. I did some reading about reports of a massive Google outage today. The agent insisted that i had added the lost card to the account the day of the purchase, the same day that i received the request for additional documents. This claim is ridiculous at every point, but not as ridiculous as google expecting me to have the same credit card number forever. Did the outage contribute to the problem? i don’t know, but across Google’s ecosystem there has been failure today. I even tried to create a new google play account with all new info. It did not work, something is broken. I jumped though the first set of rings and submitted my current credit card and state ID card. The rejection came swift. 23 hours under their 24 hour ETA came this email. . .
I feel at this point i need to provide some context. Was this a new account? was it active? I have used my google account almost daily since 2009. In fact, i used their own google pay service for years until they changed their policy to require delivery of digital content thought their platform only. I charged clients weekly, and google deposited that into my bank account. For years without a single charge back. I used many of their experimental products. I even used Google+ and i still don’t know how i am going to replace fusion tables.
What now? now i gather the remaining documents and try again? what are our options with gatekeepers like these? I’m still locked out of the play store and my google login is behaving erratically. (gmail delays on both incoming and outgoing)
The offering I brought was nearly 100 lbs of technology from my childhood. I met some amazing staff and volunteers (they even archive their employees). Even visited the blinking lights of their servers. They archive even more then I knew. More then web, old software and films, they even archive music and have an impressive collection (i found several rare or out of print artists and albums in their archive).
After Google killed XMPP support for Google Voice, I no longer had a house phone. I was using my Google Voice number as a home phone and for the gate info our building. This lead to the whole system being ignored and neglected. By the time the SD card gave up the ghost, even the backups were in poor shape. I rebuilt the whole system fresh from the latest RasPBX dist and it’s working better then ever. Bought a real DID so i could continue to use Google Voice on our handsets at home. It’s great to have my Asterisk back.
I visited this idea months ago, but for anyone who implemented it, it has been a nightmare. Each subsequent Unifi controller update broke the https in new and exciting ways. After remaining a very squeaky wheel with Ubiquity support, they’ve pushed out a version that should permanently resolve the problems. They even made promises of native Let’s Encrypt support. All this will prove true of false with time, but for now i wanted to share my working procedure for Unifi controller version 5.9.32.
This solution required me to become more familiar with Java’s keytool then i would have otherwise. Unifi has a hardcoded keytool path and password, don’t change that (thanks Corey F @ubnt). i don’t think alias matter, but they must be consistent. I used mykey. We start by generating a key and a code signing request for our domain. For permissions reasons, we will want to do this as root. . .
keytool -genkeypair -alias mykey -keyalg RSA -keysize 2048 -keystore keystore -dname "CN=custom.domain.name" -storepass aircontrolenterprise
Now we export the csr file we will give to Let’s Encrypt.
keytool -certreq -alias mykey -keystore keystore -file custom.domain.name.csr -ext san=dns:custom.domain.name -storepass aircontrolenterprise
Now we run the interactive certbot script to prove the domain is actually yours before they hand out a cert. Follow the instructions you can use DNS or hosting a file to verify.
certbot certonly --manual --csr custom.domain.name.csr
Continue reading “Hosted Unifi controller with Let’s Encrypt SSL take 2!”
I met a pile of incredible people. Bought some amazing toys (for science), some i’ve even got working. Saw some talks and demos. Talked to some of my heroes and listened to even more. I saw Ladar Levison talk about epoxying your ports and adding thermite to your hard drives. I played with the ECU of a fake car! now i just have finish building the DarkNet Badge! enjoy my pictures. The hat data is still being analyzed. I’ll try to build something out of it eventually.
This is a silly project that i have spent probably too much time on. First I thought, why not time-lapse my upcoming defcon trip. Then i thought, why not live stream it. So… I started with a Pi Zero and a Pi Camera v1. Wired some pins to the GPIO for power. Made a custom wire and hot glued it into the hat. Done!
This small exhibit includes audio/video recordings from the Daily Show cast as well as Trump Survivors. Even a set with a golden toilet and props to pose with. (i had to grab a tie, but it wasn’t long enough for me). We were given name tags upon our arrival complete with nickname (mine was “Buzzkill be3n”). you can see the whole exhibit in under an hour. well worth the visit!
Sunday June 17th is the last day in LA. 631 N Robertson Blvd. 12pm-10pm.