Owning the flag: PoliCTF

Posted on 2012-11-21 by Ron

We like to imagine the good ol’ days of princesses and dragons, where the heroes sat around a smoky tavern waiting for quests from frail old wizards. These days, the heroes of our time sit around computers getting their quests from a server on the Internet. That was how our weekend went…

An eager group of us met up Saturday at 1 pm — Alex, Colin, Jay, Jeremy, Mak, Richard, and I (Ron). Armed with junk food and piles of computer gear, we set out on our quest: to capture all the flags!

The clock ticked. It hit 1:00. Nothing yet. 1:01, 1:02, and finally at 1:03 the first challenges were up! Mak started decrypting them while the rest of us waited. Slowly, we started getting the puzzles. A PCAP of a SSH session for Forensics, a C program that said “U MAD?” for Bin-Pwn, a bunch of encrypted data for Crypto, and an obscure Hackers reference for Grab-Bag.

An hour of derping later, and all we could wonder is what we had gotten ourselves into. As we were working, other teams were completing challenges, and we were falling behind. What’s going on? Are we that derpy!? New challenges were unlocking — a bitmap with faded text for Forensics, a network service for Bin-Pwn that was a calculator, and a photo of a crazy breadboard for Grab-Bag. And there we sat, still derping.

Grab-Bag 100: Hackers

Eventually, Richard realized that the obscure Hackers reference meant we had to watch the movie and find the scene where they showed the Garbage File. So he and Mak fired up Netflix, and spent a half-hour jumping around looking for the two frames in which the hex dump of the file showed the address we needed. First flag: DEFEATED! 100 points! w00t! High fives all around!

Things were looking good! Let’s get our hopes up so we can really feel it good when we fail!

Forensics 100: Beep beeeeeep beep

Next up, the SSH session. After a bunch of screwing around looking for any kind of data leakage, we started looking at the SSH traffic. Nothing jumped out, and we didn’t even have the handshake so we didn’t know how it was encrypted. WAT DO?

Eventually, the challenge coordinators released a hint: “This challenge could just as easily be RSH”. Wait, what? SSH is encrypted, RSH is not. Hmm! That led me to start thinking of covert channels. We started looking at the packets’ metadata, but didn’t see anything interesting. Alex points out that there are large and odd gaps in the ssh traffic, like eight second gaps once in awhile. We opened a timing graph, and I said, “This is modulated.”, and we were right. A horrified look crossed Mak’s face as we all came to the realization: it’s Morse code. With SSH packets. Wow.

So, we decoded it, and sure enough, it was a flag. FLAG 2! There was much rejoicing, and the best high five I’ve ever had with Mak. I swear we were breaking atomic bonds between our hands… [Editor's Note: I still have flashbacks and phantom pains as a result.]

By that time, it was 8 or 9 pm. We were in the middle of the pack and going strong. But I’m not gonna lie, the rest of the night/morning is a bit of a blur, fuelled by junk food and sugar, so I’m just going to hit on the high points, to the best of my recollection, in vaguely chronological order.

Bin-Pwn 300: Please don’t ask me about Bin-Pwn 300

Bin-Pwn 300. Oh God, Bin-Pwn 300. It was a Linux binary that was running on their server. It became quickly obvious that you had to exploit it, but despite reversing the whole damn thing, I couldn’t find the issue. I’m supposed to be good at that stuff! Sadly, I’m not so good at Linux debugging/hacking, so it slipped through the cracks despite spending all night on it. Sadfaec. :(

Luckily, I’m not the only one with a nemesis! Forensics 200. You can see the look of horror on Mak’s face just by mentioning it. When I brought it up in the SkullSpace meeting, he publicly threatened to stab me in the face. It’s just that good!

Forensics 200: Please ask Mak about Forensics 200

Forensics 200 was a BMP image.

The hint noted “This file is big 54 + PixelArraySize.” That’s it. We already knew from the previous level, the Morse code, that there would be something hidden in some insane manner. Looking closely, we could see that there was some text somewhat superimposed on the image. Mak wrote a Ruby script that would take the original BMP as input and output a directory full of mangled BMPs with the same pixel data, but with a different height and width declared. Alex ran the script and eventually identified the text as “BITCHES BITCHES EVERYWHERE”. Surprisingly quickly, Mak, in the supercomputer he calls a brain, realized that the bytes were encoded funny, and that there was likely some stenography on the pixel data in there, causing the strange colouring. He threw together another Ruby script, and before long had pulled out the least-significant nibble (4-bit value) from each byte of pixel data to form a new file. And guess what? IT WAS ANOTHER IMAGE!

That image, Mak eventually realized after some nudging from Mark, had extra data after the pixel data. It was a 7zip archive! By midnight, we had the 7zip archive. By 1pm the next day, we still had the 7zip archive. It turns out, the password was stego-encoded in the second BMP in a way that we never did figure out. We still don’t understand it now that another team has explained it to us. It was a sad time…

At some point pizza showed up. I don’t eat pizza, but I also had a box of oranges, triscuits, bunny-shaped graham crackers, chips, dip, guacamole, bagels, … well, let’s just say I had a lot of food. Also a couple bottles of Kambucha. I love that stuff!

Anyway, on to other flags. Did I mention I worked on Bin-Pwn 300 all night? I’m still upset with that.

Bin-Pwn 100: U MAD?

Other flags… oh yeah, Bin-Pwn 100. Jay, poor Jay, spent far too much time chasing a white rabbit on that one. See, they had a weird combination of whitespace in each line: tabs and spaces. We tried all sorts of stego techniques, but no luck.

Let me back up. The level was a simple .c file that used a copy of libjpeg.a to generate an image saying “U MAD?” — the answer was, of course, “Yes, fuck off.” At least, it was by the end of the night.

So anyway, Jay was playing with the whitespace in various ways and getting nowhere. He also tried to compile it against a system version of libjpeg.a and hash the output images… they were identical. So no hidden features in libjpeg.a. WAT DO?

That’s when Alex took a look. Or maybe it was later, things are kinda hazy. Alex opened up libjpeg.a as an archive (and that night, I learned that .a files are just collections of .o files  — who knew?) and discovered a .jpeg file embedded. That’s not right! The jpeg file, however, had a corrupted header. But, once he took the header from the original “U MAD?” .jpeg file and stuck it on the new one, it displayed a key above the text. We no longer mad, bro!

At some point that night, Ian and Marcella showed up and took some pictures. They are here. It was cool to see some friendly faces in the middle of the night. Actually, a lot of people stopped by here and there to help and cheer us on.

Bin-Pwn 200: 1 + 1 = 2

Bin-Pwn 200 was, basically, a calculator. You netcat to their server on a given port and it lets you enter two numbers and an operator. Those values are combined and the result is printed. That’s it. What the fuzzle!?

This is where Jay saved us. He discovered that whitespace was handled wrong. If you added spaces, multiple numbers were used. For example, “1 1 1″, “+”, “2 2″ would wind up as “7″. How do? He quickly realized that he was looking at a Lisp-based evaluator. At that point, he had to leave.

Mak and Nick, a remote teammate, took over and started looking at this puzzle. They eventually figured out which Lisp dialect it is, and used these things they called “lambdas” to do all the magic: listing files, reading them, etc. With that, they managed to read “flag.txt” in the calculator’s working directory and get the flag. BOOM!

I remember the sun coming up. Sunday was a beautiful day, I think. I pulled my car around without putting on a jacket. The sun felt nice after 24 hours in a chair…

Bin-Pwn 400: Hutlh ghItlh pIqaD

If we couldn’t get Bin-Pwn 300, how the heck were we supposed to get Bin-Pwn 400!? Who knows, but we tried anyway!

Once again, we were given a server and a port. But this time, we also had a username. The server was called “alien-server” or something. It was a SSH server, and we didn’t have a password. Okay… so we need to break SSH? LAME!

After poking around a bit, Alex remembered that he had to send a SSH public key to the organizers to register our team for the contest. Aha! Sure enough, we logged in, expecting a shell. As the famous Chuck Testa would say, nope!

We logged in, and the server starts saying weird things. It starts by saying “loS”, then waiting ten seconds, followed by other gibberish. I love me some ciphers, so I thought this might be fun! For fun, Alex Googled one of the phrases. We found an English-Klingon dictionary. Yup, it’s Klingon. We bashed our heads trying to figure out what to type, but all it would respond with is “bad message” or something.

Nick discovered that the Klingon letter ‘ch’ could be used to read a file. But only a couple files were available, specifically, the files that were the source of the shell itself.

Once we had access to the files, Nick and I started working on how to exploit the system. Eventually we realized that we could get the system to interpret (or JIT compile, more likely) arbitrary C++ code by using a bunch of weird Klingon commands. I managed to write a file-reader to read flag.txt, and boom! We had another flag! I woke up Mak to high five him. It was a good time.

Shortly after that, I realized I couldn’t stay vertical anymore so I laid down. I remember the voices fading out, the coldness, and then waking up with an arm covered in drool. An hour or two of sleep will do that. I woke up to cheering and high fives…

Grab-Bag 300: Duckrolled

I, probably fortunately, slept through this level. It was JavaScript code that, through a combination of nested packing, syntax errors, obfuscation, and duckrolling — was very annoying to decode.

Here’s how I understand it happening: I went to sleep, Mark and Mak starting typing and pointing excitedly at the screen, then I was being woken up for high fives. It was a great level, at least for me. I wish they’d solve more like that. [Editor's Note: I wish you'd snore less. (-:|3]

By the time I woke up, I realized I was mostly useless and instead of continuing to bash my head, I started cleaning up and taking out the garbage. That way, when the clock ran out, I could go straight home and get some more, much needed, sleep…

Grab-Bag 200: Blinkenlights

Now, if there’s one thing I don’t know — and believe me, there are a ton of one things I don’t know — it’s circuit diagrams. And, worse yet, pictures of breadboards with unknown ICs.

Once this level unlocked, we had a bunch of people looking at it. Andrew, Ben, Justin, Richard, and more. There were LEDs and wires and chips and resisters and stuff, and they had to figure out which LEDs would go on, I assume. What else do LEDs do, really?

After a couple hints from the organizers, including an extra image of the contraption from a new angle so that the wiring was actually visible, and working on it for the entire night, Richard figured it out, and we captured our sixth flag. This put us into tenth place overall, but unfortunately we lost a position in the last forty-five minutes of the contest.

And that’s a wrap!

And that was the end. Six flags, eleventh place, and maybe six hours of sleep between the four of us who stayed the night (Alex, Mak, Richard, and I). It was intense!

Personally, I had a great time, and based on feedback from the others, so did they. As I said, we derped the hell outta the contest, but considering we got eleventh place with only four consistently present members on our team, that’s darn good.

If I did it again, what would I do differently?

  • I’d get more sleep. I realize I burnt myself out. I bet I could have done better with a proper sleep.
  • Next, I’d try to get together a bigger group, and sleep/work in shifts.
  • I’d also like more space to work, and scratch paper.
  • I’d also like to suck less at debugging Linux applications.

All in all, though, I’m really happy with how it went. I approve!

If you’re interested in helping out with other CTF challenges, email me, ron at skullsecurity.net, and let me know! I’ll add you to our mailing list and we’ll let you know when we plan to do our next time.

Posted in Events | 4 Comments

SkullSpace 2.0: The new frontier

Posted on 2012-11-05 by Ron

Hey everybody,

This is the story of SkullSpace’s landlord troubles, the mistakes we made, and how we resolved them to create SkullSpace 2.0. Spoiler: it isn’t created yet, but you can help by donating! Now, on with the story…

Operation: SkullSpace 1.0

So, let’s start with the backstory. We signed a one-year lease a long time ago – June of 2011, give or take. SkullSpace alone signed the lease, and AssentWorks came along as a sublease. They were (and still are!) close friends, and had very similar goals, so we were happy to share space with them.

At the time, we didn’t really know what we were getting into, but we knew we were going to make it work. Why? Because SkullSpace was already full of awesome people and only getting better. It was a one-year lease, which was comfortable for us – if the worst happened, we could cut our losses and run.

I realize I’m almost two years late, but I uploaded some pictures from way back then to show you what the space looked like when we moved in, as well as some pictures of our very first renovations. Quite a change from how it looked at our Grand Opening, eh?

Lease status: renewed

A year later, it came time to sign a new lease. This time, the lease had both SkullSpace and AssentWorks on it. Both of us had grown as organizations, and the new lease reflected that. The rent was a little more, but we could afford it. It was still dirt cheap, and utilities were included! The only downside was that the building was poorly maintained. Getting things fixed – like windows that like to fall out and smash on the ground three stories below – took months, when they actually fixed stuff. There were also constant issues with the elevator, plumbing, lights, and everything else. But it was cheap!

In the year-and-a-half since we moved in, I learned everything from building walls to fixing toilets to making a hackerspace into a home. Mike Loney took the reigns and made the renovations happen. I learned so much, and it was fantastic; I wouldn’t trade that experience for anything!

“You guys cost us how much!?”

Now, fast forward to last month: October 2012. The landlord – that is, the people who own the building – saw the electrical bill. Apparently they’d been paying it without looking, and they freaked out. It turns out, maintaining an old leaky building with no insulation and largely electrical heat (and cooling) isn’t cheap! And despite our lease explicitly saying that electrical was included, they wanted us to pay it. In our opinion, no dice.

This is where it gets interesting. Our lease had a stipulation in it saying that, with six-months of warning, they could terminate the agreement and leave us on the street. We knew that risk and were prepared to move if it was ever invoked. As a hackerspace, we’re agile. We can survive! Heck, our friends at Protospace were homeless for awhile, and I’m sure they aren’t the first!

That being said, we share the space with our friends at AssentWorks, and they had a big grant coming down the pipe. For them, the choice was obvious: make the landlords happy to avoid being kicked out. For them, losing space unannounced would cost a whole lot more than the electrical bill they were being asked to pay!

Divide and conquer

Now, the landlords – in a smart but also asshole move – used this dissonance to their advantage: they talked to AssentWorks directly, basically leaving their own property management firm and SkullSpace out of the negotiations, and AssentWorks chose to pay the bill and sign a new lease as the sole entity inhabiting the floor, but with the option to sublet to us. A reasonable choice, of course – I would have done the same if I was in their shoes.

That left SkullSpace and AssentWorks in an interesting predicament. If SkullSpace stayed, we’d be expected to pay half of a bill that we can’t afford. If we left, we left AssentWorks holding the hot potato, which isn’t fair. So, we talked to AssentWorks about options – can we pay you back over time? Can we pay part of the bill? etc.

In the end, AssentWorks gave us three options: one, we stay, pay half the bill, pay rent and utilities three months in advance. Impossible. Two, we leave in 2 months (end of December), and pay the rent in advance, and pay our half of the electrical bill. Three, we leave in a month – end of November – and pay nothing, not even our November rent. That last deal was extremely fair – it was AssentWorks recognizing that they expected more of us than we could afford, and giving out the option to cut and run. I can’t thank them enough for that one!

Just to re-iterate: our position was always that we don’t pay any of the electrical bill, and that AssentWorks shouldn’t have either. Our lease explicitly stated that it was paid for, and if the landlords screwed up then that’s their problem. Of course, that’s not how business really works.

We (the SkullSpace Board of Directors) sat down at the table with AssentWorks a few times to hammer out these options, and later to discuss them. After bringing the amazing Ian Trump on board (that’s his company site, since I don’t have a better link), we managed to hammer out a deal that was mutually satisfactory: We stay for three months – until the end of January – paying a portion of our half of the electrical bill, and pay our utilities for those three months. At the end of January, we’d cut and run. The SkullSpace Board and AssentWorks both supported this plan.

“Your plan’s bad and you should feel bad”

Last Tuesday (October 30, 2012), we brought that plan to the membership. And, the membership said no. They want to leave at the end of November. Ooookay!

This is the magic of a hackerspace: the Board can propose one thing, and be totally shot down. It was awesome! Justin – our former Operations Manager – had done a bunch of groundwork on finding a new space. Although it wasn’t financially feasible yet – and as of now it still may not be – he sold it really well. His plan was that we give AssentWorks our notice that we’re leaving at the end of November and sign this new lease. RIGHT NOW, basically. It was scary, to me, that there was so much support for a plan that I had just heard. But, it is what it is.

It wasn’t until Mak – our former Vice President – pointed out that leaving the space in a month and getting the expensive space that Justin was looking for aren’t both required. We can give our notice and move to either the space Justin proposed or another space, just as easily. Or even spend time homeless and saving money if we need to. Smart!

So, the membership overwhelmingly supported terminating our lease at the end of November, and finding a new space. The Justin Plan is still a viable option, and is becoming more viable every day. We started an Indiegogo campaign to help fund the move and to make our new space – wherever it happens to be – into a home.

Whatever we get and wherever we end up, it will be awesome, because we have awesome people. And that’s what a hackerspace is about: the people. SkullSpace 2.0: Coming soon, to Winnipeg.

And, that’s where we are now. Still exploring options, looking around, and figuring out WTF we can do to make this work.

Lessons learned

This is the most important part, in my opinion. Particularly for others who are reading this. How did we get into this tight spot, and why.

We, in my opinion, made at least two fundamental mistakes. And they’re mistakes that I see other hackerspaces making all the time, and that I call them for.

First, we depended on an unsustainable rent. We had a massive amount of space – 4000 sq.ft. – for peanuts – $750/month all-in. The problem is, we depended on that. We had an emergency fund saved up, but in the end we couldn’t afford the proper rent for the space, so we lost it. A lot of hackerspaces depend on having cheap rents – below market price – to sustain themselves. Not smart!

And second, we were tied too closely to AssentWorks. Getting into a position where another entity can cause you hardship – either on purpose or by accident – is dangerous. Especially as a hackerspace, since I believe strongly in openness, and I let everybody see my cards. When it comes to a situation where we have to do a business negotiation, I feel like they know everything about me and I know nothing about them, which isn’t fair.

As I said before – and it’s important – AssentWorks was actually really good to us. They made a business decision – and I believe it was a wrong one, although I would have done the same – to pay the landlord money that they didn’t owe him. But they gave us an out, and let us cut and run, without owing them anything. I’m extremely grateful for that! A more cruel organization could have made this very difficult for us.

So, lessons learned: don’t rely on others to make an unsustainable model work. Make sure you can afford market rates for real estate. BAM! Done. :)

And, one last time, please donate! Help make SkullSpace 2.0 happen!

Posted in Groundwork | Leave a comment

Hacking’s our business.

Posted on 2011-11-07 by blackyak

And business is good. The grand opening went better than anyone could have expected! After all was said and done, we took in over 800 dollars in profit! There was record attendance, and the (now finished) space was full of makers, hackers, geeks and self-professed nerds.

There were a whole bunch of projects on display ranging from arduino based thermometers, Lego NXT kits, steampunk nerf guns to hacked up television sets. As with other gatherings, we had a lockpicking island set up, complete with a visual guide to lockpicking for those willing to learn.
NXT kit and o-scope
Nuka Cola
lockpicking

For those willing and brave enough, there was the option of riding a homebuilt hovercraft! Though it doesn’t have a built-in mode of propulsion, we managed to come up with a way to move it by pulling the rider along using the extension cord. If you haven’t signed the waiver yet, make sure you do before taking a ride!

Molly and her hovercraft

Possibly because of the energy and excitement (and possibly because of the industrial-sized vat of coffee), conversations and project ideas were exchanged freely. I know that I picked up a whole bunch of new ideas, and as usual got to tap into the almost limitless knowledge found at SkullSpace. I can finish up a whole bunch of stuff I’ve been working on…and start on new projects I really don’t have the time and money for. But that seemed to be the general consensus in the space.

I managed to see Legary’s talk about vintage arcade machines and their security systems, and I have to admit it was riveting the whole way through. I didn’t think it was possible to learn that much about arcade machines in such a short span of time.

Speaking of arcade machines, both pinball machines were working, and as usual there was hardly a moment they weren’t being used. There’s nothing like hitting a big steel ball against electromechanical obstacles while the face of William Shatner stares back at you:
pinball!

Someone brought down an NES, and we played a bunch of classic games including Tetris and everyone’s favourite platformer – Spiritual Warfare. For those select few of you unfamiliar with the title, it’s a Christian adventure game where you find various pieces of God’s armour, use doves as currency and bring holy justice upon unsuspecting minorities.
Tetris!

I’m not sure how the game ends, exactly, but I can only assume it’s the rapture. After the meeting we all went down to the King’s head and redeemed our entry tickets for a free beer! It was icing on the cake. Not only did we get to hang out at a renovated and bustling SkullSpace, but we got a free fine brew out of the deal. DJ symbiotix provided the freshest, fastest beats while we continued our conversations. There was a lot to talk about – a whole lot of ideas to share and angles to gain on new projects.

If we can get this kind of turnout at the next hackathon, who knows what we’ll be able to get done!
Nerf guns and Tron bags!
hacked CRT

Posted in Events | 1 Comment

It’s about to get real

Posted on 2011-11-02 by blackyak

So the grand opening is coming up quick, and we’re getting ready in a big way. For those of you that missed this weekend’s activities, we were (once again) giving the space a facelift. Our dedicated hackers put in a full weekend worth of work, with some of them (the dedicatedest?) staying a full 21 hours. We’re now well on our way to having an almost full-sized kitchen, an almost perfectly rectangular classroom, and insulation against the almost hole-free brick walls. Sometimes it just pays to put in sweatshop hours.

The reno day started off with a small army of people converging on an amazing vegan-friendly breakfast, including some incredible buckwheat and coconut waffles. Be sorry you missed it. No, really. Shortly afterwards we managed to take down the three defunct heaters that were crowding the lounge area and create a human assembly line for hauling lumber. The heater thing sounds easy, but considering we didn’t have the luxury of using a lift it was a marvel of low-tech engineering. We had to get Egyptian in order to remove the steel behemoths, so we rigged up a clever system of ropes, ramps, carts and sheer manpower.

Afterwards we took down the wall separating the kitchen from the classroom, with the intention of moving it back a few feet so that it sits against the large concrete support beam. This setup lets use the space much more efficiently and just makes more sense in general.

Once that wall was down it was time to pull all the nails out of the lumber, salvage what we could and put the pieces back together. We used most of the scraps to build a wall that will insulate the classroom from the harsh weather ahead.

When I left it was already getting dark out, but it was impressive to look at how much we’d accomplished over the course of just a few hours. It was a learning experience for almost everyone involved. Most everyone had used a tool they weren’t familiar with beforehand (Ron made friends with the sawzall), and those who weren’t familiar with building things on this scale got to see how it was done.

As with other hackerspace get-togethers, there was the usual smattering of tech-talk ranging from microprocessors to hacking, coding and even the use of epoxies. Some tinkering got done on various projects in between the reno work, and to top it all off the space was nice enough to get pizza for everyone who pitched in!
See you all at the grand opening, I know I’m gonna be looking forward to seeing how that work turned out!

Posted in Uncategorized | Leave a comment

We’re still alive!

Posted on 2011-09-21 by Ron

Hey everybody,

Just letting you know that even though this blog hasn’t seen love in awhile, we’re turning over the keys to a couple new folks who promise to take good care of it. Hopefully in the next few months we’ll see some activity here! If not, we’re going to take the blog out back and, well, you know.

Anyway, if it’s Christmas 2011 or later, and this is still the newest post, never fear! The group is still alive and we’ve just forgotten about the blog once again. Head over to http://www.skullspace.ca/ (or check out our mailing list/Twitter/Facebook/Flickr/Vimeo/etc) and find out what we’re up to!

Ron

Posted in Uncategorized | Leave a comment

Back at the Lo

Posted on 2011-03-29 by blackyak

As you’ve probably figured out by the title, this week’s meeting was at the Lo pub. As usual it was good times, and we had a few new members show up! I’m still surprised seeing so many tech savvy people in Winnipeg, it’s one of those things you almost wouldn’t expect. We only had a few things to go over because we went over the details of finding a space in last week’s meeting.

For those of you who haven’t read the discussion emails, Jay is spearheading the RSSF, and has found two possible locations. The first is on 111 Lombard, and we’d be able to rent it on a monthly basis. There is of course a catch. There are planned renovations for the space, and at any given moment we could be kicked out. Though a little risky, the price is right, and for a trial space it may just fit the bill. Jay mentioned some issues with cleanliness, but I think a weekend spent with brooms, mops and buckets could go a long way.

The second space is at 250 McDermot and is an open area of 750sq ft. The price is $875, it requires a yearly contract, and is supposed to be in much better shape. If utilities are included in this price the space would be a prime candidate. The RSSF will investigate tomorrow and update us via email. If anyone wants to help Jay with calling agents, it’d be greatly appreciated. It doesn’t take long, and Jay will hook you up with all the info! Send an email to the discuss list!

That’s about all we have for spaces right now, if we can get more people calling and talking to agents our options will likely expand. There are a lot of spaces, but apparently none of the agents responsible for them answer the phone.

In other news, we’re planning ahead for our April hackathon, which will probably be on Saturday the 16th. Ron’s going to send out a survey asking about what you liked/disliked about the previous event and how we could improve. We’ve already learned a lot from our last hackathon, and this one is shaping up to be even better. We’re going to get more tables and chairs to create more of a workspace type feel, better separate the music and talk areas, and try to set up workshops where attendees can tinker and code socially. Also, we’re working on fixing the network issues.

We’re probably going to be focusing on embedded systems this time around, with talks potentially covering the Launchpad platform and more about the Arduino. We’d like to set up an arduino workshop and give a talk covering some aspect, then allow people to try it out on their own. The topic will probably be serial communication, as that’s not only easy to implement on the Arduino, it’s also applicable to other embedded platforms. I’ll be sending out an email!

ARDUINO LINKS!

If you haven’t gotten an arduino yet, here are some websites where you can score one! We highly suggest you get one and bring it to the hackathon.
Best bang for your buck is probably the budget pack

If you have a bit of extra cash to blow, the experimenter pack will get you set up with everything you need to learn about micros. I really wish this was around when I got my arduino

At the talk I mentioned a shortcoming of the platform was the lack of ports. They fixed the fuck out of that problem with the Arduino Mega

Check out the rest of Adafruit’s arduino stuff here.

If for some reason you’re not down for ordering from Adafruit, Makezine carries them.

So does Sparkfun

And Evil Mad Scientist sells a totally badass variant, the Diavolino

They stock all sorts of really cool stuff too, usually more one-off and hard to find than sparkfun.

Posted in Events, Groundwork | 1 Comment

Rent Space Strike Force Established!

Posted on 2011-03-24 by blackyak

At the meeting this week we went over the possibilities of the space, yet again. The lovely Bannatyne location is out of the question for now, as there were minor refinishing and electrical issues. The space will be under renovation for the next six months, and there will be no access until the repairs are complete.
As a result, we spent the meeting going over the details of the other candidate space, located off of Erin. It was reasonably close to downtown, being 3.8km from Portage and Main. The space still provides reasonable bus access, and has plenty of parking options. The building is two stories with multiple office areas, and more importantly has a large warehouse area.

The warehouse area would allow skullspace to share a building with protolab, the sister space that will cover more hands-on, industrial type activities. The Erin location allows both spaces to operate in a single building, and gives the groups the ability to stay together as a community. Though it would be awesome to be able to do woodworking, metalwork, electronics and coding all in the same building, the cost is prohibitive at the moment.
With the current membership number hovering around 30, we were worried that the cost of investing would be too high and the fees may prevent new people from joining. Fortunately, there is no huge rush as protolab isn’t supposed to take off until September. This gives a few months time, and we thought the best idea would be to rent a space downtown.
We established a Rent Space Strike Force (RSSF), the members of which will scour the downtown area looking for properties to rent on a month-to-month basis. This would allow us to keep membership fees reasonable and have a space downtown at the same time. There are issues that come up with the renting idea. Access to the space on a 24/7 basis for all members could be an issue, and any sort of larger building modification would be almost entirely out of the question.

However, we feel the benefits of renting outweigh the (possible) costs. If we were to establish a space downtown, even for a few months, we may be able to interest more people. There would be a physical place to visit and drop by to learn more about the space and participate in projects, as well as a single location for meetings and hackathons. Renting on a monthly basis would also allow us to do what amounts to a trial run of the space, to see if we can keep enough people interested and raise enough money to move into a permanent location.

Your thoughts on this matter are welcome, feel free to leave comments here or send off an email to the discussion list at discuss@lists.skullspace.ca

Posted in Groundwork | Leave a comment

Hackathon 4 was a huge success!

Posted on 2011-03-21 by blackyak

GREAT SUCCESS
Massive props to the record number of people who showed up! We hacked, picked locks, played with microcontrollers and met a whole bunch of really cool people. Oh, and we learned stuff. Apart from the formal talks, everyone there seemed to have information to share on one subject or another. Personally, I walked out of the meeting knowing more about coding, microcontrollers, digital security and copyright protection, and I’m sure the feeling extends to most everyone in attendance.

hacking
lockpicking
dropping beats

As you’ll note in the pictures, the event took place at the Nutty Club, home of Les.net. Les was kind enough to let us use his awesome ISP room to host our event. Not only did the place look really cool, it was located in the heart of downtown! Watching trains go by from the windows was pretty sweet too.

Les has all sorts of cool RC stuff, but I couldn’t find any pictures. Just imagine the stool is Quadracopter or an awesome RC car:
rc stool

The Goldeneye tourney was some retro fun, though the game doesn’t seem to have aged all that well. The pixels were the size of our heads! It seems the single-joystick control also took some getting used to, and to think that we used to be impressed… But I digress.
goldeneye
Ron pwning n00bs:
n64 ron

Mark’s combination talk and challenge was really interesting. He discussed vulnerabilities in Plone web software. It was my first time watching hackers do their thing in real life, and though I didn’t quite get what was going on I’m sure I absorbed some of the information by osmosis. Mark led us through the issues in Plone, and offered a prize for whoever could exploit it over the course of his talk. Stef ended up winning the challenge and took home an energy drink! Here’s a skullspace simulation of the talk, reconstructed from photographs:
huzzah!

I covered some basics in Arduino, for anyone interested I have the powerpoint, so just send an email to the discuss list. I learned there’s a few other people involved with skullspace that are into microcontrollers, which was really cool. I’d love to hear what you guys have to say about the Launchpad, as it’s a system that I’m not at all familiar with but it looked really cool! I know I talked to two people, but since I’m terrible with names I’ve already forgotten…you know who you are though. If you guys would like to give a talk about micros or the launchpad at the next hackathon that’d be wicked!

Here’s me, not talking about the arduino:
arduino talk

The talk I enjoyed most was FuckYeahNouns, skullspace’s most profitable project to date. Burke led us through the process of creating the site, as well as some awesome statistics from the moments the website was posted to Reddit. As a result of the talk, I have a little more respect for Yahoo, and know a little bit more about web hosting, (as well as what happens to your server when content goes viral).

fuckyeah

I also ended up talking to the people behind the Winnitron, the indie game machine, and as it turns out they are working on an exciting new project! I’m not at liberty to disclose the details, but it’s shaping up to be an impressive sequel to the popular cabinet. If you liked the Winnitron, you’ll love what they have planned next.

As usual, our next meeting will be on Tuesday at Seccuris, 321 McDermot Avenue. Updates on the space and voting on the wishlist will take place. Oh, and after seeing the raging success that was FuckYeahNouns, skullspace has decided to branch out into meme production, with the goal of 1 meme per month. If successful, we may sustain our business model through the propagation of viral internet content. Feel free to help us either with hosting space, idea donation, coding expertise and whatever else you think could spread like wildfire through the internet.

And some more pics from the meet:
people
table
console
Jay

The rest of the pictures can be found here

Posted in Events | Leave a comment

Mailing List MADNESS

Posted on 2011-03-16 by blackyak

Alright, first off: SIGN UP FOR THE MAILING LIST. It’s crucial. The mailing list is where we, well, mail lists. And discuss stuff. If you want to know what’s going on with the space, what are current needs/wants/hopes and dreams are, and if you want to weigh in on these, the mailing list is the place to do it!

We’re trying to make meetings a time to vote on things, and to discuss the finer points of the subjects in the mailing list. If we want a group that works on consensus, we all have a responsibility to stay informed. Next Tuesday we’ll be voting on the wishlist. It’s available on the wiki, and it’s been listed in the blog. We can probably email you a copy too.

Yesterday’s meeting was pretty good, and we had an extensive discussion concerning the potential spaces. For those of you who weren’t able to attend, we held it at the current candidate for the physical space. It’s between Republic and the Peasant Cookery, and it’s a space that’s affordable and suitable to our needs. Plus, the entrance is a totally cool nondescript door.

It’s not ideal, and it needs some work, but the location and price are hard to argue with. The fact that the space is set up to accommodate industrial equipment is a huge plus, seeing as skullspace and the sister organization, protospace, want to share the same buildings. Other potential locations include one in the Inkster industrial park and a space off of Erin. These, though bigger (and at least one has 3 phase power!) are harder to get to and would almost certainly necessitate a personal vehicle (ie: bus-riders stay home!)

There was some confusion during the meeting regarding the space, growth possibilities as well as the finer points in any potential lease. The concern is good, though being subscribed and up to speed with the mailing list discussions will alleviate this kind of confusion in the future. However, the concern shows that we have a dedicated group of people willing to put time and effort into the project.

Which is why we’re looking forward to this Saturday. As you probably know we’re hosting a Hackathon. We’re going to be featuring talks by members covering a number of subjects and we’ll have a bunch of other awesome activities. We’re hoping that after this weekend we’ll have some projects in the works and some collaborations going between group members.

Personally, my goal is to get people involved with the Arduino, and start building things as soon as possible. I’d love to hear the ideas you guys have and the (arduino-based) things you’d like to build! Feel free to drop your suggestions off at the discuss list: discuss@lists.skullspace.ca

Anyway, it’s the middle of the week, so this seems appropriate: Plastic snakes and fractal geometry.

Posted in Uncategorized | Leave a comment

Status update!

Posted on 2011-03-11 by blackyak

Budget

Alright, first off we should probably start with the business end of things. We’ve got a draft budget, as you probably know from the mailing list. Please note that this is an alpha draft that will likely change as we know numbers a little better. Our basic monthly operating budget will look something like this, though:

Expenses
Rent $600.00
Utilities $200.00
Insurance $200.00
Internet $50.00

And our annual expenses will look something like this:

Marketing $400.00
Annual Return (Companies Office) $25.00
Equipment $1,000.00
Misc $400.00

And finally, our predicted income is the following:

Monthly Dues $14,400.00
Donations $250.00
Fundraising $250.00
Merch $250.00

That assumes a $40/month fee for members and 30 members. The grand total, if you add it all up, is ~$725 above per year. Our goal was to be slightly over the break-even point, so we are successful.

To emphasize one more time: this is only a draft budget. It may not reflect the ultimate reality.

Oh, and to help out with the “Merch” income, everybody should go buy something nice for themselves from our Cafepress Store!

Bylaws

Bylaws were voted in at the last meeting, and we’ll be posting them as soon as they’re “lawyered up”.

We are currently enlisting people for the physical space design task force. We need the following items in the space, when we get it:

  • warm up food
    • Microwave
  • keep food cold
    • Fridge
  • make coffee
    • Coffee Maker and supplies
  • work at tables on laptops with wired internet
    • 4 tables and 16 chairs
    • network switch and a roll of cable+ends+crimper
  • work at couches on laptops with wireless internet
    • 2 couches
    • wifi ap
  • throw out garbage and recycling
    • garbage can
    • recycling bin
  • present talks
    • projector, screen
    • area we can re-arrange to make suitable for presentation/talk
  • listen to music
    • speakers
    • media centre/stereo/etc
  • side table to put your coffee cup on while hacking
    • 2 side tables
  • soldering station
    • workbench
    • soldering irons
  • access control
    • card access system
  • alarm
    • alarm system
  • safety stuff
    • fire extinguishers (2x abc dry chem, also should probably have a class D)
    • epic first aid kit

The budget, gear, and more are being actively discussed on the discussion mailing list – if you want more information (or if you have any questions/concerns/etc), please join the list!. Email discuss-subscribe@lists.skullspace.ca and follow the instructions to subscribe! Go here for more information about our mailing lists, and here to read the archives.

Event

We’re hosting an even on Saturday, March 19th, and anyone who wants to talk about their pet obsession is welcome to do so. Personally, I’ll be talking about the arduino, a platform which you all know I like a little too much. I’ve heard talk of sessions covering GIS mapping, as well as a previously undisclosed exploit for a vulnerability in Plone. This time, we’ll be meeting at the Nutty Club Building (homeplace of LES.net) at 130 Portage Avenue East (the big red door with the doorbell). Come on down and spend a Saturday learning with us! Bring your friends! For more details and directions, see our wiki post (we’ll be updating it this weekend with full details)

And if you needed one more reason to come, we’ll have free stickers to give away!

Inner-city youths

If anyone wants to help out some inner city youths, there’s a computer club looking for volunteers. Not only will you be able to teach kids some computer basics, you’ll be making a positive difference in the world! Anyone interested should email info.at.skullspace.ca for the contact info!

That’s about all for now. We’ll be covering a bunch of details and physical space stuff at the meeting on Tuesday at 6pm, in a brand new location – our potential space on Bannatyne Ave (the small door between The Republic and the Peasant Cookery)!

Posted in Groundwork | Leave a comment