Monthly Archives: July 2014

Trick to easily reload that Chrome App you’re developing

0 minutes, 30 seconds

I’m working on a chrome app. Maybe you are too! Maybe you want to do the old view-the-app-command-tab-back-to-editor-make-quick-tweak-save-command-tab-back-to-the-app-and-want-to-quickly-reload thang? Maybe you can’t reload your app quickly, like a good ol’ web page with “command + R” (or “ctrl + R” on windows)? Maybe you even saw that there’s a bug on file to fix this?

May I introduce the triple escape hack! If you add this snippet at the top of your app, all you need to do is hit the “esc” key 3 times and your app will reload:

var escCounter = 0;
$(document).keyup(function(e) {
    if (e.keyCode == 27) { 
	  escCounter++
	  if (escCounter > 2){
		  chrome.runtime.reload()
	  }
    }   // esc
});

Feel free to salt to taste with other key combos!

HOPE X

3 minutes, 45 seconds

I’m on the plane back home having just attended Hope X in NYC. What fun! I’ve attended other hacker conferences, and I found Hope to be comparable.

As prep for attending, I wondered if it would be OK to carry on my lock pick set (side note: I think there’s an overlap of hackers and gun fans). Since I’m not on social media, my friend posted to her network about carrying on picks. She’s friends with a lot of hacker-lock-pick types and we got back some great responses. Here’s a bunch of anecdotal, if not contradicting, advice if you’re considering doing the same:

other countries are much saner than TSA.

Spouse’s are going in the checked bag, but mostly because there are other more pointy things in the same kit this trip. Other times they have gone carry-on. Domestically, it’s “probably” ok if you aren’t already one of TSA’s special customers. I’m sure PreCheck doesn’t hurt, either.

TSA has their own special set of bullshit to deal with. Avoid when possible.

all I can say is that wearing them as jewelry works out fine. I don’t know that I’d want to carry them.

Lockpicks can be carried on if your not a jerk. I have flown with mine and up to 50 sets(pics did happen).

I carried mine through LAS last year. TSA found them-Nevada police told then to shut up

I have been carrying an extended serepick set in my wallet for years with zero issues.

I’ve never had any issues packing mine in carry-on bags. I think I’ve traveled to/from 3-4 DefCons, + trips to SFO/PDX/LAX YMMV

added a 8″ shovit tool to carryon and had no problem through 6 or so countries so far.

As to my own experience? I had zero problems flying from LAS -> JFK and from JFK -> LAS. Though, I will say I was *SUPER* bummed I didn’t have my backpack with picks on me when I saw world lock pick champion Jos Weyers at the lockpick village. I coulda bugged him about how to pick tubulars. Next time!

The conference itself was awesome. It had the mix of talks that were spectacular and ones that were so so. The complete list is below, but here’s some highlights:

  • With out a doubt the ultimate highlight of the show was being in the room with Daniel Ellsberg to hear his keynote which was followed by a Q&A with Edward Snowden via a video chat to Russia. I was that emotional, geeky guy in the audience who kinda freaked out at how amazing it was to be in the audience listening to this event. Snowden’s parents were there in person too!
  • Nadim Kobeissi’s talk Usable Crypto: New Progress in Web Cryptography covered a neat idea about doing client side encryption in JS. Coupled with an easy way to share your public key in less than 64 bits (think 64 letters like A-Z and 0-9) and helpfully simplified (but obfuscated!) private key storage, his miniLock project looks promising.
  • Deviant Ollam and Howard Payne’s talk Elevator Hacking: From the Pit to the Penthouse was hugely entertaining and edifying. They REALLY know their stuff and are great story tellers. Note: Elevators may be your weakest point when it comes to physical security!
  • Brian Knappenberger spoke and then there was a showing of his film, “The Internet’s Own Boy: The Story of Aaron Swartz”. Aaron’s brother and Brian had a round of Q&A afterwards. It was a horribly depressing film but wonderful to watch it with the geekiest of audiences.
  • Christopher Soghoian’s talk Blinding The Surveillance State was awesome. I’ve been following him for years since way back and always make a point of seeing him when ever he speaks. He gave an update on how better policy can be changed by embracing Washington’s use of the term and concept of “Cyber” and not saying, “NSA is Evil! We need encryption”. Instead we should be coming up with solutions to security scenarios that further protect our citizens from criminals and terrorists (and SHHHHH! also from the NSA!).
  • Phillip Hallam-Baker is a smart, smart man as witness by his talk PRISM-Proof Email: Why Email Is Insecure and How We Are Fixing It. He helped Tim Berners-Lee with a little project back when, and he’s looking to do something similarly impressive with encrypted email.

Talks Attended

Solve the Hard Problem

Steepest Dissent: Small Scale Digital Fabrication

Lockpicking, a Primer

Per Speculum In Ænigmate

SecureDrop: A WikiLeaks in Every Newsroom

Keynote Address – Daniel Ellsberg

A Conversation with Edward Snowden

Usable Crypto: New Progress in Web Cryptography

Social Engineering

Movie: “The Internet’s Own Boy: The Story of Aaron Swartz”

Ethical Questions and Best Practices for Service Providers in the Post-Snowden Era

PRISM-Proof Email: Why Email Is Insecure and How We Are Fixing It

Elevator Hacking: From the Pit to the Penthouse

North Korea – Using Social Engineering and Concealed Electronic Devices to Gather Information in the World’s Most Restrictive Nation

Blinding The Surveillance State