Monthly Archives: August 2015

Your mom just got her first smart phone: what should she learn first?

My mom just got her first smart phone, an iPhone 5S. What should she learn to do on it first? Fortunately, she has an iPad already so the iOS as a whole isn’t entirely foreign.

First up is the core list of phone phone features which is actually only limited to 6:

How to receive a call
How to place a call
How to send an SMS (text message)
How to receive an SMS (text message)
How to adjust or turn off your ring volume
How to turn on and off airplane mode

My mom wants to barely use her phone so she doesn’t have to pay a lot per month. Right now she’s paying $17.50 for 250 minutes, 300 texts and 30 MB per month from Consumer Cellular. With these tight constraints, airplane mode will be your friend to ensure while you’re phone is not actively being used that it’s not using data while your email is checked or while some app is sucking down bits. As well, knowing if you’re phone is going to sound like Defcon level 1 alert when some one calls you is important. Know your sounds vs your silence!

The second set of features to learn are centered around how your phone is not just a phone, but a super powerful mini computer that fits in your purse:

How to get on WiFi at your house and other primary locations you frequent. Though calls and texts will still be deducted from your plan, surfing the web and looking up directions will not. Couple this with your airplane mode savviness, and you’ll be a penny pinching queen!
Know your camera! You always have it with you and you can use it in airplane mode! Your camera can not only take selfies and scenic shots, but it can take pictures of:
- Where you parked your car at the airport
- That recipe you’re reading in a magazine at the doctors
- Slides of a presentation
Know your maps app. You can look where to find a cup of coffee in a part of town you don’t know. You can have it navigate it for you to a business you’ve never been to. You can instantly look up where that deli you went to last year is in NYC or what country Estonia is next to (Latvia and Russia ;)
Know your audio app(s). You can not only load your phone with your favorite tunes exactly like an iPod, but you can stream them from providers like Google Play and Pandora. NOTE! This will use a lot of your monthly data if you’re not on WiFi. On top of all this, you can get a podcast app and load your phone full of amazing stories and info that can all be listened to with airplane mode one.

I don’t know if she agrees (Mom?), but I think some of the best advice I gave her was that she didn’t need to rush things with the new phone. She could take as long as she needed to learn how to do a task (or wait until I’m free to walk her through it).

Do you know someone who just got a smart phone for the first time? What do you think should be on the top items to learn?

Defcon 2015

3 Replies

Another year, another Defcon! This was my third year attending. The biggest change this year was that the conference changed locations moving from the Rio to Paris/Ballys. Given I’m some what of a lookie loo I can’t say with super authority, but I thought the space worked as well as the prior location, leave the fact that the sky talks were on a separate floor and might have gotten less traffic. Given that in prior years they had an hours long wait, it may have been a good thing.

Since I live in Vegas, I didn’t have any concerns getting my pick there, like I did with Hope. Otherwise, this years highlights were:

Seeing Cory Doctorow speak on general purpose computers. Nothing really new here if you follow him (author ID 1!), but it was fun to see it all wrapped up nice and dense and delivered with passion.
Bruce Schneier is just awesome. His talk was actually just 45 minutes straight of Q&A, but with a super nerdy crowd, it did not disappoint. Like Doctorow there was nothing new, but I found Schneier more pleasing and inspiring to see than Doctorow.
Holy crap Marc Rogers and Kevin Mahaffey, the Tesla hack guys, are awesome! They literally tore into a new Tesla and gained remote root. An amazing talk that was just high level enough to keep you following along but way deep enough to blow you away with how hard they had to work to achieve the hack.
Samy Kamkar‘s talk on hacking garage doors and car fobs was tons of fun. I’d seen a video on the garage door opener before, but the fob attack was new; both were great to see revealed real time.
The EFF presented on their Lets Encrypt certificate authority which will feature automated cert creation and installation. The demo was inspiring to see. The thought of TLS for everyone and their mother is totally great.
I heckled Alejandro Mayorkas trying to force him to agree that crypto back doors are a Bad Thing. Unsurprisingly, he didn’t take the bait. I was bummed that his security entourage was too strong to let me shake his hand and thank him for speaking at Defcon.

Though I didn’t make it very far through the matasano crypto challenges, it is amazing to see how relevant the lessons learned in those challenges are. Hex, Base64 and XOR…every talk I attended had one of these concepts as a critical part of their hack.

Here’s a list of talks I attended:

Alice and Bob are Really Confused – David Huerta
Hacker in the Wires – Dr. Phil Polstra
Working together to keep the Internet safe and secure – Alejandro Mayorkas Deputy Secretary of Homeland Security
Fighting Back in the War on General Purpose Computers – Cory Doctorow
Bruce Schneier Q&A – Bruce Schneier
Drive It Like You Hacked It: New Attacks and
Tools to Wirelessly Steal Cars – Samy Kamkar
How to Hack a Tesla Model S – Marc Rogers & Kevin Mahaffey
‘DLL Hijacking’ on OS X? #@%& Yeah! – Patrick Wardle
The Packets Made Me Do It: Getting Started with Distributed Full Packet Capture Using OpenFPC – Leon Ward
Let’s Encrypt – Minting Free Certificates to Encrypt the Entire Web – Peter Eckersley, James Kasten, & Yan Zhu
Docker, Docker, Give Me The News, I Got A Bad Case Of Securing You – David Mortman
Canary: Keeping Your Dick Pics Safe(r) –
Rob Bathurst (evilrob) & Jeff Thomas (xaphan)
Medical Devices: Pwnage and Honeypots – Scott Erven

How to test PHPs memory_limit setting

4 Replies

So, we all know that in PHP, you configure it with a php.ini file. And in there, you can set the amount of RAM a script can use with the memory_limitsetting (remember this is “M” not “MB”!). And if you get this error:

PHP Fatal error:  Allowed memory size of 134217728 bytes exhausted (tried to allocate 234881025 bytes)

Then you can increase the memory_limit to be larger (don’t forget to restart apache!). However, what if you want a script to hit that limit to see how your error logs and such are set up? I had more fun than I thought I would writing a textbook solution to a textbook problem. Here it is in it’s 4 line glory:

$str = 'memory!';
$i = 1;
while ($i++ != 100) $str .= $str  ;
print "done!";

When you run this you should see an error as this will exceed 128M of memory. If not, so salt to taste ($i++ != 200) if you run with a higher memory_limit setting!