Keep up with some of the Laboratory B open source code by joining us on GitHub!
Last weekend Doug whipped together a toy steganography device called "Stegosaurus" [github] -- it will take a PNG image, and using a (very very basic) steganography [wikipedia] algorithm stores a payload in the least significant bits of the color definition of pixels in an image. It's a node.js module, and you can even install it with NPM.
It could use a little improvement if anyone is interested in forking it! It needs some testing with binary files. It needs a way to store the length of the message. And ideally, it'd use a pre-shared key (maybe?) to allow you both: A. define where the payload is hidden in the image, and B. actually encrypt the payload (which is, as of now, unencrypted). Which makes it so it doesn't follow Kerckhoff's Principle [wikipedia].
...Unfortunately every single message is decoded as "Drink more ovaltine" [youtube] (...just kidding. it'll do whatever payload you want)
It's a new month and that means new events with Laboratory B.
Laboratory B is currently working to organize a crypto party right in Burlington. This party will be your chance to learn about cryptography, information security and operational security. How to reduce some of the harmed caused by mass surveillance too. Learn about TOR, PGP/GPG, Pseudo-anonymity, TAILS and other super geeky privacy topics.
We are still organizing a location and time but stay tuned because it is coming soon!
2/7/2014: 2600 Meeting
Laboratory B is the primary supporter of the local 2600 meeting if you are interested in hacking and security related events in Vermont, check out the 2600 meeting held the first Friday of every month at 5 o'clock at the Food Court at Burlington Town Square Mall.
2/10/2014: What the Hack? How hackathons & makerspaces are sparking innovation in Vermont
In the past few years we've seen hackathons and makerspaces spread across the state as creative ways to solve community problems and catalyze collaborations across sectors. Join Burlington NetSquared and leaders of these hackathons and makerspaces for an evening of learning, idea generation and reflection on how we can foster lasting multi-sectoral collaborations--and innovations-- through these kinds of events.
If you've participated in one of these events, come share your experiences! And if you want to get involved in one of the upcoming hacks or new makerspaces, here's your chance to ask questions.
Bradley Holt, Code for BTV
Rebecca Roose, HackVT and My Web Grocer
Jesse Krembs, Laboratory B
Nate Herzog, StoryHack
2/12/2014, 7-9pm: Crypto-Currency Night.
A semi-regular gathering of Burlington crypto-currency enthusiasts (Bitcoin, Dogecoin, Litecoin, etc.). Feel free to brings thoughts, schemes, snacks and/or beverages to share... RSVP on Facebook
2/18/2014, 7-9 PM: Learn to solder with us at the Lab.
We'll teach you the basics of through hole soldering with kits from Sparkfun!. If you interested in learning to solder microelectronics please RSVP us at [email protected]
2/26/2014, 7-9 PM: Lock Sport Wednesday:
Generally speaking on the last Wednesday of the month we sponsor Lock Sport Wednesday from 6pm to 8pm. This event is a place for folks who are interested in physical security and locksports to get together. We adhere to the idea of better security through education, and we also follow the law in this matter. Learning how locks works and don't work is not a crime.
On Saturday, February 1st, Senator Sanders will be facilitating a public forum in Montpelier entitled "NSA: Out of Control." It will feature Professor David Cole from Georgetown Law School , and Heidi Boghosian, the Executive Director of the National Lawyers Guild, and, as of the time writing, almost 100 people have RSVPed to the Facebook event.
The event certainly seems like it will be a good opportunity to learn more about the NSA privacy abuses that have flooded the media in the wake of Edward Snowden's revelations, but, beyond that, it offers an ideal opportunity to widely distribute user-friendly privacy tools that allow people to opt-out of the NSA drag-net immediately while Congress figures out how to appropriately respond to the revelations of abuse. The best suite I've found which is easily usable by folks with limited computer literacy is TAILS Linux, a live OS based on Debian that, among numerous other features, is preconfigured to route all internet connections through TOR.
As such, in the next week I will be assembling a few hundred burned DVD copies of the latest TAILS release to hand out to the attendees of Saturday's event. If anyone would like to help defray the cost of DVDs and jewel cases, Bitcoin donations can be sent here: 13qaGsVRjoGHmYnV4RZcugnfxpTXxRkAsL
Additionally, I'll be working on burning and assembling copies at the Lab during public hours on Thursday from 7-9pm; if you want to help with production or with distribution at the event itself, stop in!
A German security researcher is going to release his method for Cracking wireless passwords using Amazons EC2 service. [External Link]