Tampa Bay What I’m Up To

Next week’s “UC Baseline” courses cover Windows and Linux, and I’m ready!

Photo: Joey deVilla and Steve Ballmer, who is wearing a Canadian flag hat
Me and Microsoft’s then-CEO Steve Ballmer at the Canadian Windows 7 launch in Toronto, 2009.

Logo: UC BaselineToday marks the end of the second week of The Undercroft’s 5-week cybersecurity training program, UC Baseline. This week was a quick but in-depth (we each had a Cisco switch to configure) introduction to networking. Next week, we look at Windows and Linux from a security perspective.

I have some familiarity with the operating systems in question.

Photo: Joey deVilla, with his accordion, poses with Linus Torvalds, who is holding a pool cue.
Me and Linux creator Linus Torvalds at LinuxWorld Expo NYC 2000.
Photo: Richard M. Stallman and Joey deVilla onstage.
GNU/Free Software Foundation founder Richard M. Stallman and me at the CUSEC Conference in Montreal, 2009.

If you’re bored: When I was a Microsoft developer evangelist (they hired me from the open source/free software world), I won Stallman’s auction for a plush GNU gnu — and paid for it with my Microsoft corporate card. Here’s the story, titled Winning the GNU.

Hardware Process Tampa Bay What I’m Up To

Scenes from Day 3 of the “UC Baseline” cybersecurity program at The Undercroft

Wednesday: Day 3 continued the heavy hands-on portion of Hardware 101, the first segment of my five weeks at UC Baseline, the cybersecurity training program offered by Tampa Bay’s security guild, The Undercroft.

After taking apart and reassembling a desktop, it was time to up the ante and do the same with at least one laptop. I started with a Dell Latitude E5500, a bulky beast by today’s laptop standards, but one that’s more user-serviceable — and more easily taken apart — than most.

First step: Removing the battery.

The bottom panel was easy to pop open. It was held in place by nothing fancier than standard Phillips screws, which provided easy access to the RAM.

Next on the removal list: The optical drive. Once again, pretty straightforward — remove some anchoring screws, and then use a flathead screwdriver tip to push the the drive casing out.

The fan was quite easy to remove, as was the CPU heat sink.

Unlike the previous day’s desktop machines’ CPUs, which were in ZIF (zero insertion force) slots, laptop CPUs aren’t typically swappable, as they’re generally soldered onto the motherboard. This machine had a notebook-grade Core 2 Duo, which was typical for a mid-level laptop in the Windows 7 era.

It was also pretty easy to remove the keyboard…

…and once that was done, detaching the screen was a simple process.

With the disassembly complete, I laid out and labeled the parts that I’d extracted:

“All right, next challenge,” said Tremere, our instructor for the Hardware 101 portion of the course. “Disassemble, then reassemble the small one…”

I flipped it over, pleasantly surprised to see standard Phillips screws that were easy to access:

At this size, a laptop’s battery-to-actual-computer ratio jumps significantly:

This machine was still intended to be somewhat user-serviceable, so the battery and RAM were still easy to remove:

The drive didn’t take much effort to liberate, either:

The fan/heat sink combo didn’t put up much of a fight:

This is a machine made specifically for writing TPS reports and not much else, judging from its CPU. Still, I’m sure it could still do a serviceable job running a modern lightweight Linux — assuming it survives my disassembly and subsequent attempt to put it back together again.

Here are both patients, spread out across the operating table…

Re-assembly took a little longer, and I didn’t bother with photos of that process. I did manage to get it back together again, and with no extra parts!

I even the screen reattached! Later, I found a power adapter, and the machine managed start and get up to the BIOS screen, although the screen looked a little dim. Since I’m not trying out for a CompTIA hardware certificate, I’ll simply declare the procedure a success and not get too bogged down with fussy minutae such as “functioning” and “usable”.

Process Tampa Bay What I’m Up To

Why I’m excited about learning cybersecurity at The Undercroft

Another life in 2002

Paul Baranowski, me, and John “Captain Crunch” Draper at a liquor store/bar near the DNA Lounge in San Francisco, February 2002. Photo by The Register’s Andrew Orlowski.

From 2000 to 2001, I lived in San Francisco, where I took advantage of opportunities to hang out at Def Con, and I got to know a lot of the dot-com-bubble/bust-era cybersecurity/hacktivism community. I kept those connections and as a result, ended up working on a project that the Cult of the Dead Cow originated: a little hacktivism project called Peekabooty.

Peekabooty was a peer-to-peer proto-VPN (remember, Napster was still in its original P2P file-sharing form back then, and at the time BitTorrent was just a concept that Bram Cohen was working on and telling us about) that was meant to circumvent the Great Firewall of China and provide Chinese dissidents with access to sites banned in their location. Paul Baranowski did the real back-end work, I was the front-end developer as well as the technical evangelist, and because it was a Windows desktop app, we did it in Visual C++, as one did back in those heady days of the early 2000s.

Here’s a couple of snapshots of the user interface, which acted like a screensaver — it used cutesy bears (which I illustrated) to show nodes in your particular P2P network:

This screen shows that you’re running a VPN node, and no one’s connected to you. Tap to see at full size.
This screen shows that you’ve got 3 different kinds of nodes connected to you: one in the free world, a censored one, and one behind a NAT. Tap to see at full size.

We presented Peekabooty at CodeCon 2002 (you can listen to our presentation here). It’s still one of the proudest moments of my career, and we got to hang out with friends from our P2P days at OpenCola, as well as with new people:

And, of course, I learned so much!

I miss doing that sort of thing, and I think participating in The Undercroft’s UC Baseline program is an important step towards getting back to that kind of work.

Current life in 2020

Here I am in 2020 — laid off, but with a couple of side gigs to make a little extra money and prove that I haven’t been idle. Then last Thursday, I heard about the UC Baseline program and a scholarship. I decided to apply on a lark, figuring that they’d never pick me.

Photo: The Undercroft sign, featuring the Undercroft’s “mascot” — a stag standing upright in a suit, leaning jauntily against an umbrella, walking stick-style.They did pick me, and between the greatly reduced cost of attending and my not living paycheck-to-paycheck, I’m able to attend. I’m willing to play the gambit of not taking a full-time job for the next five weeks while ramping up some dormant security skills, because I think it’s a worthwhile one.

At the same time, I think that I can also be useful to The Undercroft by writing about my UC Baseline experiences and promoting them.

I’m looking forward to the experience. It’s an exciting course being taught in an amazing space by interesting people.

Further reading

Here are some articles about Peekabooty:

Process Tampa Bay What I’m Up To

Joey’s Bizarre Adventure (or: I’m in The Undercroft’s “UC Baseline” cybersecurity education program!)

Remember that scholarship to the “UC Baseline” cybersecurity program that I wrote about last week? In that post, I also wrote:

(I’ll admit it: Although I’m not likely to qualify, I applied.)

Well, I applied, and I qualified. The combination of a promotional bonus and an I-got-laid-off scholarship gave me a deep discount on the standard $6,500 price tag for the inaugural cohort of the UC Baseline course, which starts tomorrow and runs until Wednesday, August 19th. Class starts at 8:00 a.m. tomorrow.

Based in a gorgeous building in Tampa’s historic Ybor City neighborhood, The Undercroft could be described as a security startup incubator and coworking space, but they prefer to be described as a security guild and guild hall.

Here’s what Undercroft CEO Adam Sheffield has to say:

What we offer here is secure workspace for startups and medium-sized businesses in the security field that either want to start their businesses here in Tampa or make Tampa their home.

They’re also the home of a lot of interesting presentations, as this gallery of graphics for previous ones shows:

This isn’t my first exposure to information security culture, but it’s been a while, and I’m overdue for a refresher.

The first week of the program is Hardware 101, where we’ll spend five days covering the background and basics of the components that comprise modern systems. This should be fun.

To be continued!

For the next five weeks, I’ll be at The Undercroft (masked up, in a small cohort), learning. I’ll write about my experiences as I progress through the program.