7/6/14
Work is going well but that's not the point of this post.
As a Hacker, the revelations of Snowden and others have led creedace to what we have long expected and suspected. The world is not as we should have expected. If there ever was a time to fight back through legal and community methods, this is it. The Five Eyes, which I am under, assume everyone to be a terrorist. There is no proving otherwise, either you are a terrorist, will be a terrosist, or are a reformed terrorist, likely to be a terrorist again.
I recall my social studies classes in school. This is not what we were taught. The world deserves better than constant suspicion. Talk to your government representantives or get elected yourselves, or do something to get attention. THIS IS NOT WHAT WE WANT! WE ARE PART OF THE SOLUTION, NOT PART OF THE PROBLEM!
As Frank Sinatra once said; "Don't get even, get mad". The world has become an information economy. We control that economy. We have the power and its time to fight back and convince those in power or become those in power that the Hacker Ethos is not something to fear, but something to embrace, in order to shrink the world and realize the larger world we already know.
Start a bail fund for this post, but I stopped caring a while ago. Losing a sense of self preservation is very freeing!
05/02/14
Really liking this new job. They encourage me to do stuff I thought I'd get fired for normally. Nothing like a psychopath guarding the hen house. Also went to the Calgary Comic Expo and had a blast meeting some favorite stars and artists.
I'm slowly getting my life into a routine. I've wiped out the old gallery which was being ignored and becoming a spam filled mess. I've moved all my con photos and such onto Imgur to make life a crap load easier. I have setup a new gallery page HERE for all my con photos. More to be added as I get around to uploading them.
On a side note, I'm at 300K Defcoins, over 55% of the mining economy and still no idea what the heck I'm going to do with them.
04/17/14
Big changes in my life. New job breaking stuff which has been a source of relief for me as work and funds were a common stress point. Things coming together.
Wrote and article on the rediculous theories about the disappearance for flight MH370 that got picked up by Recode.net
Also currently crushing it in preparation for Defcon by mining Defcoins. Absolutely no idea what they will be used for or if they will have any value, but I intend to be a Defcon millionaire. My wallet account is DDxjZReVNUiZiyJXQA52Wzqxr1nyBqfKCZ in case anyone wants to give me more
02/07/14
Nothing major to update. Been focusing on getting life together and some stability. Derbycon in September rocked and the Crystal Method show there was amazing. I forgot how much fun small cons are.
I've switched to using gpg for secure email. My public key for render AT renderlab
10/21/13
Yeah. Over a year, I know. @Ihackedwhat is my Twitter handle and alot of minor things go up there now.
I'm slowly revamping the site as I get time (which is precious little) but in the mean time, I'm fighting depression in myself and within the Hacker community. The Verge did a great write up about the issue.
The Internet archive via Jason Scott hooked me up with permanent high bandwidth storage for the WPA Cracking Tables. Direct links to Tarballs and the .torrent are HERE!!!
8/22/12
Holy crap. I made the front page of Slashdot. Been involved with projects that ended up there, but this is the first time by name.
As I noted in my talk, I want to prove to myself that ADS-B and NextGen Air Traffic Control is safe. If you look through my slides and can prove me wrong somewhere, please provide me with evidence (reports, technical information, studies, etc) that I can share publically. I have no problem admitting I am wrong. In this case, I'd be happy to do it. render [AT] renderlab [DOT] net is my email, feel free to contact me.
8/1/12
Back from Defcon, still unpacking and catching up on sleep
Short version: My presentation "Hackers + Airplanes = No Good Can Come Of This about hacking ADS-B and the NextGen Air Traffic Control rocked the con and the aviation community in general. Slides and the infamous POC video are up in various formats at /projects/ADS-B/ which will hopefully become a clearinghouse for more research into the topic.
Links to media and other fallout later. Need sleep
5/1/12
As usual, I'm behind on updates here.
I published the results of my Bi-Annual wireless scan of West Edmonton Mall with Infosec Institute as a trial run with them. The article is here. I will be posting an updated version that includes the fact that many of the "Secure" networks may be vulnerable to Reaver and other WPS attack tools.
It was revealed today by the New York Times that it was Netstumbler creator, Marius Milner, who was the Google engineer who wrote the software from the Google Streetview Wifi debacle. Wired asked for my comments. On a personal note, The media is making more of this than it needs to. He has all my sympathy for having to deal with people who dont understand that no damage was done, so no harm, no foul.
1/19/12
Local media got a hold of the Shaw Wifi advisory and called Shaw to ask them about thier side. They assert that adding an extra layer of encryption is a good thing. I still assert that giving away the key to that layer makes it useless and more dangerous due to a false sense of security. Read the article here.
I was also interviewed briefly in December about the City of Edmonton looking to pilot some form of E-voting for municipal elections. Read the article here and decide foryourself if the city can do it right the first time.
1/13/12
Holidays were good to me, providing a great deal of entertainment. Shaw Communications has launched a public WiFi trial. Thier 'secure' option is far from secure. In fact, it's utterly useless. My writeup is available here
12/5/11
I took Dark Tangent up on his request for ideas on how to make Defcon better for DC20. The result is an 8 page essay I sent him after con. I'm now sharing it with the rest of the community to spark discussion. The essay is a PDF up HERE. Please constructivly comment and Join the discussion
8/25/11
I wrote up details and build details for my costume from Defcon 19. I repaired (and promptly broke the arm wire) on my EL wire cenhanced coat
from last year. This year I added some more headgear. I upgraded my Goggles with uOLED screens and a voice reactive LED respirator. I
also made my own screen faithful
reproduction of the Castor / Zuse cane from Tron:Legacy to enhance the ensemble. Code, pics and build details in my own usual stream of
conciousness fashion in the
above links
I also did a write up for my custom, MOLLE compatible Kilt, designed and built to hacker specifications. It is what I consider the first Tactical Kilt
I should also mention, a few months late but I am now on twitter, mostly to document the security fails I see in my travels. I am not one of those people who tweet what they had for breakfast. It's very one way as well, I follow very few people. My username is @IHackedWhat, which is best said as a question: "I Hacked What?"
8/12/11
Back from Blackhat/Defcon, tired, sore, the usual. An interview with Unlimited Magazine got posted while I was gone.
Expect some updates and writeups about my costume from Defcon. My EL Wire coat got upgraded with some new accessories.
6/30/11
Ok, no updates for 7 months, yeah, I suck. Rather than a big long write up on the front page, I've written up a summary in my Rants. Short version is I have been speaking all over Canada and the world and got robbed along the way.
In recent news, I was interviewed about the whole Lulzsec campaign in Macleans magazine. I had hoped they would use more of my comments to show how our security models, spending and mindsets are stuck in the last century. But I have no control over the final edit.
Back in February, I worked with Global news on a segment about the dangers of geo location in cell phone photos. A text version of the article is up here
12/16/10
Much travel, much speaking, much work. All good things, but 25 flights in 8 weeks, If I dont see another crappy airline meal or hear that safty briefing ever again, it'll be welcome.
Major updates from the speaking tour coming soon. I however wanted to record somewhere that the latest facebook "feature" of automatically performing facial regognition on newly uploaded photo's and suggesting who it may be will in no way be abused. The details are scant but I'm wagering that the system will not be limited to just friends you already tagged and at some point there will be some sharing of tag-to-face data between users. I imagine some perv snapping a photo of a hot woman and uploading it to automatically get her name and begin the age old dance of the stalker. I'm betting about 72 hours before there is some serious back pedeling
10/28/10
Tim at PrivacyWonk.net wrote up an absolutely amazing guide to building your own WPA2-Enterprise network
for your home or small office. It's a guide that has been sorely needed and that I never got around to finishing. With his kind permission, I have
mirrored his guide HERE to ensure it's continued existance. Now you have no excuse to
not be running WPA2-Enterprise.
10/25/10
I did a quick interview with Help net security about wireless security. Not long, but
kinda fun. It's up HERE
8/24/10
A few days late, but as promised, the Kismet Newcore Drone
Build Instructions are up for public consumption. If you have any
edits or comments, send em over.
8/9/10
Added a few photo's and cleaned up the EL Coat write up. Adding
a bit about the Goggles I had with me
8/4/10
Back from Defcon, recovering, planning on getting more up about the EL Wire Coat. If you have pics of me in it,
send em over (render AT renderlab DOT net).
On another note, recent iOS vulnerabilities play right into what Dragorn and I have been saying in our talks for the last year. Dragorn wrote up the issue, but basically with Airpwn you can inject traffic and do drive by jailbreaks or alot worse on iOS devices. Goes to show that not having access to your devices means that you cant do much to help yourself.
7/18/10
Quick note from HOPE. It seems the
Make Magazine Blog let my latest creation, the EL Wire Coat, out
early. I was hoping to
have it debut at Defcon. The guy taking the video did'nt tell me he was
with MAKE and so I let him film the coat mid way through de-bugging and
the next thing, friends are teling me it's on the MAKE Blog.
Full pics, schematics and code will be posted soon as I had planned, however the media attention threw plans a bit askew. EDIT:I added a write up HERE
7/13/10
It took a while for everything to stabilize, but I've rewritten and
updated the Kismet Drone guide to cover Kismet Newcore and OpenWRT
10.03 (Backfire). As a charitible thing, I've decided to release it first
to Johnny Long's Informer
Blog for the first month or so where subscribers get exclusive access.
All subscriptions go to help Johnny and his great work in Africa
with Hackers For Charity.
So if you want access to the guide and a warm fuzzy feeling from helping a
wothwhile charity, head over to the Informer
Blog, get subscribed, and start hacking drones
On another note, I forgot to post that my latest book is out. here and as always they are copyleft and can be reused with credit back to Renderman and this site
5/21/10
Things have been coming in hot and fast with the whole "Google wardriving" thing in Germany and the controversy
therein.
I felt I had to comment, so I wrote up two articles to help dispell some of the myths and outright stupidity flying
around this issue.
An Open Letter To Google and Thier Detractors -
Looks at some of the technical misunderstandings that are causing the controversy
Google Wardriving Lawsuit Stupidity - Looks
at the
mind bogglingly strange assumptions in the recent lawsuit filed against Google over thier wardriving activities.
Remember kids, follow Stumbler Ethic if you want to wardrive safely and not get sued
4/28/10
I discovered an amusing vulnerability in the security of the locks in
the NYC Subway system from 2000 miles away. I wrote an advisory
about it but in short, it has to do with a reporter disclosing the
master key for the majority of locks in the NYC Subway sytem. In a photograph with the article he is holding the key,
thus allowing anyone to make thier own copy and making the problem he was reporting on, worse!
3/24/10
Back from a very long trip (8 weeks) with multiple cons and speaking gigs.
Shmoocon was great except for the
Snowpocalypse, but I did earn the "Soldered in a bar" achievment.
Hackcon in Norway was alot of fun as usual, except for SAS totally screwing us over and causing a major security screwup that kept getting better, and better
This trip I managed to get up to Westpoint Military Academy to give a talk to the cadets. One of the stranger places I've given a talk, particularly when I ended up standing in the middle of a formation of about 1000 cadets.
I'm now back at the lab, spending time at the Hackerspace in Edmonton and looking forward to COSSFEST and the Access and Privacy conference
12/2/09
Planes and I don't get along. Picked up another nasty cold on the way
back from Poland. At least travel is done for a while. I can now focus
on other things.
Woke up to read a pretty even article about me in December's "Edmontonian" Magazine (Page 11). Pretty decent article I must say. To anyone arriving because of it, I am looking for new clients and would be very interested to help you secure your digital assets. Drop me a line, render [AT] renderlab [DOT] net.
11/11/09
My recent speaking gig at the Cyber
Protection Strategies 2009 conference in Ottawa, I took the tour of Parliament with my wardriving gear. The results
were interesting and terrifying and I was sure I was about to be arrested.
I wrote up the experience and posted the scan files here
9/11/09
Wow, things are getting nuts on the speaking circut for me. Next I'll be
speaking at Edmonton Code
Camp Sept. 19th. After that I'm in Calgary keynoting the 2nd Annual Critical
Infrastructure Conference on Sept. 28-29 (Use code "SaveTen" to save
10% when registering). After that I get October off. November is busy
with the Cyber
Protection Strategies 2009 conference in Ottawa November 2-3 and the
ICE Conference in Edmonton
November 4th. I then turn around and goto Poland to speak at CONfidence 2009/2 in Warsaw
November 19-20th.
Needless to say, I am going to be very tired come December
8/5/09
Defcon is done, Zombie survival talk will be posted soon. Alot of new
things learned and new toys to play with. I also got to apologize to Adam
Savage finally. I feel much better now.
7/2/09
You really can't
cut the lawn with fire
6/24/09
So The whole RFID
question I asked at HOPE thing is still causing Adam Savage grief.
28
minutes into their keynote at RSA 2009 they were asked about the RFID
thing and Adam had to dance around it again.
As the guy who asked the question at HOPE, I'd like to apologise once again to Adam Savage for unintentionally causing him annoyance of dealing with the blowback. I often seek to cause grief, but this was not one of those times.
4/21/09
A few notes: I've been testing Kismet
Newcore for a while now and helping
Dragorn in my own small ways with testing. He just recently got it
running on Windows with the Airpcap
from Cace. Here's a screenshot.
Newcore is getting very close I think.
User Spliff666 on the hak5.org forums has uploaded all the individual files from the big WPA tables to Megaupload where you can get just the file you need instead of the huge compressed archive on the torrent. His post Here has everything you need for this alternative to the torrent
4/20/09
As part of my desire to document all my old projects, I wrote up a piece on my Bluetooth Shoe Phone from my Defocn 15 presentation in 2007
4/8/09
In going through some old hard drives around the lab I found a big stash of photo's from Defcon and
HOPE's past that I thought lost in a crash a long time ago. I've uploaded to my gallery. I don't
remember much from back then, but blurry photo's are still fun to have.
3/26/09
Can't sleep, decided to spend a couple days going through the lab and looking at old and half
completed projects and documenting them and hopefully finishing some. First addition is the 'Sneaky Bastard' from Defcon 14, the rogue AP in a UPS.
Found out today that I got props at the end of episode 506 for possible inspiration of the Hak5 Network Monkey Project. It's very closely related to Teddy-Net from back in 2005. Too close to not point out.
2/23/09
So, back from Shmoocon in D.C. and Hackcon in Oslo, Norway. Got sick
again.
Ended up having an affect
on norwegian politics (Use google translate or whatever, it's in
Norwegian). In the US for another couple weeks recovering and doing
R&D again (finally) and generally chilling out.
12/29/08
Another quick note to add to cache in google searches. When building Freeradius-WPE you may trip over a bug
where the radius server runs the server on random ports even if you
specify a specific port (this happens on my Ubuntu 8.10 box). The fix is
to copy src/lib/packet.c from the source of freeradius-server-2.0.5,
overwriting the same file in the 2.0.2 source that the WPE patch works
on
11/25/08
Quick note to anyone running across the "Error loading the DB Abstraction
library:" error using OpenBSD, Snort and BASE. The answer is to set the
path realative to /htdocs as your top level. Read
here to see what I spent many hours beating my head on
11/18/08
Nothing particularly new. Been taking it easy after a years worth of
constant travel. I have however setup an Amazon store for my books
and those of the friends of the RenderLab. It is up Here
I am looking for opportunities to offer my wireless security class in the Edmonton area and internationally. If you or your company are interested, please let me know so I can guage interest.
10/14/08
Back from Secvest in Norway, and SecTor in Toronto. At both I was asked to
teach classes on wireless. In Norway it was a 6 hour sit down class of 30
people, in Toronto it was a drop in clinic where I spent most of my time
loading Backtrack onto the USB drives build into the badges. Both great
events I hope to attend again.
09/11/08
I think my ICQ account got hijacked. If you want my new account, just
email me
09/03/08
Wow, I just asked a question.
The video clip where I asked Adam Savage why the Mythbusters have avoided RFID myths (both from the pro and con side) at HOPE made the rounds on the blogs this weekend
Well today it appears Adam is backpedalling and saying it wasn't like that and there was no legal interference, just a change in production. Hopefully the crapstorm means it's back on their radar and these myths get addressed.
Hey Adam! I'm available to consult if you guys need help :)
08/29/08
My second Defcon talk, "10 Things That Are Pissing Me Off" got bumped from
a 2000 seat room to a 50 seat room. As a result, alot of people did'nt
get to see it. Fortunatly it was recorded by a member of the press in the
audience and put on YouTube.
Slides, videos and notes are all available here
08/19/08
Just getting over the con-plague from Defcon. Again!. I'm back on
the clock again.
My latest book came out while I was away. K$ Hacking by Syngress Publishing is written by Thorn, ThePrez98 and myself and contains a huge amount of our combined knowledge of Kismet as well as new and updated hacks, tricks and how-to's. If you've ever wanted a manual for Kismet, this is it.
07/23/08
HOPE was awesome and it won't be the last! Got some press about my talk
through Cnet Here.
UPDATE: Network world got some great footage and reporting about the RFID project at HOPE and included a fair bit of my talk in their report. Video is up here
As it happens, at the same time as that Cnet thing came out, the article and cover shot of me came out in the Globe and Mail's TQ Magazine. It's an IT insert magazine in the July 23rd issue of the G&M. First cover shot, I'm quite proud.
If you want to contact me about either article, my talk, or just to say Hi, email render AT renderlab DOT net.
07/10/08
Wow, who knew I could get that busy.
I'll be at the Last HOPE conference in NYC, July 18-20th. I'll be giving an updated version of my "How do I pwn thee? Let me count the ways" talk on the Friday at 2100 hours.
I'll next be at Defcon in Las Vegas (and possibly around Blackhat), August 8-10. I'll be speaking twice, first will be the "Pwn Thee" talk Saturday at 1800 hours and at 1230 hours on Sunday about "10 things that are pissing me off"
After all of that, I will be headed to SecVest in Bergen, Norway. I'll be teaching a free 6 hour class on wireless and wireless attacks. 30 seats maximum. When you sign up for the conference, include "wireless" in the comments. If you have already signed up, just contact the conference to get your name on the list. Laptop, extension cord and a wireless card compatible with Linux (Atheros based cards are best) are needed to get the most about the hands on part of the class.
03/09/08
Back from cons and recovered from the crud, however I'll be off the grid
for the month of March. DVD orders will be delayed till April, but still
sent.
In the mean time, Hak5.org did a video podcast interview with me at Shmoocon. Check it out the Hak5.org site
01/17/08
I was busy earning my coal over the holidays. I went and did a wireless
audit of West Edmonton mall, one of the largest retail malls in the world.
I wanted to see how secure businesses were, and boy did I get an
answer
Has anyone learned anything? An audit of West Edmonton Mall retailers
I will be speaking at Hackcon in Norway next month as well as Shmoocon in Washington D.C. a week after. Remember to say Hi and ask to copy the WPA-Tables
12/11/07
I've been neglecting the site for quite a while. My bad.
I've been busy. I spoke at Sector in Toronto, which was an awesome conference. I also was a feature article for Alberta Venture Magazine in thier December issue. Scan of the article Here.
To those arriving because of the article, welcome. The writing for the article was great, Jennifer really went and did a great job. I wish more reporters were like her. I am not the most pleased about the comic version of myself. I've often been portrayed in articles as a cartoon character, it's just ironic that someone finally did the art to back it up.
If you have any questions about me or what I do, just mail me at render AT renderlab DOT net or if your spam filters don't like sending to "evil hacker" domains, send to renderlab AT gmail DOTcom and for the love of spongebob, someone out there hire me!
8/23/07
Back home finally and still recovering from con-plague. Thanks to Audit
at Dataoutages.com for
saving my ass by stepping up and offering to host my mail after my server
had a melt down while I was away. render (at) renderlab (dot) net is back
up and running. Thanks Audit!
8/6/07
Defcon is over but I'm not home yet. Mail server is having issues.
Please send any post-con mail to renderlab AT gmail DOTcom. It will be about a
week for me to get everything back up.
6/07/07
So I decided to be a sick wierdo and push the metasploit front end using
mod_rewrite and mod_proxy through apache to make the msfweb console
accessible from anywhere. Many hours of regex pain were involved so I
wrote up this hack guide to
hopefully save any other foolish souls who with to do the same things
6/06/07
Rebuilt the webserver over the weekend. Email build went sideways. If there was something you sent
between June 2nd and 6th, please resend. Alternatly use the gmail account at renderlab (AT) gmail (DOT
com if spam filters seem to not like me.
5/8/07
The Guys at Pauldotcom security
weekly interviewed me for thier podcast last week. You can check it
out here
Planning for the Defcon wireless village is taking up most of my time lately, but never fear, more cool stuff to come.
4/13/07
Yes it has been a while.
Uploaded a few presentations to the presentations
archive. I'm also slowly going over the site and cleaning up old links and the such
The Shmoo group were kind enough to let the Church of Wifi use thier torrent
tracker for the 33 Gb set of WPA hash tables. The torrent is here the bottom
link
2/9/07
For reasons unknown the rfidanalysis.org website is down.
This is the site for the Johns Hopkins University team that broke the
Exxon Speedpass enryption scheme. Until more is known, I'm temporarily
mirroring thier report HERE and the
incomplete crypto scheme presentation HERE.
1/27/07
Sorry about the random downtime. Replaced and rewrote the firewall at the
Renderlab and all hell broke loose. Should be sorted for now.
1/16/07
I've been working with Cacetech on a
Kismet for Windows package for their Airpcap windows
adapter (monitor mode in windows!). It also nicely supports Drones and is
a perfect replacement for Kiswin32 since I'm waiting for
Kismet-newcore to come out before updating it.
10/19/06
C0nverge was kind enough to update the torrent for the 7gb set of WPA hash
tables. The new torrent is available Here
09/22/06
Still recovering. 3 cons a year get expensive. No major new updates
except the Church of Wifi
forums are up and ready for use.
08/14/06
Back from the con's. Still recovering and sorting. CoWPAtty 4.0 is
available here
06/15/06
W00T! Defcon talk was accepted, Friday at noon, track
1
06/05/06
Looks to be a busy year for talks. I'll be at HOPE in NYC helping out the lockpicking
village and giving a talk on RFID
Security, I'll be at Defcon in Las Vegas helping run another lockpicking
village
and hopefully giving a talk. I'll also be speaking in Edmonton at the CIPS ICE
conference giving a talk and demo of wireless tools. If your at any of these, come find me, we'll go have a
drink.
05/24/06
Well, as you probably noticed, the ads are gone. Apparently asking your
visitors to click on the ads to support a site is against googles adsense
policies and enough to get your account killed. Thanks to my visitors for
wanting to support me too much, the senitment was there, google just did'nt
like it.
04/28/06
We finally got the CoWF
WPA-PSK lookup tables posted (Torrent).
These are the pre-computed hashes
announced at Shmoocon. It's 172,000 word computed for each of the top
1000 SSID's for use with coWPAtty 3.0
03/31/06
Guess I can let the cat out finally. Myself, Thorn and Audit of the CoWF have written a book on RFID
security for Syngress publishing, aptly named: RFID
security.
Support a starving hacker, feed your brain, buy our book!
03/17/06
Well, Ads are producing enough to offset bandwidth this month. No complains and I'm finding them fairly unobtrusive.
The test so far seems to be panning out.
In other news, a few more Church of Wifi releases from Shmoocon for everyone. A Windows installer for Kiswin is now available. Along with the Autodrone install script for WRT54G Kismet drones, you have no reason not to be monitoring your network now. I've also posted the associated files for the coWPAtty 3.0 WPA-PSK lookup tables we computed. The tables themselves will hopefully be available this month for download or DVD purchase.
03/12/06
Moved the website and mail services to a new box which should hopefully
make life alot easier for administration and for reliability. Nothing lie
a quad-processor box to make for lively page delivery. Let me know if
there are any glitches.
02/28/06
Unfortunatly reality comes crashing in once in a while and must be dealt
with. The RenderLab's new digs are not cheap and bandwidth is becoming a
bit of a financial crunch. I am sad to say that I am experimenting with
google ads at the bottom of the page to see if I can offset things
slightly. If you have any opinion, positive or negative, Please feel free
to email me. If anyone has any valid reason that they don't think I
should put ads on this site, please let me know and they will be taken
down. For now, I will just be putting a bar at the bottom of the pages on
my site, hopefully out of the way enough for everyone to not really cause
any issues.
01/19/06
Shmoocon is over and there's was much goodness released by the Church of Wifi
for the community out there. This post will be edited in the next few days with links as I get things posted. Keep yer
knickers on, alot of the stuff we released was very last minute and we need time to polish it up for formal release.
For the moment, enjoy the Autodrone install script for WRT54G Kismet
drones and coWPAtty 3.0 with hash table
support
12/20/05
If you've arrived here because of the Edmonton Sun article, Welcome. Only
a couple things to explain. First, Despite the dramatic writing I'm not
some scary
entity bent on destruction only held back by a strong moral code, I'm
actually a nice guy who wants to help people understand security. Second,
I am not impressed with the term 'Wardriver' being
used in the same sentance as people commiting illegal acts with wireless
networks. Wardriving is the beninge act of detecting and logging
wireless accesspoints while moving. Period. It has nothing to do with
accessing networks. The article can be viewed through the link on my
media page
If you have any questions, just mail me. render AT renderlab DOT net
12/16/05
Got an interesting email. Seems my
Kismet_drone guide has been
translated into spanish. Many thanks to Sergi for doing this. You can
read it On his blog
11/29/05
Finally got about 6 months of wardriving data compiled and sorted. Edmonton now has over 66,500 networks mapped. Wardriving section has the numbers.
In related news, I won't be updating my maps. The size of my data and the disconnect of various tool versions and support for newer file formats made it too much of a daunting task requiring several hours. Just not worth it anymore when all you end up seeing is a sea of green and red dots. By special request I will see about creating maps, but don't expect regular updates.
11/12/05
Please read about the 'Warserver' for sale on ebay. If you came here thinking of asking
me for help with this product, don't bother
10/07/05
With much assistance from Joshua Wright, We finally have a distributable
Kismet-on-Windows package that does not require a install of cygwin. The goal of a self contained Kismet-on-Windows
package is finally a reality. I'll still be updating instructions on the manual install, but this package just makes
life easier for everyone. Check out Kiswin32 HERE
9/22/05
Updated the Kismet
Drone Guide, the Kismet
on Windows Guide, and even the WRT54G
Spoofing guide.
Also added some new stuff. With assistance from Goldfndr on the NS forums, I am pleased to host and provide a guide for Compiling and running GPSD on Windows, allowing you to now Wardrive with Kismet on windows. I also added a guide on Canadian laws regarding Wardriving
I'm also pleased to announce that with Streaker69's generous programming and hosting, we've been able to restart the Church Of Wifi to act as a clearinghouse for all the amazing information the wardriving community has collected and created over the years. Most of my content is replicated there, and both will be maintained on a regular basis. Go and check it out, you might learn something
8/30/05
Added a services section to highlight the fact my tools and know how are for hire should the
need arise. This does not mean I or my site are going corporate (far from it), just highlighting the fact I'm available
in meatspace to help with security and technical problems.
8/23/05
New hungover Defcon release. This time it's a perl script written by Cazz
of the Shmoo group for filtering SSID's (or anything else you want) from
the Kismet client. Written for the Wardriving contest, it's not available
for everyone HERE
8/15/05
Moved all my WRT54G research to it's own section at /projects/wrt54g. Also added a new guide
on
spoofing AP's with a WRT54G
Still more to come through the week as all the post-defcon stuff gets sorted through
8/13/05
Myself and the site got mentioned in the Edmonton
Journal. If you found your way here because of that article,
Welcome! Also got mentioned in a couple of articles at Defcon, Here, Here,
And Here.
Post Defcon hungover releases due shortly. Dirty Wi-fi contest tricks and more cool WRT54G stuff
8/3/05
Survived Defcon, will not be doing much of anything till at least the
12th. Photo's and stuff up then. Till then, keep your knickers on!
7/11/05
Updated the Kismet on windows
guide to v0.2. Now covers more recent builds of cygwin and
Kismet.
7/8/05
Ok, This should be interesting. Through various people at Lockpicking101.com
we are going to
be
having our first meeting of Canada Locksport International / Edmonton (CLSI/E) on July 16th, 4pm - 7pm. It's a group
that (we hope) will meet regularly to share information about locks and Lockpicking for the Edmonton area. No
experience neseccary, just bring your curiosity and manual dexterity. No website
yet, but we have a charter. Free to
attend, just mail me (render AT renderlab DOT net) for directions. It's in the basement of the RenderLab
and will be a pot luck BBQ, so bring grillables. The itinerary thus far:
Introductions
Brief intro to Lockpicking by Renderman (if new folk are present)
Food/beverages
Lockpicking roundtable (tools and locks supplied by Varjeal (for those who don't bring any))
High security lock installation demonstration (Varjeal and kuefler)
Chapter President Elections
Go home
6/28/05
Much to the annoyance of the neighbors and Dragorn I've been cranking
away at updating the wrt54g kismet
drone guide to v3.0
New instructions covering:
- Setup on the V3 WRT54G
- Updated for Kismet 2005-06-R1a
- Newer openwrt firmwares
- New scripts for channel hopping properly
- Even instructions on making your WRT54G into a drone appliance (start
the drone on boot!)
6/15/05
Slides for the AMICUE talk are up in the Presentations section
6/1/05
I will be giving an updated presentation for the Amiga Computer Users Of Edmonton (yes
Amiga) on June 9th on Wardriving and Wireless
security. Hopefully including live demonstrations of many different
attacks. The meeting is open to all, location and details on the Amicue
website
4/25/05
95 days till Defcon, My liver is already starting to hurt.
Big changes lately. The Renderlab will be moving to new digs shortly, so server interruptions may occur.
New projects are forthcoming, just need time to complete the move first.
2/14/05
Back from Shmoocon and the east coast. Lots of fun, Shmoocon was a blast,
highly recommended. I should hopefully have my talk and notes about the
Warpack Mark II up shortly. A page for Teddy-Net, the Wifi enabled
Teddy bear is up Here
2/2/05
Off to Shmoocon to give a talk about the Warpack. But since I
like my viewers so much, I'll release one of my secrets early. I've
written a guide to running Kismet on Windows Via Cygwin. v0.1 of the guide
is here. GPSD is the only piece of software that does'nt work
on Cygwin, so I'm putting money where my mouth is in the form of $100 (US)
for a patch to the current GPSD daemon that allows function under Cygwin
on Windows XP. Hopefully that gets some development going.
Mail will be checked periodically, but will likely be too drunk to do anything useful until the 12th. If you come to my talk, be sure to say Hi, we'll grab a drink. I'm always curious what people find thier way onto my site.
1/5/05
Happy New Year, yadda, yadda, yadda.
Major revisions to the WRT54G Kismet How-To, now up to version 0.2.2 now with guides for 2 firmwares and notes on others.
Shmoocon is coming up. My talk on the new Warpack should turn some heads.
11/18/04
Been a helluva couple months.
Been working steadily on the Warpack and other wardriving innovations/perversions
Server had a major file system glitch at the beginning of the month took the whole server out and led me to learn more than I wanted about OpenBSD filesystems and IDE drivers to recover
I will be presenting a talk at Shmoocon this February in Washington D.C. about the latest developments with the Warpack. I may also be giving a panel talk with other well known Wardriving icons.
I also wrote what I hope to have become the definative guide for loading and running the Kismet_drone on the linksys WRT54G Router. WRT54G Kismet How-To
8/24/04
This morning I found out that Slashdot
picked up a story from Watchguard
about the DC12 RunningMan
competition. My teammate Deviant and I are featured along with the Warpack. Just when
I thought my server bashing was subsiding, it ramps back up again.
8/23/04 Sobriety finally kicked in and I've posted photo's and a description for the "warpack" I mounted my laptop to for the Defcon wardriving contests. More to see in the new warpack section
8/8/04 Back and finally coherant after Defcon 12 conference. I'm happy to announce that myself and my friend Deviant won the Fox&Hound wardriving mini-contest, the only one to be won.
The Defcon Pic Gallery and the HOPE Gallery are up for your perverse viewing pleasure
7/14/04 Just got back from the HOPE conference in NYC. What really sucks is that when I got back I found that there had been 4 inches of water from some really outragous thunderstorms that flooded the NOC, taking the site offline for a few days.
I'm still cleaning up from that so for everyone who sent mail between July 11th and the 14th, don't panic if it bounced. I'm not being anti-social or anything, and I'm not dead.
6/21/04
WWWD4 is over. Aftermath is now posted Here
6/18/04
The Fourth Wordwidewardrive
has proven to be very good so far for Edmonton (for me, not the public).
I just passed 11,000 AP's in the Edmonton Metro area. For the first time
I've also scanned Leduc, Stoney Plain and Spruce Grove. Nearly 6300
points have been collected in just this week. The Wardriving section has all the usual
stats breakdowns
6/14/04
The Fourth Wordwidewardrive is on. Alberta is
represented again
Added a new link in the contents below to my Lockpicking stuff.
6/8/04
Installed Gallery to handle the picture archives on the site. For now there's only
the hacker con photo's but more realavent stuff will be coming.
Updated the WWWD4 page. If you are in the Edmonton area and wish to participate in any capacity, please let me know
5/11/04
As some may or may not know, an associate of mine, Rob Rosenberger of Vmyths.com whom I ended up Domain Stalking Network Associates
with a while back, has come out with a CD of commentary about
American Cyber Security Czar, Richard Clarke
I would encourage anyone who wants to learn about the hype, FUD and outright misdirection that political pundits have in regards to policy and operations, to visit Robs Cafepress store and order the "Debunking Richard Clarke" CD.
4/23/04
Met a really cool guy yesterday. He had read all the stuff on the site
and liked my research. So to help me along, he came up with about a dozen
door locks for me to practice on for the DC lockpick contest, as well as
loaning me a whole bunch of wireless gear, much of which will make the WWWD even more
interesting. Austin, you rock!
4/22/04
WWWD4 webpage for the Alberta portion of the page is up Here
4/16/04
Finally got Kismet, WarKizniz, my new AMP and a few other toys working
right and playing nice together, 2000 AP's in 2 hours later.... New stats
in the Wardriving section
4/8/04
Been a while since I've had an update.
Other hobbies and secret projects have been occupying my time, so not much new. However, in gearing up for the WorldWide Wardrive #4, I've bought myself an AMP :) WWWD4 will be full of AMP'd goodness this year.
On another note: Friends of mine from the Netstumbler forums have written a book about wardriving entitled 'Wardriving: Drive, Detect, Defend' that covers all aspects of wardriving and practical wireless security. I've had a sneak peek and highly recommend it. If you want to order it Use this link to amazon.ca to order, that way the co-authors get something for the purchase. (In the interests of disclosure, I am mentioned a couple times in the book, as well as the Stumbler Ethic, but I still think it's a great book for those interested in Wardriving and wireless security due to it's perspective and contributors)
1/23/04
As part of the ever entertaining MikeRoweSoft.com
craziness, I've purchased
www.Mike-Rowesoft.com in an
effort to see what Microsofts response will be to
the fact I bought the minor variation domain for cheaper than they are going to pay a lawyer to send a nastygram. I
have a new rant on the subject
12/24/03
Happy Holidays or whatever
your
doing tonight. Updated my stats in the Wardriving section. A slight increase in
the WEP usage and a drop in the default usage. Good
to see.
12/10/03
As part of the Wardriving
Central project, I have written a guide for wardrivers on dealing with the media. I
wrote it based on my experience dealing with media as advice for others
who, like myself, might not like the media, but find they must deal with
them to get the message out.
In other news I'm going to be playing with some new style sheets for the site thanks to Audit at Michigan Wireless, so don't be surprised if the site looks different, day to day
12/03/03
I was bored so I transcribed the Damage pricelists from Defcon 10 and 11 and clculated the differences in cost between
each year. Here it is if your interested
11/29/03
As part of the Wardriving Central project, I've updated and reworked the
Stumbler Ethics doc to v0.2. The changes reflect some new realities and
are a
bit more serious than previous.
11/28/03
Based off of discussions on the wardriver mail list and a suggestion I
made there, We are forming a new wardriving group at www.wardrivingcentral.org.
wardrivingcentral.org is a community of active wardrivers volunteering
their time and resources to inform everyone correctly of what wardriving
is and is not. Hopefully we can counter recent negative publicity and
gain some respect for our hobby.
I have also posted more presentation materials in the projects section
10/24/03
Finally recovered from the ICE conference. The talk went very well. I apparently had one of the highest attended talks
for the whole week. Met alot of people, changed alot of minds and learned alot myself. I had a great time and want to
thank the orginizers for inviting me and allowing me this oppourtunity. My notes and presentation and everything will be
up very shortly.
On the topic of speeches: 2600 has finally gotten the H2K2 video and audio up from the presentations. As you recall, I gave a talk there on Domain stalking. While not my best work, it was still well recieved and alot of fun despite the lack of sleep and food. They cut off about the first 10 minutes, but if you look at the slides it should make sense. Downloadable mp3 available here
10/13/03
Been busy preparing for the CIPS conference. I will be speaking from 3:15-4:45 pm in the Epiar Salon #10 about
wardriving and my experiences around Edmonton. (Iceconference.com) It should
be interesting given that I will be the
only hacker speaking at a conference of people who likely hate my guts. I will also be around the conference as a
representative of the hacker community and will do my damndest to make sure we are not paint with a criminal or
terrorist brush.
I have been updating my stats for the city of Edmonton, I've passed 3100 AP's in Edmonton and the surrounding area. New stats are up in the wardriving section
9/12/03
Been busy lately. New secret project keeping me very busy. Also been preparing for the CIPS talk. EXpect more news in
late October
9/5/03
Hits have been insane. Almost 68,000 in August, most from the 25th till
the end of the month from Defconpics.org. I also just noticed
I am also listed in the post-con write up section at the top of
Defcon.org. So if the
sites a little
slow,
please bear with me, but feel free to check out some of the new post-con stuff
8/25/03
More write ups and pics in the DC11 Archive.
Improved the write up about our Trip from
hell. My hits went from ~300 hits a
day to a couple thousand after
being listed on Defconpics.org,
so please bear with me while I sort out some bandwidth issues.
8/17/03
Head is finally clear and balance regained.
I've got a preliminary archive of my DC11 experiences, pics etc up over here. It's basic right now
because I'm still busy dealing with the Rendevan rebuild and the moneypit it's been and replacing the car that we totalled in Utah. If anyone has pics of my in the lockpick competition or from
around the con, mail them to
me.
8/5/03
Returned from Vegas. 1 Totaled car, 1 Roadside replaced alternator, 1
huge speeding ticket, 5th in Lockpick, 14 t-shirts and a helluva long nap
needed. Updates later as I recover.
7/23/03
Posted a new rant. This time it's back to my old tricks of asking "What
differenciates a 'product' from a 'trojan horse'
7/15/03
Posted results from WWWD3. A week of
driving added almost 400 AP's. Sadly, the stats have'nt changed much Overall
7/7/03
Renewed JelloBiafra.org for 2
more years today. Technically I still own it, but I'm pointing it at
Alternative Tentacles and making payments as a thank you for Jellos
inspiration a few years ago at H2K.
For those of you who don't remember, at H2K, Jello was the keynote speaker and he lamented that other people owned his name online. Over the next 2 years I was able to aquire the .net domain, and just before H2K2, I bought jellobiafra.org and presented it to Jello Onstage
7/2/03
Been really busy lately ripping the engine of the RenderVan into about 167
different pieces doing a full rebuild since it was using more oil than
gas.
WWWD3 is going well. Over 600 AP's so far, adding about 300 to my grand total. More details soon.
5/12/03
I have been sitting on this for a while. I have completed an investigation into the security of the University of
Alberta's installation of wireless networks on campus. The full report is
available here
5/9/03
Planning for the 3rd Worldwide Wardrive is FINALLY
up for the Alberta drive here. Yes I have
been draggin my heels
4/15/03
Another Interview, this time I did'nt do anything.
An Edmonton Police Association message board was comprimised and taken
off-line. The Edmonton SUN called me for my opinion. Here's the print article
In other news I'm fairly close to releasing a report on some wireless networks around town. Stay tuned.
4/1/03
14214 Visitors to the site in the month of March. That's a new record for
this little site of mine. It's been interesting to see who's been
visiting. I'm curious what's coming up this month....
3/11/03
Another interview today, this time on CBC National
Radio. They surprised
me and announced Renderlab.net on-air. My hits have gone nuts today.
I'll have a recording of the interview up shortly.
If you came here because of that interview, I belive My wardriving section is what your after.
3/2/03
Updates
Galore:
I have posted the presentation I gave at the CIPS meeting over
here
I have also posted the CSIS docs as well as The story
I also updated the Media archive to cover all this
attention. No I'm not vain :)
The third WorldWide WarDrive (WWWD) will take place from 28 June 2003 - 5 July 2003. Alberta will definatly be participating. Plans are in the works at the moment. Please mail Render@worldwidewardrive.org if you want to participate or have ideas.
2/26/03
Another local article today. The Edmonton
Sun picked up the story today about the CSIS article
2/24/03
What a weekend. Several calls back and forth between myself, jjkaczor and
a reporter resulted in This
article on the newswire. Basically this reporter got ahold of some
documents related to wardriving from CSIS (Canadian Spy Agency) relating
to our orginizing of the first Worldwide Wardrive in
August.
Sadly they missed the point that we were not being malicious.
That report hitting the news wires has resulted in a slew of calls from reporters and alot of headaches for me. More will be up later
2/20/03
The Presentation at the CIPS meeting went really well. Lots of good
questions, and every one of the CD's I made up (about 27) went like
hotcakes. The presentation materials will be up soon.
I'm off for the weekend, so mail won't be replied to until Monday. I'm not dead, just resting
2/7/03
Running a website means you get hits from the strangest of places. My top
visitors are quite interesting: IBM's
Almaden Research Center, NAIT, Capital Health Authority, Alberta Transportation. Welcome Folks!
If you have a work related reason for poking around here, lemmie know out of sheer
curiosity
1/28/03
On Jan 24th, the server suffered a catastrophic failure of the
powersupply, taking the entire system with it. The only thing that was
saved was the case and the floppy drive. The hard drive refuses to even
spin up. I have replaced the system with a Duron 1200+ system that
should hopefully survive all the hits for a while. Sorry for the
downtime
I have started a BLOG as an experiment. I'll be using that for more regular updates and oddities, and this front page for -ANNOUNCE type stuff. Here's my new BLOG
1/11/03
***Update:
To whomever sent me the email with the friggin huge attachment, drop me a
line without the attachment regarding what it is. There are more efficent
ways to xmit a file.
The article came out in Ed magazine today. Here it is if your curious.
To anyone who arrived here from the link in the article, I am not quite the cartoon character that he makes me out to be. Check out the About section. Much of me is on this site. If you have questions or want to know if I've scanned your network, or if your boss is panicing about what I do and wants to pull the plug on your wireless network Please mail me. I'm usually pretty good about getting back to people who aren't stupid.
A Few minor corrections/comments.
1. I don't go out EVERY night, just when I'm bored (idle
hands...)
2. I have never recieved cash from any domain stalking situations, just
demo product that is gathering dust
3. I wear the gloves because the steering wheel is freaking cold in
winter
4. The last 2 paragraphs are going to haunt me for quite a long time. I
just hope that the person understands that it
was said in expected confidence, but that'll teach me for speaking
of such things near a reporter.
The wardriving section is over here if you want to check out my maps. Feel free to poke around the rest of the site.
1/06/03
Happy New Year. My memory is fuzzy from the party, but the sharpie marker
drawings on my feet leave some thing to the imagination.
So the link from the Edmonton Journal never appeared, but word got round. I just schlepped Steve Makris from the Journal around in the RenderVan for an article. Hopefully he got the point that Wardrivers aren't out to cause mayhem or for free internet. If not, I've got a few tricks up my sleeve.
12/28/02
So I decided to take the last month and a half off to save gas and let the
wireless world in the city grow a bit. I'm back now with a new map and
fresh recipients of my advisory emails. New maps are in the Wardriving section
12/6/02
Apparently the Edmonton Journal
newspaper is linking to me as part of an
article. I did'nt plan this one. Apparently they are using me as the
defacto source for wi-fi info in Edmonton. Go
figure
Maps from various runs from the Second Worldwide Wardrive are up in the WWWD2 section
Other news: First (yes this is shameless self promotion) I had an article written about me in 'Profit' magazine (of all places). Read it online here. Second is that I've posted the first revision of 'The Stumblers Ethic'. A simple doc for new stumblers to gain guidance from. Check it out here
11/2/02
Again I was alone in my scan of Calgary. Oh well. 642 AP's later I'm
quite happy with the results. Maps to be generated shortly.
10/26/02
Group drive was a bit of a bust. I was the only driver. Got a bunch new
AP's added anyways. Hopefully the Calgery drive goes better.
10/18/02
Edmonton and Calgary Worldwide Wardrive plans are up here
10/11/02
Minor site revamp. Link colors changed, the Wardriving section got a
re-orginization and
facelift.
09/28/02
Planning has begun for the next Worldwide Wardrive October 26th to
November 2nd. You can find the planning page here in my wardriving section
09/04/02
Holy mother of god. /. just posted
an article about the aftermath of the World Wide Wardrive. Check
it out here. I can't belive that something I had a part in creating
has made it to /.
09/03/02
After a wild and crazy weekend, I've gotten some of the results of the
World Wide Wardrive Week: Alberta contingent up. Check out the details here
08/24/02
The 'World Wide wardrive' is in full swing. I'm orginizing the alberta
contingent. If you want to come and help scan all of Red-Deer on August
31st, or if your
just curious, deatils are
here
