Old News

Work is going well but that's not the point of this post.

As a Hacker, the revelations of Snowden and others have led creedace to what we have long expected and suspected. The world is not as we should have expected. If there ever was a time to fight back through legal and community methods, this is it. The Five Eyes, which I am under, assume everyone to be a terrorist. There is no proving otherwise, either you are a terrorist, will be a terrosist, or are a reformed terrorist, likely to be a terrorist again.

I recall my social studies classes in school. This is not what we were taught. The world deserves better than constant suspicion. Talk to your government representantives or get elected yourselves, or do something to get attention. THIS IS NOT WHAT WE WANT! WE ARE PART OF THE SOLUTION, NOT PART OF THE PROBLEM!

As Frank Sinatra once said; "Don't get even, get mad". The world has become an information economy. We control that economy. We have the power and its time to fight back and convince those in power or become those in power that the Hacker Ethos is not something to fear, but something to embrace, in order to shrink the world and realize the larger world we already know.

Start a bail fund for this post, but I stopped caring a while ago. Losing a sense of self preservation is very freeing!


Really liking this new job. They encourage me to do stuff I thought I'd get fired for normally. Nothing like a psychopath guarding the hen house. Also went to the Calgary Comic Expo and had a blast meeting some favorite stars and artists.

I'm slowly getting my life into a routine. I've wiped out the old gallery which was being ignored and becoming a spam filled mess. I've moved all my con photos and such onto Imgur to make life a crap load easier. I have setup a new gallery page HERE for all my con photos. More to be added as I get around to uploading them.

On a side note, I'm at 300K Defcoins, over 55% of the mining economy and still no idea what the heck I'm going to do with them.


Big changes in my life. New job breaking stuff which has been a source of relief for me as work and funds were a common stress point. Things coming together.

Wrote and article on the rediculous theories about the disappearance for flight MH370 that got picked up by Recode.net

Also currently crushing it in preparation for Defcon by mining Defcoins. Absolutely no idea what they will be used for or if they will have any value, but I intend to be a Defcon millionaire. My wallet account is DDxjZReVNUiZiyJXQA52Wzqxr1nyBqfKCZ in case anyone wants to give me more


Nothing major to update. Been focusing on getting life together and some stability. Derbycon in September rocked and the Crystal Method show there was amazing. I forgot how much fun small cons are.

I've switched to using gpg for secure email. My public key for render AT renderlab net is available HERE Fingerprint: 1987EE05B430B4CACC84D2D32683DEDCF15584AC


Yeah. Over a year, I know. @Ihackedwhat is my Twitter handle and alot of minor things go up there now.

I'm slowly revamping the site as I get time (which is precious little) but in the mean time, I'm fighting depression in myself and within the Hacker community. The Verge did a great write up about the issue.

The Internet archive via Jason Scott hooked me up with permanent high bandwidth storage for the WPA Cracking Tables. Direct links to Tarballs and the .torrent are HERE!!!


Holy crap. I made the front page of Slashdot. Been involved with projects that ended up there, but this is the first time by name.

As I noted in my talk, I want to prove to myself that ADS-B and NextGen Air Traffic Control is safe. If you look through my slides and can prove me wrong somewhere, please provide me with evidence (reports, technical information, studies, etc) that I can share publically. I have no problem admitting I am wrong. In this case, I'd be happy to do it. render [AT] renderlab [DOT] net is my email, feel free to contact me.


Back from Defcon, still unpacking and catching up on sleep

Short version: My presentation "Hackers + Airplanes = No Good Can Come Of This about hacking ADS-B and the NextGen Air Traffic Control rocked the con and the aviation community in general. Slides and the infamous POC video are up in various formats at /projects/ADS-B/ which will hopefully become a clearinghouse for more research into the topic.

Links to media and other fallout later. Need sleep

As usual, I'm behind on updates here.

I published the results of my Bi-Annual wireless scan of West Edmonton Mall with Infosec Institute as a trial run with them. The article is here. I will be posting an updated version that includes the fact that many of the "Secure" networks may be vulnerable to Reaver and other WPS attack tools.

It was revealed today by the New York Times that it was Netstumbler creator, Marius Milner, who was the Google engineer who wrote the software from the Google Streetview Wifi debacle. Wired asked for my comments. On a personal note, The media is making more of this than it needs to. He has all my sympathy for having to deal with people who dont understand that no damage was done, so no harm, no foul.

Local media got a hold of the Shaw Wifi advisory and called Shaw to ask them about thier side. They assert that adding an extra layer of encryption is a good thing. I still assert that giving away the key to that layer makes it useless and more dangerous due to a false sense of security. Read the article here.

I was also interviewed briefly in December about the City of Edmonton looking to pilot some form of E-voting for municipal elections. Read the article here and decide foryourself if the city can do it right the first time.

Holidays were good to me, providing a great deal of entertainment. Shaw Communications has launched a public WiFi trial. Thier 'secure' option is far from secure. In fact, it's utterly useless. My writeup is available here

I took Dark Tangent up on his request for ideas on how to make Defcon better for DC20. The result is an 8 page essay I sent him after con. I'm now sharing it with the rest of the community to spark discussion. The essay is a PDF up HERE. Please constructivly comment and Join the discussion

I wrote up details and build details for my costume from Defcon 19. I repaired (and promptly broke the arm wire) on my EL wire cenhanced coat from last year. This year I added some more headgear. I upgraded my Goggles with uOLED screens and a voice reactive LED respirator. I also made my own screen faithful reproduction of the Castor / Zuse cane from Tron:Legacy to enhance the ensemble. Code, pics and build details in my own usual stream of conciousness fashion in the above links

I also did a write up for my custom, MOLLE compatible Kilt, designed and built to hacker specifications. It is what I consider the first Tactical Kilt

I should also mention, a few months late but I am now on twitter, mostly to document the security fails I see in my travels. I am not one of those people who tweet what they had for breakfast. It's very one way as well, I follow very few people. My username is @IHackedWhat, which is best said as a question: "I Hacked What?"

Back from Blackhat/Defcon, tired, sore, the usual. An interview with Unlimited Magazine got posted while I was gone.

Expect some updates and writeups about my costume from Defcon. My EL Wire coat got upgraded with some new accessories.


Ok, no updates for 7 months, yeah, I suck. Rather than a big long write up on the front page, I've written up a summary in my Rants. Short version is I have been speaking all over Canada and the world and got robbed along the way.

In recent news, I was interviewed about the whole Lulzsec campaign in Macleans magazine. I had hoped they would use more of my comments to show how our security models, spending and mindsets are stuck in the last century. But I have no control over the final edit.

Back in February, I worked with Global news on a segment about the dangers of geo location in cell phone photos. A text version of the article is up here

Much travel, much speaking, much work. All good things, but 25 flights in 8 weeks, If I dont see another crappy airline meal or hear that safty briefing ever again, it'll be welcome.

Major updates from the speaking tour coming soon. I however wanted to record somewhere that the latest facebook "feature" of automatically performing facial regognition on newly uploaded photo's and suggesting who it may be will in no way be abused. The details are scant but I'm wagering that the system will not be limited to just friends you already tagged and at some point there will be some sharing of tag-to-face data between users. I imagine some perv snapping a photo of a hot woman and uploading it to automatically get her name and begin the age old dance of the stalker. I'm betting about 72 hours before there is some serious back pedeling

Tim at PrivacyWonk.net wrote up an absolutely amazing guide to building your own WPA2-Enterprise network for your home or small office. It's a guide that has been sorely needed and that I never got around to finishing. With his kind permission, I have mirrored his guide HERE to ensure it's continued existance. Now you have no excuse to not be running WPA2-Enterprise.

I did a quick interview with Help net security about wireless security. Not long, but kinda fun. It's up HERE

A few days late, but as promised, the Kismet Newcore Drone Build Instructions are up for public consumption. If you have any edits or comments, send em over.

Added a few photo's and cleaned up the EL Coat write up. Adding a bit about the Goggles I had with me

Back from Defcon, recovering, planning on getting more up about the EL Wire Coat. If you have pics of me in it, send em over (render AT renderlab DOT net).

On another note, recent iOS vulnerabilities play right into what Dragorn and I have been saying in our talks for the last year. Dragorn wrote up the issue, but basically with Airpwn you can inject traffic and do drive by jailbreaks or alot worse on iOS devices. Goes to show that not having access to your devices means that you cant do much to help yourself.

Quick note from HOPE. It seems the Make Magazine Blog let my latest creation, the EL Wire Coat, out early. I was hoping to have it debut at Defcon. The guy taking the video did'nt tell me he was with MAKE and so I let him film the coat mid way through de-bugging and the next thing, friends are teling me it's on the MAKE Blog.

Full pics, schematics and code will be posted soon as I had planned, however the media attention threw plans a bit askew. EDIT:I added a write up HERE

It took a while for everything to stabilize, but I've rewritten and updated the Kismet Drone guide to cover Kismet Newcore and OpenWRT 10.03 (Backfire). As a charitible thing, I've decided to release it first to Johnny Long's Informer Blog for the first month or so where subscribers get exclusive access. All subscriptions go to help Johnny and his great work in Africa with Hackers For Charity. So if you want access to the guide and a warm fuzzy feeling from helping a wothwhile charity, head over to the Informer Blog, get subscribed, and start hacking drones

On another note, I forgot to post that my latest book is out. here and as always they are copyleft and can be reused with credit back to Renderman and this site

Things have been coming in hot and fast with the whole "Google wardriving" thing in Germany and the controversy therein. I felt I had to comment, so I wrote up two articles to help dispell some of the myths and outright stupidity flying around this issue.

An Open Letter To Google and Thier Detractors - Looks at some of the technical misunderstandings that are causing the controversy
Google Wardriving Lawsuit Stupidity - Looks at the mind bogglingly strange assumptions in the recent lawsuit filed against Google over thier wardriving activities.

Remember kids, follow Stumbler Ethic if you want to wardrive safely and not get sued

I discovered an amusing vulnerability in the security of the locks in the NYC Subway system from 2000 miles away. I wrote an advisory about it but in short, it has to do with a reporter disclosing the master key for the majority of locks in the NYC Subway sytem. In a photograph with the article he is holding the key, thus allowing anyone to make thier own copy and making the problem he was reporting on, worse!

Back from a very long trip (8 weeks) with multiple cons and speaking gigs. Shmoocon was great except for the Snowpocalypse, but I did earn the "Soldered in a bar" achievment.

Hackcon in Norway was alot of fun as usual, except for SAS totally screwing us over and causing a major security screwup that kept getting better, and better

This trip I managed to get up to Westpoint Military Academy to give a talk to the cadets. One of the stranger places I've given a talk, particularly when I ended up standing in the middle of a formation of about 1000 cadets.

I'm now back at the lab, spending time at the Hackerspace in Edmonton and looking forward to COSSFEST and the Access and Privacy conference

Planes and I don't get along. Picked up another nasty cold on the way back from Poland. At least travel is done for a while. I can now focus on other things.

Woke up to read a pretty even article about me in December's "Edmontonian" Magazine (Page 11). Pretty decent article I must say. To anyone arriving because of it, I am looking for new clients and would be very interested to help you secure your digital assets. Drop me a line, render [AT] renderlab [DOT] net.

My recent speaking gig at the Cyber Protection Strategies 2009 conference in Ottawa, I took the tour of Parliament with my wardriving gear. The results were interesting and terrifying and I was sure I was about to be arrested.

I wrote up the experience and posted the scan files here

Wow, things are getting nuts on the speaking circut for me. Next I'll be speaking at Edmonton Code Camp Sept. 19th. After that I'm in Calgary keynoting the 2nd Annual Critical Infrastructure Conference on Sept. 28-29 (Use code "SaveTen" to save 10% when registering). After that I get October off. November is busy with the Cyber Protection Strategies 2009 conference in Ottawa November 2-3 and the ICE Conference in Edmonton November 4th. I then turn around and goto Poland to speak at CONfidence 2009/2 in Warsaw November 19-20th.

Needless to say, I am going to be very tired come December

Defcon is done, Zombie survival talk will be posted soon. Alot of new things learned and new toys to play with. I also got to apologize to Adam Savage finally. I feel much better now.

You really can't cut the lawn with fire

So The whole RFID question I asked at HOPE thing is still causing Adam Savage grief. 28 minutes into their keynote at RSA 2009 they were asked about the RFID thing and Adam had to dance around it again.

As the guy who asked the question at HOPE, I'd like to apologise once again to Adam Savage for unintentionally causing him annoyance of dealing with the blowback. I often seek to cause grief, but this was not one of those times.

A few notes: I've been testing Kismet Newcore for a while now and helping Dragorn in my own small ways with testing. He just recently got it running on Windows with the Airpcap from Cace. Here's a screenshot. Newcore is getting very close I think.

User Spliff666 on the hak5.org forums has uploaded all the individual files from the big WPA tables to Megaupload where you can get just the file you need instead of the huge compressed archive on the torrent. His post Here has everything you need for this alternative to the torrent

As part of my desire to document all my old projects, I wrote up a piece on my Bluetooth Shoe Phone from my Defocn 15 presentation in 2007

In going through some old hard drives around the lab I found a big stash of photo's from Defcon and HOPE's past that I thought lost in a crash a long time ago. I've uploaded to my gallery. I don't remember much from back then, but blurry photo's are still fun to have.

Can't sleep, decided to spend a couple days going through the lab and looking at old and half completed projects and documenting them and hopefully finishing some. First addition is the 'Sneaky Bastard' from Defcon 14, the rogue AP in a UPS.

Found out today that I got props at the end of episode 506 for possible inspiration of the Hak5 Network Monkey Project. It's very closely related to Teddy-Net from back in 2005. Too close to not point out.

So, back from Shmoocon in D.C. and Hackcon in Oslo, Norway. Got sick again. Ended up having an affect on norwegian politics (Use google translate or whatever, it's in Norwegian). In the US for another couple weeks recovering and doing R&D again (finally) and generally chilling out.

Another quick note to add to cache in google searches. When building Freeradius-WPE you may trip over a bug where the radius server runs the server on random ports even if you specify a specific port (this happens on my Ubuntu 8.10 box). The fix is to copy src/lib/packet.c from the source of freeradius-server-2.0.5, overwriting the same file in the 2.0.2 source that the WPE patch works on

Quick note to anyone running across the "Error loading the DB Abstraction library:" error using OpenBSD, Snort and BASE. The answer is to set the path realative to /htdocs as your top level. Read here to see what I spent many hours beating my head on

Nothing particularly new. Been taking it easy after a years worth of constant travel. I have however setup an Amazon store for my books and those of the friends of the RenderLab. It is up Here

I am looking for opportunities to offer my wireless security class in the Edmonton area and internationally. If you or your company are interested, please let me know so I can guage interest.

Back from Secvest in Norway, and SecTor in Toronto. At both I was asked to teach classes on wireless. In Norway it was a 6 hour sit down class of 30 people, in Toronto it was a drop in clinic where I spent most of my time loading Backtrack onto the USB drives build into the badges. Both great events I hope to attend again.

I think my ICQ account got hijacked. If you want my new account, just email me


Wow, I just asked a question.

The video clip where I asked Adam Savage why the Mythbusters have avoided RFID myths (both from the pro and con side) at HOPE made the rounds on the blogs this weekend

Well today it appears Adam is backpedalling and saying it wasn't like that and there was no legal interference, just a change in production. Hopefully the crapstorm means it's back on their radar and these myths get addressed.

Hey Adam! I'm available to consult if you guys need help :)

My second Defcon talk, "10 Things That Are Pissing Me Off" got bumped from a 2000 seat room to a 50 seat room. As a result, alot of people did'nt get to see it. Fortunatly it was recorded by a member of the press in the audience and put on YouTube.

Slides, videos and notes are all available here

Just getting over the con-plague from Defcon. Again!. I'm back on the clock again.

My latest book came out while I was away. K$ Hacking by Syngress Publishing is written by Thorn, ThePrez98 and myself and contains a huge amount of our combined knowledge of Kismet as well as new and updated hacks, tricks and how-to's. If you've ever wanted a manual for Kismet, this is it.

HOPE was awesome and it won't be the last! Got some press about my talk through Cnet Here.

UPDATE: Network world got some great footage and reporting about the RFID project at HOPE and included a fair bit of my talk in their report. Video is up here

As it happens, at the same time as that Cnet thing came out, the article and cover shot of me came out in the Globe and Mail's TQ Magazine. It's an IT insert magazine in the July 23rd issue of the G&M. First cover shot, I'm quite proud.

If you want to contact me about either article, my talk, or just to say Hi, email render AT renderlab DOT net.

Wow, who knew I could get that busy.

I'll be at the Last HOPE conference in NYC, July 18-20th. I'll be giving an updated version of my "How do I pwn thee? Let me count the ways" talk on the Friday at 2100 hours.

I'll next be at Defcon in Las Vegas (and possibly around Blackhat), August 8-10. I'll be speaking twice, first will be the "Pwn Thee" talk Saturday at 1800 hours and at 1230 hours on Sunday about "10 things that are pissing me off"

After all of that, I will be headed to SecVest in Bergen, Norway. I'll be teaching a free 6 hour class on wireless and wireless attacks. 30 seats maximum. When you sign up for the conference, include "wireless" in the comments. If you have already signed up, just contact the conference to get your name on the list. Laptop, extension cord and a wireless card compatible with Linux (Atheros based cards are best) are needed to get the most about the hands on part of the class.

Back from cons and recovered from the crud, however I'll be off the grid for the month of March. DVD orders will be delayed till April, but still sent.

In the mean time, Hak5.org did a video podcast interview with me at Shmoocon. Check it out the Hak5.org site

I was busy earning my coal over the holidays. I went and did a wireless audit of West Edmonton mall, one of the largest retail malls in the world. I wanted to see how secure businesses were, and boy did I get an answer

Has anyone learned anything? An audit of West Edmonton Mall retailers

I will be speaking at Hackcon in Norway next month as well as Shmoocon in Washington D.C. a week after. Remember to say Hi and ask to copy the WPA-Tables

I've been neglecting the site for quite a while. My bad.

I've been busy. I spoke at Sector in Toronto, which was an awesome conference. I also was a feature article for Alberta Venture Magazine in thier December issue. Scan of the article Here.

To those arriving because of the article, welcome. The writing for the article was great, Jennifer really went and did a great job. I wish more reporters were like her. I am not the most pleased about the comic version of myself. I've often been portrayed in articles as a cartoon character, it's just ironic that someone finally did the art to back it up.

If you have any questions about me or what I do, just mail me at render AT renderlab DOT net or if your spam filters don't like sending to "evil hacker" domains, send to renderlab AT gmail DOTcom and for the love of spongebob, someone out there hire me!

Back home finally and still recovering from con-plague. Thanks to Audit at Dataoutages.com for saving my ass by stepping up and offering to host my mail after my server had a melt down while I was away. render (at) renderlab (dot) net is back up and running. Thanks Audit!

Defcon is over but I'm not home yet. Mail server is having issues. Please send any post-con mail to renderlab AT gmail DOTcom. It will be about a week for me to get everything back up.

So I decided to be a sick wierdo and push the metasploit front end using mod_rewrite and mod_proxy through apache to make the msfweb console accessible from anywhere. Many hours of regex pain were involved so I wrote up this hack guide to hopefully save any other foolish souls who with to do the same things

Rebuilt the webserver over the weekend. Email build went sideways. If there was something you sent between June 2nd and 6th, please resend. Alternatly use the gmail account at renderlab (AT) gmail (DOT com if spam filters seem to not like me.

The Guys at Pauldotcom security weekly interviewed me for thier podcast last week. You can check it out here

Planning for the Defcon wireless village is taking up most of my time lately, but never fear, more cool stuff to come.

Yes it has been a while.
Uploaded a few presentations to the presentations archive. I'm also slowly going over the site and cleaning up old links and the such
The Shmoo group were kind enough to let the Church of Wifi use thier torrent tracker for the 33 Gb set of WPA hash tables. The torrent is here the bottom link

For reasons unknown the rfidanalysis.org website is down. This is the site for the Johns Hopkins University team that broke the Exxon Speedpass enryption scheme. Until more is known, I'm temporarily mirroring thier report HERE and the incomplete crypto scheme presentation HERE.

Sorry about the random downtime. Replaced and rewrote the firewall at the Renderlab and all hell broke loose. Should be sorted for now.

I've been working with Cacetech on a Kismet for Windows package for their Airpcap windows adapter (monitor mode in windows!). It also nicely supports Drones and is a perfect replacement for Kiswin32 since I'm waiting for Kismet-newcore to come out before updating it.

Cacetech Downloads

C0nverge was kind enough to update the torrent for the 7gb set of WPA hash tables. The new torrent is available Here

Still recovering. 3 cons a year get expensive. No major new updates except the Church of Wifi forums are up and ready for use.

Back from the con's. Still recovering and sorting. CoWPAtty 4.0 is available here

W00T! Defcon talk was accepted, Friday at noon, track 1

Looks to be a busy year for talks. I'll be at HOPE in NYC helping out the lockpicking village and giving a talk on RFID Security, I'll be at Defcon in Las Vegas helping run another lockpicking village and hopefully giving a talk. I'll also be speaking in Edmonton at the CIPS ICE conference giving a talk and demo of wireless tools. If your at any of these, come find me, we'll go have a drink.

Well, as you probably noticed, the ads are gone. Apparently asking your visitors to click on the ads to support a site is against googles adsense policies and enough to get your account killed. Thanks to my visitors for wanting to support me too much, the senitment was there, google just did'nt like it.

We finally got the CoWF WPA-PSK lookup tables posted (Torrent). These are the pre-computed hashes announced at Shmoocon. It's 172,000 word computed for each of the top 1000 SSID's for use with coWPAtty 3.0

Guess I can let the cat out finally. Myself, Thorn and Audit of the CoWF have written a book on RFID security for Syngress publishing, aptly named: RFID security. Support a starving hacker, feed your brain, buy our book!

Well, Ads are producing enough to offset bandwidth this month. No complains and I'm finding them fairly unobtrusive. The test so far seems to be panning out.

In other news, a few more Church of Wifi releases from Shmoocon for everyone. A Windows installer for Kiswin is now available. Along with the Autodrone install script for WRT54G Kismet drones, you have no reason not to be monitoring your network now. I've also posted the associated files for the coWPAtty 3.0 WPA-PSK lookup tables we computed. The tables themselves will hopefully be available this month for download or DVD purchase.

Moved the website and mail services to a new box which should hopefully make life alot easier for administration and for reliability. Nothing lie a quad-processor box to make for lively page delivery. Let me know if there are any glitches.

Unfortunatly reality comes crashing in once in a while and must be dealt with. The RenderLab's new digs are not cheap and bandwidth is becoming a bit of a financial crunch. I am sad to say that I am experimenting with google ads at the bottom of the page to see if I can offset things slightly. If you have any opinion, positive or negative, Please feel free to email me. If anyone has any valid reason that they don't think I should put ads on this site, please let me know and they will be taken down. For now, I will just be putting a bar at the bottom of the pages on my site, hopefully out of the way enough for everyone to not really cause any issues.

Shmoocon is over and there's was much goodness released by the Church of Wifi for the community out there. This post will be edited in the next few days with links as I get things posted. Keep yer knickers on, alot of the stuff we released was very last minute and we need time to polish it up for formal release. For the moment, enjoy the Autodrone install script for WRT54G Kismet drones and coWPAtty 3.0 with hash table support

If you've arrived here because of the Edmonton Sun article, Welcome. Only a couple things to explain. First, Despite the dramatic writing I'm not some scary entity bent on destruction only held back by a strong moral code, I'm actually a nice guy who wants to help people understand security. Second, I am not impressed with the term 'Wardriver' being used in the same sentance as people commiting illegal acts with wireless networks. Wardriving is the beninge act of detecting and logging wireless accesspoints while moving. Period. It has nothing to do with accessing networks. The article can be viewed through the link on my media page

If you have any questions, just mail me. render AT renderlab DOT net

Got an interesting email. Seems my Kismet_drone guide has been translated into spanish. Many thanks to Sergi for doing this. You can read it On his blog

Finally got about 6 months of wardriving data compiled and sorted. Edmonton now has over 66,500 networks mapped. Wardriving section has the numbers.

In related news, I won't be updating my maps. The size of my data and the disconnect of various tool versions and support for newer file formats made it too much of a daunting task requiring several hours. Just not worth it anymore when all you end up seeing is a sea of green and red dots. By special request I will see about creating maps, but don't expect regular updates.

Please read about the 'Warserver' for sale on ebay. If you came here thinking of asking me for help with this product, don't bother

With much assistance from Joshua Wright, We finally have a distributable Kismet-on-Windows package that does not require a install of cygwin. The goal of a self contained Kismet-on-Windows package is finally a reality. I'll still be updating instructions on the manual install, but this package just makes life easier for everyone. Check out Kiswin32 HERE

Updated the Kismet Drone Guide, the Kismet on Windows Guide, and even the WRT54G Spoofing guide.

Also added some new stuff. With assistance from Goldfndr on the NS forums, I am pleased to host and provide a guide for Compiling and running GPSD on Windows, allowing you to now Wardrive with Kismet on windows. I also added a guide on Canadian laws regarding Wardriving

I'm also pleased to announce that with Streaker69's generous programming and hosting, we've been able to restart the Church Of Wifi to act as a clearinghouse for all the amazing information the wardriving community has collected and created over the years. Most of my content is replicated there, and both will be maintained on a regular basis. Go and check it out, you might learn something

Added a services section to highlight the fact my tools and know how are for hire should the need arise. This does not mean I or my site are going corporate (far from it), just highlighting the fact I'm available in meatspace to help with security and technical problems.

New hungover Defcon release. This time it's a perl script written by Cazz of the Shmoo group for filtering SSID's (or anything else you want) from the Kismet client. Written for the Wardriving contest, it's not available for everyone HERE

Moved all my WRT54G research to it's own section at /projects/wrt54g. Also added a new guide on spoofing AP's with a WRT54G

Still more to come through the week as all the post-defcon stuff gets sorted through

Myself and the site got mentioned in the Edmonton Journal. If you found your way here because of that article, Welcome! Also got mentioned in a couple of articles at Defcon, Here, Here, And Here.

Post Defcon hungover releases due shortly. Dirty Wi-fi contest tricks and more cool WRT54G stuff

Survived Defcon, will not be doing much of anything till at least the 12th. Photo's and stuff up then. Till then, keep your knickers on!

Updated the Kismet on windows guide to v0.2. Now covers more recent builds of cygwin and Kismet.

Ok, This should be interesting. Through various people at Lockpicking101.com we are going to be having our first meeting of Canada Locksport International / Edmonton (CLSI/E) on July 16th, 4pm - 7pm. It's a group that (we hope) will meet regularly to share information about locks and Lockpicking for the Edmonton area. No experience neseccary, just bring your curiosity and manual dexterity. No website yet, but we have a charter. Free to attend, just mail me (render AT renderlab DOT net) for directions. It's in the basement of the RenderLab and will be a pot luck BBQ, so bring grillables. The itinerary thus far:

Brief intro to Lockpicking by Renderman (if new folk are present)
Lockpicking roundtable (tools and locks supplied by Varjeal (for those who don't bring any))
High security lock installation demonstration (Varjeal and kuefler)
Chapter President Elections
Go home

Much to the annoyance of the neighbors and Dragorn I've been cranking away at updating the wrt54g kismet drone guide to v3.0

New instructions covering:
- Setup on the V3 WRT54G
- Updated for Kismet 2005-06-R1a
- Newer openwrt firmwares
- New scripts for channel hopping properly
- Even instructions on making your WRT54G into a drone appliance (start the drone on boot!)

Slides for the AMICUE talk are up in the Presentations section

I will be giving an updated presentation for the Amiga Computer Users Of Edmonton (yes Amiga) on June 9th on Wardriving and Wireless security. Hopefully including live demonstrations of many different attacks. The meeting is open to all, location and details on the Amicue website

95 days till Defcon, My liver is already starting to hurt.

Big changes lately. The Renderlab will be moving to new digs shortly, so server interruptions may occur.

New projects are forthcoming, just need time to complete the move first.

Back from Shmoocon and the east coast. Lots of fun, Shmoocon was a blast, highly recommended. I should hopefully have my talk and notes about the Warpack Mark II up shortly. A page for Teddy-Net, the Wifi enabled Teddy bear is up Here

Off to Shmoocon to give a talk about the Warpack. But since I like my viewers so much, I'll release one of my secrets early. I've written a guide to running Kismet on Windows Via Cygwin. v0.1 of the guide is here. GPSD is the only piece of software that does'nt work on Cygwin, so I'm putting money where my mouth is in the form of $100 (US) for a patch to the current GPSD daemon that allows function under Cygwin on Windows XP. Hopefully that gets some development going.

Mail will be checked periodically, but will likely be too drunk to do anything useful until the 12th. If you come to my talk, be sure to say Hi, we'll grab a drink. I'm always curious what people find thier way onto my site.

Happy New Year, yadda, yadda, yadda.

Major revisions to the WRT54G Kismet How-To, now up to version 0.2.2 now with guides for 2 firmwares and notes on others.

Shmoocon is coming up. My talk on the new Warpack should turn some heads.

Been a helluva couple months.

Been working steadily on the Warpack and other wardriving innovations/perversions

Server had a major file system glitch at the beginning of the month took the whole server out and led me to learn more than I wanted about OpenBSD filesystems and IDE drivers to recover

I will be presenting a talk at Shmoocon this February in Washington D.C. about the latest developments with the Warpack. I may also be giving a panel talk with other well known Wardriving icons.

I also wrote what I hope to have become the definative guide for loading and running the Kismet_drone on the linksys WRT54G Router. WRT54G Kismet How-To

This morning I found out that Slashdot picked up a story from Watchguard about the DC12 RunningMan competition. My teammate Deviant and I are featured along with the Warpack. Just when I thought my server bashing was subsiding, it ramps back up again.

Sobriety finally kicked in and I've posted photo's and a description for the "warpack" I mounted my laptop to for the Defcon wardriving contests. More to see in the new warpack section

Back and finally coherant after Defcon 12 conference. I'm happy to announce that myself and my friend Deviant won the Fox&Hound wardriving mini-contest, the only one to be won.

The Defcon Pic Gallery and the HOPE Gallery are up for your perverse viewing pleasure

Just got back from the HOPE conference in NYC. What really sucks is that when I got back I found that there had been 4 inches of water from some really outragous thunderstorms that flooded the NOC, taking the site offline for a few days.

I'm still cleaning up from that so for everyone who sent mail between July 11th and the 14th, don't panic if it bounced. I'm not being anti-social or anything, and I'm not dead.

WWWD4 is over. Aftermath is now posted Here

The Fourth Wordwidewardrive has proven to be very good so far for Edmonton (for me, not the public). I just passed 11,000 AP's in the Edmonton Metro area. For the first time I've also scanned Leduc, Stoney Plain and Spruce Grove. Nearly 6300 points have been collected in just this week. The Wardriving section has all the usual stats breakdowns

The Fourth Wordwidewardrive is on. Alberta is represented again

Added a new link in the contents below to my Lockpicking stuff.

Installed Gallery to handle the picture archives on the site. For now there's only the hacker con photo's but more realavent stuff will be coming.

Updated the WWWD4 page. If you are in the Edmonton area and wish to participate in any capacity, please let me know

As some may or may not know, an associate of mine, Rob Rosenberger of Vmyths.com whom I ended up Domain Stalking Network Associates with a while back, has come out with a CD of commentary about American Cyber Security Czar, Richard Clarke

I would encourage anyone who wants to learn about the hype, FUD and outright misdirection that political pundits have in regards to policy and operations, to visit Robs Cafepress store and order the "Debunking Richard Clarke" CD.

Met a really cool guy yesterday. He had read all the stuff on the site and liked my research. So to help me along, he came up with about a dozen door locks for me to practice on for the DC lockpick contest, as well as loaning me a whole bunch of wireless gear, much of which will make the WWWD even more interesting. Austin, you rock!

WWWD4 webpage for the Alberta portion of the page is up Here

Finally got Kismet, WarKizniz, my new AMP and a few other toys working right and playing nice together, 2000 AP's in 2 hours later.... New stats in the Wardriving section

Been a while since I've had an update.

Other hobbies and secret projects have been occupying my time, so not much new. However, in gearing up for the WorldWide Wardrive #4, I've bought myself an AMP :) WWWD4 will be full of AMP'd goodness this year.

On another note: Friends of mine from the Netstumbler forums have written a book about wardriving entitled 'Wardriving: Drive, Detect, Defend' that covers all aspects of wardriving and practical wireless security. I've had a sneak peek and highly recommend it. If you want to order it Use this link to amazon.ca to order, that way the co-authors get something for the purchase. (In the interests of disclosure, I am mentioned a couple times in the book, as well as the Stumbler Ethic, but I still think it's a great book for those interested in Wardriving and wireless security due to it's perspective and contributors)

As part of the ever entertaining MikeRoweSoft.com craziness, I've purchased www.Mike-Rowesoft.com in an effort to see what Microsofts response will be to the fact I bought the minor variation domain for cheaper than they are going to pay a lawyer to send a nastygram. I have a new rant on the subject

Happy Holidays or whatever your doing tonight. Updated my stats in the Wardriving section. A slight increase in the WEP usage and a drop in the default usage. Good to see.

As part of the Wardriving Central project, I have written a guide for wardrivers on dealing with the media. I wrote it based on my experience dealing with media as advice for others who, like myself, might not like the media, but find they must deal with them to get the message out.

In other news I'm going to be playing with some new style sheets for the site thanks to Audit at Michigan Wireless, so don't be surprised if the site looks different, day to day

I was bored so I transcribed the Damage pricelists from Defcon 10 and 11 and clculated the differences in cost between each year. Here it is if your interested

As part of the Wardriving Central project, I've updated and reworked the Stumbler Ethics doc to v0.2. The changes reflect some new realities and are a bit more serious than previous.

Based off of discussions on the wardriver mail list and a suggestion I made there, We are forming a new wardriving group at www.wardrivingcentral.org. wardrivingcentral.org is a community of active wardrivers volunteering their time and resources to inform everyone correctly of what wardriving is and is not. Hopefully we can counter recent negative publicity and gain some respect for our hobby.

I have also posted more presentation materials in the projects section

Finally recovered from the ICE conference. The talk went very well. I apparently had one of the highest attended talks for the whole week. Met alot of people, changed alot of minds and learned alot myself. I had a great time and want to thank the orginizers for inviting me and allowing me this oppourtunity. My notes and presentation and everything will be up very shortly.

On the topic of speeches: 2600 has finally gotten the H2K2 video and audio up from the presentations. As you recall, I gave a talk there on Domain stalking. While not my best work, it was still well recieved and alot of fun despite the lack of sleep and food. They cut off about the first 10 minutes, but if you look at the slides it should make sense. Downloadable mp3 available here

Been busy preparing for the CIPS conference. I will be speaking from 3:15-4:45 pm in the Epiar Salon #10 about wardriving and my experiences around Edmonton. (Iceconference.com) It should be interesting given that I will be the only hacker speaking at a conference of people who likely hate my guts. I will also be around the conference as a representative of the hacker community and will do my damndest to make sure we are not paint with a criminal or terrorist brush.

I have been updating my stats for the city of Edmonton, I've passed 3100 AP's in Edmonton and the surrounding area. New stats are up in the wardriving section

Been busy lately. New secret project keeping me very busy. Also been preparing for the CIPS talk. EXpect more news in late October

Hits have been insane. Almost 68,000 in August, most from the 25th till the end of the month from Defconpics.org. I also just noticed I am also listed in the post-con write up section at the top of Defcon.org. So if the sites a little slow, please bear with me, but feel free to check out some of the new post-con stuff

More write ups and pics in the DC11 Archive. Improved the write up about our Trip from hell. My hits went from ~300 hits a day to a couple thousand after being listed on Defconpics.org, so please bear with me while I sort out some bandwidth issues.

Head is finally clear and balance regained.
I've got a preliminary archive of my DC11 experiences, pics etc up over here. It's basic right now because I'm still busy dealing with the Rendevan rebuild and the moneypit it's been and replacing the car that we totalled in Utah. If anyone has pics of my in the lockpick competition or from around the con, mail them to me.

Returned from Vegas. 1 Totaled car, 1 Roadside replaced alternator, 1 huge speeding ticket, 5th in Lockpick, 14 t-shirts and a helluva long nap needed. Updates later as I recover.

Posted a new rant. This time it's back to my old tricks of asking "What differenciates a 'product' from a 'trojan horse'

Posted results from WWWD3. A week of driving added almost 400 AP's. Sadly, the stats have'nt changed much Overall

Renewed JelloBiafra.org for 2 more years today. Technically I still own it, but I'm pointing it at Alternative Tentacles and making payments as a thank you for Jellos inspiration a few years ago at H2K.

For those of you who don't remember, at H2K, Jello was the keynote speaker and he lamented that other people owned his name online. Over the next 2 years I was able to aquire the .net domain, and just before H2K2, I bought jellobiafra.org and presented it to Jello Onstage

Been really busy lately ripping the engine of the RenderVan into about 167 different pieces doing a full rebuild since it was using more oil than gas.

WWWD3 is going well. Over 600 AP's so far, adding about 300 to my grand total. More details soon.

I have been sitting on this for a while. I have completed an investigation into the security of the University of Alberta's installation of wireless networks on campus. The full report is available here

Planning for the 3rd Worldwide Wardrive is FINALLY up for the Alberta drive here. Yes I have been draggin my heels

Another Interview, this time I did'nt do anything. An Edmonton Police Association message board was comprimised and taken off-line. The Edmonton SUN called me for my opinion. Here's the print article

In other news I'm fairly close to releasing a report on some wireless networks around town. Stay tuned.

14214 Visitors to the site in the month of March. That's a new record for this little site of mine. It's been interesting to see who's been visiting. I'm curious what's coming up this month....

Another interview today, this time on CBC National Radio. They surprised me and announced Renderlab.net on-air. My hits have gone nuts today. I'll have a recording of the interview up shortly.

If you came here because of that interview, I belive My wardriving section is what your after.

Updates Galore:
I have posted the presentation I gave at the CIPS meeting over here
I have also posted the CSIS docs as well as The story
I also updated the Media archive to cover all this attention. No I'm not vain :)

The third WorldWide WarDrive (WWWD) will take place from 28 June 2003 - 5 July 2003. Alberta will definatly be participating. Plans are in the works at the moment. Please mail Render@worldwidewardrive.org if you want to participate or have ideas.

Another local article today. The Edmonton Sun picked up the story today about the CSIS article

What a weekend. Several calls back and forth between myself, jjkaczor and a reporter resulted in This article on the newswire. Basically this reporter got ahold of some documents related to wardriving from CSIS (Canadian Spy Agency) relating to our orginizing of the first Worldwide Wardrive in August. Sadly they missed the point that we were not being malicious.

That report hitting the news wires has resulted in a slew of calls from reporters and alot of headaches for me. More will be up later

The Presentation at the CIPS meeting went really well. Lots of good questions, and every one of the CD's I made up (about 27) went like hotcakes. The presentation materials will be up soon.

I'm off for the weekend, so mail won't be replied to until Monday. I'm not dead, just resting

Running a website means you get hits from the strangest of places. My top visitors are quite interesting: IBM's Almaden Research Center, NAIT, Capital Health Authority, Alberta Transportation. Welcome Folks! If you have a work related reason for poking around here, lemmie know out of sheer curiosity

On Jan 24th, the server suffered a catastrophic failure of the powersupply, taking the entire system with it. The only thing that was saved was the case and the floppy drive. The hard drive refuses to even spin up. I have replaced the system with a Duron 1200+ system that should hopefully survive all the hits for a while. Sorry for the downtime

I have started a BLOG as an experiment. I'll be using that for more regular updates and oddities, and this front page for -ANNOUNCE type stuff. Here's my new BLOG


To whomever sent me the email with the friggin huge attachment, drop me a line without the attachment regarding what it is. There are more efficent ways to xmit a file.

The article came out in Ed magazine today. Here it is if your curious.

To anyone who arrived here from the link in the article, I am not quite the cartoon character that he makes me out to be. Check out the About section. Much of me is on this site. If you have questions or want to know if I've scanned your network, or if your boss is panicing about what I do and wants to pull the plug on your wireless network Please mail me. I'm usually pretty good about getting back to people who aren't stupid.

A Few minor corrections/comments.
1. I don't go out EVERY night, just when I'm bored (idle hands...)
2. I have never recieved cash from any domain stalking situations, just demo product that is gathering dust
3. I wear the gloves because the steering wheel is freaking cold in winter
4. The last 2 paragraphs are going to haunt me for quite a long time. I just hope that the person understands that it was said in expected confidence, but that'll teach me for speaking of such things near a reporter.

The wardriving section is over here if you want to check out my maps. Feel free to poke around the rest of the site.

Happy New Year. My memory is fuzzy from the party, but the sharpie marker drawings on my feet leave some thing to the imagination.

So the link from the Edmonton Journal never appeared, but word got round. I just schlepped Steve Makris from the Journal around in the RenderVan for an article. Hopefully he got the point that Wardrivers aren't out to cause mayhem or for free internet. If not, I've got a few tricks up my sleeve.

So I decided to take the last month and a half off to save gas and let the wireless world in the city grow a bit. I'm back now with a new map and fresh recipients of my advisory emails. New maps are in the Wardriving section

Apparently the Edmonton Journal newspaper is linking to me as part of an article. I did'nt plan this one. Apparently they are using me as the defacto source for wi-fi info in Edmonton. Go figure

Maps from various runs from the Second Worldwide Wardrive are up in the WWWD2 section

Other news: First (yes this is shameless self promotion) I had an article written about me in 'Profit' magazine (of all places). Read it online here. Second is that I've posted the first revision of 'The Stumblers Ethic'. A simple doc for new stumblers to gain guidance from. Check it out here

Again I was alone in my scan of Calgary. Oh well. 642 AP's later I'm quite happy with the results. Maps to be generated shortly.

Group drive was a bit of a bust. I was the only driver. Got a bunch new AP's added anyways. Hopefully the Calgery drive goes better.

Edmonton and Calgary Worldwide Wardrive plans are up here

Minor site revamp. Link colors changed, the Wardriving section got a re-orginization and facelift.

Planning has begun for the next Worldwide Wardrive October 26th to November 2nd. You can find the planning page here in my wardriving section

Holy mother of god. /. just posted an article about the aftermath of the World Wide Wardrive. Check it out here. I can't belive that something I had a part in creating has made it to /.

After a wild and crazy weekend, I've gotten some of the results of the World Wide Wardrive Week: Alberta contingent up. Check out the details here

The 'World Wide wardrive' is in full swing. I'm orginizing the alberta contingent. If you want to come and help scan all of Red-Deer on August 31st, or if your just curious, deatils are here

Return to Main