A website of projects, burned PCBs, and segfaults. It’s fun for the whole family!

Posts

  • Sep 22, 2021

    Bluetooth Low Energy and Reversing a Smart Lightbulb

    “Smart” things are the wave of the future! Everyone wants some bit of tech that already exists, like a lightbulb, but now controlled through an app! Or at least, that’s what marketers have decided on. But sometimes the companies maintaining the app goes under, or decides to not support what you bought anymore, and your fancy smart lightbulb becomes, well, a $35 lightbulb.

    I recently got my hands on an old bluetooth lightbulb that was first made in 2015. But the phone app to control it is clunky and ugly, and hasn’t been updated since 2018. So if I want to still use it now, the options are to have an unmaintaned, potential security-risk app on my phone, or not use it. Or, be me, since I’ve been itching to learn more about bluetooth low energy. In which case, it becomes time to do some reverse engineering!

    Wireshark and phone app next to each other

  • Sep 8, 2021

    Using Interrupts on the Adafruit Feather Huzzah with ESP8266

    It doesn’t take long learning embedded systems before you come across interrupts. Learning how to make your embedded system quickly react to changes in the real world (button presses, motion sensing, whatever) is often a default requirement for any fun projects. Since I’ve been programming on the Adafruit Feather Huzzah with ESP8266 (a mouthful, I have to say), I decided to use that for some hands-on learning.

    Adafruit Feather Huzzah on a breadboard with a switch, LED, a resistor, and some wires

  • Aug 30, 2021

    How to use Quadrature Rotary Encoders

    As part of a project I’m working on, I wanted to have a nice rotating switch that let me flip between different options. Googling around, I discovered that apparently meant I needed a rotary encoder. I bought one from adafruit, only to realize I had no idea how to use it. And oddly enough, Adafruit didn’t have a pre-existing codebase I could pull from. It was time to read some datasheets, do some experiments, and figure out how to use it.

    Rotary encoder with a black rubber knob on it, in front of a grey background

  • Aug 26, 2021

    Setting up ESP8266 with VSCode, Arduino, and Make

    Continuing my exploration of embedded systems, I decided to try my hand at the ESP8266, a popular microcontroller. It’s apparently being phased out and replaced with the ESP32, but it still has a lot of fuctionality, and perhaps more importantly, I already had one on a dev board laying around.

    Because I’m all about learning, and also about doing things the hard way, I decided to use a different toolchain setup than what Adafruit suggests (which is just using the arduino ecosystem). Instead, I’ll go for something a little more complicated…

  • Jul 28, 2021

    Mindfulness Bracelet, Learning Batteries, and Forgetting to KISS

    Setting up Blinky on various microcontrollers is one thing, actually having a working embedded system is another. So, I decided I needed something relatively easy, that preferably used what I had around already, and used the conductive thread that I had recently gotten from Adafruit as a present.

    After some thinking, I came across a simple idea: I’ve been stressed a lot recently, and my back has been storing that all in the form of painful knots. So how about I made something that let me remember to relax my back throughout the day! I didn’t want to have yet another app sending notifications, so how about something that buzzed, maybe a wearable watch? I did some googling, and came upon the Adafruit mindfulness bracelet. I already had the Gemma M0, and I could use conductive thread to sew the circuit onto a simple nylon bracelet. AND the code was obviously really simple, just wait a minute or two, then vibrate, then wait. It would be a simple and quick project to dip my toes into full embedded systems!

    Or so I thought.

  • Jun 16, 2021

    Getting started with STM32 black pill - Getting blinky with STM32Cube IDE

    Now that I’ve dipped my toes into the microcontroller world, lets cannonball in with the world of STM32 microcontrollers. There’s a ton of different microcontrollers that are all STM32, but I’ll be starting with a relatively easy starting microcontroller. It’s easy because it comes on a cheap development board that doesn’t require any custom PCB work, and it has a funny nickname. I’m talking about the We Act Studio’s STM32F411 dev board, nicknamed the “Black Pill”. It lets me start figuring out the embedded toolchain immediately, without having to dive too deep into the hardware side. Though I’ll still be looking at schematics, since they’re important and it’s good practice.

  • Jun 8, 2021

    Programming an ATmega328p without the Arduino IDE

    Now that I have an AVR programmer and the ATmega328p on its own breadboard (as I documented here), I want to remove my dependence on the Arduino IDE download. So no more using tools that arduino IDE downloaded for me! My rough plan is as follows:

    1. pick a different IDE for writing my code
    2. either write C code without any AVR-specific libraries, or find a SDK
    3. download avr-gcc so I can compile my code
    4. download AVRdude so I can send my compiled code to the ATmega328p
    5. figure out if there’s any other things I have to download or run?
  • May 25, 2021

    Directly Programming an ATmega328p from an Arduino Uno

    So Arduino’s brains is a ATmega328p microcontroller. On the standard Arduino Uno, it comes as a chip that you can remove from the board, so if you fry it on accident, you can replace just the chip instead of the whole board. So is it possible to remove all the stuff Arduino gives you, take just the chip, and directly program the ATmega328p?

    Well I came across a youtube playlist recently that gives a resounding yes, yes you can. Mitch Davis’ Bare-Metal MCU playlist walks you through taking all the helpful things Arduino gives you, and removing them one by one. This sort of content is exactly up my alley, and I realized I had an Uno kicking around, plus a sparkfun version of an Uno, a sparkfun redboard. Why not follow along?

  • May 13, 2021

    Netgear DM 200 Modem Breakdown - The Hardware Side

    Now that I’ve poked around the software side of things on my DM 200 modem, it’s now time to poke some hardware!

  • Feb 23, 2021

    Netgear DM 200 Modem Breakdown - The Software Side

    Motivated by miscellany blog posts, I decided to try my hand at poking around an old modem I had lying around. 

  • Dec 7, 2020

    Making Websites for Fun and Spite

    One of my many side hobbies I enjoy is learning about plants. I like learning about wild native and invasive species wherever I am, and I like excitedly telling everyone within earshot about them whenever I spot an interesting plant. Thanks to the miracle of the modern internet, I can tell strangers I’ve never met about plants too. I set up an instagram for just such a purpose here: https://www.instagram.com/thefloraandfaunawalks. However, my dad doesn’t have an instagram account, and he pointed out (rightly) that you had to have an account to see anything more than the first picture of each post, even for “public” instagram accounts! Well that frustrated me, because “public” should mean “public”! So in a fit of spite I decided to spin up my own static website. And instead of hand-crafting each page, build out a little bash script that generates my posts.

  • Sep 10, 2020

    Taking Things Apart For fun and ... well, mainly fun

    I’ve been in a hands-on, physically-fixing-stuff sort of mood, so I’ve finally gotten around to two electronic projects on my list for a while: Fixing the joystick drift on my Nintendo switch, and breaking down an old printer for its parts. So I thought I’d do a quick write up about them, along with some pics of my tear-downs. 

  • Sep 1, 2020

    Game of Life on the NeoTrellis M4 Express

    Once upon a time, I was subscribed to Adabox ( https://www.adafruit.com/adabox), a quarterly subscription box that sends a collection of hobby electronic components that are ready for you to use in projects. Each box comes with a page online that shows different projects you can make with the products you get, and links to more documentation about each product. Honestly it felt perfect for me, someone who loves tinkering with microcontrollers (I’ve built out a pi-hole ( https://pi-hole.net) and a fun cyberpunk halloween costume ( Cyberpunk Hacker Costume) before), but is also pretty new at figuring out what wires and alligator clips and connectors I’d need for what microcontroller. Unfortunately, I was always swamped at work, so I never had the time and energy to dive into the boxes, and I canceled after it became clear they were piling up without any projects being built.

  • Jul 23, 2020

    Building a NodeJS and Vue App - part 1 Node.js server

    When first learning about Node.js, NPM, and the entire ecosystem around javascript frameworks, I found a lot of tutorials and “basic” apps that assumed a lot of underlying javascript knowledge, or assumed you’d never programmed before. Or alternatively, they were tutorials that said “type these mystical commands into the terminal and you now have a working web app!” without actually explaining any of the commands. So yes, I had a working web app, but I couldn’t modify it in any way without reading the documentation for every one of the 100 libraries they decided to use in the tutorial.

  • Jul 16, 2020

    Connecting to Heroku Postgresql with .Net Core

    In my adventures using Heroku for hosting a .Net Core app (previous writeup here: Running Net Core in Heroku), I decided to use the built-in Heroku postgresql database. Once again, there wasn’t an official way to connect a .Net Core app to that, so I had to piece together my own version. Happily it’s pretty straightforward. 

  • Jul 9, 2020

    Running .Net Core in Heroku

    I’ve recently wanted to play around with running ASP.Net Core websites in the cloud. Microsoft’s Azure App Service didn’t really work for me for a variety of reasons, so I looked elsewhere. AWS and Google’s cloud didn’t support .Net Core like Microsoft (makes sense), and their pricing models for both seemed very confusing. Since I’ve heard horror stories of huge surprise cloud bills, I decided to stick with a company I’ve used before with decent luck, Heroku. They offer a lot of support out of the box for nodeJS apps, which I’ve used before. And while they don’t support .Net Core, they DO support publishing custom docker containers. And well, I know Microsoft supports running .Net Core in docker, so this should be easy, right? Well yes and no. I hadn’t worked a ton with creating custom dockerfiles before, and I hadn’t run a container on Heroku, beyond their tutorial version, so there was quite a bit of configuration wrangling I had to do before it worked. 

  • Jun 26, 2020

    Speech Shadowing App

    I’ve recently completed a new application ( https://github.com/Dthurow/SpeechShadowing) to help language-learners practice speech shadowing. I decided to build this for my own use while learning Japanese. I’ve been practicing my reading, writing, and listening comprehension with various online tools (wanikani, anki, and Language Learning with Netflix), but realized I’d been neglecting an important aspect of learning a new language: speaking it. I currently don’t have any study buddies I can practice speaking with, and don’t want to spring for one on one tutoring just yet, so I found speech shadowing as something that could help me with my basic speech practice. 

  • May 11, 2020

    Manta Ray ID Project

    My first free-lancing project has just launched, so I’m doing a quick write up of the tech used, before/after, etc. I’m pretty pumped that it went so well and it’s my first project freelance. Look at the cool thing I made!

  • Apr 27, 2020

    .NET MVC Html.AntiForgeryToken and its side-effects

    I’ve worked with .NET, and specifically .NET MVC for the last 5 years, and I’ve run across some interesting or aggravating issues with. Below is an example of an issue that was both. Interesting because the problem only manifested during the interaction of the code and production services, and aggravating because of how long it took to debug. Hopefully, this will help some other future dev avoid the aggravation!

  • Apr 21, 2020

    Azure App Services and SQLLite3

    I created a .NET Core API that talks with a sqllite3 database. The plan is to start with a sqllite3 database, and when I run into storage or other issues once the project is launched, I’ll switch to a bigger or fancier sql instance as needed. I’m to the point where I want to start building a test environment, so other people who help me with the project can test. Azure App Services allows you to do a local git push to an app service and auto-magically (using the Kudu build program) have your code running on the internet. It also allows 1gb of storage in the app service. Since I want to just have an initial website for testing purposes and not for production, having a sqllite3 database on the single server in the app service seems to make sense. I don’t have to pay for extra storage I won’t need, and I don’t have to worry about concurrency or scaling because it’s a single instance of the site, and I can deploy as I go using a git remote branch. KISS principle, right?

  • Feb 13, 2020

    WarGames: Learning hacking (security) the fun way

    Tl;dr I gave a talk last year on wargames, hands-on security learning websites, and wanted to make a blog version of the talk. Wargames are fun puzzles that teach you security concepts by hands on learning and self-guided research. With no time-pressure or required competition, they’re a great way to get started learning security in a stress-free manner.

  • Jan 27, 2020

    The Grid by Gretchen Bakke – book report

    A book report on a recent non-fiction book that I read and enjoyed.

  • Mar 14, 2019

    Halloween 2018 - Cyberpunk Hacker

    This last Halloween I decided to pull out all the stops and finally use my Adabox tech ( https://www.adafruit.com/adabox) to make a fun CyberPunk Hacker costume for my work’s Halloween costume competition. After a quick trip to Goodwill and Value Village, I had some suitably punk-style clothing. I got some spray-on blue hair dye (and a lot of hair gel) and all I needed was some cool looking tech to complete the outfit. Below is a short write up of my tech and code, with links to the code on github. None of the code is super polished, since I did all of this over a long weekend right before Halloween, but it certainly works. And I gotta say, work feels a lot more fun when you’re in full hacker gear, even when you’re just debugging a weird JavaScript bug.

    HACK THE PLANET!!

  • Feb 26, 2019

    Having a Bash - With OverTheWire Bandit Wargame

    On the 25th I had some time off planned, and so decided to brush up on my bash skills using the wargame Bandit from OverTheWire ( http://overthewire.org). They request you don’t do a write up for the solutions to the problems, so I wont. However, they do connect with a site called WeChall that lets you track what solutions you’ve solved. I created a profile there and linked it to track my progress. Here’s the link if you’re curious: https://www.wechall.net/profile/qerolt.

  • Sep 18, 2018

    Practicing my Japanese with a Kana Reading app

    Sometimes, it’s nice to remember I have some skills. For example, I woke up one morning with an idea for a little application that would be helpful for me learning Japanese. I then went to my computer, and about 4 hours later, I had that app.

  • Nov 27, 2017

    Microcorruption War Game (levels 1-8)

    Microcorruption (https://microcorruption.com/) is a long-time running “game” that gives you a series of puzzles that you have to solve. The fun bit? You solve the puzzles by learning and abusing assembly language! It uses MSP430 assembly (apparently an assembly language made by TI, the calculator guys), and is all in-browser. It displays the disassembled code, a live dump of memory, a console, and the register values. The story around it is simple: you’re trying to break into warehouses that are locked with an electronic lock. The company you work for has gotten the code that the locks use and disassembled it, and it’s your job to step through the code and figure out the password to get the lock to open. Each level uses a more and more complicated version of the electronic lock, but thankfully, the developers who made the lock code are pretty characteristically overworked and/or underpaid, so the code is rife with lovely bugs or just stupid programming that you can take advantage of.

  • Jul 24, 2017

    Playing with Pygame

    I’ve been moving to a new place, and at work we’re gearing up for a launch of a new product, so I haven’t had as much time as I’d like to to do my literally millions of side projects I have. But I did get a new laptop, and have managed to do some fun things recently.

  • Apr 20, 2017

    CanSecWest Review

    As I mentioned in a previous post, I went to two security conferences several weeks ago. I already posted a review of the first one I went to, Bsides Vancouver. This post will be about my thoughts on CanSecWest, the second conference in BC. ( https://cansecwest.com/ )

  • Apr 6, 2017

    BSides Vancouver Review

    A few weeks ago, I went to two information security conferences in Vancouver BC, Bsides Vancouver and CanSecWest. I’d stumbled upon the conferences while browsing online, and on the off chance I could convince work this was work related, I applied for training so I could go. Surprisingly, it was okay-ed, and I was sent on my way. (If you are from work and were one of the people who okay-ed, it most definitely was related to work. Pinky-promise.)

  • Feb 18, 2017

    PicoCTF

    PicoCTF is a capture-the-flag competition that happened in 2014. It was originally aimed at high school and middle schoolers, with an actual time limit and awards and whatnot. The organizers were kind enough to leave the puzzles up, however, so that future people (aka me), could still try to solve their challenges. Even though it’s originally aimed at high schoolers and middle schoolers (and has a storyline involving killer cyborgs and kidnappers) the challenges themselves are pretty enjoyable for all ages, and more accurately would be for beginners in the infosec world. I fall neatly in that category, and so as work permits, have been working through the different problems they have. Below is a write-up of the more interesting puzzles I’ve solved so far.

  • Jan 29, 2017

    32-bit Assembly on a 64-bit Linux machine

    As part of my learning about low-level computing, I figured it would be best if I could learn more about assembly. The book Hacking: the Art of Exploitation ( https://www.nostarch.com/hacking2.htm) has some beginner assembly stuff in it, so I decided I wanted to do some writing of assembly myself.

  • Jan 18, 2017

    Intro Post

    Computer science is such a large field. It’s a fractal, an infinity of possible jobs, research positions, studies, ideas, and puzzles. I think the main reasons for this are simply 1) computers are everywhere, and 2) computers can be made to do most everything.I mean, it’s gotten to the point where everything and it’s inanimate kid sister has a computer inside it, running as stripped down linux.

subscribe via RSS