The Worlds First Photograph?


Oldest Photo

One summer day in France in 1826, Joseph Niepce took the world’s first photograph. It’s a photo of some farm buildings and the sky. It took an exposure time of 8 hours. Voila! It must have felt pretty incredible to see the photo back then.

No one’s exactly sure how he did this or what chemicals were used. All that’s known for sure is that the photo is on an 8"x 6.5" pewter plate. It’s so faint it has to be tilted in order for the light to catch it just right, to see it at all. The Getty Museum in California did two weeks
of tests in 2003 in a joint project involving the Rochester Institute
of Technology and France’s Centre de Recherches sur la Conservation des
Documents Graphiques. Then it
went back on display at the University of Texas,
where it’s been on display since 1964. I’m not sure why it’s in America not France, but "hah".

The current theory about how the photograph was taken is that Niepce coated
the pewter plate with bitumen, a petroleum derivative sensitive to light.
After it spent those 8 hours hardening, he washed the plate with a mixture
of oil of lavender and white petroleum. This dissolved the portions of the
bitumen that didn’t ‘see’ direct light, so didn’t harden. Pretty damn clever.
Niepce called his work a "heliograph," in a tribute to the power
of the sun.


Network Equipment Default Passwords

Over at,
Aes has put together a pretty cool database of the default usernames
and passwords for a whole host of network equipment.  When you
turn up at that new work site only to find that you can’t log into anything,
you could do worse than looking up the make and model and giving the
defaults a try!

Check out the list here.  Don’t foget to let Aes know how you get on!

Alternate Lego Building Techniques

I always found that the problem with Lego was that although amazing things could be built, they never fell down in a realistic manner.

With my brother we did the creative destruction using bangers, but this tended to be 1) very loud, 2) damaging to the lego and 3) bloody dangerous to life and limb of 10 year olds. Nevertheless, fireworks did prove an effective way to destroy traditional lego buildings (Video anyone?)

At playtimes, therefore, the object was to decide if either construction or wanton destruction was the object of the play and modulate the build technique accordingly.

Using common 4×2 lego bricks, it’s possible to make constructions that behave in a far more dynamic fashion when blown up \ knocked down \ hit with toy cars. My problem as a kid was always that lego buildings were brill in every respect in every way except for those temporary constructions made only to be creativly destroyed.  creative, realistic destruction and lego don’t go together.  Here is presented a breif ananlysis of other methods for building with lego to construct more deformable buildings.

Use explosives
Pretty effective technique for reducing lego buildings to constituent parts.  Carries side effects such as extreme noise,  bloody dangerous and tends to both leave scorch marks on the lego and break the parts into smaller pieces than intended.  Much smaller. Many of what are now my sons lego blocks carry residual burn marks from my own experiments as a youngster.

Sideways block building
The technique is simply to ensure that the building rests together.  make the walls by having the studs on the side.  Looks best when the studs face outwards.  Interlock the blocks like normal.  Use short blocks.  If you are patient, use ‘thinnies’ like 6×1 or 4×1.  insert doorframes and windows in the correct orientation.  use the long technics bars for joists.  Be patient with this method and it will pay dividends.

Sideways block building has the potential to provide the most realistic results.  It should be completely feasible to built 2 or 3 story buildings.  Fully sloped roofs will be hard though.  perhaps hybrid the technique with the playing card method.

At destruction time, you will like the results: those technics roof beams fall in a most realistic way. 

Playing Cards
In this Technique, use playing cards and 2 x 4 bricks on end to build large open structures which deform most marvelously.  Use the blocks sparingly: spared them out at the corners so that one brick can support 4 card corners.  Fill in the walls with upright blocks if necessary, but I find that huge carpark type building look great when open.

In the past, buildings of 20 floors with 6 packs of cards have been built and demolished. 

CD floors
Pretty much the same as playing card floors really, but use those AOL CD’s instead.  Pretty easy to build free standing structures as tall as a room: say 12 feet with no problem. Careful when it comes down: CDs falling from ceiling height can hurt a bit

Destruction Techniques
Apart from the earlier mentioned method for desposing of standard lego structures, I generally find that the best way to ‘blow ’em up’ is to chuck 2×2 squares at them.  these tend to cause just the right amount of damage without it taking too long.
More recently, I’ve been using a BB Gun equipped remote control tank.  Marvellous!

Harbin Snow and Ice Fair 2005

ImageThe air is so cold it freezes your stinging tears to your face; the sun
is so low it escapes to leave you in darkness by mid-afternoon; the
trees are so gray, barren, and hard they could be concrete; the river
ice is so thick it actually supports entire buildings.  This is
Harbin, China’s northernmost (and easternmost) metropolis. Over 17
years, as this eight-meter-high horse sculpture indicated, the festival
has grown in size, complexity, and elaborateness; where the snow
festival had a single massive sculpture before, a handful of these now
appeared.  This year’s snow festival was officially called “The
17th Annual China Harbin Sun Island International Snow Sculpture Art
Fair.” more

Mambo’s Developer Team Breaks with Miro

The developer team for Mambo, (the leading CMS which runs the TurboTas site), has left
the project over a dispute with Miro, the copyright owner. It seems Miro
setup the Mambo Foundation in a much different way than the developers
expected, as they explain in the story link.

The reason for this is the announcement
earlier this week that Miro was working on the ‘Mambo Foundation’. One
of the main reasons for this announcement is the fact that this
foundation was to be formed without consulting the actively involved
community members such as core developers, 3rd party developers,
translators, documentors, etc…

Since Miro hasn’t been active in the community at all for some time now, it seems they are just trying to cash the latest success of the CMS at LinuxWorld SF.

At the moment all ‘troops’ are gathering at, where it has become clear that the future of the CMS is secured.

The majority, if not all, active community members support the core
developers team in their decision and wish to release a first stable
version of the new CMS, formerly known as Mambo.

Go to the forums on and you will see all kinds of
things happening there. The head developer sent a letter to the
community to let then know the status. See for the letter and all of the details.

Unix Lab at Bell Disbanded, Bye bye Dept 1127

In 1969, UNIX was created at Bell Labs.

For decades, the source of the AT&T dialect of UNIX
came from the researches of workers in department

When the "Baby Bells" split from "Ma Bell," department 1127 survived. When
AT&T and Lucent split, 1127 survived.

But the new reorg at Bell Labs finally breaks up what’s
left of 1127 entirely. Theory people will go to one place,
systems people to another, I’m told. I’m not sure what happens
to those who fall in neither camp. There was no malice, so far
as I can tell — just an administrative reorg forced by recent
cutbacks and layoffs and departures that left the whole research
area with too many managers and too few researchers.

Ken Thompson retired to California.
Brian Kernighan is a Professor at Princeton.
Doug McIlroy is a Professor at Dartmouth.
Rob Pike and Dave Presotto and Sean Dorward are at Google.
Tom Duff is at Pixar.
Phil Winterbottom is CTO at Entrisphere.
Gerard Holzmann is at NASA/JPL Lab for Reliable Software.
Bob Flandrena is at Morgan Stanley.

To the best of my knowledge, Dennis Ritchie and Howard Trickey
remain, enisled.

A former employee at 1127 remarked:

"My take is that 1127 probably reached Schiavo status when Rob, Presotto,
et al. fled west to Google.
"But it’s still sad to see the final demise, both of a
particular institution and as a further nail in the coffin
of the sort of research environment Bell Labs once represented."

That may be the worst effect. DEC Labs are gone. XEROX PARC
transmogrified into "Palo Alto Research Center Inc." on 4 January
2002. It’s a waning of research potential.

Ave atque vale, guys. "And thanks for all the fish."

Peter H. Salus

SCO LKP Module contained…. Wait for it… Linux Code

It’s really worth reading the Deposition of SCO Employee Erik W Hughes. He confirms that the Linux Kernel Personality
did indeed include Linux kernel code, and as a result, both UnixWare
7.1.2 and 7.1.3 included Linux kernel code until May of 2003.

Remember that to have done so such
inclusion would have to be under the GPL — yet the question that is
left unanswered, tantalizingly, by the deposition is this: in what way
was the Linux kernel "included" in LKP? Did the UnixWare kernel somehow
make use of the Linux kernel binary? If so, how — and would the use be
intimate enough to have created a "work based on the program" as the
GPL puts it? If not, how was the kernel "included"? Was kernel source
code reused in the UnixWare kernel, as one anonymous source  claimed ages ago? Firm answers to
these questions cannot be gained from this deposition alone, but IBM probably does know, and
we’re definitely getting warmer. And more and more, it looks like SCO’s
goose is cooked.

No wonder SCO is now talking about trying to
survive as a tech company even if they lose the litigation. It also is
now apparent why SCO tried to say the GPL is unconstitutional, void,
voidable, etc., anything to try to make it not be binding on them.
Please don’t anyone ever again tell me that we don’t need the GPL. Look
at the role this champion license has played in SCO v. the World.

Source: Groklaw

So how easy is it really to crack a WEP key?

I keep reading all those articles that decry Wireless as an insecure
pile of old pants.  I thought it would be interesting to actually
try and crack a WEP key just to see how easy it really is.

Generally I err on the side of caution so the traffic on my home
wireless network is also encrypted using SSL and there is a firewall to
prevent any old oik using my internet bandwidth.  I also use MAC
address filters and have any security options that my AP and NICS both
support turned on.

Nevertheless I though it would be smart to try out some wireless attack
techniques.  This is the first article of a series of Practical

I began with my home network up and running normally with my AP set
not to beacon, with 128 bit WEP enabled and a single workstation
running which I’m using to surf normally etc.  MAC level security is enabled so that only designated stations can talk.

The toolkit I used to undertake this project is Security oriented Linux
distro called Auditor.  In a second laptop with a supported NIC, I
booted the Auditor distro.

Once Auditor was booted and running, I made some writeable space I used
the ramdisk as it seemed pretty big.  Next I set up the wireless
card into monitor mode (this is the radio equivalent of putting the NIC
into promiscous mode: it captures averything).

The hack itself was a three stage process:

  • Start sniffing the network capturing packets to file
  • Start retransmitting sniffed packets to cause the IV count to rise
  • Once we have enough (100K+) IV packets, start a crack program to recover the WEP key using the sniffed packets as a source.

I started capturing to a file using the airodump program:

airodump ath0 capture.cap

As well as capturing to disk, the very handily showed the number of
packets captured and specifically the number of  IV packets

Next I ran the aireplay program:
aireplay -i ath0
This began capturing from the network and displayed suitable packets to
transmit.  The trick I found was to select a packet vith the
correct BSSID and which was not addressed to the broadcast
address.  When the IV count did not start to go wild, I just
stopped aireplay and ran it again.

Aireplay caused me a few problems as every few hundred packets the
whole AP seemed to fall over.  The fix seemed to be to ensure that
the laptop that was using the AP remained nice and active and to limit
the transmit rate for aireplay.  Without this change the attack would not have suceeded as the IV count stopped rising.

After around half an hour of fiddling around I had 150K of IV packets captured, so I started the crack program:
aircrack -q 3 -f 2 capture.cap
Aircrack loaded the packets containing the IV’s and commenced a much reduced exhaustive attack.

When I say much reduced I mean that the WEP key was printed on the screen in a little under 6 seconds.

From secured AP to open network in less than an hour.  I guess
it’s now obvious that WEP is not man enough to protect your
network.  Don’t assume that WPA is any better though.  Check
back soon for for articles in this series: coming up soon is a long range attack using a high gain antenna.

TurboTas 2005

Disclaimer: Please note that I tried this technique on my own
network.  If you try this on a network which you do not have
permission to use, you risk prosecution!

125 Miles is the new 802.11b record

Four young amateur radio operators from Ohio were again dubbed world
champs of long-distance wireless networking at the annual DefCon WiFi
Shootout. These guys more than doubled the 55.1 mile record they set
last year. Way to go!

All day Friday and through the night Team PAD
braved rain, lightning and winds over 30 mph to setup and test their
equipment at their mountaintop base outside of Las Vegas, Nevada. On
Saturday July 30 at 11am they successfully made a 125 mile link using
802.11b and ran network applications with their remote team in the
mountains West of St. George, Utah.