Feb09,2011

From Idea Meetings
Jump to: navigation, search

Agenda[edit]

  • Project time during meetings
  • MeshMesh Update
  • ASC voting system sucks (electoral reform)
  • livestream - our own channel
    • I got already a channel up focusing on streaming Free(CC) material, anyone want to get onboard? Fabianhjr 12:49, 9 February 2011 (PST)
  • LEDs in Africa

minutes[edit]

Internet Usage Overage Prevention Tool[edit]

Lisa asked Will about packaging his overage-prevention solution that he created for his parent. Will said it might be skookum. Requires Ubiquity M2 hardware (~$100)

  • Chinook - West Coast Native American trade language words:
    • skookum - desirable and good solution
    • hyah muck a muck - high chief - derivation of "High Muckity-Muck" in ENglish

Internet Usage Statistics Tool[edit]

Chris Parsons told Herb Lainchbury about Kris Constable's idea to form a group of experts (with a really long name) for keeping the internet secure, reasonable, etc.

  • Chris's internet usage tool would fit in nicely with that. He is still hoping to have it built. Will described the 3 parts of the tool he's building.

1) server component for people with enough bandwidth and good low cost internet connection. Takes an OP with lots of ports.

2) flash application

3) master server with list of people running it.

  • Master finds folks, does port scan. Then connects to randomly chosen number of ports and shoves data back and forth. See if it decreases, or what if open lots of connections that mimic peer-to-peer.
  • Would like to do traceroute, but browsers don't support/allow traceroute from clients. So instead use paratrace - does traceroute in revers.
  • maybe can see jitter, hops, latency (in one direction).
  • get those stats and package them up and send them to the master server - along with who connected and the bandwidth.
  • include/involve Steve Anderson - the fellow championing Stop The Meter.
  • Will suggested a flash imbedded tool to help it spread throughout the internet. e.g. Herb could put it on the OpenDataBC website. When some one runs the widget on OpenDataBC it would load to the client's browser, then communicate with the server, get instructions for tests (nodes, etc.), run those tests, then send the results back to the server.

MeshMesh[edit]

Something Chris P. thinks would be fabulous. Independently massively monitoring bandwidth of individual. E.g. Bell Canada today noted their sottware was ineffective at tracking charges. Why would they admit to that? Must've gotten caught. AT&T was caught - iPhone user doing no using at all but getting charged.

  • WiMax cap 25/G - make sure meshmesh not go over so as not to cause problems for the folks providing the nodes back into the internet. I.e. - legitimate need to monitor. Could report that data back.
  • Deep packet inspection deployed by Bell Canada for billing, but not working too well.
  • Stage 2 - othe rinteresting variation - desynch of protocols. Battle already fought in interusion detection of exploits. Beatable.

Liam noted that MeshMesh is operational.

Security, Compliance[edit]

New fellow showed up and held forth about security and compliance work he's been doing and done, eliciting vast quantities of interesting commentary from the other security folks in the room.

  • Guy - I break into things for a living.
    • Penetration testing. HIPA. Provincial government privacy, etc. Companies have a legal requirement to do due diligence so if dealing with PII you must show you are compliant. PIPA = Canadian HIPA.
    • Transfer between HP/EDS and EDS Advanced Solution (Canadian) took agency and supported initially Min Finance (tax and RMS). 4e9$/year going through that app. Transfer technology from workplace technology services (the IT branch of the whole province of BC). Guy did business continuity and such for B.C. Working on a project now as a result of the transfer being somewhat mismanaged in that a lot of corporate knowledge was lost. New business analysts trying to reverse engineer how everything works. 3 class 3 networks, 3200 subnets, ~8000 line ACL all managed...MANUALLY!!!
    • recommended BCBids - RFPs and RFQs and bids.
    • GRC - doc of business process. Uses BPMN (XML for business processes). Can even create a program using BPMN. Will already outputting to XML so maybe can integrate with this new format.
  • Long diversion into discussion about the HPGary news.
    • Mark Vicinovitch Zero Day. Greg Hogland - did some good work on security but hacked anyway.
    • HPGary said had infiltrated anonymous. So anonymous hacks them - releases 60k emails. Social engineering got access to a laptop. Email to firewall admin - knowing root account password asking can you open up a port for me. Admin does, thinking it's the president of the company. Game over. Took over twitter account & said wouldn't give it back unless he did various silly things. Best reporting is at DailyKOS
    • anonymous DDoS'd all the folks that stopped supporting wikileaks - nailed Visa, MasterCharge. Tried to take down Amazon, but Amazon has more bandwidth than god right now.
    • FBI started kicking down doors - made 'em madder.
    • Asange sort of dictatorial paranoid delusional. Even worried about people who AREN'T out to get him.
    • internal politics of wikileaks is maddening. Collateral murder.
    • ioerror on twitter - US member who figured out the freezing memory trick.
  • Short diversion into church drupal templates and sermon sales.  !!!
    • Drupal templates for churches are quite good.
    • sermon texts provided similar to "write my term paper" - name the topic, get a sermon - outsource to India.
    • Liam mentioned the confession app. Vatican came out against this.
    • web based raiki? Maybe on the smartphone? Will threatens to build this if he can't find a job.
    • Guy pointed out that there have been leukemia clusters near power lines. Most everyone else pointed out that you have to be directly under or otherwise very close (inverse square law) to a high power line to see this effect, but it is real. Barbed wire fence along power lines can electrify the fence. Causes a noticeable drop in the power transmitted.
  • Will noted he had trouble getting his touch-sensitive phone to sense his touch. Liam noted that there are etouch gloves for this. Pointed out Will would only need one. Will said he could cover the one glove in sequins and be the coolest guy ever.
  • whalemeat reported to be really tasty...

Introductions[edit]

In light of the new attendee, we went around the table introducing ourselves.

  • Lisa - American, Oracle DBA, up helping her 92-year-old step-dad. Hoping to become a landed immigrant. Enjoying Ideas Meetings, Makerspace, Hackathons.
  • Will - Cansec West organizer. Was doing penetration testing. Mostly does static analysis of source code and binaries. Checks for and assists with refactoring for scalability and performance. Usually goes into vertical market, refactor an fix code base with or without security vulnerabilities or scalability. Working on MeshMesh. Board member of Makerspace and Ideawave Conference.
    • March 10-11-12 ballroom size faraday cage. pwn2own part of cansecwest. $125k in prizes. All major browser manufacturers. Google added $20k for chrome. Does not have the economy of scale to make badges as cool as the ones at defcon.
  • Herb - software developer. OpenDataBC founder. Architect. Self-employed.
  • Dave - manages data warehouse for govt for day job, entomologist by training.
  • Liam - MeshMesh. IT Support Specialist. Office stuff - really easy. Drupal on the side.
    • a buddy told him he charges $300 to set up a website using joomla templates.
  • diversion on the VIatec launch party... Suggestion of having two fb pages - one for work, one for non-work. You may or may not want your family to post to one or both...
  • Chris - whale watching captain. Seasonal job. Summer yes, winter no. Marketing and small innovation projects during winter months. Nonprofit with Coast Guard Auxiliary. Victoria Marine Rescue Society.
  • Guy - GRC consulting compliance regulatory aduting. Break into things. Try to help stuff work better. Hihg brpofile clients. 1984 he first touched a computer. Dad was a unix guy. Likes to hike, interested in alternative medicine. Suggested Chris above hook up with Brock Henson - Saanich emergency preparedness program. Communication team. wireless site. Supports the EOC (emergency operations center).
  • Chris Parsons - doctoral candidate at UVic PoliSci. Studying technologies, policies on provacy and surveillance. IT services involved or not in monitoring and mediating communications. Key tech fetish for dissertation is deep packet inspection. Comparative analysis between Canada, US, and UK.
    • He was guest lecturing today. Students ask him - "My >>roommate<< uses peer-to-peer...what can 'they' see?" The students are largely clueless about the social political implications/effects of technology. He gives the "Shock and Awe" lecture on network technology.
  • Ernie - local network support and setup in Victoria. Pioneered with maintenance packaging. Makes sure backups are happening. Remote administration. Off-site over-the-internet backups. Phase two - all done remotely. Branching out so can travel. Using server farms. Hoping not to have his business model destroyed by UBB. Bought a remote backup company. Backups encrypted.
  • Kris - ... (man of mystery - our fearless leader - fresh from punch-tasting... Spelling of his name story may have been wikileaked...)
    • next week speaking on transborder privacy and security issues politics. Reboot comm conf gov't people in privacy and security. This year he's speaking on "The Naked Traveler" panel discussion with 5 people on it. Trying to focus on an area not so much covered - the economic impact.
    • Still researching it. Latest announcemnet from feds creating new scanner less x-rated. New border security deploying and not deploying back & forth. Supposed to re-allow nail clippers. Small pocket knives have already been re-allowed.
    • long diversion into allowable weapons, murder rates, Russians in Saskatchewan, corkscrew in the eye, platic knife plus pitchfork-size fork combo humor. Weapon vs tool - depends on intent - determined by the police on the scene.
  • Tyler - punch testing. Software developer, database-ish lately. At least partly responsible for Awesome Shit Club. MeshMesh co-instigator. Makerspace. OpenDataBC developer.

OpenDataBC[edit]

  • Next Hackathon will be Feb 19/20 - the weekend before the ideawave conference. Not yet sure where. Has locations for March, April, May.
  • created Open Usability Index.
    • Usability doc. Get away from opendata or not label - focus on usability instead. Must satisfy three things to be truly open, but few can score true on all three, but want to give credit for at least partway.
    • Created spreadsheet with sample weightings.
    • pushing these docs out to the OpenDataBC google group (around 80 members) including some high profile folks. (and to the Open Knowledge fellow who asked to see it)
    • rating the datasets does not require too much technical sophistication. Folks interested in helping provide feedback to the Provincial government only have to go in and look at the doc. Anyone can participate. The gov of BC brought 10k datasets to the hackathon before last. We've rated (mostly Dave) 3700 at the last hackathon. (Dave Nikolejsin - Citizens Service Deliver)
  • Will send out to google group and dates for the next year in advance.
  • Guy suggested contacting Nikolejsin. Herb has.