Sitwon

The TrackPoint mouse is actually one of the main reasons I still like ThinkPads. I could write pages about why it's fantastic, but the bottom line is, if you don't want it, you can pull it off. The cap is designed to be replaceable (in fact, you usually get a couple of alternate caps in the box). Just pull off the cap and pretend it's not there. I don't know what to tell you about the Enter key. Never bothered me. In the IBM days there was a lot of thought given to the color scheme. For example here's a bit of trivia: that TrackPoint cap looks red, and if you ask anyone they would probably call it red, but in the design specs at IBM it's actually labeled magenta. Look it up.

In general, the T Series has always been the flagship of the ThinkPad brand. Start there. I was a huge fan of ThinkPads for many years, even after Lenovo bought the brand. However, I feel like some of the most recent models are beginning to deviate from some of the design choices that originally drew me in. It's unfortunate, but they're just following the rest of the industry.

Yea, using the 'tail -f input | nc -l -p 1025 > output' with 'cat output' in another terminal certainly works to start the server. The behavior of netcat on localhost should be identical to the behavior from a remote host, barring any interference from external sources such as a firewall or intermediate network device. As far as netcat is concerned, a socket is a socket is a socket, regardless of if it's coming from the lo device or the eth0 device. There are patterns out there (use google) for using netcat to build proper servers (such as web servers) in bash. You should probably look at those examples, rather than banging your head against problems that others have already solved (several times over).

Sorry, that was a typo. I did actually run it as 'mkfifo output; nc -l -p 1025 > output'.

That is strange, because I am able to connect just fine. I run 'nc -l -p 1025' in one window, and then 'nc localhost 1025' in another window, and I can connect and send data back and forth. Similarly I can run 'mkfifo output; nc -l -p 1025' in one window, 'cat output' in a second window, and 'nc localhost 1025' in a third window. It works the same except that nc's output is redirected to the second window. I get the same behavior with 'nc.openbsd' (netcat-openbsd-1.105-x86_64-2_SBo), 'ncat' (nmap-6.40-x86_64-1), and 'netcat' (netcat-0.7.1-x86_64-1_SBo). Well, ncat also listens on IPv6, but otherwise the behavior was identical (including not listening until I cat the output file).

Does 'netstat -nlp | grep 1025' show that nc is listening on port 1025? When I test it as Cooper suggested I notice that netstat shows 'nc' is not listening on port 1025. Interestingly, 'nc -l -p 1025 > output' also doesn't appear to be listening... until you run 'cat output' and then netstat shows that it is listening. It would seem that nc does not actually start unless the other end of the input and output pipes are actually attached to a process. What is the usecase for using fifos here?

Sure, both are easily defeated, but that's basically true of everything. There are some very easy ways that someone could make it very difficult for you to determine which websites they are visiting. But the original question didn't seem to assume any intentional obfuscation of traffic. If you want to go after intentionally obfuscated traffic (like Tor or I2P) then you're going to have to work much much harder than I'm prepared to describe in a forum post.

You have a WiFi Pineapple Mark V. You also have a laptop, right? Is your laptop connected to the Mark V? What OS are you running on the laptop?

Some home routers will keep a log of websites visited for you. Or you could configure your router to specify a different computer as your DNS server and log the DNS queries.

I just picked up a RasPi B+ tonight for a small project (because I can walk into a Microcenter and walk out with one, can't say the same for other boards like the BBB). Raspbian seems to work just fine on it, from what I can tell so far.

There's an old proverb in this industry, "Linux is only free if your time is worthless." That said, if you have a modicum of competence you should be able to get it installed and working as you expect.

This is a better way. Killall can be a very blunt instrument. If you can know the PIDs, you should just kill them directly. #!/bin/bash Command 1 & C1=$! sleep 720 # 720 seconds = 12 minutes kill -9 $C1 Command 2 & C2=$! Command 3 & C3=$! Command 4 & C4=$! sleep 600 # 600 seconds = 10 minutes kill -9 $C2 $C3 $C4 while true do Command 1 & C1=$! sleep 720 # 720 seconds = 12 minutes kill -9 $C1 Command 2 variant & C2=$! Command 3 variant & C3=$! Command 4 variant & C4=$! sleep 600 # 600 seconds = 10 minutes kill -9 $C2 $C3 $C4 done If you want to get fancy, write a function to abstract it. #!/bin/bash function timedRun(){ TIME=$1 shift $@ & PID=$! ( sleep $TIME ; kill -9 $PID ) & } TIME1=720 TIME2=600 while true do timedRun $TIME1 Command 1 sleep $TIME1 timedRun $TIME2 Command 2 timedRun $TIME2 Command 3 timedRun $TIME2 Command 4 sleep $TIME2 done

If I had to guess, the problem likely had to do with leading whitespace being inconsistent. When programming in Python you should always use an editor that visualizes whitespace so that you can distinguish a tab from the equivalent width of spaces. Visually they may look the same, but to the Python interpreter they will look very different. I generally prefer to use Vim. The following lines added to your .vimrc will help you out: set listchars=tab:>-,trail:- set list On Windows, I will sometimes use Notepad++. Look for the button with the Paragraph icon. (It looks like a backwards P with two vertical lines.)

The application of the law has much less to do with what might actually be happening, and more to do with the judge's impressions of people's likely intentions and common sense. For example, the whole "reasonable expectation of privacy". What is "reasonable" is entirely up to the judge's discretion. If the judge thinks you've violated a persons "reasonable expectations" then you're guilty. It's unsafe to make assumptions about what is or isn't legal under the law based on an informed and rational understanding of the technology. The prosecutors, judge, and jury will not have such luxuries, and their resulting decisions may seem arbitrary.

Yes. I should have clarified that my post was based on the assumption that you had already positively established that they were intent on committing a crime. If there is any ambiguity, please avoid jumping to conclusions. Someone having a WiFi pineapple sticking out of their bag, or even sitting on the table next to their laptop is not proof of illegal activity. That has been me and the other members of the Project Byzantium team on more occasions than I can count. We weren't doing anything illegal, just meeting up at a cafe to hack together on mesh networking for emergency response. @jmelody, if you think you need to be worried, I'm brown and commonly mistaken for middle eastern.

There are numerous frameworks that are specifically designed for automating web browser interactions. Perhaps the best known is Perl's mechanize library and its derivatives/ports for other languages. But depending on the page in question, you might be able to get away with just using 'curl' to push a form at the AP.

One way to do it would be to use an SSH tunnel. $ ssh -D 8888 user@pineapple Leave that session open. Configure your browser to use localhost:8888 as a SOCKS proxy. Register with the welcome page (also known as a "captive portal" in the industry). Edit: This obviously requires the use of a laptop, or another device that allows you to create SSH tunnels and browse through a proxy.

I watched Algorithm at HOPE X. Honestly, I didn't like it. It was well-made for an indie film, but it just wasn't good. I didn't find the story to be very "real" nor compelling.

1. Collect as much evidence as you can without alerting them. 2. Inform the owner of the establishment, or whoever is in charge. 3. Inform the police (and follow their instructions.) There is an interesting philosophical question of whether you should disclose first to the patrons who may be getting pwned, and in so doing alert that attacker that they have been busted. Alternatively, you could discretely inform the relevant authorities and ensure the attacker gets caught and prosecuted, but in the interval you are putting the patrons at risk. In my opinion, it is better to see the criminal go to jail and be punished in this case, as their ability to do harm in the interval is fairly constrained, and once charged they can be held accountable for what harm they may have caused. Conversely, if I noticed someone with weapon who clearly intends to cause violence, I would warn people first, even at the risk of the criminal escaping.

Short answer: Yes, it's possible. Longer answer: I don't have my pineapple in front of me so I can't give you the step-by-step instructions, but at it's core it's simply a Linux system with some custom scripts to manage the configuration. If you're familiar with Linux networking you can manually configure any kind of network setup you like. I've done mesh networking with a Pineapple.

That's an electronics schematics diagram. It uses a standard set of symbols to represent various components of an electronic circuit, and it represents connections between components using lines. (The physical arrangement of the components may differ from the diagram, but the logical arrangement will be constant.) I realize that probably sounds obvious, but I say that because a good starting point is learning what the various symbols represent. Once you understand which symbols represent which components, you will want to learn what each component does and how it works. After you know what each component does, then you can learn about combining them to produce different behaviors and learn to read the diagrams. There are books and tutorials and Youtube videos that describe all of this, but personally I would suggest finding a local Hackerspace or Makerspace. Someone there should be able to sit down with you and walk you through the basics of electronics and even teach you how to use a breadboard or a soldering iron to build some basic circuits. It's always good to learn new skills with hands-on exercises.

Anyone else in NYC this weekend? Hit me up!

Oh, H+ is another good one. Not really a movie so much as a YouTube series. https://www.youtube.com/watch?v=ZedLgAF9aEg&list=PLE6A2F3ACDDA10C28

The MkV is running a stripped-down version of Linux on a different processor architecture compared to Kali Linux running on your desktop or laptop. If you tried to run Kali packages on the MKV they would likely not run at all (because they are compiled for a different kind of processor) or be missing a lot of dependencies. It is possible to setup a cross-compiler and build modules for the MKV from your desktop/laptop, but porting software can be a pretty tedious process.

Well that's exactly what it allows you to do. It allows you to monitor the traffic going across the line, passively. There's no way for the device on either end of the wire to detect that it's there (short of analyzing the current sag), but you can read or inject any traffic directly on the wire.