God of War
Hideo Kojima’s new game w/ Norman Reedus ‘Death Stranding’
The Last Guardian
Resident Evil 7
South Park: The Fractured But Whole
Coffee grinding results can vary widely from device to device; a fact that most coffee drinking consumers disregard daily. Caffeinated coding sessions in college were frequently fueled by my trusty Mr. Coffee maker & accompanying Mr. Coffee grinder. Most people are familiar with these affordable Mr. Coffee grinders; I know I accumulated roughly three of them moving from apartment to apartment:
The Mr. Coffee grinders provide basic bean grinding functionality in the form of a chopping blade similar to that of a traditional blender, with about 4 blades at the bottom of a cup/chamber. Designed with the blades on the bottom, you needed to move the beans around to get a somewhat consistent grind, I always felt the need to shake the Mr. Coffee grinder up and down as if I were Tom Cruise in Cocktail. The shaking technique probably does not help preserve the longevity of the grinder, but as I mentioned I always seemed to have a spare one on hand should one malfunction. These blades ‘chop’ in a way that creates heat and simply does not do justice to the bean, burr grinders on the other hand are more similar to crushing or cracking the beans. Using a burr grinder will actually result in a much better tasting coffee! I know, it’s hard to believe.
Counter top coffee grinders are capable of delivering a much better grind if you have enough room to spare. After a long time with my trusty Mr. Coffee grinders, I caved about five years ago and picked up a proper countertop burr coffee grinder that isn’t all that expensive ($47 at time of posting):
The Cuisinart DBM-8 works as expected, it is easy to adjust and can store an average bag of craft coffee beans (10-12 ounces) in the top load hopper. There are many coarseness levels to choose from to match your preference and brew vessel (coarse/french press, medium coarse/chemex, fine/turkish, etc). The only negative that comes to mind is that the plastic container that stores the ground coffee is a bit pron to electrostatic cling, so you may need to knock out the coffee build up from time to time.
Portability matters most when you are interested in bringing a craft coffee kit with you outside of the home. I will often bring a french press with me camping, and typically have an Aero-press for mid-afternoon coffee fix at work. Whether you are at the camp site or the office, an electric powered grinder is probably too loud and awkward to function. Rather, hand powered burr coffee grinders are a great choice for quiet grind on the go. Hario is a great Japanese company that makes various coffee brewing devices, grinders, and accessories. If you have not heard of Hario in the past, I highly recommend you check their products out.
The Hario Ceramic Coffee Mill Skerton was my first portable hand powered coffee grinder:
Ceramic makes for a great grinder material as it guarantees an efficient transfer of power and also stands up to the test of time more so than metal based counterparts. The Hario Skerton is visually pleasing with a glass dom, rubber bottom and large powerful crank arm, however it is not the most portable device and could be awkward to fit in travel bags due to the bulbous shape.
California Home Goods, a company that I have not heard of before, makes a portable ceramic coffee grinder product that appears to be well received with 4.5 out of 5 stars with over 120 reviews on Amazon ($17.95):
The design is by no means unique, as a search of the Amazon store for ceramic burr coffee grinders produces many similar looking products. In my opinion the design appears to be knocking off the Porlex Mini Hand Grinder ($43.92), however the California Home Goods model costs about 60% less!
The California Home Goods ceramic burr grinder performs very well and is capable of grinding roughly the same amount of beans as the Hario in roughly the same time. Where the Hario and C.H.G grinders differ is largely in:
- Price- The California Home Goods Ceramic Burr Gridner is substantially cheaper ( $17.95 versus $25.49)
- Size – The Hario burr grinder is much larger and less portable, whereas the CHG grinder fits perfectly in the center of an Aeropress coffee maker. Fitting inside of the Aeropress means you can save some room in any travel bag you may have for your gear, such as a Poler camera cooler
Europe, OWASP AppSec EU 2014, Raspberry Pi B+, Security Cameras, NoIP & Website Improvements (Now featuring SSL!)
Backlogged on my tech project list for far too long; I have finally got around to implementing SSL on this blog 🙂 Unfortunately/Fortunately I am very busy coding Ruby, training new Security Engineers, doing the needful (kindly), or generally hacking away on InfoSec projects most of the day at my place of work, Amazon.
Maker projects, Linux projects, and general tech projects are occasionally squeaked into my schedule however, if only to prevent me from going bonkers! Thanks to my friend Ashrabi I have one of the new Raspberry Pi B+ models in transit as we speak, I can’t wait to tinker with the latest hardware and see what projects can come from it.
On the Road
Over the past few weeks I have traveled to various international locations for work(England, Ireland, Germany, etc). Trips like these offer a great excuse to stress test my multiple security camera projects that I have worked on over the past few months.
In real life, I can say that Foscam’s product offerings are top-notch and worthy of the hype. The 720p unit I picked up recently off of Amazon.com supports Pan/Tilt/Zoom, Infrared night vision, dual way audio and even comes with free dynamic DNS access to boot! Checking in on my 2 crazy dogs while traveling was extremely easy using the Foscam device + ‘Tiny Cam Monitor Pro’, an android application available on the Amazon App Store for a dollar or two (but typically on sale due to it’s popularity!). I use tinycam monitor on my Kindle HDX and Note3. Password authentication, SSL certificates, and firewall configurations are all presented within the Foscam GUI Web configuration interface, helping security minded neck beards sleep easier.
Open Source software project ‘Motion’ running on top of a RaspberryPi also produced pretty great motion-detection results for me throughout my travels: catching an apartment maintenance worker entering my apartment (for a scheduled inspection), but accidentally leaving the lights on! Well thanks to Motion +RaspberryPi I was able to catch this honest mistake, inform the apartment management, and promptly had the lightbulb in question turned off, with both visits caught on camera in 720p video/stills 🙂
AppSec EU 2014
OWASP AppSec EU 2014, a yearly security conference in Cambridge, UK, took place at the end of June; yours truly in attendance. Various global security professionals made for a fantastic week of training, seminars, and tech talks that kept the audience informed, impressed and entertained. Of particular interest to me were a few DevOps based lectures, WebApp Security training platforms, BotNet/Malware related PHD researchers, and a thought-provoking speech by GNU’s own Richard Stallman.
Two BotNet researchers hit a topic that is very close to home & headlines as one of my favorite Dynamic DNS providers (NoIp) was recently taken down by Microsoft in an attempt to squash Botnets. Without prior warning from Microsoft, NoIp witnessed as some of their most popular domains were seized. Good intentions don’t always equal good results however, and Microsoft’s takedown of NoIp domains caused large scale outages in many legitimate services such as some of my own tinker raspberry pi projects. Microsoft’s approach at identifying those BotNets may not have differed from that of the Anglia Ruskin University PHD Researchers that I witnessed at OWASP AppSec EU, as a common technique for identification and analysis of BotNets increasingly relies on Domain name Generation Algorithms (DGA). DGA approach to BotNet research involves the analysis of domain names focusing on the predictiveness or randomness of a given Domain name. Humans will typically use dictionary words, their own name, company name, or something else with a somewhat predictable and ‘standard-ish’ naming convention. The approach taken by BotNet command and control (C&C) servers typically looks much different, with domain names appearing like a mash of the keyboard with long strings of random characters and numbers. If my website Domain name was “geareagaergearanea242624.ddns.net” would you still visit me? Ha! Yea I guess not :p
“Why are BotNets/Malwarez increasingly taking advantage of Dynamic DNS providers like NoIp?” you may ask.
Well, Botnets and malware have evolved through three basic stages of distribution/communication over the years. Baby botnets of the past, typically communicated via IRC channels; these are relatively easy to block from a networking approach (blocking whatever standard IRC ports that are being used via Firewall rules).
Pre-teen /angst filled bot nets, or the 2nd generation of botnets, changed their communication approach to mostly P2P communications on random high ports, this is actually how the early versions of SpyEye and Zeus communicated. P2P had its own problems, in that it was relatively easy to identify a compromised host, and within a very controlled environment such as a Virtual Machine you could purposely become part of the P2P botnet to study and analyze the behaviour of said botnet.
Finally after some growing pains and evolution, the most recent generation of BotNets (such as newer versions of SpyEye/Zeus) seem to have migrated towards http Web-based propagation and communication. BotNets using common web ports like 80 and 443 can successfully evade traditional firewall rules that block IRC, P2P and other usual suspects.
Botnets + SSL
Also, helping the BotNet master minds: newer versions of TLS support the use of certificates that call out a Domain instead of a traditional static IP address. This means that a botnet using Dynamic DNS can communicate also using SSL, and stand a pretty good chance at evading traditional detection from prying eyes! Clever Girl How about I just obfuscate my BotNet names by adopting a domain name generation algorithm/ convention using IMDB actor names? Or how about predictive/preemptively purchasing those domains to sneak up on them C&C servers!?
NoIp’s outage only lasted a few days, with the two companies coming to some sort of ‘settlement’ and a public notice placed on the homepage of NoIp apologizing for the disruption. Building security cameras, controlling botnets, or enhancing the security of my very own blog; it is funny how all of these topics flow and relate to each other in some small way or another. Occasionally it is nice to take a look back at your personal studies, work efforts, and community involvements to see that everything is connected. You always have more to learn. It’s for these reasons (and more!), that I really enjoy being a life long nerd making technology a part of every minute/hour/day.
Bikes, beers and dogs
occasionally though, some relaxation is required. So after a long month of traveling via Planes, Trains & Automobiles an injection of ‘merica was necessary after arriving back in the Pacific Northwest. To satisfy this urge, much BBQ Chicken was had from RoRos in Freemont, hoppy IPAs & shitty beer Rainer / Olympia was acquired, dogs were hugged and a gnarly mountain bike trip to Sandy Ridge Oregon sealed the deal. Now if someone can just turn down the temperature in Seattle this week would be just perfect!
Pics (or it didnt happen)
Posted from WordPress for Android
Just a reminder that most (if not all) Android devices come with Android Device Bridge (ADB) and that this easter egg is often your fastest way to utilize the handy swiss-army-knife tool that is ADB. This is very handy for those people who don’t have a Windows Machine laying around, or maybe people that don’t want to tinker with their PATH variables and 3rd party ADB programs downloaded from RapidShare :p
While I love my RaspiberryPi based OpenElec XBMC 13 machine, the RaspiberryPi hardware is severly limited with only 512mb of RAM, mandatory MPEG license for an extra fee, and no 5ghz WiFi capability without an extra dongle.
The new Amazon FireTV device is a hardware powerhouse with 2 gigs of RAM, built in dual band WiFi, and a totally awesome interface and feature set that only the Amazon Forked Android can provide.
Thankfully the creators of this great device have continued a history of permitting 3rd party apps via sideloading. Connecting to the FireTV is incredibly simple and can be performed by just about anyone with a working android device such as an existing Kindle Fire HDX (such as my self). I decided to use the Android program callled “AirDroid” in order to harvest APK files…. many of these apk files are freely available on the internet, however AirDroid provides a pretty friendly user interface for downloading APK files from the host device AirDroid is working on. Again this whole process should work with mostly any app, not just XBMC. In my case I downloaded multiple APK Files to my KindleFire HDX using AirDroid running off of my Galaxy Note 3 cellphone. Once all of the apk files are downloaded to the Kindle HDX via whatever process, you are set to continue. Many software companies such as Dropbox and Mozilla actually post their APK files on their public websites, so using AirDroid and another seperate android device is not necessary.
On your Kindle HDX, go and launch your favorite Terminal Emulator; my favorite is the ConnectBot utility. Within ConnectBot launch a LocalHost connection and give your session a name. Naming a session allows ConectBot to cache the connection so that if you have to exit abruptly or you would like to reconnect in the future that your session is just a click away.
From the command line interface prompt issue the following commands:
adb connect< ip addr of your FireTV>
adb install XBMC_13.0.APK
adb install Firefox_29.0.1.apk
adb install ConnectBot.apk
adb install Instagram.apk
That’s it! Give adb some time, but eventually you should see a message that says Success and after that you should be able to see the APK (XBMC/FIREFOX/ETC) you installed via the normal applications menu in the FireTV 🙂 Keep in mind that you will have to navigate to the Applications menu that is within the Settings menu . You will not see your side-loaded APKs via the ‘Apps’ Screen on the homepage. Using applications such as Tasker or Llama you may be able to automate this process, however I actually enjoy the FireTV Interface + Amazon Prime Video so launching XBMC manually when I’d like to watch premium Cable TV like Comedy Central in HD makes sense for me.
And that my friends, very simply, is how you install 3rd party apps on a FireTV using your Kindle HDX as an ADB platform 🙂
Out and about on a cold Seattle winter afternoon. Downtown in front of the Four Seasons Hotel