<html><head><meta http-equiv="Content-Type" content="text/html charset=iso-8859-1"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; ">Hi,<div><br></div><div>Do you guys plan to eat at Burger Continental next time?</div><div><br></div><div><div apple-content-edited="true">
<div>John Kim</div><div>Student/FOSS Enthusiast</div><div><a href="http://www.internet-in-a-box.org">www.internet-in-a-box.org</a></div><div><a href="mailto:thinkndev@gmail.com">thinkndev@gmail.com</a></div><div><br></div><br class="Apple-interchange-newline">
</div>
<br><div><div>On Sep 13, 2013, at 12:10 AM, Lan Dang <<a href="mailto:l.dang@ymail.com">l.dang@ymail.com</a>> wrote:</div><br class="Apple-interchange-newline"><blockquote type="cite"><table cellspacing="0" cellpadding="0" border="0"><tbody><tr><td valign="top"><p>Meeting recap for those who couldn't make it:</p><p>We had a pretty large turnout and one or two new people. Mike Proctor Smith was stuck at work so we didn't have a lot of Linux in the News.</p><p>Michael and Steven filled up the entire counter with equipment for their presentation. There were two laptops, two raspberry pis connected to keyboard and mouse, one small monitor, one 32" tv, a router, an HDMI to VGA converter, many cables. They displayed their slides on the tv and did the demo on the projector. And even then, it felt like they needed another monitor so we could see what the attacker was doing.</p><p>It was Raspberry Pi vs Raspberry Pi. They used Raspberry Pis to demonstrate that you don't need a very powerful computer to do the hacks. Michael played the evil attacker trying to hack Steven's Rpi. Topics covered were changing default passwords, cookie stealing through cross site scripting exploit, watching network traffic using Wireshark and tcpdump, why you should use https, and an SQL injection attack. The Wireshark and SQL injection attack didn't quite work as planned.</p><p>Still, it was an entertaining and engaging session. Afterwards, Doug came up with a brief introduction to CSRF/XSRF which is cross site request forgery where a malicious person could craft an html element on a site like a forum, which directs the browser to request an action on another website that the user is believed to already be logged into; it takes advantage of the authentication cookie the browser already has to forge requests.</p><p>I appreciate everyone eating my treats so I didn't have to take them home. I made a raspberry, blueberry, peach galette (aka a raspberry pie) and carrot cake sandwich cookies with additional cream cheese frosting in a sandwich bag if you had wanted to pipe on more frosting. I also had a can of whipped cream for the pie.</p><p>I hope that someone erased the blackboard. I'd meant to check it before we left, but I forgot.</p><p>We ended up eating at Hamburger Hamlet on Lake and Cordova. We were able to sit at two adjoining booths. They gave us separate checks but did charge a mandatory gratuity because of our large party. We closed out our bills by 10pm, but we actually stayed there till about 11pm before the party started breaking up. <br>
I'll send out an announcement for next month's speaker as soon as we can confirm the room, though I'll probably update the website sooner. I hope to advertise this presentation around Caltech since summer is over and the students are back. </p><p>Lan</p>
</td></tr></tbody></table></blockquote></div><br></div></body></html>