Meetups/Infra/2025-08-18

From Noisebridge Wiki
< Meetups | Infra
Revision as of 04:52, 10 February 2026 by Maintenance script (talk | contribs) (Imported from Noisebridge wiki backup)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search
Noisebridge | About | Visit | 272 | Manual | Contact | Guilds | Stuff | Events | Projects | Meetings | Donate E
Events | 5MoF | Hosting | Streaming | Meetup | Classes | Anniversaries | Hackathons
Upcoming Events | External Events | Past Events | Future Events 		E
Meetups / Infra: 2026 | Template | Pad (live notes) | Jitsi (video call/screen sharing) | (M | lu.ma | discord events | chat) V · T · E

Capabilities-based systems, regimes of complexity, and olympus door access control system and successor design requirements discussed.

Format updates todo[edit]

  • Wiki/pad-notes/jitsi mention.
  • Noisebridge
  • Donate
  • discord channels -- via links, descriptions, wiki / implicit
  • per-week format variants -- communicate about, standardize to announce in person
  • intro

Introductions[edit]

  • [name] - [background]. [goals for meetup, or interests to explore]
  • Loren - scraping & cloud platform engineering, tonight, nb.wtf/w/olympus for guilds! (guild rooms)
  • Elan - SWE by trade, learning more about devops/SRE as most recent interest, migrating nb services to k8s as most recent effort,
  • Gwen - learning!
  • Jet -- loren mentioned me b/c I like the nb infrastructure, recently did lots and lots and lots of nfc debugging
  • Kevin aka Mr Name, software, recently did claude code generation. anti-vibe coder, careful scaffolding only
  • Matt - background as sysadmin, with loren in college, most recently full-stack role, now into compilers
  • Doug -- big time computer toucher, updating sshd config, and ssh config (can't quite hear)
  • Frank -- sw eng background, homelabbing & kubernetes recently
  • Zacchae -- supposed to do [work?] today, did more important things
  • Stele (sp) -- infra work, most recently wireguard & nixos.
  • Mike - software engineer, working on personal home Kubernetes cluster among other things


Lesson or Demo[edit]

  • Read aloud: clarify for meetup. We are taking notes in a riseup pad (or I am--help appreciated, and links). We have meeting notes posted to the wiki. noisebridge.net, search Infra, or Meetups/Infra. (the Infrastructure page has a disambiguation link.)
  • Shell, web services, self-hosting, networking!


  • loren -- personal curiosity -- capabilities based systems,
  • nix lang -- vs guile
  • Capabilities-based systems
    • Q [ ...?... ] / A: access control list -- attack target in itself -- "confused deputy problem"
    • spritely goblins -- guile .. -- can run in/ build wasm targets
    • principle of least priviledge & principle of least power (languages, config languages, also type theory)
D

guix vs bazel vs nix? reproduceable deterministic builds hermetic

  • deterministic builds.

cynefin framework


https://www.cs.cmu.edu/~rdriley/487/papers/Thompson_1984_ReflectionsonTrustingTrust.pdf

https://www.bunniestudios.com/blog/2019/supply-chain-security-talk/





currently security through obscurity this doesnt need to be the case

Timeline

  • SHED (secure hacker entry device) -- nb.wtf/w/SHED
* Original dev moved on
  • Someone took over/rewrote


it stands for "Near Field Communication" -- referring to near-field radio/EM propagation from antennas, as opposed to far-field, i.e. most use for wireless radio, 1x - 3x - 10x the antenna length are common near vs far field communication


DesFire protocol https://www.nxp.com/products/rfid-nfc/mifare-hf/mifare-desfire:MC_53450


BLE -- bluetooth low-energy

Jet, 2 recommendations

1) take a photo at time of scan of RFID, for accountability

2) make carg


also reporting

3) separate system -- recommend, one-time passwords, in google and apple wallet.

---

dangerousthings.net

  • How durable are the $700 NFC readers? Could a malicious actor destroy it from outside?
    • It seems like 2FA would at least solve the issue of cloning other peoples cards.

🔥

  • me says:this is not universal 1) if you want to open the space with your rfid 2) you agree to a photo (we auto delete), so we can hold accountable


@Mike says:I think a low-res image would be OK, no? Just enough to tell whether it's the real cardholder?

we can even encrypt the photos to shamir-secret share split keys

another thing: We have other rooms that want security -- sewing, 3d printing (and a few others). We implement the system on these doors first, before we attempt the front door

@Loren: Wouldn't front door security alleviate the internal issues?

no, not at all -- Sewing has the complaints about people unknown to the guild who use the space while unexcellently while we're open

3d printing has also experienced thefts during our open hours

layers and layers -- also, giving security delegation control to guild leaders gives them more power, more willingness to invest, and to create structures that keep thrivign



Questions, Discussion, or Coworking[edit]

  • [Issue]

For next time[edit]

Questions[edit]

Readings & Exercises[edit]

  • Readings
  • Exercises

Join online[edit]

  • Try it yourself!
    • Join libera.chat #nb-meetup-infra

https://www.noisebridge.net/wiki/Meetups/Infra











(Preamble: 

   = Meetup - Infra =
   https://www.noisebridge.net/wiki/Meetups/Infra
   https://www.noisebridge.net/wiki/Meetups/Infra/2024-..-.. )

2025-08-11 m Meetups/Infra

Noisebridge | About | Visit | 272 | Manual | Contact | Guilds | Stuff | Events | Projects | Meetings | Donate E
Events | 5MoF | Hosting | Streaming | Meetup | Classes | Anniversaries | Hackathons
Upcoming Events | External Events | Past Events | Future Events 		E
Meetups / Infra: 2026 | Template | Pad (live notes) | Jitsi (video call/screen sharing) | (M | lu.ma | discord events | chat) V · T · E

(TODO summary)

Introductions[edit]

  • [name] - [background]. [goals for meetup, or interests to explore]


  • Loren -- cloud & platform engineer, scraping & data analysis -- talk about NB access control infra today
  • Wheezy -- love to learn, to teach. Constant state of learning. Red team, op team. Sharing recon tools today.
  • Greg -- programmer, home labber -- have a great debugging story today, fixing dashcam
  • Eric -- (programmer
  • Kevin -- lately exploring open source CV models
  • David - Self-hosting interest
  • Natalie: nerd
  • Frank -
  • Chris: full stack designer
  • Zacchae -- recovering from a cr
  • Ellen / Elle -- NB fundraising - going to have a party soon. People who make cool things, like linux phones -- consider donating to the silent auction. Sept 13th,
  • MJ -- Intersted in what's going on


Lesson or Demo[edit]

  • Read aloud: clarify for meetup. We are taking notes in a riseup pad (or I am--help appreciated, and links). We have meeting notes posted to the wiki. noisebridge.net, search Infra, or Meetups/Infra. (the Infrastructure page has a disambiguation link.)
  • Shell, web services, self-hosting, networking!


  • Loren: few topics I would like to explore. pushing for access control for the guild rooms. give people access based on rfid badges. fun to create. Asked Circuit hacking monday to join as community project.

Access Control WG - guild room access[edit]


r pi power supply --

mfc522 button switch screen, OLED

ethernet cables x2, terminations x2 ea

solenoid, electrically switched lock -- NC normally closed. Independent of door lock & latch -- re: fire safety, you can always get out.


after action report

rust --


  • mirrors the way noisebridge has operated for quite some time
    • bottleneck has been members not being available --



  • WE-z: Network fingerprinting

maltego.com ## The all-in-one investigation platform that accelerates complex cyber investigations from hours to minutes 

   - Gave demo of the desktop application, using noisebridge.net as example. App uses transformers to run discoveries of network.
   - Use to find connection in the network infra. 
   - Traced noisebridge.net to he.com

bgp.tools


recon-ng https://github.com/lanmaster53/recon-ng

spiderfoot ## Open source investigation.


  • Greg debugging story.


Take aways[edit]

  • Loren -- just updates, not as much brainstorming, about Access Control WG
  • David -- might be interesting if we want to make it fancy (domain specific language for specifying access/authorization policy): https://www.openpolicyagent.org/

Questions, Discussion, or Coworking[edit]

  • [Issue]

For next time[edit]

Questions[edit]

Readings & Exercises[edit]

  • Readings
  • Exercises

Join online[edit]

  • Try it yourself!
    • Join libera.chat #nb-meetup-infra

https://www.noisebridge.net/wiki/Meetups/Infra

Retrieved from "http://beyla.local/index.php?title=Meetups/Infra/2025-08-18&oldid=3683"