Tasmanian Street Musicians

Yesterday I walked to the Salamanca Market in Hobart, Tasmania, a street market that opens every Saturday. Much like everything else I’ve experienced here in Tasmania, the market had ‘calmly dramatic’ feel to it, filled with three hundred stalls and bustling with thousands of people, yet not feeling one bit chaotic or rushed.

There were lots of street musicians strewn about. There was a teenage girl on the flute, a young man singing to an acoustic guitar, an older gentleman attempting to play the ukulele, and another selling CDs.

After walking around a bit, I noticed the young man with the acoustic guitar had joined another young musician. The two men, who did not seem to know each other, started playing as one, carefully watching each other as they tried to find a rhythm.

A few of these musicians seemed comfortable performing, but there were many others who made it obvious they were struggling with stage-fright. I remember seeing a young man sitting on a bench through one of the stalls, set back away from the crowds as he quietly sang to himself and tapped on his guitar. I wondered what he was thinking.

At one end of the market there was a young girl, perhaps ten or eleven, holding a violin and glancing around nervously. She found the courage to start playing just I walked past her and several people turned as they heard the music, their faces going from curious to astonished when they saw her age.

Walking down Kennedy Lane, into Salamanca Square where families gathered to relax around a water fountain, there was a young boy band playing. One boy on the drums, one on the keyboard, and two more standing up with guitars. The lead singer wasn’t more than eight, his flushed red face and closed eyes telling me he didn’t want to see all the people stopping to smile at him. His singing was horribly off pitch, but his soul made that irrelevant.

Down the other end of Kennedy Lane, down the quiet narrow end with tall stone walls on either side blocking the already diffused sunlight, there was another musician standing in the shadows. I recognized him immediately from my walks around the city earlier in the week. But I had never seen his face. Or was it a girl? I couldn’t tell. He wore a expressionless white mask, baggy jeans, and a faded blue sweatshirt with the hood pulled over. The only thing more unsettling than his ghostly appearance was the tune that he added to the scene. Picking gently at a closely clutched guitar, he played with the sound of each string ever so carefully, clearly having more experience than a casual passerby would notice. Perhaps that’s why he wore an expressionless white mask.

I walked around the market a few more times, not really knowing where I was going or what I was looking for. Around the middle of the market, at the end of a closed street, there were two men playing music and generating a crowd. Not being much for crowds myself, I stepped off to the side, a bit behind the musicians. There I noticed several guys in black suits sitting on the ground, with bags of wires and instruments and other musical equipment sitting on the street around them. As they laughed and watched the crowd, I realized they were next in line, awaiting their turn in the spotlight.

It was here, facing in the same direction as the musicians, that I noticed a man in the crowd step up and throw some money into a guitar case. He smiled and stepped back into the crowd to continue watching. There was something about his posture that told me he was standing there simply to encourage others to step up and give. Not many did.

Every single one of the musicians I had walked by, from the young girl playing the violin, to the person picking at the guitar in a white mask, had a bucket or instrument case in front of them collecting donations. But I hadn’t given anything.

As I ate breakfast this morning, I reflected on all the musicians I walked by and I felt bad for not giving anything, especially not to the children. I realized that even if I had given money to every single one of the musicians, it wouldn’t have amounted to more than a few dollars.

But how much hope and validation might I have given in the process? What if my giving something meant that one of those children felt inspired to see their dreams through? How could any amount of money be valued higher than that possibility?

Perhaps the problem lies in my relationship to money. Perhaps deep down inside there is still a lot of insecurity and scarcity that I’m not recognizing, a part of me that is reluctant to give because I’ve spent so much of my life living in fear of not having enough.

I do have enough. In fact, I have more than enough.

Next week I’m going back to the Salamanca Market. I’m going to give something to every musician that I can find. In fact, maybe I should make this a permanent habit, to always give something to street musicians. Unlike beggars, they’re clearly offering something in return. Instead of just asking, they’re creating something and hoping that you’ll find value in it.

But more likely than not, they’re also asking for you to support their dream, to show them that it’s a dream worth working towards.

All dreams are worth working towards and I believe there is no better way to invest in others than to help them achieve those dreams. What’s your dream and how are you working towards it? Let me know and I will send you something. (Please include your PayPal email address.)

My Notes from The Last HOPE

Here are my notes from The Last HOPE. I started taking notes late, so unfortunately I don't have notes from all the talks I attended.

Ghetto IDS and Honeypots
* An Evening with Berferd
* Low interaction honeypots: Nepenthes, honeyd, Honeytrap
* Monitor both Honeyd and Nepenthes with Prelude IDS

Monitoring Snort
* SnortSnarf

Remember, tcpdump (a common packet sniffer) writes data in pcap format which ngrep, WireShark, or Snort can process.

Kevin Mitnick - Featured Speaker
* Flowroute + Asterisks can be used to unmask Caller ID (I tested Mitnick's setup by calling his phone... my blocked number showed up!)

PenTest Labs Using LiveCDs by Thomas Wilhelm
* de-ice.net
* BackTrack, Slax

PenTesting from Firefox URLs:
* isecom.org/osstmm/
* owasp.org/index.php/Main_Page/
* csrc.nist.gov/publications/PubsSPs.html
* vulnerabilityassessment.co.uk/Penetration Test.html
* centralops.net
* nmap-online.com
* hackerwhacker.com (similar to GRC)

Remember, use TOR when doing active tests!

More useful URLs:
* gdataonline.com/seekhash.php
* passcracking.com
* hash.insidepro.com
* md5this.com
* gdataonline.com
* us.md5.crysm.net
* md5.rednoize.com
* milw0rm.com
* freerainbowtables.com
* netcraft.com

Pen Testing the Web with Firefox

Firefox Extensions:
* FireCat
* ExploitMe (XSS-Me, SQL Inject-Me, Access-Me)
* Tamper Data
* Passive Recon
* Add N Edit Cookies
* Firebug
* HackBar
* Web Developer
* xssed.com

Using Firefox as a Front-End: Proxies
* Tor Button
* Paros Proxy
* SPIKE Proxy
* Burp Proxy

Web Frontends
* Metasploit
* FastTrack
* Inprotect (web interface for Nessus and Nmap)
* BASE (web front-end for Snort)

Use Firefox profile manager to install different selections of extensions to help with memory concerns.

FEBE (Firefox Environment Backup Extension)
CLEO (Compact Library Extension Organizer)
OPIE (Import/Export extension preferences)

Places/Things to hack "safely"
* OWASP WebGoat Project
* PwnOS (VMWare image, requires forum login)
* Your own VMWare lab

Identification Card Security: Past, Present, Future

The Complete Amature - ID Making Operating Guide by Doug Farre

* Epson Stylus R800 photo printer
* Laminator
* Dye cutter
* Magnetic stripe encoder
* Custom rubber stamp (simonstamp.com)
* Black light
* Scanner
* Signature pad
* Photoshop
* Brainstorm ID Supply

Minimal needed materials:
* Teslin Paper
* Pearl-Ex pigment powders
* Ultraviolet pigment powder
* Transparent base

(Get these from practicingperfection.7p.com. That site is down as of right now, so you need the guy's email address to contact him.)

Documentation on ID security can be found at idsysgroup.com.

Books to Read
* 1491: New Revelations of the Americas Before Columbus
* Hackers: Heroes of the Computer Revolution
* The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders & Deceivers

Random URLs:
* foodhacking.com
* hackerspaces.org
* telephreak.org