Hi world!

I didn’t get as much time to update my site over break as I thought I would, and this quarter is shaping up to be nuts (formal logic and combinatorics, physics of waves and light for engineers, advanced differential equations, and a community outreach course where I’ll be teaching inner city kids video game design).

The Bishop release went swimmingly. I’ve just passed 1300 users on the Chrome Web Store, and there are apparently a couple hundred more who have ported(ish) the extension to Opera that are pulling directly from the repo. It’s exciting to see the feedback I’ve gotten.

Bishop is a Chrome extension-based vulnerability scanner that can automate tedious tasks of hunting for trivial vulnerabilities on your websites as you browse. It’s hassle free, easy to set up, and sits quietly in the background until it discovers something worth telling you about.

It’s been available on GitHub for a while now, but I’ve polished up a release on the Chrome Web Store that just got approved. You might be surprised at how vulnerable your sites are!

FreeStep, the free & encrypted chat platform, has just been pushed to v2.0.0. After a slew of issue submissions and user questions to my personal email (XP), I’ve built in a big chunk of updates in my last hour of procrastination before I drown in finals:

• If your username is mentioned, you can hear an audio alert, and the message is highlighted in red
• Audio alert options are more robust
• Custom Title and Byline options allow you to hide components and brand the app as you see fit
• http(s), ftp, and magnet link texts are all converted to hyperlinks

If you’re looking for encrypted, open source, and transparent collaborative chat, checkout the lightweight FreeStep!

Hello World! It’s been a while since I’ve posted, I know… The closing weeks of the quarter are like trying to swim in Jello. I’ve got lots of things I want to write about, but no time! As soon as the quarter is over, expect some posts on:

• neurochemistry explorations, and some experiments I’ve been running on my dopamine system
• tDCS (running current through your brain to make you smarter and happier)
• some curious, weird, and frightening results from my genetic analysis that I’ve begun chipping away at (1000% (yes, that’s three zeros) elevated stroke risk, anyone? I’m also genetically wired to be popular (I have this mutation) — who’d have guessed? ;D)
• a future near field chip implantation, as well as my long-awaited second magnet implantation!

I’m starting to turn up the heat on some of my biohacking, and have really turned my eyes on hacking my brain — I can’t wait to share some of my results!

Just tagged v1.0.0-alpha of Bishop (“Marty”) and finalized that; it now supports background queuing if you don’t want to scan as you browse.

Check out the release here.

Sad Things

BroncoStory has met its end… It looks like Snapchat is blocking access to the API we used to run the service. We don’t know why we specifically; the reverse engineered kit we were using for access itself seems to be fine, but for some reason accessing only the BroncoStory account through it doesn’t seem to work.

At the peak, BroncoStory had over 1400 unique views to its snaps, and plans for monetization were on the horizon… but alas, no more. It was fun while it lasted though!

Wow! Users are awesome!

Get Git has surpassed 280 users on the Chrome Web Store, and BroncoStory, a social media venture I’ve been developing on campus, now has over 600 unique viewers on each piece of crowdsourced content. Stay tuned for updates on BroncoStory monetization (because who doesn’t love hundreds of advertising impressions for pennies on the dollar?).

Nothing much substantial to say; just been pleased with how ventures have been moving over the last few weeks! Thank you to all my readers and users who help to get word out and around!

So in the 24 hours since I’ve released Get Git, it’s gotten quite a bit of attention on Reddit and a few forums. I wanted to update with two things.

First, Get Git is not illegal (and especially not a felony, as one Redditor suggested). It does nothing other than browse publicly accessible web pages for exposed files. It doesn’t download the files, it doesn’t disrupt the sites (unless you consider a couple HTTP requests with a 404 response disruption, in which case your site is being disrupted by tens to thousands of people a day), and it does nothing illegal. The files it looks for are, if present, 100% publicly accessible. Using this plugin is as illegal as using Google (in fact, Google does what this tool does on a massive scale – check out this Google Dork).

**Get Git **is a Chrome extension that I hammered out today, inspired by these slides. Get Git recursively traverses the websites you browse, hunting for misconfigured web accessible Git repos what are web accessible — and of course, once you have access to the .git/ directory, it’s open season on source code, API keys, hard coded passwords, and even internal network structure if they’ve liberally set up remote origins.

There’s actually a lot of sensitive info available in Git repos, and I was interested how many sites I browse are revealing things. Get Git also handles websites with directory listings turned off, so even half baked security won’t hide the repo.

Some exciting work in the pipeline; working on a handy toolchain for 23andMe genetic data analysis and breakdown — conversion to VCF, SNP effects, annotated mutation and protein defect analysis, the whole shebang. It’s gonna be pretty extensible and easy to use too…