The End of an Era

It is with a surreal sense of melancholy I announce that on July 15th, 2020, I will be shutting down the last of our user hosting. It has been a long, winding journey for my peers and I. The research projects and personal things will continue here, but it’s time. There are a few branches at the root of this decision: the departure of customers due to their own ends of operation, prospectives that do not follow through with basic requests for information such as amperage requirements or IP justifications eating time I could spend elsewhere getting a serious client, and ultimately COVID causing an inability to spin up new customers. This marks the end of an era for me, and I’ll spend the rest of this post looking back on this journey.

Read More

Lavabit Disconnection

(Updated 2020-02-09 2418 UTC; see bottom)

This is a post I was wondering if I’d ever have to write; the time when I have to disconnect a customer ungracefully.

Earlier this week a spammer cropped up on Lavabit. This would have been a routine situation, except I haven’t had contact with Lavabit through support, abuse, or Ladar in quite some time. There is an SLA requirement per the peering Acceptable Use Policy (AUP), in this case 72 hours, to resolve spam issues. There are many ways to resolve it (locking malicious accounts, resetting passwords for compromised users, better filters). However, without any support contact, and the proprietor incommunicado, I faced a difficult decision.

If I do not disconnect a customer who causes an AUP problem, then Hacking & Coffee assumes the liability on our entire allocation with our BGP peers. I can’t risk the other customers, and general operations, when a situation like this arises.

With Ladar in an unknown status, and no other valid contact points for technical and AUP issues, the decision was made to disconnect the service when the 72 hour window expired.

I hope that the contacts turn back up, and I can turn back on the IP range but even after the disconnect I still have nothing but silence quite some time later (13 hours as of this writing; for comparison a router reboot would get an incident RFI within 30min at any time of day).

As not just the hosting provider, but also as a fellow Lavabit user, I sincerely apologize to all the users of Lavabit for this situation. Having done code review and other contributions to the project since it started to spin back up post-Snowden, I feel like a project I cared about just vanished. I haven’t been involved outside of hosting them under my business for some time, primarily due to other commitments, but I had always wanted the project to flourish and launch the DIME protocol clients.

In the event communication is not re-established with the Lavabit contacts, I’m not sure how to proceed with the user data. Typically when a customer moves out I simply shred the drives and recycle the machines, however in this situation I hope data distribution may be possible. The machines are still running, so if the best happens I can simply reactivate the IP allocation. However, I have started planning for the worst given my current lack of information from Lavabit staff.



Proprietor for Hacking & Coffee, LLC


Update: Contact!

Contact was finally made with Ladar and work is being done to restore service.

Electrokinetic Acceleration with Pancake Coils

Recently at the Dallas Makerspace I had a bit of a crowd when retesting and calibrating my high voltage pulse system. We went through a few different applications, and the most entertaining is always the Pancake Coil Gun.

Read More

New(-ish) Mirrors & Infocon Mirror Rebuild

After review it seems that Infocon mirror built up some errors due to a tracker problem, and an RSS feed problem that prevented torrent files from being replaced as needed. It is being rebuilt currently. RSS P2P clients are a pain to maintain, as none of the headless systems properly support it and, let’s face it, no one wants to tunnel X from a server if they don’t have to.

As for other mirror news, the CentOS mirror became official last week, and other mirrors are in progress in that regard. There are more on the way as well.


Red Team Laptop & Infrastructure (pt 1: Architecture)

I get a lot of questions about my laptop, ranging from “Windows or Mac?” to “do you have a preferred chipset for Ethernet NICs.”

Well, with the exception of “neither” to the first question, most things will vary. Rather than talk about specific hardware or version choices, I’m going to talk about Architecture; in future posts I’ll talk about specific ways of implementing my Infrastructure architecture for supporting penetration testing, but for now we will focus on the high level. This design is Reasonably secure in the right hands, fast, and extremely flexible.

Read More

Unique Policy of Transferring User names by Telegram

Telegram has been around for a little while now, and its user base is growing. However, despite their attempts to be the secure system to beat out the larger social networks, they have one particularly alarming policy: They will transfer a username unilaterally from an established account to another.

Read More

24hr Review: Kodama Trinus 3D Printer

24 hour review of the Kodama Trinus 3d Printer:
In short: I love it as a rock solid, stable, and precise unit.
tl;dr pro/cons


– very fast for a lead screw
– high level of precision
– most robust printer I have put my hands on (and that I can find) suitable for home use
– support for non-official slicers (like Repetier), along with the official Pango
– Support for customer extruders via generic stepper driver & control FET. This might as well be a generic CNC kit that happens to come with a print head. I see this having a large customization community once more are shipped
– Easy enough to use that I could recommend it as a starter unit for those who have never used one and can’t take a large learning curve
– preprogrammed SD cards are useful if you have repeat parts that need printing, but unless you have the LCD screen or another controller it will only be practical with one print set per card since you cannot select the file to print.

– custom print head rather than tried and true RepRap model. This means that if they go under, parts may be hard to come by for things like worn nozzles. However, with the ease of integrating other extruders this may not be as much of a long term issue as some are working to port other print heads (even dual extrusion, though last I checked they had not finished this)
– smaller print area
– bed material choice of Acrylic for the default, rather than a heated bed support by default
– heated bed really was an afterthought (see notes below about motherboard comms)

Longer Description:
It may not be the fastest printer in the west, but it is running lead screws at 70mm/s with accuracy, and I am running 100+mm/s for simpler prints without any real issues.
The biggest gripe: the bed heater is not tied with the motherboard (I didn’t even get the heated bed option anyway for the time being. Since it is not tied into the primary controller might as well make one). Whilst the printer waits for the
nozzle temp to be appropriate, it has no way of knowing the bed temperature before it starts the print. It also cannot shut off the bed after the print is done.
Biggest plus: the thing is rock solid; it is all steel and aluminium with no belts or gears. It doesn’t need bed levelling (smaller print size, with incredible design tolerances). I could travel with this thing and not have to recalibrate anything.
It is not too loud, but not the quiestest printer either. Overall it does not seem to have changed too terribly since the pre-production reviews from during the kickstarter. However, they did take in some backer feedback such as identifying the different Z-Axis leads in the documentation better. It also works fine with or without Pango, and since I may make a build server using a rPi will likely switch to Repetier in the long term.
I have printed 4 items with success, and two had issues. One of the two I tried to print without supports and that was a bad idea with a long bridge (and thus operator error). The second detached from the bed at a faster print speed and stuck to the head. I reprinted that one just fine by lining the bed with painters tape (planning to make a better bed wither by A) better material than the stock acrylic, or B ) just putting said tape down before prints). Regardless I feel I would not have had the detachment with a better bed surface.

I am currently procuring various types of filaments to play with in this unit, and so far have been mostly using standard PLA. I am also waiting on an order of more nozzles before I start doping metal printing since they may cause faster wearing.

Some sample prints:

batman spinner. Printed using Inland PLA @ 100mm/s, 210C, and .15mm layer resolution. For a simpler design such as this perfect for faster speeds.

37mm grenade holster. I needed a belt holder for grenades for my under-barrel launcher. Printed using Polymaker PLA (included with the Trinus, and sold through them at a discount to original backers). Run at 70mm/s @ 205C and .15mm resolution. It printed a belt look without any issues

What is really neat is that I didn’t even bother to calibrate this printer. It does not even have a bed levelling function since it is so robust, and the print area small enough that the bed itself would not introduce much in terms of error.



Read More

2 of 3 Tor Exits Suspended

Well, the upstream IP provider decided they don’t want the Tor nodes there for the time being (partially since they didn’t have an official policy… yet). My node in Canada is still operational, however the beefy nodes operating out of my DC are down for now. They plan to inform me within the next month or so of an official policy. If they form an official stance and allow them, then they will come back online (albeit with the same reduced exit policy).


Tor Exit Nodes

I feel like I needed to help out a little more towards a great project: TOR. I won’t go into what it is here, as I assume my average reader knows. Hacking and Coffee decided to stand up a couple of exit nodes to contribute to the network. They do have a reduced exit policy, however most services are still accessible (notable exceptions being port 25 for SMTP between servers rather than user submissions). The first one to be given an exit flag is set and can be referenced at  (traffic statistics can be seen at ).

Read More