My journey to astrophotography (part 1)

Astrophotography is an awesome passion that’s a mix of science, technology, history, art and dedication. I’m writing this post to share on my journey, not as a way to teach you anything about astronomy, but to offer a window in my life and also show that it’s possible to get started from zero in a new hobby, provided you invest some time into it.

Three years ago, I wrote a blog post on the reasons why I left my job and was pursuing something better suited to my mindset and where healing some wounds wound be possible. I removed it because a person I’d rather not have read it did (if you think it’s you, please return my calls). One or two years before, I started to notice that not only my job had eaten my hobby, but I was less and less interested in computer security and hacking in general – as doing 2 or 3 hours of hacking at home after having spent the day on a pentest was simply not something I enjoyed anymore. It was time for me to be passionate in something else that didn’t involve reading social media for hours (which is unfortunately one of my other hobbies). Maybe go back to something I always loved without taking the time to explore it, partially because I thought that was out of reach or because I should spend all my time trying to be the best hacker in the world (that didn’t work). A few people may know that I was using the handle “spacewalker” until the mid-2000, it didn’t come out of nowhere but from my fascination for the night sky and poor science-fiction cultural references.

The early days

A first attempt was made in the late 2000, when my dad bought a “telescope” (a toy) to our house in Greece. A well-meaning but misguided decision, because I decided that telescopes suck and we can’t see anything in them. Friendly tip: search “telescope” on amazon and never buy any of the results, DM me instead and we discuss.

Test Panasonic FZ200 : un 600 mm f/2,8 - Les Numériques
Panasonic Lumix FZ-200

A decade later, I bought a decent camera (Panasonic FZ-200) and used it for holiday pictures. I had a long exposure feature that made cool photos, so I tried taking long exposure pictures of the house, the trees and eventually the sky.

Here’s one of the pictures. Terrible technique, terrible processing, but I was amazed that I could see the big dipper on one of my pics.

This picture is one of my first attempts at photographing the Milky Way. Retrospectively it wasn’t that bad if we ignore the weird angle and the light spot that probably caused it.

Around 2017-2018, I was in the mountains in Briançon with family and my camera during the winter, and used some of the evenings to roam around with my camera. I pointed it to the sky and captured this horror:

a few seconds exposure on M42

Getting serious

I started reading a bit on astrophotography on forums and watched tutorials on Youtube (mostly in French). I attempted a few stackings of M42/Orion Nebula but I quickly understood that I’ll never get any good results without a sky tracking equipment. I reduced the choice between the Skywatcher Star Adventurer or one of the entry-level Skywatcher EQ- equatorial mounts. I could fit my camera on it, I already had a decent focal length (around 600mm FF-equivalent due to the very small sensor size). I opted for a motorized EQ5, since I could use it for bigger instruments like a telescope later.

Skywatcher nEQ5 with the Panasonic bridge and a homemade wooden dovetail adapter.

I found one of these mount for a reasonable price on a local second hand website. The seller was very nice and is a member of the astro Club “BW Astronomie.” He encouraged me to subscribe to the Facebook group. I did, introduced myself, went to a few events and astrophotography classes held by people there. I joined as a member, went to meetings and public events. This has been a very important part of my journey: being in a community of amateur astronomers was an invaluable resource for learning new things, share my creations and discuss astronomy. And more importantly, all the friends I made on the way. I thank you all, you may not realize how important it was for me at that time.

If you’re interested in astronomy, astrophotography, would like to observe the sky or buy a telescope, I very strongly recommend you to join a local club. They’re run by passionate people eager to share their passion for the sky. You’ll have the opportunity to try different types of equipment until you find the one that matches your expectations.

APPAREIL PHOTO HYBRIDE SONY PACK ALPHA 6000 + 16-50MM + 55-210MM + SD16GO +  SACOCHE (A6000) | Vanden Borre
Sony A6000 and its kit lenses

That camera sucked for astrophotography. It was old already (~2012), was very noisy and had a non-removable lens, making it impossible to use on any other kind of optics. In may 2018, after an hesitation between Canon and Sony, I opted for a new Sony A6000, with kit lenses 16-50mm and 55-210mm. This camera is good and I still use it today for day photography and occasionally for meteor showers or wide angle photos.

A few weeks later, I bought a wide-angle lens, The Samyang 12mm F/2.0. This is a very fine prime lens.

More seriousness

Samyang 12mm - F2.0 Ncs Cs - Objectif à focale fixe - Convient aux  appareils Sony hybrides | bol.com
Samyang 12mm F/2.0 Sony E

the camera was great but its optics hadn’t enough focal length for the spring night objects (mostly galaxies), so I decided to buy a telescope. I found a used telescope (Skywatcher 150/750), sold with a smaller equatorial mount, a box full of eyepieces for visual observations and a few accessories. It’s the telescope I’m still using today.

Once at home, I installed it and spent most of the night looking at the sky. I observed the planets and saw Saturn for the first time. I ordered a large print of the pic below and it’s hanging on the wall in my office today.

First night observing on the telescope, Sony A6000 @12mm

I finally had a basic tracked telescope + camera setup on which I could take deep sky pictures. Here are a few pictures that I have taken in the beginning of 2019, when I started to have a pretty good understanding of the technique and of the software stacks. More or less at the same time, I resigned from my position in Switzerland and started looking for something closer in Belgium.

Single untracked picture, A6000+Samyang 12mm.
M31 Andromeda galaxy, Sony A6000 and Sony 55-210mm
M101, A6000 and 150/750 Newtonian
One of my first stacked moons.
M51, same setup.

And then?

This is already a quite long blog post, I’ll cover the remaining of the story in a future post. I’ll speak of my equipment, covid life but also of my involvement in BW Astronomie. If you liked this post, you may want to subscribe to my Instagram and see some of my work as soon as I publish it. I may decide in the future to publish some of my pictures on my blog, with a bit of context to understand how the picture was made and what I think of it.

SSH: Best practices

The comments around the last OpenSSH issue (CVE 2016-0777, you must read excellent Qualys’ analysis if you’re interested with the details), I noticed that many people were not aware of some basic features of OpenSSH. I will attempt to give a few advises, prioritized in feasibility order, and with graphical annotations:

Very easy to set up.

Requires a lot of work to set up.

Will provide you some protections against difficult attacks.

Will protect against very simple or effective attacks.

Continue reading “SSH: Best practices”

TrendMicro CTF 2015 : Poison Ivy (Defense 300) write-up

TrendMicro CTF logo

The challenge

This challenge was one of the 25 (minus a few canceled ones) written and organized by TrendMicro for their TMCTF 2015. I played with the Swiss team “On est pas contents” and I won’t disclose how badly we ranked 🙂 Some challenges were really boring (a crossword where half the solutions come from the commercial product aisle? Not for me). Some were frustrating, and one was really great: Poison Ivy network capture.

TrendMicro was very fast in shutting down the whole CTF website, so I can’t get an hand on the original challenge text. From memory:

A hacker was caught using Poison Ivy on a real system. Please understand what he was doing to get the flag. (ps: password is admin).

With that exciting information I start downloading the pcap. Opening in wireshark, it appears it’s a single TCP connection on the 443 port. This doesn’t look like https and the wireshark dissector doesn’t want to parse it. Right click on a packet, “Decode as…” and check “do not decode” makes us see the raw exchange.

tmctf_wireshark1

Continue reading “TrendMicro CTF 2015 : Poison Ivy (Defense 300) write-up”

OpenSSL and LibreSSL PRNG, what’s different?

openbsdhelpusIn July, a blog post from Andrew Ayer described the new, unsafe behaviour of portable LibreSSL 2.0.1. While it is right to say that it’s unsafe, it is still safer than baseline’s OpenSSL and portable LibreSSL 2.0.2. That’s what I’ll explain in this blog post.

OpenSSL

During March 2014, I released two CVE on OpenSSL consumers, stunnel (CVE-2014-0016) and libssh (CVE-2014-0017). I also wrote a paper about it in the french magazine MISC mag 74. Unfortunately the paper is in french and not yet released in CC-BY-NC, so here are the major points:

  • OpenSSL RAND_bytes() pool can be shared by two processes that are related, e.g. with a fork().
  • OpenSSL mitigates that problem by adding the result of getpid() in the entropy pool during a RAND_bytes() call. That means that two processes that share the same entropy pool and end up with the same PID will generate the same pseudorandom numbers.
  • That’s what happens in stunnel in fork mode: a master process initializes the entropy pool and spawns children. As children die, PID are recycled until a PID is reused and starts generating the same sequences of pseudorandom numbers.
  • Hopefuly OpenSSL uses RAND_seed() with the current unix time (time(NULL)) on every SSL handshake, so there’s only a one-second time spot to exploit that weakness, before having to start from scratch again. OSes with sequential PID generation are then less vulnerable than OSes with random PID (AFAIK only OpenBSD). This is because open OpenBSD it’s likely to have two different children have the same PID reused in the same second.
  • In the end, the exploit I wrote for it didn’t work, because the OpenSSL ECDSA_sign() function calls RAND_seed() with the content of the message to be signed, and the secret number k is different every time, mitigating the exploit:

Continue reading “OpenSSL and LibreSSL PRNG, what’s different?”