colectivo transdisciplinario | hacklab

The other day we went to the Garage Lab with maxigas to install Twister on a Raspberry Pi. Why a Pi? Well, because maxigas brought some…

Twister on Raspberry Pi

Leelo en Castellano

Why Twister?

Twister provides a distributed alternative to Twitter. Twitter
invented a great service to share fast bits of information and feel
the hum of the Internet.

But Twitter’s proprietary service comes from a single company whose
business is to analyze your words and dissect your behavior for the
benefit of advertisers. It reads your so-called “direct messages”,
and may give them away to unwarranted authorities in your
jurisdiction (thanks to abusive anti-terrorist laws, and “gag
orders” in their’s). It may be censored by arbitrary authorities
hostile to the people. Moreover, Twitter keeps putting barriers to
decentralized participation, working against the spirit of the
Internet. To their credit, they have a good track record against
unwarranted access to their–er, your data.

Screenshot of

In contrast, Twister is free software, conceived from the beginning
to serve the best interest of its users, not the sole mercantile
interest of its founders. “Direct messages” on Twister really occur
between you and your peer, and are encrypted, like any regular
message: non-participants cannot read anything. Moreover, nobody
knows your IP address, nor whether you’re online or not. Twister is
built on well-known peer-to-peer technologies: the public ledger
(blockchain) of Bitcoin,
and the distribution system of
Bittorrent, comprising a
DHT and a tracker. Such a great combination encourages wide
participation, and provides fast updates. It allows a growing
community of participants to scale up the network at an
infinitesimal fraction of the cost of running the centralized
infrastructure of the Twitter surveillance machine.


Here we can notice some impatience among the participants

You will need:

First step – Install Raspbian

A bunch of Class 10 SD cards

  1. Zero-out the SD card

    This step is optional if the card is new. Warning: the card may
    appear as /dev/sdb or something else according to your
    operating system and the installed programs. YMMV.

    dd if=/dev/zero of=/dev/mmcblk0 bs=16M
  2. Download the Raspbian image

    Save the latest Raspbian

    and unzip the image somewhere.

  3. Burn the Raspbian image

    Use dd to burn the image to the SD card. Assuming /dev/mmcblk0:

    dd if=2014-06-20-wheezy-raspbian.img of=/dev/mmcblk0 bs=16M 

    After less than 10 minutes, the SD card should be ready to boot.

Second step – Boot the Pi from the SD card

A Pi before being eaten

  1. Insert the SD card in the slot
  2. Connect the Ethernet cable between the Pi and the router
  3. Power up the Pi (you may as well plug it into an USB port of your

The Pi’s LEDs should blink, then after a few seconds turn on. If
that step fails, please refer to the Troubleshooting section.

Third step – Identify the Pi on the network

Another lonely Pi

There are several methods to discover the IP address assigned by the
DHCP server to the Pi. Here are three of them.

Wild Guess

On a small network (e.g., at home), you can figure out the IP from
your laptop’s, and incrementing the last number (because the DHCP
server usually assigns addresses in ascending order). It’s a great
method when there are not many connected devices and you want to
scare your engineer friends.


arp-scan is a network analysis tool written in Perl, to identify
IP and MAC addresses of devices connected to the local network.
It’s fast and easy to use:

arp-scan -I wlan0 -local

The Raspberry Pi appears as <Unknown>, because the manufacturer
does not appear yet in the MAC list used by arp-scan. Anyway, if
you’re going to install some program because it does not come with
your distro, why not install nmap?


For years, nmap has been a favorite tool of sysadmins and
offensive hackers alike. Using nmap makes it easy to identify the
Raspberry Pi on your local network. Scanning the entire network
will turn up the Pi: nmap will correctly identify the Raspberry
as the manufacturer of the device we’re looking for.
Theoretically, arp-scan could do it as well, and will certainly,
but the nmap community maintains a fresher list of network device

Considering a local IP range on

   nmap -A 

will return a list of active hosts, with their interesting service
ports, in addition to the IP address, the MAC address, and the
manufacturer. Once the Pi is identified, we can connect to it.

Fourth step – Install required packages

A Pi ready to be eaten

When you connect to the Pi for the first time, it will recommend
running the raspi-config program that allows changing some options
of the system. If you’re not planning on using the Pi for
video-intensive work, you can reduce the amount of RAM shared with
the graphical processor in the advanced options. For the purpose of
this workshop, we’ll skip configuration and focus on the
installation. Once you have understood the process, don’t forget to
secure your Pi!

You connect to the Pi via SSH. The default credentials are the
login pi with the password raspberry.

  ssh pi@
  sudo aptitude update
  sudo aptitude install git autoconf libtool build-essential libboost-all-dev libssl-dev libdb++ libminiupnpc-dev

Note: for more details, please refer to the official Twister
The version of db should be 4.8 or 5.3, but not 5.1 (for reasons
of incompatibility and unstability).

Fifth step – Compile Twister

Let’s create a dedicated twister user.

  adduser twister
  su - twister
  mkdir -m 0700 .twister
  git clone ~/.twister/html
  git clone
  cd twister-core
 ./ --disable-sse2 && make V=1

Hit Control and the ‘d’ key to exit from the ‘twister’ user and come
back to the root account, and run make install from the
/home/twister/twister-core directory.

That’s it! Now Twister can run on the Pi. :)

Tess got her Twister ready

Sixth step – Run Twister

To use Twister, run the twisterd command:

   /usr/local/bin/twisterd -rpcuser=user -rpcpassword=pwd -rpcallowip=

In the current alpha version, the remote procedure calls (RPC) options are hardwritten in the program. The configuration file in $HOME/.twister/twister.conf can be used to store them instead of typing them each time on the command line. Otherwise, you can use a script like the following one:

A script to run Twister

    ARGS="-rpcuser=$username -rpcpassword=$password -rpcallowip=$ipv4addr"
    exec $TWISTER $ARGS $@

Save the executable to /usr/local/bin/twister or another place in
your PATH. From now on we can use twister to run the program.

Insecure RPC over SSH

We have a problem: the web interface runs on localhost, but we’re
connecting via SSH. We don’t have a display attached either. It
would be quite heavy on the Pi to run a web browser directly from
there, and very insecure to authorize remote RPC (how paradoxical
does that sound!)

Fortunately, we can use an SSH tunnel! By passing the port of
Twister’s local Web interface to the controlling laptop, we can
access to Twister “locally”, and even better: through an encrypted
channel. In order to setup a transparent connection from our own
laptop, let’s setup a proper SSH configuration.

    ### ~/.ssh/config
    ### raspberrypi
    Host pi
         Port                       22
         CheckHostIP                yes
         ForwardX11                 no
         User                       pi
         IdentityFile               ~/.ssh/id_rsa
         RSAAuthentication          no
         PasswordAuthentication     no
         LogLevel                   INFO
    # Here we are: sending the port 28332 from the Pi to our localhost
    # Otherwise, running: `ssh -Nf -L 28332:localhost:28332 pi` will open the tunnel
    #     LocalForward              28332

Replace the IP address on the HostName line with the actual IP
address of the Pi. It would be better to assign a fixed IP address
to Twister, but if the network topology doesn’t change much, the Pi
should keep its address indefinitely. Before we can use that new
SSH configuration, we must send our SSH key to the Pi:

    ssh-copy-id -i ~/.ssh/id_rsa pi@

Done. Now we can launch Twister:

    ssh pi
    ssh -Nf -L 28332:localhost:28332 pi
    xdg-open http://localhost:28332

On my laptop, I use this

~/bin/twist to open the tunnel:

Seventh step – ¡Let’s do the twist!

Now you have:

You still need to:

the board with an explanation of the blockchain

When twisterd runs for the first time, it connects to the
Distributed Hash Table (DHT) and starts downloading the blocks.
Today about 5 minutes are needed to catch up with the 52000+ blocks
that form the Twister blockchain. Before you have downloaded the
entire blockchain, there’s nothing much useful to do with Twister.
Once it’s complete, you can register your account.

Registration is a two-step process. Verifying the availability of
your chosen name is instantaneous, as the blockchain contains the
whole collection of registered names on the network. Once you chose
a unique name, you can “save it”. At this point, Twister is
crunching numbers to insert into the next block a chunk with your
chosen name. After this block is shared, the network establishes a
consensus on the validity of its existence, and then the name
becomes available for use. It should take a few minutes, between
one and thirty, for the network to accept the corresponding block.
Meanwhile, you can use this time to customize your profile.
Shortly, you’re going to receive a confirmation that the name
appeared in the blockchain in the form of a notification from
@newusers mentioning your chosen name. Finally, your Twister
account is ready to use!

Follow us on Twister: @efecto99, @eisos, @maxigas, @minitrue,


Please report errors, difficulties,

so that we can better this document.

The Raspberry Pi doesn’t boot

Twister compilation fails

The final product running at home