Archive for March, 2010

Photo utility – renrot

When I take pictures with my digital cameras, they name the image files something like this:

  • Wife’s Nikon camera – dscn0115.jpg
  • My iPhone – img_0367.jpg
  • My Panasonic camera – p1070126.jpg

I tend to let the images pile up on the cameras for a while, and then I copy them all onto our file server. I start off by dumping them all into one big folder. But then I sort them into folders based on the date and the event, with names like “pictures/y2010/2010-02-14_chinese_new_year” for events and “pictures/y2010/2010-02” for the random shots. I don’t mind this process, and it’s actually kind of fun to review them as I am copying them to our file server.

I should note as an aside, when I worked for Ericsson’s research lab in Singapore, I was talking to one of the researchers who had studied the many ways that people could organize and categorize photographs, both paper and digital. It turns out that a huge majority of people they studied tended to associate photo sets together, based on relative dates. That is, if you asked for a particular photo, they would think “that was about the same time as Bob’s birthday party, so it must have been in August”.

I know that there are newer ways to organize photos, with databases and “tags” and what-not. Mac people really love to let the computer take care of those details. But I still like the idea of using folders with dates… old school.

Since I am dealing with dates and times of photos, it seems a little silly that all of my photos are named using dumb serial numbers. I find myself looking at the image’s EXIF properties, the information that the camera stores about the image — when and where the image was taken, what the camera settings were, etc. This seems a little tedious.

I recently found a utility called “renrot”. It’s primary job is to read the EXIF data from a photo, and rotate the image to match the EXIF rotation flag. That is, it rewrites the image so that it will load from top-to-bottom, which makes it more compatible with less-than-intelligent viewers — like some digital picture frames. But while it’s doing that, it also renames the file based on the time and date of when the photo was taken.

So now I can start by going into the directory that contains my big pile of photos and doing this:

renrot --name-template %Y%m%d-%H%M%S --extension jpg *.JPG

If I wanted to be careful not to mix the iPhone pictures with the Nikon pictures, I could do this:

renrot --name-template iphone-%Y%m%d-%H%M%S --extension jpg IMG_*.JPG
renrot --name-template nikon-%Y%m%d-%H%M%S --extension jpg DSCN*.JPG
renrot --name-template pan-%Y%m%d-%H%M%S --extension jpg P*.JPG

If I want to be a purist, and just rename the photos without actually rotating the image, I can do that, too.

renrot --no-rotate --name-template %Y%m%d-%H%M%S --extension jpg *.JPG

Pretty cool.

CarolinaCon – Day 3

After Hacker Trivia last night, it was pretty hard to wind down and get to sleep. So 10am arrived quickly.

The Art of Software Destruction – Joshua Morin and Terron Williams

I missed this talk due to Daylight Saving Time… yeah, that’s it.

Apparenly, the topic was fuzzing, or throwing unexpected data at a system’s inputs to see how it handles them.

Why Linux is Bad For Business – Wesley Shields

Wes tried to raise the hackles of the Linux users in the audience with his provocative title and his confrontational style. However, his point was driven home very well. Many companies flock to Linux when they want to build on a base of a community-supported project. However, there are other alternatives that might be a much better fit to their development and deployment plans. FreeBSD has a very business-friendly license, which does not require re-contribution of a company’s changes (which may be their special sauce).

Wes makes a very compelling argument. While I appreciate his conclusion, I disagree with one of his premises: that anyone who is building an appliance will probably be making their changes to the kernel, and not in user space. That was true for him, since he was building a “networking appliance”, and the best place for fast networking logic is in kernel space. However, I have also developed a Linux-based “appliance“. But our secret sauce was in the application, and not in the networking or driver layers. So for us, the underlying kernel and support packages were just commodities.

Nits aside, Wesley’s talk was more thought-provoking than just provoking. And your author will certainly consider FreeBSD on his next project that requires an open source base.

Sorry, Wes. If you were trying to come across as a jerk, you failed. Great talk!

The Evolution of Social Engineering – Chris Silvers and Dawn Perry

These guys have entirely too much fun at their jobs. They are security consultants who specialize in penetration testing in the physical realm. That is, they break into office buildings. Well, that’s not really true. People let them in — they con their way into office buildings.

Chris and Dawn shared lots of stories about the many jobs they have been on, explaining along the way the rules of engagement, how they are hired by management, what they are trying to prove, and how far they’ll go to exploit the helpfulness of others.

One hour was simply not enough for these guys!

Metasploit – Ryan Linn

Man, I should have taped this talk.

Ryan gave us a very fast-paced hands-on demonstration of Metaspoit (as run from the Backtrack 4 Live CD), and the many ways that a target box can be probed and PWNED. He covered the msfconsole, meterpreter, automation of exploits, and generating malicious payloads.

This talk wins the “most informative” award from me. Very good stuff.

How the Droid Was Rooted – Michael Goffin

Michael shared his experience working with team that rooted the Motorola Droid phone (hint for developers, putting the phrase “this could be exploited” in the comments of your open-source code sort of acts like a neon sign that says “HACKERS WELCOME”).

There was a lot of good technical content, explaining how the Droid software is packaged and upgraded. But just as interesting was his account of the team dynamics. When one member decided to take the entire team’s marbles and go home, it really did not slow them down, because they were using a distributed source code control system (Mercurial). That meant that every team member had a complete copy of the source code repository. Lesson learned.

At the end of this talk, I wondered how long it would be before you could buy smart phones directly from the carrier that had root access, straight out of the box (after all, I have root access to my PC’s and PDA’s). Having worked for a cellular phone manufacturer, I would guess that we may never see that day. So, give a big thanks to Michael and his team for their hard work!

Protecting Systems Through Log Management and System Integrity – David Burt

This talk was, by far, the worst of the show.

David did not seem to have a core message… instead, he had hastily thrown together 86 slides worth of screen shots and raw data about logging tools. On the stage, he struggled to speed-read his way through the slides, speeding up even more when he hit the 5 minute warning. 75 minutes into his one-hour talk, though, David’s message started to shine through. He knows a lot about logging — and he is available for consulting work.

Wrap-up

We wrapped up with some prize give-aways… youngest attendee, oldest attendee, drunkest attendee, winner of a rock-scissors-paper showdown, that guy who looks like some other famous guy, and anyone else who will take this junk.

And that’s it, the show is over.

Mad props to the CarolinaCon Group, organizers, sponsors and volunteers. I had a great time, and I learned a lot. And it looked like most of the other 176 attendees did as well.

Now let’s see how much trouble we can get into between now and CarolinaCon 7!

CarolinaCon – Day 2

The second day of CarolinaCon was packed from sunup to sundown — who am I kidding… hackers seldom rise before noon. ┬áThe festivities started at 10am.

Hacking with the iPhone – snide

No, not hacking the iPhone… but using the iPhone as a hacking tool. This talk was a good slide into the morning, a chance to let the coffee sink in. It could probably summarized with two main points:

  • Since the iPhone OS is a distant cousin of BSD Unix, many open source (Linux) networking tools can easily be ported to run on it, so a jailbroken iPhone makes a decent platform for network sniffing and the like.
  • A jailbroken iPhone provides a behind-the-scenes look at the user interface, and many things that are set on the main GUI can be changed by directly manipulating the underlying settings files.

Neither of these ideas is too surprising, and so this talk was nothing new. Still, for me, having never played with a jailbroken iPhone (honest), it was an eye-opening experience. Or maybe that was just the coffee kicking in.

We Don’t Need No Stinking Badges – Shawn Merdinger

Shawn has spent some time evaluating campus-oriented badge reader door locks from a company called S2 Security. He showed how they work, and how they are advertised to work — not necessarily the same thing. An interesting glimpse into the world of distributed security systems, with several take-home lessons about what not to do.

It’s a Feature, Not a Vulnerability – Deral Heiland

This is the third time that I have seen Deral present at CarolinaCon. In 2009, he showed us what a mistake it can be to “web-enable” your products, and in 2008, he showed us how he made friends at Symantec with “Format String Vulnerabilities 101”.

This time, he continued his endorsement of Symantec’s products by demonstrating how their AMS product conveniently allows very easy access to a machine’s resources. In fact, all it takes is a single packet to tell AMS to run any command on a target Windows box. That’s convenient! (PWNED)

Smart People, Stupid Emails – Margaret McDonald

Margaret came here all the way from Denver to tell us what we already knew… that otherwise intelligent people send the stupidest things in email. This was a lively discussion that we could all relate to… yet I have this sinking feeling that our inboxes will still be filled with garbage when we get back to work on Monday.

Mitigating Attacks with Existing Network Infrastructure – Omar Santos

Omar was cursed with the dreaded 3:00 time slot… just in time for the after-lunch sleepies. It did not help that his presentation was JAM-PACKED with very technical networking information. So, for the most part, I sort of zoned out during this very informative presentation.

I tried hard to stay awake by asking a question (about “bogons” — in this case, the newly-allocated and unfortunately-numbered 1.0.0.0/8 address space). But it did not help.

Omar plans to give this same talk at “Hack in the Box” in Dubai later this year. So if I start feeling regrets that I missed something, I guess I can always book a flight.

OMG, The World Has Come To An End! – Felonious Fish

Hackers are usually prepared for anything… or are they? FF led a discussion on survival, what is needed when the rest of our infrastructure is gone. We might have food and water and shelter, but when my iPhone battery dies, it’s game over!

You Spent All That Money and You Still Got Owned – Joe McCray

Joe’s talk was one of the highlights of the Con… even Stevie Wonder could see that it was awesome. Joe told us his secret to success — he goes into companies, totally pwns them in short order, tells them how they suck, and then they pay him.

Apparently, corporate America makes Joe’s job very easy by following the worst practices. And on the odd chance that they have their operational act together, he can always solicit a security slip-up by sending them a carefully-crafted email (pwn), or if that fails, by leaving a CD with provocative title for some nosy employee to find (serious PWN).

What a life Joe leads — that “education” he got in prison has really paid off.

Locks: Past, Picking and Future – squ33k

The lovely and talented squ33k — 5th grade teacher by day, lock hacker by night — educated us on all things lock-related. With assistance from the TOOOL crew, she taught us how modern pin tumbler locks work, and how they can be picked. But being a full-time teacher, she made sure to frame her talk with some interesting background info on locks from as far back as 4000 years ago, and a glimpse into what locks may be like in the future.

I am so proud that our youngsters are learning their skills and attitudes from this woman. She’s a girl geek role model!

Hacker Trivia

What’s that? Al was spotted in parking lot? Someone allowed him back into the country? I thought that call to the TSA would be enough to keep him detained in the airport until the Con was over. I guess not. HE’S BACK!

Once again, Al Strowger took the stage and led us in a game of Hacker Trivia. Loosely based on Jeopardy!, this game quizzed the inebriated audience on the topics of: Movie Quotes, x86 instructions, other (hacker) conferences, math, 2009 tech, and ccTLD’s. John “Math for 400” Davis took home first prize, an iTunes gift card. Many other contestants won spot-prizes: hacking books, some new geek toys, donated “vintage” equipment, Vic Vandal’s old CarolinaCon 3 t-shirt, and lots of cupcakes.

Good night everybody. Sleep well, we’ll see you at 10am tomorrow morning!

CarolinaCon – Day 1

It’s that time of year again… time for the annual CarolinaCon security conference. This year promises to be bigger and better than last year — it has expanded from 1.5 days to 2.5 days, and it has moved from the somewhat undistinguished Holiday Inn in Chapel Hill to the somewhat less undistinguished Holiday Inn in Raleigh.

Notably missing was the “Master” of masters of ceremonies, Al Strowger. But Vic Vandal and his cohorts seemed to have the show in order. Personally, I can’t imagine a Con without the provocative charms of Al. But we’ll see how they do.

As usual, the Con started with a short after-work session on Friday night. There were three presentations to get the crowd warmed up.

Cybercrime and the Law Enforcement Response – Thomas Holt, a.k.a. Professor Farnsworth

The good professor never disappoints, and he really had a challenge this time, to warm up an otherwise un-primed crowd. He dove right in, with the not-so-statistically-significant results of a survey of state and local law enforcement officers, asking about their experience with computer crime. It was not surprising to find that most LEO’s were not very well versed in the specifics of computer-based crime, but they had a pretty good appreciation for the concepts. Thank you, CSI. Many trends and prejudices were revealed, and Dr Holt and members of the audience supposed several reasons why these might be so.

The Search for the Ultimate Handcuff Key – Deviant Ollam

If the crowd was not warmed up before Deviant Ollam took the stage, they certainly were after. He and the TOOOL team showed how handcuffs work, and how they can be defeated, sometimes with simple items like a piece of notebook paper!

But just as important as the actual material they presented, was the chosen format of their presentation. In true CarolinaCon fashion, they began by mixing a pitcher of their beverage of choice… tonight’s choice was a “Stone Fence” (one part Apple Jack, three parts hard apple cider, and a splash of bitters). Every time something in their presentation went unexpectedly, they would take a drink — this rule was strictly enforced by the audience.

In case that was not interesting enough, each live demonstration of handcuff picking techniques was accompanied by background music from a famous X-rated movie from the 1970’s and 80’s. In many cases, an audience member was able to “name that movie” before the lock-picker had freed himself, thus winning a prize.

Now this is the CarolinaCon that I came to see.

Microcontrollers 101 – Nick Fury

Finally, Nick showed the audience how to think small… he introduced the AVR microprocessor and the “Arduino” board and tools. Then he showed a few demos of what a small board like that can do. Certainly a tool that many hackers can add to their toolbox.

With these three presentations, the Con begins. We’re looking forward to Day 2, which brings a full day of hacking. ┬áSee you at 10am.

Go to Top