Wednesday, December 31, 2003
My little sister is trying to turn me Emo |6:45 PM|
My sister got me a sweater for Christmas, which is comfortable, but the moment I tried it on I realized I needed Buddy Holly glasses and a spiky bracelet. I tried the standard "Want to exchange mix tapes?" quote, and my sister nearly died laughing. She sometimes quizzes me on Emo bands, and I never know what's she's talking about.
Crud, I don't have the picture handy. I'll upload it soon, of me being Emo.
(0) comments
Tuesday, December 30, 2003
The legal system does not like you touching it. |4:55 PM|
This morning, in courtroom 2A of Austin Municipal Courthouse, I got my last legal hassle dismissed. It was pretty straightforward, and the judge was a cool guy. He'd been chatting with the last supplicant or whatever you call them (Defendant, I suppose) in a friendly fashion. When it was my turn I tried to act as humble and respectful without being a cur, or bootlicker.
However, after the 40 seconds it took to dismiss the charges and agree to send me the rest of my bond, I made a legal faux pas. When the judge was done, I reached across the bench and offered my hand for a shake. The judge looked at my hand, clearly perplexed, as if I had suddenly sprouted a tentacle and dripped slime onto his papers.
I took back my hand right as he finally raised his own, and so I had to quickly reach back to intercept his hand for a shake. The shake was short, and akward, and then I left. I wonder if afterwards, the judge leaned over to the bailif/stenographer/computer operator and called me some name that means "he who does not know what the fuck to do in a court", you know, like "putz".
(0) comments
Monday, December 29, 2003
Internal Monologue Issues |11:58 AM|
Recently, the dialog I have with myself in order to fix problems has taken a turn for the bleak and violent. I wonder if I should drink more orange juice.
"Hmmm. They powercycled, and it didn't clear the error. Might be the motherboard. I could have Brady go out and swap it. Or I could kill the caller and then burn down their building. Wait, no...that's not the right answer."
"I need to check my inbox for the status requests, and then sort these data sheets. Or I could vomit into a trashcan and then drown myself in my own bile"
It'd make quite a statement. And that statement would What the FUCKING FUCK was wrong with you?
"Sir, I'm afraid there's been some delay in the repair of your printer. After talking to you the help desk guy built a primitive guillotine and cut off his own head."
Labels: Tech Support
(0) comments
A really long stupid post about hacking a building badge system |9:50 AM|
This is long and weird, you may want to just skip to the next post.
I came up with an odd idea on how to hack a computer about 2 years ago or so. Images that you view in a compressed form (.jpgs for example) are still decompressed into something like .bmps in the memory of the computer.
Most of the recent security flaws in computers (and of all things, SNTP) have been the result of "buffer overruns". If an application is expecting a string of data between certain sizes, say a name of an employee, (2-50 characters) it isn't going to expect to run into anyone with a name greater than 250 characters in length. If the application or the computer has only set aside 250 characters worth of memory for that bit of data, bad things can happen if you put more than that in. If the application doesn't check the length of the info before it "looks" at it (puts it into memory) you can actually overwrite the application itself, the one the computer is keeping in memory, and make the computer run your code. (this is in certain cases only, obviously).
Not making sense? Alright, say you wrote an application that takes control of a computer, and put it all into one line of text, and at the front of it put a 250 character string of info, then fed it into the application that takes names. It would fill up the 250 character allocation and spill over into the memory of the computer, and your application would then be what the computer is running. (This isn't exactly what's going on, but it gets most of the point across).
Anyhow, that's a buffer overrun. Back to the images. As the computer is processing images, decompressing them from .jpg, what if it ran into an image that had a line of pixels that when decompressed from 8K was now suddenly 1024K? Or larger than that? If it wasn't expecting a gargantuan jump in size, you could fill up the area of memory allocated, and then you could (possibly) take control of a system. As in, I make a file that appears to be a .jpeg image, embed it in an HTML document and send someone a link to said document. The .JPG is actually a pile of code that I want run on the guy's system with a huge fucking line somewhere in there to be decompressed.
I was told by a couple computer security folks that it wouldn't work like that, but a couple months later there was a patch by microsoft to fix a bug JUST like what I'm describing. Dammit, kinda.
Now what the fuck was all that about? Well, while bitching abour door security I realized that these magnetic badges must send some tiny bit of info to the sensor. Like, an 8 or 16 character badge ID. The system running it looks at the ID and then lets me into the building (or not).
What if the badge reader got about 10,000 characters? It's only expecting 8. I bet the security software isn't checking to make sure the badge ID is only 8 characters.
The equipment and coding of such a device is well beyond my reach, but certainly not everyones. It is possible that a person could hack a door or building in this fashion.
(0) comments
Bitching about time. |9:49 AM|
My place of work is one of the few places I've been that following the rules takes far longer than breaking them.
The door lock to my office? It is easier to bypass the lock with a plastic card on the side then to unlock it. For a while it was the only way to get in, since the lock broke and the building facilities people took 2 weeks to repair the door.
This morning I had to go to the front door, tell them my badge was expired, and wait as the filled out all manner of paperwork. Had I just lurked by the back door I could have gotten in by following someone else into the building.
They've confiscated my badge, given me this crappy contractor's badge (Both things they didn't use to do) and now I have to call the badge department and find out how the hell I get a new one. What the fuck. It used to be I could just call the department and have them turn my old badge back on.
Eh, I'm just bitchy. Seems that some rebellion would speed up my morning.
(0) comments
Sunday, December 28, 2003
Random thoughts while I wait for the drugs to kick in. |2:34 PM|
Gavin Sikes was as dead as God, and that's all anyone needed to know.
I wonder if my creativity has returned enough to writing crappy stories again. It certainly hasn't returned enough to update the front page, as Vorpal is more than happy to point out. According to him, the woman in California is going to make a site, that she says is going to be "so much cooler than [TPL]". Bah. Fuck.
I'm dropping about $200 on advertising in the Texas Travesty, a humor newspaper for the University of Texas. That is, after I finish mailing out the corrected orders for Pictoz.com, as well as refunds for anyone that ordered a "Warning: No God" shirt.
What? Do you think I update this thing every day? Sheesh. I update this much because my girlfriend reads this. Yeah, it's like a newsletter, and she even likes to read about herself.
Wacky, eh?
All hell could be hiding in that fog, and probably was.
(0) comments