Journaling on estrip is free and easy. get started today

Last Visit 2024-03-16 17:05:41 |Start Date 2003-07-07 03:39:31 |Comments 5,617 |Entries 6,438 |Images 14,748 |Sounds 119 |SWF 21 |Videos 322 |Mobl 2,935 |Theme |

Category: signs

02/22/10 10:23 - 32ºF - ID#51063 pmobl

Sign at work

Does everyone see the irony in this. (E:enknot) put this in the microwave at work to remind people to be clean with it and now the sign is dirty too.

image
print add/read comments

Permalink: Sign_at_work.html
Words: 35
Location: Buffalo, NY


Category: holidays

02/22/10 10:22 - 32ºF - ID#51062 pmobl

I am ready for st patrick's day

Look at that beer mug hat from (e:james,51014) on my hall tree.
image
print add/read comments

Permalink: I_am_ready_for_st_patrick_s_day.html
Words: 18
Location: Buffalo, NY


Category: food

02/22/10 09:51 - 26ºF - ID#51059

The swordfish was delicious

Even the mercury was good

image
print addComment

Permalink: The_swordfish_was_delicious.html
Words: 16
Location: Buffalo, NY


Category: computers

02/20/10 11:02 - 30ºF - ID#51054

Jamf sendImageCapture and video spying

In light of the recent school video recording laptop drama I decided to investigate the system my work uses to manage my laptop.

My camera is taped over and this story explains why. The pack of the cigarettes in the background are candy ones for anyone who is curious and yes I am addicted.
image

JAMF ENABLES REMOTE IMAGE CAPTURE WITH BUILT IN WEBCAM

The system my work uses to manage the macs there is called JAMF casper suite The system seems pretty solid and allows easy management of macs in an enterprise environment. It basically allows a third party at work to control and monitor the client computer and its usage at all times, install software and to run scripts as root from afar. I frankly haven't trusted or loved my computer the same since it was installed but I realize I have no choice about this as I do not own the machine. The real point of this article is about the image capture part capability which is downright sketchy.

Disclaimer: I am in no way suggesting this is being used inappropriately at my work nor am I suggesting that there was any tampering with the Jamf binary or that there is any malicious intent from anyone. I just thought this might be of interest to anyone else who has their laptop managed with JAMF.

I decided to go ahead and explore the JAMF binary on my computer with a hex editor to see if it had an mention of images.

image

I found a reference to sendImageCapture. It was also interesting to see they must also be using svn for development. When executed with /usr/sbin/jamf sendImageCapture it attempts to take a picture with the laptop webcam and send an image to the JSS (a server) which manages my computer. It does it pretty sneakily putting the file into /private/snapshot.jpg for a millisecond and then quickly removing it with no notice to the user.

I put a sniffer on the folder to trap the file upon creation and copy it somewhere else so I could examine it. It is indeed a snapshot from my webcam although the feature is either intentionally underexposed as some sort of encryption or slightly flawed in that the images are quite dark. Nevertheless, that can certainly be fixed with some simple image editing I was able to see the room around me in photoshop and possibly they are auto fixed when arriving at the JSS.

In defense of the current deployment I found a Jamf KB about it which seems to mentioned you could not deploy the sendImageCapture.sh and that script is in fact not deployed by our JSS means they probably thought about this and decided not to. The problem is that that script is only one line which executes:

/usr/sbin/jamf sendImageCapture

meaning it is essentially just an alias for something that is already deployed on every computer controlled by JAMF and it can be both locally and remotely executed by the casper user or any other admin user on the machine. Once again: I am in no way suggesting it is being used.

The strange part is that unlike all of the other Jamf functionality it reports nothing in either the system or jamf.log when fired but reports: Uploading /private/tmp/snapshot.jpg to the JSS_URL ... to stdout. Additionally, this feature is not listed when you use /usr/sbin/jamf help which lists all the other jamf commands.

I could not find anything referencing the microphone or sound but I am not assured that does not exist. I assume they would not have this as it would be totally illegal to record randomly without consent.
print add/read comments

Permalink: Jamf_sendImageCapture_and_video_spying.html
Words: 659
Location: Buffalo, NY


Category: mustache

02/20/10 08:50 - 31ºF - ID#51052 pmobl

The angry sheriff look

Don't worry. I am not keeping it.
image

After with nothing

image
print addComment

Permalink: The_angry_sheriff_look.html
Words: 17
Location: Buffalo, NY


02/20/10 07:31 - 30ºF - ID#51050 pmobl

St Patricks Yay!


We went on our annual clothing shopping spree. I bought a pair of
boxers especially for my favorite holiday. Now to hope it's warm out,
it's so freaking soon.
image
print add/read comments

Permalink: St_Patricks_Yay_.html
Words: 34
Location: Buffalo, NY


Category: food

02/20/10 03:10 - 31ºF - ID#51048 pmobl

Trip to smokehouse and viddlers

On friday, (e:mike) And I went to Viddler's in east aurora and the
village smokehouse in orchard park.

At the smokehouse I was looking for crab legs but ended up with aged
beef and swordfish as they were out. The prices were great, the
quality was amazing and they had some cool stuff including a giant $80
rack of elk that would make an awesome dinner party. I didn't buy it
though because it was too big for the freezer.

I would totally suggest checking it out, although it's a hike to get
there. The guy that runs it is very knowledgable about his products
and is super friendly. They gave all sorts of meats.

image
image
image

At viddler's (e:mike) got some sifer's valomilk candies which have only
natural ingredients and taste amazing. I would suggest giving it a try.
image
image
image
print addComment

Permalink: Trip_to_smokehouse_and_viddlers.html
Words: 171
Location: Buffalo, NY


Category: food

02/19/10 01:58 - 30ºF - ID#51043 pmobl

Yum lobster

Sometimes the lexington coop does have really good prices. This
lobster tail was only $5.50.
image
print addComment

Permalink: Yum_lobster.html
Words: 19
Location: Buffalo, NY


Category: body

02/17/10 10:19 - 28ºF - ID#51035 pmobl

Getting buffer

I still think the one thing I lack on is eating enough. Well, that
and the generic inabilty to absorb calories.
image
print addComment

Permalink: Getting_buffer.html
Words: 27
Location: Buffalo, NY


02/17/10 12:36 - 26ºF - ID#51027 pmobl

Parti GRAS


image
print add/read comments

Permalink: Parti_GRAS.html
Words: 7
Location: Buffalo, NY


Search

Chatter

New Site Wide Comments

joe said to joe
Never send a man to do a grandma's job...

sina said to sina
yes thank you!
Well, since 2018 I am living in France, I have finished my second master of science,...

paul said to sina
Nice to hear from you!! Hope everything is going great....

paul said to twisted
Hello from the east coast! It took me so long to see this, it might as well have arrived in a lette...