Category: web
02/26/10 05:10 - 26ºF - ID#51079
Software patents suck
Facebook received a patent for:
"dynamically providing a news feed about a user of a social network." In the most basic terms, this means Facebook has patented technology that delivers the stuff filling up your newsfeed like shared
Think how ridiculous this is. Its one thing when you do something unique but "dynamically providing a news feed about a user of a social network." is something that was going on way before facebook.
Permalink: Software_patents_suck.html
Words: 108
Location: Buffalo, NY
Category: food
02/25/10 09:30 - 26ºF - ID#51073
Ugli fruit
Permalink: Ugli_fruit.html
Words: 36
Location: Buffalo, NY
Category: signs
02/22/10 10:23 - 32ºF - ID#51063
Sign at work
Permalink: Sign_at_work.html
Words: 35
Location: Buffalo, NY
Category: holidays
02/22/10 10:22 - 32ºF - ID#51062
I am ready for st patrick's day
Permalink: I_am_ready_for_st_patrick_s_day.html
Words: 18
Location: Buffalo, NY
Category: food
02/22/10 09:51 - 26ºF - ID#51059
The swordfish was delicious
Permalink: The_swordfish_was_delicious.html
Words: 16
Location: Buffalo, NY
Category: computers
02/20/10 11:02 - 30ºF - ID#51054
Jamf sendImageCapture and video spying
My camera is taped over and this story explains why. The pack of the cigarettes in the background are candy ones for anyone who is curious and yes I am addicted.
JAMF ENABLES REMOTE IMAGE CAPTURE WITH BUILT IN WEBCAM
The system my work uses to manage the macs there is called JAMF casper suite The system seems pretty solid and allows easy management of macs in an enterprise environment. It basically allows a third party at work to control and monitor the client computer and its usage at all times, install software and to run scripts as root from afar. I frankly haven't trusted or loved my computer the same since it was installed but I realize I have no choice about this as I do not own the machine. The real point of this article is about the image capture part capability which is downright sketchy.
Disclaimer: I am in no way suggesting this is being used inappropriately at my work nor am I suggesting that there was any tampering with the Jamf binary or that there is any malicious intent from anyone. I just thought this might be of interest to anyone else who has their laptop managed with JAMF.
I decided to go ahead and explore the JAMF binary on my computer with a hex editor to see if it had an mention of images.
I found a reference to sendImageCapture. It was also interesting to see they must also be using svn for development. When executed with /usr/sbin/jamf sendImageCapture it attempts to take a picture with the laptop webcam and send an image to the JSS (a server) which manages my computer. It does it pretty sneakily putting the file into /private/snapshot.jpg for a millisecond and then quickly removing it with no notice to the user.
I put a sniffer on the folder to trap the file upon creation and copy it somewhere else so I could examine it. It is indeed a snapshot from my webcam although the feature is either intentionally underexposed as some sort of encryption or slightly flawed in that the images are quite dark. Nevertheless, that can certainly be fixed with some simple image editing I was able to see the room around me in photoshop and possibly they are auto fixed when arriving at the JSS.
In defense of the current deployment I found a Jamf KB about it which seems to mentioned you could not deploy the sendImageCapture.sh and that script is in fact not deployed by our JSS means they probably thought about this and decided not to. The problem is that that script is only one line which executes:
/usr/sbin/jamf sendImageCapture
meaning it is essentially just an alias for something that is already deployed on every computer controlled by JAMF and it can be both locally and remotely executed by the casper user or any other admin user on the machine. Once again: I am in no way suggesting it is being used.
The strange part is that unlike all of the other Jamf functionality it reports nothing in either the system or jamf.log when fired but reports: Uploading /private/tmp/snapshot.jpg to the JSS_URL ... to stdout. Additionally, this feature is not listed when you use /usr/sbin/jamf help which lists all the other jamf commands.
I could not find anything referencing the microphone or sound but I am not assured that does not exist. I assume they would not have this as it would be totally illegal to record randomly without consent.
Permalink: Jamf_sendImageCapture_and_video_spying.html
Words: 659
Location: Buffalo, NY
Category: mustache
02/20/10 08:50 - 31ºF - ID#51052
The angry sheriff look
After with nothing
Permalink: The_angry_sheriff_look.html
Words: 17
Location: Buffalo, NY
02/20/10 07:31 - 30ºF - ID#51050
St Patricks Yay!
We went on our annual clothing shopping spree. I bought a pair of
boxers especially for my favorite holiday. Now to hope it's warm out,
it's so freaking soon.
Permalink: St_Patricks_Yay_.html
Words: 34
Location: Buffalo, NY
Category: food
02/20/10 03:10 - 31ºF - ID#51048
Trip to smokehouse and viddlers
village smokehouse in orchard park.
At the smokehouse I was looking for crab legs but ended up with aged
beef and swordfish as they were out. The prices were great, the
quality was amazing and they had some cool stuff including a giant $80
rack of elk that would make an awesome dinner party. I didn't buy it
though because it was too big for the freezer.
I would totally suggest checking it out, although it's a hike to get
there. The guy that runs it is very knowledgable about his products
and is super friendly. They gave all sorts of meats.
At viddler's (e:mike) got some sifer's valomilk candies which have only
natural ingredients and taste amazing. I would suggest giving it a try.
Permalink: Trip_to_smokehouse_and_viddlers.html
Words: 171
Location: Buffalo, NY
Category: food
02/19/10 01:58 - 30ºF - ID#51043
Yum lobster
lobster tail was only $5.50.
Permalink: Yum_lobster.html
Words: 19
Location: Buffalo, NY
Author Info
Date Cloud
- 03/24
- 11/23
- 02/23
- 01/23
- 12/22
- 01/22
- 12/21
- 11/21
- 12/20
- 11/20
- 01/19
- 12/18
- 08/18
- 04/18
- 03/18
- 02/17
- 01/17
- 12/16
- 11/16
- 09/16
- 08/16
- 07/16
- 06/16
- 05/16
- 04/16
- 03/16
- 02/16
- 01/16
- 12/15
- 11/15
- 10/15
- 09/15
- 08/15
- 07/15
- 06/15
- 05/15
- 04/15
- 03/15
- 02/15
- 01/15
- 12/14
- 11/14
- 10/14
- 09/14
- 08/14
- 07/14
- 06/14
- 05/14
- 04/14
- 03/14
- 02/14
- 01/14
- 12/13
- 11/13
- 10/13
- 09/13
- 08/13
- 07/13
- 06/13
- 05/13
- 04/13
- 03/13
- 02/13
- 01/13
- 12/12
- 11/12
- 10/12
- 09/12
- 08/12
- 07/12
- 06/12
- 05/12
- 04/12
- 03/12
- 02/12
- 01/12
- 12/11
- 11/11
- 10/11
- 09/11
- 08/11
- 07/11
- 06/11
- 05/11
- 04/11
- 03/11
- 02/11
- 01/11
- 12/10
- 11/10
- 10/10
- 09/10
- 08/10
- 07/10
- 06/10
- 05/10
- 04/10
- 03/10
- 02/10
- 01/10
- 12/09
- 11/09
- 10/09
- 09/09
- 08/09
- 07/09
- 06/09
- 05/09
- 04/09
- 03/09
- 02/09
- 01/09
- 12/08
- 11/08
- 10/08
- 09/08
- 08/08
- 07/08
- 06/08
- 05/08
- 04/08
- 03/08
- 02/08
- 01/08
- 12/07
- 11/07
- 10/07
- 09/07
- 08/07
- 07/07
- 06/07
- 05/07
- 04/07
- 03/07
- 02/07
- 01/07
- 12/06
- 11/06
- 10/06
- 09/06
- 08/06
- 07/06
- 06/06
- 05/06
- 04/06
- 03/06
- 02/06
- 01/06
- 12/05
- 11/05
- 10/05
- 09/05
- 08/05
- 07/05
- 06/05
- 05/05
- 04/05
- 03/05
- 02/05
- 01/05
- 12/04
- 11/04
- 10/04
- 09/04
- 08/04
- 07/04
- 06/04
- 05/04
- 04/04
- 03/04
- 02/04
- 01/04
- 12/03
- 11/03
- 10/03
- 09/03
- 08/03
- 07/03
Category Cloud
- 24 linwood
- animals
- art
- basra
- bathroom
- biking
- birthdays
- body
- botanical gardens
- brushwood
- buffalo
- camping
- cars
- clothes
- clothing
- computers
- dancing
- food
- furniture
- games
- haircut
- haircuts
- halloween
- hiking
- holidays
- house
- key west
- mobile
- music
- nature
- pets
- provincetown
- rochester
- swimming
- toronto
- toys
- travel
- vacation
- weather
- wedding
- weddings
- work
- accidents
- allentown
- android
- animals
- apple
- architecture
- art
- artvoice
- bars
- bathroom
- beach
- bikes
- biking
- birthdays
- body
- books
- brushwood
- buffalo
- buffalo rising
- bugs
- buildings
- camping
- cancer
- cars
- cats
- central terminal
- childhood
- church of the ascension
- clothes
- clothing
- computer
- computers
- conference
- crohns
- dance
- dancing
- dentist
- design
- downtown
- drugs
- electronics
- elmwood
- energy
- environment
- estrip
- events
- exercise
- family
- festivals
- firecracker
- food
- friends
- furniture
- gadgets
- games
- garden
- gay
- government
- gym
- hair
- haircut
- haircuts
- halloween
- hardware
- health
- hiking
- history
- holiday
- holidays
- house
- housing
- jewlery
- kenmore
- key west
- life
- linux
- linwood
- love
- marriage
- media
- mobile
- mobl
- movies
- music
- mustache
- nature
- nikon
- opinion
- orange tongue
- party
- peeptalk
- people
- pets
- photos
- poetry
- politics
- portland
- pride
- programming
- property
- protest
- random
- recycling
- religion
- rememberbuffalo
- renting
- school
- shoes
- shopping
- sports
- stress
- stuff
- swimming
- technology
- television
- thesis
- thursday
- thursdays
- toys
- transportation
- travel
- vacation
- vegas
- war
- water
- weather
- web
- wedding
- weddings
- weekend
- windows
- winter
- work
- world
- youtube
- zooey
As in helping random people, jealous ex'es and other demented loonies spy on your every move and perverts stalk you effortlessly? Thank you. I pass.