02/28/10 03:39 - 35ºF - ID#51090
The ice throne
We went late yesterday evening to the ice maze. I think it was a good
time to go because although there were still a lot if people out, we
didn't have to wait in lime. I thought it was pretty awesome but a bit
slushy. Afterwards we listened to some music but sadly the tubing was
closed at that point.
Permalink: The_ice_throne.html
Words: 65
Location: Buffalo, NY
Category: food
02/27/10 11:11 - 32ºF - ID#51086
Pomelo
The problem was that it is almost the size of a volleyball and the
skin is so thick. The ugli fruit from my earlier journal was much
easier to peel and eat. I managed to peel it abou 10 minutes. Each
section was in a leathery fiber pouch. I don't think I would ever get
one again.
Permalink: Pomelo.html
Words: 152
Location: Buffalo, NY
Category: buffalo
02/27/10 09:18 - 32ºF - ID#51085
So clean you could eat off it
subway I am amazed at how clean the tracks are compared to everywhere
else I have ever visited.
Permalink: So_clean_you_could_eat_off_it.html
Words: 36
Location: Buffalo, NY
Category: web
02/27/10 03:05 - 33ºF - ID#51082
An, Ban, Gan list-style-type
Armenia Numerals
Georgian numerals don't even have a wikipedia page.
Permalink: An_Ban_Gan_list_style_type.html
Words: 95
Location: Buffalo, NY
Category: web
02/26/10 05:10 - 26ºF - ID#51079
Software patents suck
Facebook received a patent for:
"dynamically providing a news feed about a user of a social network." In the most basic terms, this means Facebook has patented technology that delivers the stuff filling up your newsfeed like shared
Think how ridiculous this is. Its one thing when you do something unique but "dynamically providing a news feed about a user of a social network." is something that was going on way before facebook.
Permalink: Software_patents_suck.html
Words: 108
Location: Buffalo, NY
Category: food
02/25/10 09:30 - 26ºF - ID#51073
Ugli fruit
Permalink: Ugli_fruit.html
Words: 36
Location: Buffalo, NY
Category: signs
02/22/10 10:23 - 32ºF - ID#51063
Sign at work
Permalink: Sign_at_work.html
Words: 35
Location: Buffalo, NY
Category: holidays
02/22/10 10:22 - 32ºF - ID#51062
I am ready for st patrick's day
Permalink: I_am_ready_for_st_patrick_s_day.html
Words: 18
Location: Buffalo, NY
Category: food
02/22/10 09:51 - 26ºF - ID#51059
The swordfish was delicious
Permalink: The_swordfish_was_delicious.html
Words: 16
Location: Buffalo, NY
Category: computers
02/20/10 11:02 - 30ºF - ID#51054
Jamf sendImageCapture and video spying
My camera is taped over and this story explains why. The pack of the cigarettes in the background are candy ones for anyone who is curious and yes I am addicted.
JAMF ENABLES REMOTE IMAGE CAPTURE WITH BUILT IN WEBCAM
The system my work uses to manage the macs there is called JAMF casper suite The system seems pretty solid and allows easy management of macs in an enterprise environment. It basically allows a third party at work to control and monitor the client computer and its usage at all times, install software and to run scripts as root from afar. I frankly haven't trusted or loved my computer the same since it was installed but I realize I have no choice about this as I do not own the machine. The real point of this article is about the image capture part capability which is downright sketchy.
Disclaimer: I am in no way suggesting this is being used inappropriately at my work nor am I suggesting that there was any tampering with the Jamf binary or that there is any malicious intent from anyone. I just thought this might be of interest to anyone else who has their laptop managed with JAMF.
I decided to go ahead and explore the JAMF binary on my computer with a hex editor to see if it had an mention of images.
I found a reference to sendImageCapture. It was also interesting to see they must also be using svn for development. When executed with /usr/sbin/jamf sendImageCapture it attempts to take a picture with the laptop webcam and send an image to the JSS (a server) which manages my computer. It does it pretty sneakily putting the file into /private/snapshot.jpg for a millisecond and then quickly removing it with no notice to the user.
I put a sniffer on the folder to trap the file upon creation and copy it somewhere else so I could examine it. It is indeed a snapshot from my webcam although the feature is either intentionally underexposed as some sort of encryption or slightly flawed in that the images are quite dark. Nevertheless, that can certainly be fixed with some simple image editing I was able to see the room around me in photoshop and possibly they are auto fixed when arriving at the JSS.
In defense of the current deployment I found a Jamf KB about it which seems to mentioned you could not deploy the sendImageCapture.sh and that script is in fact not deployed by our JSS means they probably thought about this and decided not to. The problem is that that script is only one line which executes:
/usr/sbin/jamf sendImageCapture
meaning it is essentially just an alias for something that is already deployed on every computer controlled by JAMF and it can be both locally and remotely executed by the casper user or any other admin user on the machine. Once again: I am in no way suggesting it is being used.
The strange part is that unlike all of the other Jamf functionality it reports nothing in either the system or jamf.log when fired but reports: Uploading /private/tmp/snapshot.jpg to the JSS_URL ... to stdout. Additionally, this feature is not listed when you use /usr/sbin/jamf help which lists all the other jamf commands.
I could not find anything referencing the microphone or sound but I am not assured that does not exist. I assume they would not have this as it would be totally illegal to record randomly without consent.
Permalink: Jamf_sendImageCapture_and_video_spying.html
Words: 659
Location: Buffalo, NY
Author Info
Date Cloud
- 03/24
- 11/23
- 02/23
- 01/23
- 12/22
- 01/22
- 12/21
- 11/21
- 12/20
- 11/20
- 01/19
- 12/18
- 08/18
- 04/18
- 03/18
- 02/17
- 01/17
- 12/16
- 11/16
- 09/16
- 08/16
- 07/16
- 06/16
- 05/16
- 04/16
- 03/16
- 02/16
- 01/16
- 12/15
- 11/15
- 10/15
- 09/15
- 08/15
- 07/15
- 06/15
- 05/15
- 04/15
- 03/15
- 02/15
- 01/15
- 12/14
- 11/14
- 10/14
- 09/14
- 08/14
- 07/14
- 06/14
- 05/14
- 04/14
- 03/14
- 02/14
- 01/14
- 12/13
- 11/13
- 10/13
- 09/13
- 08/13
- 07/13
- 06/13
- 05/13
- 04/13
- 03/13
- 02/13
- 01/13
- 12/12
- 11/12
- 10/12
- 09/12
- 08/12
- 07/12
- 06/12
- 05/12
- 04/12
- 03/12
- 02/12
- 01/12
- 12/11
- 11/11
- 10/11
- 09/11
- 08/11
- 07/11
- 06/11
- 05/11
- 04/11
- 03/11
- 02/11
- 01/11
- 12/10
- 11/10
- 10/10
- 09/10
- 08/10
- 07/10
- 06/10
- 05/10
- 04/10
- 03/10
- 02/10
- 01/10
- 12/09
- 11/09
- 10/09
- 09/09
- 08/09
- 07/09
- 06/09
- 05/09
- 04/09
- 03/09
- 02/09
- 01/09
- 12/08
- 11/08
- 10/08
- 09/08
- 08/08
- 07/08
- 06/08
- 05/08
- 04/08
- 03/08
- 02/08
- 01/08
- 12/07
- 11/07
- 10/07
- 09/07
- 08/07
- 07/07
- 06/07
- 05/07
- 04/07
- 03/07
- 02/07
- 01/07
- 12/06
- 11/06
- 10/06
- 09/06
- 08/06
- 07/06
- 06/06
- 05/06
- 04/06
- 03/06
- 02/06
- 01/06
- 12/05
- 11/05
- 10/05
- 09/05
- 08/05
- 07/05
- 06/05
- 05/05
- 04/05
- 03/05
- 02/05
- 01/05
- 12/04
- 11/04
- 10/04
- 09/04
- 08/04
- 07/04
- 06/04
- 05/04
- 04/04
- 03/04
- 02/04
- 01/04
- 12/03
- 11/03
- 10/03
- 09/03
- 08/03
- 07/03
Category Cloud
- 24 linwood
- animals
- art
- basra
- bathroom
- biking
- birthdays
- body
- botanical gardens
- brushwood
- buffalo
- camping
- cars
- clothes
- clothing
- computers
- dancing
- food
- furniture
- games
- haircut
- haircuts
- halloween
- hiking
- holidays
- house
- key west
- mobile
- music
- nature
- pets
- provincetown
- rochester
- swimming
- toronto
- toys
- travel
- vacation
- weather
- wedding
- weddings
- work
- accidents
- allentown
- android
- animals
- apple
- architecture
- art
- artvoice
- bars
- bathroom
- beach
- bikes
- biking
- birthdays
- body
- books
- brushwood
- buffalo
- buffalo rising
- bugs
- buildings
- camping
- cancer
- cars
- cats
- central terminal
- childhood
- church of the ascension
- clothes
- clothing
- computer
- computers
- conference
- crohns
- dance
- dancing
- dentist
- design
- downtown
- drugs
- electronics
- elmwood
- energy
- environment
- estrip
- events
- exercise
- family
- festivals
- firecracker
- food
- friends
- furniture
- gadgets
- games
- garden
- gay
- government
- gym
- hair
- haircut
- haircuts
- halloween
- hardware
- health
- hiking
- history
- holiday
- holidays
- house
- housing
- jewlery
- kenmore
- key west
- life
- linux
- linwood
- love
- marriage
- media
- mobile
- mobl
- movies
- music
- mustache
- nature
- nikon
- opinion
- orange tongue
- party
- peeptalk
- people
- pets
- photos
- poetry
- politics
- portland
- pride
- programming
- property
- protest
- random
- recycling
- religion
- rememberbuffalo
- renting
- school
- shoes
- shopping
- sports
- stress
- stuff
- swimming
- technology
- television
- thesis
- thursday
- thursdays
- toys
- transportation
- travel
- vacation
- vegas
- war
- water
- weather
- web
- wedding
- weddings
- weekend
- windows
- winter
- work
- world
- youtube
- zooey