Updates: The Death Of Us All

In modern times, electronic devices are ubiquitous. Since it is so cheap to create CPUs, RAM and other logic used to build computers, electronics are no longer limited to basic, dumb systems such as old school calculators.

With the age of IoT and other stupid acronyms amongst us, potentially any device you plug in to an AC outlet or using batteries of some kind could potentially be based on a basic von Neumann architecture. This in turn, though very loosely related, means it probably has at least two levels of control logic, typically three:

  1. Firmware (known sometimes as BIOS, which is software running inside of dedicated microprocessors)
  2. Software (This includes Operating Systems, Applications etc. usually installed on hard drives or SSDs)
  3. (Optional) management interface, such as IPMI. This is a separate computer running alongside a server that allows remote, offline access to the server for management purposes.
Full Article

Brain Dead Security

There is a module in the technology world called ModSecurity that can function as a plugin to a web server and help detect and prevent certain kinds of web based attacks. In principle this is a good thing, especially considering the increasing amount of online attacks.

However, the rules are mostly retarded. I have developed a system for a client that is running ModSecurity, and this application makes standard use of random session ID values stored in cookies that get sent with every request to validate the person. This is basic Computer Science 101 - we have been using cookies to store a session ID since some of the first web based applications were launched.

The problem is with rule ID 981260 - randomly, one day a user could not proceed to the home page after being successfully authenticated on the log in page. The server kept on showing Permission Denied errors for every single page visited. After some digging it turned out the problem was with the brain dead assumption made by the author of that rule - that no valid, legitimate cookie value will ever contain the sequence k0x2e2 which can also be found in some SQL injection attacks. However, session ID values are just random strings of characters. In this case, the system happened to generate a session Id with the value cnyn5f51tq1iipk0x2e2uanj9hnywiis, which triggered this rule and blocked the user's access.

Full Article

Schrödinger's Last Rat?

Assuming you have not been living under a rock this whole time, you would be acutely aware of the crisis science currently finds itself in. However, there is a non zero probability that science is not completely in peril.

I managed to catch Rat Bastard #4 after 12 days of agonizing patience. At 06:36 PST the trap closed on him... With no clone in sight. That said, there was only a window of 24 minutes between the time the trap caught him, and me removing the trap from the area. There is still a remote probability that a clone was indeed created but just too quick to be captured on video... Time will tell - I have set the traps again.

Full Article

Phone Cameras vs ILC Cameras

When smart phones were initially released - and by that I mean the iPhone back in 2007, their cameras were not very good. In fact, they were down right horrible.

iPhone 2G - Winnipeg Assiniboine River
iPhone 2G - Winnipeg Assiniboine River

It was not a digital vs. analogue issue, as the Canon 1Ds Mark III was released at around the same time, and produced fabulous images that hold up perfectly to today's cameras.

Full Article

Schrödinger's Rats

It is said that if something happens once it is chance, if it happens twice it is coincidence and if it happens a third time it is a pattern. Continuing my quest to disturb the very fabric of quantum knowledge, I have now shown through mathematical induction that my hypothesis was correct: A rat can never be caught, just cloned. No matter how many times you repeat this process and capture the clone, another clone will take its place. Look for yourself. This is Rat #3 that was caught yesterday:

And Rat #4 was cloned the moment Rat #3's wave equation should have collapsed, but did not. One inside the trap, and one outside.

Full Article