Wireless Security Excuse Bingo

Thanks to a retweet by Travis Goodspeed of a retweet by digitalbond and originally by SCADAhacker, I was reminded of Jutta Degener and Matt Blaze’s security excuse bingo, and agree that it would be entertaining (and somewhat disconcerting probably) to compile a wireless security excuse bingo board, focused specifically on the technologies and the resulting answers used in wireless sensor networks and SCADA systems, etc — as this relates to my IEEE 802.15.4 and ZigBee focus of late.

I’d like to gather input from those of you who work or have interaction with this field, and I bet an interesting list may result. I’ll post my suggestions in comments as well, and a running list can be started. Continue reading

GoodFET Development on Tmote Sky/TelosB (CC2420 Radio)

As part of my thesis research on 802.15.4 wireless sensor networks, I have recently become a developer on the GoodFET project. This project was started by Travis Goodspeed and “is an open-source JTAG adapter, loosely based upon the TI MSP430 FET UIF and EZ430U boards.” However, as you will see, it has grown into so much more. I started working on the GoodFET CCSPI (ChipCon SPI Flash) client and firmware which Travis had started to support the Tmote Sky and TelosB branded sensor boards. Continue reading

Android Eris Speedup

My old droid Eris was running slowly with the stock Android OS, so I wanted to put Cyanogen on it to achieve a performance boost. I found the instructions for doing so slightly confusing, and I have compiled a single tutorial on how to do this, as basic as possible, thanks to the posts by other people on this topic on various sites, and my own experience.
Continue reading

Flickr Photo Wrapper

I needed to grab photos off of Flickr (flickr.com, a photo sharing site) in order to place them on a website. In this setup, Flickr takes care of the upload, photo storage, photo serving, etc and your website can access the images on it to use in your content. Flickr offers a way to embed images on your site in a Flash slideshow, but their interface has “features” that make it too busy and distracting to use as a simple design element. Also, it doesn’t handle resizing well, often cutting off your images or the interface’s buttons.

So, all I wanted was to grab a user’s public photos from Flickr (by username) and then allow someone to easily display one (or many). Lets look at how you use the classes:

$flickrphotos = new photosFlickr($flickr_username, "YOUR-API-KEY-HERE");
$photos = $flickrphotos->getPhotos();
$photoOfInterest = $photos[array_rand($photos, 1)];
$flickrpic = new photoFlickr($photoOfInterest, "YOUR-API-KEY-HERE");
$flickrpic->setSize($width, $height);
print $flickrpic->getHTML(true);

Before you start, you need to put two PHP files on your server. One is mine (photosFlickr.php) and my code expects to find phpFlickr Class 3.0 (written by Dan Coulter that you can get at http://phpflickr.com/). Download his files, and upload the one called phpFlickr.php to your website (it is easiest to put it in the same folder as you put my code).

First, we include the code I wrote. Make sure to include the full and correct relative path to the file on your server.

Second, we instantiate an instance of the class that handles multiple photos. We give the constructor the flickr username (as a string), and also your API key (as a string) which you can get for free from Flickr by clicking here.
$flickrphotos = new photosFlickr($flickr_username, "YOUR-API-KEY-HERE");

Then lets actually use the instance we just created… the simplest way to do so is to ask for all the public photos (Flickr may only return the first 100 due to how their API works. You can easily modify my code to ask for more.). We do this by calling:
$photos = $flickrphotos->getPhotos();
And we have the list of photos in the array called $photos. But if you look at this array, it is a mess! It is all information that makes sense to Flickr, but not as much to you. Don’t worry, I have a class to handle that as well.

For our example, lets pick one photo to deal with. We’ll do this randomly by calling:
$photoOfInterest = $photos[array_rand($photos, 1)];
We now have picked the photo we want to work with. You can do this in many ways, the random method is just an example ($photos[0] would give you the first one image Flickr returned, etc.).

Now lets display this picture. We instantiate a photoFlickr instance (note this is different than the photosFlickr instance we used before:
$flickrpic = new photoFlickr($photoOfInterest, "YOUR-API-KEY-HERE");
This will cause my code to make some sense out of the information returned by Flickr.

Optionally, you can decide the size you want to display the picture at. Just call:
$flickrpic->setSize($width, $height);
This provides it the width and height. For example this may look like $flickrpic->setSize(300, 200); but you can also just give it the width (like $flickrpic->setSize(300); and my code will figure out the correct height based on the dimensions of the image.

It will also intelligently choose the image to load from Flickr’s site. Flickr stores multiple versions of each image (thumbnail, square, medium, large, original) and the code will look through these and pick the smallest one that has dimensions equal or greater than what you need. This means your viewer’s browser has to load as small a file as possible while still not stretching an image and thus making it look bad.

But you still haven’t shown anything to your user! You need to display the HTML code for the image. This is done easily by calling:
print $flickrpic->getHTML();
This will output the image tag, with the sizes you specified (if any, otherwise default), and will automatically link the image to it’s page on Flickr. If you don’t want it to link to Flickr, just use $flickrpic->getHTML(false);.

That is all!

Please feel free to leave feedback. I’ll also consider new feature requests. Please alert me to bugs and I’ll fix and repost ASAP (I know there are some, I just don’t have time to fix all the edge cases right now).

Journal Article Published

Last winter, I wrote a research paper with my classmate Evan Tice ’09 studying the security of computing resources at Dartmouth College. It was very interesting to write, and thanks to Computing Services, we were able to study security logs and do some of our own analysis on the systems to supplement the publicly available information.

A sanitized form of our paper has been published in the Fall 2009 issue of the Dartmouth Undergraduate Journal of Science, and you can read it online here. For ease of reading, I have also posted it in the original PDF format.

Dartmouth Name Directory

Dartmouth College uses a system called the Dartmouth Name Directory to handle centralized authentication and to serve as an email directory. This system is closely tied to the rather odd BlitzMail system which is used for all students and staff to do email. The BlitzMail system is compatible to send and recieve regular email, however, it is not a regular sendmail or postfix server like is normally used. The specalized servers can accept a name, say “Ryan Speers” in the “to” field, and can translate that into sending it to me. It can also accept “rms” and “rmspeers” as pointing to me as well as I have defined these aliases. This functionality is great, but is only avalible within the BlitzMail client. Other email programs, like Thunderbird, will not allow you to address an email to only “rms”. The LDAP connection to the DND is a step in the right direction, but only works for full names, not the aliases. An ideal system would allow a client like Thunderbird or Apple Mail to fully use the power of the DND. For now, this doesn’t seem to exist. Any thoughts on creating this are welcome.

For now, I use a DND search plugin for Firefox (should also work in IE, etc). This has the full functionality and I suggest installing it if you are a Dartmouth user. You can my implementation here.

Web Tools for German Grammar

I am currently in my eighth year of studying German, and I want to include some of the most useful resources which I use here.

The first invaluable resource is CanooNet, an online grammar guide and inflection dictionary. I use Canoo every time I am using a verb in a strange setting, or need to double-check my inflection of it. The website is canoo.net, however I have also created a Mozilla Search Plugin (also should work on IE), that allows you to quickly search for a verb without going to the page. Continue reading

Firefox for the Web Developer

When I develop for the web, my primary browser is Firefox. It is my main browser overall, and has merits such as being standards-complaint, but there are additional bonuses. Add-ons. I will explore some of these today that I regularly use. Some of these are for web developers, while others I believe to be productive for any person using the web in every-day life.

Continue reading