Posts filed under ‘Geeky Stuff’

I recently had the need to install Nagios on my network, and being new to the application, was stumped by an issue I encountered when installing the “standard” Nagios plugins pack. Upon running the make command, I received the following error (among several other related errors):

make[2]: *** [check_http.o] Error 1
make[1]: *** [all-recursive] Error 1

After a bit of digging around I saw that the errors were SSL-related, and upon doing a bit of research, I found that my server was missing libssl-dev. After running apt-get install libssl-dev, the install continued on without further issue.

While I agree that spreading the word about SOPA and PIPA is a great idea, I definitely do not agree with a complete blackout of the most widely used reference site. If I were running Wikipedia, I would have made it so users would have to click a button to continue to their information. Wikipedia itself has said that this is not a total blackout, as they are still making the site completely accessible to mobile users. Of course, who wants to look up that information on a tiny screen? (Unless you have a tablet of some sort.) Sort of changing information in Firefox to access the mobile version, I stumbled across a much easier way. I found it on a Dropbox users page and the site is HERE. However, here is the jist of it. Wikipedia is just using some CSS to cover the page you need. With a little javascript, that CSS can be blocked. So you just drag the javascript link on the DropBox site into your booklet or bookmarks on Firefox, and when you get to the wiki with a SOPA/PIPA blackout, just click it and it takes care of the hard work for you!
Enjoy, but do not forget the dreadful, evil thing that is hanging over our heads.

On Sunday January 29th at 7am Central time, I will be on my computer patiently waiting at MuchDifferent’s website trying to get into their world record attempt. First announced last year, the developer has finally said that it is time to participate in a record breaking event. The attempt takes a direct stab at record holding games such as MAG, which allows a max of 256 PlayStation 3 players online, and also Planetside, which can allow 399 players to be in the same zone at once. Now, they haven’t created a PS3 or PC game exactly, the match will take place via web browser only utilizing the newer Unity player with their simple game entitled Man vs Machine.

You might ask, “How is a 1000 players possible?”, and the answer is almost simple.  Well just a few years back, MuchDifferent was looking to solve technical challenges brought up by their friends at CCP and DICE, and came up with a way to scale virtual worlds. Their solution is the new PikoServer, a dynamic traffic router and load balancer that divides the battlefield between game servers and then stitches the results back together for the users. In fact, the world record attempt of 1000 players is only going to be spread across 8 servers all together.

Now here is something that I haven’t mentioned yet about Man vs Machine. The players will be split between gamers and developers. The gamers take on the side of  Man and will have a projectile that explodes with splash damage. Developers will play as machine, firing lasers that require precision aiming. Not only is this a once in a lifetime chance to help set a world record (there is no sequel planned), but also a chance to take devs down a notch or two.  Check out the trailer below and if you’re interested, be sure to be HERE when the timer runs out. Also, the game is free, but if you think this is going to be wildly popular and hard to get into, you can also purchase a ticket for $200 that guarantees you access as long as you are there when the timer runs down. The $200 goes directly to Engineers without Borders and is available on that site here. Hope to see you there!

There are 800 posts consisting of type this crap in terminal and you will have XBMC:

sudo add-apt-repository ppa:team-xbmc

sudo apt-get update

sudo apt-get install xbmc

sudo apt-get update

sudo apt-get upgrade

 

Well sure, that was easy. Except when you try to run apt-get update you will notice a 404 on the sources you have added  that is because the lights are on but no ones home. Simple solution. Open up update manager, open settings, click on other software, and change your distro type from ‘oneiric’ to ‘maverick’

 

So here it is:

sudo add-apt-repository ppa:team-xbmc

Change distro(see above oneiric to maverick)

sudo apt-get update

sudo apt-get install xbmc

sudo apt-get update

sudo apt-get upgrade

 

You should be all set.

Just a few months back I made my own adjustable mic stand with a shock mount to hold my Rock Band mic for podcasting.

Mostly I’ve been using a sock to cover the mic to stop both air and pops from being recorded. However, I am sick of trying to find clean small socks around the house when I need one. Solution? A quick and cheap way to make a pop filter. Multiple sites around the net recommend using a needlework hoop with some nylon. After that, mounting is completely up to you.

My parts include:
1x 4″ Needlepoint Hoop – $1.49
1x Sheet of Black Felt – $0.29
1x Metal Coathanger – FREE

I chose to use felt over nylon straight up for the fact that I did not want to purchase ladies nylons at the store. Also, felt is cheaper, stiffer, stretches just as easily and is less see through. I really feel that nylon is not exactly the right fabric for a DIY approach. Then again I could be wrong.

After placing the felt in the hoop and tightening it up, the felt was already smoothed out. I knowingly purchased felt due to the fact that it does have quite a bit of give. To finish step one, I cut away excess felt. Step two is harder as it involves cutting metal. I basically broke the cheap wire cutters my grandfather left behind and I had to bend the wire to complete the break. I also bent the wire with two pliers to break it at the other bend. Both cuts were made at the bends, but I suggest giving yourself a little more to play with.

I looped one end of the wire so that my thumb nut would cinch down on it. With the wire sticking straight out and threatening to poke my eye out, I place the loop’s screw over it and began to position it. I made one bend to stop it from sliding back and then looped the wire over and behind the filter. At this point, I had some excess wire and a slight problem. There was no way to stop the filter from being pushed in the mic either by humans or adjustments. So I bent the remaining wire so that it would contact the frame of the filter in two places, holding it away from the mic.

I’ve yet to paint the hoop black. I would suggest doing this first as not to clog the felt. I might go back and color mine with magic marker. Tests with Skype show a drastic reduction with air noises and I will test further with a podcast I am guesting on tonight.
The final pictures are below, showing both the support wire and the final look.

Pi (π) has always been a source of interest and frustration to mathematicians. The duality of this constant lies in the simplistic beauty of its definition paired with the frustration of its mathematically proven transcendental nature. For centuries mathematicians have been devising ever more clever and accurate approximations for pi, but did you know that you can approximate the value for pi without the need for complex mathematical equations? By using a random sampling of numbers coupled with elementary statistics you can execute a Monte Carlo simulation to approximate the value of pi with a few short lines of programming.

Read the rest of this entry »

I just cannot resist posting this video here today. Finally Team Fortress 2‘s medic is no longer delegated to being heavy’s secret lover. Instead he is upgraded to mad scientist. You’ll just have to watch this video, which I think is the best out of all the TF2 Meet The ____ videos. See for yourself.

I am just laughing out loud falling over on my ass with this. Honestly, I think I posted it today just so I could watch it over and over and over and… well you get the idea. Enjoy!

P.S. This comes with a great mention that Team Fortress 2 is now free to play. So if you download it on Steam, be sure to give snorkle256 (me) a friend request so we can rock the medic together!

I had to share this simply because Mike didn’t watch the video all the way through and started complaining about the Sony TV mentioned.
YouTube user sinabun12si heard the news as well about the 24″ Sony 3D TV announced at E3 that would allow split screen games to be played across the full screen using 3D technology. However, Sina has already been doing this as he shows in his video below.

You’ll see above that he is using the top/bottom feature of his 42″ 3D Vizio TV to display two separate video game screens in Black Ops. The glasses are regular 3D glasses available from movies theaters, but modified to have the same polarity lenses. This allows two people to play split screen on the full TV while preventing the dreaded screen watching! I think it’s pretty sweet and when I get rid of my Sony Wega next year I think I will be looking for one of these.

Part 3: Further OverDrive Media Console Analysis and DRM Removal Automation

In the previous article we identified a weakness within the OverDrive Media Console which allows direct access to EPUB data. However, application of public tools for the removal of the ADEPT DRM layer proved to be fruitless due to the specification noncompliant nature of the EPUB data. In this article we will further investigate the inner workings of OverDrive Media Console and outline several vectors which will allow the removal of the ADEPT DRM layer in an automated fashion.

From inspection of the ineptepub tool we can see that the encrypted version of the RSA certificate is stored in an XML tag titled encryptedKey. So lets use our trusty grep tool again and see what we can turn up within OverDrive Media Console’s program directory:

Very interesting. Apparently OverDrive Media Console stores some information in a SQLite database. Using SFTP lets copy this file to our host system and see what goodies are contained within its binary walled garden.

While most of the information contained within the database is not applicable to our efforts the ZMEDIA and ZLICENSE tables contain some choice information. Examining the contents of these tables we find some columns of data that have the information relevant to our interests:

Table       Column                 Description
ZMEDIA    ZCONTENTID   Unique identifier for the fulfilled EPUB request.
ZMEDIA    ZTITLE           Title of the EPUB.
ZMEDIA    ZBASEURL       Download URL for the fulfilled EPUB request.
ZLICENSE  ZLICENSESTR  A mangled version of the ADEPT rights.xml info.

Jackpot! Although there’s much more data to be investigated most of it has to do with business logic associated with the OverDrive Media Console GUI itself. In theory with this data we should be able to generate a rights.xml file from the ZLICENSESTR column data using an XSLT or manual transformation, package that file with the target EPUB file, and use the ineptepub tool to decrypt the archive’s contents.

For purposes of testing I have created just such an EPUB by extracting the corresponding ZLICENSESTR data, converting it to a proper rights.xml file, and archiving it with the test.epub file as test.rights.epub. Now, when executing the ineptepub tool against the file we get the following result:

Success! If we extract the contents of this archive we find that the AES-128-CBC encryption has been removed from the EPUB contents and the result is a completely open standards compliant EPUB that can be loaded into any compatible reader.

When viewing the EPUB even though OverDrive Media Console will decrypt several pages at once every 10 pages or so and cache the results to improve the interaction with the document on the iPad or iPhone there is a pause of up to a full minute while the next batch of pages are decrypted. Now with this encryption layer removed and the EPUB loaded into iBooks the response time is at least several order of magnitudes faster and much more in line with the experience that a publisher would want a customer to have with their product.

So to recap we are able to strip the ADEPT security layer from the titles downloaded through OverDrive Media Console by the following method:

1. Copy the unarchived EPUB data from the device.
2. Copy the OverDrive.sqlite database from the device.
3. Extract the ZLICENSESTR data for the corresponding EPUB title.
4. Convert the ZLICENSESTR to the appropriate rights.xml format and create the file in the extracted EPUB’s META-INF directory.
5. Zip the extracted archive’s data into a new EPUB.
6. Execute the ineptepub tool on the newly created EPUB.

While this method works there should be a much easier way to utilize the data from the OverDrive.sqlite database to automate the process.

Developing Automated DRM Removal Tool

To begin our development it should be noted that every EPUB that is downloaded to OverDrive Media Console is identified with a unique 32 character hexadecimal Content ID of the form:

01234567-9ABC-DEF0-1234-567890ABCDEF

As this ID is present in both the ZMEDIA and corresponsing ZLICENSE entries of the database we should be able to consolidate this information into a single data structure containing all necessary information about the entries. Furthermore recall that there was a ZBASEURL column in the ZMEDIA table that was described as containing a download URL for the fulfilled EPUB request. The URL exists in the form:

http://acs.contentreserve.com/ACSStore1/
0123-4/567/89A/BC/{01234567-9ABC-DEF0-1234-567890ABCDEF}Fmt410.epub

Note that this URL exists per title within the Content Reserve system as the data contained within the EPUB is encrypted with the same AES cipher key for all requests. Also, from testing it can be seen that there is no known user-agent checking or authentication associated with this URL so any method may be used to retrieve the data including but not limited to: regular browser request, cURL, download accelerator, or even a custom download library. By utilizing this field we are negated from having to transfer the uncompressed EPUB archive from our device. Therefore the only transfer to the host system that should be necessary is the OverDrive.sqlite file.

However, there is still one more catch. As it exists the ineptepub tool requires a rights.xml file to be present in the EPUB archive or it will throw an invalid ADEPT EPUB exception. Therefore the proposed solution will automatically modify the specification noncompliant ADEPT EPUB by adding this rights.xml file effectively making a specification compliant ADEPT EPUB and pass execution off to the ineptepub tool to finish the processing.

Finally, since Python is currently being used for execution of the ineptepub tool the solution may as well also execute within the same Python environment. With all these requirements in place we present to you:

OverDrive Media Console DRM Stripper v1.1 (omcstrip.py)

Simply execute this tool passing in the path to your OverDrive.sqlite and adeptkey.der files and the tool will print out a list of EPUBs ready to be downloaded and stripped of the ADEPT DRM layer. Execute the tool along with a desired Content ID and the EPUB will be automatically downloaded from the server, insert the necessary rights.xml file, and delegate the actual removal of the DRM to the ineptepub tool.

OMCStrip Usage Information

python ./omcstrip.py --help

OverDrive Media Console DRM Stripper

Usage: omcstrip.py [OPTION]...

Startup:
-h, --help    print this help
-l, --list    list available files for processing and exit
-i, --id      content id of the asset to be processed.
-a, --all     process all available assets
-d, --debug   print debug information
-v, --version print script version and exit
Input:
-s, --sqlfile  OverDrive SQLite database (Default: OverDrive.sqlite)
-k, --keyfile  Extracted Abode ADEPT DER key file (Default: adeptkey.der)

python ./omcstrip.py --list

Content ID                        Title
----------                        ------------
01234567-9ABC-DEF0-1234-567890ABCDEF    Test EPUB

Example OMCStrip Excution

python ./omcstrip.py --id 01234567-9ABC-DEF0-1234-567890ABCDEF

Content ID                        Title
----------                        ------------
01234567-9ABC-DEF0-1234-567890ABCDEF    Test EPUB

Downloading 01234567-9ABC-DEF0-1234-567890ABCDEF.epub (12345678 bytes)
Downloading complete.
Injecting rights.xml
Stripping Adobe ADAPT DRM from 01234567-9ABC-DEF0-1234-567890ABCDEF.epub
Saving ePub as 01234567-9ABC-DEF0-1234-567890ABCDEF.decoded.epub

Conclusion

While the ADEPT DRM scheme provides excellent content protection in accordance with the EPUB specification its use as a rights management tool is architecturally flawed. Furthermore, OverDrive Media Console’s unencrypted and trivially obfuscated implementation of its own standard can be easily leveraged to repackage the content into a specification compliant format which can be used in conjunction with existing tools for easy decryption.

[Thanks to Armin Tamzarian]

OverDrive Media Console Analysis

In the previous article we investigated the background and technologies surrounding the DRM process used by the OverDrive Media Console. In this article we will turn our attention to the OverDrive Media Console itself in order to locate any mechanism which we can manipulate for our advantage.

Before we begin with the analysis of the OverDrive Media Console application it should be noted that there are some prerequisites to enable proper analysis:

• A jailbroken iDevice (For demonstration purposes an iPad and iPhone will be used). I have not had a chance to look into Android or Blackberry installations of OverDrive Media Console, but with file system access similar result may be achieved.
• An Adobe ID
• An installation of Adobe Digital Editions
• A system capable of running Python
• inpetkey
• ineptepub

Firstly SSH or otherwise gain command line access to your device and locate the installation of OverDrive Media Console. As an example, on the iPad the program was found at following location:

/private/var/mobile/Applications/EB126631-4B6C-40E5-8430-4F6B9ABC403C

If you’re having trouble the execute from the root (/ not /root) directory:

find * | grep OverDrive

Inspecting the program directory it can be seen that the EPUBs that have been downloaded are stored in an uncompressed format under:

[OverDrive Media Console Root]
- /Documents
-- /eBooks
--- /ePubs
---- /{EPUBID}.epub
----- ...
---- /{EPUBID}.epub
----- ...
---- /{EPUBID}.epub
----- ...

From this listing it can be seen that when one chooses to download an EPUB title through the OverDrive Media Console application the EPUB data is effectively fetched from the content server and stored locally. This functionality is what allows the program to operate in an offline mode. However, even though the content is stored locally it is still encrypted utilizing the AES-CBC-128 cipher as noted in each EPUB’s META-INF/encryption.xml file.

So now with all of this information one should be able to ZIP up the EPUB directory to create a specification-compliant EPUB file and use the available ineptkey and ineptepub tools to decrypt the file. However, let’s see how these tools work and verify their functionality with our newly created EPUBs.

First, since we have already installed completed the process of creating an Adobe ID, installing Adobe Digital Editions, and authenticating with our Adobe ID we will use the ineptkey tool to retrieve our private RSA cipher key.

The RSA cipher key was saved as adeptkey.der which includes the private cipher key in a x.509 certificate utilizing ASN.1 DER encoding. Now in theory all we have to do is use the ineptepub tool in conjunction with this certificate to extract the AES cipher key and decrypt the target EPUB content.

Strange. We get a failure, and the only message is that our file is not a valid ADEPT EPUB. So what situation can cause this error to be thrown? Examining the source we find the following logic statement:

if 'META-INF/rights.xml' not in namelist or \
'META-INF/encryption.xml' not in namelist:
raise ADEPTError('%s: not an ADEPT EPUB' % (inpath,))

So essentially if the EPUB does not contain a rights.xml or encryption.xml file in the archive’s META-INF subdirectory the document is assumed to not be a valid ADEPT archive. Indeed, upon further inspection of the archive this fact is confirmed insomuch that although there exists the required META-INF/encryption.xml document there is no META-INF/rights.xml document which contains the information needed to ultimately decrypt the document’s contents.

What does this mean? In essence, either Adobe (through their Adobe Content Server product) or OverDrive Inc (through their Content Reserve system) are apparently transmitting EPUBs in some sort of format that is not compliant with the ADEPT standard that they themselves created. To wit, does this mean that we’ve hit a brick wall in our analysis of the OverDrive Media Console Software? Hardly. Since the software can operate in an offline mode there must exist a method by which the information originally contained within the rights.xml is stored and retrieved locally.

In our next article we will delve even further into the inner workings of the OverDrive Media Console and bring to light several failures of the system and its architecture that allow for full automation of the DRM removal process with minimal effort.

[Thanks to Armin Tamzarian]