Dave Bullock / eecue : Programmer | Photographer | Admin | Human

You can check out the rest of the set here. Previously someone had emailed and asked me how I create these images, they are just 3 shots put together using Photomatix. You can read a great tutorial on Photomatix here. 

For the second time in as many months I have sent off my favorite lens (which is possibly going to lose that distinction thanks to my 24-70 f/2.8 L that I just picked up) to the Canon Factory Service Center. My first experience with Canon Factory Service was actually a really good one, as they hastily repaired my shutter mechanism and had the camera back to me within a few weeks.

A few months later I decided to send them my Speedlite 580EX which had a faulty motor in the zoom mechanism which allows the flash to automatically change the size of the flash that is thrown to suit your current lens, zoom level and sensor size. At the same time I sent them my 85 1.2, which was, and still is, having problems focusing.

When I focus on an object that is 10 feet away, I get the focus confirmation light, but then the resulting image is focused a few feet past where it should have been. With nearly any other lens, this would not be a problem at all, but thanks to the razor think depth of field at f/1.2, this problem makes my lens nearly useless at the aperture that it is designed for.

After holding my lens for nearly 2 months, Canon Factor Service returned it to me, with no changes whatsoever, saying that it was restored to factory quality. I am hoping for Canon that the problem was with their tech, and that factory quality does not mean that the focus is off by nearly 20%. I am eagerly awaiting the functional return of one of my favorite lenses.  

Eric Richardson and I have been trying for over a year to get in to the Triforium Control Center in the Los Angeles Underground Mall. Today Eric got us a tour thanks to help from Councilmember Jan Perry and Greg Fischer, who were both instrumental in the re-lighting of the divisive public work of art originally lit 1975.

Even now the Triforium has been drawing praise and scorn, most recently from the City Attorney's office which has been claiming that the music is disturbing them and has requested it only play from 11am to 1pm, which completely defeats the purpose of having the lights on, as you can hardly see them during the day. Although many art critics despise the sculpture I find it strangely charming and the primitive computer control system intrigues me.

When we looked through the control center today we found an old Teletype machine that was used to read and write punch tape which held the program the Triforium's computer used to synchronize with music. Our goal is to take those tapes, capture them and use them as a basis for the new computer control, which will most likely be a BASIC stamp or a PIC microcontroller. Once that works the next step, would ideally be to have some type of web interface to the system.

I brought my portable studio lighting setup along for the tour and took some photos, of which here is a sampling:

You can flip through the whole Triforium Control Center gallery here. 

Well, I've been too busy to blog recently due to several large projects that I'm working on concurrently, but I figured I would respond to this 5 things meme, as Siel of Green LA Girl tagged me.

1. I lived in South Africa for a year when I was 6 years old.
2. I only drink coffee on ice (and some times it's not even fair trade!)
3. I make my cats dance, but I think they like it.
4. My first job out of High School was designing rave flyers.
5. I want to retire in Santa Fe, New Mexico.

I am tagging: Peneloper, Eric, Celia, Jim and Ed. 

The unique throwaway email address that I used only for NetIQ was eventually sold to a spam list. Shame on you NetIQ, I don't think you've adhered to your own privacy policy.

... we want you to know that NetIQ is not in the business of selling or renting individuals' personal data to other companies for marketing purposes.

Looks like Orochon finally posted a scan of my polaroid on their website:

Just seeing this picture makes me hungry for some painful burning ramen. I wrote about my experience at Orochon earlier this year. 

Last weekend, the wife and I drove up to Angel's Gate and did a portrait session with the beautiful setting sun as our backdrop. I used two strobes, at roughly 45 degrees and 10 feet back from Penelope. The strobes were bounced off of white umbrellas raised up about 8 or 9 feet. The light ratio was 1:4 between key and fill. I triggered the flashes with my trusty set of PocketWizard Plus IIs and metered with my Sekonic L-558R. Shot with a Canon EOS 30D and an EF 85mm f/1.2 L. My wife is a beautiful and patient model.

The key flash was still recycling in the second shot, but I still love it. 

After growing up in the Bay Area, I attended High School in Santa Fe, New Mexico. One day my father, who worked as a programmer at Los Alamos National Laboratory, brought me to, and later got me a job at, a nerd's paradise called The Black Hole. I ended up working there for 3 summers and I think it was probably my favorite job ever, although it only paid $5 an hour. Many of the hours I worked were directly exchanged for random bits of junk, much of which I still have, to my wife's elation, stored away in boxes in our storage closet.

When I saw heathervescent's post about the upcoming Dorkbot Socal trip to APEX Electronics, I knew I had to go. The night before the trip I shot an email out to an especially geeky list that I run and CHS responded that he wanted to come along. We arrived a bit late at Machine Project, and Tom Jennings was mostly finished talking about what to expect. I mentioned my previous employment at The Black Hole and he told me that he make a road trip there every year, saying that it was one of his favorite places in the world.

After a short drive to the highly industrial Sun Valley, we made our way in to the wonderfully techno-detritus rich warehouse known as APEX Electronics. I immediately pulled out my camera, set up my tripod and began photographing the narrow aisles packed high with everything from oscilloscopes to capacitors to vacuum tubes.

APEX reminded me of a 1/10th scale model of The Black Hole, with less nuclear research equipment and more audio recording, broadcast and aviation gear. The organization of APEX is at least an order of magnitude better than The Black Hole, but I guess that having one tenth the amount of junk makes that possible. I should be careful about calling the contents of APEX or TBS junk, as they say, "one man's trash...", and also the collectors of said equipment seem to develop an emotional attachment to their toys.

Most of the aisles held boxes full of components, with a single version taped to the front of the box. Some of the more valuable gear like the microwave wave guides, windows and transmitters were locked up behind glass, which the owner, Don, was nice enough to open for me so I could take a photo. Tom mentioned that one aisle had collapsed in an earthquake almost 2 decades ago, and had yet to be cleaned up.

Outside there were towering piles of scrap aluminum, kegs, airplane wings, cable, and junk. I especially enjoyed the pile of "Safety First" signs that were haphazardly piled together along with what appeared to be a bomb, but was probably an airplane fuel tank.

It is a good thing that I am short on physical space in my loft, otherwise I surely would have purchased more than the $1 clamp that I picked up. If you are building a robot or some other fun project, this would be a great place to pick up those hard to find parts you need. If you are a junk collector, but you don't want to blow all your hard earned money in one place, you should avoid this place at all costs.

Full gallery here.

Update Heathervescent's flickr photo set can be found here, Zoetica's can be found here (Thanks thedaniel). 

The rest of the album can be found here. Also you can listen to a podcast of the even here.

Update: Xeni posted about the event on BoingBoing and put up some cool videos. 

Last week I got a pre-tour of the new setup at the Griffith Observatory. I took some HDR photos of the awesome new Zeiss Universarium IX among other things. You can check out the full album here. I will be writing several pieces about what I saw in the next few days, keep an eye out for them on MetroBlogging Los Angeles. [Note: I didn't have / use my new lighting setup for these shots.]

Update Here is the article I wrote on b.la. 

As I mentioned in the last few posts that I just posted in a spurt of posting activity, that I am building up a portable, battery powered lighting setup. I didn't feel like spending $3,000+ on a "real" head / pack lighting system as of yet, although some day I will end up buying one, most likely the Dyna-lite setup at first, but then eventually a Profoto rig. Portability is probably the biggest factor for me, as I don't have a studio to shoot in, so nearly all my work will be done on location. Many of the locations I plan on shooting will be either outdoors, or in places where lack of line voltage would be a limiting factor.

I already possessed a Quantum Turbo 2x2, which I've been very happy with in combination with my Canon Speedlite 580EX. I didn't want to buy another 580, because I didn't plan on using E-TTL for my portrait lighting, so after some research I decided to pick up the very moderately priced Sunkpak 120J Auto Pro, which is a bare bulb flash, that can be powered directly by an HV power pack, without needing any other batteries, unlike the 580EX.

Unfortunately Adorama sent me the TTL version of the 120J, which didn't come with the sync adapter, so I bought the standard shoe adapter that has the sync connector. This really isn't what I wanted as I will never actually be mounting it on a hot or cold flash shoe. I am trying to work it out with Adorama now, I need the flash for some work I have coming up, and they want me to buy the right one, even though it was their mistake in sending me the wrong one, and then send back the wrong unit when the new one comes. I feel like they should take the hit, send me the new one and I'll send them back the wrong when when I have received the correct model. I will see what happens, but I have a feeling that I am going to have to do it their way, which is too bad.

So as I wrote about earlier, I am using the 2 PocketWizard Plus II transceivers to trigger the flashes, which I am bouncing off or through a couple of convertible Photoflex umbrellas, that are sitting atop one Photoflex stand and one Avenger Stand. The third PW is on atop my camera in the hot shoe and I am using the Sekonic L-558R to meter the scenes. I also just picked up a couple of used C-Stands, and although they're heavy as hell, they're very sturdy and will be great to hold my convertible reflector and down the road flags, scrims, fingers, dots, etc. I also bought another Quantum battery, this one a Turbo Z. I have some sand bags and cases for the stands in the mail. In the future I will be buying some Chimera softboxes

My first results have come out quite well, but I still have a long way to go, and I am planning on taking some lighting classes, and maybe attending a workshop or two.  

Now that I'm building up my studio / location lighting kit, I can no longer rely on my trusty Canon 580EX's built in E-TTL system to do the dirty work of exposure calculation for me on the fly. E-TTL is great, don't get me wrong, but it only works when the flash is either on camera, off camera with the off camera flash cord or triggered with Canon's IR remote, which only works if your flash is facing you and you were within a fairly distance from your flash and within a fairly narrow angle. I logically decided that I needed a flash meter.

There are plenty of flash meters out there, from the trusty analog flash meter to high end digital meters with built in radio slave transmitters. I thought of it, like many folks think of tripods, that you can start out with the cheapest you can get, but in the long run you'll most likely end up spending more on upgrades until you get to where you want to be, than if you just shell out the money for the good stuff up front. So I decided on the latter, and shelled out the roughly half grand on the Sekonic L-558R.

The Sekonic L-558R is an easy to use (once you've read the manual) and sturdy flash meter, that also functions as an incident and reflected spot meter. The meter will read your flash in both incident and reflective modes, I think it is pretty cool that you can take a spot meter flash reading, but I'm sure there are other units that can do the same thing. As I mentioned before, the meter has a PocketWizard module that is built into the L-558R which allows you to trigger your flashes directly from the meter without using a sync cord.

One of the features that I find most useful is the ability to meter you key light, and then meter your fill light, and the meter will give you the difference between the two in EVs. This is an easy way to figure out the ration between your key and fill. You can also fire a series of flashes, storing each one in memory, and then get either a cumulative or average reading.

The meter itself is very compact, fits nicely in your hand and feels solid and well built. I would prefer the device didn't require the expensive 3V lithium battery that could be tough to procure in a bind, but I guess they decided they could make it a tiny bit more compact if they used the 3V lithium as opposed to using 2 AAs or AAAs. The only other issue I have with the meter isn't actually related to the meter, but to an older spot meter that I've been borrowing from my mother to use with my Mamiya RB67 setup, which was "modified" by Zone VI to have a nice little movable zone scale on the side, which makes ensuring that my exposure contains the data I want much easier. I know that I can just take an EV reading and put that into either my mental Zone chart, or I can put it on my handy Zone worksheet, but the little paper ring on the manual scale was really nice.

Before I bought the L-558R I found out that Sekonic is coming out with a new meter, specifically tailored to digital cameras, called the L-758DR. The 758DR allows you to load 4 custom profiles into the meter via a USB cable so that the meter will "respond to light exactly like your digital camera or type of film." Another very cool and helpful feature is the ability of the meter to warn you if you are outside the dynamic range of your medium. The 758DR is also extremely sensitive, down to f-2.0! I may or may not upgrade when it comes out. The 558 has all the features I really need and many more. 

After researching the ideal flash slave system for months I settled on the PocketWizard system. In reality, there wasn't much of a question in my head as to which system I was going to buy, this may seem a bit silly, but they had me at the ads. Their full page ads run every month in Shutterbug and many other photo mags, and their system is built in to several competing brands of lights including Profoot, Dyna-lite, Speedotron and Norman. There is fairly solid consensus in the professional photo industry that the PW system is the best you can get. The only other serious player for radio slaves is Quantum, but they just aren't as slick.

I just picked up a set of 2 Pocketwizard Plus II transceivers from Adorama and a third unit from Samy's Camera and they are nothing short of wonderful. Not only are they absolutely simple to operate, they just plain work. After about 500 shots fired, I've never had a single misfire. They are light-weight, compact, and as far as I can tell, very sturdy. They have a range of roughly 1500' and they will receive and rebroadcast signals so that range is really only limited by the amount of units you own. I recommend these units without reservation. 

I have recently begun putting together my portable studio lighting setup. I need portability and the ability to shoot in the field off the grid. I will expand more about this in a later post, but I am writing this to address the poor quality of Photoflex hardware. I ordered a Photoflex umbrella kit that included a reversible umbrella, stand and shoe mount flash clamp from Adorama. So far the umbrella and the stand have worked out, although were made in China and feel cheap as far as their fit and finish.

After the first kit arrived I made my way over to Samy's Camera on Fairfax and bought another umbrella and clamp, plus a stand, but not a Photoflex, I decided against buying another one of their stands and picked up a high quality Manfrotto Avenger Mini-Max. When I got home I set up everything and took a few shots and everything worked just fine. The next day I set it all back up and lo and behold I noticed that the screw that holds the umbrella into the clamp had stripped and would no longer hold the umbrella. The Photoflex umbrella clamp has metal threads for every screw except the one that hold the umbrella, which feeds directly into threaded plastic. It is not surprising that this stripped. I have vowed to never buy another piece of Photoflex equipment. I really shouldn't have bought any in the first place.

I took the clamp back to Samy's and although I didn't have the box or the receipt, the salesman looked me up in the system and gave me full credit for the item, after chiding me for throwing away my boxes. I normally never throw away boxes for anything that costs over $50, but I guess I should at least hold on to the boxes for the cheap stuff for a week or two. I used my credit towards a nice, high quality Manfrotto clamp, which is made out of aluminum, brass and steel. It looks and feels like a quality piece of equipment, and it is made in Italy. 

Last night after the Detour show, my friend Mike Rocchio and I went to Oomasa for sushi. I ate sweet shrimp, with the shrimp heads in soup form. Afterwards I felt a little tickle in my throat, but I was still fairly buzzed and it didn't really bother me until I was about to go to sleep. I had what I thought was a little bit of shrimp antenna lodged in my throat. I tried to wash it down with some cereal and copious amounts of water, but it stayed stuck in there. I went to bed hoping it would work its self loose by morning, but when I awoke it was still there.

I decided to call Kaiser and see what they recommended, but while I was on hold I decided to look in the mirror and see if I could see anything. Lo and behold, there it was, a big honkin' shrimp leg lodged in the back of my throat. Penelope, my wonderful wife / nurse in training offered to extract it with a pair of tweezers. After a few tries she skillfully snatched it and removed it. I took a few photos with a nickel for scale here. 

See the rest here. More info posted here on blogging.la. 

Mack Reed over at LAVoice wrote this excellent piece about the efforts the LAPD are putting in to get the dealers off the street in Skid Row. It is the best article I've read about the problems going on there right now and the LAPD's response that I have read so far. 

Tomorrow night is the Gallery Row Organization's Fundraiser at the Oviatt. Read more about it here. 

My LAist interview is up, go check it out.  

I've been leading the Downtown Art Ride for almost a year now and in the last 6 months or so I've brought my 20D, and now my 30D, with me on every ride. I have been trying to get a portrait of every artist that I've run in to. On this last ride I think I photographed over 20 artists, you can check out the September Art Ride photos here. 

I've been busy and haven't had much to say here on eecue.com, but I've posted over on blogging.la about my private tour of the Banksy exhibition.  

Penelope and I are very lucky to have two wonderful cats to share our loft with. Evita and Isabella were nice enough to pose for me yesterday after I unpacked my new camera, a Canon EOS 30D. Setup used for the following shots:

• Canon EOS 30D
• Canon EF 85mm f/1.2 L
• Canon Speedlite 580EX
• Stofen Omnibounce
• Stratos 835 Flash Bracket
• Canon Off Camera Shoe Cable
• Hoodman 2GB CF 150/133X

As I mentioned earlier, my 20D's shutter is kaput after about 50,000 exposures over that last 2 years. Today I made my way down to Samy's Camera on Fairfax and picked up a Canon EOS 30D. One of the cool things about Samy's is that, although their website always has lower prices than they advertise in their store, they will always match their website pricing, plus shipping. The 30D ended up costing me $1216.97 plus tax, which is more than I would have paid if I had ordered it from B&H or Adorama, but I would have had to wait a week before it came, and I need it for a shoot I am doing on Friday. Another cool thing about Samy's, and any retail store front for that matter, is that they are willing to work with you on pricing and I got a good deal on a Stratos flash bracket, a Hoodman 2GB 150x CF card, a Stofen Omni Bounce, and an Off Camera Flash Cable.

One of the first things I noticed about the 30D is that the shutter mechanism, which is rated to 100,000 exposures, is much quieter than the one in my 20D. I am not sure if this is because my 20D's shutter mechanism was on its last legs and was starting to die, but it was at least twice as loud as the one in my 30D. Of course the 30D also has spot metering (finally!!!) as well as nice big 2.5" LCD. I am a little bummed that the body shape changed as my Really Right Stuff L Bracket will no longer fit, but that's ok, I really should have one on both of my rigs. I am already very happy with the test shots I took using the flash bracket, having it off camera really makes a big difference. 

Last night I got an email from the commander of the Search and Rescue (SAR) team that I am a part of, about a mutual-aid callout on San Jacinto for a missing hiker. I got the call at about 2230 and quickly responded that I would be there. I got about 4 hours of sleep as I had to wake up at 0330 in order to be at the Sheriff's Office at 0500 to pick up one of the Sheriff's vehicles and drive to the base of the tram by 0600 hours. I am not normally one to be on time, but when it comes to searches it is important to be punctual as someone's life is on the line.

At the briefing my teammate Mark Kinsey and I got our mission which entailed us riding up to the San Jacinto peak on Los Angeles Sheriff's Department's gargantuan Sikorsky SH-3 Sea King known as Air Rescue 5 then riding the hoist down to the summit and then hiking cross country through the west side of San Jacinto and eventually coming to a trail that would take us to the tram. I was excited about riding in a helicopter, as the last time I had the pleasure of rotor based travel I was in Search and Rescue in Santa Fe, New Mexico.

Zipping down from a hovering helicopter on a piece of aircraft cable attached to my seat harness whilst carrying my 24 hour pack was quite a rush. Once I was on the peak and I unclipped from the hoist I snapped a few photos of the bird and Mark and I made our way across the ridge.

The mission was supposed to be technical so we kept our harnesses on, but we never ended up needing them apart from the helicopter bit. It was really just bouldering for the first mile or so until we turned down towards the saddle between two peaks, at which point we had to walk on top of dense brush for about another 1/2 mile dropping several hundred vertical feet. After the brush it was fairly easy going for the next couple of miles until we hit more dense brush and it started raining. Despite the rain and the brush we made good time and soon enough we were on a real trail. We double-timed it back to the tram and made our way down to the command post for debriefing at around 1530.

We didn't find any tracks or signs of the missing subject, but hopefully other teams will find him tomorrow. [You can find the rest of the photos here]

Update They found him and he is ok! 

Yesterday Penelope and I made a trip down to the San Diego Zoo and about half way through our adventures my camera started taking photos on its own in rapid succession while flashing Error 99 on the LCD. I tried pulling the batteries and letting it sit for a while, but that didn't cut it. I looked through my photo archive and I've taken well over 50,000 photos with it since I bought it in February 2005. Looks like I will be without a digital SLR (still have a film SLR body) for a couple of weeks while I get it repaired.

Update After finding someone who had the exact same problem that I did and emailing said person, I found out that I needed to replace my shutter. Canon will do it for $196 which also includes a complete overhaul and cleaning of the camera. It takes 7-10 business days to complete. I am sending it off today. 

After our most excellent 17 mile bike ride through the fake downtown of Huntington Park which Mack Reed describes so wonderfully, Sean Bonner mentioned that there was a new Borat Trailer before Snakes on a Plane. I found it here on Yahoo, it's nice... I like. 

My photography has been published before in a local music rag called Jointz Magazine. I was excited to find out that one of my protest photos (shown below) will be published in a report about American population growth and land use trends for a New York based not-for-profit organization called the Regional Plan Association. I will post a copy of the report once it prints.

Where are you man? We were good/best friends in High School. I can't seem to find you on the web except for this photo of you from 1996. If you stumble across this let me know! 

I really didn't mean to wait this long before posting photos from our honeymoon, but I've been busy. I separated them into the following sections:

• Nadi, Fiji
• Jean-Michel Cousteau, Fiji : Arrival
• Waterfall Hike, Cousteau, Fiji
• Jean-Michel Cousteau Resort, Fiji
• Town of Savusavu,Fiji
• Private Island, Cousteau, Fiji
• Fiji Village
• Fiji Sunset HDR
• Garden of the Sleeping Giant, Nadi, Fiji
• Lautoka, Fiji

Joanna Rutkowska gave a highly informative talk at Black Hat called "Subverting Vista Kernel For Fun And Profit." In the first part of her talk, she demonstrated an attack on Vista's code signing feature that requires any code that is loaded into the kernel to be signed by Microsoft. Her attack did not take advantage of an implementation bug or a vulnerability, but instead used the built in raw disk write access to change a few lines in the pagefile. Once the pagefile was altered and the changed data was read back into memory she was able to load any code she desired into the kernel. She stated that this didn't mean that Vista was insecure, just not as secure as Microsoft says.

I talked to her for a few minutes today about her talk and asked if she was going to be releasing the code, and she said she didn't see the point of doing that. Her goal was not to provide people with a way to hack systems, but to alert the community and Microsoft of a flaw in the system. She also mentioned that she is in active informal discussions with Microsoft and they are aware of the problem and the potential solutions she laid out in her talk, but she didn't want to comment on what they were going to do about it.

The second part of her talk covered a proof of concept root kit called Blue Pill that takes advantage of the extremely powerful new virtualization features in the new 64 bit AMD processors. Blue Pill takes a running operating system and completely virtualizes it beneath a Hypervisor which can then be used to intercept certain system calls and execute arbitrary code nearly completely invisible to the user. As the system is truly virtualized on the processor level and not in kernel and userspace, the virtualized system has direct access to the hardware (except for calls the hypervisor is intercepting) and detection would be non-trivial to say the least. Although she did her research on the AMD processor, she said the same attacks would be possible on the new Intel chips, although their virtualization implementation was not as powerful.

"Faster Pwning Assured: Hardware Hacks and Cracks with FPGAs" with David Hulton & Dan Moniz. I didn't stay for this talk, as I'd seen Hikari's original talk at LayerOne a couple years back, but I did get a couple shots of him and the expanded setup of FPGAs.

Brendan O'Connor gave a talk called "Vulnerabilities in Not-So Embedded Systems" about how easy it is to take over the computers that run the Xerox Multifunction Devices. Basically he wants people to treat these supposed embedded systems as servers which they really are. Through his research he found that the Xerox systems didn't have the GRUB boot loader locked down with a password so he was able to gain access to the system and basically do whatever he wanted with it. These systems are dangerous because they are full linux systems, but the user doesn't have access to it so they are unable to secure it. As you know services are constantly being found to be vulnerable and relying on a technician to come and patch your copier isn't going to keep your network safe. It would be wise for vendors to allow users access to these systems so that they can keep them safe.  

Alex Stamos and Zane Lackey gave a talk at Black Hat called "Breaking AJAX Web Applications: Vulns 2.0 in Web 2.0". As AJAX evolves from a toy used by teenyboppers to a serious tool used by banks, hospitals and uncle same, it becomes more and more important to ensure bug free code. AJAX has changed web attacks by exposing the use of frameworks used by the applications via included .js files which expose supported calls. Cross site scripting becomes more complicated as you can inject script into the javascript stream. Injection attacks are also more dangerous due to front ends that are exposed in the client side code. Business logic in applications has become more complex so parameter manipulation vulnerabilities are still excellent attacks.

XSS becomes more complicated and more interesting because you can just put javascript right into a running javascript engine, which becomes harder to escape as you're no longer looking for brackets and tags.

Because your browser is running a javascript application, if an attacker sends you rogue code, in say link form in your cool AJAX email app, your browser will run the code sent in the webmail application instead of loading it in a new page and then the attacker would be sent your authentication cookie. The attacker would then have access to your web mail. The speakers used the fictitious company Webmail.com in this example, and when asked about gmail they responded that they have more lawyers than webmail.com, but it was pretty clear the attack they were talking about was possibly on gmail.

Dynamic script nodes allow attackers to embed malicious javascript in a website that would allow a cookie from any site to be pulled because browsers allow cross domain XmlHttpRequests, this is very bad!  

The big vendors are more willing to talk to the researchers and the end users are more apt to work with the vendors. Most vendors are very cooperative about security issues and disclosure. The Cicso incident has made big vendors more willing to work with end users and security researchers, and all in all the incident was good for the security industry. Large customers of big vendors want earlier disclosure information to be shared with them before the smaller customers, but the consensus is that early disclosure for big customers is a bad idea, even to the point of not giving preferred treatment even to internal networks and devices. A very large part of the discussion involved when vendors have a vulnerability and not a fix. There was no clear consensus on this topic, but the vendors felt they shouldn't disclose a vulnerability unless they have a fix for it except in extreme circumstances. Vendors don't want to draw attention to a flaw that people don't know about, so they aren't likely to disclose. One of the best things is that vendors are talking more, talking to researchers and working together to fix problems.  

I missed Claudio Merloni and Luca Carettoni's talk about their cool suitcase based bluetooth hacking system named BlueBag, because I was fighting an epic battle with a cruel hangover this morning. I did get a chance to talk to them and photograph the bag up close in the press room. The system inside is a low powered Micro-ATX motherboard running Gentoo Linux and the custom software that does the actual hacking will be available soon on their website. The system can detect and attack bluetooth devices from distances of over several hundred feet thanks to the built in amplifiers and the attacker can access the BlueBag system via a laptop remotely. The BlueBag has a side effect of knocking out 802.11b within about 10 meters due to the bluetooth amps. They chose not to fly with the BlueBag and instead shipped it in to Vegas, which was probably a good idea due to the extremely suspicious contents of the case. More photos of the BlueBag here. 

People love free booze and tickets to parties at which free booze is provided are a hot commodity at security conventions. A company called Tipping Point that is a subsidiary of 3Com is throwing a party tonight at Body English in the Hard Rock. To get an invite you would have had to RSVP with their PR people before the convention, which of course I didn't, or you would have to wait in "line" and get a ticket on a first come first served basis. I put line in quotes because the folks manning the booth didn't seem to have any idea about how to do an orderly giveaway. They told everyone to stand there and wait their turn, but never actually instructed people to get into a single file line. The "line" was actually more like a mob and when they started giving away the tickets it turned into a writhing blob of stinky geeks, I almost lost my camera bag in the chaos. In the end I got my pass to the party and I will go and take part in the booze drinking. I don't want to make a presumption about the quality of their product based on the lack of organization of their giveaway, but it is hard not to.

Update Last night we defeated the authentication system of the Tipping Point party and got about 12 people in with just the 1 token I won, plus 2 or 3 tokens that we temporarily borrowed from random people. The flaw in the system was pretty simple, the bouncers didn't take your token away when you got in so if you went outside to make a phone call or whatnot you could give your token or several you borrowed to your friends. The part was fun and being 23b, we danced. 

Frequently you find a speaker who is covering a very interesting topic, but may not quite have a firm grasp on keeping a crowd interested. Public speaking is not a skill that I have mastered, and I feel that the folks that were talking about Sidewinder are in the same boat. Sidewinder is a promising piece of software that Shawn Embleton, Sherri Sparks and Ryan Cunningham are working on. Sidewinder is a fuzzer that uses genetic algorithms to evolve the fuzzed input in order to get the funky data to the place in the code where you want it. The next logical step of their application is to add some software to create exploits once you get to the place in the code where you suspect a vulnerability may exist. Keep an eye on these three, I see big things coming from their collective intelligence in the next few years.

Update I had a chance to speak with Shawn about the Sidewinder application and he told me it was all coded in just a few months. He isn't sure if he will have time to continue development on the application, but I encouraged him to as I feel it is a great concept and could grow to be one of the best fuzzers out there. 

The guys from a wireless research company called Flexilis who happen to be based a block and a half from my loft, just showed me their proof of concept demo of a serious flaw in the upcoming RFID embedded Passports, scheduled to be released in October. The RFID passports incorporate a shielding mechanism to prevent rogue readers from picking up the sensitive information contained in your US passport, but as it turns out if the passport is slightly open it can be read. This may not seem like much of a big deal until you watch the following video where they created a proof of concept Improvised Explosive Device that detects the presence of a US passport and detonates a charge (or in their test case, some model rocket engines).

The FLX[2006‐0605] video security brief demonstrates a real‐world vulnerability associated with the failure of the shielding component in the current proposed electronic passport design. When partially open, as could be the case when in a pocket, purse, or briefcase, the currently proposed passport can be detected by a nearby inquiring RFID reader. The security brief also demonstrates an improved shield design that requires a passport to be significantly open before reading is possible.

You can read the full RFID Passport Technical Analysis (84K PDF) or the RFID Passport Shield Failure Demonstration (120 KB). The good news is they have proposed a fix for the problem, John Hering told me he had discovered the vulnerability 2 years ago, but didn't want to release knowledge of the problem until he had a fix to go with it.

Digg This Article

UPDATE Well it looks like the Department of State decided not to wait until October to begin issuing these dangerous passports. Here is their press release. 

I just caught the opening intro from Jeff Moss aka Dark Tangent. He dispelled rumors that Microsoft had attempted to buy a track at the convention, explaining that he was hoping to have some of the Vista engineers at the con to talk about their work that would hopefully coincide with the imminent release of the new OS. As it turned out the Vista release date has been pushed back, so that didn't work out as planned.

The opening keynote was given by Dan Larkin, FBIU Unit Chief of Cyber Initiative & Resource Fusion Unit Cirf-U, a spinoff of IC3. He started out with some bad jokes about how far computers have come which elicited a sum total of zero laughs from the audience. His talk became more interesting when he talked about strides the feds had made in past years working with academia, industry and experts in the field. The FBI is actively investigating all types of cybercrime ranging from phishing to spamming to bank fraud and are uncovering vast organized crime organizations that span the globe.

I had a chance to talk to Dan Larkin more after his talk and I asked him about what percentage of the crime the investigate involves music, movie and software piracy and he said that the organized criminals involved really have their hands in anything and everything illegal that can make them money. He said 30% of the bad guys crime involves When it comes to music, software and music.

I am torn between three of the next talks scheduled, of which I will try and catch a few minutes of each: Bypassing NAC by Ofir Arkin, Black Ops 2006 by Dan Kaminsky and Trusted Computing Revolution by Bruce Potter. Dan's talks are always great and I've enjoyed Ofir's in the past as well. I am pulling the shots from the keynote off my CF card right now and will upload them as soon as they are done.

I am attending a 2 day security convention in Las Vegas called Black Hat. The flight in from LAX was short, although I did get the old TSA hassle, for the first time ever I was directed to stand in the little search corral and the frisked me, then swapped my bags and fed that to the spectrometer, I heard from another attendee that people all over the country are getting extra hassles.

I showed up at Caesar's Palace right at 8am to get my credentials and everything went smoothly. The line for the general credentials was insanely long, but luckily there was a press line that was only a dozen or so people deep. Jeff Moss will be giving his intro in a few minutes and then the keynote: "Fighting Organized Cyber Crime", which should be interesting. I'll get some photos of the speakers and try and upload them and give an update between talks. The photo above is of the free swag you get upon registration... a pretty good haul. 

This Saturday at 12:30pm I will be available for dunking in the DefCon EFF dunk tank. The proceeds go to the EFF so it is for a great cause. You know you want to dunk me! 

I forgot to mention it but a month or so ago I won the going postal quiz challenge... it was pretty straight forward and from it I gained access to the attrition.org photo gallery. I haven't used it yet, but someday it may come in useful. 

The other night there was some filming going on atop the ex-million dollar hotel, which is currently the Rosslyn. The film crew erected a giant glowing sphere which looked a bit like the moon balloon from AI. I took some shots of it from my loft window and created this HDR from 3 of them. 

We had the most wonderful honeymoon ever. We didn't want to come back to America, but hey life is about compromise right? We are currently sorting through our photos and our memories and will be posting a complete trip report in the coming days.  

I just want to put up a quick post to say the wedding went wonderfully and we had a great time. I would write more, but I have to pack for the honeymoon in Fiji.  

I pay good money for a 6mbit DSL connection. Why can I not stream video from your site in real time? It works great from Apple's quicktime trailer site. What is the deal? 

The BBC has a show station called 1Xtra that covers "New Black Music" which includes drum'n'bass / jungle. They are coming out across the pond to check out what is happening in the scene out here in Los Angeles as well as 3 other US cities: NY, Houston and Atlanta.

1Xtra is visiting four corners of the USA to bring you the freshest in new black music, interviews with the biggest stars, and a series of massive live shows!

They are going to be interviewing me about junglescene.com as well as the LA scene in general. They are coming out here the day before my wedding so it will be a bit hectic for me! They are covering some dnb shows that will be taking place when I am in Fiji so I will miss those. They have linked to my site, my flickr photos and junglescene on their mini-site and they are also using a photo of mine on their LA DNB page.

Update Oops, I didn't realize that 1Xtra was a full blown station, not just a show.  

My future brother-in-law, Noel Proffitt, took me on a photo safari through LA. We went through Vernon, down Pacific Avenue, to Watts and then finally to the beach at Cabrillo Beach. Here are some of the HDR shots I took:

I can't use these in the Hassle Project as I wasn't hassled whilst taking them! 

So I saw a post over at digg about how to ruin blogging, and I thought, oh hell yeah count me in! So I signed up on a site called [censored] that allows business to pay bloggers to post about their products. To me this seems a whole lot like payola, but hey I am disclosing that I am advertising for what appears in this post and I am (supposedly going to be paid for it). So let me (or may payola sponsor) ask you some questions

UPDATE: Screw this! Here is what they said:

Please refer to a previous rejection message regarding your posts. Remember: 1)one post PER opportunity 2)word requirements Thank you!

I was not hassled when I took these pictures:

Oh yeah this is going to be great. The Borat trailer is pretty much a rip-off of the U.K. only special called "Best of Borat" although the scene where he kisses his sister was much expanded: "This is my wife, this is my mistress, this is my girlfriend, this is my other girlfriend, this is my sister" Where in each statement his is with a different woman (or young girl in the case of his sister).

UPDATE: So I'm reading through the message board on IMDB and I came across a post [bugmenot registration] from a frat guy who was duped into being in the movie. He wasn't sure if he was in it or not, but then people who have seen the screening chimed in, and oh boy is he in it! Apparently Borat tells them about a game in Khasakstan where they put some cheese up their "khrum" and then let a mouse crawl in, and this guys says he would do it. Too funny... I can't wait for this movie to come out. 

I just put up the photos from the May and June Downtown Art Rides. You can check out some selections over at the Downtown Art Ride website or in the galleries on eecue.com: May & June.

This weekend I went on one of my weekly urban photo safaris, this time I went through the lovely uninhabited city of Vernon. For those of you who don't know, there are no residences in Vernon at all, just factories, railways and warehouses, which recently has made for some interesting election disputes. I didn't get hasseled anywhere in Vernon by power hungry security guards, but when I first set up the Mamiya to shoot the Amtrak train washing station, I was accosted by a golf cart riding security guard who threatened to take away my equipment because I was trespassing. I understand that if I am trespassing I have to leave, no problem there, although the area wasn't clearly marked as private property, but threatening to take my camera is not cool. It turned out ok because he decided that I wasn't "one of those guys" which I will assume he meant terrorists, but he also added that you could never be too sure. He was nice enough to give me a ride in the golf cart to my car, but I think his motivation there was to get my license plate number. You can check out the rest of my series of HDR shots. 

I have changed the design, but you will probably only notice it if you are running Windows Internet Explorer. This page should now render correctly in IE and it no longer has the javascript warning you that you are running an insecure browser. That was just plain annoying, and I apologize for it. I have also moved the blogad away from the right and column and into the left hand column below the google ads. In order to do so, I widened the left column by about 10 pixels. So basically it was a very small change, but once I launch the new version of this site will be a bigger change. I am going to get rid of the whole programmer / designer / admin / human thing as I no longer design, and instead mention something like programmer / photographer / human... or something to that extent.  

For the last 6 months or so I've been using my trusty moleskine for taking notes, making checklists and other useful and not so useful tasks such as opening a beer bottle (which doesn't work due to the flexible nature of the moleskine's cover). Yesterday I picked up a new one as mine is almost full and when I got home did a little googling about moleskines. I found this cool site called Moleskinerie and decided to shoot them an email with some photos I had taken of my moleskine. The owner of the site recognized me from my protest photos and then posted what I sent him.  

I just bought a complete Mamiya RB67 setup (in pieces) from ebay for my mom's birthday. She used to have the camera about 10 years ago, but sold it when she went digital. I took some photos to test it out this weekend and I am very happy with the result. This is not the final image, but once I get back the higher resolution scan I will replace it.

UPDATE I just got back the 39mb scan of the image from A&I and it looks great. I played with it a bit to bring the detail in the shadows up and also to remove some dust. I am looking forward to printing this. If it looks good @ 10x12 I may get a drum scan done so I can go even bigger. 

I love flower macro photography. Desert flowers are my favorite, their tiny buds are so beautiful up close. There is something about a plant that only survives for a few weeks out of the year, yet opens its lovely petals to attract pollen transferring insects in order to sustain its life cycle, that is really amazing. Here is the