Skip to main content

Posts

Fern Hill

Fern Hill, by Dylan Thomas
Now as I was young and easy under the apple boughs
About the lilting house and happy as the grass was green,
The night above the dingle starry,
Time let me hail and climb
Golden in the heydays of his eyes,
And honoured among wagons I was prince of the apple towns
And once below a time I lordly had the trees and leaves
Trail with daisies and barley
Down the rivers of the windfall light. 
And as I was green and carefree, famous among the barns
About the happy yard and singing as the farm was home,
In the sun that is young once only,
Time let me play and be
Golden in the mercy of his means,
And green and golden I was huntsman and herdsman, the calves
Sang to my horn, the foxes on the hills barked clear and cold,
And the sabbath rang slowly
In the pebbles of the holy streams. 
All the sun long it was running, it was lovely, the hay
Fields high as the house, the tunes from the chimneys, it was air
And playing, lovely and watery
And fire green as grass.
And nightly unde…
Recent posts

EVR2EST, I don't know if you say "Ever too est" or what

But it refers to Eagle Vision and ROVER Responsive Exploitation of Space Products for Tactical Use

SMDC's EVR2EST, GIIEP quick data supported Super Bowl 50 with situational awareness https://t.co/hAi1h2CsfE — USASMDC/ARSTRAT (@ArmySMDC) February 12, 2016
It's satellite imagery, super-high-resolution, mostly used for situational awareness in disaster relief operations.

Nothing terribly sensitive here, but it's probably not supposed to be accessible this way. Some of the images, even of disasters, are actually beautiful.

This relatively benign product does, however, put the extent of US national technical means in sharp relief.

Take a look at the image below, a "Scene" page with satellite images of a




Imagery  is organized by Scene and Mission pages -- Mission pages contain multiple scene that overlap or are geographically adjacent, for example, the Washington, DC area.

There are three scenes for DC, 2 orthographic regions, shown above as orange-yellow polygons. If …
Light Breaks Where No Sun Shines


by Dylan Thomas




Light breaks where no sun shines; Where no sea runs, the waters of the heart Push in their tides; And, broken ghosts with glow-worms in their heads, The things of light File through the flesh where no flesh decks the bones. A candle in the thighs Warms youth and seed and burns the seeds of age; Where no seed stirs, The fruit of man unwrinkles in the stars, Bright as a fig; Where no wax is, the candle shows its hairs. Dawn breaks behind the eyes; From poles of skull and toe the windy blood Slides like a sea; Nor fenced, nor staked, the gushers of the sky Spout to the rod Divining in a smile the oil of tears. Night in the sockets rounds, Like some pitch moon, the limit of the globes; Day lights the bone; Where no cold is, the skinning gales unpin The winter’s rob…

Life hack: Save time spying by integrating wiretaps and facial recognition

Patent #9,565,390 B1 was granted February 7, 2017, and it's the best thing to happen to mass surveillance since the people who've done nothing wrong filter.
From the summary: (full text PDFSYSTEMS AND METHODS FOR ENHANCING RECORDED OR INTERCEPTED CALLS USING INFORMATION FROM A FACIAL RECOGNITION ENGINE)
A video stream is received. The video stream can be analyzed in real-time as it is being received or can be recorded and stored for later analysis. Information within the video streams can be extracted and processed by a facial and video content recognition engine and the information derived there from can be stored as metadata. The metadata can be queried for statistical data and/or for business or security analysis.
The metadata can be used to enrich the call content of a recorded or intercepted call. The information derived from the video streams can be used to determine whether or not the call should be recorded.

The inventor is Ofer Shochet of Tel Aviv and the patent is as…

Directory disclosure vulnerability in facial recognition software

There are at least a dozen, most likely many more, Embedded Facial Recognition Systems online on the World Wide Web with a basic software flaw that allows anyone without credentials to browse the /images directory, download log files, and view enrolled images.

I was able to locate the systems on Shodan searching for - html:facial html:recognition html:embedded country:"US" - and once on the log-in pages, simply inspecting the page source revealed the path to the background image.








Navigating one directory up revealed the directory listing, and I was able to navigate to the folder "logs" and download .bmp files of faces enrolled in the system, as well as system files.



It's probably none of my business but I'm one of those people who needs to know what the fuck pic.twitter.com/F453dsf67x — Kenneth Lipp (@kennethlipp) May 6, 2017 Many of the systems seem to be on dedicated IP blocks (inferred from searching Shodan for the IP's ASN, net:"xx.xx.xx.0/24&…

Ranger and Bonker , Predator Drones

Update:
Okay, so that drone video? It was from February, most likely...and it's on a demo server for a DOD supplier. Security through obscurity. — Sean Gallagher 📦🐭 (@thepacketrat) May 5, 2017
You can see the wakes of small boats like a formation of contrails from thousands of feet above -- the next moment the screen flashes and there's a jet-skier astride a bouncing craft leaving behind it a rivulet of foam.

As of noon today this full motion video, FMV, feeding from a camera aboard a MQ-1 Predator circling Choctawhatchee Bay in the Gulf of Mexico, was accessible to anyone with the IP address. The webpage exclaims "Welcome to FMV!" next to three agency logos, the National Reconnaissance Office, the Aerospace Data Facility-East, and the Washington Innovation Center of the Combat Information Center.

Yester'eve as I agoogle browsed, and did see what fish would bite on Shodan, as is my wont, I searched the latter for three letters and ended up watching jet-skiers …

JFC

The passwords to access the National Guard online GEOINT platform for three exercises planned in 2017  - Ardent Sentry, Vibrant Response, and Vital Archer - were uploaded in a presentation on a Sharepoint site, and indexed by Google.

APAN is a Sharepoint platform used by the military and NGOs (I've written about it here)
They just can't button this Sharepoint down, most links now redirect to login, but even new docs are still being cached by Google pic.twitter.com/pcbPTHQf53 — Kenneth Lipp (@kennethlipp) April 22, 2017 Since my tweet yesterday Google has removed the page from its cache.