Today I’m releasing my “first” android application into the store. I say first because it’s not the first I’ve written, but it’s the first one that I’ve actually decided might actually be slightly beneficial to someone else so I put it into the store. When the app goes live, I’ll add a link and all that other fun stuff. In the mean time, you can check out details about what the app can / can’t do and the things I learned along the way here.


The link is live:

Continue reading ‘Building / Publishing the MS Band Light’ »

I recently picked up a veho Muvi K-Series action camera … and the application on Android didn’t work for anything. So I started down my own path.

Rather than put all the details here, I decided that I was going to primarily work out of a git repo (after the jump) in the event that I decided anything worthwhile should be developed to work with the camera over wifi. What I found was a couple of key points:

  • The support from veho’s technical team was terrible; essentially every email I sent them was worse than chucking it into a blackhole because at least the blackhole wouldn’t respond with insane questions
  • The camera is linux based and runs a very simple configuration that is some how statically limited based on what’s been included
  • Muvi’s camera and application look to be blatently stolen from AEE Action Camera which appears to be blatently stolen from GoPro … but at each effort of “stealifying” they’ve made it suck just a little more

Due to the fact that the camera’s quality was kind of terrible (random blocks of video would just jump in and out) and the SD card that was shipped with it was broken and wouldn’t function in anything, I decided to send it back. But I’ve collected all of my comments, code, research, etc. into the muvi_kseries_research repository for anyone else that would like to poke, prod, or build their own application for whatever reason. Enjoy and let me know if you found anything helpful.

Every now and then, I find myself digging through some arbitrarily compressed binary and in IDA, when you have to keep doing it over and over again, you should write a script or a loader to handle that (as any good programmer would). So I started wiring up a loader in python and thought that I’d use the zlib library to decompress things … boy was I wrong.  Not only did zlib fail to actually work correctly (because it can’t actually handle ZIP files, more on that in a moment), but the error messages were basically the same low-level messages you got out of zlib’s internal functions. Really? This is the best we can do right now? What I tried:

[wyatt@lazarus:~/Downloads]$ zip Untitled\ drawing.png
[wyatt@lazarus:~/Downloads]$ cat Whatsnew.txt > file.out
[wyatt@lazarus:~/Downloads]$ python
Python 2.7.3 (default, Apr 10 2013, 06:20:15)
[GCC 4.6.3] on linux2
Type “help”, “copyright”, “credits” or “license” for more information.
import struct
import zlib
f = open(‘file.out’,‘rb’)
c =
offset = c.find(‘PK’)
uncmp_size = struct.unpack("<l",c[offset+22:offset+22+4])
z = zlib.decompressobj()
out = z.decompress(c[offset:],int(uncmp_size[0]))
Traceback (most recent call last):
File "", line 1, in
zlib.error: Error –3 while decompressing: incorrect header check

This of course fails because zlib doesn’t actually work right with zip files (you’ll find a vauge note to such things in the ) and of course … I should have really known that ZIP isn’t actually zlib. Instead of trying to be clever, I decided to give up and be lazy. What actually worked:

import subprocess[‘7z’,‘e’,‘file.out’])
7-Zip [64] 9.20 Copyright (c) 1999-2010 Igor Pavlov 2010-11-18
p7zip Version 9.20 (locale=en_US.UTF-8,Utf16=on,HugeFiles=on,8 CPUs)

Processing archive: file.out

Extracting Untitled drawing.png

Everything is Ok

Size: 24513
Compressed: 22290

So yes … apparently this is the best we can do with the zlib library.

If you haven’t heard about SOPA / PIPA, then you’ve probably been living under a rock for the past several weeks. I’m not going to talk about why it’s bad, or how it’s oppressing the freedoms provided by the internet because pretty much anyone who would even come across this site knows exactly what’s at stake.

Instead, I encourage you to contact your congressional representatives and light a fire under their asses to reconsider sanity once more as an option for governance.  If you want to know more about SOPA, click here.

As Americans, we continually take for granted the freedoms we have in the country for granted, everyday. Stop taking things for granted and start standing up for them; earn your keep Americans.

Dear GoDaddy:

You suck.  Seriously, you suck so bad it makes my vacuum cleaner feel inadequate.  Do you realize how much vacuum cleaner therapy costs these days?  A lot.  And I’m not made of money, which is obvious since I’m using your crappy, cheap-ass tools as my domain registration service.

Can someone down there, preferrably someone without their head permenatnly lodged in their lower digestive-tract, please tell me why, out of all the horrible stupid and awful things you do on your site, that you choose to “automatically renew” a domain ON A CREDIT CARD THAT HASN’T BEEN ON FILE WITH YOU FOR AT LEAST 4 YEARS?!?!?!?  Why for the love of all that is holy and fully of rainbow-shitting unicorns would you have NOT used the credit card you’ve had on file for the past 4 YEARS?!?!?!

Seriously?  What kind of amateur night are you running down there?  All of the stupid crap that your website does (or for that matter, doesn’t do) I can forgive (or at least tolerate) but how in Al Gore’s name can you not get the one piece of software that makes you bank right? What. The. Hell.  I know damn sure that if those vultures at Visa/J.P. Morgan/Best Buy/Citi/Home Depot/etc would have had any, ANY, other account number on file for me they, they would have pounced on that sucker like Sheen on tiger blood and they would have surely charged me some dumb-ass tax for the fact that their system didn’t like it, filed under “account maintenance fees” or some bullshit.

I can deal with the crappy interface, the 9001 ads that I have to click through to effin’ checkout a $8 domain that will ultimately be $50 by the time you’re done adding fees to it, and the insanity that I can’t transfer a domain to another GoDaddy user without a sacrifice to Blood Chicken of Waataephukuistan … but for all that didn’t get raptured today, TAKE MY DAMN MONEY WHEN I TELL YOU TO!

Love to hate, don’t hate to love,


While writing on my cousin’s wall, I came across the following revelation and it seems rather accurate:

  • Warning: Pregnant women, the elderly, and children under 10 should avoid prolonged exposure to Facebook.
  • Caution: Facebook may suddenly accelerate to dangerous speeds.
  • Facebook contains a liquid core, which, if exposed due to rupture, should not be touched, inhaled, or looked at.
  • Do not use Facebook on concrete.
  • Discontinue use of Facebook if any of the following occurs:
    • itching
    • vertigo
    • dizziness
    • tingling in extremities
    • loss of balance or coordination
    • slurred speech
    • temporary blindness
    • profuse sweating
    • heart palpitations
  • If Facebook begins to smoke, get away immediately. Seek shelter and cover head.
  • Facebook may stick to certain types of skin.
  • When not in use, Facebook should be returned to its special container and kept under refrigeration. Failure to do so relieves the makers of Facebook, Mark “Big Daddy” Zuckerberg, and its parent company, Global Chemical Unlimited, of any and all liability.
  • Ingredients of Facebook include an unknown glowing substance which fell to Earth, presumably from outer space.
  • Facebook has been shipped to our troops in Saudi Arabia and is also being dropped by our warplanes on Iraq.
  • Do not taunt Facebook.
  • Facebook comes with a lifetime guarantee.

I was sitting at a coffee shop today I was disappointed I forgot to ask for the wifi key. Now I could totally sit here and crack the WEP key, but that takes precious CPU and battery life and well, I just wasn’t that interested in getting the tools to compile for my Mac. This led me to wax poetic about the days I used to have a tether to my iPhone 3G and I thought … “Man, I would sure like to be able to tether again;” but the last time, that didn’t go over so well. The last time I installed the tethering packages from Cydia, I lost access to voicemail for 2 weeks, couldn’t get them to uninstall, yada-yada-yada, annoying experience. But today, I actually had time to think about how to solve this issue and then it hit me: I’m a moron, I should have seen this last year. Five minutes later, I was on the net.
Continue reading ‘Stupid iPhone and Stupid Tethering’ »

Alright, I goofed and accidentally updated a stable revision that I thought was being tested correctly and well … it wasn’t. So if you’re having issues with Code Snippet, just roll back to version 2.1.5 and life should be better.

Sorry for the screw up, but this has actually brought to light some bugs I never even knew were there so I’ll have those fixed up soon and we’ll be rolling again.

Download for 2.1.5 is here:

It’s been a long time since I’ve actually had to think about using Denyhosts and if you’ve read my post before, you’ll know I’ll swear by it’s functionality.

Recently, we’ve been getting hit by lots of SSH brute force attacks at HTG … and hit hard. The most recent stat was more than 2400 failed login attempts from over 50 unique attackers in a 24 hour period. Most times, I don’t care as long as they don’t get in … but then I sat back and thought, “Man, those fsckers are probably costing on bandwidth somehow.” and that’s where I draw the line.

So once again, Denyhosts is up and running, more than 60 hosts have been banned just today and more are going to get taken down. Now, if only I could come up with a good legal reason to just give my servers the capability to attack back … but that’s not legal … yet.

There’s an updated version of Code Snippet. Fixed some bugs with GeSHi and the WordPress plugin API. Their site is not showing the right information now, so here’s an accurate link:

Let me know if there are any problems over on the Code Snippet page!