How To Spot A Psychopath

This post on the Light Blue Touchpaper blog tells us all yet another thing we can do with Google:

Find a password, if our l337 h4XX0r skillz have already allowed us to harvest the MD5 hash for it.

The completely stupid way to store passwords, implemented by small children writing programs in BASIC and by $300-an-hour consultants writing enterprise software, is to just save all of the usernames and matching passwords as plain text in a file somewhere. If an attacker can read that file, they can now log in as anybody.

A much better, but still not as secure as it should be, method of saving passwords is to “hash” them using a “one way” or “trapdoor” algorithm, like MD5. A trapdoor algorithm runs very quickly in one direction (turning a password into an almost-unique string of seemingly random characters), but is almost impossible to run the other way, if you don’t have access to cubic kilometres of sci-fi nanotech.

If someone gets hold of the file in which you store password hashes, the one-wayness of the hash algorithm means the attacker still can’t figure out what passwords correspond to what hashes, and so cannot make use of his discovery.

Well, that’s the theory.

In practice, attackers can take a dictionary of passwords, hash them all, then search for matches between their new hash dictionary and the password hashes. There are even helpful online tools that’ll do it for you, like the long-established passcracking.com/ru, or md5oogle. When there’s a match, you’ve got the password.

And this is what Google allows you to do in two seconds, if the password hash you’re trying to “reverse” corresponds to a common word.

The word “elephant”, for instance, hashes to e4b48fd541b3dcb99cababc87c2ee88f. Search for that in Google and you’ll get a bunch of pages which, for reasons explained in the Light Blue Touchpaper post and its comments, often also have the word “elephant” on them, or right in their title.

(This post will probably be very high in those search results in a day or two. Check out the above-linked online reverse MD5 hash lookup tool if you’d like to explore other options - it lets you hash any string you like, then checks some databases for it. While it’s checking, you can be Googling the same string. Md5oogle lets you generate MD5 hashes as well, but it converts everything to uppercase first - which many password systems also do.)

This technique only works for passwords that’re common words - or, at least, have for some reason been hashed and stored in a Google-visible file. If your password is something nonsensical like dj347F, which hashes to 54041c87e2e431f3fc4c47e55d114ef3, the hash won’t be found anywhere on the Web (except, again, on this page, once Google indexes it).

This technique also doesn’t work if the passwords are “salted” with some extra data before being hashed. So if a user foolishly decides to choose “mypassword” as his password, the software actually hashes, say, 28391mypassword, and thus creates an un-findable hash.

Adding a simple fixed salt to every password still doesn’t give you really industrial-strength security, but it’s streets ahead of a lot of the junk that makes it to production. And it does stop dumb attacks like Google searching - well, at least until people find out that MurderDeathKill 3D’s online gaming logon system just adds 28391 before hashing passwords, and start making tables of dictionary words with 28391 in front of ‘em.

Lots of current popular software uses unsalted hashes, including the WordPress software that runs this blog.

So it’s pretty lucky that I made my admin password “3hv78UEr”, isn’t it?

When last we visited the wonderful world of image “retargeting” by means of the cunning seam carving technique, I envisaged a decent free seam carving Photoshop plugin in the near-ish future.

Well, that hasn’t turned up yet. But a couple of options besides rsizr.com and that GIMP plugin have.

The inventively named Content Aware Image Resizer is a simple command line utility that can only cope with BMP format images, but gets the job done (a bit slowly…), is multithreaded, and is GPL-licensed so C++ hackers can fiddle with the source.

Resizor is a standalone Windows app, which is only single-threaded but still seems a bit faster than CAIR (I think rsizr.com is faster now than it used to be, too), has a bunch of fancy resizing algorithms as well as the seam carving “Retarget” option, and has a graphical interface too.

Resizor only lets you make an image smaller by seam carving (one of the interesting features of the technique is that it can just as easily enlarge images as shrink them), but it does what most people want to do.

I just installed the brand new v163.71 Nvidia drivers (the last non-beta release was v162.18), and benchmarked Supreme Commander before and after. There’s a small but significant improvement.

I’m tired of seeing articles about AMAZING NEW DRIVER IMPROVEMENTS OMG and then discovering that there’s only any difference if you’re using a GeForce 8800 on Windows Bloody Vista.

I’ve got a 32-bit-WinXP computer with a 2.2GHz (at the moment) dual core Athlon 64 and a 256Mb GeForce 7900 GT.

That’s probably still faster than the average, but it’s pretty far from the current cutting edge. (Only two cores, dahling? However can you cope?)

Driver tweaks aimed at the super-expensive dual-slot super-cards won’t help me at all. I’m guessing that they won’t help most of you, either. Tweaks that help a GeForce 7900 ought to be some use for various other current affordable Nvidia cards, though.

I’ve also got an effing big monitor, so I ran the tests in 2560 by 1600 resolution. That’s practical for fullscreen Supreme Commander if you’ve got some flavour of 8800 (ATI aren’t really in the very-high-end race at the moment), but it’s actually very playable if…

…you split the monitor between the normal view and the easy-to-draw topographic-view map.

Running the standard “perftest” benchmark in that resolution guarantees, despite Core Maximizer, that the game will be video-card-limited most of the time.

The Supreme Commander benchmark reports total frames rendered, “sim” performance (how fast the game calculates everything-but-graphics), “render” performance (graphics alone) and a “composite” score that roughly represents overall performance.

In this graphics-heavy test, my “render” result increased by nineteen per cent with the new drivers. The giant resolution and less-than-incredible video card meant that, in the peculiar jargon of the perftest benchmark, the “render” score only improved from minus 1029 to minus 863. But trust me, that’s still good.

The logged-frames difference was +0.7%, which probably means less than experimental error and definitely means nothing you’d ever notice. The sim score improved only slightly more, at +1.6%. But the composite score improved 4.7%, from 5794 to 6065.

You probably wouldn’t actually notice that in play - it’s a general rule of thumb that differences of less than ten per cent aren’t noticeable. But almost five per cent is not a bad improvement to get for free.

Complex Supreme Commander games are almost 100% CPU limited. Smaller games, though - and even complex games when you can’t see much of the enormous map you’re playing on - don’t give your graphics card much time to breathe, especially if you’ve taken advantage of SupCom’s still-rare ability to make use of a second monitor. So I don’t think I’m lying with statistics, here.

(I’m not, to be fair, actually playing much Supreme Commander at the moment. I got ETQW yesterday, and intend to Strogg 4 Life for a while before getting back to the direction of vast robotic armies.)

The remarkable “seam carving” image resizing technique that I and everybody else posted about a month ago has now been implemented in at least two ways.

First, there’s the Liquid Rescale plugin for GIMP.

[UPDATE: Picutel’s “Smart Resize” is a Photoshop plugin that does the same thing. You have to buy the full version if you want to work with images bigger than 640 by 480, though.]

Second, and much more interestingly for casual dabblers, is rsizr.com (of course).

Rsizr lets you watch the seams being carved before your very eyes in a Web browser.

It’s not the fastest process I’ve ever seen, since this is a rather computationally intensive technique (since it’s doing it in Flash, I suspect it may be based on one of the open-source ActionScript seam carving implementations mentioned here). If you want to mess about with Rsizr, I therefore recommend you use images no bigger than 1024 by 768, even if you’ve got a firebreathing computer.

Note also that after you’ve done the seam-carving, you still have to click the image and drag its border to actually resize it. Well, I think you always have to do that; Rsizr’s pretty much documentation-free at the moment.

But it definitely does work.

It allowed me to turn this 1280 by 850 pixel original…

…into this 855 by 640 pixel version. Click the images for full-sized versions.

The reduced-size version now has rather cramped composition, and the terrain looks a lot more hilly than it really was. But all of the major image elements - the sharp trees, the two buildings, the man and the boy - are preserved almost unchanged. They’re just closer together than they were.

The rsizr.com server’s being hammered a bit at the moment, so the “Save” function takes rather a long time to work. It’s easy enough to get around that, though - once you get your image the way you want, just take a screenshot of the window and cut the image out of it.

(I presume there’ll be a decent free Photoshop-plugin image carver Real Soon Now. In other news, one of the guys who came up with the idea has been hired by Adobe.)

Today, I received a press release whose title was “FixMyMovie Launches with James Bond-Style Video Enhancement”.

This did not fill me with joyous anticipation. “Video enhancement” is one of those ridiculous action movie cliches - any old security camera footage can be “enhanced” to hundred-megapixel detail whenever it’s necessary to move the plot along.

FixMyMovie does not, however, actually make such stupid claims. It would, in fact, probably be perfectly useless to James Bond.

What it aims to do is apply MotionDSP processing muscle to low quality video, to make it better looking without losing detail. At the moment you can make a free account on fixmymovie.com and upload any video clip smaller than 352 by 288 pixels in resolution and 20 megabytes in file size, and see what transpires.

So I did.

When I reviewed the Aiptek Pocket DV2 toy digital video camera back in early 2003, I strapped it to the top of a model tank and took it for a drive around a park. The Pocket DV2 produces grainy, fuzzy, nine frame per second 320 by 240 video, which is pretty much on par for cheap phone cameras these days. FixMyMovie is specifically designed to enhance phone camera video, so I figured one of the Aiptek clips would be a good sample.

Here’s a Google Video version of the clip. Video of this quality is one of the few things that GooTube compression won’t make a whole lot worse, but it’s still lost some quality; you can download a DivX-compressed version of the original footage, which looks almost exactly the same as the original Motion JPEG video but is quite a bit smaller, here.

Here’s the FixMyMovie-d version. If you can’t see it, you probably need the latest beta Flash plugin. If you’ve got the right plugin already, you’ve probably noticed that the FixMyMovie player currently has a MySpace-style auto-play function, which you can’t turn off. Sorry about that.

The difference really is quite impressive. FixMyMovie has gotten rid of the prominent blocky compression artefacts in the original video, without noticeably blurring it. It’s not an amazing, incredible, action-movie-bulldust improvement, but it’s very worthwhile. Rapid camera movements - an acknowledged weakness of the enhancing technique - leave noticeable ghosts from previous frames. But they’re only noticeable if you’re trying hard to see something wrong with the video. The improvements far outweigh the problems.

The deal with FixMyMovie - once it leaves its current beta state - is that it’ll only enhance the first ten seconds of any clip for free. If you like the look of it you can “Order” a fully processed version, which will cost money - 99 US cents, to enhance this clip.

(It took quite a long time to process this clip, presumably because people are already hammering the FixMyMovie server. You get an e-mail when processing is finished, though, so you don’t have to sit there refreshing the My Videos page.)

At the moment, you get $US25 credit when you create a free account - and no, you don’t have to give them a credit card number; use a disposable e-mail address if you’re really paranoid. $25 should plenty to try the service out.

The player lets you play the whole clip even when only ten seconds have been enhanced, seamlessly connecting the enhanced beginning to the unprocessed rest of the video. Click the bar on the right-hand side of the video and you can compare processed and unprocessed still frames with a nifty mouse-drag interface.

As the FAQ explains, once you’ve fully processed a video, you can download it in various popular formats, including native h.263-encoded FLV flash video format, for upload to YouTube, which will then not recompress the video.

Here’s the video on YouTube - I only just uploaded it, so it ought to be viewable in a moment. If you can’t be bothered installing the new Flash player, or if it’s not available for the computer you’re using, this is pretty close to the fixmymovie.com version.

Google Video and YouTube still aren’t completely harmonised; you can upload FLV-format video like this to YouTube, but not to Google Video.

The enhanced WMV and MOV versions of this dinky little one-minute clip were fifteen megabytes in size. They’ve got a bit more detail than the online Flash version - they look a bit better than the 7.5Mb FLV-format version too - but they’re not nearly better enough to justify that huge file size.

The FixMyVideo enhancement hasn’t done anything to the frame rate (which is good), but it’s blown the file resolution up to 640 by 480, which along with 64 kilobit per second audio (which the crappy-camera original didn’t have) accounts for the file size inflation.

The smaller FLV-format version is 320 by 240, as it should be, because that’s the native resolution of GooTube.

The big file sizes aren’t really a problem, because this enhancement technique is based around interframe interpolation; it tries to find the same image components in different frames, and overlay them to leave the image data and eliminate various forms of distortion. So it’s kind of like speckle imaging and image stacking, but for motion video. Sticking with the original resolution would have thrown away some of the interpolated detail.

In brief, though: Yes, FixMyMovie works. I don’t know how much value it’ll have for video that looks OK to start with, but if you’ve got some crappy phone, web or toy camera video that you’d like to improve, check FixMyMovie out while it’s still free.

It’s great to see such impressive strides being made in the important field of protecting children from boobies.

Back in the day, there was software that confidently classified the Mona Lisa as porno. And also classified porno as being perfectly squeaky clean.

Nowadays, there’s software on which my very favourite Australian Federal Government ever has apparently spent 84 million Australian dollars (about $US69 million, as I write this).

This software can, it is said, be bypassed by a kid in a matter of minutes.

(I see no reason to change my conclusion from the end of 2000: It doesn’t matter, to the people who make it or the people who pay for it, whether censorware works or not.)

The news.com.au piece doesn’t actually tell you how the pictured smirking 16-year-old bypassed the NetAlert suite of programs (while leaving them apparently running!). I presumed it was something rudimentary, like killing a couple of processes in Task Manager. Maybe a few seconds with regedit, too.

This ITWire piece details an inelegant way of temporarily and invisibly disbling Optenet, one of the three programs, by… killing a couple of processes in Task Manager.

This page mentions ways to prevent people from “tampering with Integard”, which are hilarious enough that I’ll leave them as a surprise, but which include not letting anybody boot the computer from CD.

That is, of course, well beyond the capabilities of the average parent (change boot order in BIOS setup program, set BIOS password, and then just hope your kid doesn’t know how to clear the CMOS, which wipes the password and resets the boot order to default in one hit).

Just booting from BartPE or a Linux disc and nuking the nannyware isn’t, of course, the sort of elegant and undetectable hack that’s being advertised here. So there’s probably something neater out there.

I’ll be pretty surprised if you even need Process Explorer to nobble the rest of these marvellously enterprisey programs so wisely purchased from their skilled authors with my tax dollars. But who knows?

You mission, gentle readers, is to Outflank the Nanny, in as few keystrokes as possible. The software’s a free download.

Our Government’s dedication to quality software extends to the “Required” e-mail address and postcode on the download page. The postcode can be any four digits, and the e-mail address just needs to have an @ and a . in it, with two or three characters following the .

(The Safe Eyes download requires some kind of further account creation folderol. I also don’t know whether they check to see if you’ve got an Australian-looking IP address.)

Apropos of my passing mention of that brilliant Hays/Efros scene completion technique, here’s “Seam Carving”, a very crafty image resizing technique:

PDF with more info here, home page with MOV version of video here.

(Via.)

Aaah, this takes me back.

Install new version of Windows, discover that now some of the hardware for which you paid good money does not work any more, and will not ever be fixed. Buy new stuff, sucker. Thank you for playing.

Actually, one of the problems listed in the PC Perspective piece is exactly the same as it was back in the Win98-to-Win2000 days. Apparently positional audio won’t work in many games in Vista, ever.

The same thing happened when people with Aureal Vortex-2-chipset sound cards upgraded from Win98. The sound card still worked, but only in stereo mode, and that was the end of it, no matter how hard you tried.

The Vortex 2 had much better sounding positional audio, then, than any alternative. It still sounds good today. But you’ve got to run Win98 to hear it.

(There might have been Win2000 drivers eventually, except that Aureal went bankrupt around the time Win2000 was coming out, after a legal battle with… Creative. Their assets were then bought by… Creative, who had no particular interest in the Vortex chips. And now, the wheel turns…)

To be fair, the parallel’s not really a perfect one. Games that supported the Aureal 3D sound API and also the newer and crappier Creative one could be returned to proper functionality, back in 2000, if you bought a Creative sound card to replace your Vortex 2. Today, games that support both Creative’s now-mature but still-somewhat-crappy API and the newer OpenAL standard should Just Work on your existing Creative card. Regrettably, though, the grand total of commercial games that support OpenAL at all appears to be 77, including some big names but excluding many others. Those others will have 3D sound on Vista only if they’re patched to support OpenAL, which is Not Bloody Likely for nearly all of them, but is I suppose a bit more likely than it was back in 2000.

Ryan’s complaint about his print server now being a paperweight reminds me of what Win2000 (and every other NT-series Windows version) did to ATA CD changers like this one. They were and are very cool pieces of hardware - six discs in barely more space than a standard single-disc drive! - but they were killed dead by WinNT and later. Win2000 expected you to manually mount and unmount the discs, rather than just switching ‘em automatically like Win98 did. It was much faster to use a single disc drive and carry the rest of your CDs around in a wallet.

Microsoft have a Vista version of their Hardware Compatibility List (”currently only compatible with Internet Explorer 6 and above”), and an Upgrade Advisor you can run to see if there’s stuff in your PC that’s explicitly non-Vista-compatible. Anybody who is for some unfathomable reason thinking about getting Vista at this early date (what, you want to be absolutely totally tip-top ready for DirectX 10 games the very day they come out?) should, at least, run the Advisor.

On drilling down into the HCL to see what Creative sound cards are listed, I note that the answer appears to be “none”. There’s a small list of chipsets, not one of which is from Creative. So I suppose you should be grateful that your Creative card makes a noise at all.

The Advisor will also not save you if the insoluble problem that’s waiting for you is that the print server on the other side of your house will never work with Vista. And it won’t say a thing about software, including your non-OpenAL games.

On the first day of Christmas, the universe gave to me…

…a big fat Macintosh disk error.

(When it’s doing an operating system update, and it goes to sleep in the middle of it, and then it won’t wake up again, that’s bad.)

I know very little about fixing Macs.

Well, I knew very little.

Now I know that when it boots to a blue screen (then a different shade of blue with a pointer, then the first shade of blue, repeat until bored), and the problem’s not an incompatible login item, and this procedure ends when fsck announces that the volume could not be repaired, and five million Web pages say that the next step is to try fixing the drive with DiskWarrior, but the computer will not boot from your DiskWarrior 4 CD (that you got from the only place you can get commercial software from on Christmas Freakin’ Day, nudge nudge), no matter how hard you hold C on startup, and the Mac goes into target disk mode just fine, but the only device you then get to see on your Windows PC via MacDrive as you hopefully try to copy files off it is the optical drive which still contains the apparently perfectly valid DiskWarrior CD, so you have to boot with the mouse button held down to get the bugger to eject, and you then plug in some random spare drive via a FireWire doohickey, then install OS X (v10.4) again to that drive, you can then boot the computer from the external drive, put the DiskWarrior disc in again, fail to run DiskWarrior because of some folderol with permissions, fix that, eject and replace the disc, run DiskWarrior again, then it’ll hang the whole operating system at “Step 9: Waiting For Mac OS X system services to complete…”, and you figure that maybe that’s because your old hard drive is overheating, so you’ll point a little USB fan thing at the drive and power cycle everything yet again, and now the drive runs a lot cooler but it’ll still hang at exactly the same point, leaving the computer unable to do anything but blank its screen according to its default power settings…

…then you’re screwed, right?

I’m thinking that the first thing we should have done with that computer when we went to my mum’s place for Christmas was, perhaps, to make that first backup she’d never gotten around to, not to click “yes” to the months of queued-up update requests and then leave the room.

But we didn’t, and now it’s like this, and I’m thinking all I’m going to be able to do is try an erase-and-reinstall of OS X on the munged hard drive, destroying all of my mum’s un-backed-up data.

And, if that doesn’t work, go shopping for a new hard drive.

Unless one of you has a better idea.

(Yes, I’ll buy a legit copy of DiskWarrior when the shops are open again to sell me one, if anybody thinks it will actually have any value to me.)

Note that “Take the computer to the friendly staff of the Genius Bar at your local Apple Store!” does not qualify as “a better idea”, unless you also send me the money to fly to a country that has Apple Stores in it.

Here in Australia, our Apple retailers appear to favour the more rugged “Jeez, Yeah, That’s Buggered. Wanna Buy Another One, Mate?” Bar.

Apropos my previous mentions of this sort of thing, I couldn’t resist piling on about this Lifehacker post. It’s headlined by a simply excellent example of a user interface exploding into a Wain mandala of peripheral detail.

(My answer: A mere 15 active extensions, including of course the excellent ClumsyFingers. Plus a few zombies that don’t work with Firefox 2, none of which I’ve found myself actually missing.)