USB Rubber Ducky

The Duck is a USB thumb-drive lookalike with a secret — the hardware is really a micro-controller with a microSD Card interface.  The device can act as any kind of USB slave, with a program or script fed to it via the SD card.  The default personality for the Rubber Duck is a a USB keyboard.  Plug it in, and it will type keystrokes generated via a script file.

The Duck is one of those hacking tools with both good and evil uses.  On the ‘good’ side, it can be used for automatic entry of complex commands in an environment where centralized computer management is difficult.

On the evil side, it can be used to immediately pop up a command shell and type malicious commands, execute scripts (e.g. powershell scripts) and install and execute software (bypassing UELA on Windows). There are lots of scripts available on the net, so using them is quite simple. It’s even possible to add a few lines to your script to “see” if the new “keyboard” is detected by the OS and keyboard input (actually next script lines) are accepted by the OS.

Keystrokes themselves can be pretty dangerous, beyond just using built-in commands.  I’m finding the Duck particularly interesting because it bypasses many kinds of protection: USB Mass Storage can be disabled, Autorun can be disabled, and the Duck will still work.  Who locks their machine down enough to prevent a new keyboard from being plugged in?  I’m also becoming curious about Host OS fingerprinting: could a USB Slave device such as the Rubber Duck determine what kind of host it’s plugged into, based on the USB setup and queries it receives?  If so, the Duck could be programmed to be a universal system hacker, with separate payloads for Windows, Linux, Solaris, etc, running the script based on the system it was plugged into.

Last but not least there are dozens of pages describing how to build your own “Rubber Ducky” USB device if you have a USB stick with the right NAND chipset.

Keep this in mind the next time you find an USB stick outside and think about attaching it to your PC to see what’s on it …

Regards, M.

Smart TV or media streamer?

All smart TVs have streaming apps, like Netflix, Amazon Instant Video, Youtube, and so on. Media streamers are nothing but streaming apps. Sure it’s convenient to use your TV’s built-in services, but are they the best experience?

Probably not, actually. More to the point, is it worth getting a media streamer if you already have a smart TV? Maybe…

Behold, the pros and cons of TV apps and media streamers.

First, some terminology.

What is a smart TV ?

A smart TV, sometimes referred to as connected TV or hybrid TV, is a television set or set-top box with integrated Internet and Web 2.0 features, and is an example of technological convergence between computers and television sets and set-top boxes. Besides the traditional functions of television sets and set-top boxes provided through traditional broadcasting media, these devices can also provide Internet TV, online interactive media, over-the-top content, as well as on-demand streaming media, and home networking access.

Smart TV should not to be confused with Internet TV, IPTV or with Web TV. Internet TV refers to the receiving television content over internet instead of traditional systems (terrestrial, cable and satellite) (although internet itself is received by these methods). Internet Protocol television (IPTV) is one of the emerging Internet television technology standards for use by television broadcasters. Web television is a term used for programs created by a wide variety of companies and individuals for broadcast on Internet TV.

In smart TVs, the operating system is preloaded or is available through set-top box. The software applications or apps can be preloaded into the device, or updated or installed on demand via an app store or app marketplace, in a similar manner to how the apps are integrated in modern smartphones.

The technology that enables smart TVs is also incorporated in external devices such as set-top boxes, Blu-ray players, game consoles, digital media players, hotel television systems, and other network connected interactive devices that utilize television type display outputs. These devices allow viewers to search, find and play videos, movies, photos and other content from the Web, on a cable TV channel, on a satellite TV channel, or on a local storage drive.

(Source : http://en.wikipedia.org/wiki/Smart_TV)

What is a media streamer ?

Digital media players (DMP) are home entertainment consumer electronics devices that can connect to a home network to stream digital media (such as music, pictures, or video). They can stream files from a personal computer and network-attached storage or other networked media server to play back the media on a television or video projector for home cinema. Most digital media players utilize a 10-foot user interface, and many are navigated via a remote control.

Some digital media players also have Smart TV features, like allowing you to stream media from the internet or popular streaming services and online media sites like YouTube, Vimeo, Netflix, Hulu, Spotify, and Amazon.com. Some other digital media players also allow you to playback locally stored content from a direct attached USB hard disk or even direct connect a Hard disk drive externally, or even internally in the digital media player via a Serial ATA (SATA) port, therefore these types of digital media player are sometimes referred to as HD Media Player or HDD Media Player if they can support to have a Hard Disk Drive installed inside.

Digital media players are also commonly referred to as a digital media extender, digital media streamer, digital media hub, digital media adapter, or digital media receiver (which should not be confused with AV Receiver that are also called Digital Media Renderer). Today the main difference between most modern “digital media players” and many modern set-top boxes (also known a set-top units) is that the set-top boxes generally contain at least one TV-tuner and are as such capable of receiving broadcasting signal (cable television, satellite television, and over-the-air television, or IPTV).

(Source : http://en.wikipedia.org/wiki/Digital_media_player)

Here’s a breakdown of the strengths and weaknesses of each.

Available content

Winner: Media streamer
Loser: Smart TV

If all you want is Netflix, everything streams Netflix. I think I’ve seen a toaster that did it. But beyond that, it’s a lot less certain. A vital component to any streaming device (TV or dedicated), is the ability to buy and rent current TV shows and movies. The two services with the most content in that regard are Amazon and Apple. No TV has iTunes (and please don’t mention the Apple Television vaporware), and not all of them have Amazon Instant Video. Google Play is a reasonable runner-up, but it still doesn’t have the breadth of content of Apple and Amazon. Vudu is cool, but primarily movies, and US-only. Sony’s Video Unlimited service is decent too, but not widely available either. The better media streamers, like Roku and Apple TV, have Amazon Instant Video (or iTunes), along with a lot of other content like HBO Go in the US or Sky’s Now TV in the UK. HBO Go is available on numerous streaming boxes, but the only smart TVs that have it are from Samsung. The Apple TV also has the added ability to easily stream music from your computer, which I use all the time. Other TVs and streamers can do this, but it’s not as smooth an experience. To me, just that fact is enough to justify the cost of a media streamer. If the point is to watch content, media streamers offer more content providers than any single television.

Ease of use

Tie, sort of

It’s hard to compare all TVs against all media streamers. The better streamers, like the Roku 3 and Apple TV, but also a whole lot of android based media streamers, are fast and easy to use. Everything is laid out well, and you can get to what you want quickly and simply. Even the Fire TV, despite its other issues, is easy to navigate and fast to use. Some TVs have decent menus for their streaming content… but most don’t. Worse, they’re often slow and clunky to use. So on that level, the better media streamers win. There is the added simplicity, however, of only having one remote with a smart TV. Most people don’t like an Ottoman of Remotes, and using just the TV’s apps could save you from having to buy a universal remote. Comparing the best media streamers against the worst smart TVs, it’s an easy win for the streamers. The lesser streamers against the better TVs, it’s more of a wash. Since the better streamers are barely any more expensive than the worst, generally I’d say this category is a win for streamers. But overall, I guess I have to concede a tie.

Updates

Winner: Media streamer
Loser: Smart TV

This one goes to streamers in a landslide. Over the years Roku and Apple TV have undergone numerous software updates to improve available apps and tweak the interface. Chromecast is another streaming platform that has evolved significantly since launch, improving mirroring, adding app compatibility and promising even more improvements as developers dig in. Amazon Fire TV promises more updates of its own, including adding more catalogs to its voice search, but remains stubbornly US-only for now. Then there’s the TVs. If you bought a smart TV a couple years ago chances are its interface, apps and capabilities, not to mention its response time, seem dated by comparison to a $99 box. Most smart TV platforms are updated only during the year they were launched, if then, and afterward age as quickly as any technology. One exception is Samsung’s Evolution Kit, but it costs twice as much as a Roku 3.

Picture quality

Varies

Generally, picture quality shouldn’t be an issue. If your TV’s internal scaler isn’t great, however, it’s possible the scaler inside a media streamer is better. This could mean Netflix et al will be sharper than when streamed internally from your TV. This is because, for the foreseeable future, most streaming content will be 720p. There are some 1080p and even 4K exceptions, but they’re still fairly rare. What has to happen is the TV or streaming box must upconvert the 720p to your TV’s 1080p (or 4K). How well this is done determines how detailed the image can look. If you do have a 4K TV, you will have to use your TV’s built-in Netflix app (above) to see 4K content from them. Remember, just because your TV’s Info button says “1080p” doesn’t mean that’s what the signal is from Netflix, that’s just what your TV is receiving from the media box. Check out What is upconverting? and Ultra HD 4K TV Cheat Sheet for more info.

Cost

Tie, sort of (again)

Generally speaking, a smart TV costs about $100, or around £80, more than a “dumb” TV. The better media streamers cost about the same. So technically it’s a wash. It’s not that simple, however. If you want to get a good, top-of-the-line TV, it’s going to have smart features built in, whether you want them or not. So if you want to add a media streamer, you’re going to be paying for the same apps (mostly, as mentioned above) twice.

Bottom line

That last part is the kicker. Most people are going to be faced with adding a media streamer to a TV that already has most of the streaming services. Looking at it that way, this becomes more complex than a simple tally of ties, wins, and losses.

The question really is whether a media streamer is worth $100, when you already have a smart TV? Personally, I’d say yes, and I hate recommending people spend more money than they need to. It comes down to Amazon and iTunes. Being able to watch just about any show or movie whenever you want is huge, and most smart TVs just don’t offer that ability. Many also have clunky, annoying interfaces, and they’re not updated frequently. Sure there are some exceptions, but having a good media streamer means you can ignore a smart TV’s apps, both when you’re shopping, and when you’ve got it home. That’s worth $100 to me, easily.

Greetz, M.

Split large text file in smaller chunks

When you have a large text file (e.g. logfile) that is to large to handle or to large to open in a text editor like notepad++, this is a way to split the file in smaller chunks.

Download GNU CoreUtils and install them.

Use the " split.exe" tool to split up the textfile in smaller chunks.

Example :

split.exe –bytes=1m -d –suffix-length=4 largefile.txt smallchunk

this will split the file lagrefile.txt in chunks of 1 MegaByte and name the files smallchunk0001 and so on.

Check the manual for all options.

Greetz, M.

Privacy (policy), the thing that nobody actualy reads

Ever read one of the privacy policies that you have to agree with, before you can install software or use a (online) service ?
Check some of the most used, Google’s privacy policy and Apple’s privacy policy.

Also interesting is the recent lawsuit (class act) against some of the most used apps on iOS. If you read the class act document, you will notice that Apple makes life easy for app programmers to access personal data (like your address book) on your iOS device (ipad, ipod etc). Apple offers standard code plus description for accessing your address book.

So what privacy do they respect ?

Greetz, M.

The Future of Light Is the LED

Since the first of September 2011 the EU has banned the 60 Watts light bulb (75 and 100 Watt bulbs were already banned). Here’s an interesting story I read on Wired : The Future of Light Is the LED

Note that the latest LEDs are not so environmentally friendly as they seem !

So the LEDs found in current household applications are blue diodes daubed with a powdered coating called a phosphor, which includes rare-earth elements that filter blue light.

greetz, M.

VMware Esxi 4.1 and SNMP

With the VMware ESXi free edition it’s not possible to configure the ESXi server using vSphere CLI commands. However there is another way to edit the SNMP settings.

  1. Stop all virtual machines on the ESXi host
  2. Enable SSH access to the ESXi host (configuration -> software -> Security profile)
  3. SSH to ESXi IP-address
  4. logon with user ‘root’ and enter password
  5. go to folder etc/vmware
  6. make a backup copy of snmp.xml
  7. edit (use vi) snmp.xml and set it like this

Continue reading VMware Esxi 4.1 and SNMP

Meh

Meh

This is a universal, non-commital answer to every question ever posed. Its the answer that doesn’t actually give any answer.

“So, you wanna do something tonight?” “Meh”

“Done anything good this week?” “Meh”

“How was it?” “Meh”

gr.

M.