modus is currently certified at Apprentice level.

Name: Matt Obert
Member since: 2001-02-05 03:07:48
Last Login: 2011-05-16 05:03:31

FOAF RDF Share This

Homepage: http://agendanation.net

Notes:

I'm a freelance IT consultant in Providence, Rhode Island. I've been lurking on Advogato for a decade. (Note to Self: "Do not read your old comments from 10 years ago." What a rank n00b I was!) Luckily, I somehow managed to find employment as a Linux sysadmin. Hopefully I've learned something along the way. I'm not a software developer, but I have been known to bust out some pretty cool shell scripts on occasion. That link to my old homepage? It's broken, but I may as well leave it there until I put up something better.

Recent blog entries by modus

Syndication: RSS 2.0
modus_operandi writes (via FARK.com):

Clever malware authors have come up with a way to disguise malicious executable files as innocuous data types by writing the file name backwards.

On May 11, analysts at Norman ASA (anti-virus software vendor based in Sweden) published details of the exploit in this report:"The RTLO unicode hole — sequence manipulation as an attack vector".

The trick is accomplished by using Unicode control characters such as 0x202E (right-to-left override) and 0x202B (right-to-left embedding) to reverse the direction of the text in the middle of a filename, and may be used to camouflage filename extensions in email attachments and on the web. Additional information can be found here (PDF) and here.

Although the payload is likely to be targeted at users of Microsoft Windows operating systems (which rely on filename extensions to determine whether a binary is executable) the exploit works on any operating system which handles Unicode correctly. That means Linux and UNIX-based operating systems, including Mac OS X, will also be fooled into displaying a deceptive filename.

14 May 2011 (updated 14 May 2011 at 08:53 UTC) »

>
> [1] The controversy over pronunciation of "sudo" is right
up there with the "ess-cue-ell" vs. "sequel" wars. (ITYM
"squeal." HTH. HAND.)
>     I used to pronounce it "pseudo" but after much
reflection I switched to "ess-you-doo", reasoning that the
command allows one to DO something after Setting Userid.
>     "Pseudo" means something distinctly different in
computer lingo, also -- e.g., a pty is a pseudo-terminal
interface, /proc is a pseudo-filesystem, and the rand()
function returns a pseudo-random integer.
>     That's why I use "an", rather than "a", when I use
the term "an sudoer" -- my enthusiasm for catchy acronym
pronunciations is overshadowed by my distaste for overloaded
jargon.
>
> -- 
> Modus Operandi
> set signature=sig.sh|
> Fri Apr 29 17:53:27 EDT 2011
> The Moon is Waning Crescent (10% of Full)

Check out my latest Perlscript, which generates a book layout as a PDF from a plain text file. The stories are written by elementary school students, and my job is to split the narrative into pages, one per student, with large frames for the kids to draw illustrations. The script automatically resizes the frame to allow for text and leading, and it automatically increments the page number in the lower right-hand corner.

Currently, the source code is on my Woozle homepage and an example PDF is available here. You'll need Adobe Acrobat or some other PDF viewer.

The first page is just a big empty frame because the title page is 100%  illustration. But don't stop there ... turn the page for the rest of the story!

Famous for Five Minutes Department:

Seth David Schoen of the Electronic Frontier Foundation has quoted me in his web journal at vitanuova.loyalty.org. The quote in question is way down at the bottom of the page. It's a silly pun I posted to the Crackmonkey list, only amusing to those who are familiar with Emad el-Haraty and Eben Moglen.

What do you know, I'm an Apprentice.

I haven't looked at my Advogato account in a really long while.
Maybe I'm ready to start posting here again.

15 older entries...

 

modus certified others as follows:

  • modus certified hoffman as Apprentice
  • modus certified rms as Master
  • modus certified slogan as Master
  • modus certified scc as Master
  • modus certified sspitzer as Journeyer
  • modus certified blizzard as Master
  • modus certified shaver as Master
  • modus certified criswell as Apprentice
  • modus certified uweo as Journeyer
  • modus certified neale as Journeyer
  • modus certified raph as Master
  • modus certified miguel as Master
  • modus certified federico as Master
  • modus certified tigert as Master
  • modus certified squinky as Journeyer
  • modus certified BrucePerens as Master
  • modus certified MisterBad as Master
  • modus certified emad as Journeyer
  • modus certified dmarti as Master
  • modus certified crackmonkey as Master
  • modus certified schoen as Master
  • modus certified jwz as Master

Others have certified modus as follows:

  • hoffman certified modus as Apprentice
  • criswell certified modus as Apprentice
  • Barbicane certified modus as Apprentice
  • neale certified modus as Apprentice
  • mhamilton certified modus as Apprentice

[ Certification disabled because you're not logged in. ]

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!

X
Share this page