悪の巷に豪邸

I never managed to figure it out, except that something was going crazy during the ipmasq being performed by the wireless access point. To get around it, I eventually tunnelled around it with ssh, as described here. The link he gives for the tinyproxy script isn't very good, go back to the original mailing list message for it.

Well, I picked up Zeitgeist in Hokkaido. The Japan bonus track is "Death from Above" ( B-Side from "Tarantula" ).

If you enjoyed the Judas Priest / Sabbath influenced tSP heavy rock catalogue, you may well enjoy this album. There is not much left of the dream-pop of Siamese Dream, etc, and likewise the sense of grandeur that accompanied albums like Melloncollie is also gone ( although perhaps this aspect will improve with relistening ).

Part of the vocal melody on "Neverlost" is very similar to "Bloodflowers" ( Bloodflowers, The Cure, 2000 ). ( tC: "Between you and me,...", tSP: "You make what you want of me..." )

I liked it, but it hasn't grabbed me by the throat as other offerings have ( even the single Zwan album ). I will give it some more listens and some more thinking.

"I am staggered that some American newspapers have decided to publish purported spoilers in the form of reviews in complete disregard of the wishes of literally millions of readers, particularly children, who wanted to reach Harry's final destination by themselves, in their own time."

-- J.K. Rowling

"What do you get with freedom? Excesses? Exploitation? Of course. And what does one say to that? A small price to pay. If you dont like it, dont listen to it, dont read it, dont watch it."

-- Attributed to Hugh Hefner

Almost as ridiculous as the ridiculous Harry Potter Grief Counselling announcement.

While outdated now, this was still a groundbreaking work of cultural ethnography for it's time. I own a very old hardback copy of it - it has Sir Frazer's obituary clipped from the Times of London sandwiched in it's backplate.

Good news! You don't have to pay a pile of money for it because it's all up on Wikisource!

Well, it's my last day at work today. I have no internet at home, so this will probably be the last post I make for a while, at least this month. So, that said,



Space Ghost: Let's go back inside where the gas is.

See you all again, in Australia, where the Gas is. Probably back on curious_au.

I played in a seven way ¥2000 hold-em limit / no-limit tournament on Sunday night. It was frustrating.

I won't go into a play by play, but three of the players were fratt-y types that spent their rounds stacking beercans, telling lewd jokes and sending their girlfriends off to the bathroom to take photographs of herself with their cellphone cameras. Two of the other players were drunk as the lord and completely unpredictable. Drunks deal slowly and with poor card control.

Play commenced at 7:30pm. I took the scalp of the third place player at around midnight. The remaining heads-up game went to 50/100 no-limit and ground on for a full hour more of very conservative play before I offered a compromise of splitting the pot between us and just ending the game, which I am very greatful my opponent accepted. My share ended up being ¥6000... while this is my first tournament "victory" and I'm happy about that, the profit / hour ratio was pretty bad for such a frustrating game. ;-)

I have just started playing the first wargame on pulltheplug, Vortex, and I'm going to whinge. The problem description for level 0 is:

Your goal is to connect to port 5842 on vortex.labs.pulltheplug.org and read in 4 unsigned integers. Add these integers together and send back the results to get a username and password for level 1. Note that vortex is on an x86 machine (meaning, a little endian architecture).

Obviously if they used network byte ordering, we wouldn't have to worry about it being x86. :colbert:

So, Phrack 64 was generally a disappointment - it's been poorly edited, a lot of the content is nonsense about Astral Traveling and how you can smash the state, man! revolutttionnn! on Youtube. However, there was a great article in there by Neil Archibald on XNU/OSX vulnerabilities ( file 0x0b ). Very interesting!

For me the best part was on local privilege escalation using shared_region_map_file_np, which allows you to map data from a file to a region of memory for all processes, including suid. There has been a lot of ballyhoo about the stack becoming NX in 10.4, which destroyed a lot of traditional buffer overflow attacks where you'd load shellcode into a buffer and then overwrite eip to jump back into it, and while there have been other approaches to evading this, I have never seen it done as clearly and simply as here - simply using the syscall to place the shellcode at some distant address without it's NX bit set.

Apple, I don't understand the function prolog as documented in the IA32 Calling Conventions ABI Reference Document.

1. Pushes the value of the stack frame pointer (EBP) onto the stack.
2. Sets the stack frame pointer to the value of the stack pointer (ESP).
3. Pushes the values of the registers that must be preserved (EDI, ESI, and EBX) onto the stack.
4. Allocates space in the stack frame for local storage.

However, an example prolog for a function with 12 bytes of locals looks like this:

pushl   %ebp
movl    %esp, %ebp
subl    $24, %esp

As you can see, none of the so-called non-volatile registers were pushed, nor were they pushed by the call statement that led to this function as far as I can tell - they're certainly not where the ABI implies they should be. Despite this, a great deal more stack ( an additional twelve bytes ) was reserved than is necessary. I guess space was reserved for pushes of edi, esi and ebx, but as these registers weren't used by the function, they never got pushed, despite compiling without optimisations. Weird.

I climbed it yesterday with Cassie. It was probably the hardest thing I have ever done.

The climb was fraught with problems. We started the ascent at around eight. After the third scrambling section of the trail, about station seven / midnight, I started to experience problems with altitude sickness, and despite using an oxygen bottle, couldn't get my head clear enough to competently climb. Even though we'd miss the sunrise on the summit, I had to sleep. We crashed in one of the huts. Cassie woke me at 4:30 so we could watch the sunrise together from the doorway, and then I went back to bed for another three hours of sleep.

After that, I felt much better, and we continued our climb. The low oxygen and hot sun made the climb very difficult for me, and although it was physically quite strenuous, the biggest problem was probably me stressing about falling off the mountain - the surface is very loose and crumbly in a few places. As a result of the air, I spent a lot of time leaning on my kongo-zue walking stick and panting like a dog. We were passed by many old grandmas as well as a patrol of soldiers that appeared to be hiking in full uniform with heavy packs.

Unfortunately, as I had expected to be climbing at night and then down in the very early morning, and am kind of stupid, I took few precautions against the heat besides some sunblock, and I got very, very sunburnt indeed. The summit was very beautiful, and Cassie took some photos that I will share later. We made our descent ( part of the descent trail is still closed - this was the first weekend of season ), and this would have been very easy except that I had my boots laced improperly or something and my toes were striking the front of my hikers on every step. They rapidly bruised into agony and as I look at them now, they're still blue/black and quite swollen. Cassie also hurt her knee.

Unfortunately, we weren't able to directly catch a bus back to Shinjuku. For some reason the last one leaves at 4pm, while they arrive much later, and after much transport wrangling, and with the pain starting to set in, I decided to take a day off work today. We arrived back at Cassie's house at around 11:30pm. What a day.

All this said however, I am very glad I did it, and it was an amazing sight and an amazing achievement. Photos soon!

edit: Note - available oxygen at the summit is 64% what you can get at sea level, but with acclimatisation, blood oxygen levels will not drop as dramatically.