White Rock Bay

I have been itching to get out west of Salt Lake now that the weather is warming up. I love the west desert in the late winter and spring. Life is springing up again, there is green grass, and the weather is perfect.

My daughter and I went to Antelope Island to hike around. We ended up on an overlook of White Rock Bay on the west side of the island. We found a nice rock outcrop shaped like a huge chair and settled in for a snack while we waited for the sun to set and provide some nice lighting. This image was taken near that spot, looking out across White Rock Bay toward Elephant Rock in the distance.

Read More...

Node.js Security Training

I’m not being paid to make this recommendation at all (I just happen to know Adam Baldwin), but if you build Node apps at all, you really should consider the new secure development training for Node offered by ^lift. Even if you can’t make one of the training sessions they offer, it is well worth your time to chat with them about the security of your Node app. If security is baked into the app and is part of the development process, the chances of avoiding an embarrassing security vulnerability are drastically reduced.

These guys know their stuff and work with organizations such as GitHub and npm, Inc.

Check it out: ^lift Node Security Training

Windows Scripting Host and Fake Antivirus

As a follow up to my previous post about the Windows Scripting Host (WSH), I should mention that I have seen a bunch of fake antivirus website pop-ups attempt to load a file called setup.exe.vbe by downloading the file via the browser and attempting to get wscript.exe to execute the malicious script. I have noticed that not all of these attempts have been caught by antivirus and virtually none of them by vendor-supplied network-based IPS signatures.

If you monitor change activity on your hosts, look for attempts by wscript.exe to execute a file called setup.exe.vbe and ensure that it was not successful.

Mandiant on Windows Scripting Host

Mandiant has a great post on their blog discussing some attempts by malware to maintain persistence on a host through utilization of the Windows Scripting Host (WSH) and startup folder:

In this recent case, we identified a novel technique that indirectly loads malicious scripts by means of LNK files in a user’s start-up folder. The LNK file was designed to invoke the Windows scripting host (WSH). The WSH comes in both a GUI version, “wscript.exe”, and a command-line version, “cscript.exe”. The WSH can interpret Visual Basic scripts, commonly denoted by the file extension “.vbs”, and Jscripts (Microsoft’s implementation of JavaScript), commonly denoted by the file extension “.js”. The malicious LNK file invoked “wscript.exe” to interpret a JScript file stored within a specific user’s profile.

Great stuff, including some indicators of compromise (IOC) and Snort rules to attempt to detect these situations, though the IOCs will be far more effective at this than the Snort rule.

Human Beings, Love, and the Play

I ran across this quote today in the course of my reading and thought I’d share it.

Works of Love, pp. 92-96 (SV XLL 86-91), cited in S. Kierkegaard, Parables, pp. 47-48:

To love one’s neighbor means, while remaining within the earthly distinctions allotted to one, essentially to will to exist equally for every human being without exception.… Consider for a moment the world which lies before you in all its variegated multiplicity; it is like looking at a play, only the plot is vastly more complicated. Every individual in this innumerable throng is by his differences a particular something; he exhibits a definiteness but essentially he is something other than this—but this we do not get to see here in life. Here we see only what role the individual plays and how he does it. It is like a play. But when the curtain falls, the one who played the king, and the one who played the beggar, and all the others—they are all quite alike, all one and the same: actors. And when in death the curtain falls on the stage of actuality (for it is a confused use of language if one speaks about the curtain being rolled up on the stage of the eternal at the time of death, because the eternal is no stage—it is truth), then they also are all one; they are human beings. All are that which they essentially were, something we did not see because of the difference we see; they are human beings. The stage of art is like an enchanted world. But just suppose that some evening a common absent-mindedness confused all the actors so they thought they really were what they were representing. Would this not be, in contrast to the enchantment of art, what one might call the enchantment of an evil spirit, a bewitchment? And likewise suppose that in the enchantment of actuality (for we are, indeed, all enchanted, each one bewitched by his own distinctions) our fundamental ideas became confused so that we thought ourselves essentially to be the roles we play. Alas, but is this not the case? It seems to be forgotten that the distinctions of earthly existence are only like an actor’s costume or like a travelling cloak and that every individual should watchfully and carefully keep the fastening cords of this outer garment loosely tied, never in obstinate knots, so that in the moment of transformation the garment can easily be cast off, and yet we all have enough knowledge of art to be offended if an actor, when he is supposed to cast off his disguise in the moment of transformation, runs out on the stage before getting the cords loose. But, alas, in actual life one laces the outer garment of distinction so tightly that it completely conceals the external character of this garment of distinction, and the inner glory of equality never, or very rarely, shines through, something it should do and ought to do constantly.”

Photo Gallery Complete

I have completed the photo gallery, which consists of my favorite images I’ve taken over the years.

I had initially contemplated doing some sort of JavaScript gallery or utilizing the LightBox JavaScript library like I have in the past, but eventually realized that doing so would complicate the site more than I wanted. In addition, I didn’t like how most gallery tools don’t resize for smaller screens. I eventually settled upon a basic table that takes you to a separate page containing the image once you click on a thumbnail.

I hope you like it.

Bear Claw Yurt in Uinta Mountains

I just returned from a short backpacking and snowshoeing trip with a friend into a yurt nestled on the north slope of the Uinta mountains in Utah. The yurt is run by BRORA and a permit is required to stay there, but it is well worth the trip. BRORA stocks the yurt with propane and wood (though visitors are encouraged to cut wood and restock what they use in the wood-burning stove within the yurt), and it has propane lamps, cooking utensils, a wood-burning stove that is completely amazing, and various sundry goods required for a comfortable overnight stay in the backcountry during winter.

Trail to the yurt

Read More...

More Website Changes

Once again I have made some significant website changes, now moving to a static website generated by Wintersmith and Node.js. Theme templates were created using Jade and should be responsive (adjusts the page to fit the screen on which the site is viewed, while maintaining consistent navigation).

In order to do this I first built a structure in HTML, utilized the wonderful HTML2Jade tool, made further adjustments to the output Jade template to match what I needed, and then did a lot of CSS hacking. I cannot stress how absolutely wonderful Safari’s web inspector is for getting CSS just right.

So, you may ask, “Why move away from Ghost and to a statically generated site?” First off, Ghost is a great platform and very slick blogging tool. As I’ve been using it I’ve bumped my head against its complex code several times, which is frustrating. I like simple, lightweight code.

Ghost is also very immature and lacks many key features for me, such as theme loops, an API, and a good static page implementation (admittedly, this is subjective). My biggest gripe is that, due to a bug in how the editor handles Safari in iOS 7, editing or creating posts on a mobile device doesn’t work at all. This issue has been around since iOS 7 came out, and there is still no fix in sight.

Bottom line on Ghost: It’s great, absolutely beautiful technology, but ultimately not for me.

Why a static site? It really boils down to a desire to have a simple implementation that is not database-driven, is lightweight, and can be customized without too much fuss. I also wanted a faster site (though my previous Ghost implementation was quite fast) and, importantly, a much smaller attack surface due to the site being basic HTML (with a very small amount of JavaScript).

Anyway, I hope I’ve moved everything over properly. If you see anything out-of-sorts, please let me know. I also plan to implement a photo gallery in the near future.

Film's Performance in Winter Orchard Photograph

I had mentioned in my previous post that I preferred the film version of this photograph over the digital version. Here is an example of why (this is a crop of one of the previous images I posted):

Read More...

Winter Orchard

At the foot of the mountains near our home is a beautiful orchard. The owners are kind enough to let photographers into the orchard to capture its beauty and, after some recent snowfall, I stopped by to capture the long grass protruding through a carpet of snow, accented by the reddish bark on the trees.

I shot these images with the Mamiya C220 on Kodak Portra 160 film. I also captured some frames with the Fuji X-Pro1 but definitely prefer the film images.

Read More...