Author Archives: Marshall Poison

Patching the Windows JPEG vulnerability.

The windows operating system from Windows 95 through Windows XP contains a critical flaw in the code responsibile for viewing JPEG images (the most prevelant image format on the web). Malicious parties can create JPEG files that execute arbitrary code embedded in the image file. As a result, it is possbile to become infected with viruses simply by viewing a web page or opening an e-mail with an attached image — practices formerly regarded as safe.

So far, the actual threat from this vulnerability is small, but the potential threat is huge, and so it is important for people to patch their systems.

Microsoft has started to address this problem through the automatic update process, but so far, their approach is totally half assed. Automatic update will only patch the vulnerability in the operating system and internet explorer. It will also install a scanning utility which will help you identify other software containing the flaw, but only if that software was produced by Microsoft, and even then, you must take additional meausres to actually patch the Microsoft software.

The problem is that there is a lot of non-microsoft software out there which might also contain the vulnerability. Fortunately, a 3rd party has created GDI Scan which will help identify other software containing the flaw.

This article explains how to use the utility to find problems, and the steps you can take to fix them.

Bush looks tired, whines about “Hard work”

Yahoo! News Message Boards Top Stories

I’m very pleased with myself, in less than 5 minutes, my post to the yahoo message board for their lead story on the debate tonight has racked up 5 reccomendations.

W looks tired, whines about “Hard work”
by: floonist 09/30/04 11:39 pm
Msg: 133891 of 134000
5 recommendations

He kept repeating himself, trying to reinforce his talking points. I’m sure he wanted everyone to think that Kerry is inconsistent (this coming from the guy who was saying “no nation building” even as the members of his future administration were laying plans to invade Iraq).

What really struck me though, is that he kept saying that Iraq and the war on terror were “hard work.” Everytime he said it, he sounded like he was whining. He looked and sounded tired, too.

I think it’s time he and Dick take a break and let someone else do the job.

Set the supressed 60 minutes report free News | The Cowardly Broadcasting System

CBS has scrapped a 60 Minutes segment critical of Bush’s case for invading Iraq, saying that it would be inapporpriate to air so close to the election.

I say they are running scared after giving creedence in a recent report to supposedly new and now discredited documents which casxt even more doubt over Bush’s already extremly dubious National Guard service.

In any case, there are copies of this story floating around outside CBS (Salon has one). It would be really cool if someone encoded it and started spreading it arround P2P networks and BitTorrent.

Silicon substituting for “glass”

I’ve been wondering for a while when silicon (ie computation) is going to start substituting for glass (ie high quality optics) in photography. It seems we may be getting close.

By using special optics that render an image uniformly and predictably blurry, engineers can recover an image with a much greater depth of field than a similar lens system would be capable of without computational enhancement. It’s already finding application in various surveilance scenarios and may come to camera phones.

Of course, what I’d really like is the opposite. The small sensors in digital cameras allow the use of small and less expensive lens systems to acheive high levels of quality when compared to a 35mm camera, but the short focal lengths of the lenses result in excessive depth of field, even with wide open apertures. As a result, it’s difficult to blur the background behind your subject, a common and useful technique. You can certainly do it with Photoshop, but that requires masking the subject separately from the background, which is a pain.

It would be really cool if I could adjust the depth of field virtually on the camera. Even better would be to be able to get the raw blurred sensor data and tweak the effective focal plane and depth of field in Photoshop.

Google Search: “wavefront coding”