Log in


Mahō Shōjo Puriti Jurya

7/4/09 02:25 am - In the photographic pipeline [Part 4]

Stuff D700, photo, October 2008, Janurary 2009, Berlin, Germany, Brussles, wedding, 25C3, Maastrict, Liege, Further Confusion, furry, Belgium Julia Wolf Julia Wolf image/jpeg 2008 Read more...Collapse )
Finnaly had a chance to start sorting out the last nine months of photos. Here's a preview of what I'm working on.

(Wow, it seems like I spent a lot of time with Audrey while in Berlin.)

Click Here for 30 PhotosCollapse )

7/4/09 02:16 am - In the photographic pipeline [Part 5]

Stuff D700, photo, October 2008, Janurary 2009, Berlin, Germany, Brussles, wedding, 25C3, Maastrict, Liege, Further Confusion, furry, Belgium Julia Wolf Julia Wolf image/jpeg 2008 Read more...Collapse )
Finnaly had a chance to start sorting out the last nine months of photos. Here's a preview of what I'm working on.
Click Here for 55 PhotosCollapse )

7/1/09 10:53 pm - Stuff this weekend

Let's see, there's "Fourth of Juplaya", Toorcamp (kinda late to go now), Anthrocon, "Skeleton Key: A Steampunk Cabaret", a rave somewhere, and a party at veedub's. What else am I missing?

Completely unrelated, a friend of mine's startup needs to hire a backbone networking person. Someone who know about BGP, and how to diagnose major network problems, and knows who to call at what providers to get things fixed. You don't have to be in the bay area for this one.

6/24/09 12:54 pm - Dear Lazyweb:

Someone tell me which OS has the following set of features:
  • Stable
  • ZFS Support
  • SATA Port Multiplier support
Tags: ,

6/17/09 03:30 pm - Re: Job Posting

By the way, my company is still looking for a malware analyst sort-of person. Really, if you can read a .pcap and write Snort signatures you're skilled enough for this position. Send me your infoz if you want an interview.

Oh yeah, you need to be able to work in San Jose, CA.

6/5/09 08:12 am - Permutation Question

I'm trying to figure out how long it takes for a particular shuffling algorithm to cycle for a particular number of elements. The algorithm is to count from 1 to M, moving the character at position M mod N (N:=number of elements) to the end, and moving everything down so there's no space. [i.e. (indexed from 1 here) g(1,"ABCDEF")="BCDEFA", then g(2,"BCDEFA")="BDEFAC", then g(3,"BDEFAC")="BDFACE", eventually this will cycle; How long? (30 in this example (That's M).)] I've stumped The On-Line Encyclopedia of Integer Sequences, I want to find f() which generates the following sequence, and I don't want to think about this too hard, and I don't have my Knuth books handy (I think it involves factorials).

What is f()?
f(2) = 2
f(3) = 4
f(4) = 9
f(5) = 20
f(6) = 30
f(7) = 36
f(8) = 28
f(9) = 72
f(10)= 36
f(11)= 280
f(12)= 110
f(13)= 108
f(14)= 182
f(15)= 168
f(16)= 75
f(17)= 1120
f(18)= 306
f(19)= 432
f(20)= 190
f(21)= 140
f(22)= 4410
f(23)= 2772
f(24)= 2530
f(25)= 1440
f(26)= 650
f(27)= 3120
f(28)= 243
f(29)= 812
f(30)= 870
f(31)= 1800
f(32)= 186
f(33)= 1056
f(34)= 10164
f(35)= 1428
f(36)= 2100
f(37)= 35640
f(38)= 1110
f(39)= 14212
Tags: ,

6/1/09 11:11 am - Garden Update and Mimosa Trees

Mimosa Tree SeedlingSo, about a week after everything got mowed, the neighbors had the crab apple tree right along the fence next to my garden cut down. And the tree cutting people dropped all of the cut tree branches on my garden, crushing the two remaining plants, and knocking over some pots on the patio.

I found out that the neighbors also wanted to replace the fence between our two properties. I told the landlord (and my roomate) repeatedly that I did not want the fig tree next to the fence cut down, and to make sure that they do not cut down the fig tree. In anticipation, I also dug up all of the plants I had growing near the fence, and transferred them into pots — which was good, because the fence people destroyed everything growing within about two or three feet of the fence (chopped up and left on the ground).

I was awoken at 7am by the fence people (I didn't know which day they would come), and I rushed outside in my bathrobe, and stood guard over the fig tree. I told everyone there at least twice, to not cut down this tree. I couldn't stand around all morning, so while I was inside getting ready for work, they cut a six inch by three inch notch out of the side of my favorite trunk¹ of the tree. Fucking morons. The hole they cut was so that a decorative edge along the fence wouldn't be touching the tree. The proper solution to this is to cut the notch in that board of the fence. Anyway, I tarred the cut they made so it wouldn't get infected, it reached the core wood, hopefully the tree recovers. [Back when the tree killing people did this, they didn't tar the cuts and one of the neighbor's trees that they cut off the overhanging-our-yard branches from is now half dead from a fungus infection.]

I got some two by fours at the hardware store (I should have asked for some of the wood from the old fence, but it was removed before I had thought of it), and built some raised garden beds. I used up all of the soil I had made from compost, and so went to the nursery to get some bags of topsoil, and while there, impulsively bought about ten varieties of tomato plant. (The one plant I had managed to grow from seed had been killed, so I guess I'm cheating now, but if I want any tomatoes before autumn.)

Apparently, some number of years before I moved into this place, there was a Mimosa tree growing next to the fig tree (next to the fence), which had been cut down years ago. Every year it grows new stems and leaves, and I water it trying to get it to grow, and then the yard murderers keepers chop it all down and throw it in the trash. I'm planting stuff around it (as everything that was growing along the fence is gone now) because that should be enough of an excuse to keep the yard killers away from it until it reestablishes itself. (The stump is growing some new leaves now, yay!)

As I'm now watering that area every day, all of the Mimosa tree seeds that have been sitting in the ground for years, are now sprouting. I've counted at least fifty seedlings, and they can't live where they are now. So I've been transferring them into pots, while their tap roots are still only about three inches long.

So… I have all of these Mimosa tree seedlings (see photo) that I don't know what to do with. If anyone reading this wants one, or a dozen, tell me and I will give you as many as you want. They will grow a very deep tap root, so don't plant them over your septic tank. I don't know exactly what species they are, since I haven't gotten the parent to grow long enough to flower.

¹ The fig tree has two trunks, my favorite one is the one you can climb up onto the roof from.

5/26/09 01:59 am - Please don't make me have to kick your ass.

No, I don't want to be your sweetie.
No, I don't want to Git to know you.
No, I don't want to hug you.
Stop touching me.
Please don't make me have to stab your eyes with my fingers.

What is it with creepy guys hitting on me everywhere I go now. It always used to happen before, but now it's an epidemic. By creepy guys, I mean, strangers who want to be personally intimate with you within the first five or ten seconds of speaking to you. And who ignore anything you say, and creep closer and closer and closer as they (pretend to) talk to you, trying to touch you. Strategically, when then guy is within arm's reach, I wonder if I should attack him while I still have the element of surprise. It's more legally defensible though if I wait for him to touch me first before I kick his ass. But I'm in a strategically weaker position if he already has a hand on my body. (FYI: For the last few days, I've managed to walk away without being followed. Also, I've been wearing cargo pants, a zipped up hoodie covering an unseen t-shirt, my hair tied back in a pony tail, and no makeup, jewelry, or bra.)

Update (May 26 08:49 PDT)
  1. In these situations, I have about three seconds to assess the situation, and take decisive action. Anything that takes more time is not a viable solution.
  2. I didn't want to say this, but the common element to these experiences, is that the male is black, older, and a poor communicator. The two times when this has happened while shopping, I also noticed that the man did not purchase anything from the store.
  3. The stakes are higher in my case because I'm trans. Attempted rape becomes attempted murder, and I get blamed for it because I'm deceiving people. (The murder rate for transsexuals is about 2%.) (At least there's no public information linking my old and current names, so the press will have to use the right name when they talk about my death.)
  4. I advocate and practice non-violence whenever possible. But I also have an extremely strong self-preservation instinct when I'm in an immanently life threatening situation.
  5. I practiced martial arts for a few years, about a decade ago. In a physical altercation against anyone who doesn't know martial arts (most people), I stand a good chance. All of my muscle memory is to not actually damage the person though, if it comes to that I'll have to figure things out as I go along.

5/21/09 04:31 pm - What am I going to miss this weekend?

Foxgrrl ForecastCategoryDateLocationEvent
? Haxor May 23-24 Anaheim, CA LayerOne 2009
? Anime May 22-25 San Jose, CA FanimeConfanimecon←maybe?
? Sci-Fi May 22-25 Santa Clara, CA BayCon 2009baycon
? Party May 23 San Francisco, CA 12th Annual etd.POP
? Party May 22 Santa Clara, CA Gay Day at Great America
0%=T_T= Haxor May 29-31 Berlin, DE ph-neutral 0x7d9

P.S. Don't forget about ConThingy
OMG: http://www.sfweekly.com/events/music/?date=2009-05-23
I might be able to get my passport and make it to Berlin by next week, but I really don't have the time =T_T=.

5/14/09 02:56 pm - Life Update

I'm still alive, the past few weeks have been extra-extra-extrordinary. More detail when I'm not writing from my phone. Also, DEFCON CFP ends tomorrow. Someone suggest something for me to talk about. I could do botnet and ransomware stuff, or even old school phreaking techniques. (Stuff I can present on without doing more new research.)

5/1/09 09:02 pm - Free Comic Book Day

Don't forget, tomorrow is Free Comic Book Day (See also: Free Comic Book Day)

5/1/09 12:12 pm - Job Posting

My company is finally hiring someone else to do all the busybody work I don't have time for. Don't worry about the BS degree; if you can write an exploit, for any vulnerable program I give you, then you're qualified. (Actually, if you've ever touched IDA, and know how to read analyze .pcaps, you're qualified. If I can give you a mystery program, and you can tell me what it does, you're qualified. You must be able to act like a mature responsible adult when interacting with other people.)

Update: You can email me at juliavixen $40 gmail.com If you don't understand that email address stop now. If it was up to me, I'd have everyone send me their stuff in flat in 7-bit ASCII, but since I'm just handing this stuff off the the appropriate manager, all those newfangled dynamic-content enabled document formats are ok. I'll be checking the .DOCs and .PDFs for exploits, if I find any 0-days you get the job. My GPG Public Key if you need it. The job is right on the border of San Jose and Milpitas in Ciscoville.

I didn't write this:

Job Description for the Security Research Engineer

Duties and responsibilities:

The main responsibilities for this position include: (1) keeping track of vulnerability disclosure and malware (with focus on botnet, spyware, and other Trojans that engage in network-based activities) development, (2) performing false positive checking for detection signatures, and (3) conducting detailed analysis of malware behaviors, through code reverse engineering and live behavior studies.


Professional experience:

The candidate should have at least two years of experience in the security field, especially with skills in malicious code analysis. Good knowledge in security vulnerability, exploitation, and Windows OS internals are expected. Solid programming skills are required. Working knowledge of TCP/IP stack and familiarity with network traffic tools are also required. Examples of relevant industries include AV, IDS/IPS/IDP, Web and Message security.


Must be hardworking, a self-starter, and effective in a small-team environment.

Formal education:

BS degree in CS/EE or equivalent experience.
Tags: , ,

4/30/09 01:54 pm - Report Suspected Bot

Have you ever been friended by a user, with a newly created account, and a zillion friends, but no mutual friends, and either 0 or 5 posts, mostly of photos, with a bio in Russian, and most of the posts in Russian, and two tags, and one (random) userpic?

Yeah, it's a bot.

Report Suspected Bot

4/12/09 11:02 pm - Stop arguing about "Tranny"

Ok, everyone stop arguing about the word tranny and who gets to apply what labels on whom. I don't want to hear any more. Forget that I said anything.

4/12/09 04:16 pm - Public Service Announcement

Just a reminder, I have a lot of work to do, and very little free time, LiveJournal is not a high priority for me. I generally only read the fourteen most recent comments on my phone, whenever I have a few minutes that I'm not doing anything else with my hands or brain. I don't have time to play nanny on LiveJournal; I expect that people act like adults, own their own shit, and treat each other with respect.

4/11/09 10:10 am - Is the Word "Tranny" Offensive?

See also:

Tranny and Subversivism: Re-reclaiming Tranny (or not) part 1

Is Tranny Offensive?

(No one can see who voted on this, except for me. So you won't out yourself to everyone.)
(UPDATE: This poll is in no way scientific, and I had to write it before my laptop battery died, so I may have spent, at most, five minutes thinking about it. And 1:=not offensive, 10:=very offensive.)

Poll #1381790 Is 'Tranny' Offensive?

Your Gender Status

Decline to Answer

Rate how offended you are when trans* people uses 'tranny'

Mean: 2.39 Median: 1 Std. Dev 2.13

Rate how offended you are when cis* people use 'tranny'

Mean: 5.10 Median: 5 Std. Dev 3.18

I only use the word 'tranny' in these contexts

For the non TS genderqueer
For only TS and not genderqueer
In all contexts where transsexual or transgener are used
Other (specify below)

Other context(s)

Tags: ,

4/11/09 10:10 am - How to Break into the Malware Analyst Field

A reader asks:

How can I get a job looking at malware? I worked at a company that was exposed to lots and lots of stuff targeting Chinese dissident groups and got pretty good at analyzing, tracking and spotting it. Do you know anyplace that I could go to do this for a living?
Any input appreciated

I don't have time to write a proper response to this, so perhaps you, the reader, can offer some advice.
Tags: ,

4/9/09 11:23 pm - US State Department Passport Regulations

Dear Lazyweb:

Can someone track down the exact written US State Department regulation, about exactly what is required to get one's gender changed on a US Passport? I have been unable to find it, and the person I talked to at the Transgender Law Center said that the actual regulation is not actually written down anywhere, and it's mostly up to the whim of whichever clerks are in the passport office that day. So I've heard several different things about what the letter should state, in order to get the gender changed.

4/4/09 12:17 pm - Words for Meat

In English, the cooked meat of each animal has a different word for it. For example:
Cow → Beef
Pig → Pork
Sheep → Mutton

This is because of the collision of the Saxon and Norman languages about a thousand years ago. Every animal has a specialized word for it's meat, including Dolphin. Apparently during the Tudor period, each animal also had specialized carving instruments for cutting them up, and each tool had it's own specialized name (including Dolphin).

Dear Lazyweb:

Can you provide me with a list of all of the specialized names for the cooked meat of each animal?
Tags: ,

4/3/09 09:36 pm - Yuri's Night

OMG, Yuri's Night is tomorrow! It snuck up on me. There's not a party at NASA this year though. This looks like the only one nearby: http://www.calacademy.org/events/nightlife/ It's supposed to be cold here this weekend, so I'm not interested in spending much time outdoors. But the California Academy of Sciences is indoors. But I'm also not really that interested in partying anywhere this weekend, I have stuff to do.

See also: http://yurisnight.net/main/
See also: http://yurisnight.net/parties/partylist.php

Update: So, now having actually taken a closer look, the party up at the Cal Academy of Science is on the 9th of April. And there's nothing local tomorrow.
See also: http://en.wikipedia.org/wiki/Yuri%27s_Night
See also: http://www.ynba.org/
Tags: , ,

4/3/09 02:44 pm - Inverse RC4

Given the keystream output from RC4 (ARC4), is there an inverse RC4 function which would give me either the key schedule or even the original key.

I have the plaintext, the cyphertext, the key stream, and the nonce which is mixed with an unknown key. I'm trying to recover that unknown key part.

Assume that the first N-bytes of the keystream were not discarded.

4/1/09 08:55 pm

		call	InternetGetConnectedState
		test	eax, eax
		jz	short loc_9A3C5C
		lea	eax, [ebp+12Ch+SystemTime]
		push	eax		; lpSystemTime
		call	ebx ; GetLocalTime
		cmp	[ebp+12Ch+SystemTime.wYear], 7D9h
		ja	short loc_9A3C37
		jnz	short loc_9A3C4D
		cmp	[ebp+12Ch+SystemTime.wMonth], 4
		ja	short loc_9A3C37
		jnz	short loc_9A3C4D
		cmp	[ebp+12Ch+SystemTime.wDay], 1
		jb	short loc_9A3C4D

The above sequence of code has been the bane of my existence this week. It's the date check for April 1, 2009 from the Conficker.C worm. As with many other viruses in the past with a specific date that they do something, there is tremendous media hype surrounding this. So, I had not been analyzing this worm for the last few months, because everyone else had it covered, and I had other stuff to do, but now because of the media hype my company wants to have something published on it for marketing reasons. Since everyone else [see above] has published almost everything about it, there isn't much else for me to say. So I'm reversing the P2P protocol in Conficker.C, because it's the only part left… because it's the hardest part to understand. Anyway, I think I'll at least have figured out the IP address to UDP Port calculation soon, so I can write a scanner/Snort rule, for the P2P protocol. Anyway, don't interrupt me in the meantime…

(I was also going to write up a full analysis of the shellcode used in Conficker.A and Conficker.B, as no one else has really gone into detail there. (But the additional detail isn't really useful to know if you only care about detecting it. But I can describe who the authors copied most of their shellcode from (it's slightly modified MSF). Anyway, it'll be interesting to someone, but the P2P thing will get media attention.)

(Note: I'm not complaining. I'd much rather be reversing malware than working on what I was supposed to be doing this week.)
Tags: , ,

3/29/09 07:02 pm

So, yesterday I did some gardening, something which I've had extremely little time to do lately. (In fact the gardening I was doing made me an hour late for something else.) I had to leave in the middle, but I was going to finish up when I got back, or today.

While I was gone, someone went into my backyard, and mowed everything down. There was no one else home at the time. I was furious and first thing this morning, told my roommate to totally cancel the yardkeeping service. He was surprised that showed up unexpectedly yesterday. And when he called them, and the landlord, they said that they had not been by yesterday.

So, this means that some complete stranger, entered our fenced backyard with a lawnmower, mowed everything down, and left, touching nothing else. WTF?

I've been trying to stay in a good mood all day, but I've almost broken down crying from this twice. I was so excited to see the baby plants that were just growing back, and now they're all gone. I was just watering them yesterday afternoon. I feel like I'm wasting my time. Everything I try to create is destroyed almost immediately. I can't turn my back for five minutes.

3/29/09 04:19 pm - Beautiful Day

It's warm and sunny, and the birds are singing, and the air is filled with butterflies, and it smells like flowers and pacific redwood forest. Everything is beautiful and amazing. I've been waiting a long time to say this.

3/26/09 05:47 pm - Phone Mostly Working Now

Ok, After three trips to the Apple store, a trip to the AT&T store. A new SIM card, and 75 minutes on the phone with five different customer service agents. I can finally receive phone calls again on the new handset lumin_esc lent me.

It's still kinda in a state of limbo, because I accidentally had it activated by AT&T as any other regular phone, but no, they do iPhones differently. At least I got voice mail turned on. Also I don't think my iTunes will sync with this yet. (Haven't tried, just got this working ten mins ago.)
Powered by LiveJournal.com