Jeff Yestrumskas

The Internet is great. When a need to fill a personal information vacancy exists, it is often times filled and then shared.

Since nobody has created an iCal calendar for the 2008 Penn State football season, I put one together. While some of the kickoff times and television stations for the games are not known yet, those will be updated as information becomes available.

To download the 2008 Penn State football season schedule in iCal format, click here. You may need to right-click and save the document instead.

Enjoy!

Allow me to present some background of the history of ANSI art and why it may be interesting. Back before we had Facebook, MySpace, Google; before the dot com boom and bust, before DSL and cable modems, even before Yahoo, before Internet access was readily available, there were still many diehard nerds communicating online with dial-up modems. Instead of calling NetZero, Netcom or Earthlink, we were connecting and communicating through hobbyist-run Bulletin Board Services (BBS). BBS’s existed as early as the 1970s, but gained popularity in the 1980s and peaked in the early 1990s.

A BBS is a text-based piece of software often run on a PC with one or more modems that allows users to dial-in and participate in message forums, play games and transfer software. Wow, it sure sounds like the Internet, but with text only. Most BBS’s operating solely with ASCII and ANSI character sets on DOS-based VGA (16 colors!) terminals, which meant scrolling, blocky text. This was not pixelated, this is what we had to work with. The words drab, boring, void of anything aesthetically pleasing may come to mind.. Not so fast. Aspiring and inspiring artists were able to transform this seemingly eternally bleak text-based environment into something magical. Using the 16 available colors, some amazing art was integrated into the BBS environments.

This art, known as ANSI art is something that grew solely out of necessity, something that could only have existed within the medium created by the personal computer boom of the late 1980s and early 1990s.

This art was viewed during the BBS experience in the homes. Many ANSI artists part of the BBS communities were of the same demographic and settings - teenagers addicted to computers at a very young age; myself included. The ANSI art scene grew rapidly and soon “groups” had formed, and released ANSI art packs under pseudonyms on a regular basis.

The ANSI art scene nearly faded into oblivion as the BBS era was almost in it’s grave due to the Internet explosion in the mid 1990s and beyond. To this day, ANSI art packs are still released, and great archives of these artifacts exist.

A friend of mine, Kevin Olson is holding an ANSI art show at 20 goto 10 gallery in San Francisco. Kevin will be featuring ANSI art by some of the most famous artists, Lordjazz and Somms. Kevin really went all-out with this show. He will be using terminals which scroll ANSI art to ensure the art is displayed as originally intended. This is going to be a great event, and I already know many folks who are traveling from all over the country to attend.

For now, to get your ANSI art fix in, take a look at some of the packs found on sixteencolors.net.

For further reading on BBS’s and the culture, their history and a great archive of works produced take a look at Jason Scott’s Textfiles.com. Jason has also produced a wonderful BBS Documentary DVD set which documents the many niches and subcultures (hacking, phreaking, anarchy, virii, ANSI art) found in the BBS scene of the past.

One of the intrinsic values of the internet is the ability to easily distribute information on a wide scale with little effort. Perhaps paramount is the contributers ability to modify, alter and control this information; to be selective and pick and choose the information distributed. This holds not only true for works of text, but visual works, such as video and the most pervasive format, still images. In this posting, I will attempt, in laymen terms, to compare cryptography of textual messages with censoring still visual data (images, documents). I will present real world examples used to remove encoding or censorship of visual data to support this comparison.

Often times when an individual choses to distribute an image on a wide-scale in a public forum, or even distribution to a more focused and trusted group, there may be aspects of an image that the creator may wish to remove or sanitize. Examples include checks with account numbers, receipts with credit card numbers, faces, people, places, etc. This is typically accomplished by blurring, or otherwise applying a filter, technique or method to the sensitive information within the image. However, time and time again, these methods are not nearly as successful as the creator of the work likely intended.

The (over)use of parenthesis and multiple similar words strung together by “or” and “and” is to reach a wider audience without confusing a reader that is unfamiliar with cryptography. The intent is also to keep the interest of a more technical user familiar with cryptography concepts by presenting an interesting parallel. A reader possessing knowledge of cryptography that is greater than that of the average bear will likely appreciate the elegance between an automated approach to obfuscating portions of non-text visual data and plain-text cryptography. Those that do not have a strong crypto background will hopefully gain an appreciation for cryptography and it’s similarities in image manipulation.

The goal of the next paragraph is to make an extremely simple and understandable comparison between cryptography of text and filtering of portions of an image deemed sensitive.

Simply put, cryptography with a key known by both the transmitting and receiving parties is likened to a mathematical formula - think German Enigma machine. If the receiving party understands which modifying function (or secret key) was used to make the original data unreadable, then the receiving party can view or access the original data. Now, let’s apply this to an image filter. If the receiving party knows the modifying function/method (or secret key) used to make the portion of the image unreadable (from blurring, swirling, or pixelation), then the receiving party can view or access the original data.

Decrypting cryptography is accomplished by three methods.

• A flaw within the cryptographic algorithm itself - a mistake within the fundamental methods of cryptography chosen that defeats the difficulty of deciphering cryptography because it was built incorrectly

• Brute force - trying every possible key combination against the cryptographic algorithm until one works

• Knowing the key - understanding the appropriate values to correctly decipher the encoded message

Now, let’s associate the three previous methods of decrypting text/data to decoding/deciphering data that is not in a plain text format. Let’s keep in mind that an image is simply a collection of numbers.

• Break image obfuscation with a flaw in the obfuscation method: Around the click of the new millennium, the New York Times published a secret/classified report they obtained (found here on their website) regarding an attempt by the CIA to overthrow the government of Iran. The New York Times, with the goal and motivation of publicity and increasing circulation in mind (the greater the circulation, the greater the ad revenue), decided to publish this document. In an attempt to protect the families of the agents involved in the operation, the N.Y.T. blacked-out the names of those agents. However, the flaw in the method used to render the data unreadable allowed individuals with a slower computer to view the names of the agents. This was widely publicized by cryptome.org. Moral of the story? Don’t censor sensitive data with the digital equivalent of a piece of painters tape. You can see other examples of the PDF document abuse listed here. This method is obviously flawed, and allows individuals to view sanitized data originally thought to be safe.

A flaw in the method chosen for data censoring is akin to a fundamentally flawed encryption algorithm (such as DES).

• Break the method of obfuscating an image by trying all possible combinations of the techniques used to obfuscate the selected portion of the image. An image is merely an array, matrix, spreadsheet or collection of pixels (dots) that have a numerical value. By applying the same mathematical function to a specific subset of those… dots… (with pauses emphatically added), the hidden or obscured portion of the image can be viewed. Real world examples of this include blurring account numbers on a credit card or scanned document and claiming the scanned image to be safe. By taking values of the pixels (dots), applying all possible sequences of likely mathematical formulas (i.e. the single mathematical formula that occurred during the blurring) to those values and converting the resulting values to an image, you will then have something to visually compare to the original obfuscated image. If there is a visual match between the original image and the modified (blurred) image, then the key or formula that created the end result is the key or formula that was used against the original data. This technique is demonstrated in a visual fashion here.

Attempting all possible keys or blur techniques and comparing the results is equivalent to brute forcing all possible passwords required to decrypt an encrypted document.

• Possess the knowledge of the key, or method of obfuscation. Consider applying a swirl filter with the intention to obfuscate portions of an image. The most famous real-world example in recent history is that of a notorious serial pedophile who was apprehended due to efforts put forth by Interpol. The criminal wanted to demonstrate to his social circle in an anonymous fashion, that he was legitimately a pedophile (don’t ask why, I’m not a psychologist). As such, he posted pictures of himself with young children, but used a “swirl” filter on his face. The second picture in the photo gallery on the AOL news site demonstrates the “after” and “before” photos. Now let’s think, if one twists the pixels in an image clockwise in an attempt to alter a portion of a photograph unreadable, what is preventing a counter-clockwise rotation of the pixels in an image?

The swirl technique is the key, apply the swirl technique appropriately (in reverse), and you have the original image.

Each of these examples demonstrates a somewhat simple parallel between an action, filter or technique of obfuscating or encoding image-like data and rendering plain text (a la German Enigma machine) unreadable with cryptography. What can we take away from this simple parallel of plain-text encryption and image obfuscation? If one is to reproduce and censor or redact portions of an image or image-like data, ensure that the method chosen is mathematically irreversible or not defeated by a weakness in the method chosen - much like a smart choice of cryptography.

I know plenty of folks who travel frequently, and a common concern for a security conscious frequent flier is the confidentiality of web access. I wrote the SSL Stunnel Squid PAM HOW-TO to address these concerns.

The HOW-TO is written from a general perspective and is considered a living document. Additions and modifications will occur on a regular basis.