Writing ultra-small Windows executables

(April 17, 2017)

How small can a valid and useful Win32 executable be? There already are a few tutorials about this topic, but these are either not working on modern Windows versions any longer or only cover the most basic »do nothing but return zero« program. The goal here should be to do something genuinely useful: a console application that outputs the contents of the Windows clipboard on standard output.
Read more …

Linux Graphics Demystified

(May 2, 2014)

It’s already been a few weeks since I held a presentation at Chemnitzer Linuxtage (»Chemnitz Linux Days« – a small Linux congress held at the university I used to attend). As it’s about a topic that might be of general interest, I translated the slides into English and made them available as a download (click on the thumbnail above; PDF, 302 kB). The German version is available for download as well though.

The topic is graphics on Linux. That’s a field that used to be simple a decade ago: There was the X Server that did graphics, and not much else. In the recent years however, dozens of new graphics-related technologies cropped up. Most of them have strange names (»Wayland«) or acronyms (»UXA«), some are outright misleading: most people immediately associate »DRM« with Digital Restriction Management, though another expansion of the same acronym – the Direct Rendering Manager – is the centerpiece of modern graphics on Linux. This presentation is aimed at making some of these things clearer.

Read more …

PhotoJoin, a photo synchronization tool

(November 4, 2012)

In this post, I’ll present a solution to a common problem that occurs quite often nowadays: Merging photos from multiple people into one continuous, consistent stream. It is definitely not the first solution to that problem, but since I couldn’t find a tool that solves this in exactly the way I want, I just did it myself, as usual ;)
Read more …

The most evil feature ever conceived: the Exif Orientation Tag

(May 5, 2012)

There are some advances in technology that are actually steps backwards: features that look nice on paper, but always get in the way when implemented in reality. One of my pet peeves in this category is the Exif Orientation Tag, a little flag present in JPEG files generated by digital cameras that causes all kinds of havoc. It’s one of the places where the old proverb »the road to hell is paved with good intentions« holds true, because the idea behind this flag is a good one, whereas the flag itself is a product of pure evil. But let’s start the story at the beginning …
Read more …

Fake screen resolutions in kkapture

(September 27, 2011)

(Disclaimer: This posting is likely of no interest to people outside of the demoscene :)
The small tool kkapture by ryg of Farbrausch is the only sane way to get a video dump of demos, intros and similar stuff. By grabbing all video and audio output directly from their respective APIs (OpenGL/Direct3D and WinMM/DirectSound) and simulating a fixed time base for the client application, it produces perfect-quality smooth video files suitable for Blu-ray Discs, for example. kkapture doesn’t alter the demos in any other way, though – in particular, the screen setup code from the demos is left untouched, with the result that it’s not possible to kkapture most demos in resolutions higher than the display currently attached to the computer. I did a little modification to kkapture’s code that changes this and allows things like 8-megapixel kkaptures.
Read more …

Server move and update

(June 4, 2011)

As you may or may not have noticed, I moved servers today. I have my own small (virtual) server at emphy.de for a few weeks now and I finally came around to moving the blog from s2000.ws/s2000.at to its new location. While I was at it, I updated WordPress from the ancient 2.7 version to a current one – and I updated my old theme to use WordPress’ widget system and freshened the CSS up a bit. Also, thanks to the widespread adoption of web fonts, I can now present the blog in a font that works on all platforms with all modern browsers – Google’s Open Sans is the font of my choice. I hope you enjoy it :)

Real Steganography with TrueCrypt

(February 24, 2011)

Disclaimer: This article has been written at a time when TrueCrypt was still a viable encryption software. This is no longer the case. TrueCrypt has been discontinued and everybody who has been using it should use one of the maintained forks like VeraCrypt instead.
That being said, this article mostly deals with TrueCrypt as a file format, not the application itself. However, the newer forks (and VeraCrypt in particular) use the same file format, so everything in this article is applicable to VeraCrypt as well. So, when this article talks about TrueCrypt and .tc files, you can just mentally replace this with VeraCrypt and .vc files.

You probably know TrueCrypt, the perhaps most popular tool for encrypting filesystems. As an alternative to full filesystem or even full disk encryption, TrueCrypt can also work with filesystems inside encrypted container files. These are files that look like they’re full of purely random data, but when provided the correct decryption key, they reveal their true contents: A FAT or NTFS filesystem full of your secret data.

In addition to this basic functionality, TrueCrypt also offers a simple form of steganography. For the uninformed, steganography is the term for techniques that conceal the existence of secret data. This means that the secret information is hidden inside another unsuspicious piece of data. TrueCrypt does support this with its »hidden volume« feature. If this is used, a container can be opened with two different keys: The first not-so-secret key opens the »outer volume« with not-so-secret data and a second really secret key opens the hidden volume with the real secrets. There are two problems with this approach, though: First, it’s very simple to destroy the hidden volume since it’s embedded in the outer volume’s data area without proper marking in the outer volume filesystem’s meta-data (otherwise they would give away the presence of the hidden volume). This means that you can overwrite the hidden volume just by putting enough files inside the outer volume. TrueCrypt can protect the hidden volume when mounting the outer volume, but for this to work, you need to provide the hidden volume’s key.

The second issue with TrueCrypt’s approach to steganography is that TrueCrypt container files are just large files with random data and as such, they’re easily detectable. You can disguise them by giving them unsuspicious filenames – pagefile.sys or hiberfil.sys in a drive’s root directory are good candidates on Windows systems, for example. But then again, even these filenames are highly suspicious when found on removable media. So let’s use the next best thing: video files. These also tend to be very large and offer a good disguise for hidden data, but unfortunately, they are very easy to detect: Just try to play such a pseudo-video file and whatever player you use, it will tell you that something’s wrong.

So what we really want to call it proper steganography is a usable file that can be opened with standard software so it doesn’t raise any suspicion, but when opened in TrueCrypt with the right key, it should reveal the real payload – a filesystem full of secrets. Video files are the natural choice as for this kind of hack: Multi-gigabyte videos are completely common nowadays and encoders are so good that even large differences in bitrate don’t necessarily mean large differences in quality. In other words: A well-encoded fifteen-minute HD video clip of 1 gigabyte can look just as good as a not-quite-as-well encoded 4 gigabyte version. So let’s put the 3 gigs we can save to good use and store secret data there.

Unfortunately, this can’t be done using TrueCrypt directly. However, with a little bit of file format tweaking, it turns out to be possible anyway. In this blog post, I will describe a method of hiding TrueCrypt containers inside QuickTime / MP4 video files.
Read more …

Choosing the right video format

(January 31, 2011)

There’s a wide variety of devices out there which are capable of video playback – computers, music players, mobile phones, game consoles, you name it. However, all of them support a different set of formats and there’s no combination to catch them all. So if you want to generate a video, you will always have to pick a format based on a selection of devices that are important to you. To make this a little bit easier, I prepared a little tool for you:

Read more …

Video on the Canon EOS 550D

(June 2, 2010)

A few weeks ago, my father bought a shiny new Canon EOS 550D DSLR camera, not only for capturing photos, but for videos too. Why not – after all, the video functions are finally taken seriously by the camera manufacturers and video on a APS-C-sized sensor is a very cool thing – in theory. I had the chance to analyze a few 720p/50 sample videos made with the camera, and I have to say that I’m quite disappointed.
Read more …

Breakpoint 2010 Party Report

(April 11, 2010)

It was the end of an era: On April 2-5, 2010, the last Breakpoint demo party took place in Bingen. After 8 years of partying (6 of which I personally participated in), the main organizers decided that they need a break, so 2010 was the final event. Fitting to that situation, the party had the motto »like there’s no tomorrow« – and having a party like there’s no tomorrow is indeed what the visitors did :)
Read more …