2013 IEEE Integrated STEM Education Conference (ISEC 2013), Princeton, New Jersey, USA
44th Lunar and Planetary Institute Science Conference Abstracts,
Proceedings of the 2012 International Conference on Security \& Management, Las Vegas, Nevada, USA
Lunar and Planetary Institute Science Conference Abstracts,
Proceedings of the 19th ACM SIGSPATIAL International Conference on Advances in Geographic Information Systems, Chicago, Illinois
Proceedings of the 2011 International Conference on Security \& Management, Las Vegas, Nevada, USA
This is a letter mailed to US state governors and state budget officers on 2/1/2013
On 2/7/2013 at the Museum of Science Boston this event, organized by Joseph Paul Cohen and Emily Flaherty was part of the high school lecture series. This event brought together some of the best computer engineers from the Boston area to engage high school students and educate them about FOSS and the current tools that are being used in startup companies all over the world.
This will log into the captive portal for you when your wifi connects to the UMB network. This app works by simulating a user logging into the captive portal. It uses the username and password from the settings page to authenticate to the wireless network. When your wifi connects to the network "UMB-Student" the process begins. It will first check to see if you are connected, if it encounters the login page it will log in.
I made a LaTeX homework template so that students at UMB can hit the ground running with LaTeX. This template includes standard features such as a title page, header and footer with page numbers and name, margin and spacing, as well as examples of LaTeX features I used as an undergraduate.
This app will put a hat on people seen by the camera. You are able to view, in real time, a alternative reality where everyone is wearing a hat.
blucat is designed to act like netcat and ncat. It's a little harder because there are many protocols to use instead of just TCP and UDP. blucat doesn't just connect sockets, it also provides an nmap like ability to scan and discover devices on the piconet. Currently blucat uses the Service Discovery Protocol to discover devices and services. It is then able to connect to url strings resulting from the service discovery or crafted by the user. Think of url strings as IP and port, instead they are MAC address and channel.
In the summer of 2012 I worked at the U.S. Naval Research Laboratory for the Center for High Assurance Computer Systems.
There are 4 radios in a typical device: cell, bluetooth, wifi, nfc.
This app allows you to just shut off the cell radio while leaving everything else on.
Airplane mode shuts off all radios and there is no built in method to disable just the cell radio.
Why to disable it?
1. When your cell radio can't access a tower it will drain your battery
2. Your location is tracked by carriers using your cell radio (This is necessary so people can call you.. it's not that they are evil)
In March 2012 I presented my paper regarding the Mars Weekend events during the Lunar and Planetary Science Conference.
This class is for graphically exploring objects by calling their "get" and "is" methods that can't be seen during regular eclipse debugging. This is designed for understanding code by looking at the methods that they offer. Some objects have their values as fields. These fields can be seen from inside the eclipse debugger. If a get method looks up it's value in a database or analyzes files these values can't be seen during normal debugging. The downfall of this type of examination is that these get functions can have side effects. For analyzing API's this isn't important.
I took an existing open source PDF viewer (eBookDroid) and removed a bunch of extra features to make it more stable. I want to use this codebase later to make a better tool for reading research papers.
This ongoing outreach project uniquely combines the data, systems, and resources of four existing NASA-funded research projects. We have established a web-based Mars Crater Seeker video game for K-12 students, teachers, and the public using real data from mars missions. We planned the first Mars Weekend on June 4-5, 2011, at the Museum of Science, Boston. The programming for both days consisted of invited talks, a panel discussion, and an array of hands-on activities for museum visitors. This years event is scheduled for August 18-19, 2012 at the Museum of Science Boston.
A team from UMB consisting of me, Veronica Carrillo Marquez, Fabio Elia, and Henry Z Lo won 2nd place. We crafted our own exploit during the competition that was used to erase all by one opposing teams hard drive. We were able to obtain a shell by creating a specially crafted HTTP cookie that had access to a poorly filtered eval() call. We were able to avoid specific function names in order to launch a remote interactive shell using PHP pipes. This method used an RPC call in wordpress which didn't leave any traces in the log files. Our exploit and payload needed to be base64 encoded which made it very hard to reuse by other teams if they had someone captured the attack in action. We scripted the creation of payloads which allowed us to change ports and ip addresses to counter other teams defensive measures. Once we gained a shell on the target machines we were able to use a recently discovered LPE to obtain root permissions. The attack was sloppy and caused a kernel oops when we disconnected. Next year we will be more prepared for post-exploitation.
In November I presented a "Bernoulli Trials Based Feature Selection for Crater Detection" at the ACM SIGSPATIAL 2011 conference.
In November of 2011 I visited the Google HQ in Mountain View, CA. Top picture from left to right Judd Reed, Siyi Liu, me, Sean O'Malley.
Me and the Product Marketing Manager at Rapid7, Christian Kirsch. Rapid7 supports Metasploit and NeXpose.
In the summer of 2011 I wrote some code in the Utah Salt flats
During an Eclipse Demo Day for Indigo I met Ian Skerrett the marketing director of the Eclipse Foundation
Meet researchers who work closely with NASA and the Jet Propulsion Laboratory to change how we look at the Universe. Modern satellites orbiting the Moon and Mars are sending us astonishingly detailed images of craters, canyons, gullies, and lava flows. What can these surface features tell us about the past and present, and what do they mean for future exploration by robots and humans? If we found evidence of life on Mars, what would it look like? During this weekend event, drive model Mars rovers on real and virtual terrain, and try activities and games for adults and kids. Enjoy short presentations about planetary exploration by guest scientists from the University of Massachusetts, Boston, Ohio State University, and the Lunar and Planetary Institute.
This was a kick off talk to create a security group at UMB. To get students interested in computer security. To provide a place where students can learn and discuss about topics in security. To share our experiences in cyber-defense competitions.
In 2011 I competed in the Northeast Collegiate Cyber Defense Competition (NECCDC) at EMC's Franklin Training Facility. The team is shown left to right as Francis Isabel, Ron Cheung Fabio Elia, Lvu, Lior Ben-kiki, Veronica Carrillo Marquez, Royce Stubbs, Me, Henry Z. Lo
This is a data browser for the popular Hibernate framework http://www.hibernate.org/ that is used to persist Java objects. It's NonPolymorphic because it displays objects under their exact class instead of displaying objects that extend that class. This browser is needed because it makes it easy to browse hibernate objects even if their data is stored in normal form in the database.
A web based full latex processor. Like the Google Docs of Latex. You can download PNG previews in the right pane or the full PDF. Editing is done in the left pane
Frequency Spectrum Dump Inputs: mp3, wav, ogg, flac, etc Scriptable, Visualization Output: csv file with the mean magnitudes of 255 frequency bands
This device was designed to aid people with on-road communication with a deaf driver. It is designed to aid a deaf person in having a conversation when reading lips is not appropriate. These situations include driving a car or boat. This device allows a user to type messages using a keyboard while another user reads the message from a screen. We support a standard PS/2 keyboard.
In late November 2010 I visited Dr. Ron Li's lab at Ohio State University to collaborate for a NASA outreach grant involving Mars rover data from the MER project. From left to right, Xuelian Meng, Rui Wu, me, Liwen Lin.
In Fall 2010 I offered Java tutoring group sessions to the students of UMB. This is sponsored the Women In Science club. It is offered to men and women.
On October 28th 2010 I presented with Henry Z Lo at the M.A.S.S. and MassCUE Annual Technology Conference about tools to educate students about computer science like Processing and Arduino.
This is an example of the Observer Design Pattern using a data source and two Observers. One is a 3D Bar Chart and the other is a 3D Pie Chart
On July 29th 2010 the first Tech Savvy Computing Camp was organized by Prof. Wei Ding and Joyce Wang and myself
Petition to the University of Massachusetts Boston to remove a WiFi agent and provide students with 802.1x to connect to the network.
App Installer is a utility written by Joseph Paul Cohen that allows an IT professional to install several programs with a single click. It is designed to launch from a network share and suppress any Windows security questions about launching programs. App Installer uses the CreateProcess() Win32 function call to launch processes without security warnings. This also allows it to understand UNC paths such as "\server\shareolder" This programs is written in C++ using the Microsoft Foundation Class Library. It works on Windows 95,98,NT,2000,XP,Vista,7 and Wine on linux.