iPhone Face Detection

I think it is pretty amazing, since as far as I know and searched, it seems that it is the first face detection app to be running on iPhone itself.

Regarding comparison with iFace and iPhoto - it looks like these apps snap the picture and send it to a central server for processing and etc. (I am not going to go in a detailed description and comparison of all these apps features though)

Also, it seems like hotels far away from home may act as energy and ideas boosters. One year back once setting up my site, I proposed myself to make the code portable and run on as many platforms, including iPhone which I got at that time. One year of delaying and finally few days of hotel lock-up and I have it working for the iPhone.

Feeling of satisfaction is unbeatable.

Few notes:

• Code is almost 100% portable. Yes, few minor tweaks of settings for the compiling environments, but overall the same routines are used for all these platforms: Windows, Linux, Cygwin, iPhone (FW 1.1.2), Mac OSX.
• It is good to see false-positives and missed true-positives if talking from research point of view, since this means there is room to improve and study. The percentages of detected true-positive, missed true-positives and false-positives seems to be around 80%/15%/5%.
• Still have to check and properly evaluate processing times. No figures here yet
• Compilers used are gcc flavors for the corresponding platform/architecture
• For the iPhone I used iphone-dev team’s toolchain for iPhone FW 1.x
• Unfortunatelly, I cannot share or release code at this point. Please don’t ask for it at least for the moment
• However, if you have any serious research or commercial offers, don’t hesitate to contact me (contacts on right panel)
• Click here for related links of my previous work

TODOs:

• Seems like last minute hassle made my facial features (eyes-mouth triangle) not to work properly. Hopefully will be fixed next time I touch the code (never know when it happens)
• Face recognition. I have some experimental code for PCA method, though I want more research on this.
• Face and flow tracking in video feed from iPhone (crappy) camera

Stay tuned…

Tags: iPhone face detection recognition tracking iFace iPhoto iFaceFriend image video processing computer vision digi-face digiface digi-face.net digi-face.org andrei costin andreicostin.com

eJobs.ro security hacked screwed again - execution with cool-blooded SQL injection

Yes boyz and pretty girlz, eJobs.ro gets it again into the face and gives away 1.3 Mln resumes and personal information! More - passwords in clear, not at least hashed…

My two cents on this:

1. Nice work from the guys here - HackersBlog.org

2. Some of my early whistle-blowers to the ejobs.ro here (ejobs XSS1) and here (ejobs XSS2) - seems like they have either deaf or inexistent security assesment team… Too pitty for them…

3. It seems that the method used by the guys was in one of my earliest attack methods which I left asside for some dumb reasons. eJobs.ro Attack Vectors file

The below is what I was exercising back then, and the similar attack vector is what the guys really used to SQL-inject (the below is not working already for obvious reasons… )

Code:

4. Also, if you go specifically to http://ejobs.ejobs.ro (yes, double times ejobs, it is not a typo!) you will see an internal eJobs position posting. The interesting details I have highlighted below:

eJobs job posting - hahaha

Till next time, enhance your

Knowledge of Secure Programming Best Practices

Tags: ejobs, ejobs.ro, ejobs ro, ejobs.ro sql injection, ejobs.ro sqli, ejobs.ro hacked, ejobs.ro hackuit, ejobs.ro security, ejobs.ro spart, ejobs.ro database, ejobs.ro baza de date, ejobs.ro CVuri

google.com - malware problem

As many might recall the Google’s glitch to tag every single site as malware site. More details are:
- @ Google Blogs (fcuk - I think someone will get pretty fudged up in the ase at Google for this human-error, since it was necessary for one of the biggest corporations VP to officially give explanations and appologies - those who worked or are working for some kind of corporations know this kind of price…)
- @ StopBadware.org

One of the most nicest things is

Google to tag itself (i.e. Google) as malware

.

Philosophically speaking, Google being a source of trust for a wide majority of people/systems AND in the same times tagging itself as malware (even though for a very small amount of time AND by “mistake” - I would love to believe that it was a mass-social-experiment ) - doesn’t it raises the question of old classes of computer-field (and not only) problems “Chain of trust and breaking the chain of trust?!”

Here is my screenshot :

Google tags Google as malware

Tags: google malware, google is malware, google stopbadware