Follow paulmutton on Twitter


Homepage of Paul Mutton

Most software on this site is available under the GNU General Public License (GPL). Since the GPL may be too restrictive for use in proprietary applications, a commercial license is also provided.

High Severity - a security blog

If you're interested in online security, penetration testing, hacking and so on, you may be interested in my new blog, High Severity. I'll be kicking things off by interviewing a member of Anonymous, so stay tuned to and let me know if there are any other features you would like to see on the site.

7 Jan 2011 - 16:58:47 PST
[Permanent link]

Cyber Security Challenge UK - cipher challenge winner

Yay, I just won the Cyber Security Challenge UK cipher challenge! Rather appropriately, I've won season tickets for Bletchley Park, plus a personal tour of the refurbished Colossus code breaking computer from World War 2. This is how I cracked the code.

30 Jul 2010 - 1:48:46 PDT
[Permanent link]

O2 Wireless Box III - Still Insecure

After waiting several months for O2 to fix the wireless router vulnerability I reported last year, I was about to discuss how the vulnerability worked...

...but then I discovered (in less than one minute!) that their fix contains a new vulnerability which makes it possible to do CSRF attacks. That means an attacker could steal your WEP/WPA2 key, change your password, set up port forwarding, etc. Read more here.

10 Apr 2010 - 8:46:00 PDT
[Permanent link]

O2 Broadband Router Security

A few weeks ago, I discovered a serious security flaw that affects hundreds of thousands of broadband internet users. I made several attempts to report this problem to O2, but they erroneously insisted that the security of their Wireless Boxes exceeds industry standards and is acceptable for home use.

I strongly disagree, so I have published my findings to try and get them to take the matter seriously. It's quite an interesting attack vector, so I shall describe it in full detail after they have fixed the problem.

28 Aug 2009 - 12:14:35 PDT
[Permanent link]

Current Cost Graphs

I've been jibbling about with a Current Cost device lately, and have been working out how to get data out of it and into some shiny graphs.

What with the current trend of rising energy costs, this is both enlightening and depressing!

8 Sep 2008 - 13:23:05 PDT
[Permanent link]

BBC iPlayer DRM hack

BBC iPlayer has been available for a while now, but there have been a few things I still don't like about it. The iPlayer client started off as a Windows-only application that rather covertly stole lots of your bandwidth by installing a peer to peer network client which remained running even when you weren't using iPlayer. Crappy digital rights management meant that you could only watch downloaded programmes for a certain amount of time, and even then, things would tend to break and you would have to download everything again in order to watch it. After a while, they started to let you stream programmes directly from their website without needing to install this junk, but the quality was not as good.

Fortunately, a few days ago, the BBC made iPlayer available to iPhone users. The video quality is much nicer, and it doesn't contain any of that wanky DRM bollocks. The BBC iPlayer website currently determines whether you're using an iPhone by looking at the User-Agent header that the web browser sends to the server each time it makes an HTTP request.

So, using Firefox and Chris Pederick's User-Agent Switcher, it is possible to trick the BBC iPlayer site into thinking that you're using an iPhone, thus giving you access to the better-quality DRM-free downloads.

Spoofing the iPhone

Set your browser's User-Agent to something that looks like an iPhone:

Mozilla/5.0 (iPhone; U; CPU like Mac OS X; en) AppleWebKit/420+ (KHTML, like Gecko) Version/3.0 Mobile/1A543a Safari/419.3

Now have a look around the BBC iPlayer website and find your favourite episode of Eastenders...

The next bit is slightly awkward. Firefox will want to open the video within the browser using something horrible like Apple Quicktime, but all we want to do is download the video so we can keep it forever (remember, its DRM-free!). I made the following piece of JavaScript which will create a new web page that contains a direct download link for the video. Simply redirecting to the video URL makes the browser try to play it, so you'll need to right-click on the URL and use "save as". The default filename will have a ".htm" extension, so rename the whole file to something meaningful and give it a ".mp4" extension instead.

Downloading the DRM-free video the easy way

To make it easier to use the JavaScript, you can save it as a bookmark and keep it to hand on Firefox's bookmarks toolbar. This is the code you'll need to bookmark (all on one line):

javascript:window.location = 'data:text/html,<p>Download the video with <a href="' + document.getElementById('mip-flash-player').getElementsByTagName('object')[0].firstChild.value + '">this link</a> (right-click, save as, rename with .mp4 extension)</p>';

So now it's trivial to get hold of DRM-free content from BBC iPlayer:

  1. Install User-Agent Switcher.
  2. Add a new User-Agent string to Firefox so you can pretend to be an iPhone.
  3. Go to the iPlayer site with your iPhoney browser and find something worth watching (hint: Eastenders).
  4. Click on the special JavaScript bookmark shown above.
  5. Right-click on the link it gives you and save it somewhere, giving the file an ".mp4" extension.
  6. Finally, play the video (as often as you like!) using VLC.

12 Mar 2008 - 13:04:17 PDT
[Permanent link]

PircBot 1.4.6 IRC library released

It's becoming increasingly common for IRC networks to require clients to register with NickServ, and then identify themselves to NickServ each time they connect. Failure to do so prevents the client (or bot) from being able to send private messages to other users, and the server may even force a nick-change upon the client.

The new release of PircBot 1.4.6 addresses this problem by allowing bots to identify with NickServ (using a previously registered nick and password). This works on IRC networks which support raw NICKSERV commands, such as freenode.

11 Apr 2007 - 11:49:13 PDT
[Permanent link]

Lens hoods

One of my latest web sites, which offers free downloadable lens hoods, is mentioned in a BBC News article. The site lets you download lens hoods for a variety of SLR camera lenses, which can then be printed onto paper or card and glued together to make an impromptu lens hood. Lens hoods are an essential accessory for any photographer, as they prevent stray light entering the lens and reducing image contrast.

So if you're into photography and haven't got a lens hood yet, why don't you go and grab a free one from

29 May 2006 - 12:44:21 BST
[Permanent link]

Mobile Googlebot "uses" Nokia 6820

Someone recently commented on a large proportion of their web site visitors coming from Nokia 6820 devices - even more than from Mozilla based browsers!

Taking a quick peek at my own Apache log file, I noticed quite a lot of requests coming from a range of IP addresses - owned by Google - with the UserAgent set to "Nokia6820/2.0 (4.83) Profile/MIDP-1.0 Configuration/CLDC-1.0 (compatible; Googlebot-Mobile/2.1; +"

This probably explains these erroneous stats :)

Obviously Google are not really using Nokia 6820s to crawl the web, but they are presumably performing separate crawls with this different user agent to see whether sites return different content if they know the client is using a phone or other small-screened device. It would be interesting to know how many sites do actually return different content for mobile browsers.

28 Apr 2006 - 13:24:12 BST
[Permanent link]

Time to go

After several years of being heavily involved with computers and the internet, I've decided to give it all up and go and live in a shanty town in Peru. Here I will enjoy an exclusive plot in a "pueblos jóvenes", with no electricity supply and no nearby telecommunications masts. It's possible that you may be able to contact me with VoIP (Voice over Intelligent Pigeons), but due to a local outbreak of H5N1 bird flu, this cannot be guaranteed.

Obviously, I will not be able to update this web site after I have embarked upon my new life. If you would like to buy it, offers may be passed on to my solicitor, Mr Uve Binadd.

1 Apr 2006 - 7:37:25 BST
[Permanent link]

KiteCam II - Donate Your Camera!

It's been quite a while since the original KiteCam adventure saw my £300 digital camera soaring into the skies to take aerial photos of the University of Kent. Unfortunately, it went a bit wrong and the camera ended up getting completely trashed when it hit the ground just a little bit too hard. It was a bit of a devastating moment, what with me being a poor student and having broken my only camera... but still, it seemed like a good idea at the time.

Now I believe it is time to relive this fun experiment by planning KiteCam II. My initial thoughts were to avoid the same mistakes as last time by putting a bit more effort into making sure everything is well-organized and safe, but then I suddenly realised there is no fun without danger!

So, I'm going to do KiteCam II in pretty much the same way. It will involve a kite. A stupid, impractically huge kite. It will involve bubble wrap. Oh yes. It will involve lots of string and some toilet roll. It will involve some ingenious remote shutter mechanism which can be attached to the camera. But most of all, it will involve that ludicrous element of danger that makes it so fun.

This has made me realise that it's best to use someone else's camera for this kind of thing.

If you would like to donate a 35mm SLR camera and lens to be used in KiteCam II, please contact me. Wide-angle lenses would be best for this kind of stunt. Film cameras will do fine, but I certainly won't turn down a chance to send someone else's digital SLR in the air! :) Please note that any cameras and lenses you donate will not be returned - they will most likely end up in pieces! However, you will be safe in the knowledge that you'll be helping out with a fun project and your donation will be mentioned on the inevitable web page of photos that will appear after it's all done.

So, what are you waiting for? Let me know if you have any of the following that you'd like to donate:

I look forward to hearing from you :)

5 Mar 2006 - 22:30:21 GMT
[Permanent link]

Autoboxing Considered Harmful

I was not a great fan of Java 1.5 when its new features were announced. Sure, I could see the benefits of things like autoboxing, but having taught this stuff to university students for 3 years, I couldn't help but think of the problems it could cause.

I came up with the following example, which demonstrates autoboxing in action (note: never write code like this!):

  Integer a1 = 100;
Integer a2 = 100;
System.out.println(a1 == a2); // Prints "true"

Note that this code will not compile in Java 1.4 or earlier, as you cannot assign an int to an Integer without autoboxing. The equality operation could appear to return "true" because the int values inside the Integers are the same, but it's actually because when a1 and a2 are assigned, they end up pointing to the same immutable Integer object. Testing the same object for equality with itself obviously returns true.

This alone can cause some confusion, as changing the code to do things the "old" way would give different results:

  Integer a1 = new Integer(100);
Integer a2 = new Integer(100);
System.out.println(a1 == a2); // Prints "false"

To most people, the above difference would be obvious - a1 and a2 both point to different Integer objects (they just happen to contain the same int value), so the equality operation returns false.

Now, let's jump back to that first example where two autoboxed Integers are compared. What happens if we change their values from 100 to 150?

  Integer b1 = 150;
Integer b2 = 150;
System.out.println(b1 == b2); // Prints "false"

Most people look at this and go, "Huh? Why does it return false now?" Unfortunately, only values between -128 and +127 are assigned to the same immutable Integer object in a pool of Integers. Anything outside that range appears to be assigned to a new Integer object, so equality will never happen.

Using autoboxing in this way is a poor practice, but I can imagine it being all too easy for student programmers to fall into this trap and end up getting really confused. I even know people who work with Java every day and were very surprised by this.

Sun's advice on when to use autoboxing and unboxing is pretty sound, and should be observed and taught in order to prevent any weirdness happening:

Use them only when there is an "impedance mismatch" between reference types and primitives, for example, when you have to put numerical values into a collection. It is not appropriate to use autoboxing and unboxing for scientific computing, or other performance-sensitive numerical code. An Integer is not a substitute for an int; autoboxing and unboxing blur the distinction between primitive types and reference types, but they do not eliminate it.

Wise words indeed.

21 Dec 2005 - 20:59:06 GMT
[Permanent link]


Search this site


Copyright Paul Mutton 2001-2013
Feedback welcomed

Web Hosting

Web Hosting