John-Nicholas Furst | 22 Mar 2010 | | projects

BUILDS and Furst Labs are working together to perfect a multi-touch screen. The physical screen must be engineered for optimal finger blob tracking. Fingers are individually tracked on the surface using modified web cameras. The camera input is fed into custom tracking program designed by Furst Labs which implements the latest standard of Open Computer Vision. The tracker program then sends the individual tracked data points over a modified Tangible User Interface Objects protocol tunneled through the Open Sound Control protocol to another custom Furst Labs built program for gesture tracking and recognition. Once gestures have been recognized this program responds appropriately by either opening other applications or interacting with the user’s graphical interface.

A video demonstrating simple gestures can be found here:

Older · View Archive (146)

BUILDS Open House

For those of you that missed it, we had one hell of an Open House. The Open Organization of Lockpickers, the Graffiti Research Lab, and the Free Software Foundation all made a showing to help kick-off the opening of Boston University’s first hackerspace.

Here are a few choice pictures from the event, courtesy of Eric Schmiedl photography.


BUILDS Security: Buffer Overflows in gsubmit

BUILDS Security: Buffer Overflows in gsubmit

In mid February, BUILDS found a Buffer Overflow exploit in gsubmit, an assignment submission tool actively used in the Boston University Computer Science Department. Upon discovering the vulnerability and authoring a proof of concept exploit, the CS Department and Lab Administrators were made aware of the problem. A new version of gsubmit which fixed these problems was installed on March 19, 2010, the day that BUILDS presented a poster and demo on this topic at the BU Computer Science Research Open House [1].


Low Hanging Fruit

In the course of this project, work started on developing a tool that can statically analyze an ELF binary object for potential security vulnerabilities. Dubbed “Low Hanging Fruit”, this tool aims to discover possible problems in the binary, such as unchecked buffers, potentially dangerous library calls (such as the system() function), format string exploit attack vectors, etc. Development is ongoing, using the libelf and libdisasm libraries.

Future Work

  • Continue development of Low-Hanging Fruit
  • Use the vulnerable version of gsubmit as a tool to experiment with defeating different methods of Linux and gcc security.
  • Possibly adapt a more generalized version of our research for presentation to a wider audience.