At the risk of starting a tradition of releasing Bluelog updates on holidays, I’ve decided to push out 1.1.1.

This is the first update of the 1.1.x series, and with it comes some pretty cool new additions which may very well be broken!

At the top of the list is improvement to Bluelog’s memory management that came about while putting it to work on the Raspberry Pi (it’s amazing how working on platforms with limited resources really brings the deficiencies to the surface), and the merging in of libmackerel.

With libmackerel, Bluelog is now able to report device manufacturer in the log files with the “-m” option. As of right now, this feature will only work on generic x86 builds (not Pwn Plug or OpenWRT), but I’ll be working on that. In addition, the device manufacturer will be placed in the log, but DOESN’T show in the verbose output yet.

I’ve got some very big changes ready to be pushed up to GitHub here on my development machine, but I’ll wait a bit and see how this release works before I pull the trigger on those.

Today I’ve released the first version of libmackerel, a GPLv2 library for the manipulation and creation of MAC addresses.

The functions in libmackerel started as parts of Bluelog and Bluefog, but eventually got expanded to the point that it was worth making its own library.

As of today, the development version of Bluelog is using libmackerel, and Bluefog will follow sometime soon. With the libmackerel merge, Bluelog now has the ability to lookup device manufacturers based on MAC OUI (currently x86 only).

The Bluelog 1.1.0 packages should be popping up in the OpenWRT repos in the near future. I would be interested in hearing how well it does/doesn’t work for anyone.

Ho Ho Ho!

I was looking at my release timeline and noticed that it was just about 6 months since the last stable Bluelog release, and thought it would be a nice gift for the holidays to push out a new build (especially since the world didn’t end).

But what’s this? Skipped version numbers??

That’s right, this normally would have been 1.0.5, but I decided to release this as 1.1 since there are going to be some rather large changes happening in the near future.

After 1.1, I plan on doing some rewrites of parts of Bluelog, as well as hopefully knocking a few other things off my TODO list. So I would expect some more frequent releases as I fix/break things in the 1.1.x branch.

But 1.2 should be all the better for it!

Since it’s the end of the world and all, I thought I would take the wraps off of my latest project.

Bluefog is the antithesis of Bluelog. While Bluelog is designed to quickly and accurately determine how many Bluetooth devices there are in the local area, Bluefog is designed to confound such efforts by generating large numbers of phantom Bluetooth devices.

To do this, Bluefog can run parallel tasks on up to 4 physical Bluetooth adapters, and uses real-world data collected from my Bluetooth scanning experimentation to seed the spoofed devices.

Give it a shot and let me know what you think.

I’m terrible at deciding when it’s time to push out a new version. I always want to add or test new things, but after a few successful runs with 1.0.4, I think it’s safe to go public.

The theme for this update was improved performance and compatibility with non-PC targets, meaning the Pwnie Express Pwn Plug and OpenWRT. I’m happy to report that, as of 1.0.4, Bluelog Live finally works out of the box on OpenWRT.

Changelog Highlights

• New: Completely new Bluelog Live CGI module
• New: Bluelog Live Perl script (CGI alternative)
• New: Status panel in Bluelog Live
• New: OpenWRT Bluelog Live theme added
• New: New OpenWRT Makefile, improved (smaller) package
• New: Improved error handler on WRT and PWN
• New: Pwn Plug Makefile target (make pwnplug)
• Experimental: Vastly increased scanning speed on PC and PWN

In a few days it will have been a month since 1.0.3, and a lot of things have changed. I’m actually starting to think that I might need to skip a few digits and move to 1.1.x soon, but we’ll see what happens.

The biggest thing that has happened since 1.0.3 is that Bluelog now uses a CGI module for the Live interface, which makes it all much faster and flexible. Having that interaction with the browser means I can do things like the new “Status” pane in the Live interface to show a real-time display of Bluelog’s state. In the future I’ll be able to do even more, but as it stands, the CGI module already has more functionality than the older SSI interface ever did.

Speaking of that, the old SSI mode still works and I have no plans of killing it off. All development will go towards the CGI module, but I’ll keep the old method from breaking for as long as possible.

1.0.4 also puts a lot of focus on the Pwn Plug, as I’ve tried to deliver a pretty turn-key solution on that. 1.0.4 will be integrated into one of the official Pwn Plug updates at some point in the future, but for now, it will be very easy for users to build it on their own hardware.

Similarly, I’ve pushed hard for a better experience on OpenWRT with 1.0.4, which has come along very well. Bluelog now has a OpenWRT theme, and the CGI module works perfectly out of the box with uhttpd (the default web server in OpenWRT), meaning Bluelog can work right alongside LuCI without the user having to do anything special.

There is a bunch of under the hood stuff too, like improved error handling and faster scanning.

Anyway, I have a few more tests I want to run and I’m waiting on some feedback from a few people, but I think 1.0.4 will be ready to make its public appearance in the next week or so.

Its come to my attention that counterfeit copies of Bluelog 1.0.4 are in circulation! Make sure your copy has the correct hologram “Bluelog” logo on the box to ensure it’s legitimate.

In all seriousness, it looks like #openwrt picked up on a test version of 1.0.4 that I left on the server for longer than I should have, and pushed it out to their development branch.

The quasi-1.0.4 probably works well enough, but it definitely IS NOT the final 1.0.4 and doesn’t represent the finished product. Keep an eye out for the real release in the next few weeks or so.

It’s been a few months since the 1.0.2 release, and figured it would time to toss this one out there. I would consider 1.0.3 somewhat experimental, as it changes a bit of internal code as to how devices are logged and reported. It’s been tested pretty well pre-release, but keep an eye on it just the same. Highlights from the ChangeLog:

• Added -s option for syslog-only logging
• Default log filename now in the format “bluelog-YYYY-MM-DD-HHMM.log”
• Reduced file I/O during logging, should help performance
• Added Pwn Plug CSS theme for Bluelog Live mode
• Better support for Pwn Plug and OpenWRT specific options/features
• General improvements and cleanup for Live HTML 

Version 1.0.3 is in testing now, hopefully to be released in the next week or so. A lot of the changes in this build were under the hood things the normal user won’t encounter, but there at least two big additions:

1. The default log filename is now in the format: “bluelog-YYYY-MM-DD-HHSS.log”. Not only will this make it easier to manage log files, but will prevent Bluelog from continuously appending to the same file as it does currently. Of course, you still have the option of giving your own filename with the “-o” option.

2. For the first time ever, Bluelog has an option to disable the standard log file and instead only record new devices to syslog. This mode was added in part due to reports I got back from people using Bluelog’s syslog output in conjunction with syslog-ng to setup a mesh of Bluelog sensor nodes with one central logging server.