US NAVY Sonar/Lidar Editing Software Released To the World

New submitter PFMABE writes The Naval Oceanographic Office (NAVO) has spent 16 years developing the Pure File Magic Area Based Editor (PFMABE) software suite to edit the huge volumes of lidar and sonar data they collect every year. In accordance with 17 USC 105, copyright protection is not available to any work of the US government. Originally developed to run on RedHat OS with network distributed storage, it has been migrated to Windows 7. This software, and accompanying source code (Win & Linux), has been released to the public domain at pfmabe.software, free for download with registration.

Re:

[GateGuy]

Passive sonar used on submarines is exactly how surface ships are detected.

One way to drum up business...

[HaGaRzzz]

This post was submitted by a company looking to make money by selling training to use the software.

Looks like the official distribution page is http://shoals.sam.usace.army.mil/PFMABE.aspx

Re:

[aaronmd]

The story should be revised to point to the link you provided.

Re:

[SuperBanana]

The link provided actually requires even more personal info.

Here's a way that doesn't require any.

magnet:?xt=urn:btih:0f76f9cb970aaa105843230c556cda28b7418369&dn=PFMABE&tr=udp%3A%2F%2Fopen.demonii.com%3A1337&tr=udp%3A%2F%2Ftracker.coppersurfer.tk%3A6969&tr=udp%3A%2F%2Ftracker.leechers-paradise.org%3A6969

Re:

[jones_supa]

Yes, but with that Magnet link we lose context. Theoretically it could link to a version of the program peppered with malware.

Re:

[MadMaverick9]

https://shoals.sam.usace.army.... [army.mil]

This Connection is Untrusted

You have asked Firefox to connect securely to shoals.sam.usace.army.mil, but we can't confirm that your connection is secure.

shoals.sam.usace.army.mil uses an invalid security certificate.

The certificate is not trusted because the issuer certificate has expired.
The certificate expired on 2014-06-10 02:24. The current time is 2015-04-06 13:17.
(Error code: sec_error_expired_issuer_certificate)

Next time provide a link that actually works.

Re:

[dbIII]

It will work if you use a Lenovo machine :)

The SSL web of trust has had trucks drive through it so a lot of people are not bothering to update their certs. Sadly you are one of the few that actually cares enough to point out an expired cert instead of just clicking through.

Re:

[dbIII]

Make that "sadly few actually care enough" since the above could be taken as an unintended insult.
I'm updating my certs but many don't bother anymore.

Re:

[Anonymous Coward]

download the dod certs and suddenly, it will be trusted http://dodpki.c3pki.chamb.disa... [disa.mil]

Re:

[MadMaverick9]

The problem that I pointed out has nothing to do with the root certificate authority (rootca), but everything with the fact that the certificate used on their web server expired almost one year ago.

bash $ openssl s_client -connect shoals.sam.usace.army.mil:443 2>&1 | openssl x509 -noout -enddate
notAfter=Jun 9 19:24:51 2014 GMT

But you're right, that is yet another problem with this certificate that the rootca is not available on a normal user's computer.

And now you want me to download a rootca from some shady link that some dude on slashdot posted and trust that? In your dreams.

Re:

[Anonymous Coward]

You can ignore/skip the "registration" part and go directly to the download page at this URL.

https://shoals.sam.usace.army.mil/softwaredownload.aspx

Note that its SSL certificate is expired, but if you're skipping the part where you provide personal info, that's not really a concern.

I suppose...

[linearZ]

The software is public domain by the US government. All it take is one temporary email account and github to bypass registration nonsense.

Hydrograpic scanning seems a very narrow field, likely populated by people already knowing how to this software (or software they wrote themselves). If this company thinks they are going to make money training, then they probably aren't going to make very much money.

Re:

[Anonymous Coward]

No. The USACE page, and the software there, is about three years old. The software on the referenced site was updated yesterday. The email sign ups are so you can get update notifications. And, no, I didn't post the article.

Re:

[storkus]

This post was submitted by a company looking to make money by selling training to use the software.

What's wrong with that? This is the business model of almost all FOSS.

Re:

[PFMABE]

The USACE version was last updated in Nov 2011. (v6.3.1.41) A little dated. The latest version 6.4.0.15 has the support for CZMIL and LAS

Re:

[linearZ]

You just know that the NSA has put a shit load spyware in that software!!

Open source at that.... Well, if the NSA is releasing open source spyware, I'm sure it will get exposed with more than just idle speculation soon enough. Certainly the kind of thing that the myriad of parties trying to untangle NSA mischief would be interested in.

Somehow I doubt the NSA would do this. They have a tendency to take without giving back to the community.

Re:

[jones_supa]

Open source at that.... Well, if the NSA is releasing open source spyware, I'm sure it will get exposed with more than just idle speculation soon enough.

That is idle speculation as well. Never blindly trust Linus' Law, I though we learned that lesson already!

The US Navy PFMABE program released here contains a lot of code, it's not that obvious that anyone will bother reading through the complete code.

Re:

[PPH]

anyone will bother reading through the complete code.

People don't really 'read' through code to find exploits anymore. There are some capable analysis tools that do most of the grunt work.

Re:

[jones_supa]

In that case open source isn't needed either.

Re:

[PPH]

In that case open source isn't needed either.

How will you know that the binary you are running came from the source you examined?

Re:

[jones_supa]

If I examined the source, I wouldn't need the binary analysis tools.

Re:

[linearZ]

Static analysis tools generally like to have the source.

Re:

[jones_supa]

I thought he was talking about dynamic analysis tools, but if not, then you are correct.

Re:

[linearZ]

I'm guessing the NSA is employing trolls these days. Just another in a long line of tactics borrowed from Russian dictators...

Re:

[linearZ]

Point taken. SELinux is kinda cool.

But the NSA certainly doesn't open source spyware. And they don't slip spyware into open source code. The NSA tends to operate here bit more subtly when they want to exploit opensource - like promoting flawed encryption that only a handful of people can actually figure out.

And it is very rare that the NSA exposing security flaws they find in open source, even when they know criminal are exploiting the same flaws. Not exactly acting in the public interest.

Re:

[AchilleTalon]

Most stupid comment ever. If you expect to effectively propoagate spyware, you don't pick a narrow and very specialized piece of software as a vector.

Re:

[spacepimp]

Unless the goal/userbase of the spyware is very specific to an industry.

here it is without the asshole-y email collecting

[SuperBanana]

Not really sure why someone felt entitled to hide all this behind a mailing list subscription for a consulting company's email spam list, so here it is via free magnet download. I only included the "required" dataset in addition to the source and required libraries.

magnet:?xt=urn:btih:0f76f9cb970aaa105843230c556cda28b7418369&dn=PFMABE&tr=udp%3A%2F%2Fopen.demonii.com%3A1337&tr=udp%3A%2F%2Ftracker.coppersurfer.tk%3A6969&tr=udp%3A%2F%2Ftracker.leechers-paradise.org%3A6969

That should paste into most torrent clients, watch for CR/LFs though.

What can you do with it?

[charlieo88]

What can you do with it besides edit lidar and sonar information? Does it have some sort of big data application?

Editing LAS files can be a big data application...

[linearZ]

Editing Lidar data and binning surfaces seems useful to all sorts of things Lidary, not just the underwater world. If this software can handle large data sets than it could be useful in detecting and tagging objects in a terrestrial scan. Scan large areas, add a database, and this becomes an open source "big data" Lidar tool.

If this software can't handle large data sets, then who cares beside Sponge Bob, PhD?

Annoying that this source code has been released in this way. But it is open source as public do

Re:

[SuricouRaven]

Anything produced by the US government is public domain. It's written into their copyright law: The government cannot create anything with a copyright restriction. Whatever it produces is for the public good, not for profit.

There are loopholes, though. This only applies to things directly produced by government - it doesn't apply to contractors working on behalf of the government, anything they produce is still restricted by copyright. It also doesn't require the government release things for free - there a

Re:

[Anonymous Coward]

> Anything produced by the US government is public domain.

That is... not even wrong. If you think it has any tie to truth, go get me the addresses and salary information of all NSA personnel, and the list of the home addresses of the staff at Guantanamo Bay. It has to exist, right? Someone send them paychecks, right?

Even NIH funded work, which is publicly available, is not "public domain". Of course it has copyrights on it to prevent editing a few wards, falsifying the document, and republishing it with

Was it written in Sea ;-)

[siri_kan]

/ducks [ Wait there's another pun here ]

MB-System

[Anonymous Coward]

Interested parties should also check out MB-System; it's GPL and NSF
funded. If you are familiar with GMT mapping tools this will be right
up your alley. Supposidly there's a Windows build using Cygwin, but with
datasets this large why would you want to?

http://www.ldeo.columbia.edu/r... [columbia.edu]

It is ainly focused on multibeam bathymetry but it despite the name it does
sidescan sonar processing too. It's not set up for LiDAR but its scripts
for dealing with massive point clouds could be adaptable.

Re:

[plopez]

I was about to say the same think. I think it is more universal than the Navy though as I have never served and learned it a long time ago. I suppose they had to clean it up so niave civilians didn't get the wrong idea about their clean cut a All American boy, and now gals, in uniform .

Swearing! Smoking! Tattoos! Eeeek! ;)

Re:

[plopez]

But it can be restricted due to National Security (TM) concerns :)

why is a American submarine shooting an Russian to

[Joe_Dragon]

Why is a American submarine shooting an Russian torpedo will be one the last things hear after useing this to seek out of the med.

pfmabe.software vs shoals.sam.usace.mil

[PFMABE]

The version on pfmabe.software was updated over the weekend (v6.4.0.15) and is being actively maintained and improved. The one on the shoals website is over 3 years old and is missing a great deal of functionality. Nor is it updated/maintained, nor is it likely to be. PFMABE Software was founded to help those users, institutions, governments who wish to use the freely available software. There are other opportunities and other software packages available. The choice is yours.