A Lufthansa Horror Story

TL;DR: What happened today? Thanks to the worst customer service provided by Lufthansa I am going to explain you why I missed a day in Vegas and why, in my over 15 years experience, you should stop flying Lufthansa.

Today, I was heading to Las Vegas, to chill out at Black Hat and Defcon, via Frankfurt and Philadelphia. I was flying  Lufthansa, because in long flights I prefer to spend more and be safe; with my 2 dogs in a checked-in box. Due to many Lufthansa fails in logistics and customer service I miss my flight and I have been re-protected on a flight tomorrow.
So I would dissect the problem, to understand how multiple faults could face in missing a flight and have a reputational issue to manage.

In my opinion Lufthansa fails could be categorized as follows:

  • Manage your logistics: if you want to check-in more or less 100 people, with only one check-in line open, you are going to, not only take more time than expected, but taking ages.
  • Get more personeel: if the people at check-in desks are the same opening the gates, they can not start boarding until they finish checking in people. So one delay one one side leads to another bigger delay.
  • Training: please train people, for example at check-in desks they were totally unaware on the rules to check-in dogs. I had to tell them how much I was expected to pay and other details, just because I read the “How to check-in your dogs” rules before boarding.
  • Manage crisis: when we land in Frankfurt it was clear we were really late. All times I were late, the company I was flying with, was so kind to announce “Hey Mr. X you are late so we are going to help you, someone is waiting for you at end of the stairs”. But with Lufthansa  no announcements, nobody cares if a flight is late.
  • Customer service #1: keep your word: Landed in Frankfurt, I asked at the first Lufthansa hostess at the terminal how to get my connected flight. She checked and said “Don’t worry they will wait for you”. Sadly but true: I arrived at the gate 10 minutes late and they don’t wait.
  • Customer service #2: manage exceptions: when I approached the passport control the line was really long, so I asked a Lufthansa hostess if there is a priority line for us, she said “Just one line and no priority”. So the incapacity to manage exceptions leads to re-protection (costs for Lufthansa).
  • Customer service #3: don’t be a liar: I asked again to another Lufthansa hostess and I insisted, she checked and said “You will found someone waiting for you other the passport control”. No one was waiting.
  • Customer service #4: make clients happy: I missed the filght and asked  for support to the service desk, I found an angry girl. When someone comes to you for a problem caused by you, you should apologize and reward him. Just saying “we are sorry, the next flight is tomorrow” in economy class because business is fully booked and you will stay in a shitty hotel with a free 20 euros dinner, when you are used to five stars hotel and to spend more than that just for beers looks like a joke.
  • Cruelty to animals #1: I asked to have my dogs back for the night, when I finally had my box back, it was all wet (it was raining so probably they left it under the rain). The pillow and blanket inside were wet: my dogs were sitting on the wet. Lufthansa publicize a lot how they threat pets, I am not sure this it what they meant.
  • Cruelty to animals #2: I found a food stamp on the dog’s box, it means someone kicked it. I am not sure this is the proper way to deal with live animals.
  • Missing authentication: When I finally found my dog’s box, it was left unattended on a corner in a baggage claim hall. No one is guarding it and no one asked me when I get them. So virtually anyone could steal your pets.

Citing Forrest Gump: “shit happens” but how you deal with shit, how you manage crisis and customer service make the difference from losing clients and transform an issue in a success story.  And please, never be a liar.

A Lufthansa Horror Story

How to setup an Image Forensic lab with Ghiro

This how to will guide you through the setup of an Image Forensics lab, using Ghiro, a free and open source image forensics tool.

Ghiro comes also with a virtual appliance (it is a copy of Ubuntu Linux with all you need already installed, you can run on your host) to help people get a running Ghiro in few steps.

1. Ready for virtualization

You can run Ghiro Appliance in any host (Mac, Windows or Linux),  only a virtualization software is requested. There are many out there, free and commercial, for example Vmware or VirtualBox.

VirtualBox is a free and open source virtualization software, so for the sake of this guide we are going to use it, although you can use any other software to run Ghiro Appliance.

You need to have VirtualBox working, so download and install VirtualBox following the instruction on his website.

2. GET Ghiro Appliance

Download Ghiro Appliance from Ghiro website in OVA format and uncompress it, it is around 600Mb.

You will explode an .OVA file (the appliance), and a readme file with setup instructions.

Screen Shot 2015-08-19 at 01.38.55

3. Import Appliance

Now you can import the .OVA file inside VirtualBox. Open VirtualBox, go in the menu File and click on “Import Appliance…”, a screen like the following will popup:

Screen Shot 2015-08-19 at 01.44.05

Select the .OVA file and than click “Continue”:

Screen Shot 2015-08-19 at 01.45.25

Now a default setting page is proposed, just hit “Import”:

Screen Shot 2015-08-19 at 01.46.42

After clicking “Import” the import process will start and in a couple of minutes it will be ready:

Screen Shot 2015-08-19 at 01.47.14

When the appliance is imported you will see it in virtual machines list (don’t worry if you don’t have alle the machines listed in the screenshots, I am sorry but I have many):

Screen Shot 2015-08-19 at 01.49.26

4. Network Configuration

Most people fail configuring the network, so please pay attention.

Right click on your Ghiro Appliance on the Virtual Box Manager window and click Settings.

Screen Shot 2015-08-19 at 01.51.03

Then choose the Network tab.

Screen Shot 2015-08-19 at 01.51.52


You have to configure how the virtual machine can connect to your network, so now you are asked to select the network interface you are using and the type of link (bridged or host only).

In most cases you need to set “Attached to:” to “Bridged Adapter” and you have to set the “Name” of the network card you are using your for network, for example if you are using your wired interface named “eth0”, select “eth0” on the name drop down menu.

Remember to alway set “Attached to:” to “Bridged Adapter” or “Host-only Adapter”, never use NAT or any other option, it will not work due to how networking is implemented in VirtualBox. For more information about connectivity see the VirtualBox documentation.

Screen Shot 2015-08-19 at 01.51.52

5. Start and Play

Start the Ghiro Appliance selecting it and clicking on “Start”. The boot will start, when the appliance is ready you will see a screen like this one.

Screen Shot 2015-08-19 at 01.54.17The appliance IP address is printed on the screen, as highlighted:appliance_15What you Now just put that address in your browser and the Ghiro interface will appear.

Screen Shot 2015-08-19 at 23.42.56Now login in your browser with the same credentials and you will be ready to play

  • Login: ghiro
  • Password: ghiromanager

Screen Shot 2015-08-19 at 23.44.30

Enjoy! For any question Ghiro developer are available on the forum or mailing list.

How to setup an Image Forensic lab with Ghiro

Ghiro and Image Forensics Forum is opening

Ghiro is an open source project and it is driven by community needs: users feedback has a great value for us.

We always want to provide a comfortable tool for user support: we have IRC chat for real time support and a mailing list for asynchronous question and answer.

Today we are announcing a new support tool: the Ghiro and Image Forensics Forum.

We hope this will be an easy to use way share information, requests and feedback not only about Ghiro but also about any Image Forensics topic.

The forum has several categories, local forums where you can talk in your native language (if a forum for your country is missing, just ask and it will be added), registration with third party account (i.e. google, github), and many other features.

Enyoj! https://forum.getghiro.org


Ghiro and Image Forensics Forum is opening

Continuous Integration Services I Like

The term “continuous integration (CI)” refers to a process that builds, assess and tests code on a frequent basis.

Today continuous integration is a starting point for agile developers and widely used.

Every project I’m working on starts with a setup of continuous integration pipeline. I’m a big fan of agile developing, that’s why I was always searching for tools or services to help me develop my projects better and faster.

Here is a brief summary of services, selected over the years, I use in my projects, all of them are free, provide a badge you can embed in your website and are really easy to use. As example I will show the services I use on Ghiro, an open source image forensics tool.


Coveralls.io is a service to help you track your code coverage over time, and ensure that all your new code is fully covered.

This is of great help to focus you on writing tests (yep, I will do…)

For example, this is the dashboard you get for Ghiro:

Screen Shot 2015-07-16 at 23.52.44


Drone.io is another continuous integration tool, I think it is more customisable than Travis-CI although I use both.


Landscape.io is a code quality service, it monitors your codebase for metrics and trends. It runs checks against your code to look for errors, code smells and deviations from stylistic conventions. It finds potential problems before they’re problems, to help you decide what and when to refactor.

It is a good service, although it is not so much configurable (i.e. you can’t mark false positives), it could help to keep a code quality in your projects.

For example, this is the dashboard you get for Ghiro, there are same false positives I can’t mark as accepted:

Screen Shot 2015-07-16 at 23.07.53


Requires.io monitors the requirements of your project and notify you whenever a dependency is outdated, all Python dependencies are monitored: you are notified if you are using an old library or an insecure one.

I love this service, I found it of great help. Remember: it is mandatory to keep track of insecure dependencies in your project!

For example, this is the dashboard you get for Ghiro:

Screen Shot 2015-07-16 at 22.49.09Travis CI

Travis-CI is the best continuous integration and building services you will get, any description is pointless, and it is free. Kudos to these guys.

For example, this is the build report you get for Ghiro:

Screen Shot 2015-07-16 at 23.57.36


Continuous Integration Services I Like

Cuckoo GSOC: about winners and winners

I hope you already know, this year Cuckoo Sandbox joined the Google Summer of Code program thanks to the Honeynet Project.

We proposed two project ideas: a Linux analyzer project and a Mac OS X analyzer project.

We got a lot of submissions, many talented and skilled students applied with their project proposal. Sadly Google gave only 8 slots for all the Honeynet organisation, so trying to decide which lucky students would eventually be accepted was an hard task.

Difficult decisions unfortunately had to be made to best use the limited number of slots, so only the best student of all Cuckoo project ideas was selected.

The winner was Dmitry Rodionov with the Mac OS X analyzer project. He will work with me and Jurriaan during this summer to extend Cuckoo analysis capabilities to Mac OS X. If you are interested in, you can follow the progress in a public GitHub repository.

At some point several students who applied to the Linux project started to discuss about the project regarding from the GSOC results, asking for our help on some design ideas. That was amazing to me, they are pushed by curiosity. They are winners too.

Cuckoo GSOC: about winners and winners