Into.the.Void.

Now that my system is considered (that’s what I think) a working desktop machine, it’s time for some security. First and easiest thing to do is to encrypt the swap partition.
What should I use though to achieve this goal ? cryptoloop ? Loop-AES ? cgd ? ppdd ? and so on and so on…The choices are too many to list. After reading Loop-AES author’s reply to this question:

[…] if Loop-AES works so much better, why hasn’t it been included in the kernel?[…]

here, and studying this great guide on computer security (How to defend your Privacy), I’ve decided to go for Loop-AES.

Quick SWAP encryption with Loop-AES HOWTO for gentoo linux:

1)Be SURE to remove any loop support from your kernel. Either as a module or builtin. We are going to build our own module so we don’t want the kernel’s module.

2) Supposing that your kernel does NOT have loop support we move on to installing the necessary packages.

echo "sys-fs/loop-aes ~x86" >> /etc/portage/package.keywords
emerge /usr/portage/sys-apps/util-linux/util-linux-2.12q.ebuild
emerge loop-aes


3) Time to change current swap configuration end enable the encryption support

swapoff -a

Now edit your /etc/fstab, find your swap lines and change them to something looking like this:

/dev/hda999 none swap sw,loop=/dev/loop9,encryption=AES128 0 0


4) We now clean the swap partition by filling it with 0s, recreate the swap partition and start using it

dd if=/dev/zero of=/dev/hda999 bs=64k conv=notrunc
mkswap /dev/hda999
swapon -a


You are ready, you swap is now encrypted on the fly.

Filed by kargig at 04:57 under General,Linux
No Comments | 2,369 views

I’ve recently upgraded my fluxbox to 0.9.12 which has antialiasing support 🙂 Fonts look a lot better now on the titles and menus.
After some world updates (where gtk+ was upgraded to version 2.6.2) vlc did not open up it’s neat gui. I had to re-emerge wxGTK and re-emerge vlc (version 0.8.1 works pretty smooth now).

I’ve also tried tuxracer version 1.1.1. It’s not as fun as ver 0.6 (it’s a lot slower and courses take more to finish and one can get easily bored), but I kept it cause it has head to head duels 😉

But there’s something that “bothers” me…Should I use:

ACCEPTED_KEYWORDS=”~x86″ emerge world

or just

emerge world

?

Anyone has any experience on this ?

Filed by kargig at 23:12 under General,Linux
2 Comments | 2,956 views

In search for a proper dvd player for linux I stumbled upon vlc.
It’s a great player with great features combining the functionalities of progs like mplayer, xine, etc. I don’t want to use mplayer to play dvds because it does not support dvd menu browsing. Xine from the other hand worked fine…until I pressed the fullscreen button. CRASH!… Oggle is another dvd player I tried using. There’s no gui and one has to learn the keyboard shortcuts. The basic drawback of oggle though is the lack of deinterlace option.
VLC has it all. Great gui, plays dvd menus, great sound and video drivers support, streaming support if you want…just everything. The prob with it is that it has a lot of library dependancies..but it’s worth it 🙂

vlc 0.6.2 and 0.8.1 had trouble compiling on my gentoo so I decided to go for 0.8.0.

To install vlc-0.8.0 it in gentoo I had to unmask some packages though:

echo “media-libs/libdvbpsi ~x86” >> /etc/portage/package.keywords
echo “media-video/ffmpeg ~x86” >> /etc/portage/package.keywords

and then:

emerge /usr/portage/media-video/vlc/vlc-0.8.0.ebuild

don’t forget to have the wxwindows use flag enabled in your /etc/make.conf…else you’ll get no gui 🙂

I’ve also found a very nice beta of acrobat7 for linux around the net. It’s great! Very fast…and with very nice rendering. It opens up pdfs faster than gpdf and it has a feature that’s trully lacking from gpdf: Text searching. I’ll wait for acrobat’s final release of acroread for linux 🙂

I’ve also changed my firefox theme from the default to Qute 3 (sample1, sample2)

Filed by kargig at 18:34 under General,Linux
No Comments | 2,565 views

athcool is a VERY nice utility that enables AMD’s athlons to enter powersaving mode. It’s just great. Less heat, less noise from fans that don’t need to run on 4000rpms any more 🙂

Just a part from the Athlon Powersaving HOWTO.

The HLT signal which is used by the normal idle-loop of the Linux kernel doesn’t normaly bring any significant power-saving on processors of the Athlon/Duron family (hereafter referred to as Athlon processors). To get real power-saving on an Athlon processor, you have to put the processor in the STPGNT-Mode (Stop Grant Mode). In this mode, the processor is disconnected from the front-side bus (FSB), and can turn off parts of the CPU as well as reduce the clock to save power.

just emerge athcool and start using it.

Filed by kargig at 12:55 under General,Linux
3 Comments | 3,425 views

I’ve emerged k3b in my gentoo to be able to write cds from X windows. When trying to fire up k3bsetup I got these strange messages:

root # k3bsetup
_IceTransOpen: Unable to Parse address
Session management error: Could not open network socket
kio (KSycoca): WARNING: Found version 75, expecting version 78 or higher.
kio (KSycoca): WARNING: Outdated database found
kio (KSycoca): ERROR: No database available!
kio (KSycoca): ERROR: No database available!
kio (KSycoca): ERROR: No database available!
kio (KSycoca): ERROR: No database available!
kcmshell (kdelibs): WARNING: Could not find module ‘k3bsetup2’.

I don’t understand what this is. BUT I’ve found a solution to it.
Inside /var/tmp/kdecache-root/ there were 2 files named:

ksycoca ksycocastamp

as soon as you rm them and run k3bsetup again…everything is fine.

It just works…I don’t know what ksycoca is but I’m glad this “solution” works.

Filed by kargig at 02:42 under General,Linux
8 Comments | 6,146 views

Here’s a link to a Greek artist’s “webpage”. In fact it’s a webpage created by my friend patroklos for the artist who seems to be afraid of using the internet. His work is really worth a look as his technique is very “clever” and with great results. More info on his “webpage” -> Georgios Mpogiatzidis.

Enjoy it 🙂

Filed by kargig at 02:03 under General
No Comments | 2,398 views

As I’ve said some time ago I wanted to switch to linux for desktop use. I started 3-4 days ago and I now have a fully working system. Until now there’s no application that I need and I couldn’t find a linux alternative. In fact I am using many applications I was using when I my desktop had windows, like openoffice, gaim, firefox, thunderbird, etc etc.
I had some slight problems though that I had to overcome.
A) How to import my firefox settings from windows.
I wanted all my passwords, bookmarks, history, etc etc. I googled for quite some time and I could only find how to import history and bookmarks, not a word about passwords. Anyway I’ve found out a solution, and here it is. Go to your “windows” firefox profile directory and copy:
1) key3.db
2) signons.txt
3) a file with numbers ending in .s (like 3143432.s)

to your linux firefox profile directory. In your linux directory open up prefs.js (while firefox is closed) and add a line to the file like this:

user_pref(“signon.SignonFileName”, “3143432.s”);

Start up firefox and you have probably all your passwords transfered from windows to linux. 🙂

B) Make audigy 2 work!
I supposed that having the latest kernel 2.6.10 and just enabling alsa and emu10k1 as a module would be enough. WRONG! I needed to disable alsa emu10k1 module from kernel and emerge alsa-drivers and alsa-utils. 2.6.10 Kernel provides 1.0.6 alsa driver while in order to make audigy2 to work you need 1.0.7. Hail Gentoo forums.

C) Find out what is going on with the ati-drivers.
I have a Radeon 9500Pro and finding out what drivers I should use in xorg.conf and in console framebuffer was a real pain. What are the proper modules to load in xorg.conf ? What’s needed for opengl ? And so many other questions…Gentoo’s forums were helpfull for once more. I emerged ati-drivers and ati-drivers-extra then fired up fglrxconfig. It created a very nice xorg.conf for me…that I only had to tweak a bit. Now I am enjoying opengl acceleration in X windows (I am even playing tuxracer!). About console framebuffer now…Well, don’t enable ati drivers in your kernel. Go to:
Device Drivers —> Graphics support —> <*> VESA VGA graphics support -> VESA driver type (vesafb-tng)
and DISABLE all ati-crap (at least that’s how it works for me). Then go to HOWTO fbsplash follow it and you’ll have nice framebuffer console support with *splash support. When I had ati-drivers enabled I could not get any *splash to work. Maybe it was my fault…but hey..it works now!

D) How to change from English to Greek keyboard in X ?
First read this excellent guide from www.linux.gr:
http://members.hellug.gr/djart/articles/grlinux/grlinux-1.html#ss1.5
Then read this:
http://members.hellug.gr/djart/articles/grlinux/grlinux-2.html#ss2.8
and finally this:
http://members.hellug.gr/djart/articles/grlinux/grlinux-3.html#ss3.1

Then you’ll have excellent greek keyboard support in your gentoo. If you want to have an indication about which language you currently use I’d suggest you take a look at kkbswitch.

That’s it for now…I’ll go play some tuxracer!

Filed by kargig at 22:55 under General,Linux
No Comments | 2,744 views

Exams are over. How did I do ? not as good as I expected. In fact they went pretty bad. Good thing is that I have sorted some stuff about my studying in my head. I convinced myself to study for hours…which I had not done for a long time. Maybe the results could be better…but I won’t give up now.

Enough with personal stuff though.

A friend of mine, Thocharis (or theo as he signs his weblog, knows the author of the “kost-it” program that I’ve blogged some time ago and contacted him to ask him why he does not offer the program any more, as I mentioned in my post. His reply was that 3M threatened to sue him because “kost-it” violates the copyright of “post-it” and that he should stop providing it to other people. He also asked if I can remove the link from my blog. I find that pretty stupid from 3M but I have to agree with the author so I will remove it from my previous post.

I am going to rebuild my desktop linux system. For the time being I will write down what I definitely need so then I’ll be able to make a plan of what to install and what to do/change. Anyone has any special suggestions for a “new” must use proggie in a linux desktop system ? I am kinda oldfashioned and console-only guy…but this time I feel it that I am going to make a change…use X-windows 🙂

Filed by kargig at 16:49 under General
No Comments | 3,554 views

Firefox problem number 1:
When I first installed firefox I did not notice masterpassword setting at once. So I had some passwords saved on a few sites without it. I’ve noticed though that even if I use a masterpassword now…If I don’t enter a password and visit those few sites, firefox auto-completes my username and password. If it’s not something I am doing wrong I consider this a bug. Since I’ve set a masterpassword why not protect ALL previous passwords ? Anyway…my temp solution was to delete those passwords from firefox’s internal database and enter them again after I have typed a masterpassword. Firefox now never auto-completes them without the masterpassword. I hope I have time later on to figure out how firefox descriminates passwords prior and after masterpassword being set.

Firefox problem number 2:
I used to have great problems watching wmv videos inside webpages. I could see .mov movies fine with firefox…but wmv was a real pain. They sometime played…they sometimes did not…Most times firefox crashed after loading a page with a wmv inside. When it did not, it filled my memmory and reached more than 200Mb of VM Size in Windows. I had this idea today to check on the dll that is responsible for wmv files.
So, I typed about:plugins, scrolled down…and there it was
C:/Program Files/Windows Media Player/npdsplay.dll
Then was the time to find an update.

Windows Media Player Plug-in for Netscape Navigator

That did the trick…Firefox now doesn’t crash and stays at normal VM size.

Another thing I changed was the Antivirus software I use. I changed from Norton to Kaspersky. I think Kaspersky is much much lighter than norton and my system gained some “fresh air”.

I’ve also had new “comment” attacks on my blog using trackbacks. So, I had to disable trackbacks. WordPress enables each blog entry to have its own rules about trackbacks and comments…so I had to change all previous rules of my previous posts to disable trackback. That’s easy to do with a small sql command:

UPDATE `wp_posts` SET `ping_status` = ‘closed’ WHERE `ID` >0

That’s it for now…

Filed by kargig at 14:10 under General
No Comments | 3,424 views

I have exams lately…so I need a place to express some stuff I am thinking and doing. And this is the place. Bare with me for another 10 days…then exams are over 🙂

Here’s a list of interesting stuff I have done/seen lately:
1) Kost-it: It’s a post-it like small proggie for windows. VERY usefull if you have lots of stuff in your head. I write them down there…and I remember to do them when I have to…or when I can. At least I don’t forget them. The bad thing about kost-it is that it’s developer has removed it from his site..(he’s probably insane or whatever). But since it was free, I downloaded it for free, I can provide it to you for free…I hope. Well if he’s got probs with this he can tell me.
Here’s the link to Kost-it version 1.87!

#Edit 08/02/2005
Read this post where I explain why the “kost-it” download link was removed from my blog. Blame 3M.

2) Firefox extensions
I introduced firefox to some people and of course I got feedback. One of them was using the Avant broswer so far and she was used to double clicking on tabs to get rid of them. There should have been a extension like that I thought…and there is! Tab Clicking Options!
Neeeeeeeeext.
Another one was barking on my ear about empty tabs being opened when you download something. I had noticed that too…I think it’s really silly. Oh well, there’s an extension that solves this too. And this must go inside the firefox source. What’s the reason for opening new tabs when u won’t use them ?
Disable Targets For Downloads. Neeeeeeeeext.

3) I’ve also played with IP-aliasing on linux for our local wireless network. It was fun…but the reason I did it is quite complicated, so I’ll blog about it when I have more time.

4) I’ve also set up some QOS rules for our local wireless network using tc and packet mangling from iptables. I change some TOS bytes for certain services using iptables and have created some simple filters to handle traffic using tc. It looks like our Cisco 340APs are aware of TOS bytes because people inside the wireless community have noticed a slight improvement when it came to concurrent downloading and voice chatting with a group of people on teamspeak or end-to-end voice over IP using h323. I’ll have a thorough look at it when I have time…I was happy that there was an improvement after all with those rules I’ve entered. I had no previous experience with these tricks on linux and I am not sure how I can “monitor” improvements. I’ll post my rules (both tc and iptables) when it’s finished, until then you can check on Wondershaper. We shall see what I’ll manage to come up with in the next couple of weeks…

5) ISDN call monitor.
I wanted a proggie that would tell me who’s calling me. I am really getting annoyed by certain people calling me to tell me how to do this and how to do that…and why doesn’t that work …and blablabla. Finally I have a way to monitor who called me when I was not at home and a way to avoid stupid people making stupid questions and eating up all my time. I know it sounds egoistic…but hey…if they would call you at 1 o’clock after midnight to ask you how to setup a prog on windows wouldn’t you be annoyed ? This is the answer I’ve found: ISDNCid. If you have a better one…PLEASE tell me.

That’s it for now…wish me luck, I’ll need it!

Filed by kargig at 15:42 under General
No Comments | 3,478 views

What if you could make phone calls from your home at Berlin to New York from someone’s phone actually living in N.Y ? And what if he got free minutes to do the call and both of you had internet connections ? Let me think…


Berlin--> VoIP (free) -->N.Y.--> Traditional Call (free)

|-------------------------------FREE--------------------------------------|


Is that an end-to-end free call ? Is it ? Oh yes…Baaad users…using technology to cut down costs ? baaaaaaaad.

Now, take a look at Bellster. It’s what I’ve just told you…but in a p2p form. You register yourself in the network…you donate your “free minutes” and you can call WHEREVER you want in the world for …. free! Everything is based on Asterisk opensource PBX. What Bellster only does is choose from which PBX-gateway your call is going to go through. So let’s say I can donate 5E per month for local calls (you define where the calls can only go to, you can restrict it to city wide, or nation wide or whatever you want). I frequently call my parents or my friends in my hometown. If just one of them places an asterisk and we both on the bellster…then we have national calls cut down to local, not just for me and them…but all the other bellster users. Imagine this getting bigger and bigger by the day. It’s a MASSIVE blow for telcos. The only downside of the project is that Asterisk needs an almost dedicated linux machine, and it is not the easiest thing in the world to configure. But I bet that while this is getting larger and larger asterisk will get both easier to configure and with even more capabilities.

Is this awesome or what ? We are getting robbed by telcos for over-paying something that is relatively cheap. Now it’s the time for them to feel like we did all those years…I know that it is really hard for this Bellster network to expand because it needs some tech backround…but there are millions of ppl nowdays that can surely set this baby working.

Go Go Pulver!

Filed by kargig at 11:34 under General
No Comments | 2,555 views

With an announcement made on friday phrack magazine announced that they will publish only one more issue.
For some people Phrack magazine may mean nothing at all. For others it was a must read during times where it was quite harder than now to find sources of usefull technical information on various subjects. Phrack was a magazine not only about computer hacking (or cracking possibly) but about a certain technology lifestyle.
Everyone will agree that phrack was on a decline period for several years now, older editors quitted, got bored, or whatever…and the newer ones can’t keep up with the old publishing rhythm or with the older “status” this magazine had. It’s true that for at least the latest 3 years, if not longer, phrack staff was lacking of inspiration. There were no articles to blow your mind like the “good old days”. I don’t believe that there are no interesting topics nowdays…but it looks to me as if the editors are not good enough for this job. They’ve turned the magazine to elitistic look and feel. The editors themselves don’t write anymore, and since they don’t..who will inspire the newcomers to sit down and squeeze their minds ?
It’s too bad that n00bs and l33t guys have taken over the universe. Where are the tech freaks ?

Filed by kargig at 22:21 under General
No Comments | 2,965 views

There’s a nice pdf around that explains how stupid can sometimes programmers or companies be. And that of course affects the(ir) users.
MS supports encryption in word and excel documents (wowZ!) but hey…do they do it “properly” ? Of course not…so people end up believing that they are safe…when in fact they are just wide open to attackers.

Abstract. In this report, we point out a serious security flaw in Microsoft
Word and Excel. The stream cipher RC4 [9] with key length up
to 128 bits is used in MicrosoftWord and Excel to protect the documents.
But when an encrypted document gets modified and saved, the initialization
vector remains the same and thus the same keystream generated
from RC4 is applied to encrypt the different versions of that document.
The consequence is disastrous since a lot of information of the document
could be recovered easily.

This analysis is pretty well written and explains a lot of stuff in a step by step mode. Give your self the chance to find out how you must learn not to trust anyone who provides you “security” and “encryption” services.

Go GO GOOOOOO MS! You did it again!

Looks like RC4 isn’t Microsoft’s favorite algorithm…http://seclists.org/lists/bugtraq/1995/Dec/0004.html
Are they SO dumb ? or do they do it on purpose?

Filed by kargig at 05:27 under General
No Comments | 2,767 views

Les Rivières pourpres 2 – Les anges de l’apocalypse is a sequel to a great movie but unfortunately this movie is BAD. It was supposed to be a thriller…and noone in the cinema made a slight sound to express fear. IMHO, it’s mostly a cop adventure. A bad immitation of american cop movies. It reminded me of some of Morgan Freeman’s movies where there’s some dark evil and the policemen are always behind it but can’t catch it and blah blah blah. The plot was hilarious…someone should tell the producers that rain from itself doesn’t make a movie spooky. It rained constantly during the movie…and that’s too cliché for a cop movie. The cops were STUPID. They had the bad guys in front of them (3m away facing front)…but hey…we never shoot…let them run away again…another 5minutes of running people on the screen. Actors should get extra payed for this movie…they seemed to run lots of kilometres. The movie has more than 15minutes of running people (the producer must be a fan of Lola rennt), it has another 5 minutes of a french cop playing karate with another bad guy and so on…The humour that existed in the movie was “hollywood cops” style, dumb jokes for dumb people. Oh, and something else…I didn’t know that amphetamine made people run and jump like spiderman…I’ll go to the local drugstore to buy some and then jump from roof to roof…seemed like lots of fun…

Don’t go see it…don’t even rent it…AND don’t download it (omg ppl download movies from the net ? unbelievable). IT’S CRAP.

I was lucky to go see it on non-rush hour and payed just 5 euros instead of 7. I saved 2 euros…pheeeewwww.

Filed by kargig at 11:50 under General
2 Comments | 4,106 views

It’s been a few months since I am gathering stats from our local wireless network using mrtg. Last night was the BIG night…the day I wanted to see some stats. Some real stats from the data each client transfered.
1) Change to RRDtool. Okie it was my fault not having it done from the very first time but no data were lost during the swap 🙂
2) Get yourself 14all.cgi to graph your collected stats (just like simple MRTG produces pngs…14all.cgi produces pngs from rrd files. If you can’t get what I am talking about visit RRDtool homepage and study..).
3) Get MRTS (example)
4) Get mrtg_total.pl (example)

Now configure all these…and you will have really beautiful stats and total traffic reports. How to configure ? RTFM.

Btw…I had some prob with rrdtool and 14all.cgi. If some entries in your apache error_log look like this:

/usr/bin/perl: relocation error: /usr/local/rrdtool-1.0.49/lib/perl//auto/RRDs/RRDs.so: undefined symbol: Perl_Gthr_key_ptr

Then you have a perl “version” problem. You might have more than one installed. Check whether the first line of 14all.cgi points to the proper perl binary.

Filed by kargig at 11:54 under General
No Comments | 3,985 views