You are viewing linuxrocks123

NIHIL VEL PERTINAX SUM
The Web Log of Linuxrocks123

Date: 2014-07-26 17:15
Subject: Weird Al
Security: Public
https://www.youtube.com/watch?v=8Gv0H-vPoDc

This. Is. Awesome.
Post A Comment | Share | Link






Date: 2014-06-20 13:48
Subject: Repost of comment to ipwatchdog
Security: Public
Gene,

I was sent here by LWN (Linux Weekly News). It's well known over there that when you're unhappy, we should be happy, so I'm very happy today :) The converse is likely also true -- you were probably happy about the Oracle v. Google reversal, and I'm very unhappy about that :(

That's not to say I disagree with you on everything -- it seems (from your article on software not being math) that you wouldn't be averse to limiting terms for software patent to something like 5 years, which would be a great thing and might even make software patents benefit society.

Anyway, here's why I'm commenting here: your claim that software isn't math is quite strained. You try to make the distinction that math is "descriptive" and that software "controls a computer", but that's a matter of how software is used, not what it is. You don't have to use software by executing it on a computer; you could use it by reading it like a book if you wanted, and, depending on the software, you could be enlightened by doing that. You could also use software as part of a mathematical proof in the field of computability theory, and this is commonly done. There's a mathematical category of "computable algorithms", which are any formal languages that can be described by a Turing machine, and code that computes an algorithm is a proof that that algorithm is in fact in the category of computable algorithms. Hypothetical software is also written as part of proofs that certain algorithms are "NP-complete", meaning they can't be done quickly on a computer unless a lot of other (hard) problems can also be done quickly on a computer.

Look at functional programming sometime: it's "descriptive" rather than "controlling" (imperative), but it's equivalent to to more conventional (imperative) programming. Functional programming looks a lot more like math than imperative programming, so, if you look at it, maybe you'd see where all the people saying "software is math" are coming from. Look up the Church-Turing thesis to see how functional programming is equivalent to the more common Turing machine-based systems. And the equivalence is (you guessed it) a mathematical definition.

Oh, and, by the way, banning people because you disagree with them is juvenile. Perhaps that comment wasn't constructive, but still.
Post A Comment | Share | Link






Date: 2014-05-16 18:15
Subject: I Miss Groklaw
Security: Public
With the Oracle v. Google reversal and remand, I'm really missing Groklaw. I wish PJ still felt secure enough to continue with it. It was a great space for collaborating on threats to OSS, and, so far, there's been no good replacement for it. GrokTheLaw tried to continue in the spirit of the original, but it seems to have fizzled. What a shame.

---linuxrocks123
Post A Comment | Share | Link






Date: 2014-04-04 20:09
Subject: SystemD
Security: Public
https://bugs.freedesktop.org/show_bug.cgi?id=76935
http://www.networkworld.com/news/2014/040314-linux-280404.html?hpg1=bn

Just read that bug report. I mean ... just ... read it.

"Generic terms are generic, not the first user owns them."

SystemD parses the KERNEL'S command line, sees a parameter that has always been intended for the KERNEL to use, and responds by spamming the KERNEL'S debug log so much that the boot fails.

And then this is reported as a bug. And then SystemD says it's not their problem.

Linus can be abrasive. Linus can be wrong. In this case, Linus is 100% correct.

Slackware doesn't use SystemD. My hope is that Slackware never will. These arrogant, opinionated, anti-UNIX twats have no business managing the core of a Linux system.

---linuxrocks123
Post A Comment | Share | Link






Date: 2011-04-23 22:40
Subject: A Solution to the Cold Boot Attack
Security: Public
I've been working on the cold boot problem for a while. Read my glorious paper! Then, download aes-amnesia.S and come back here to figure out how to use it.


WARNING: DO NOT USE HARDWARE OR SOFTWARE SUSPEND WHILE THE LOOP.KO MODULE IS LOADED OR YOU WILL TOTALLY TRASH YOUR HARD DISK -- WE'RE TALKING EXTREME, IRREVERSIBLE DISK CORRUPTION -- UPON RESUME!

WARNING: DO NOT USE ON A SYSTEM CONFIGURED WITH SMP SUPPORT OR YOU WILL TRASH YOUR HARD DISK! PROBABLY NOT AS BAD AS IF YOU SUSPEND, BUT STILL PRETTY BAD!

AND THIS WILL CERTAINLY HAPPEN. IT'S NOT, LIKE, WELL, MAYBE IT WILL HAPPEN. IT WILL HAPPEN EVERY TIME. YOU ABSOLUTELY MUST NOT SUSPEND YOUR COMPUTER WHILE USING THIS. YOU ABSOLUTELY MUST USE A NON-SMP KERNEL WHILE USING THIS. AND IF YOU DON'T KNOW WHAT A NON-SMP KERNEL IS, YOU SHOULDN'T USE THIS. BECAUSE YOU'LL TRASH YOUR HARD DISK IF YOU USE THIS ON A NORMAL LINUX SYSTEM. ALL OF YOUR FILES. GONE. FOR GOOD. AND YOU WON'T KNOW AT FIRST. MAYBE YOU CAN RECOVER SOME OF THE FILES USING A TOOL LIKE PHOTOREC BUT DON'T GO THERE JUST DON'T USE THIS UNLESS YOU'RE ABSOLUTELY REALLY DAMN SURE YOU KNOW HOW TO AVOID CORRUPTING YOUR HARD DISK. THIS IS PRE-ALPHA QUALITY SOFTWARE. DO NOT USE THIS UNLESS YOU KNOW WHAT YOU'RE DOING. AND EVEN IF YOU DO KNOW WHAT YOU'RE DOING, DON'T SUSPEND YOUR COMPUTER, EVER, WHILE LOOP.KO IS LOADED. IF YOU DO ACCIDENTALLY, PULL THE PLUG ON THE LAPTOP AND TAKE OUT THE BATTERY RATHER THAN RESUMING BECAUSE ONCE YOU RESUME, YOUR FILES ARE DEAD. IF YOU DO RESUME, WELL, AGAIN, IMMEDIATELY TURN OFF THE COMPUTER TO AVOID FURTHER DAMAGE. IF YOU USE WITH AN SMP KERNEL, YOU'LL CORRUPT YOUR FILES MORE SLOWLY SO YOU WON'T KNOW AT FIRST. DON'T USE THIS WITH AN SMP KERNEL. IF YOU DON'T KNOW HOW TO DO THESE TWO THINGS -- NOT SUSPEND AND ONLY USE WITH A KERNEL YOU HAVE COMPILED WITHOUT SMP SUPPORT, DO NOT USE THIS SOFTWARE. THIS SOFTWARE CAN DESTROY YOUR DATA. ALL OF IT. FOREVER. DON'T USE THIS SOFTWARE UNLESS YOU UNDERSTAND THIS ENTIRE WARNING AND KNOW HOW TO MAKE SURE YOUR DATA DOESN'T GET DESTROYED.


This is what you do to use it (works with AES128 on 64-bit Linux only):
1. Get Loop-AES here.
2. Configure your kernel for Loop-AES. While you're at it, disable hardware performance monitoring (oprofile) and multiple CPUs (we don't support SMP systems unless compiled without SMP support ... yeah, I know, that needs to be fixed, and it can and will be).
3. Copy aes-amnesia.S to aes-amd64.S.
4. Make sure you've configured Loop-AES to use its AMD64 assembly language implementation of AES, which we just copied over. Note that things like Via PadLock and AES-NI are not supported currently; configure them out.
5. Compile Loop-AES as normal.
6. Some tests will fail because Loop-Amnesia doesn't support AES-192 or AES-256 yet.
7. Set up an encrypted volume with Loop-AES using AES128. You're now immune to cold boot!

DO NOT SUSPEND YOUR SYSTEM WHILE LOOP-AMNESIA IS IN USE OR YOU WILL ABSOLUTELY FOR SURE CORRUPT YOUR HARD DISK. In fact, you can do this to make sure it's working:
1. Unmount every encrypted volume except for a small loopback volume WHOSE CONTENTS YOU DON'T CARE ABOUT.
2. Software or hardware suspend the disk.
3. Resume and unmount your test volume DO THIS AND YOU WILL NEVER SEE THE DATA IN THE TEST VOLUME AGAIN IF YOU ARE USING LOOP-AMNESIA.
4. Use "losetup -d" on the loop device you used for the test volume.
5. Unload and reload loop.ko. IF LOOP.KO WON'T UNLOAD, YOU SHOULD BE VERY VERY AFRAID THAT PERHAPS YOU HAVE ANOTHER PARTITION LOADED AND OH GOD YOU'RE GOING TO LOSE ALL YOUR DATA FOR SURE IF YOU UNMOUNT ANYTHING YOU CARE ABOUT SO DON'T DO THAT AND DON'T TYPE "sync". JUST PULL THE PLUG IF YOU MESSED UP AND HAVE ANYTHING OTHER THAN A DUMMY TEST PARTITION MOUNTED. IF YOU'RE LUCKY, MAYBE YOUR DATA WILL STILL BE THERE WHEN YOU TURN THE COMPUTER BACK ON.
6. Verify that the loopback volume's filesystem is corrupted. If it's not, you've done something wrong and are using a non-cold-boot-immune Loop-AES implementation, not Loop-Amnesia!

Best of luck, and comment on this blog post if you have problems! Also comment if you want SMP support; I'd get to adding it faster if I know people are wanting to use it :)

UPDATE: The people who did AESSE (mentioned in my paper) have continued to work on the cold boot problem and have also released code. If you have a computer with AES-NI support, or a 32-bit CPU, you may want to have a look at TRESOR. TRESOR is a project similar to Loop-Amnesia but uses dm-crypt as its base rather than Loop-AES. TRESOR can also make use of the AES-NI registers to provide better performance than Loop-Amnesia on computers that have them (I will add AES-NI support to Loop-Amnesia if there is demand, however), and, unlike Loop-Amnesia, TRESOR also supports 32-bit versions of Linux (which Loop-Amnesia will never do). Unlike Loop-Amnesia, however, TRESOR does not support mounting multiple encrypted partitions. This means, for instance, that if you want cold-boot-immune data and swap partitions, you'll have to use Loop-Amnesia, not TRESOR.

Author of Loop-Amnesia,
---linuxrocks123
3 Comments | Post A Comment | Share | Link






Date: 2011-04-22 12:13
Subject: HOWTO: Avoid Internet Filtering
Security: Public
When I was in elementary through high school, my public school district used an Internet filtering system to stop students from accessing "evil" websites, such as those containing nudity or email. I have no idea if the PISSED (inside joke) school district has decided to lighten up any, but I decided to do a comparison of my school district's censorship system with that of China. I have also decided to include instructions on evading censorship of each.

PISSED school district:
- Annoying picture of stupid dog displayed when site is blocked.
- No DNS hijacking.
- Dedicated servers for censorship.
- HTTPS not blocked and not censored because contents of website couldn't be examined.
- I seem to recall port blocking was in effect, with only ports 80 and 443 allowed through.
- Unknown whether running an ssh server on port 80 or 443 would work (would unless they're doing deep packet inspection).
- CGIProxy was effective.
- Booting Linux eliminated need for login.

Communist China:
- Blocked site simply fails to load.
- DNS hijacking stops effectiveness of evasion tools that do not also tunnel DNS.
- Dedicated servers for censorship (assumed).
- Contents of HTTPS websites not examined; some https websites might still be blocked.
- No port blocking in effect.
- CGIProxy not tried but should work if run as https server.

I have successfully evaded both of these censorship systems in the past. Now, I want to tell others how to do this, too.

For the PISSED school district system, the following method should work:
1. Run a proxy server using SSH SOCKS5 proxying or HTTPS CGIProxy on your home Internet connection. If you choose SSH, use port 443.
2. Boot a PISSED computer from a Linux Live CD or DVD so that you don't have to log in and can't be tracked.
3. Connect to your proxy server.
4. Visit blocked websites.

For Communist China, the following method should work:
1. Run a proxy server in another country using SSH SOCKS5. CGIProxy probably won't work because of China's DNS hijacking.
2. Configure Firefox to redirect DNS requests through SOCKS to evade the DNS hijacking by setting network.proxy.socks_remote_dns in about:config.
3. Connect to your proxy server.
4. Visit blocked websites.

On Linux, to connect to an SSH server from a client and use it as a proxy, do ssh -C2qTnN -D 8080 username@remote_machine.com. Add a "-p 443" if you configured your SSH server to use port 443 to evade PISSED port blocking.

If you are personally suffering under the evil, anti-freedom regimes of China or PISSED, or otherwise have a need for evading Internet censorship, please post below so that I can assist you with your specific censorship evasion needs. I recognize these directions are rather skeletal; I feel that, if you are running into trouble, I can best help you by discussing the issue with you personally.

---linuxrocks123
Post A Comment | Share | Link






Date: 2011-04-13 03:51
Subject: My computer died due to a dead power supply fan
Security: Public
The fan on my recently purchased computer died, leading to overheating and malfunctioning of the power supply, leading to almost all capacitors on my video card exploding, leading to my noticing something was wrong. While this situation has since been rectified, and the computer is running fine (with a new power supply and an ATI Rage 3D XL instead of an NVidia GeForce 7600 ... >.<), I thought I'd ask my readership's opinion of a certain issue:

If I use a soldering iron to replace the blown capacitors ... would the dead graphics card live again?

Thanks for your advice,
---linuxrocks123
1 Comment | Post A Comment | Share | Link






Date: 2011-04-03 03:13
Subject: Google's Driverless Car
Security: Public
http://www.i-programmer.info/news/105-artificial-intelligence/2217-sebasitian-thrun-on-googles-driverless-car.html

This is a touching talk.

---linuxrocks123
1 Comment | Post A Comment | Share | Link






Date: 2011-02-22 15:36
Subject: Clean the Fan
Security: Public
http://www.collegehumor.com/video:1943659

Cleaning the fan of a computer system is approximately equivalent to changing the oil on a car. Most computer users, including me, rarely if ever bother to do it, but, if you don't, the computer may be more likely to be damaged over time due to overheating. On desktops, it's usually fairly easy to clean the fan, thanks in part to the widespread standardization of desktop PC components.

Laptops have always been less standardized than desktops, and therefore less user-serviceable. This situation is mainly due to space constraints requiring the use of custom-sized components. While this situation has been improving for a while, the improvement apparently hasn't been enough.

---linuxrocks123
Post A Comment | Share | Link






Date: 2011-02-18 09:03
Subject: Serene Branson Suffers "Complex Migraine" On-Air
Security: Public
http://www.youtube.com/watch?v=lGJ2XRJBHM8

She knew something was wrong at the time, but couldn't force herself to speak clearly. Man, this would be scary thing to have happen to you.

---linuxrocks123
Post A Comment | Share | Link






browse
my journal
July 2014