General « Intrepid Blog

Archive for the ‘General’ Category

Section 202c of the German computer crime laws

Monday, August 13th, 2007

This section has come into effect over the weekend. It makes it illegal to create, possess, obtain, provide access to, yield, distribute or otherwise allow access to lots of widespread tools that can be used to breach security. Take for instance nmap.

This law does not only impede our freedom (of speech), research, decrease security and allow for misuse, but more importantly it won’t even stop the real criminals.

Stefan of the Month of PHP Bugs Project writes:

The law does not affect our freedom of speech to report and inform about security vulnerabilities and how to exploit them.

We are just not allowed to create/distribute/use software that could be used as “hacking tools”.

Where would they draw the line between reporting/informing about a vulnerability and how to exploit it and the actual source code to do it. Would pseudocode be illegal? Would literate code be illegal? Also there would be no way for security researchers to try out their work.

What will happen in the worst case if similar laws are accepted in other countries and enforced, is that vendors will rather cover up all vulnerabilities using these laws instead of securing it. That there are lots of ready-to-use exploits is good. It’s a very good incentive for security.

That there will always be a leak in a piece of software that someone will be able to find on his own will not be changed by this law. Also there will be no way to stop the real criminals from creating and distributing tools underground. Now everyone still knows what kind of tools are around and will know what to expect.

Tags: crime, freedom, german, law
Posted in General | No Comments »

Wacken

Friday, July 27th, 2007

I’ll be up early tomorrow, Saturday, to take the train with lots of friends to the little town of Wacken in Germany. (Actually, there is no train station in Wacken, so we need to hire a cab someway for the last dozen kilometers)

Sunday morning the camping of the Wacken Open Air festival will open. The festival itself will start on Thursday. I hope to be home again the first Sunday of August.

Posted in General | No Comments »

“Nothing to hide”

Wednesday, July 11th, 2007

In this short essay, written for a symposium in the San Diego Law Review, Professor Daniel Solove examines the “nothing to hide” argument. When asked about government surveillance and data mining, many people respond by declaring: “I’ve got nothing to hide.” According to the “nothing to hide” argument, there is no threat to privacy unless the government uncovers unlawful activity, in which case a person has no legitimate justification to claim that it remain private. The “nothing to hide” argument and its variants are quite prevalent, and thus are worth addressing. In this essay, Solove critiques the “nothing to hide” argument and exposes its faulty underpinnings.

“I’ve Got Nothing to Hide” and Other Misunderstandings of Privacy

Not only is its subject very relevant, the Essay is very well written and a pleasure to read.

Tags: freedom, nothing to hide, security
Posted in General | No Comments »

Xgl with RandR 1.3 and Ati

Monday, June 25th, 2007

You have to add Option "DesktopSetup" "single" to your ati’s Device section in xorg.conf otherwise Xgl will think you’ve got two screens if you’ve got two adapters even if you just use one (which is the case with my Thinkpad) and will miserably fail on the second unattached screen.

Tags: ati, linux, randr, xgl
Posted in General | No Comments »

Graduated

Friday, June 15th, 2007

Today I received a long anticipated phone call from my mentor who took away the doubt and let me know that I graduated for my VWO exams at the Stedelijk Gymnasium Nijmegen, which is a matriculation exam.

With mixed feeling I look back at seven long years. It certainly shouldn’t have took 7 years, nor 6, not even 3. But espacially in my last few years I came to appreciate the tons of very different people with whom I spend the days. A diversity I won’t find in that extend within the students of Maths and Physics which I intend to study next year at the Radboud University in Nijmegen.

For one thing I certainly wouldn’t have want to have missed these last few years. Some say they’re the best of your life. I do really look forward to university, though.

For those interested, I’ve planned an “Examenfeest” with some others in a nice club in Nijmegen. Send me an e-mail if you happen to be in the neighborhood and care to join.

Tags: graduated
Posted in General | 1 Comment »

Upgrading wordpress with git

Thursday, June 7th, 2007

I didn’t like upgrading wodpress much. Everytime I did it, I needed to re-apply all my little tweaks to the new wordpress. It took too much time.

I tried to diff -uNr on the current version I was running and the newer version and then applying the resulting diff to the current version, but it seems wordpress has been backporting changes so I got conflicts, quite a lot of them.

Because I was quite tired of porting my changes, I’ve tried git, the Source Code Managment tool used by the linux kernel, to do it for me:

I did this all in the parent directory of the root of blog.w-nz.com. This folder contains:

htdocs current installation (2.1.2)
2.1.2 the unmodified wordpress
2.2.0 the new wordpress I want to upgrade to

First, I created an empty git repository:

mkdir git; cd git; git init-db; cd ..

Then I copied over the unmodified version of wordpress I was running, and commited them:

cp 2.1.2/* git -R cd git git add * git commit -a -s cd ..

Then I copied over my current installation:

cp htdocs/* git -R git status # lets see what changed

There are lots of files like uploads I want git to ignore, so I edit .gitignore to make git ignore them. There weren’t any files I added though, otherwise I’d had to run git add to let git know.

And let commit my changes:

git commit -a -s

Now, lets go back to the original commit — the clean 2.1.2 wordpress — and start a branch from there:

git checkout HEAD^ # HEAD^ means parent commit of HEAD: the previous commit git checkout -b tmp # create a new branch tmp from here

Now I’m in a branch without my own changes, which was forked from the master branch. Lets apply the new wordpress on this branch:

cd .. cp 2.2.0/* git -R cd git git status # see what changed

git-status showed me that there are a few new files in wordpress 2.2.0, I git-add-ed all of these new files. And then committed it all:

git commit -a -s

Now I’ve got two branches:

master which contains wordpress 2.1.2 with my own changes on top as a commit
tmp which is forked from the wordpress 2.1.2 from the master branch without my own changes but with the 2.2.0 changes on top

What I want to do is to reapply the 2.2.0 changes on top of my current changes’ commit instead of on top of the 2.1.2 commit. To do this, git has a very powerfull util called git-rebase:

git rebase master

This will search down the tree until the point where the current branch (tmp) forked from the target branch (master). Then it will re-apply all commits in between on the latest commit of the target branch.

Just like if I’d use diff/patch I get a merge conflict. git rebase lets me know this and git status shows me which one are these. The one little difference with the diff/patch approach is, that there are way less merge conflicts (git is smarter) and that the merge conflict are way easier to identify and they’re inline in the original files. Not to mention that when I would have fucked up I’d always have a way back.

After I fixed the merge conflict, I git update-index each conflicted file (to tell git it’s resolved) and git rebase --continue-ed.

Now I’ve got my updated wordpress in the git folder. Then I backuped the current, copied over from git and visited wp-admin/upgrade.php and I’m done .

By the way: “I didn’t say Subversion doesn’t work. Subversion users are just ugly and stupid.” — Linus on this Google tech talk.

Sidenote, I switched from Hashcash to Akismet. Hashcash didn’t work anymore and Akismet theoretically should be the best solution because it isn’t based on security by obscurity.

Tags: git, wordpress
Posted in Computer Science, General | 2 Comments »

This is How We Catch You Downloading

Sunday, April 15th, 2007

torrentfreak.com has acquired a document how a british company is tracking down illegal use of P2P: This is How We Catch You Downloading.

Basically they use a modified P2P client which searches for infringing content, download it and if that works and is indeed is the content then they do a whois on your IP and send a infringement notice to your ISP. The best thing is that they claim that this provides enough proof that you really are infringing.

They probably never heard about botnets.

Tags: botnet, p2p, pirating
Posted in General | 1 Comment »

Ruby and parenthesis

Wednesday, April 11th, 2007

Do you prefer

p = Pathaname.new('.').realpath

p = (Pathname.new '.').realpath?

Tags: ruby, syntax
Posted in General | 1 Comment »

C&C 3 on Linux

Sunday, April 1st, 2007

I’ve got Command and Conquer 3: Tiberium Wars running on my Gentoo Linux installation with wine 0.9.34 by following the instructions here. I had to first install it on windows though, and copy the folder for the installer didn’t work, even with Crossover Office.

Except for (very glitchly) video and sometimes a crash everything seems to run. (Didn’t try multiplayer yet though). I had to put all quality settings to lowest, which makes me wonder whether that is my radeon X1400 being not so good as I expected or wine just being slow in emulating Direct3D.

Tags: ati, command and conquer 3, games, linux, wine
Posted in Gaming | 2 Comments »

Watermarking media

Thursday, March 1st, 2007

It seems the new trend of the music industry against piracy is watermarking movies/audio/etc.

Content is water-marked by adding very small (unnoticeable) changes that could store something like a rsa based certificate to identify a given audiotrack.

Originally I thought they’d use it to track down the source of an illegal download. It sounds illogical to me because it’s hard to keep watermarks when format is changed (mp3, ogg and others really do mess up slight unnoticeable differences because otherwise they wouldn’t compress as good). And when someone has got two versions of the same audiotrack one can compare them and find out how something is watermarked.

Maybe the scheme of the industry isn’t that stupid, but the other way around (and a lot more evil). Maybe just sue everyone who hasn’t got a watermark on their movies or mp3.

Luckily a Fair Use bill was passed which they say (haven’t checked) allows fair-use conversion of format of media.

Tags: drm, pirating, watermarking
Posted in General | No Comments »

Reiser4 for linux 2.6.20

Sunday, February 25th, 2007

reiser4-for-2.6.20-0.patch.gz

Big fat warning, when hibernating using suspend2 it seems to corrupt some memory here and there. So don’t hibernate.

Tags: kernel, linux, reiser4
Posted in General | No Comments »

Internal Microphone

Sunday, February 11th, 2007

By accident, I discovered that my thinkpad has got an internal microphone. Now I can get rid of that stupid headset I have to use for skype.

(Yeah, I know macBook’s have got a camera too)

Tags: thinkpad
Posted in General | 2 Comments »

4 inches

Thursday, February 8th, 2007

Today several schools (including miine) stopped early because of ‘heavy’ snowfall. 10cm of snow, that are about 4 inches.

It’s ridiculous.

Tags: snow
Posted in General | No Comments »

Codeyard Community Day

Saturday, February 3rd, 2007

It was fun .

Photo’s

Tags: codeyard
Posted in General | No Comments »

Intel’s free literature

Thursday, February 1st, 2007

I noticed that you are able to order hard-copy’s of Intel’s books on the IA-32, 64 and Itanium architecture. So I did.

Today, a few days later, I received them. They’re very informative thorough and well structured. And, in contrary to other professional literature, you are able to read it without crunching your brains on one jargon-filled sentence. Basically free, dense and easily read books and great references.

So, a big thank you to Intel for this nice free service.

By the way, Itanium seems to really rock. (256 registers, compiler branch prediction, 8-superscalar, etc)

Also, I’ve got no spare room anymore on my desk.

Tags: documentation, intel
Posted in General | 1 Comment »

Hashcash 3.2

Wednesday, January 3rd, 2007

I upgraded to hashcash 3.2. I hope that will stop the new wave of spam I had on this blog. When you’re upgrading yourself, note that now wp-hashcash resides in its own subdirectory in the plugins folder, I didn’t notice that and couldn’t find what was wrong until I noticed the ‘/wp-hashcash/’ bit in the source.

By the way, happy new year!

Tags: hashcash, spam, wordpress
Posted in General | No Comments »

Rotating Beryl cube using HDAPS on a Thinkpad

Wednesday, December 27th, 2006

I hacked together this little ruby script to read the G-measuring device in the Thinkpad’s harddisk (HDAPS) and rotate the desktop cube of Beryl when sudden movement occurs. A bit like what has been done for the MacBook already.

http://w-nz.com/~darkshines/projects/rtollina.rb

GPL, obviously. It’s not really perfect yet. I’ll try to improve it tomorrow and add support for compiz and maybe even make a little widget out of it.

It’s based on code by Fer, which is for Compiz instead of Beryl.

Tags: beryl, cube, hdaps, thinkpad
Posted in General | 1 Comment »

XGL take 2

Wednesday, December 27th, 2006

I tried to get AIGLX to work on my Thinkpad yesterday. AIGLX is an API similar to XGL, but is a better implementation. Unfortunately AIGLX requires implementation by the video-card driver (which is good because it allows more performance), but the proprietary drivers of ati still doesn’t support it. (nvidia’s do, note to myself: get nvidia next time).

So I had to revert to XGL. A lot has changed since the last time I installed XGL. Other gentoo overlays, other windows managers, other hacks.

I used the gentoo-xeffects overlay to get Xgl.

Installing Xgl was a lot more straight forward and less of a problem than it used to be. An emerge and writing a simple startxgl script was enough.

The compiz-quinstorm patchset seems to have evolved to a proper branch of the compositing window manager, now called Beryl. It also includes a nice settings manager now.

Even hibernation and suspend finally seem to work.

A nice screenshot:

One thing left to do: integrate Xgl into xdm.

Tags: compiz, gentoo, xgl
Posted in General | No Comments »

Avoiding multiple lock dead-locks by memory addresses

Monday, December 25th, 2006

Sometimes you need to lock several resources. If you don’t take great care you are likely to get yourself into dead-locks. A simple example with just two lockable resources A and B:

function foo {
  lock A;
  lock B;
  // Do something with A and B
  unlock A;
  unlock B;
}

function bar {
  lock B;
  lock A;
  // Do something different with A and B
  unlock B;
  unlock A;
}

When foo and bar are called at about the same time then there is the change that foo locks A and bar locks B which will make bar wait on foo’s lock on A and vice versa.

Solution: fixed order on memory address
The simplest way to get rid of the deadlock is to always try to acquire a lock on A before on B. A generic solution would be to always lock the resource with the lowest memory address first.

This only works when memory addresses are fixed or that there is an otherwise fixed order-able property.

Intrepid Blog