Wednesday, April 22, 2015

Uber

If you find this blog interesting (granted I'm not posting too often), please reward me as well as yourself with some free Uber credit. Sign up for the Uber service using this link, and we both get $20 in free rides.

If you got no Uber account, I can't see why not.

Sunday, March 15, 2015

Setting up Attic backup under Windows

Out of all online backup tools, my favorite by far is Attic. It has some unique features, which are hard to come by:

  • Deduplication - every backup stores only fragments which were not already stored. It is extremely sweet for online backups. Not only fragments of non-changed files are not backed up, but also ANY fragments. Which means, files copied, folders renamed - no problem. You can store 100 copies of the same file, and it will only store it once. You can store live image of virtual machine, and it will only be stored once. Sweet.
  • Built-in SSH compatibility, which means: can backup over SSH to any server which has SSH access. In other words: here's a good use for VPS servers. With some shopping around, $10/month could get you half-terabyte storage.
  • Pre-Internet encryption: data could be encrypted before it goes out to storage. Thank you NSA for teaching us we need to not trust our own ISP.
  • Open source - not that anyone does it, but nevertheless - code is inspectable.
Those of us, who have not switched to Linux are of course deprived from this sweetness, so lets get that fixed now. Using following instructions, you can get attic running under windows.

Platform

Attic will be running from cygwin. There are are two modes you can run it in: 32 and 64-bit. It is possible to run attic in either, however I would strongly recommend 64-bit installation where possible.

Required Packages

You need at least following packages to be installed in order to be able to install attic:

  • python3
  • python3-setuptools
  • gcc-g++
  • curl
  • openssh
  • git
  • openssl-devel
Installing cygwin would take some time, so fire it up and grab coffee.

Installation

We will now install pip tool, compile necessary packages, download attic source code modified for cygwin compatibility from git, and install it

Pip and Cython tool

Install pip:
easy_install-3.2 pip
Then, you need to install Cython package:
$ pip install Cython

Get, compile and install Attic

Original Attic project was modified by CogPy to give it cygwin compatibility. The changes he introduced allowed using getfacl/setfacl tools in order to store ACLs. Unfortunately, this caused the tool to be very slow, because for every file it works on, there is a process spawned. I modified that project, removing that feature, so in its current incarnation, no ACLs are stored. The project code is currently kept in https://github.com/galets/attic .

$ cd /tmp
$ git clone https://github.com/galets/attic
$ cd attic 
$ git checkout win32
$ python3 setup.py install

Testing Installation 

Run following commands to test the installation:

$ attic init /tmp/test-repository
Initializing repository at "/tmp/test-repository"
Encryption NOT enabled.
Use the "--encryption=passphrase|keyfile" to enable encryption.
$ attic create /tmp/test-repository::first-backup /var
Initializing cache...
$ attic list /tmp/test-repository/
first-backup            Sun Mar 15 16:33:18 2015
That is it. You are ready to do your own off-site and on-site backups using attic on windows





Saturday, December 6, 2014

Asymmetric encryption for C++

I have quite a few uses for my AsymmetricCrypt project myself, but not a gread deal of adoption from others. I think the big barrier to adoption is that it requires .NET framework, which means it cannot be directly used in embedded devices and such. In order to address that problem, I have started the C++ implementation of the same tool, which is now in C++ and uses OpenSSL. This makes it possible to compile and use the tool in mobile phones, linux security cameras, etc.

Sunday, November 24, 2013

Secure your online files with asymmetric encryption

One of the greatest benefits of asymmetric encryption is that it allows you to keep encryption and decryption keys separate from each other. In other words, the key, which was used to encrypt the data cannot be used to decrypt it.

Why is that useful? Imagine you are running online backup. Pretty much every online backup facility allow you to generate your own encryption key, but this key is symmetric. Which means, that attacker could take your computer and extract that key. Another scenario: lets imagine one is archiving recordings from a security camera, and does not want government to be able to view those recordings without his consent (yes, this is about NSA). If symmetric key, such as password is used, it is possible to confiscate the device, and all files will be as good an unencrypted.

However, when files are encrypted using asymmetric encryption, this problem is mitigated by supplying public key to device and keeping private key safe. Public key will be used to encrypt data, but it will not be possible to decrypt data with it. This way government, malware, or hackers could pwn your computer, but they will not have the private data.

I recently was struggling to find a tool, which allows me to do just that. Part of the problem is that with widely popular RSA algorithm, only a very small amount of data could be encrypted. Also, encrypting data with RSA is very slow. It is therefore necessary to chain RSA to a symmetric algorithm, such as AES to get the best of both worlds. This is how your browser protects the session.

As I mentioned before, I couldn't find the tool to perform such task online. I therefore decided to write one myself. It is a console application, code of which could be found here: https://github.com/galets/AsymmetricCrypt . It is a console application, and it has four modes of operation:

  1. Generate key
  2. Extract public key which you could then use on untrusted machines
  3. Encrypt using public or private key. Obviously, it makes sense to use public key at this point. The tool will nicely pack all necessary data into a single file
  4. Decrypt. Naturally, this will only work if you have private key.
If you find this tool useful, I would be curious to know how you use it. Please post your use case here. I could also use some support, if you got some bitcoins you wish to tip me with, I will gladly accept at 175iyCxfHoD76GaL2Ms3MN8Qhrwe2R6U2r.

Tuesday, September 10, 2013

I am REALLY sick of junk mail

I feel for USPS for losing money, I really do. Mainly, because it's my money that they are losing. But their methods for getting them back are mildly speaking unacceptable.

Every week I'm getting pile of crap, which I have to dispose, which USPS is being paid for. Not just that, but the others are on the wagon. "To current resident". "To our friends". Who the hell is your friends? I'm anything but a friend to annoying spammer.

The biggest problem here, aside from annoyance is that someone makes $$$ by wasting other people's time. That really is a form of theft. Even though it's not illegal, they do waste time of many-many people, and none of them is compensated a dime. But someone does pocket a check for that activity, otherwise it would not be going on.

To add insult to injury they started bulk-mailing me newspaper-print magazines, which cannot even be conveniently carried to a trash box, because they shed the leaflets, like it's fall here. Or, maybe it is fall, I don't give a damn, they are not birches anyway.

So, I print a sticker and put it into a mailbox, which asks postman (politely) to stop dropping junk into my mailbox. The next day - another magazine.

Here's what I'm going to do next: I printed a bunch of labels, which I'm going to carry with me in my car at all times now. Every piece of junk will get one and go straight back to the outgoing mailbox:

UNWANTED: RETURN TO SENDER
Sender: This household charges for disposal of the unsolicited 
mail. Stop mailing us junk. By continuing to send unsolicited 
mails you agree to be billed up to $50 per page.

Do I expect anyone to pay $50/page? No. I expect postman to get annoyed and stop delivering junk to me. But maybe some of the "advertisers" get the message as well.

If you feel the same way as I do, go ahead, download the PDF, or the ODT, print the stickers and go ahead send the message to your local spammers. They are for Avery 48862 templates, the cheapest one I could get in walmart.


Saturday, February 2, 2013

Fix HDMI Overscan without Catalyst

If you hook up your screen using HDMI cable, you will often get annoying borders and distorted graphics due to so-called "overscan". This technology is used with screens that were produced somewhere around stone age and use CRT technology. CRT tube will cut off sides from the picture, effectively removing all or some of taskbar and start menu. Hence, to compensate for that, they artificially squeeze picture to make sure all of it fits. Usually, overscan will eat up to 15% of the screen.

Screens produced after stone age usually have LCD panels with exactly as many pixels as they can display, so the overscan technology is no longer needed. But for compatibility, manufacturers still support it and even make it default.

Micrtosoft supplies drivers for my ATI graphics card. I really do not want any other software. Only thing I must have which they don't let me configure is disable annoying overscan. I found this article, which didn't help me, but gave me an idea what to do:


  1. Go to regedit, navigate to HKLM\SYSTEM\CurrentControlSet\Control\Video.
  2. Locate a GUID with 0000, 0001, 0002 entries that has a bunch of values underneath
  3. Set following values:
    TVEnableOverscan: DWORD = 0
    DigitalHDTVDefaultUnderscan: DWORD = 0

Screenshot of my regedit
I didn't have DigitalHDTVDefaultUnderscan in that registry key, so I had to create it. Once I crated it and rebooted, screen which was connected to HDMI started working properly.

Tuesday, January 15, 2013

Fix Proximity Sensor on Samsung S III

I recently swapped a screen on my S3 using heat-and-unglue method, and I have been mostly satisfied with results, except for one thing: when I call someone, screen was going dark and never turning back on, so not only I could not press any buttons on the phone, but there was not even a way to hang up.

Needless to say, I was unhappy.

I figured out what happens using xda-developers. Apparently, the phones have so-called "proximity sensor", which they use to determine if you are holding the phone next to your ear. When you cook it during lens swap, or when the screen is generally dirty, you get it to misfire.

Proximity Sensor

You can test what proximity sensor thinks about the distance by enabling hidden menu (enter number *#22745927 in dialer), then *#0*#, then click on "Sensors". Look the number in "Proximity Sensor" section, and see how it changes when you bring your hand close to the sensor. When ADC is less than 14, proximity is zero, after that it is one.

My sensor was always showing ADC of 16 or more. That is the problem, which I could not fix even by replacing sensor. I was able to get ADC down to 12, but this barely worked, because a hand even near a phone, while in the call caused screen to turn off, which is annoying to say least. I compared it with my wife's SIII, and it was 1 to 2, depending on lighting, so the problem was clearly in the sensor. But I had a new one!!!

After several days of looking for solution, I got an idea. There are two openings. It is probably because light is emitted from one opening, and (when your ear is close to the phone) gets reflected into a second one. What could go wrong? Screen could be slightly dislocated, and then the light will hit the dark spot between openings and get reflected into receiver, even when no ear is close to the sensor. How could this be resolved? Apparently very easily: put some black rubber paste or dough in between emitter and receiver, and the light will be blocked.

This solution worked for me so amazingly well, that I decided to publish some pictures, demonstrating the process.

Unscrew the last one and carefully pry out the sensor


Put some BLACK paste or dough. NOT TOO MUCH!!! Make sure you don't  smear any on the windows

Your mileage may vary, but after I reassembled the phone, ADC stays around 2 at all times. It is amazing. I was expecting a small effect, but the problem was gone completely.

PS: Oh, and for what it's worth, here's the compound I used to separate light from receiver. As I said, you can be good with probably just about anything, this just happened to lay around.