Sunday, March 15, 2015

Setting up Attic backup under Windows

Out of all online backup tools, my favorite by far is Attic. It has some unique features, which are hard to come by:

  • Deduplication - every backup stores only fragments which were not already stored. It is extremely sweet for online backups. Not only fragments of non-changed files are not backed up, but also ANY fragments. Which means, files copied, folders renamed - no problem. You can store 100 copies of the same file, and it will only store it once. You can store live image of virtual machine, and it will only be stored once. Sweet.
  • Built-in SSH compatibility, which means: can backup over SSH to any server which has SSH access. In other words: here's a good use for VPS servers. With some shopping around, $10/month could get you half-terabyte storage.
  • Pre-Internet encryption: data could be encrypted before it goes out to storage. Thank you NSA for teaching us we need to not trust our own ISP.
  • Open source - not that anyone does it, but nevertheless - code is inspectable.
Those of us, who have not switched to Linux are of course deprived from this sweetness, so lets get that fixed now. Using following instructions, you can get attic running under windows.

Platform

Attic will be running from cygwin. There are are two modes you can run it in: 32 and 64-bit. It is possible to run attic in either, however I would strongly recommend 64-bit installation where possible.

Required Packages

You need at least following packages to be installed in order to be able to install attic:

  • python3
  • python3-setuptools
  • gcc-g++
  • curl
  • openssh
  • git
  • openssl-devel
Installing cygwin would take some time, so fire it up and grab coffee.

Installation

We will now install pip tool, compile necessary packages, download attic source code modified for cygwin compatibility from git, and install it

Pip and Cython tool

Install pip:
easy_install-3.2 pip
Then, you need to install Cython package:
$ pip install Cython

Get, compile and install Attic

Original Attic project was modified by CogPy to give it cygwin compatibility. The changes he introduced allowed using getfacl/setfacl tools in order to store ACLs. Unfortunately, this caused the tool to be very slow, because for every file it works on, there is a process spawned. I modified that project, removing that feature, so in its current incarnation, no ACLs are stored. The project code is currently kept in https://github.com/galets/attic .

$ cd /tmp
$ git clone https://github.com/galets/attic
$ cd attic 
$ git checkout win32
$ python3 setup.py install

Testing Installation 

Run following commands to test the installation:

$ attic init /tmp/test-repository
Initializing repository at "/tmp/test-repository"
Encryption NOT enabled.
Use the "--encryption=passphrase|keyfile" to enable encryption.
$ attic create /tmp/test-repository::first-backup /var
Initializing cache...
$ attic list /tmp/test-repository/
first-backup            Sun Mar 15 16:33:18 2015
That is it. You are ready to do your own off-site and on-site backups using attic on windows





Saturday, December 6, 2014

Asymmetric encryption for C++

I have quite a few uses for my AsymmetricCrypt project myself, but not a gread deal of adoption from others. I think the big barrier to adoption is that it requires .NET framework, which means it cannot be directly used in embedded devices and such. In order to address that problem, I have started the C++ implementation of the same tool, which is now in C++ and uses OpenSSL. This makes it possible to compile and use the tool in mobile phones, linux security cameras, etc.

Sunday, November 24, 2013

Secure your online files with asymmetric encryption

One of the greatest benefits of asymmetric encryption is that it allows you to keep encryption and decryption keys separate from each other. In other words, the key, which was used to encrypt the data cannot be used to decrypt it.

Why is that useful? Imagine you are running online backup. Pretty much every online backup facility allow you to generate your own encryption key, but this key is symmetric. Which means, that attacker could take your computer and extract that key. Another scenario: lets imagine one is archiving recordings from a security camera, and does not want government to be able to view those recordings without his consent (yes, this is about NSA). If symmetric key, such as password is used, it is possible to confiscate the device, and all files will be as good an unencrypted.

However, when files are encrypted using asymmetric encryption, this problem is mitigated by supplying public key to device and keeping private key safe. Public key will be used to encrypt data, but it will not be possible to decrypt data with it. This way government, malware, or hackers could pwn your computer, but they will not have the private data.

I recently was struggling to find a tool, which allows me to do just that. Part of the problem is that with widely popular RSA algorithm, only a very small amount of data could be encrypted. Also, encrypting data with RSA is very slow. It is therefore necessary to chain RSA to a symmetric algorithm, such as AES to get the best of both worlds. This is how your browser protects the session.

As I mentioned before, I couldn't find the tool to perform such task online. I therefore decided to write one myself. It is a console application, code of which could be found here: https://github.com/galets/AsymmetricCrypt . It is a console application, and it has four modes of operation:

  1. Generate key
  2. Extract public key which you could then use on untrusted machines
  3. Encrypt using public or private key. Obviously, it makes sense to use public key at this point. The tool will nicely pack all necessary data into a single file
  4. Decrypt. Naturally, this will only work if you have private key.
If you find this tool useful, I would be curious to know how you use it. Please post your use case here. I could also use some support, if you got some bitcoins you wish to tip me with, I will gladly accept at 175iyCxfHoD76GaL2Ms3MN8Qhrwe2R6U2r.

Tuesday, September 10, 2013

I am REALLY sick of junk mail

I feel for USPS for losing money, I really do. Mainly, because it's my money that they are losing. But their methods for getting them back are mildly speaking unacceptable.

Every week I'm getting pile of crap, which I have to dispose, which USPS is being paid for. Not just that, but the others are on the wagon. "To current resident". "To our friends". Who the hell is your friends? I'm anything but a friend to annoying spammer.

The biggest problem here, aside from annoyance is that someone makes $$$ by wasting other people's time. That really is a form of theft. Even though it's not illegal, they do waste time of many-many people, and none of them is compensated a dime. But someone does pocket a check for that activity, otherwise it would not be going on.

To add insult to injury they started bulk-mailing me newspaper-print magazines, which cannot even be conveniently carried to a trash box, because they shed the leaflets, like it's fall here. Or, maybe it is fall, I don't give a damn, they are not birches anyway.

So, I print a sticker and put it into a mailbox, which asks postman (politely) to stop dropping junk into my mailbox. The next day - another magazine.

Here's what I'm going to do next: I printed a bunch of labels, which I'm going to carry with me in my car at all times now. Every piece of junk will get one and go straight back to the outgoing mailbox:

UNWANTED: RETURN TO SENDER
Sender: This household charges for disposal of the unsolicited 
mail. Stop mailing us junk. By continuing to send unsolicited 
mails you agree to be billed up to $50 per page.

Do I expect anyone to pay $50/page? No. I expect postman to get annoyed and stop delivering junk to me. But maybe some of the "advertisers" get the message as well.

If you feel the same way as I do, go ahead, download the PDF, or the ODT, print the stickers and go ahead send the message to your local spammers. They are for Avery 48862 templates, the cheapest one I could get in walmart.


Saturday, February 2, 2013

Fix HDMI Overscan without Catalyst

If you hook up your screen using HDMI cable, you will often get annoying borders and distorted graphics due to so-called "overscan". This technology is used with screens that were produced somewhere around stone age and use CRT technology. CRT tube will cut off sides from the picture, effectively removing all or some of taskbar and start menu. Hence, to compensate for that, they artificially squeeze picture to make sure all of it fits. Usually, overscan will eat up to 15% of the screen.

Screens produced after stone age usually have LCD panels with exactly as many pixels as they can display, so the overscan technology is no longer needed. But for compatibility, manufacturers still support it and even make it default.

Micrtosoft supplies drivers for my ATI graphics card. I really do not want any other software. Only thing I must have which they don't let me configure is disable annoying overscan. I found this article, which didn't help me, but gave me an idea what to do:


  1. Go to regedit, navigate to HKLM\SYSTEM\CurrentControlSet\Control\Video.
  2. Locate a GUID with 0000, 0001, 0002 entries that has a bunch of values underneath
  3. Set following values:
    TVEnableOverscan: DWORD = 0
    DigitalHDTVDefaultUnderscan: DWORD = 0

Screenshot of my regedit
I didn't have DigitalHDTVDefaultUnderscan in that registry key, so I had to create it. Once I crated it and rebooted, screen which was connected to HDMI started working properly.

Tuesday, January 15, 2013

Fix Proximity Sensor on Samsung S III

I recently swapped a screen on my S3 using heat-and-unglue method, and I have been mostly satisfied with results, except for one thing: when I call someone, screen was going dark and never turning back on, so not only I could not press any buttons on the phone, but there was not even a way to hang up.

Needless to say, I was unhappy.

I figured out what happens using xda-developers. Apparently, the phones have so-called "proximity sensor", which they use to determine if you are holding the phone next to your ear. When you cook it during lens swap, or when the screen is generally dirty, you get it to misfire.

Proximity Sensor

You can test what proximity sensor thinks about the distance by enabling hidden menu (enter number *#22745927 in dialer), then *#0*#, then click on "Sensors". Look the number in "Proximity Sensor" section, and see how it changes when you bring your hand close to the sensor. When ADC is less than 14, proximity is zero, after that it is one.

My sensor was always showing ADC of 16 or more. That is the problem, which I could not fix even by replacing sensor. I was able to get ADC down to 12, but this barely worked, because a hand even near a phone, while in the call caused screen to turn off, which is annoying to say least. I compared it with my wife's SIII, and it was 1 to 2, depending on lighting, so the problem was clearly in the sensor. But I had a new one!!!

After several days of looking for solution, I got an idea. There are two openings. It is probably because light is emitted from one opening, and (when your ear is close to the phone) gets reflected into a second one. What could go wrong? Screen could be slightly dislocated, and then the light will hit the dark spot between openings and get reflected into receiver, even when no ear is close to the sensor. How could this be resolved? Apparently very easily: put some black rubber paste or dough in between emitter and receiver, and the light will be blocked.

This solution worked for me so amazingly well, that I decided to publish some pictures, demonstrating the process.

Unscrew the last one and carefully pry out the sensor


Put some BLACK paste or dough. NOT TOO MUCH!!! Make sure you don't  smear any on the windows

Your mileage may vary, but after I reassembled the phone, ADC stays around 2 at all times. It is amazing. I was expecting a small effect, but the problem was gone completely.

PS: Oh, and for what it's worth, here's the compound I used to separate light from receiver. As I said, you can be good with probably just about anything, this just happened to lay around.




Saturday, November 3, 2012

Why You Should Stay Away From SimpleMobile

Introduction


I have switched to SimpleMobile, and wanted to share some thoughts, why I would have never done it, if I knew what I know now. I hope that this post will display to the community, what a bunch of stupid a-holes this SimpleMobile folks are, and hopefully prevent a few customers from making uninformed decision, that they would later on regret.

First, how I got sold on it. I used to be on PagePlus Talk n Text 1200 plan, which I consider is a great value for $30/month. The only problem I had with it was too little data. I often use my phone for all kinds of stuff, and I found it hard to stay within allocated 100 MB. One time I was attending an event, and there was no wifi. The fact that I had to save data was unsettling, and I decided it is time to shop for something else.

SimpleMobile with its $40 unlimited everything plan came in beautifully. Not only I could be doing all I was doing previously, but also listen to Pandora and even YouTube.

A month later I figured I should probably go even up a tier and for $10 more get a 4G plan.

What happened next

One day, at the end of billing month I started noticing that YouTube is lagging. At first, I discounted it to bad reception and/or being in a crowded space, where a lot of other handsets are competing for the bandwidth, but then I decided to measure the speed. To my great surprise, I saw download speeds matching exactly the times I have been on 3G:



Notice the graph in the lower left corner, it is flat. That's a pretty strong indication that bandwidth is throttled. In the natural situation you will never get such consistent bandwidth. Needless to say, I was unhappy. I called customer service and complained that my speed is throttled. A guy replied that no, it isn't, I am getting all I'm paying for, and 4G speeds are only available if I use blackberry anyway. He said, if you use phone as a wifi hotspot and "use Internet properly", they will not throttle. When I asked him to define what "properly" means, he couldn't tell, but indicated there is no warnings and such on my account, so I should be good.

I couldn't argue with such convincing arguments and decided to try measuring the speed later, and got the same 240 kbps speeds with same flat bandwidth graph, so I decided to write an email to support, hoping it would reach somebody who actually knows what he's talking about. Here's what I wrote:

Hi,

My phone number is ***-***-****. I have switched to 4G plan 2 months ago, and was able to experience 4G speeds on my phone, which is: samsung galaxy S 4g.

I have a history of speed measurements in front of me and here are download speeds:

9/04/12: 2681 kbps
9/13/12: 1982 kbps
9/13/12: 1597 kbps
9/23/12: 2438 kbps
10/19/12: 3789 kbps

lately, I started getting EXACTLY 230-240 kbps, on every measurement. This is exactly the speed, that I was getting on 3G plan, before I switched to 4G.

Please, see the screenshot attached. Please see the graph for network speed. The top of it is completely flat. That tells me that the speed limit is not caused by a natural radio interference, which is always variable, but that it is rather limited artificially by you. Also, I do recognize the flat top pattern, which is consistent with the one I saw when I was on 3G plan.

I have contacted technical support. The support person made no sense to me. He stated that 4G speeds could only be achieved on blackberry. This is plain false. I could demonstrate you that I have been getting 4G speeds previously, and then they were turned off. Tech support person assured me that you have no policy of limiting speed to 3G after certain data transfer threshold was reached, which was a basis for my decision to switch to 4G plan. If you indeed have that policy behind the scenes, then it is fraudulent for you to advertise otherwise.

I am requesting thorough investigation, based on what my speed was limited, and I also request that you train support personnel to resolve such issues in meaningful manner, instead of providing obviously false information to customers, like we are stupid. If there are thresholds after which you are switching speeds to 3G, I request that you make that information public
I was surprised to get a call-back from a tech support a couple of hours later. He asked me what exactly is my phone, and what frequencies it supports. I googled "Samsung Galaxy 4G" for him and read all I could find. He was not happy with what I told him and said, that in order to get 4G speeds the phone must support "4G on 1700MHz", and that he is not convinced that my phone does support it. The fact that it is a T-Mobile 4G phone did not convince him either. So I played my joker. I said: "I have been able to get higher throughput on that phone on multiple occasions in the past, does that mean anything to you?". His answer was: "At first it was able to get 4G speeds because handsdet didn't KNOW it does not support 4G. But then SIM card recognized that phone is not 4G capable and slowed down to 3G speeds. We are having exactly same issues with iPhones". I felt like I am talking to deranged person, so I asked him to leave me a notice in email, so that I could do more research on it. Here's his note:
Thank you for your interest Simple Mobile. We are responding to your recent inquiry.
We were able to speak with you on October 28, 2012 (9:25 PM EST) at ***-***-****. You were informed that the reason that your data speed runs only with 3G is because your phone is not a supported handset for 4G speeds.
We understand that you were able to use the 4G speed these past few months. You were informed that this case is similar with our iPhone users. During activation, the network does not know the phone model the SIM card is inserted into. The network sends data throughput through multiple frequencies in order to determine the frequency the handset is running into. Once the network realizes that the handset does not work with 1700 MHz bands, it sends the appropriate data speed which is 2G.
It made no sense to me, but I asked for an advice anyway. In conjunction with this thread, it all started to make sense now. The plans were never unlimited. According to the data I got from Internet, both minutes and data are capped, and SimpleMobile would start throttling you once you reach data cap at 2 GB. What is even more preposterous, is that they will turn data off completely when you reach 2.5 GB. I could not find a reliable information on what the minute cap is. Looking at my usage, it is pretty plausible that the issues I started seeing happened right after I exceeded a 2000 threshold:


A few days later...

New billing cycle, and sure as hell, the 4G speeds came back:



I contacted support one more time, pointing out, that they lied to me, two times. After a few emails back and forth, they explained me, that apparently I have been told about the caps all along, because I accepted Terms and Conditions, which says:
It states in the Terms and Conditions, Section 25, Paragraph 2, “To provide a good experience for the majority of our customers and minimize capacity issues and degradation in network performance; we may take measures including temporarily reducing data throughput for a subset of customers who use a disproportionate amount of bandwidth.”
No admission on what the limits are. So, not only there is a cap, but they will not even tell you, how much is too much. So, you could be capped at any time, as they please. Very convenient for SimpleMobile, not so much for their customers.

Sue their ass?

That's the first thing that comes into my head. And I am not somebody who believes in judicial system at all. I'm just a pissed off person. Look at their web site front page:




No limits. I went through the whole web site and found not even a slight mentioning that limits apply. And it's not even about the limits. Indication is that they would actually disconnect data completely and you could get a surprise of being stuck without data when you need it most

And it's not all. Two calls with tech support. Both times I was given the most outrageous lies, that don't even make sense. I was treated like an idiot, that's what is most insulting in the whole story.

So, I look at the terms and conditions of service, and figure out that they came well prepared for pissed off customers. Here's what I am reading:

  • ANY AND ALL CLAIMS OR DISPUTES ... WILL BE RESOLVED BY BINDING ARBITRATION, RATHER THAN IN COURT
  • WE MAY LIMIT, SUSPEND OR TERMINATE YOUR SERVICE OR AGREEMENT WITHOUT NOTICE FOR ANY REASON, INCLUDING, WITHOUT LIMITATION
  • WE EACH AGREE THAT ANY DISPUTE RESOLUTION PROCEEDINGS, WHETHER IN ARBITRATION OR COURT, WILL BE CONDUCTED ONLY ON AN INDIVIDUAL BASIS AND NOT IN A CLASS OR REPRESENTATIVE ACTION OR AS A MEMBER IN A CLASS, CONSOLIDATED OR REPRESENTATIVE ACTION
  • If a claim proceeds in court rather than through arbitration, WE EACH WAIVE ANY RIGHT TO A JURY TRIAL. 

That pretty much precludes any customer of their to sue them for damages, as well as doing what is absolutely appropriate in this situation: class action lawsuit. Again, I repeat myself: as a damaged party, I do not expect to get a material satisfaction from this, courts can not provide this. I would be, however, satisfied if SimpleMobile comes clean on their caps, stops making claims that the service they provide is "unlimited talk, text and 4g high speed web", and prohibits their support personnel from making outrageous false statements. The latter irritates the heck out of me.

Summary

So if you are not convinced that SimpleMobile should be avoided, consider this: 2 GB data cap is not a lot of data. $40 or $50 a month for 2 GB is not such a good deal, especially when insulting your intelligence is added as a free bonus

There may also be a cap on the minutes and text, we do not know how high, but the problem here that it will be a surprise disconnect, they don't tell you how much is too much. If you got the phone plan for your teenager kid, hoping that he would be able to always call you, no matter how many minutes does (s)he spend, (s)he might not.

As an alternative, you might want to look at the following plans:

* T-Mobile Unlimited Web & Text with 100 Minutes Talk. First 5GB at up to 4G speeds.
* PagePlus Cellular The 55 plan. 2 GB of data.
* VirginMobile offers Beyond Talk plans for $35 and $45.
* Ting offers plan with variable spending, where you only pay for what you use.
* Republic Wireless offers $20/month unlimited everything plan, however phone selection is limited and you must use wifi when you are at home, which sounds like as fair deal.

I do not personally endorse any above-mentioned plans, and always do your research before ordering. If you skip on research, you might get a case of buyers remorse.

Like I did.