Archive for February, 2007

Driving Lessons   no comments

Posted at 1:01 pm in Uncategorized

Light and nice. Very British.

http://imdb.com/title/tt0446687/

driving lessons mplayer screenshot

Written by admin on February 27th, 2007

Crypto paranoia   1 comment

Posted at 8:37 am in Security

I’m a sucker for good crypto apps.

Back in the 80’s I used to hide files in C64 using a BASIC script based on substitution cipher.

Then came MS-DOS and PCTools7.

Made lots of batch files using the crypto features of zip and arj.

In the mid-90’s came Zimmerman’s PGP (I still keep my old keys).

I did a few encrypted journals using PGP’s crypto libraries in C.

In Unix I still used PGP and it’s newly incarnated GnuPG (I didn’t trust GPG yet in it’s 0.* versions).

I made my own ARC4 code based on CipherSaber advice.

Played with Perl’s Blowfish/Twofish modules incorporating that into… yes, more private journals.

Installed OpenBSD along with Gentoo.

Then discovered the easeness of A. M. Kuchling’s PyCrypto Toolkit.

Currently my needs have changed, but my love (addiction?!) to crypto is still much alive.

Before Schneier’s PasswordSafe I used to have a list of different passwords for different sites/files that I encrypt with GnuPG.

Now I use KeePass Password Safe for Windows and Keepassx for Gentoo to guard my passwords. They’re all random so I can’t be bothered to remember them all. But I still keep a backup encrypted in GnuPG with a symmetrical key.

I use encrypted filesystems to house my semi-private files. Truecrypt works well for both Windows and Linux. But in Linux I use another system which is EncFS.

I still play with simple crypto systems in my scripts namely substitution ciphers just to scratch an itch every now and then.

And what made me obsessed with crypto? Most probably it’s because of the Cold War period I was born into, and this book that my father kept lying around the house. Plus Wargames and Bladerunner. And a lot of other puzzling things :)

Written by admin on February 22nd, 2007

pretty kde   no comments

Posted at 7:06 am in Uncategorized

I may not use KDE as my desktop, but they sure do make pretty icons in that shop.

kde pretty icons

KDE nuvoX icon theme

Written by admin on February 22nd, 2007

Drive-by Pharming Threat   no comments

Posted at 11:05 am in Security

This is just in on Bugtraq.

Drive-by Pharming

In gist:

“An attacker can create a web page containing a simple piece of malicious JavaScript code. When the page is viewed, the code makes a login attempt into the user’s home broadband router and attempts to change its DNS server settings (e.g., to point the user to an attacker-controlled DNS server). Once the user’s machine receives the updated DNS settings from the router (e.g., after the machine is rebooted) future DNS request are made to and resolved by the attacker’s DNS server. “

– Zulfikar Ramzan of Symantec

Fact: a lot of dsl router/modems have default user/passwords. Users rarely, if ever, change them.

Think about the implication. An attacker controlled DNS server can point *insert your favorite webmail/online banking/online shopping site here* to his own mock-up of the site and no one is wiser.

Written by admin on February 16th, 2007

Top 10 Reasons Why I Don’t Like Desktop Environments   4 comments

Posted at 9:59 am in Uncategorized

*** warning: offensive rant, don’t take seriously, just blowing steam ***

Reasons I don’t like desktop environments (Gnome/KDE):

    1. I started using Unix in 1996 using a 486-dx2 66 with a paperwhite monitor, a 540mb disk and a broken mouse. It was console all the way and I learned a lot from it.
    2. I hate grabbing for the mouse every now and then.
    3. Those DEs are so heavy even on brand new systems.
    4. I can’t get any work done with it.
    5. I feel like a 2 year old kid playing with a toy built to amuse “Windows power users” who had enough of windows’ bugs but still keeps it dual-booted just in case they have the sudden urge to use M$ Word.
    6. If I want to search through a menu — I go to a restaurant.
    7. It’s a Window$ approach and if I want to use Window$ I use Window$.
    8. I love my terminal.
    9. I love fluxbox.
    10. They use these DEs to get window$ users to shift to linux. These users look for window$ capabilities and end up polluting irc channels with questions that has been massively overwritten if they only know how to Google for it.

      Written by admin on February 14th, 2007

      Upgrade Gentoo using another box   no comments

      Posted at 5:06 pm in Uncategorized

      Sync your portage tree

      On your high bandwidth machine, download a recent snapshot here: ftp://ibiblio.org/pub/Linux/distributions/gentoo/snapshots/

      Copy it onto your bandwidth challenged Gentoo box and untar it into /usr/portage.

      Get the links to your distfile upgrades

      # emerge -uDp --fetchonly world 2> /tmp/distfiles.txt

      Download the files on the high bandwidth box

      This step depends entirely on the OS you use. Use any tool you have at your disposal. A good download manager or Cygwin running on an XP box works fine.

      Upgrade your Gentoo box

      Copy the tarballs you got into /usr/portage/distfiles/ then do a

      # emerge -uD world

      Other solutions
      # get required URLs
      emerge --pretend --fetchonly --update world 2> list.txt
      # convert URL list to wget format
      cat list.txt | sed 's/\shttp:/\nhttp:/gi' | sed 's/\sftp:/\nftp:/gi' > wgetlist.txt
      # get 'em
      wget -i wgetlist.txt -nc

      Written by admin on February 2nd, 2007