Ruby on Rails: gem install versus apt-get
UPDATE: Thanks to Ryan, Ant and Fern for the tips. With that in mind I found an online Slicehost tutorial that contained the steps and explained how to install ruby via apt-get, then get the latest rubygems, install that manually, ran gem to update itself, then run gem to install rails – as suggested. The steps I took from that page:
(more…)
How to become a hacker
The Glider: A Universal Hacker Emblem
There has long been a movement in the geek community to expunge the negative thoughts attached to the word hacker, the image to the right The Glider, being one of the latest and most visible. In the beginning there were hackers (people who worked on computers, programmed and made things work) and crackers (people who would use computers for nefarious purposes, crimes, viruses, etc), these were two distinct camps, with some miscreants jumping the fence back and forth to confuse the issue. Regardless, somewhere along the way popular culture (movies, news, your teachers probably) began to equate hacking as being the bad, crime ridden activity that cracker was supposed to cover. I think it’s a moot point now, as even my Dad was shocked when he learned my annual DefCon trip is billed as “largest hacking conference in the world”. I gave him the above explanation, but I’m unsure if he really believes it. Regardless, the original “How to become a hacker” paper written by Eric S Raymond is always cited as the quintessential word on the use of the word hacker. I found it mirrored online, and it’s a worthwhile read if you have any interest in the topic, or want to cement your own views of your hobby. For now, if you don’t want to read the entire verbiage, here’s the intro to learn and take with you. (more…)
HOWTO: create a pidfile for a startup script
On the monit mailing list today someone asked how they could monitor a process that didn’t have a pidfile associated with it. Without thinking I jotted this down, there’s likely a better way, but this should work and may be all I need for some init.d scripts for a couple of apps on ramon (the home server). In the the beginning of the startup script, define the PIDFILE with the path and the cmd followed by the pid suffix and then just dump the PID number from the ps output into it:
export PIDFILE=/var/run/${1}.pid
ps -fe | grep ${1} | head -n1 | cut -d" " -f 6 > ${PIDFILE}Once this is done, monit can monitor it just like it monitors any other process with a PID. Later, for a shutdown hook, nuke the PIDFILE on the way out.
if [ -f ${PIDFILE} ]; then
rm ${PIDFILE}
fi
### rest of shutdown ###
exit 0I think that should do it, anyone see a problem with that / a better way?
crash Internet Explorer with a link
I thought the days of crashing IE with just some malformed code were over, apparently not. I just takes a misplaced wildcard in a style declaration to send it down.
<style>*{position:relative}<
This took out IE on my work computer which is fully patched. I’ve read that people running IE under Wine in Linux have it crash as well, so it’s certainly app dependant. For those of you playing at home, just click here to try it for yourself. Extra credit if you actually save the file on your windows machine and then try to open it within Windows Explorer! Enjoy.
Security researcher Dan Kaminsky
Dan Kaminsky is a 7 year veteran of Black Hat and Defcon in Vegas, and he was pretty much a fixture when I was there last year. His performance during Friday nights’ TCP/IP drinking game was hilarious, and his talk the next morning even more so. This year he’s presenting info on the under addressed issues dealing with Web 2.0 and its inherint in-security. “He’s looking at design bugs, which he cautions are not the same as pure vulnerabilities: “The system is doing exactly what it was built to do… People expect it to authenticate silently, and have a port open for everyone. But they don’t expect the bad guy to use it to do something malicious.” He worries about DNS rebinding, an example of a design flaw that can have serious consequences if manipulated nefariously. “I’m working on code that, if you come to my Website, I get to treat your browser as a VPN concentrator and browse your corporate network — with whatever magic IPsec credentials your machine has, incidentally.” Hmmm…interesting stuff for sure, and not something most web designers are thinking of as the write some more javascript to make a button draggable on the client’s homepage. I go to Defcon to hear thoughts and ideas like his, to learn from some very smart people that make me think in ways I never have before. I found a nice example on his site from a talk at Black Hat he did last year, taking a look at different ideas on how to rethink patterns in order to recognize data flows. He shows how different files, music, data and even written documents give up their internal stucture when viewed using DotPlots to visualize patterns within. Seeing how we can recognize patterns better than a string of HEX makes sense, but he presents very interesting/thought provoking examples. Very cool stuff, see ya tomorrow in Vegas.
Defcon15: new variant of Evil Twin to be revealed
Defcon is almost here, and now I have a highlight planned for Saturday: AirTight Networks will be revealing a new varient of Evil Twin. Evil Twin has been known about longer that I was aware; basically it’s someone running a laptop in a wifi hotspot (like a coffee shop) that impersonates the hotspot’s access point (AP) so that unknown customers connect there instead of the real hotspot. After that it’s up to the attackers imagination, but the best ploy would be to pass packets along to the real hotspot, while logging everything that the customer sends/receives via wifi. AirTight will, “…reveal the discovery of a more potent variant of Evil Twin (which Airtight has labeled MultiPot) against which the prevalent defenses, in particular deauth based session containment, are totally ineffective. A demonstration of MultiPot threat will be provided at the end of the presentation“. Wow, this is going to be cool, hopefully they’ll include some code for the ’sploit so I can do a proof of CONcept on it. Wifi security is going to become a bigger and bigger problem to focus on as more and more people get wireless (and leave their router unsecured at home…hello?)
Confessions of SpammerX
A former spammer comes forth to tell his story, an amazing look at how easy something like this is to get away with. “Ed,” a retired spammer, built a considerable fortune sending e-mails that promoted pills, porn and casinos. At the peak of his power, Ed says he pulled in US$10,000 to $15,000 a week, storing the money in $20 bills in stacks of boxes.“ In his last year he pulled in $480,000.
Moozaget: search for music online
Ah, just what I need, another new way to get more music online; Moozaget. This one seems to employ a special search with specific options that I used to have bookmarked, for example it will search for “Index of” servers, in other words ones without websites, just a bare directory listing. If you do a similar search on Google you’re clogged with fake sites, misleading meta words and porn links. It seems they’ve just created a search for mp3s that uses Google’s Search API to filter out the junk. Nice. You can do all sorts of this kind of stuff, looks like someone took this to cover all types of files on Searchable. Only thing is that leads curious/nefarious folks like me to search for things like “passwords list” and come up with stuff like this and this pretty quickly. If I didn’t have a job I’d have more time to poke around in stuff like this. Moral is, everything can be searched for if it is (or if it has been) on a system that has internet/web access. Wake up and smell the coffee.
Defcon15
Oh yeah, I’m going to Defcon again this year, just found out this Friday for sure. It’s August 3rd – 5th, in Las Vegas, and this year it’s all paid for by my new consulting group; what a great thing. I argued that I would learn so much more there than any class, for a fraction of the cost; and I will. More on this later.
HOWTO: failed to set xfermode [SOLVED]
UPDATE: thanks to a comment below from Ted, we now have a solution to have this option persist across kernel updates. In grub, “…at the end of this new menu item add it as an argument to the line:
defoptions=quiet splash irqpoll
I knew there had to be a way, thanks for the post Ted!
There’s a known bug in Ubuntu 7.04 (Feisty) with some ata detection routine that causes the system to take over 2 minutes to boot. Since this has happened to me more than once I’m documenting it here for me, and for other desperate souls that may find their way here. If your system is very slow to boot, and you see error messages in your dmesg (`dmesg | grep ata`) such as this:
[ 34.122465] ata1.00: qc timeout (cmd 0xef) [ 34.122519] ata1.00: failed to set xfermode (err_mask=0x4) [ 34.122565] ata1: failed to recover some devices, retrying in 5 secs [ 46.260055] ata1: port is slow to respond, please be patient (Status 0x90) [ 69.218482] ata1: port failed to respond (30 secs, Status 0x90)
You just need to ad `irqpoll` to your grub line. So in so in /boot/grub/menu.lst I added irqpoll to the kernel line:
kernel /boot/vmlinuz-2.6.20-15-generic root=UUID=48c5a348-eb39-4171-8531-671a49fdb75b ro quiet splash irqpoll
and it fixes the issue. Probably a work around, but since this resets every time you install a new kernel you’ll realize when it’s broken and when it’s fixed. Oh, and my system boots in 21 seconds now…is it geeky that I know that, and I tweaked the system to make it boot faster than the 27 seconds it was booting in? I guess we’ll never know! 
HOWTO: Jimmac mouse cursors on XP
So the only thing I don’t love about my new job is the same old thing; you have to run Windows XP on the desktop. Yeah, I’ll give it a bit more time before I really start pushing to run Linux on the desktop, so until then it’s my ongoing struggle to get XP to work the way I want it to (ie- more like Linux). One simple way is to install the excellent Jimmac mouse cursor theme that’s the default for the majority of Linux distributions. Jakub Steiner (aka Jimmac) is the famous designer of this set, and with a 3rd party app called CursorXP , it’s a snap to get them into XP. First grab the Jimmac theme created to work with CursorXP, then Download and install CursorXP and get into its config menu, which is a new tab under Settings > Mouse. From the drop down list choose <Broswe>, point it to the theme and you’re done. You wouldn’t think a change of mouse cursors would change the feel of a system so much, but these do; I feel more at home. Even if you’ve never used Linux you’ll still love this cursor set, try it, it’s all free.
HOWTO: populate your term’s title automatically
When you’re running a ton of termial windows or tabs, it helps to have the title of the box name, along with some environment values, easily available to keep you orientated. Here’s a quick script I created to do this automatically when called via your .profile file in your home directory.
#!/bin/bash
HOST_NAME=`hostname -f`
if [ `id -u` = 0 ]; then
OPT="`uname` (`uname -a | cut -f12 -d' ' -`) - ROOT USER"
else
OPT="`uname` (`uname -a | cut -f12 -d' ' -`)"
fi
REPLACE="${HOST_NAME} - ${OPT}"
echo -n -e "\033]0; $REPLACE \007 "
echo "${REPLACE}"
exit 0When I run this script in my term here at work, the title or tab becomes:
nldg-8 (Linux / x86_64)
Drop this into a bin directory your user can hit – I always put on in my home directory and append ~/bin to my PATH in my .profile. For Solaris fans/users, it needs to be done a bit differently:
#!/usr/local/bin/bash
HOST_NAME=`uname -a | cut -f2 -d' ' -`
OPT="(`uname -a | cut -f1 -d' ' -` / `uname -a | cut -f6 -d' '`)"
REPLACE="${HOST_NAME} - ${OPT}"
echo -n -e "\033]0; $REPLACE \007 "
echo "${REPLACE}"
exit 0foo
HOWTO: fix a G3 iBook with a “bad logic board” for 26 cents
I’ve had a 12″ G3 iBook since ~2002, and I’ve really liked it. Of course me being me, I’ve run Linux on it for almost the whole time, even running a dual boot of OS X and Gentoo Linux back when I used this puppy on the job. The only thing I (and likely millions of other customers) didn’t like is the systemic “logic board” failure. Yes, the logic board, which is just Apple’s name for the motherboard, would fail, prompting a call to Apple, followed by about a one week turnaround on the repair, which was all covered under warranty. The only thing is, this only reset your iBook back to the original state, after using the iBook for so long, this issue would occur again, leaving you with a shinny door stop. Mine had come and gone 3 times, so this final failure fell far outside of even the extended program to cover the fix. Fast forward to last week, I had resigned from my gig at Mastercard, thus turning in my work laptop, leaving with no convent way (I can go downstairs to my desktop, but…) to work on a system and check my email. I got the iBook out of the drawer and started looking around for info online to solve this from a DIY angle. One interesting way was to burn a tea light directly on the video chip, eventually making it hot enough to resolder itself to the board! I was going to do this, when I found a lower tech, less risky, fix, with perhaps even more permanent results. You open the iBook, put some sort of shim just underneath the video chip forcing it to stay in contact with the logic board; that’s it! There are plenty of sites out there now talking about this, but this one seemed the most direct. So I opened the iBook, found that little square you see in the pictures, duct taped a penny topped by a quarter to the metal, and all of a sudden had a revived laptop. It’s fun when things are so easy. Oh, and Ubuntu Linux Feisty (7.04) for the PowerPC runs very, nicely on the iBook! So much more power saving features, and the promise of Gnash to cover all the flash sites makes it a great laptop.
HOWTO: ssh tunneling for fun and profit
Recently I had an issue at work; while trying to transfer files between Unix hosts we were unable to hit the known scp port, but we could still hit the ssh port. All of this was occurring from home, late at night on a Saturday where I was the main technical point man to move/install these files. In the past I had done ssh tunneling, but never on the fly to fix something like this, so I cracked open my notes and did a quick Google search for a refresher.
The first we’ll look at the basic syntax of the command to setup the SSH tunnel:
ssh -L <local free port>:localhost:<local sshd port> -p <remote host sshd port> <remote host name>
Where:
- <local free port> is an unused high-number port on the local host
- <local sshd port> is the ssh port on the local host
- <remote host sshd port> is the remote host’s ssh port
- <remote host name> is the remote host you want to tunnel to
So, for example, if I wanted to copy files from work to my homeserver (but scp/sftp wasn’t running there) I could still scp the file via the ssh tunnel to home. Here’s how I’d do it:
ssh -L 5555:localhost:22 -p 2222 fak3r.com
Then I’d point to the tunnel while I issue a command I’d like to direct to it, and give it a username that is valid on the remote host:
scp –P 5555 fiile.txt bob@localhost:~
The file would then be in the home directory for bob’s account on fak3r.com. So anything directed at my local port of 5555 would be tunneled via ssh to the remote host’s sshd port of 2222 all via the tunnel I setup on my localhost, whose sshd is running on the default port of 22.
mod_security rules to prevent Wordpress 2.1.1 attack
Anyone hosting a Wordpress 2.1.1 install should upgrade or immediately prevent access to certain queries to prevent an attack described here. If the server is running Apache with mod_security, simply update your httpd.conf with the following rules:
<IfModule mod_security.c>
SecFilterEngine On
SecFilterDefaultAction "deny,log,status:412"
# RULES: Prevent Wordpress 2.1.1 attack
# http://wordpress.org/development/2007/03/upgrade-212/
SecFilter "ix="
SecFilter "iz="
[...]
</IfModule>
And then restart Apache. Note that while this is an effective temporary workaround, upgrading is recommended. Also, any install *other* than 2.1.1 is not effected.
Transfer files via netcat and tar
Netcat (nc) is a “…simple Unix utility which reads and writes data across network connections, using TCP or UDP protocol. It is designed to be a reliable back-end” tool that can be used directly or easily driven by other programs and scripts. At the same time, it is a feature-rich network debugging and exploration tool, since it can create almost any kind of connection you would need and has several interesting built-in capabilities.” Basically it’s another small, cool Unix tool that allows you to do tons of cool stuff. I found this example out there that lets you transfer files via tar from one box to another. As with anything to do with nc, it’s dead simple, and logical. On the target box, start nc to listen on a port, and tar up anything it ‘hears’ like this:
nc -l -p $PORT | tar -xf -
Then, on the source system, have tar pipe out to netcat, that is pointed to the target host/ip:
tar -cf - $DIRECTORY | nc $HOST $PORT
Damn, how cool. There’s plenty more info out there, and the more you look the more you’ll realize what you can do with nc. Tons of great info at the above Wikipedia link, and I also found a great overview at Vulwatch.org. Have fun!
FBI lost 160 laptops in last 44 months
A new report tells us that the FBI has lost 160 laptops in the last 44 months! “Perhaps most troubling,” says the report, “the FBI could not determine in many cases whether the lost or stolen laptop computers contained sensitive or classified information. Such information may include case information, personal identifying information, or classified information on FBI operations.” Laptops can also contain goodies like the software that the FBI uses to make its identification badges, a copy of which was installed on a laptop stolen from the Boston Field Office in July 2002.“ If the FBI doesn’t keep records of what’s installed on their laptops, how can we expect or trust the private sector to secure customer data? Think about all the websites that have your name/address/etc, and then think of their employees taking their laptops home that may/may not have hooks in to ’secret’ data…
New PuTTY release
The first new version of PuTTY in over two years has been released. For anyone that has had to connect to Unix servers via telnet or SSH from Windows hosts, you know how important PuTTY is. (Windows cmd commandline has always been a joke) Providing an xterm terminal emulator to work in, the familiar putty.exe has followed me everywhere (it’s even on my USB keychain). Version 0.59 comes with a host of changes including speed, plenty of SSH-2 improvements and plenty of bugfixes.
DEFCON 14? That’s approved
In a late development, I will be attending DEFCON 14 in Las Vegas August 4-6. DEFCON (started in 1993) is one of the oldest continuous running hacker conventions around, and also one of the largest. I’m meeting some old geek friends (for now known only as Thing1 and Thing2) that I got to know in the great state of Texas (mostly while in the great state of inebriation); and attending plenty of talks/presentations on all things hack/security/geek/etc. Looking forward to learning some in-depth security from people in the know; stuff outside of what is generally available to the general public as it were. Also on the agenda, reminiscing, drinking, eating, not sleeping much and laughing. I’ll have a report on relevant events and topics along with a censored Flickr slide-show for all those Web 2.0 kids to link to soon after the fun.
U.S. gov’t mandates laptop security
Finally, after all of the crazy data theft, the Bush Administration is giving federal civilian agencies 45 days to comply with new recommendations for laptop encryption and two-factor authentication. I can’t believe this wasn’t a standard before, but oh well, from now on out this has to be. Next up, private industries, while not under any direct order, it’s going to be something they have to do to give their customers the assurance that they’re doing something about the problem. See Breaches since Choicepoint or my other Choicepoint story for more background on the extent of this issue.
Hello (again) world
Are you like me, do you like to roll with the changes? Well I have, as you can see, with a move to Wordpress from the cool, but unstable Typo. My Typo experience was a blast, but honestly I just don’t have the time to babysit a webapp running on my server (which I’m already looking after) that seemed to prefer to bomb out than work more often than not. So, welcome to fak3r.com – the WordPress edition. Migration of articles was a snap, I just had to set the number of articles the RSS feed would generate in Typo to 750 (funny thing was when I tried to do this in the Admin section it bombed with ‘Application Error (Rails)’ so I had to go into the DB by hand and tune it), save the feed.xml file and then import it via WP’s RSS importer. All of the articles, along with the categories, came right over. The only thing is the comments, importing the comments RSS feed from Typo just puts them all in as other articles, not good. So, for now, no comments were transfered, but I’ll keep working on it. I could tell you more but hey, let’s just move on; I’m happy enough to be able to post again!
HOWTO get Typo themes to work with Trunk
I wrote to the mailing list last week to inquire about what themes work with Typo trunk. After a response I found that a fix had already been posted out there in the Internetland. So, mad props and shout outs go to Piers Cawley for posting the solution to getting all the great themes from the Typo themes contest to work with Typo Trunk (most themes are br0k3d due to some basic changes in Typo’s API). Piers writes, ”If you’ve still got problems porting an old theme, it’s probably because your theme renders sidebars ‘wrong’. Check in your themes//layouts/default.rhtml and look for the line that looks like:”
<%= render_component(:controller => ’sidebars/sidebar’, :action
=>'display_plugins') %>
and replace it with:
<%= render_sidebars %>
If that doesn’t fix things, his next solution is, ”The other big change in the way themes are rendered (and again, its’ sidebar related) is in the section of the layout. Here’s what the default theme header looks like nowadays:”
<head>
<title><%=h page_title %></title>
<%= page_header %>
<%= stylesheet_link_tag “/stylesheets/theme/azure”, :media => ‘all’ %>
<%= stylesheet_link_tag “/stylesheets/user-styles”, :media => ‘all’ %>
<%= stylesheet_link_tag “/stylesheets/theme/print”, :media => ‘print’ %>
</head>“You should change yours to look similar (you pretty much must include that <%= page_header %> part”
Speed up Ruby-on-Rails with memcached
Today I learned about memcached, which I’d heard of before, but never really investigated. From the project’s site, ”memcached is a high-performance, distributed memory object caching system, generic in nature, but intended for use in speeding up dynamic web applications by alleviating database load.” So, even though I don’t have a huge amount of traffic, I still have dynamic sites, and I’m always looking at ways to speed up my Typo blog (this site not anymore). So, using memcached, you can get a big performance boost in databases calls, which sold me on giving it a go. I read two posts today, one about howto set this up in Freebsd, along with howto modify the source code for a boost over the default setting, and how to make Ruby-on-Rails take advantage of it. Below are steps compiled from both sites, and used on my FreeBSD 6.0 server, but most of the steps should work as well in Linux. Read more for the steps.
First let’s get memcached installed
cd /usr/ports/databases/memcached/We only want it to get past the configure step before we modify code
make configureNow it’s time to modify the code (NOTE: the howto linked to above was specific to a FreeBSD issue, if using Linux you may not need to make this modification)
vi work/memcached-1.1.12/memcached.cFind this line
#include "memcached.h"Add the undef line below it and save
#include "memcached.h"
#undef TCP_NOPUSHNow we want it to compile and install
make installOnce that’s complete, we want to enable memcached in rc.conf
echo "memcached_enable="YES"" >> /etc/rc.confThen we’ll start memcached
/usr/local/etc/rc.d/memcached.sh startNext we’ll install the ruby-memcache client
cd ../ruby-memcache/
make installFinally we’ll modify our Ruby-on-Rails app’s environment to use memcache as its session store (make a backup first!)
cp config/environment.rb config/environment.rb.dist
vi config/environment.rbFind the line that tells session_store to use the database instead of the file system
#config.action_controller.session_store = :active_record_storeModify it so it tells it to use memcached, and save
config.action_controller.session_store = :mem_cache_storeStop Typo, and then manually clear the cache
rake sweep_cacheNow restart your Typo server, and you’re done! It should now be storing all session data via memcached instead of your database.
Hi, I'm fak3r and I've been online for over 15 years, blogging for 10. I work with open source software, various hardware and whatever else that I can hack on. I enjoy learning by doing, painting infrequently and listening to more music than the law allows. Feel free to follow me and comment on my thoughts and ideas; we're all in it together kid.
EFF’s SSD (Surveillance Self-Defense) Project
Know your rights!
Dec 02, 2009 | Categories: commentary, geek | Tags: digital rights, drm, eff, encryption, hacker, IP, law, online privacy, privacy, security | Comments