CiRE's Tech Stuff
Just another WordPress.com weblog

May
17

Today I’m going to introduce everyone to something I just myself discovered earlier today; Lunascape.

The Lunascape web browser is a Japanese browser now released in english as well (and 9 other languages). It is unique in that it makes use of all three layout-rendering engines: Trident (the IE backend), Gecko (the FF backend), and Webkit (the… older backend).

It has great skins (though obviously not as many as FF), a great UI (100% customization of ALL controls, mouse gesture support, etc.), and much, much more.

The official website, for all who may be interested.

If you’re a FF fan(I know I was/am), but none too pleased with the recent slowdowns it seems to be experiencing (which I think are related to the new Java version), then chance a gander at Lunascape.

CiREing off. Ttfn.

Advertisements
Mar
08

So, by far my favorite class throughout CS has been my assembler course sophomore year.

Recently, when I began writing a report for Public Speaking about viruses, I was surprised to discover that viruses (which I had previously believed to be mostly written in C) are, in fact, mostly written in assembler! Yatta!

After learning this, I procured several viruses’ source code hastily, and set about dissecting them.

Now, I would not say that I’ll ever do anything more than make a simple virus (just so I can say that I have), but I may detail some of my notes on what I learn here, in case anyone is interested in learning about them too.

I don’t intend to teach someone how to make one (and I couldn’t anyway), but I don’t mind writing about their interesting inner-workings.

If you think you might enjoy such discussion, say so. If not, I can always stick to OS customization and augmentation.

Anyways, it’s always fun to learn new things, and doubly-so when they’re security-related.

Later.

-CiRE

Mar
05

The most prevalent, dangerous, and negligent form of security is the “batten-down-the-hatches” mindset, in which firewalls, remote-authentication, and layers upon layers of poor-planning (also called obfuscation by more enterprising individuals) is passed-off as security. This “static” view of security is easy to implement, maintain, and, ultimately, defeat.

CMMI has offered a model by which continual mandated maturing of a system’s (not simply computer, but any system’s) processes can be effectively translated to continual improvement, and yet this has not been adapted as it should be to the realm of security.

Security across the Enterprise cannot and should not be compartmentalized into “physical”, “electronic”, or any other type. Security as Data Assurance, which is the only true end of security in the Enterprise, must have oversight over all systems within, both computer and human. This means, quite obviously, that an Enterprise’s Security group/department must include all of the physical security on-site, and all electronic security.

What this group must also do, however, is be responsible for disaster-recovery of data and system structure, and even standards and conventions used by other departments. Thus, a security group will not be isolated from any other department, but constantly liasing with them.

The code that your developers produce to be run on your in-house systems must be tested for vulnerabilities prior to deployment on your systems, and your systems tested post-deployment for vulnerabilities that the new code may open in another part of the system. Computers are deterministic, so the way any two pieces of code interact can affect all involved components. It isn’t feasible to write everything in assembler, which means that low-level exploits are always a danger. The only way to avoid this is having developers adhere to programming standards, and industry best-practices. Things like naming conventions, for instance, aren’t “optional” (nor something you can be “adamantly opposed” to… as one person professed to be).

Testing for vulnerabilities must be done on a regular basis, using a wide range of methods, and areas of deficiency must be identified and paid extra attention to. Weekly penetration tests by in-house specialists should augment less frequent third-party pen-testing.

Just as IT coined the phrase “know your data” as a guiding principle, security experts must also know ALL their related components – systems and the nature of data on them, disaster contingencies, and, possibly most importantly, the nature of what they are securing against.

One of the worst transgressions of security specialists is to narrow their perceived threats to one category because of numbers or ease, instead of the likelihood of it as a threat; for instance, a defense contractor focusing on defending against “script kiddies” instead of planned, goal-oriented hacking, or compromising by an employee.

It is very easy to decide on a strategy of “stone-walling” over obfuscation or data distribution, even when it may not be the best choice. Keeping certain data on closed-circuit networks or removable media kept in a secured location can often be a much safer option than hoping your network security will not be compromised. All of this, of course, will depend on the nature of the data, and entail efficiency vs. security assessments.

More on this later, as it’s becoming light outside, and I need to get ready for class.

-CiRE

Mar
05

This post covers prepping your non-linux box for a linux install.
I know some people disdain having more than one OS on their machine, but a “dual-boot” box has several advantages over a single-OS comp. I’m currently running a triple-boot Vista, Ubuntu, Open SUSE setup on my laptop. Vista for games, Ubuntu for school work (programming), and SUSE as my “experiment” OS (where I can mess with compiling new kernels, running different window managers, etc. without worrying about ruining my great setup that I’ve got in Ubuntu).

I’m going to assume you’re running Windows right now. I don’t use Apple for religious reasons, so I won’t ever cover how to mod their products other than to say they make great “lan-killer” testbeds. XP

First off, if you’ve decided that you’re going for a “clean” install of Linux – meaning no dual-booting – then you can skip this article altogether, and just run your distro’s live CD installer.

The purpose of this tutorial is to enable someone to dual-boot into Linux or Windows.

You will need Vista or 7, not XP or a 9x Win.

In windows, go to Accessories->System Tools->Computer Management.

If you don’t find Computer Management there, do a google search to find it’s location on your system.
In Comp. Manager, hit Disk Tools (or Manager, or something to that effect). It will show you your current Windows-compatible partitions.

If you’ve got a standard Vista setup, then you’ve probably got a 9 or so Gb partition which is your backup partition.
Click on it, and choose to remove it. If you backup your system, you should be doing it on an external drive anyways. Once it is gone, you’ll be left with “free space”. This will be utilized by gparted, or whichever partition utility your linux distro uses to create its partitions.

Next, click on your main Windows partition. Now, even if you have tons of free space on your partition, this doesn’t mean it is safe to shrink it from outside of Windows. There will be data written at the ends of the partition, which will be lost if you shrink it. From where you are now, however, you can “shrink” the volume. If you choose to do so, Windows will tell you by how much you can shrink the partition. It will not give you an accurate reading about how much space you can recover, which would require an extremely good de-fragmentation utility, available free online, which moves data away from the ends of a partition, making it possible to maximize available space.

If, however, you can free about 30 Gb with the included “shrink” method, just do this. You can access your Windows partitions from within Linux, so you can store all of you videos and music here, and make use of it in both OSes without needing two copies.

If this works, then you can move on to installing Linux, simply specifying during the installation to use the free space on the drive. If your distro doesn’t have this option, however, you may have to prep the partitions manually. This is very easily done, and without any danger (assuming you don’t delete anything).

This next section details how to setup your partitions from within your linux distro’s partition preparation program, which you will encounter after beginning installation of Linux.

You will need a minimum of two partitions; a “/” (or “root”) partition, and a “swap” partition. We’ll start by making the swap partition. In the disk partitioner, choose whichever option says “create new partition”, or something to that effect. You will want to make the type “swap”, and the size however large your physical RAM is. If you don’t know, than give yourself 1024 Mb.

There has been a lot of debate as to how large the swap partitions should be, ranging from suggestions for twice the size of your RAM, to not needing it at all if you’re running a machine with more than 2 Gb of RAM, as you’ll likely never use that much memory anyway. Giving yourself 1 Gb is a nice compromise, and a nice buffer zone.

Next, make the remaining free space into a new partition, of type Ext3. You can use Ext4 if you know your distro is okay with it, but do not use Ext2. Ext3 id the most common filesystem type used in Linux.

Once you’ve gotten here, you’re ready to let the installer do its magic, and once Grub has been installed and updated/run, you’ll have yourself a dual-boot system!

Have fun with Linux, and remember that if you’re not a system admin, you can ignore all the shouts about fearing su and sudo’s power. There is very little you can do to destroy a linux install, short of “sudo rmdir /boot”… which you shouldn’t do.

Next up is WINE, and making your Linux OS run Win games better than Windows.

Feb
11

Most people I know who aren’t Comp. Sci. majors (and even some who are), seem to have this horrible misconception of Linux. They think it’s some kind of (even slightly) complicated thing to use. Users of linux know that a LiveCD of Ubuntu is easier to install than Windows, by far (and doesn’t cost you 100+ dollars).

But then there are the features Windows has:
Speed (lol), efficiency (lol), style (lol), a huge program base (lo…. well, maybe).

The thing is, Linux has all the first three, and certainly the first two, in great excess of what you get with Windows. My shutdown in Karmic Koala (Ubuntu 9.10… yes, all Ubuntu distros have a name like this: Dapper Drake, Feisty Fawn, Jaunty Jackalope, etc. ) takes all of 3 seconds. Literally. No Win user past maybe 3.1 can claim that.

The detail of program base is certainly contestable, and there are many people on both sides claiming a win for themselves. Linux cannot be beat out in easy availability of office/editing software (which is free, of course), and Windows cannot be beat out in games, until now…

With Vista’s 64-bit inception, Microsoft moved towards a less backwards-compatible OS, which had been one of their biggest claims over, say, Apple, in the past. This movement significantly strengthened Linux’s claim on equal program-base, as with WINE, now there are windows programs which Windows can’t run, but Linux can. And these aren’t even all old games that we’re talking about; Spore doesn’t run AT ALL on 64-bit Vista.

Let’s compare some software for the two, “out-of-the-box”.

Windows: Notepad (no formatting, plain text), Wordpad (for formatted text), Paint (for… something), IE (which you can no longer uninstall, as Microsoft has incorporated it into windows update, meaning removal makes the system unstable) for internet.
That’s about it. Your pc (now) can’t come with Microsoft Office, due to anti-monopoly rulings against Microsoft. You may also have a Norton, or McAffee firewall/anti-virus, maybe even with a free period of use!

Linux: Gedit (formatted and format-less text), gimp (basically a scaled-down version of Photoshop), Firefox, a built-in firewall.

Straight-off, Microsoft isn’t doing too well – the only useful software all costs money. All the afforementioned Linux software is free, removable (easily, via synaptic package manager), and largely augmentable/customizable, should you have the urge or need to do so.

Let’s look at getting some new software installed:

Windows:
Click “Start” menu, Open IE, search for software, download, open installer, specify install directory (and whatever else), wait for install to finish, DONE.

Linux:
Click “Start” menu, open Software Center, search for software, press “apply”, wait for install, DONE.

In Linux, there are online “repositories” in which the software information is stored, and referenced by your computer, and the downloading and installation is all done for you. Afterwards, you will find it in your start menu.

If you find a program that only has a windows executable (.exe), there’s still a very good chance that it will run in Linux, via WINE.

As a quick search online will tell you, WINE is a compatibility layer for windows commands, and, as the name means, “Wine Is Not an (windows) Emulator”. You can install WINE through the Software Center.

With WINE, and a few more packages (software/ programs) from the included repositories (like Open Office, which is Sun Microsystem’s free Microsoft Office alternative, and which supports reading and creating Microsoft Office file types: .doc, .ppt, .xls, etc.), you’ll have more programs and funtionality than you’ll have on a new Windows box (computer), with the ability to even run windows programs (including games).

And YOU DON’T HAVE TO CHOOSE BETWEEN ONE OR THE OTHER. A dual-boot setup with a Linux distro (distribution) like Ubuntu or Fedora is easy as pie.

http://www.ubuntu.com/
http://fedoraproject.org/

You don’t even need to install Ubuntu to try it, just download the LiveCD, and you can “run” it in windows, or reboot into it for a test run!

Next up in the series, I’ll walk everyone through preparing a new partition on which to install a Linux distro!

Feb
10

It occurred to me recently that many people I know are using plain, un-modified, ugly Windows.

It also occurred to me that many of them might like to change this, given the time or means. What made me decide to make this a blog was a comment I found on a Firefox development/bug forum, in which a statement to the effect of, “if you want to run most windows apps, you have to use windows”.

Now, I had just earlier posted a note on Facebook to the opposite effect, introducing some of my friends (hopefully) to Linux, and the wonder that is WINE.

Now, since this post is just an intro, I’ll make a separate one detailing my own Win vs Lin comparison, and explain why you don’t need to choose one or the other.

Later on, I’ll have some tutorials with step-by-step guides to making various changes.