Linux Dream Cheeky USB Thunder Missile Launcher

 Computing, Linux, Working Notes  No Responses »
Jan 162014
 

This is not original work, but merely a set of notes on how to do the set up. The core information (and the code) came from this blog posting.

Essentially I’ve re-ordered the steps in which to work and excluded anything other than the bare essentials to get it all working. With the intention I can get my missile launcher working at home and at work  😎

Step 1 is to prevent the HID driver from clamping on to the missile launcher. This was done by :-

  1. Editing /etc/default/grub and adding usbhid.quirks=0x2123:0x1010:0x04 to the existing variable GRUB_CMDLINE_LINUX_DEFAULT.
  2. Run update-grub (I always manage to forget this).
  3. Reboot the machine and check /var/log/messages for 2123 (the VendorID) to see if it has been claimed by usbhid (which will show up as a line beginning generic-usb 0003:2123:1010.0006: hiddev0 if it does claim it).

The next step is to download and compile the code given in the blog link above. If you need instructions on how to do this, then you probably need to look elsewhere – it builds easily.

Once built, an sudo insmod launcher_driver.ko will verify that the kernel module loads – you can double check by looking at /var/log/messages.

It’s also necessary to install both the kernel driver and the control program manually :-

  1. Copy the compiled kernel module to /lib/modulessudo cp  launcher_driver.ko /lib/modules
  2. Edit /etc/rc.local and add the command: /sbin/insmod /lib/modules/launcher_driver.ko
  3. Copy the control program to a sensible location: sudo install launcher_control /opt/bin

There’s probably better ways of doing this, and better places to stick things but as you’re following my instructions you’re stuck with my suggestions! It’s tempting to try a reboot at this stage to verify that this works, but as there’s just one small extra step we may as well get that done too. This is to create a udev rule to set up a device file in /dev.

Create a file (/etc/udev/rules.d/99-usb-launcher.rules) with the following contents :-

KERNEL=="launcher?*",MODE="0660",GROUP="cdrom"

The choice of group name is rather inappropriate except it will work well enough, and I have changed the permissions on this to something a little more restrictive. This can be tested with sudo udevadm trigger which will re-run udev. This should change the permissions on any existing /dev/launcher* file(s). If it doesn’t work, the blog pointer above is the place to head.

Lastly, there’s a couple of corrections to the launcher_control.c that is convenient to make :-

% diff launcher_control.c launcher_control.c.orig
63c63
<         while ((c = getopt(argc, argv, "m:lrudfsht:")) != -1) {
---
>         while ((c = getopt(argc, argv, "mlrudfsht:")) != -1) {
97,98c97
< 		fprintf(stderr, "Couldn't open file: %s\n", dev);
<                 /*perror("Couldn't open file: %m");*/
---
>                 perror("Couldn't open file: %m");

 

It’s All About Reliability, Reliability, and More Reliability

 Computing  No Responses »
Jan 122014
 

Computers have gotten faster … a lot faster. In some cases there is never enough speed, but to a certain extent today’s computers are not noticeably faster than computers of a few years ago. At least not if you do not run benchmarks. So there is little incentive to upgrade that 5 year old desktop machine – unless you are running Windows XP of course (support for which will be dropped soon).

Unless of course you look at aspects other than simple speed – such as reliability.

A few years ago I used to run old Unix workstations in preference to PCs despite their lack of speed, because they were simply more reliable – I could leave a workstation running for weeks without any negative effects. Whereas the PCs I was used to using were just not quite as stable; every so often something unexpected would occur and a reboot would be necessary. Usually at the most irritating possible time.

We expect computers to be reliable, but are all too often disappointed.

Desktop manufacturers may be able to revive the flagging market for desktops by offering something new – desktops with reliability. There are a number of reliability features that are commonly found in servers that could be offered in desktops with only a marginal increase in cost.

Error Correcting Code Memory

Forget the “code” part in the title; without going into a great deal of technical detail, ECC memory automatically corrects memory errors when they occur. And occur they do.

There are a variety of causes of bit errors within memory varying from cosmic rays to atmospheric radiation; the cause does not matter so much. What matters is how frequently they occur. According to small studies and theory, they should be quite rare, but Google have released a paper actually measuring the error rate in a large pool of machines; the error rate is roughly about 5 single bit errors in 8 Gigabytes of RAM per hour.

If true, that’s more than enough to have a significant impact on the reliability of your average desktop PC. If a piece of software has some random instructions changed into something else, it will usually crash or do something strange to your data. Or if that random memory error occurs within your data, then you might expect a strange coloured blob to appear in your favourite photo.

Normal desktop PCs do not come supplied with ECC memory because it is slightly more expensive than ordinary memory. Without going into details, ECC memory uses additional memory to maintain a check on the contents of main memory.

And that costs more. Not a lot more, but in a competitive market, a small saving may lead to increased sales. Of course there are other ways to increase sales – such as by making a feature of ECC memory and reliability.

Storage

We are currently in a transition period between mechanical storage (disks) and electronic mass storage (flash). Flash storage currently offers very fast storage but with a price tag attached meaning it is infeasible for large amounts of storage. That will of course change.

In the meantime we have to deal with two storage solutions; one with a reputation of unreliability (flash) and one that is really unreliable (disks). Both fail with regrettable regularity (although discs will fail more often!) but fail in different ways. Disks themselves are likely to have a short period where they do not work very well before refusing to do anything, although as mechanical devices they can fail in surprising ways too! Flash will tend to fail in a rather nice way – it will get to the point where all attempts to write will fail, but all of the information is still readable.

Because they fail in different ways, we have to cope with their failure in different ways too. Except for the most obvious thing – everything needs to be backed up. And of course getting a backup mechanism up and running is a pretty tedious task.

It would make a great deal of sense for a vendor to offer a cloud-based disaster recovery backup for your system disk(s). An account with a copy of the system disk image is created before your system is shipped. And once on line, your desktop PC sends updates to that image in the cloud. And when the disk fails, you can ask the vendor to ship a replacement disk with almost everything you previously had already put in place.

On a more general note, it is worth mentioning that most consumer hard disks at the bottom end of the market are complete rubbish. And I would pay extra to buy disks from a vendor that :-

  1. Takes ordinary disks and burns them in for a week to verify that they are not going to go bad in the first few months; there’s a NAS vendor (whose name escapes me for the moment) that does this and has one of the lowest disk failure rates on the market despite using relatively cheap and nasty disks.
  2. Ships them in proper packaging that absorbs the shipping bumps and knocks. Just because a disk drive looks intact does not mean it is safe to use.

 And What About The File System?

So far it has all been about the hardware, but there is more we can do about reliability in software too. And carrying on from the previous section, one of those areas is how the operating system stores files on disks.  The software module that does this is (to use the Unix or Linux term) the file system and there are different kinds.

Historically different file systems have assumed that the storage is perfectly reliable. However with the increased awareness of silent data corruption, there are now a few file systems that check for silent data corruption – including what is probably the first: ZFS.

Even if there is a small loss of performance, file systems should detect silent data corruption and correct if possible.

Preparing To Fail

We all know that software is unreliable; to be precise it is not perfectly reliable as it is a great deal more reliable than we give it credit for. After all we only notice the failures; and some of the failures at that.

Rather than trying just to produce reliable software, programmers should be designing software that fails safe without losing any data. See crash-only software.

Down Mixing Quadrophic and 5.1 Surround Sound with SOX

 Computing, Working Notes  1 Response »
Jan 112014
 

As categorised, this is a “working note” and explains how I ‘down mix’ quadrophic FLAC files into stereo files with the assistance of sox. This may well not be the best method and indeed I may be getting it totally wrong – who knows what two channels are supposed to go where?

It turns out that my portable media player doesn’t understand FLAC files with more than two channels, and as I have a number of these obtained from somewhere I needed a way to make them playable. The first step is to identify FLAC files with more than two channels. It turns out that the venerable file does that quite adequately :-

% file one.flac two.flac
one.flac:              FLAC audio bitstream data, 24 bit, stereo, 96 kHz, 24179840 samples
two.flac:              FLAC audio bitstream data, 24 bit, 4 channels, 96 kHz, 24179840 samples

As you can see the third column of the information about the file identifies the number of channels; it also identifies 5.1 surround sound files as 6 channel files. And quite possibly wilder and woollier kinds of channel numbers too.

Now onto the conversion. This is simply the following :-

% sox input-file.flac output-file.flac remix 1v0.5,3v0.5 2v0.5,3v0.5 norm
% file output-file.flac
output-file.flac:      FLAC audio bitstream data, 24 bit, stereo, 96 kHz, 24179840 samples

The details of what sox command to use … and specifically the remix parameters came from a post discussing the problem here. I’m not qualified to assess the details, but the results seem fine. For extra points, the remix parameters for 5.1 surround sound are: 1v0.3694,3v0.2612,4v0.3694 2v0.3694,3v0.2612,5v0.3694.

Why Is Password Security So Important?

 Computing, Security  No Responses »
Dec 032013
 

People like me keep banging on about why the security of passwords is so important. We keep telling people they need strong passwords, when what people really want are easy to remember passwords. Of course we keep on saying the same message because not everyone pays any attention.

The truth is that it is possible; or at least partially possible to have both strong passwords and relatively easy to remember ones. But first why is it necessary at all?

The sad fact is that there are criminals out there; not spotty teenagers in basements having some sort of weird fun, but genuine criminals who want your account details for a variety of reasons. Organised crime has moved on from bathtub gin, bank robberies, and drugs realising that (amongst other activities) computer crime can be quite profitable with a lower risk of being caught.

The most obvious accounts targeted by criminals are bank accounts – online access to your bank. Whilst they will target such accounts, criminals will also target the most innocuous accounts as well – your ISP account, or a work account. The lowest level of usage of a stolen account is to send spam; not in vast quantities but even several hundred spams sent in your name can really ruin your day.

And will continue to have a less obvious negative effect over time – your email address will be less trusted by recipients if it has ever been used by a spammer. And of course that is the damage I know of. The criminals may use your account for other purposes.

In fact it is probable that any stolen account has a small but definite value on underground markets such as the Silk Road (or deeper and darker places).

And that is excluding the damage that criminals can more directly cause you by access to all the data contained within your account.

How Do Criminals Get Your Password?

So how do criminals get hold of account passwords? It turns out there are three main methods, and one is only useful in certain circumstances (and happens to be the most technical and so the most interesting to geeks).

Just Ask!

It may seem crazy, but probably the easiest method of obtaining account details is simply to ask for those details! The question is normally dressed up to confuse the situation so that it appears to be a legitimate organisation asking for the password. An email from your bank asking you to login via a provided link; an email from your IT support department asking for your password to increase your mail quota.

The defense against this is to never tell anyone your password. Your password is a method of demonstrating that you are yourself; if you give it away, you let other people pretend to be you.

Don’t do it.

Just Guess!

Some people use passwords so weak that they can be guessed relatively easily – or at least easily when the password guessing is scaled up. If a criminal has a 0.001% chance of guessing a password, but they try 1,000 different accounts with 10 different passwords at 1,000 different sites per day, they can expect to get 100 accounts a day!

The best defense against this sort of attack (for an individual) is to make sure you do not have a weak password – go for one that is long and strong (we’ll get to that later).

Password Cracking

The last method of getting account passwords is only possible with access to the password hashes which normally involves exploiting some kind of vulnerability. Once access to those hashes is obtained, it is possible to use a password cracking dictionary to generate a list of candidate passwords and calculate the password hash for each one. When the hash for a candidate password matches the hash of a real account, you know what the password is.

It shouldn’t be possible for a criminal to get access to password hashes, but they do get access to them on a regrettably frequent basis. In addition, it is not uncommon for password cracking to be used as the ultimate test of whether a password is “strong enough” – if it can be cracked with a reasonable level of resources, it is weak.

The best defense against this kind of attack is again to use a long and strong password.

Long And Strong (And Memorable) Passwords

The best passwords are long and random, but very definitely not memorable – as an example, a typical random password might be Y2JkOGY3OTg0YzY1NGMyNTUxMmUzZDkyNDFhZTU2OWYgIC0K. Not the sort of password anyone would want to remember, although password stores such as LastPass allow the use of such passwords. Certainly worth investigating.

However it still needs a master password and there are other circumstances where passwords you have to remember are essential. In such cases memorable becomes a requirement, but we still need strong passwords.

For most of us, a memorable password is made up of dictionary words, yet we are often told that a word-based password (no matter how cleverly transformed it might be) is a weak password. It turns out to be correct for single word passwords, but multi-word passwords are still relatively strong. A lot weaker than truly random passwords of an equivalent length, but somewhat surprisingly a lot stronger than short truly random passwords.

The mathematics of this gets a bit hairy, so take it on trust – length is the most important factor in determining password strength with certain exceptions (a very long word isn’t strong no matter how long it is).

The XKCD Password strength comic

Stringing together a whole bunch of words may not seem the most sensible way to come up with a memorable password; in fact I’ve been using a five word password for many years, and at this point I can’t forget it! I would suggest though that the XKCD method can be strengthened a wee bit by adding a symbol between every word – pick a random symbol like “@”.

Now pick three to four “random” words, and string them together with your random symbol :-

${word 1}${symbol}${word 2}${symbol}${word 3}${symbol}${word 4}${symbol}

Becomes: four@blatter@pong@zoo@

One thing to watch out for – you should have at least one “unusual” word in the list of random words, and don’t have too many short words – the password trustno1 is a weak password!

Google and Microsoft To Block Child Abuse Images?

 Computing, Security  No Responses »
Nov 182013
 

Today the news comes that Google and Microsoft have agreed to block child abuse images. Great!

Anyone reading (or watching) the news story could be forgiven for thinking that this will solve the problem of child abuse images on the Internet, but that won’t happen. What Microsoft and Google have done is a tiny increment on what they were already doing – instead of just excluding hosts given to them by the Internet Watch Foundation, they are also going to ‘clean up’ the search results for certain searches.

It isn’t blocking child abuse images. The search companies can’t do that; anything who thinks so needs to go and learn a bit more about the Internet which includes the government. Who have of course come out of their rabbit hutch spitting lettuce leaves everywhere, saying that if this action by the search companies isn’t effective they’ll legislate.

Which is just about the clearest evidence so far that the government is completely clueless when it comes to technology; obviously Eton‘s reputation is overstated when it comes to technology education.

People tend to think of child abuse images as being a little bit like anything else you browse to on the Internet – you just search for it, and up it pops. I haven’t tried, but I suspect what you would get is a large number of pages like this one – talking about child abuse images in some way, but no real images. Undoubtedly there are some really dumb child pornographers out there who stick up their filth on ordinary web servers; whereby they’ll quickly get indexed by the search engines and someone law enforcement bods will come pounding on the door.

However the biggest area of child abuse image distribution is likely to be one of the variety of ‘stealth’ Internets … the “dark nets’, or ‘deep web‘.

The later are web sites that cannot be indexed by the search engines for various reasons – password protection, links have never been published, etc. These would be the choice of the not quite so dumb child pornographer.

The former are harder to find – they are roughly analogous to peer-to-peer file sharing networks such as Bittorrent which is widely used for sharing copyrighted material (films, music, etc.). But ‘friend to friend’ file sharing networks are private and not public; you need an invitation to join one. This is where the intelligent child pornographer lurks.

And all the hot air we’ve heard from the government so far is going to do pretty much bugger all about the really serious stuff. If you are a clueless politician reading this, get a clue and ask someone with half a brain cell about this stuff. And don’t invent half-arsed measures before asking someone with a clue about whether they’re likely to be effective or not.

 Older Entries  Newer Entries