Last Seen Blogs
site-pull-decade
Untitled
colourofmagic
☆colourofmagic☆
tw1nkcentr4l
Oliver Dixon
girlsbtrs
Girls Behind the Rock Show
globaltradeplaza-b2bonlineportal
Untitled
Text
Writing a Music Player Using SDL2: Part 1
Time has flown by without a blog post, and it's about dang time to release a little something new. Over this post-free time, I have learned several things worthy of sharing. For starters, everyone loves music and it's mission critical for most people to have a music player so they can jam out when working. So let's make one!
Why Make a Music Player When There's So Many Good Ones?
I have over 7 terabytes of music, and every time I've attempted to load my entire playlist of music into popular apps, I wind up cranking an i9-9900K with 64 GB of RAM to nearly 100% usage and cause my system to freeze. Due to this, I figured I would write a simple, lightweight, terminal-based program that would provide the flexibility needed to listen to music without any extra bloat, and could be extensible with bash scripts using something like ncurses. Let me introduce you to what I have accomplished so far for this program!
The data.h File
Below is a full source code listing with the file data.h, which contains info necessary for playback and playlists. Pardon the text wrapping! :)
#ifndef _DATA_H #define _DATA_H // This contains all necessary data to power the core application, // from playlist management to playing/pausing songs. // C++ and C stdlib #include <iostream> #include <cstdlib> #include <cstdio> #include <bits/stdc++.h> // LibSDL2 headers for music playback #include "SDL2/SDL.h" #include "SDL2/SDL_mixer.h" // Since this is C++, we want to add the std namespace // To our code to simplify what we write. using namespace std; // Add the basic ability to enqueue and dequeue songs. // Allows us to play more than one song. struct Queue { stack<char *> songs; // Enqueue an item to the queue void enQueue(char * x) { songs.push(x); } // Dequeue an item from the queue int deQueue(void) { if (songs.empty()) { cout << "Playlist is empty!" << endl; exit(0); } // pop an item from the songs stack int x = songs.top(); songs.pop(); // if stack becomes empty, return // the popped item. if (songs.empty()) { return x; } int item = deQueue(); //recursive call songs.push(x); //push popped item back to stack return item; //return result of deQueue() call } }; // This is responsible for all music playback and controls. typedef class sdl2tools { private: Mix_Music *music; public: Queue NowPlaying; //Play the music by initializing SDL2 and loading //the actual tune. void play(char * Path) { int result = 0; int flags = MIX_INIT_MP3; //If loading SDL2 fails, exit program //and return an error. if (SDL_Init(SDL_INIT_AUDIO) < 0) { cout << "Failed to init SDL" << endl; exit(1); } //If the audio mixer fails to load, exit //program and return related error. if (flags != (result = Mix_Init(flags))) { cout << "Could not initialize mixer. Error: " << result << endl; cout << "Mix_Init: " << Mix_GetError() << endl; exit(1); } //Actually load and play the music. Mix_OpenAudio(22050, AUDIO_S16SYS, 2, 640); music = Mix_LoadMUS(Path); Mix_PlayMusic(music, 1) } //Since the second argument of Mix_PlayMusic() from //SDL2's API mandates an audio file as first //argument and a boolean "is playing" status as #2, //setting the second argument to 0 pauses music. void pause(void) { Mix_PlayMusic(music, 0); } //Resume music. void resume(void) { Mix_PlayMusic(music, 1); } //Stop playing music by quitting SDL2 cleanly. void stop(void) { while (!SDL_QuitRequested()) { SDL_Delay(250); } Mix_FreeMusic(music); SDL_Quit(); } //Skip currently playing song. Dependent on having //a song to skip to. void skip(void) { music.stop(); NowPlaying.deQueue(); music.play(path); } }sdl2tools; #endif
In this custom header file, we start by defining the core data structures that will make up our ability to have playlists, using the struct Queue. This will be need to be used in our main program with multithreading so we can run the music player in the background with a "playlist".
We then go on to define the sdl2tools class, which contains all the code needed to actually play our music and manipulate the audio stream, from playing to pausing or even skipping songs. With this done, we wrap up writing our header file and save it. With this prototype code done, it's now of prime importance to introduce a main.cpp file where multithreading, command-line arguments, and playing music in the background will be implemented. On top of this, a help menu is necessary to explain to users how everything works... and maybe introduce an easter egg or two :)
Until next time!
Liked This Content? Check Out Our Discord Community and Become an email subscriber!
This source code is MIT Licensed in it's own repository by the owner.
0 notes
Text
Making The "SpookPhone"
So I've had lots of privacy scares in the past, with people trying to steal my identity, my banking info and so on. Over the past few years, I've grown fed up with this over time and have been looking for ways to hide my own personal information from theft, prevent telemarketing annoyance, and even gain the added benefit of making it just a little bit harder to be spied on by the government to preserve my own personal freedom.
Enter The PinePhone
What if I wanted a smartphone? I have been using a Google Pixel with a custom Android build for a while now, but I'm beginning to worry that's not enough. I've been hearing through my friends and online about this company called Pine64 that works on Open Source board designs for tech devices, such as smartphones, laptops, tablets and (recently) smartwatches.
So the Pine64 smartphone, or Pinephone, has pretty crappy hardware inside compared to a flagship smartphone. But given the $200 USD price point, I could buy three for the price of a "popular" phone. Also, it runs Linux as well as Android which means it supports the new and coming PureOS- a secured Linux build based on Debian. PureOS is actively made by the company Purism, who releases their own smartphone with this system. But can I run it on some cheap device?
Flashing PureOS
The Pinephone Comes with 16Gb eMMC storage and is extensible with an SD card. To flash PureOS, 2 things need to be downloaded: - JumpDrive- a tool for flashing the eMMC - The Latest PureOS Image for PinePhone
Now take a spare SD Card that's lying around and flash JumpDrive to it, using dd if on Linux, BSD or MacOS. If on Windows, use Win32DiskImager. When this is done, plug the Pinephone into the computer and plug the SD card into the phone. Booting up the phone will boot Jumpdrive, and allow you to flash the eMMC as if an SD card was plugged into the PC. This time, we are going to flash PureOS (again using dd or Win32DiskImager).
Once this completes, power the phone off and unplug the SD Card. Restarting the phone should boot you into PureOS. The default credentials are:
username: purism pass: 123456
Configuration
Naturally, that password STINKS. So change the password to something more secure before doing anything else. To do this, fire up the terminal and type passwd. You will be asked to type your password and there will be no characters to verify what you typed- instead it will confirm twice.
Now we can update the system by running sudo apt update && sudo apt full-upgrade && sudo apt dist-upgrade. It is also possible to install the application gparted (if not already installed) to resize PureOS to use the entire eMMC storage space. With this accomplished, all that's left is just to install some software and reformat the SD Card to provide additional storage.
Putting a SIM Card in will allow for Texts, Calling and SMS out of the box. For LTE to work, some small tweaking with modemmanager will allow access to cellular data- although this is often not recommended for privacy, as WiFi is abundant and LTE forces the user to be connected to the cell network constantly, even if the user happens to be in "airplane mode".
Why Go To All This Effort?
Many might consider a cheap, secure and disposable smartphone a silly idea. But given the appeal of being able to run anything you please on the device, having documentation on how it works, and even being able to upgrade all aspects of it sounds rather appealing.
Without privacy in mind, the phone is a bit trashy- but the low price point makes it affordable and disposable, and the ability to install what you want gives you control.
With privacy in mind, total control of your device spells out absolute freedom. Install what system you like, remove what software you like, upgrade the hardware if you prefer, or just use the device as a display. It's all up to you, and no one is there to stand in your way or snoop in on you.
About PureOS
PureOS is effectively a heavily modified Debian Linux, with extreme security fixes applied, a custom environment tailored specifically to smartphones that is actually GNOME 3 but also modified, and it's on-screen keyboard software and other odds and ends leave it feeling like a full-fledged smartphone system.
Because PureOS is effectively Debian, this means it is possible to connect full-fledged keyboards and monitors to the phone and use it as a makeshift desktop, use it as a portable development environment, and actually do more than just what a smartphone is capable of.
Normally, PureOS only ships on the Purism Librem smartphone line, which is a bit expensive for regular consumers- so having the ability to use it on devices that are less expensive is awesome for people on a budget, or those who like to tinker.
Until Next time!
Liked This Content? Check Out Our Discord Community and Become an email subscriber!
0 notes
Text
Lock Down Your Laptop With OpenBSD: Part 2
So you've got a nice fresh OpenBSD install on your laptop, and you're excited to use it. However the desktop environment it comes with is absolutely horrifying to use. Following up from the installation of OpenBSD found on This Blog Post, it is time to tweak out OpenBSD to have a nice and custom desktop tailored to your needs.
I will be configuring i3 window manager, although the setup process for a more well-known desktop environment (like GNOME or XFCE) is very similar in terms of setup.
Since I opted for i3, there's a lot more manual configuration- but the reward is much greater in terms of the ability to customize it. Anyways, this machine doesn't configure itself- so lets dive right in!
Installing Required Software
I wanted for a somewhat custom look, so this is what I set out to install:
i3-gaps
i3status
rofi
rxvt-unicode
chromium (yes, it's modded by the developers)
irssi
w3m
vim
openbsd-backgrounds (because it contains the xwallpaper app)
To install these, I logged in as root and ran the following command in the terminal (once connected to internet):
pkg_add i3-gaps i3status rofi rxvt-unicode chromium irssi w3m vim openbsd-backgrounds
With this completed and out of the way, configuration of the OS is now much easier and we're ready to actually begin configuration.
First Tweaks
There's a console at the login prompt that isn't my taste, so I wanted to disable it. To do so, run:
sed -i 's/xconsole/#xconsole/' /etc/X11/xenodm/Xsetup_0 echo 'xset b off' >> /etc/X11/xenodm/Xsetup_0
The first command comments out the execution of XConsole at the login screen, while the second one disables system beeps at the prompt.
Next thing is enabling the ability to save us some battery life, since we are installing on a laptop:
rcctl enable apmd rcctl set apmd flags -A rcctl start apmd
Apmd is the Advanced Power Management Daemon, and automatically handles the power draw for your system for you.
Since I created a user other than root during installation (let's call the username joe), it's critical to give the account access to doas.
echo 'permit persist keepenv joe' > /etc/doas.conf
The doas command on OpenBSD is actually slated to be the successor to sudo on most platforms, due to it's simplicity and ease of use. Many Linux systems already provide doas as an alternative to sudo due to how well it runs, and this one line just grants the same access you would normally have when using it. However, you can also restrict the access to specific commands depending on the user.
We want to also make the user a member of the staff group, as this group has access to more system resources than plain old users:
usermod -G staff joe
While we're at it, we might as well bump up some of the resource limits even further so our system will run like a dream.
Modify the staff: entry in /etc/login.conf to look like this:
staff:\ :datasize-cur=1024M:\ :datasize-max=8192M:\ :maxproc-cur=512:\ :maxproc-max=1024:\ :openfiles-cur=4096:\ :openfiles-max=8192:\ :stacksize-cur=32M:\ :ignorenologin:\ :requirehome@:\ :tc=default:
Then, append this to /etc/sysctl.conf:
# shared memory limits (chrome needs a ton) kern.shminfo.shmall=3145728 kern.shminfo.shmmax=2147483647 kern.shminfo.shmmni=1024 # semaphores kern.shminfo.shmseg=1024 kern.seminfo.semmns=4096 kern.seminfo.semmni=1024 kern.maxproc=32768 kern.maxfiles=65535 kern.bufcachepercent=90 kern.maxvnodes=262144 kern.somaxconn=2048
NOTE: If a setting exists already and is already higher than what you plan to replace it with, don't touch it. You'll just slow the system down.
What this does is allow for larger amounts of memory to be used by the user and allows the OS to have larger amounts of shared memory.
Awesome, Now let's get suspend working! First we need to run
mkdir /etc/apm
and then append the following to /etc/apm/suspend:
#!/bin/sh pkill -USR1 xidle
We can now run chmod +x /etc/apm/suspend and it will work properly.
Reboot to apply these changes.
FINALLY Setting Up The Desktop
First things first, we will want to configure GTK because the default keybindings are that of emacs- and ~~it stinks~~ gets the job done, but I don't prefer it. To switch to more normal keybindings, run the command
mkdir -p ~/.config/gtk-3.0
and then append the following to ~/.config/gtk-3.0/settings.ini:
[Settings] gtk-theme-name=Adwaita gtk-icon-theme-name=Adwaita gtk-font-name=Arimo 9 gtk-toolbar-style=GTK_TOOLBAR_ICONS gtk-toolbar-icon-size=GTK_ICON_SIZE_SMALL_TOOLBAR gtk-button-images=1 gtk-menu-images=1 gtk-enable-event-sounds=1 gtk-enable-input-feedback-sounds=1 gtk-xft-antialias=1 gtk-xft-hinting=1 gtk-xft-hintstyle=hintslight gtk-xft-rgba=rgb gtk-cursor-theme-size=0 gtk-cursor-theme-name=Default gtk-key-theme-name=Default
Now we need to copy the default i3status to /etc:
cp /usr/local/share/examples/i3status.conf /etc
Failure to do this will cause i3status to crash on launch.
Lastly, let's configure i3 to actually launch. Open /etc/X11/xenodm/Xsession in a text editor and go to the end of the text file. There will be a portion saying exec fvwm. Remove that line entirely and replace it with exec i3. Now search for anything in this file saying xconsole and remove it (this prevents automatic launching of a console in your desktop.)
If running Intel Integrated Graphics, it may be wise to do one final modification to prevent screen tearing. To do this, run the following command:
mkdir /etc/X11/xorg.conf.d
This makes the xorg.conf.d directory. Now append the following contents to /etc/X11/xorg.conf.d/intel.conf:
Section "Device" Identifier "drm" Driver "intel" Option "TearFree" "true" EndSection
This configures OpenBSD to play more nicely with your Intel Integrated Graphics.
Finally, type reboot to reboot your system. You should be able to log in as your normal user and have access to i3 window manager. It will provide a "first startup" wizard to go through. If unfamiliar with i3, it is a tiling window manager that uses keyboard shortcuts to manipulate windows.
Once the configuration has been generated, we will need to configure i3 a bit further to allow for rofi and urxvt to work. To tweak these, we first need to edit our /etc/.Xdefaults file and add the following contents (note- this is the longest part of the entire task of getting a desktop working):
! === Rofi colors rofi.color-window : argb:c82d303b, #7c8389, #1d1f21 rofi.color-normal : argb:3c1d1f21, #c4cbd4, argb:96404552, #4084d6, #f9f9f9 rofi.color-urgent : argb:2c1d1f21, #cc6666, argb:e54b5160, #a54242, #f9f9f9 rofi.color-active : argb:2c1d1f21, #65acff, argb:e44b5160, #4491ed, #f9f9f9 rofi.font : Noto Sans 14 rofi.hide-scrollbar : true ! === URXVT URxvt*geometry : 80x30 "URxvt.font : 9x15 !Special Xft*dpi : 96 Xft*antialias : true Xft*hinting : true Xft*hintstyle : hintslight Xft*rgba : rgb URxvt.cursorUnderline : true URxvt*font : xft:Monospace:size=14:antialias=true URxvt*letterSpace : -2 URxvt.background : #1d1f21 URxvt.foreground : #c5c8c6 URxvt.cursorColor : #c5c8c6 urxvt*transparent : tue urxvt*shading : 30 URxvt*saveLines : 0 URxvt*scrollBar : false !black urxvt.color0 : #282a2e urxvt.color8 : #373b41 !red urxvt.color1 : #a54242 urxvt.color9 : #cc6666 !green urxvt.color2 : #8c9440 urxvt.color10 : #b5bd68 !yellow urxvt.color3 : #de835f urxvt.color11 : #f0c674 !blue urxvt.color4 : #5f819d urxvt.color12 : #81a2be !magenta urxvt.color5 : #85678f urxvt.color13 : #b294bb !cyan urxvt.color6 : #5e8d87 urxvt.color14 : #8abeb7 !white urxvt.color7 : #707880 urxvt.color15 : #c5c8c6
This chunk of configuration sets rofi (our app launcher) into dark mode, and changes the default terminal colors to be a little easier on the eyes with a dark theme instead of a eye-scorching manilla color... Only one change to go!
Wrap-Up
Open ~/.config/i3/config in your editor and go around 45 down. You will notice a section that says "Start a terminal". We want to change it's corresponding command to this:
bindsym $mod+Return exec /usr/local/bin/urxvt
This sets the i3 hotkey combo to execute urxvt instead of xterm.
Awesome! Since i3-gaps is installed, gaps between windows can be set up and configured if preferred. Otherwise, configuration is done, and you're able to install other software that you might want, such as Libreoffice, VLC, PCManFM, and other useful utilities (or games?)
Lastly, to set your desktop background, download a picture and save it to your preferred directory. In my case, it's located at /home/w00t/Pictures/wallpaper.png. Using my download location, I appended the following line to ~/.config/i3/config:
exec --no-startup-id "xwallpaper --stretch /home/w00t/Pictures/wallpaper.png"
Now my desktop wallpaper automatically sets itself on login.
There's other tweaks you can make- but this is meant to be enough to get to a system that's comfortable to work in and have an enjoyable time with OpenBSD. Until Next Time!
Source For Some Config Files: C0ffee.net
Liked This Content? Check Out Our Discord Community and Become an email subscriber!
#81a2be#7c8389#1d1f21#282a2e#f0c674#85678f#b294bb#f9f9f9#8c9440#b5bd68#a54242#373b41#de835f#5e8d87#8abeb7#xconsole#c4cbd4#cc6666#c5c8c6#5f819d#4084d6#65acff#4491ed
0 notes
Text
Lock Down Your Laptop With OpenBSD
In today's hyper-connected world, it grows increasingly important to have all devices that have an internet connection locked down- not for hiding data but to protect from having day-to-day life completely sabotaged. One may have already locked down their accounts and data about them online, but what if they want to "amp it up" to the next level?
The Problem
It's known that by using Windows or MacOS, you have agreed to Terms of Service that include the upload of their private files to their infrastructure- even if you didn't want it to go on the internet. In Microsoft-Land, this means all your files are scanned and uploaded to Microsoft's infrastructure where they can build a profile on you. Apple happens to engage in similar practices. On top of this, Windows is known for having the most viruses and rootkits in the world while MacOS currently has the record for the most adware in the world. Viruses and rootkits are basically system exploits, while adware is an attack on the web browser, forcing ads to pop up even if you have an ad blocker.
To add further discomfort, the leaks made by ex-CIA/NSA official Edward Snowden from years past verified that there is something called FISA court- a top secret US-based court of law that issues warrants for surveillance. Snowden took huge issues when he learned that the CIA and NSA built this program named XKeyScore, which behaves like a search engine that collects ALL information about people, including private things like Social Security Numbers and text messages. To do this, the FISA courts "rubber-stamped" (and still do) every surveillance request made by the CIA or NSA- allowing them to spy on U.S. Citizens without due process. Nowadays, laws have since been passed where FISA courts are irrelevant and the CIA and NSA can continue to do this.... And if the CIA and NSA are capable of gathering all the info you'd rather keep private, so is the stalker... or the creepy person next door... or the angry ex-husband/ex-wife...
Enter OpenBSD
OpenBSD began in 1995, where the founder Theo De Raadt took issue with the design approach of NetBSD- which traces it's ancestral roots all the way back to the original UNIX from the early 1980's. De Raadt was (and still is) a firm believer in correctness of code, extensive auditing of the code, and extreme levels of security. OpenBSD is widely considered to be the most secure Operating System on the planet, with the most bleeding edge technologies in cryptography and so on- to the point where some countries ban the OS for import even though that's unenforceable thanks to the internet. It is known for having sane and secure defaults in the installation, and several audits of the entire system's source code yearly. They are responsible for the invention of the applications sudo, openssl, libressl, ssh, pf, and pledge(). If familiar with any Linux/Unix command line, it's easy enough to notice that they invented some of the most common protocols utilized in locking down a system.
So let's get this set up on a laptop!
What You'll Need
A laptop with an Intel CPU that you don't mind wiping the hard drive of, ideally with an Intel Wireless AC 7260 wireless card or older
A 2 gb or larger flash drive
A wired and wireless network connection (We'll be messing with both)
An ethernet adapter if your laptop doesn't have an ethernet jack
For this installation, I used a Thinkpad T460 which has a 6th gen Intel i7 and (actually) an Intel Wireless AC 8260 WiFi Card.
Note: This tutorial is relevant to OpenBSD 6.7 and probably works for 6.6 as well. Because OpenBSD changes, the install method is subject to change over time as well.
Making The Install USB
First things first, we need to fetch a copy of the OpenBSD installer and flash it to our thumb drive. On Linux and MacOS, connect to the internet and run this command to download the image to your Downloads folder:
cd ~/Downloads && curl -OJ https://cdn.openbsd.org/pub/OpenBSD/6.7/amd64/install67.fs
Now for Linux, use lsblk to verify what the disk name is, or on MacOS use diskutil list to do the same.
Now run the command sudo dd if=~/Downloads/install67.fs of=/dev/<DISK> bs=1M, replacing <disk> with the name of the disk as recognized by the system. This will create the USB installer on these systems.
On Windows, download Win32DiskImager and download the OpenBSD image at [curl -OJ https://cdn.openbsd.org/pub/OpenBSD/6.4/amd64/install64.fs](curl -OJ https://cdn.openbsd.org/pub/OpenBSD/6.4/amd64/install64.fs). Use Win32DiskImager to flash OpenBSD to your thumb drive.
Booting The Installer
Great, we have our install USB. Now we need to power off, plug our Ethernet adapter in, connect the device via wired network, and plug our USB thumb drive in (while the machine is still off). Once this is done, pressing the power button again will show the boot screen and there's a key to spam to "Enter Setup". Commonly this is F12 or Delete. Here's an idea of what to look for:
A BIOS Boot Menu.
Use the arrow keys to highlight your USB and press "Enter" to boot from the OpenBSD Installer.
Performing The Installation
You should now be greeted by a terminal-based prompt asking you to (I)nstall, (U)pgrade, (A)utoinstall, or (S)hell:. We are going to type I here and press the enter key. Before we continue, it's important to note that the entire installation process is relatively simple in the sense that all the user needs to do is type the correct things in and the installer will do the rest.
First hurdle is the network connection- assuming you have an Intel wired network card (most laptops do), the ethernet device should be labelled em0 or em1. Configure this with dhcp. We cannot use wifi at the moment since the firmware isn't installed. It will also ask you if you wish to enable ssh, say no (this is a laptop) and don't allow root SSH login. Enable Xenodm- that's critical for a desktop, which can be configured later. You'll also be asked for the root user password and if you want to create additional users. for additional user creation, type your username and type a password.
We're almost done with the install! It will promptly ask what disk is your root disk. Since we're unsure, press ? and press enter. It should list something like
sd0: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX 254.3 G sd1: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX 15.6 G
Note: I redacted the names of my hard drives for privacy protection, but you will see the hard drive name and a little additional info in place of the X'es.
Awesome! Since we know we want to install to sd0 now, we type that in and press enter.
The last thing the installer needs is information on the "Location of Sets". This is BSD speak for where to find the files to install to the disk are. Since we have a network connection, let's use it and type http. It will promptly ask for a mirror, so type 1 and press enter (this will select the fastest mirror for you). Then press enter again.
There's a prompt to deselect sets you don't wish to install. This is for a more advanced installation and unnecessary as the default install is only 500-600 mb anyway. Proceed and continue with the install and it will fetch the latest and greatest OpenBSD software for your OS and install it for you. When done, the user just needs to hit "reboot" and remove the thumb drive.
Getting WiFi Working
All firmware will automatically install if you left the ethernet cable in after rebooting from the installer. Before rebooting to use the new firmware, let's apply the latest and greatest security patches for our system to finish the installation. Login as the "root" user and open a terminal. Now type syspatch and wait a few minutes for this to complete. When done, we can type halt -p to poweroff the system. From here, we can remove the ethernet cable and power back on.
Once the bootup is completed, we need to log in the "root" user once more to build our wireless configuration file, called hostname.if. First things first, run ifconfig in the terminal to verify the wireless card's name. The 3 most common ones to encounter are iwm, iwn and ath with a number following them. In my case, my wireless card is recognized as iwm0 and will use that for the rest of my examples. From here on out, replace iwm0 with the name of your WiFi card.
Let's scan for WiFi Networks by running the following commands in the terminal:
ifconfig iwm0 up ifconfig iwm0 scan
The first command gives the WiFi card some juice, the other scans for networks and returns the results. Read these results and look for something saying nwid, SSID, or BSSID. This is the name of the network to connect to. Make a note of this.
Now, we need to put contents in /etc/hostname.iwm0 (again, replace iwm0 with the name of your card!) Type vi /etc/hostname.iwm0 and a text editor will open, called vi.
Press the I key to enter "insert mode", and type the following:
# This Config File Designed by c0ffee.net join "YOUR_SSID" wpakey "YOUR_PASSPHRASE" # Swap with Your WiFi # you can specify other networks here too, in order of priority: # join "WORK_SSID" wpakey "WORK_PASSPHRASE" # join "OPEN_COFFEE_SHOP" dhcp inet6 autoconf up powersave
When done, press the Esc key then type in sequence :wq to save and exit. What we just did was told OpenBSD to automatically attempt connecting to the wireless hotspot you specified, then attempt to get an IP (network) address and give the card some juice. You can add more WiFi hotspots as time goes on to this config as well and it will attempt to connect in order of first to last.
With this done, reboot the system and during boot you should see mention of "Lease Accepted" for your WiFi card.
SUCCESS!
With the basic installation out of the way, stick around for part 2 where we configure a desktop to go with this nice new OpenBSD installation.
Source: C0ffee.net
Liked This Content? Check Out Our Discord Community and Become an email subscriber!
0 notes
Text
Reverse Engineering A Router Firmware Image
Odds are that if you're reading this blog, you own one of these:
These routers appear like closed-off boxes, with this "firmware" voodoo that you need to download and update it once every few months. However, what if it was possible to take apart a router image and discover how it works? Let's tear the D-Link DWR-956 Router's firmware apart and discover how it works.
What You'll Need To Follow Along
You will need the following to start ripping apart router images and figure out how they work:
A Linux/Unix Computer or Virtual Machine
An installed copy of dd, binwalk, and lzma
A copy of the D-Link DWR-956 Router Firmware image.http://ftp.dlink.ru/pub/Router/DWR-956/Firmware/2018.08.24-17.35_DWR_956RTL_3.0.3_release.bin
Getting Started
First things first, we will need to run binwalk on our .bin firmware image:
As you can see, this image consists of two parts: An LZMA compressed file (compare to a .zip or .rar file) and a SquashFS Filesystem, common for compressing a Linux or Unix OS into small space. It's important to make a note that the LZMA file starts at byte 0 (or 0x0 in hexadecimal) and fills up in size to an unknown length, while the SquashFS filesystem is located at byte 2949120 (or 0x2D0000 in hexadecimal). Let's make a note of this as we continue to pick this apart.
Get Me Some SquashFS
Alright, so let's extract the SquashFS file from the bin image using dd:
To explain this command, dd stands for data duplicator. It's a simple program that can be used in SUPER fancy ways, as it's capable of copying data bit-for-bit. dd takes an input file (the if= argument) and writes to an output file (the of= argument). We want to skip to byte 2949120, so we used the skip=2949120 argument, and we used bs=1 to tell dd to write to our linux output file in 1-byte increments. The status=progress thing gives us a way to track how much dd has written.
Great! We've plucked the SquashFS file out of the .bin image. Now let's decompress this filesystem to see what's inside. Run unsquashfs linux at the command line. When it completes, running the ls command to list folders and files will show that it's produced a folder called squashfs-root, which we can run cd squashfs-root and explore a bit.
Let's list the files inside this thing! Running find . | less gives us a scrollable terminal with a list of all files that came from this SquashFS file. It's immediately noticed that the system uses busybox for it's system binaries to keep it lightweight, and has website files in the srv directory. When it boots, it will become /srv. The Javascript is a little ugly, so we can throw it into a JS Pretty Printer tool, like the ones available online to make it more readable. We could dive deeper into this system image and even repackage the SquashFS image if we wanted to customize our router.
Recovering the LZMA
Now let's figure out what's in the LZMA archive:
In dd, we change the value of skip= to 0 because that's where the LZMA archive begins. We can then use count=2949120 to go byte-by-byte, stopping at where the SquashFS system starts. We also changed the of= to the value "unknown.lzma" to save a file called unknown.lzma. However this file will be corrupt because we're appending extra binary data to it with dd. We can fix this by performing lzma -d < unknown.lzma > UNKNOWN. This little trick in bash uses the < operator to feed the unknown.lzma file to the decompression program and uses the > operator to spew the results into a file called UNKNOWN. Even if the program returns an error, we'll at least wind up with some results we can look at.
Performing binwalk on the file UNKNOWN shows that it contains a Linux Kernel, certificates, and firmware- all files required to boot the router. We could extract each individual file using the same dd commands we used above and fully recover all the data. We can also tell that this router uses a realtek wireless card due to the binwalk output as well, and can also tell that the system was compiled using GCC version 4.8.5.
What Could To Do From Here?
If all the files were extracted from the LZMA and the SquashFS is extracted as well, it would be possible to repackage your own customized router image. Want to remove the Web Console and enable SSH so you can control it that way? Want to re-theme the Web Console to your liking? Want it to host a game server instead of behaving as a router? All of these are possible things one could achieve.
However, the code for this is licensed to the company that produced it (in our case, D-Link). Publishing these findings as Open Source could make people angry, unless a rewrite was performed to make it your own creative spinoff.
As one final note, there's so much more one can learn in terms of taking apart firmware and binaries to figure out how they work, and building this skill is crucial for any developer, security analyst or tinkerer if they want their projects to stand out.
See You Next Time!
Liked This Content? Check Out Our Discord Community and Become an email subscriber!
0 notes
Text
THIS MACHINE KILLS FASCISTS, A Discussion On Free Speech
In the early 1940s during World War 2, a world renowned rock-'n-roll guitarist named Woody Guthrie mustered up the courage to paint a slogan on his guitar, that would forever change the way we view the world and influence many people's views on the subject of free speech. After the publishing of one of his wartime songs, Guthrie painted "THIS MACHINE KILLS FASCISTS" onto his guitar. But Why Would He? Guthrie believed that the battle Freedom of Speech and Censorship was more important than the war between Good and Evil itself. Enough history, why is this viewpoint relevant to society today?
This post is different, I recently downloaded a videogame I remembered playing from several years ago, called Return To Castle Wolfenstein. It's considered to be cult classic game, but I learned it was banned to own or sell in Germany and a couple other countries, due to it's use of the Nazi Swastika. This got me thinking on the topic of censorship as it relates to the world we live in, why hackers should care, and how we can tackle this issue.
What Is Censorship?
Censorship comes from the root word censor, which means "to examin in order to suppress or delete anything considered objectionable" (definition courtesy of Merriam-Webster Dictionary). Due to the breadth of this definition, this means that NOT ONLY GOVERNMENTS can censor a society- society can censor themselves. An example of government-forced censorship would be the banning of books (such as how several countries ban the Bible or other books deemed "sacred") or the blocking of websites in a specific region. Society-induced censorship examples could be calling people "haters" for having alternative opinions and the creation of hate speech, intentionally disregarding any alternative opinion.
Why Does Freedom Of Speech Matter?
If one is familiar with Orwellian novels or history from actual oppressive regimes such as Mussolini or Stalin, one common idea is always shared. This is the mindset of group-think, and getting society as a whole to think the same way as a like-minded whole. Hitler managed to brainwash an entire society into the hatred of the Jewish population, and all the others did similar things.
If we wish to prevent this oppressive fate, society must protect and encourage the ability to think for themselves- even if they don't wish to.
How Does This Tie Into Technology?
The Internet was formerly the ARPAnet project, a system to interconnect Universities for the purpose of enabling schools and students to better share ideas and work. It would eventually morph into the Internet which saw a massive increase in size and sharing of information, and still remains the largest source for information available to the human race. When hackers started traversing the wires and breaking into systems, the US Government promised security and began an absurd pattern of arrests and lawsuits.
The DMCA act was introduced, effectively allowing the creator of a copyrighted work to legally compel the removal of information from the internet, which resulted in numerous creative works being either deleted or removed. The NSA, FBI and CIA began an all-out assault against encryption, and are still trying to make encryption illegal, although privacy is a protected human right in the United States. Movie and record companies introduced Digital Rights Management (DRM), making it harder than ever to share derivative, creative works based on famous clips of audio/video. Human and Animal Rights Activists all around the globe started labeling people "haters" if they didn't entirely agree with their ideologies. Code of Conduct terms were introduced in numerous public domain projects to prevent people from speaking their mind. The list of these offenses goes on and on, all of them unexcusable offenses for those who claim to be guardians of free speech.
Why is this bad? IT HINDERS INNOVATION, CREATIVITY, LEARNING AND GROWTH.
On Fascism
According to Merriam-Webster dictionary, the words Fascism and Fascist come from the Italian root word fascio, or group. The term fascista was used to talk about the members of Mussolini's political organization, named Fasci di combattimento (combat groups). These "combat groups" adopted a bundle of rods with an ax as their insignia and wore black shirts, and became a symbol of complete and utter servitude to their government's authority. As this group was a "combat group" by nature, they would always disregard anyone else's opinions but their own, to the point of mass genocide in Italy.
Thus, a fascist is someone who violently opposes the free sharing of information and are completely subservient to some authority figure. One could easily argue that the modern bipartisan political system in the United States has encouraged such behavior on both sides, for both Republicans and Democrats, Right and Left. On the Right, we have pro-gun citizens who believe it's their God-given right to protect their land and often join militia groups to oppose anyone who disagrees. On the Left, we are seeing groups such as Antifa who are taking it upon themselves to destroy anyone or anything that questions the Black Lives Matter movement in the slightest.
This Isn't About Race Or Political Beliefs
If we were to ask the entire US population, around 90-93% of all people would agree that racism, corrupt politicians, and unethical companies are all bad things worth opposing. So why on earth are people becoming more and more divided? There are a few possible answers, neither of which are pleasant to think about:
There's a disagreement on the approach to solving these issues, and no one's willing to come to an agreeable solution.
People are actively looking for a reason to get into fights with one another.
People have let the idea of identity politics go too far, letting their beliefs become who they are- making their opinions rigid and immovable.
Whatever option is picked, the problem is clear as day: It's not about race, spending, political beliefs, global warming deniers, and so on. It's about giving opposing views the light of day in order to refine each other's view of the truth.
How Does This Apply To Tech Enthusiasts?
This arbitrarily imposed limitation on what techies can say and do effectively speaks death to their creativity. For example, the Linux kernel had a significant reputation for it's owner (Linus Torvalds) being very brash and offensive at the sight of poorly written code. He openly admitted several times that he was such, and has a zero tolerance policy for poorly written code in his project. As a political push, the Linux Kernel was forced to adopt a Code of Conduct with the reason being due to Torvald's (and others) behavior. With this code of conduct being extremely overreaching and taking control out of the owner's hands, it's become significantly harder to ensure the quality and openness of Linux. Other Open Source projects have seen this happen to them, and the quality of their code has greatly diminished while the quality of ones that haven't are greatly increased. For example, OpenBSD actively refuses to adopt a Code of Conduct, and they retain this "asshole-ish" behavior towards authors of bad code with the view that incompetence shouldn't be rewarded. Unsurprisingly, OpenBSD is widely seen as one of the most secure and reliable Operating Systems on Planet Earth.
This begs a huge question: If forcing people to speak a certain way results in reduced quality due to lack of involvement, should people be allowed to speak completely freely? For the sake of designing quality software and hardware that's meant to be used and perfected, the last thing that's needed is a set of rules to slow down the smartest people from expressing their ideas. The question ought to be posed as a moral question, asking whether or not it's an acceptable solution to use authority to force people to agree with others, even if they don't. Wouldn't it be much easier to just let someone hurt their own reputation if they wish to behave unprofessionally?
A Potential Solution
After a bit of a test run, it seems as though allowing free and unfettered speech in a ~400 member chat server seems to work extremely well, provided a system is designed to encourage real discussion about even the hardest topics. For example, reminding people that they have their own reputation to uphold is huge (Some communities might opt to make use of a rule where a member can be removed forcibly through popular vote, where no vote counts as a vote against removal) and other things.
It's incredibly sad to see the academic and scientific world decay in this way, so it's a moral duty for hackers and tech enthusiasts to protect and retain the quality of information and projects, no matter the cost.
That's it, rant over. Back to your regularly scheduled program... :)
Liked This Content? Check Out Our Discord Community and Become an email subscriber!
0 notes
Text
THIS MACHINE KILLS FASCISTS, A Discussion On Free Speech
In the early 1940s during World War 2, a world renowned rock-'n-roll guitarist named Woody Guthrie mustered up the courage to paint a slogan on his guitar, that would forever change the way we view the world and influence many people's views on the subject of free speech. After the publishing of one of his wartime songs, Guthrie painted "THIS MACHINE KILLS FASCISTS" onto his guitar. But Why Would He? Guthrie believed that the battle Freedom of Speech and Censorship was more important than the war between Good and Evil itself. Enough history, why is this viewpoint relevant to society today?
This post is different, I recently downloaded a videogame I remembered playing from several years ago, called Return To Castle Wolfenstein. It's considered to be cult classic game, but I learned it was banned to own or sell in Germany and a couple other countries, due to it's use of the Nazi Swastika. This got me thinking on the topic of censorship as it relates to the world we live in, why hackers should care, and how we can tackle this issue.
What Is Censorship?
Censorship comes from the root word censor, which means "to examin in order to suppress or delete anything considered objectionable" (definition courtesy of Merriam-Webster Dictionary). Due to the breadth of this definition, this means that NOT ONLY GOVERNMENTS can censor a society- society can censor themselves. An example of government-forced censorship would be the banning of books (such as how several countries ban the Bible or other books deemed "sacred") or the blocking of websites in a specific region. Society-induced censorship examples could be calling people "haters" for having alternative opinions and the creation of hate speech, intentionally disregarding any alternative opinion.
Why Does Freedom Of Speech Matter?
If one is familiar with Orwellian novels or history from actual oppressive regimes such as Mussolini or Stalin, one common idea is always shared. This is the mindset of group-think, and getting society as a whole to think the same way as a like-minded whole. Hitler managed to brainwash an entire society into the hatred of the Jewish population, and all the others did similar things.
If we wish to prevent this oppressive fate, society must protect and encourage the ability to think for themselves- even if they don't wish to.
How Does This Tie Into Technology?
The Internet was formerly the ARPAnet project, a system to interconnect Universities for the purpose of enabling schools and students to better share ideas and work. It would eventually morph into the Internet which saw a massive increase in size and sharing of information, and still remains the largest source for information available to the human race. When hackers started traversing the wires and breaking into systems, the US Government promised security and began an absurd pattern of arrests and lawsuits.
The DMCA act was introduced, effectively allowing the creator of a copyrighted work to legally compel the removal of information from the internet, which resulted in numerous creative works being either deleted or removed. The NSA, FBI and CIA began an all-out assault against encryption, and are still trying to make encryption illegal, although privacy is a protected human right in the United States. Movie and record companies introduced Digital Rights Management (DRM), making it harder than ever to share derivative, creative works based on famous clips of audio/video. Human and Animal Rights Activists all around the globe started labeling people "haters" if they didn't entirely agree with their ideologies. Code of Conduct terms were introduced in numerous public domain projects to prevent people from speaking their mind. The list of these offenses goes on and on, all of them unexcusable offenses for those who claim to be guardians of free speech.
Why is this bad? IT HINDERS INNOVATION, CREATIVITY, LEARNING AND GROWTH.
On Fascism
According to Merriam-Webster dictionary, the words Fascism and Fascist come from the Italian root word fascio, or group. The term fascista was used to talk about the members of Mussolini's political organization, named Fasci di combattimento (combat groups). These "combat groups" adopted a bundle of rods with an ax as their insignia and wore black shirts, and became a symbol of complete and utter servitude to their government's authority. As this group was a "combat group" by nature, they would always disregard anyone else's opinions but their own, to the point of mass genocide in Italy.
Thus, a fascist is someone who violently opposes the free sharing of information and are completely subservient to some authority figure. One could easily argue that the modern bipartisan political system in the United States has encouraged such behavior on both sides, for both Republicans and Democrats, Right and Left. On the Right, we have pro-gun citizens who believe it's their God-given right to protect their land and often join militia groups to oppose anyone who disagrees. On the Left, we are seeing groups such as Antifa who are taking it upon themselves to destroy anyone or anything that questions the Black Lives Matter movement in the slightest.
This Isn't About Race Or Political Beliefs
If we were to ask the entire US population, around 90-93% of all people would agree that racism, corrupt politicians, and unethical companies are all bad things worth opposing. So why on earth are people becoming more and more divided? There are a few possible answers, neither of which are pleasant to think about:
There's a disagreement on the approach to solving these issues, and no one's willing to come to an agreeable solution.
People are actively looking for a reason to get into fights with one another.
People have let the idea of identity politics go too far, letting their beliefs become who they are- making their opinions rigid and immovable.
Whatever option is picked, the problem is clear as day: It's not about race, spending, political beliefs, global warming deniers, and so on. It's about giving opposing views the light of day in order to refine each other's view of the truth.
How Does This Apply To Tech Enthusiasts?
This arbitrarily imposed limitation on what techies can say and do effectively speaks death to their creativity. For example, the Linux kernel had a significant reputation for it's owner (Linus Torvalds) being very brash and offensive at the sight of poorly written code. He openly admitted several times that he was such, and has a zero tolerance policy for poorly written code in his project. As a political push, the Linux Kernel was forced to adopt a Code of Conduct with the reason being due to Torvald's (and others) behavior. With this code of conduct being extremely overreaching and taking control out of the owner's hands, it's become significantly harder to ensure the quality and openness of Linux. Other Open Source projects have seen this happen to them, and the quality of their code has greatly diminished while the quality of ones that haven't are greatly increased. For example, OpenBSD actively refuses to adopt a Code of Conduct, and they retain this "asshole-ish" behavior towards authors of bad code with the view that incompetence shouldn't be rewarded. Unsurprisingly, OpenBSD is widely seen as one of the most secure and reliable Operating Systems on Planet Earth.
This begs a huge question: If forcing people to speak a certain way results in reduced quality due to lack of involvement, should people be allowed to speak completely freely? For the sake of designing quality software and hardware that's meant to be used and perfected, the last thing that's needed is a set of rules to slow down the smartest people from expressing their ideas. The question ought to be posed as a moral question, asking whether or not it's an acceptable solution to use authority to force people to agree with others, even if they don't. Wouldn't it be much easier to just let someone hurt their own reputation if they wish to behave unprofessionally?
A Potential Solution
After a bit of a test run, it seems as though allowing free and unfettered speech in a ~400 member chat server seems to work extremely well, provided a system is designed to encourage real discussion about even the hardest topics. For example, reminding people that they have their own reputation to uphold is huge (Some communities might opt to make use of a rule where a member can be removed forcibly through popular vote, where no vote counts as a vote against removal) and other things.
It's incredibly sad to see the academic and scientific world decay in this way, so it's a moral duty for hackers and tech enthusiasts to protect and retain the quality of information and projects, no matter the cost.
That's it, rant over. Back to your regularly scheduled program... :)
Liked This Content? Check Out Our Discord Community and Become an email subscriber!
0 notes
Text
Seekers- The Art of Finding Information
What is true online? How can you find useful information online? How can you verify the truth of something online? How can you learn more about current events, people or organizations and only get the statistical numbers?
These are legitimate questions, and with the dawn of the "fake news" misnomer, it's increasingly important to know how to search for verifiable, empirical information that can be measured (so you can form your own opinions, instead of believing whatever is the latest fad). Due to this, I personally feel morally obligated to share introductory techniques and tools of the trade of Seeking- gathering useful and actionable information.
This blog post is dedicated to Francesco Vianello (1952-2009). May you continue to rest in peace, and may your wisdom continue to be useful to us all.
Getting Started
Before we begin to do some deep digging, we'll need to have a few programs at the ready. You MUST have a text editor, a way to edit spreadsheets, and Tor Browser. Tor Browser is important because it becomes harder to track your current location, allowing you to bypass location filters.
Why don't we attempt to dig up some of the latest research on COVID-19, and and see what sorts of things we can uncover?
Preparations
Awesome, so let's go and open our text editor and make it look like this:
### SCOPE ### Digging for the latest research on COVID-19. ### QUERY ### ### USEFUL DOMAINS ### ### NOTES ### ### EXTRA LINKS ###
We don't have any search terms yet, so let's do a little "sub-research" before we design our search terms. We're after research information, so it might be a smart idea to look for medical journals. Let's fire up Tor Browser and go to google. We're looking for medical journals right now, so let's search for it. Apparently, Wikipedia has a nice comprehensive list of them, so let's fill in our text documentation accordingly:
### SCOPE ### Digging for the latest research on COVID-19. ### QUERY ### ### USEFUL DOMAINS ### https://journals.lww.com/ http://scielo.sld.cu/ https://onlinelibrary.wiley.com/ https://www.journals.elsevierhealth.com https://www.sciencedirect.com/ https://www.hindawi.com/ http://www.bjmp.org/ http://www.cmj.org/ http://www.journalonweb.com/ http://www.eurjmedres.com/ ### NOTES ### - Found a list of various medical journals and their corresponding sites on Wikipedia, through the listed hyperlinks. ### EXTRA LINKS ### - https://en.wikipedia.org/wiki/List_of_medical_journals
Awesome! This should be enough info to start gathering research papers and other goodies having to do with COVID.
Digging Deep
Awesome! We will now need to construct a list of possible search terms to narrow down EXACTLY what we're looking for. Enter the world of Google Dorking- the construction of special Google search queries to get specific information. The AND, OR, parentheses, etc. operations are all supported. Check This Link for a cheatsheet on various queries you can use to your advantage: https://gist.github.com/sundowndev/
Now, let's build a query! (intitle:"COVID" OR intitle:"COVID-19" OR intitle:"COVID-19") AND (domain:"journals.lww.com" OR domain:"scielo.sld.cu" OR domain:"onlinelibrary.wiley.com" OR domain:"www.journals.elsevierhealth.com" OR domain:"www.sciencedirect.com" OR domain:"www.hindawi.com" OR domain:"www.bjmp.org" OR domain:"www.cmj.org" OR domain:"www.journalonweb.com" OR domain:"www.eurjmedres.com") AND (type:"pdf" OR type:"epub" OR type:"txt")
Bad news: This query is too long and doesn't turn up enough results, so we'll need to modify it a bit: COVID AND (domain:"journals.lww.com" OR domain:"scielo.sld.cu" OR domain:"onlinelibrary.wiley.com" OR domain:"www.journals.elsevierhealth.com" OR domain:"www.sciencedirect.com" OR domain:"www.hindawi.com" OR domain:"www.bjmp.org")
Now, let's read through our Google results and update the documentation once more:
### SCOPE ### Digging for the latest research on COVID-19. ### QUERY ### COVID AND (domain:"journals.lww.com" OR domain:"scielo.sld.cu" OR domain:"onlinelibrary.wiley.com" OR domain:"www.journals.elsevierhealth.com" OR domain:"www.sciencedirect.com" OR domain:"www.hindawi.com" OR domain:"www.bjmp.org") ### USEFUL DOMAINS ### ---CORE LINKS--- - https://journals.lww.com/ - http://scielo.sld.cu/ - https://onlinelibrary.wiley.com/ - https://www.journals.elsevierhealth.com - https://www.sciencedirect.com/ - https://www.hindawi.com/ - http://www.bjmp.org/ - http://www.cmj.org/ - http://www.journalonweb.com/ - http://www.eurjmedres.com/ ---TO DIG FURTHER INTO--- - https://www.reddit.com/domain/onlinelibrary.wiley.com/ - https://www.reddit.com/domain/journals.lww.com/ - https://help.oclc.org/Library_Management/EZproxy/Database_stanzas/Wiley_Online_Library ---FOUND--- - https://www.doh.gov.ph/doh-press-release/DOH%2C-OTHER-AGENCIES-WORK-TO-PREVENT-COVID-19-IN-CLOSED%E2%80%93SETTING-FACILITIES - https://www.icrc.org/en/download/file/118825/icrc_covid-19_response_infographic_05_may_release.pdf ### NOTES ### - Found a list of various medical journals and their corresponding sites on Wikipedia, through the listed hyperlinks. - Discovered Wiley Online Library URL list. ### EXTRA LINKS ### !!! https://en.wikipedia.org/wiki/List_of_medical_journals
Wait, I Don't Get These Queries!
These queries use a syntax that is remniscient of a SQL language, with a bunch of quirks. To get exactly what we want, Google offers a bunch of special things you can use to search with (We lovingly call them "Dorks") that enable you to search for more precise things. For example, intext: lets you search the text of a webpage/document while type: lets you search by filetype. When paired with logical AND's and OR's and put in parentheses, we get a really custom search, tailored to find exactly what we want.
Continuing On
We could continue further by developing more search queries and diving deeper into the sources. For the sake of brevity and simplicity, we could stop here to analyze the information we gathered and determine if we wanted to dive in deeper and use more advanced tools, such as Maltego, Shodan, etc.
This is only an INTRODUCTION to this art of seeking information, but here's the core concepts to remember: - Plan and do some information gathering about related entities before you dive into hard-core researching. - DOCUMENT WHAT YOU DO! This is critical, so you can go back and narrow down your findings and smartly develop new searches (thus saving time that would otherwise be wasted) - Do research in a cycle- get related entities, document related entities, dig for information on target, document findings, read through findings, repeat until satisfied.
Following this process is a little more taxing on the mind, but it produces plentiful results and you're bound to find truth. On top of this, you will also gain the ability to find rare files, books and programs that are hidden deep within the bowels of the internet. For the technically savvy, it is possible to automate this process to find specific things online, using a programming language as simple as Python.
Until Next Time!
Liked This Content? Check Out Our Discord Community and Become an email subscriber!
0 notes
Text
Privacy For The Practical
Ever since the revelations of Edward Snowden and learning about the fact that the United States Government implements and utilizes commercial-grade equipment to spy on society, there's been an ongoing battle for personal privacy. Most don't do this because they have things to hide, but because they have important things to protect, like their banking information or previous addresses. With the rise of major technology companies and governments at the helm of new technical innovations and controlling most people's everyday lives, it becomes people's responsibility to carefully handle their personal information- both online and offline. For those unfamiliar, this blog post seeks to provide a "quick start guide" on how one can protect their info from malicious actors, governments, and so forth.
Data Aggregation
How do big tech companies make money? Let's use Amazon as an example- since they are forced by law to disclose their earnings on all the companies they own, we can easily tell that Amazon actually LOSES MONEY on their main retail site that a user buys products on. Huh? How does this work? As it turns out, advertising companies pay vast sums of money for actionable leads, or information that can lead to a conversion, or a customer visiting their page or store and making a purchase. Naturally for a company such as Amazon to draw a profit from this, they need to collect and resell user data.
Who On Earth Buys This Information?
If you have visited sites similar to Whitepages.com, odds are that you may be familiar with what this sort of data is used for. It's collected on a MASSIVE scale and used for marketing, Open-Source Intelligence (how hackers, the CIA and NSA all get your personal info), COVID-19 contact tracing, and more. Some of the major sites are Intelius.com, Whitepages.com, and [Pipl.com][https://pipl.com]. Other marketing agencies may also collect your valuable private information.
Okay, How Do I Stop This?
If you opted to create social media accounts, there are a few ways to remove information from the internet: - Google search yourself, deleting old accounts and opting out of sites like Whitepages. - Pay a privacy management service online. There are several of these. - Hire a Private Investigator to remove your information for you (this is the most expensive option).
Fortunately, most data aggregators have a tiiiiny little "DO NOT SELL MY INFORMATION" button at the bottoms of their pages, which you can utilize to remove the offending information.
Insecure Software
It has been proven numerous times that taking a proactive approach towards digital security is the ONLY way to mitigate security issues as they arise. Many well-known programs and systems have an extremely poor reputation for being horribly insecure, and it is recommended to avoid them at all costs. For the sake of brevity, we won't cover this in depth, but will instead provide recommended software:
RECOMMENDATIONS: Operating System: Qubes OS, OpenBSD, Whonix Password manager: Keepass X/variants Web Browser: ungoogled-chromium, iceweasel, Tor Browser Email service: lavabit, protonmail Filehosting: rent a VPS in switzerland and selfhost NextCloud Voice/Video Conferencing: Jitsi meet Phone Calls/SMS: Signal App
Physical Security
An important thing many people claim to have "on point" is their physical security. This may involve the installing of locks for the doors to your home, ensuring a laptop isn't left unlocked in public, etc. However, many leave gaps in what measures can be made.
The Mail
Did you know it's possible to read other people's mail by simply holding the closed envelope to light or spraying freon gas (sold in magic shops) against the envelope, which will temporarily make the envelope transparent? As it turns out, the simplest way to prevent this from happening is to wrap your mail in foil before putting it in an envelope. This makes it resistant to light and resistant to gases like freon.
Locks and Doors
Lockpicking is a growing sport, and as a result the bypassing of doors is becoming easier and easier to perform. To ensure nobody enters rooms or buildings they aren't supposed to be in, it's crucial that the doors be properly fitted to their frames and have higher end locks and latches installed to deter wannabe thieves.
What Do "Hackers" Do?
Hackers are seen as the proverbial bad guy who attacks computers and IT infrastructure, but an etymology of the word implies that people who are hackers love to innovate and creatively solve new and interesting problems. The common worry is the "cracker", or a person who breaks (cracks) other's security measures set in place for fun or for profit.
These attacks may or may not be performed with any malicious intent- just for the sake of exploration. However, this does mean that there is something to be learned. If an attacker compromises your security in any way, shape or form it is critical to institute a means of mitigating the way they gained access.
On top of this, it's not uncommon for crackers and hackers alike to be hired and found working in professions such as a Security Analyst role, due to their intense eye for detail and passion for how things work.
Without Further Ado...
This is by no means a comprehensive guide on personal privacy, but rather a means to get started. On top of this, it's important to remember that nothing will EVER be fully secure. So, if anyone wishes to obtain that elusive private life, they will have to keep up with the times and actively work to ensure privacy is their #1 concern.
I will continue to post more on privacy-related content as time goes on, but since this is such a vast field it is critical that anyone concerned perform their research and due diligence.
Thanks for reading!
Liked This Content? Check Out Our Discord Community and Become an email subscriber!
0 notes
Text
Designing Custom Cryptographic Systems: Part 3
This post has been long in coming. For those who haven't read the previous posts in this series, below are links to bring you up to speed.
In Part 1, we covered the basic mathematical information and technical information required to understand and begin to implement your own cryptography. Part 1: HERE
In Part 2, we set up a Cryptographically Secure Pseudo-Random Number Generator to be used by our cryptographic algorithms. Part 2: HERE
If you're stuck, the previous posts may help with bringing you up to speed. Now, let's add in the hashing algorithm!
Hashing? What's that?
A Hashing Algorithm is this carefully crafted program that takes a string as an input, performs a bunch of cryptographic functions on it, and spits out a fixed-length string that appears to be random. However, if you compute the hash again with the same string, you will achieve the same output.
A sample hashing function could be a simple XOR operator. You take random bytes to produce "entropy" for the hashing function, saving the information somewhere. Then you could just XOR the string with the saved random bytes, chopping the hash off at a fixed length. This is known to be highly insecure as performing an XOR against itself is effectively an inverse operation and will undo the work of creating a hash.
Since we are simply using a hashing function on our CSPRNG to produce more useful randomness (effectively increasing the efficiency), we can afford to use a hashing algorithm that has been compromised as there's no user data flowing through it.
Wait, Compromised?
Yes. Remember that we're simply using SHA512 to produce more bytes of pseudorandom information that our cryptographic system can utilize, by feeding it small amounts of pseudorandom characters (characters are actually integers from 0-255 in C).
Due to this, performance matters more than security. SHA512 isn't the most performant, but it's high bit modulus means that the algorithm will have some level of security as well. However, the REAL security will come from our encrypted asymmetric keys. Some argue that this is entirely unnecessary and in the final version of this program, we may even eliminate this bit of code if deemed not necessary.
The Implementation
For our hashing algorithm, we are going to borrow the Free Software Foundation's implementation of SHA512 and take a look at a sample implementation by ggaarder on GitHub, located here.
We notice that SHA512 uses 64 bit integers, and for compatibility, a custom headerfile was included to allow other architectures to process 64 bit numbers as if they were uint64_t (Thanks, Paul Eggert for your contribution to Open Source Software!).
Along with these two things, sample usage of the program is provided:
#include <inttypes.h> #include <stdio.h> #include <stdint.h> #include "sha512.h" #define F "sha512.c" #define F1 "sha512.cp" void psum(char *out) { char *p; for (p = out; p < out+64; p += 8) { // 8 byte is 64 bit printf("%lx", *(uint64_t*)p); } } int main(void) { FILE *fp = fopen(F, "rb"); char out[64]; sha512_stream(fp, out); psum(out); putchar('\n'); fp = fopen(F1, "rb"); sha512_stream(fp, out); psum(out); }
As we can see, this code involved the opening of the file SHA512.c in binary read-only mode, computing a sha512 stream using the contents of the file pointer and assigning it to a char array of size 64. the psum() function allows the printing of the array to standard output. So if we integrated this with our CSPRNG (so we can produce pseudorandom characters), we would need to make our CSPRNG produce pseudorandom strings and then use those for SHA512.
We would need to do something like this:
#include <stdio.h> #include <string.h> #include <stdlib.h> #include <inttypes.h> #include <stdint.h> #include <string.h> #include "duthomhas/csprng.h" #define MESSAGE "message.txt" extern int csprng_get(CSPRNG, void* dest, unsigned long long size); extern CSPRNG csprng_destroy(CSPRNG); // Our implementation of the CSPRNG void * randstuff(void * x) { CSPRNG rng = csprng_create( rng ); // create CSPRNG if (!rng) { //if the CSPRNG fails to load fprintf( stderr, "%s\n", "No CSPRNG! Crap." ); exit(1); //crash and return an error } csprng_get(rng, &x, sizeof(x)); // use CSPRNG rng = csprng_destroy(rng); // destroy the CSPRNG return x; } // Print out Hash void psum(char *out) { char *p; for (p = out; p < out+64; p += 8) { // 8 byte is 64 bit printf("%lx", *(uint64_t*)p); } } // Main function int main(void) { char rand[64]; //To be filled with random garbage char hash[64]; //To hold the hash int errchk; FILE * fp; // Wipe the values in allocated memory before assignment. memset(rand, '\0', sizeof(rand)); memset(hash, '\0', sizeof(hash)); strcpy(rand, randstuff(rand)); // assign randstuff to rand. /* CREATE TEMPFILE FOR SHA512 */ fp = fopen(MESSAGE, "w+"); // open message.txt for writing for (int i=0; i<(sizeof(rand)/sizeof(char)); i++) { //loop through each item in rand, creating a tempfile //with pseudorandom content. fprintf(fp, "%c", rand[i]); } fclose(fp); /* CALCULATE SHA512 HASH */ fp = fopen(MESSAGE, "rb"); // Open file called message.txt sha512_stream(fp, out); psum(out); fclose(fp); errchk = remove(MESSAGE); if(errchk != 0) { printf("Error deleting entropy file. CSPRNG may be compromised.\n"); } return 0; }
Note that this code doesn't have error checking, and it's just the raw algorithm. We will fix that in a coming post.
To explain what was added, we utilized the same CSPRNG code from before and assigned it to an array called rand. Since the SHA512 calculation requires a FILE data type (an Input/Output stream), we need to write the contents of rand to a temporary text file character by character. In doing so, we can calculate the SHA512 hash of the randomness, print it to standard output courtesy of the psum() function, and then remove the temporary file by calling the remove() funtion.
In the future, it might be smart to create a second temporary file to write the SHA512 hash to and delete the first, but time will tell if we need to make this change.
With this code tested and working, we can proceed onward to the design and implementation of our Elliptic Curve Diffie Hellman Algorithm to allow for asymmetric encryption!
Liked This Content? Check Out Our Discord Community and Become an email subscriber!
0 notes
Text
Understanding Computer Architecture
I was reading old blog posts and realized I didn't touch on a CRITICAL piece of the puzzle to understanding computing... How your device actually works. This post aims to remediate this and provide a "one-stop" guide from understanding the low-level circuitry to how that allows people to program on their devices.
No computers were harmed in the making of this post. No, seriously.
The Electronics
Everything in a computer is a 1 or a 0. Many people call this true or false, or even on or off. Whatever you may call it, it's the basis for boolean (digital) logic. When you use a series of true or false statements, you are making use of the binary number system. Instead of having a 10's, 100's, 1000's etc place there's powers of 2. so 11111111 would equal 255, because 1+2+4+8+16+32+64+128=255. This is similar to how we would calculate what 255 equals- 200 + 50 + 5 = 255.
Now, we can use logic gates to perform mathematical operations on binary numbers. AND ('+' sign), OR ('-' sign), XOR ('+' sign with a circle around it), NOT ('!' mark), and NAND are the building blocks. Each one have unique properties, some are self-explanatory. If you feed 2 binary digits as input to each logic gate, it will spit out an output. 1 AND 0 will produce 1, but so will 1 OR 0... Huh? This is because you can have more than 2 inputs. Digital logic aside, we can pair these together to design different electronic components.
For our sample computer architecture, we will use a modified Von Neumann architecture, adapted so it's more in line with modern computers.
Memory
Every computer has multiple different kinds of memory, EEPROM, PROM, EPROM, DRAM, SRAM, NAND Flash and so on. What the heck is all this stuff?
Let's start by explaining that ever computer needs various types of storage. First off, we need Random-Access Memory (RAM) to temporarily hold results of various calculations to allow for calculations to run smoothly. The two main types of these are DRAM (Dynamic RAM) and SRAM (Static RAM). DRAM loses it's contents upon loss of power, while SRAM retains it until it regains power.
An actual 16 bit DRAM chip sample pinout.
RAM sticks are EXTREMELY fast but aren't good for extreme long-term storage, like our computer's BIOS and bootloader (the little screen that pops up when you press the power button). To achieve this, various ROM (Read-Only Memory) chips are available. Electrically Erasable Programmable ROM (EEPROM) chips, Programmmable ROM (PROM), and so forth are available for this purpose.
But what about user files? Enter NAND Flash and Spinning Disk Drives. NAND Flash (guess what it's made of?) is the new kid on the block, with it's own unique technologies that make it extremely fast and useful for storing user data, generally functioning like SRAM but not deleting data after power cycles. Spinning Disk Drives are still commonly found in enterprise areas and surveillance due to cheap pricing, and they use mechanical disks with magnetic "tracks" in concentric rings to store data, with a read/write head to manipulate the info.
The Processing Units
Every Computer has a CPU, though ones with graphical displays also have a GPU (which can be treated as a task-specific CPU for intents and purposes). In the old days, the CPU only consisted of one component: the processor. It left out other critical components like the system clock as it was often soldered onto the mainboard (motherboard).
The CPU (Central Processing Unit) is another chip, designed out of a series of logic gates, that takes a series of inputs (by giving power to various combinations of pins on the CPU) and spits out calculations based on them, effectively allowing it to perform multiplication, addition, addition, and so forth. When paired with a real-time system clock, the CPU becomes able to execute operations in sequence- forming machine code as we know it. Now, some modern CPU designs opt to include the system clock into the CPU itself and some don't nowadays, it's just an important thing to understand how it works.
A CPU and it's pins.
A CPU contains it's own "memory", called registers, that allow for the temporary storage of small amounts of data for faster processing, as registers are the fastest places to store data on any system.
The Graphics Processing Unit, or GPU, functions just like a CPU. Modern graphics cards have their own special RAM connected to the GPU, while some other pins are connected to various chips that control different devices such as an HDMI slot for a monitor, with a ROM chip connected to the GPU that has firmware to power the device.
All of these things get connected together and powered to produce a fully working computer architecture.
The Code
The Assembler
If you asked someone to write a large program in machine code, they'd most likely either run away, laugh at you or ask you if you are crazy. This is simply due to the fact that Machine Code is ENTIRELY in Binary (although it can be expressed as hexadecimal). As a workaround, developers create Assembler Languages, which are effectively a simple translation of the arcane machine language operations from binary to things humans recognize. For example,
10001111 10001111 10011110
might look like this in an Assembly language:
MOV REG1 REG2;
According to our sample machine language and Assembly instruction, we'd be moving the value at register 1 to register 2.
Compilers
As one might imagine, Assembly language is still tedious and it would be tough to implement an Operating System like the ones that exist today. In order to be able to achieve feats like this, it must be possible to write code in a much more human-readable language and let the computer translate it into Machine Code.
Enter Compilers. They basically analyze text through a set of rules and then based on these rules output and optimize machine code for a given architecture. This allows the implementation of various programming languages like C, C++, and Java to exist.
To implement an Operating System, a developer would need to flash the ROM with a Basic Input/Output System (BIOS), and then write code for a bootloader to boot the system. The developer may then produce a kernel to load the firmware for all connected devices and operate the low-level parts of the system that the user doesn't see. Lastly, the developer is able to create various bits of software to run on this machination, eventually resulting in a full-fledged Operating System.
Hopefully this guide proves to be handy and provides a useful resource for any budding developer interested in electronics or computing.
Liked This Content? Check Out Our Discord Community and Become an email subscriber!
0 notes
Text
The Power To Serve: Custom Kernel Goodness on FreeBSD
For those who are unfamiliar with FreeBSD, it's a unique system that feels distinctly like the UNIX of old- because it is. Last post, we installed FreeBSD, got connected and installed some software. You might have even gotten a desktop working on your own, because it feels so much like Linux. However, the stock install is a bit RAM hungry and we aim to improve that.
Kernel? What's a Kernel?
Like Linux, FreeBSD (and Windows and MacOS) all have an underlying Kernel. This is basically a loose term that describes all the underlying components that the user doesn't see day-to-day when utilizing an Operating System, such as firmware and drivers being loaded, support for multithreading, filesystem support, and so on. Because BSD has so much support for strange devices- like VAX machines of old- it's expected of users who wish to optimize their systems to purge unneeded support from their system.
Getting Started
Of course, you'll need a FreeBSD installation with the source code to follow along... :) However, we'll need some more details about our target system that we'll be rolling a custom Kernel for. So let's whip out a notepad or text editor and our trusty command line. The trusty dmesg command will come in handy, but it produces way too much output, so we can filter that with grep by doing something like dmesg | grep <search term>.
The laptop I did this on was an unmodded Thinkpad T460. I knew that it came with Intel Wireless, an Intel CPU, an SSD, and Intel Integrated Graphics, for starters. But what model?
So I ran dmesg | grep Wireless and got the following output:
iwm0: <Intel(R) Dual Band Wireless AC 8260> mem 0xredacted at device redacted
Note that I have censored the last bit of output for privacy, but it contains memory address and what part of the PCI bus it's connected to.
I took note of this and did similar commands to gather info on my hardware.
Backing Up
Since we're replacing our kernel, we want a backup of the last known good one. In FreeBSD, the current running kernel is located at /boot/kernel. So let's make a copy in /boot, so we can continue to use it if things go south!
Running cp -a /boot/kernel /boot/kernel.good will do the trick for this.
Config Time!
Now we get to prep our Kernel config file. To do so, cd /sys will take you to the /sys directory, where you'll see a few architecture names as directories: x86, x64, arm, etc. My ThinkPad T460 is a 64 bit x64 processor, so I ran cd x64.
Now, there's a folder in this directory called conf. That's where the config files are located- so cd conf and then run ls to view the available config files to start from.
Instead of altering the config files directly, it may be wise to make a copy of one. I picked the GENERIC config file and copied it into one in the same directory, naming it T460 (no file extensions!!!)
With this done, open the freshly copied config file in the text editor of your choice. In this config file, there's lots of comments, specifying what each option will compile into the kernel. Removing the line will remove the feature from your compiled kernel. Since my ThinkPad doesn't have a floppy disk or RAID controller that's easy enough to remove those. I know that I have Intel Wired and Wireless connections, so I can remove all support for other network cards if I so choose.
ATCHUNG! Read what each option enables support for before deleting the line, and make sure you're not removing things that are critical to the function of your hardware!
Once satisfied, save the new config and quit.
Updating the Source
First things first, we need to install and set up subversion (SVN) on FreeBSD to get the latest copy of the FreeBSD source tree. In order to install SVN and get it ready to rock, we just need to run pkg install ca_root_nss subversion.
Now with SVN installed, let's fetch a copy of the latest source tree. If you already have the source code installed, run svn update /usr/src/. If not, we need to fetch a copy by running svn checkout https://svn.freebsd.org/base/releng/12.1 /usr/src/ (replace the 12.1 with the version number of FreeBSD you installed.)
Awesome! We're ready to compile the kernel!
Compiling the Kernel
With your freshly updated copy of the FreeBSD source code, cd /usr/src to get into the source code. Since our config file is prepped, all you have to run is make KERNCONF=CONFIG buildkernel- swap out the word CONFIG for your kernel config name. This will take a bit to compile, so grab a coffee or something while waiting. When it finishes, you run make KERNCONF=CONFIG installkernel, again swapping out the word CONFIG for your actual config filename. When finished, reboot your system and test it out!
BRO! MY KERNEL IS CRASHING!
In the bootloader, you can switch back to the old kernel to resolve the issues in your config and re-attempt compiling the kernel until satisfied.
What Are The Benefits of Doing This?
On my ThinkPad T460, the stock system used about 1.7 gb of RAM. After the custom kernel, it's now using 800 Mb of RAM- to lower the usage even further, some tunable "knobs" in /etc/rc.conf, /etc/loader.conf and /etc/sysctl.conf prove useful as well.
Another interesting thing to note is that this Kernel config can be used to rebuild the ENTIRE SYSTEM as well, using the make KERNCONF=CONFIG buildworld and make KERNCONF=CONFIG installworld commands too.
Until next time!
Liked This Content? Check Out Our Discord Community and Become an email subscriber!
0 notes
Text
The Power To Serve: Setting Up FreeBSD
Most would agree that IT and Computer geeks have an intense passion for Open Source Software and quality code. Due to this, Linux is a staple in the tech community... But is it the only option? Enter FreeBSD, an Operating System whose roots trace all the way back to the original UNIX. Buckle up, and prepare for an introduction to FreeBSD and setting it up yourself.
Wait, Slow Down. What's FreeBSD?
Back in the 1970s and 1980s, AT&T Bell Labs invented UNIX and would go on to sell commercial copies of said Operating System to various colleges. The awesome thing was that AT&T shipped source code bundled right in! One of these places was the University of California at Berkeley, who aptly wrote more tools for UNIX such as vi and the original Berkeley Fast Filesystem (what most Linux/UNIX Filesystems are based on nowadays). Eventually UC Berkeley went on to redistribute their own variant of UNIX called BSD, setting up a hotline at 1-800-ITS-UNIX. This ROYALLY pissed off AT&T and they sued for copyright infringement. For reference, around this time Linus Torvalds was beginning the Linux Kernel development.
Needless to say, UC Berkeley won the case almost totally- so much so that AT&T only kept copyright to 3-4 files of the entire UNIX system. This enabled the release of i386BSD, which spawned the FreeBSD, NetBSD and OpenBSD projects. Their licenses are all very close to the original license of the code which is extremely permissive and allows the user to do almost anything except take credit for the work, sue the developer and remove the license.
Cool! Let's Install It!
Awesome! At this time of writing, the latest stable version of FreeBSD is 12.1. If you browse to the FreeBSD Site, you'll notice a big "Download Now" button. For this series of blog posts, we'll install 12.1 because stability matters for a daily-driver laptop. Pick the correct CPU architecture and you'll be taken to a web open directory. There are multiple images available for download, generally DVD1 and memstick images have all installation files embedded into the image so no network connection is needed to install the system.
Now that the image is downloaded, pick an installation medium. For usb, you would insert a thumb drive and type sudo dd if=/path/to/FREEBSDIMAGE of=/dev/sdX status=progress, where the "if" argument is the location of your downloaded FreeBSD installer image and the "of" argument is the name of your drive under Linux.
After this is done, let's yank out our computer and boot into the installer! On most laptops, there is a key combination to enter the BIOS, like spamming F12 or delete on boot. Once you've done this, allow USB booting, disable secure boot, and configure your flash drive to boot first. With the flash drive plugged in, you should be greeted by a FreeBSD bootloader, waiting a moment will take you to a graphical menu that looks like this:
The FreeBSD Installer
Select your responses with the arrow keys, and press enter to continue.
In prompts like this one, you'll need to use the space bar to alter selections.
The menu is very simple and easy to go through... Once you arrive at what disk format to use, the most common option FreeBSD users select is entire-disk ZFS.
Remember to select your disks in the ZFS Pool! The original option is stripe/0 disks, but you still need to go into it's submenu and select a disk even if you don't want to use the mirroring abilities of ZFS. There is an option to enable encryption, enabling it will provide a prompt later for your disk encryption password. If you're content with the settings, continue on.
After this, you'll be greeted by a menu of what packages you'd like to install, selectable by spacebar and arrow keys. Pressing enter will allow you to continue to the installation. Once complete, the interface will drop to a shell for you to set the root user password. Once that's done, the installer will take you back to the UI and offer to create a user account (DO THIS!), where you drop back to the shell to create it. Lastly, there will be system hardening options that you can optionally check. If you're concerned with privacy, it is recommended to enable all of them. Finally, it will provide an option to exit the installer and reboot.
Welcome To FreeBSD!
On fresh installation, FreeBSD is extremely plain and doesn't even have a desktop. Our first priority is to connect to the internet, so we can update our system. Running the ifconfig command will list all devices that are recognized by FreeBSD. If your network card isn't recognized, you will want to search to see if it's supported. If so, there's probably a kernel module that hasn't been loaded for it. To remedy this, a simple kldload xxx (where xxx is the name of the kernel module corresponding to your device driver) will enable your hardware. If this works, you can make this change permanent by editing /etc/rc.conf. FreeBSD makes use of wpa_supplicant and ifconfig to connect- more comprehensive guides on getting connected can be found here:
Wireless Networking in FreeBSD Networking in FreeBSD
Once connected, updating the system and fetching a few apps to get started with configuration is critical. There's three ways a user can install software on FreeBSD: compiling from source by hand, compiling from source through the ports collection (automatically), or using the pkg package manager which feels very much like apt.
Set up the FreeBSD ports tree by running portsnap fetch extract. If you ever wish to use it, cd into /usr/ports and find the proper directory of the application you wish to install. Then type make clean install.
As for pkg, let's update, upgrade and install vim:
pkg update pkg upgrade pkg install vim
Once all the software required for a desktop or whatever use case is necessary, setup is just like any *nix-based system.
So What Makes FreeBSD Different???
FreeBSD has a bunch of unique development tools, such as dtrace, for programming and understanding how the Operating System works and programming good, solid code. On top of that, it comes with pf instead of iptables, which is the de-facto standard on many enterprise networking devices such as Cisco or Palo Alto (they actually ship with FreeBSD installed). The entire Operating System source code can be found in /usr/src, and you can recompile the entire OS with a one-line terminal command. FreeBSD and similar systems are known for having the best TCP/IP networking stack in the world, so much so that even Microsoft still uses FreeBSD code for driving the internet on Windows to this very day.
Be sure to stick around for the next post, where we'll compile a custom kernel on FreeBSD!
Liked This Content? Check Out Our Discord Community and Become an email subscriber!
0 notes
Text
The Power To Serve: Setting Up FreeBSD
Most would agree that IT and Computer geeks have an intense passion for Open Source Software and quality code. Due to this, Linux is a staple in the tech community... But is it the only option? Enter FreeBSD, an Operating System whose roots trace all the way back to the original UNIX. Buckle up, and prepare for an introduction to FreeBSD and setting it up yourself.
Wait, Slow Down. What's FreeBSD?
Back in the 1970s and 1980s, AT&T Bell Labs invented UNIX and would go on to sell commercial copies of said Operating System to various colleges. The awesome thing was that AT&T shipped source code bundled right in! One of these places was the University of California at Berkeley, who aptly wrote more tools for UNIX such as vi and the original Berkeley Fast Filesystem (what most Linux/UNIX Filesystems are based on nowadays). Eventually UC Berkeley went on to redistribute their own variant of UNIX called BSD, setting up a hotline at 1-800-ITS-UNIX. This ROYALLY pissed off AT&T and they sued for copyright infringement. For reference, around this time Linus Torvalds was beginning the Linux Kernel development.
Needless to say, UC Berkeley won the case almost totally- so much so that AT&T only kept copyright to 3-4 files of the entire UNIX system. This enabled the release of i386BSD, which spawned the FreeBSD, NetBSD and OpenBSD projects. Their licenses are all very close to the original license of the code which is extremely permissive and allows the user to do almost anything except take credit for the work, sue the developer and remove the license.
Cool! Let's Install It!
Awesome! At this time of writing, the latest stable version of FreeBSD is 12.1. If you browse to the FreeBSD Site, you'll notice a big "Download Now" button. For this series of blog posts, we'll install 12.1 because stability matters for a daily-driver laptop. Pick the correct CPU architecture and you'll be taken to a web open directory. There are multiple images available for download, generally DVD1 and memstick images have all installation files embedded into the image so no network connection is needed to install the system.
Now that the image is downloaded, pick an installation medium. For usb, you would insert a thumb drive and type sudo dd if=/path/to/FREEBSDIMAGE of=/dev/sdX status=progress, where the "if" argument is the location of your downloaded FreeBSD installer image and the "of" argument is the name of your drive under Linux.
After this is done, let's yank out our computer and boot into the installer! On most laptops, there is a key combination to enter the BIOS, like spamming F12 or delete on boot. Once you've done this, allow USB booting, disable secure boot, and configure your flash drive to boot first. With the flash drive plugged in, you should be greeted by a FreeBSD bootloader, waiting a moment will take you to a graphical menu that looks like this:
The FreeBSD Installer
Select your responses with the arrow keys, and press enter to continue.
In prompts like this one, you'll need to use the space bar to alter selections.
The menu is very simple and easy to go through... Once you arrive at what disk format to use, the most common option FreeBSD users select is entire-disk ZFS.
Remember to select your disks in the ZFS Pool! The original option is stripe/0 disks, but you still need to go into it's submenu and select a disk even if you don't want to use the mirroring abilities of ZFS. There is an option to enable encryption, enabling it will provide a prompt later for your disk encryption password. If you're content with the settings, continue on.
After this, you'll be greeted by a menu of what packages you'd like to install, selectable by spacebar and arrow keys. Pressing enter will allow you to continue to the installation. Once complete, the interface will drop to a shell for you to set the root user password. Once that's done, the installer will take you back to the UI and offer to create a user account (DO THIS!), where you drop back to the shell to create it. Lastly, there will be system hardening options that you can optionally check. If you're concerned with privacy, it is recommended to enable all of them. Finally, it will provide an option to exit the installer and reboot.
Welcome To FreeBSD!
On fresh installation, FreeBSD is extremely plain and doesn't even have a desktop. Our first priority is to connect to the internet, so we can update our system. Running the ifconfig command will list all devices that are recognized by FreeBSD. If your network card isn't recognized, you will want to search to see if it's supported. If so, there's probably a kernel module that hasn't been loaded for it. To remedy this, a simple kldload xxx (where xxx is the name of the kernel module corresponding to your device driver) will enable your hardware. If this works, you can make this change permanent by editing /etc/rc.conf. FreeBSD makes use of wpa_supplicant and ifconfig to connect- more comprehensive guides on getting connected can be found here:
Wireless Networking in FreeBSD Networking in FreeBSD
Once connected, updating the system and fetching a few apps to get started with configuration is critical. There's three ways a user can install software on FreeBSD: compiling from source by hand, compiling from source through the ports collection (automatically), or using the pkg package manager which feels very much like apt.
Set up the FreeBSD ports tree by running portsnap fetch extract. If you ever wish to use it, cd into /usr/ports and find the proper directory of the application you wish to install. Then type make clean install.
As for pkg, let's update, upgrade and install vim:
pkg update pkg upgrade pkg install vim
Once all the software required for a desktop or whatever use case is necessary, setup is just like any *nix-based system.
So What Makes FreeBSD Different???
FreeBSD has a bunch of unique development tools, such as dtrace, for programming and understanding how the Operating System works and programming good, solid code. On top of that, it comes with pf instead of iptables, which is the de-facto standard on many enterprise networking devices such as Cisco or Palo Alto (they actually ship with FreeBSD installed). The entire Operating System source code can be found in /usr/src, and you can recompile the entire OS with a one-line terminal command. FreeBSD and similar systems are known for having the best TCP/IP networking stack in the world, so much so that even Microsoft still uses FreeBSD code for driving the internet on Windows to this very day.
Be sure to stick around for the next post, where we'll compile a custom kernel on FreeBSD!
Liked This Content? Check Out Our Discord Community and Become an email subscriber!
0 notes
Text
Rotten Apples: The Demise Of A Computer Company
On Monday, June 22, 2020, Apple's renowned (infamous?) World-Wide Developer Conference took place. As usual, the announcement of new devices took place- along with a shocker that has the potential to kill off software ecosystems and shut down development efforts.
Okay, Okay. What The Heck Happened?
According to MacWorld and video of the actual conference, Apple plans to swap their CPUs with a new, custom in-house one... The same processor line found on the iPhones and iPads! These Processors are based on ARM CPU technology, but due to Apple's walled-garden stance they modified the design.
ARM and a Leg
In order to avoid this turning into a complaining rant, let's balance this out by first mentioning the benefits ARM provides:
ARM is based on a RISC architecture, allowing for lower power usage and improved performance (provided the software is properly written)
ARM is less expensive than Intel or AMD CPUs, theoretically reducing the cost of production.
ARM is found in tons of Internet-Of-Things and mobile devices, especially smartphones.
The Catch
Although these are amazing benefits and worth considering the switch in laptops and mobile devices, Apple isn't following the standard design. For all users may know, the machine language may differ from the original CPU. If so, it's impossible to write C/C++ or compile ANY third-party code without an Apple-supplied compiler. On top of this, hackers and developers have been struggling for YEARS to get Linux working on the iPhone and iPad and have always had hangups on the CPU and the hardware in the device that locks them out.
Since the new Macs will be using this same line of chips, running anything other than software condoned by Apple will be impossible. To further compound the issue, Apple has agreements with the U.S. Federal Trade Commission to ban the import of components for their devices. On top of this, Apple intentionally opted to solder the hard drive to the motherboard and removed the data recovery pins- now the only way to protect your info on Mac is to buy their services or get a backup drive.
The Problem
This activity poses several ethical and financial dilemmas for a potential buyer, seeking a new laptop or computer.
"We're Sorry It's Broken. Feel Free to Buy A New Mac!"
How many times have you heard this at the Apple store or a computer shop? Did you know that the majority of times a computer breaks, the repair normally will not cost more than $50-100 USD? By making devices impossible to repair, there's actual justification in making this claim. But then if it's impossible to fix or even recover your data, why buy it?
No Schematics For You!
Most people can agree that we all disagree on many things. However, most can all agree that major companies are not worthy of our trust in light of recent scandals. When a major laptop manufacturer like Apple switches to a custom in-house CPU, it becomes impossible to audit it's security without attempting to hack it and play the role of the "bad guy".
Lockdown and Lock out
Apple has always been a "Walled-Garden" ecosystem in their systems, but allowed third party apps to run. Due to this new CPU, all third party software is entirely dependent on whether or not Apple chooses to release compilers for their architecture. Even so, will they apply licenses to the compilers? Will they be compliant with current Operating Systems standards? Nobody knows, and there's potential for the death of third-party apps on the new platform. At the very least, all third party software would have to be recompiled (or rebuilt) to be compatible with the new architecture. For some maintainers, they may never even bother and third party support will dwindle.
Solutions?
As we all know, companies are driven by profit and go back on their decisions if it means a lack of sales. This means that if users don't support their actions, then DON'T BUY THE PRODUCT!
On top of this, hacking and research communities should pick up the new Macs as they arrive, and deduce how everything works, inventing ways to enable compatibility with other software and (maybe?) hardware on these new devices.
Lastly, if this bothers you, spread the word and explain it to others so they understand the importance of having the ability to fix your own belongings.
Liked This Content? Check Out Our Discord Community and Become an email subscriber!
0 notes
Text
Waves: The Wonderful World Of Wireless
Sine waves... GASP!!! This is the voodoo magic of the world of wireless technology. Not really, but it is mathematical, and really fascinating and I can't stop geeking out about it.
So why is this so important? As it turns out these basic physics allow WiFi, AM/FM Radio, GPS, CB Radio, Bluetooth, headphones and more to interact with the world around us. Without further ado, onward forth!
What's Your Sine?
So a sine wave is literally just a measurement of frequency and amplitude, plotted on a graph. Frequency is measured in hertz (Hz), where 1 Hz is one repetition per second. Amplitude is measured in decibels- think of volume control versus pitch when listening to music. The legal maximum output of a US FM Radio Station is 80 DBm, the power of the Sun when measured is approximately 306 DBm, and the average conversation is about 50-65 DBm. When plotted on a line graph, one might get a signal that looks like this:
Assuming this signal repeats 1 milion times a second, we could say it operates at 1 MHz (1 Megahertz)
Amplitude Modulation, or AM, is when the DBm is altered to produce a data stream. The benefit of this is that it has extremely long range, but is very susceptible to interference from natural sources like lightning.
Frequency Modulation, or FM, is when the Hz is altered to produce a data stream. The range isn't as good as AM but requires intentional attacks (such as jamming) to interfere with the signal.
Prepare The Phase Ray Generator!!!
Only half kidding, phase in a signal is where the signal starts and how it's transmitting. For example, you can have a 1 Hz signal that has different peaks and valleys when graphed compared to someone else's.
Sine Waves have different degrees of phase, totalling to 360 like a circle. Above, the wave has been split into 90 degree chunks.
Enter phase shifting. This is commonly found in wireless networking protocols found in WiFi such as WPA and WPA2, in encrypted communications networks, and even in mobile phones. To phase shift a signal, all one needs to do is take a chunk from the beginning of the signal and slap it on the end, using the degrees measurement of the sine wave. a 180 degree phase shift would cause a complete inversion of the wave, shown here:
Phase Lock is used in encrypted communications by having both devices phase shifting until they reach the same phase. These devices can then exchange cryptographic keys and communicate, hop to a different frequency and exchange there or end the transmission if something's wrong.
Why You Gotta Be So Noisy, Bro?
Noise is when a transmission experiences interference, making the sine wave (when graphed) look all jagged and strange. Noise Cancellation is the application of various filters to weed out the garbage. "Active Noise Cancellation Technology" dates back to the 1980s-1990s, where Adaptive Filters (the predecessor to Machine Learning/AI) found use in the detection of data that didn't belong on the sine wave, and it would "smooth" out the transmission and reduce noise.
Since then, this technology has improved and can be found in headphones, music players and more.
Packetization
Packetizing something is basically when one treats the peaks of a sine wave as a binary "1" and the valleys as a binary "0". Depending on the amount of time spent in the "1" or "0" state, we can transmit multiple of the same value (allowing us to transmit a stream of data). Due to this, we can send bits and bytes to other devices. But how on earth are we supposed to understand what's being sent?
Enter network protocols. The most popular one to exist is the TCP/IP standard, responsible for how the Internet behaves. In this, there is documentation on SPECIFICALLY how long each "packet" of traffic should be, and what should be contained inside. (Spoiler: it's basically destination and source info, the data, and a checksum to validate the info)
I haven't been entirely honest with you guys... This is actually what's taught in calculus as well as physics in colleges and universities. However, it's funny that it's so easy to understand and so amazing to see how it all works! Side note: the RTL-SDR is a great way to experiment with this, and I will most likely be writing a post on using it in the future.
Until next time!
Liked This Content? Check Out Our Discord Community and Become an email subscriber!
0 notes
Text
ThinkPad T430 Modding: Classic Keyboard
If you had a laptop in the 2000s or earlier, chances are that you'll remember the ThinkPads of old- the practically indestructible devices, with awesome keyboards and easy to customize. They were (and still are) widely seen as the go-to laptop for productivity due to it's utilitarian design choices. Fast forward in time, IBM sold the designs and schematics to Lenovo and the ThinkPad of old is no more... or is it?
The ThinkPad T430 is the first ThinkPad to have island-style chiclet keyboards, and to be the first in a long line of devices to ignore the tried-and-true design of 20 years. However, it's fully compatible with the T420 Keyboard, which provides the old keyboard design.
Things You'll Need
Below is a list of required items for this mod: - A T430 Thinkpad (of course!) - A working T420 keyboard for installation - A large white towel - A set of precision screwdrivers - Wire cutters - A file - needle-nose pliers
Setup
Take a white bath towel and spread it over my desk. This provides a nice, white surface to be able to see screws and helps prevent damage of components from unexpected dropping. Once that is done, put the ThinkPad (ThonkPad?) on the towel and open the lid of the device and flip it over, screen facing down. Lastly, pull out the tools and have them at the ready.
Violating The Keyboard
Wait, What? Yes, you heard correctly- it's time to take the wire cutters to the T420 keyboard. But hold on! Let's take care to tweak the right things.
So there are 4 tabs in the bottom stock T430 keyboard, and the T420 has 5 of them. Remove the one in the center, under the mouse buttons and file it smooth:
Take this slowly! Don't destroy your mouse buttons!
With this completed, now the existing tabs at the bottom of the keyboard need to be modified to accomodate the ThinkPad chassis:
You will need your needlenose pliers and the file to obtain this shape.
With this all done, put the keyboard to the side and let's crack open the laptop.
Death To Ye Olde Keyboard!!!
Thinking ahead, we will want to temporarily remove the laptop's palmrest along with the keyboard. To do this, COMPLETELY open your laptop and flip it over, so it lies flat, and remove the battery. Then, use your precision screwdriver set to remove middle panel in the back and the usb port cover in the bottom right corner. Remember to save these screws, as they will be necessary for reassembly.
Now, we need to remove the screws that keep the chassis held together:
The screws circled in red underneath the middle cover can be thrown away or reused, as reinstalling them will kill your classic keyboard. Otherwise, save the screws.
Now, flip the laptop over so the screen faces up and is fully opened to 180 degrees. Use a flathead screwdriver and pry the bottom of the installed keyboard forward. Once that is accomplished, there should be enough space to pry up on it, allowing you to remove the chiclet keyboard. It will be attached to the motherboard with a ribbon cable, you will need to detach this as well.
Now use the smallest flathead screwdriver (or a guitar pick if you care about avoiding scratching the plastic) and pry the palmrest away from the device. The touchpad is also connected to the motherboard via a ribbon cable and this will need to be reconnected upon assembly. Once this is removed, the palmrest will look something like this:
Das Keyboard
Now it is possible to take the classic keyboard and install it into the palmrest, taking time to ensure a proper fit. Once this is accomplished, connect the touchpad and keyboard back into the motherboard. Now, reattach the palmrest to the laptop, making sure to apply pressure to the edges of the device. You should hear "click" sounds where you reconnect it. Don't worry, this is normal.
Finally, flip the laptop over one last time and reinsert the chassis screws. Lastly, reattach the USB port covers and the cover for the center, screwing them back in. Now re-insert the battery and flip the laptop right-side up.
ITS ALIIIIVE!!!
The keyboard should work, but some keys will be swapped out of place and it won't behave 100% properly. It should be bearable for day-to-day use.
However, if you want to get it working fully, you can install the thinkpad-ec mod, found here: https://github.com/hamishcoleman/thinkpad-ec
Liked This Content? Check Out Our Discord Community and Become an email subscriber!
0 notes