Code Comments Stink

27. July, 2009

If you ever need a good argument why code should be readable without comments, look here.

Dead languages are dead because they don’t fit today anymore. Let them rest.

Installing openSUSE 11.1 on an Acer Aspire 5737Z

25. July, 2009

Yesterday, I bought an Acer Aspire 5737Z for my mother. I ran into two issues while trying to install openSuSE 11.1 on it:

  1. System error -1012 during partitioning
  2. Installation of the bootloder failed with error 12: Invalid device requested.

In both cases, the openSuSE failed to enumerate the hard disk partitions correctly. The partition layout was as follows:

  • /dev/sda1 – Unknown partition (probably the recovery program)
  • /dev/sda2 – Windows C (20GB)
  • /dev/sda3 – Extended partition for linux
  • /dev/sda5 – swap partition (2GB)
  • /dev/sda6 – root partition (/ 20GB)
  • /dev/sda7 – home partition (/home rest)

The first error happens when the installer tries to set the type of /dev/sda6 to 82 (swap). That should have been /dev/sda5. The solution is to boot using the rescue system and to partition the disk manually. I suggest to use “cfdisk /dev/sda” for this. Make sure you mark the root partition as bootable.

After that has been done, tell the installer to accept the existing partitioning. You’ll still have to assign the mount points, though, and tell the installer to format the partitions.

Later, grub gets confused in a similar matter. It tries to add the Windows boot manager from (hd0,2) (which maps to sda3; grub starts counting with 0!). That should be (hd0,1). Since everything is installed, we just need to boot the rescue system and chroot to the installed system:

  1. mount /dev/sda6 /mnt – Mount the root filesystem
  2. mount -bind /dev /mnt/dev – Map (bind) the devices into the root filesystem (so that you can access the hard disk, etc)
  3. chroot /mnt bin/bash – Start a shell that behaves as if you had booted from the installed system

You can tell that you’re in a new shell by pressing “Up”. That should recall your last command (chroot). Your first task is to fix the broken grub config. Edit /etc/grub.conf. The first line should read setup --force-lba (hd0). Run grub-install. If it still fails, try to run it manually:

root (hd0,5)
setup --force-lba (hd0)

Note that this will overwrite the Windows boot code. I’m not sure how to boot Windows, now, but really, I don’t care.

Next step on the path to hell is the NVidia driver. I didn’t have much luck with the precompiled one from the NVIDIA repository. Instead, I installed kernel-source and gcc. After that, you can do cd /usr/src/linux ; make oldconfig ; make and abort the build when it starts to build stuff in arch/x86/. Now, you can compile the driver from the source. Just sh ./, answer all the questions and then run sax2.

In sax2, make sure to select an “LCD monitor” with “1360×768” pixel resolution. After a moment, you should have a clean display.


23. July, 2009

Every now and then, I stumble over something awesome. Infinity is a MMO a bit like EvE Online but attempting to avoid most of the mistakes. If the game is as great as the images, we’re in for a real treat.

You Have Been There

22. July, 2009

The first step in an attack is to gather information. You’re probably browsing with Firefox, have all the usual plugins installed (AdBlock Plus, NoScript), you’ve disabled cookies and you think you’re safe.

Security doesn’t work like that. Let me give you an example. You may already know that servers save little bits of information on your computer to recognize you when you return. Cookies.

But there is another way to know where you’ve been. Can you guess it? No? Look at the links. Still nothing? The color? It changes after visiting a site?

So the solution is to use a piece of JavaScript (and almost every site on the ‘net needs JS these days) and examine the color of your links. Gotcha.

Next time, disable your browser history, too. And the cache. And the proxy. And JavaScript. Better yet, don’t start it anymore.

Stopping Spam Crawlers

17. July, 2009

The war against spam is mostly lost. People don’t care about the security of their PCs (if they even know what that means). Bot nets are here to stay. But the bots need crawlers that harvest mail addresses and scientists at the University of Indiana have found out that these come from a relatively small number of IP addresses. Blocking these would effectively cut off the spammers – from getting new addresses.

Until they train their bot nets to crawl.

Link: Blick in die Spammer-Trickkiste (German)

Taking Security Seriously

16. July, 2009

Security of todays operating systems is slowly getting better, meaning that it becomes more and more hard for some fraud to get your credit card number by asking your computer. Asking the person in front of the computer still works. But I digress.

On the DailyWTF is a report how the military handled the problem.

While the idea to actually carry vulnerable parts of the computer away when someone not trustworthy comes close, the solution is really what the military is all about: Make it work, no matter what might go wrong. And be creative about what could go wrong but take the most simple solution (which is the main difference to geeks: we almost never pick the most simple solution).

Which also explains why they clipped parts away from the printouts: Just blackening them might be undone (just holding the paper against the light might be enough) but data, that isn’t there, can’t be abused.

A pity that this simple idea is shunned today. Instead of collecting as little data as possible for a job, as much data as possible is hoarded.

%d bloggers like this: