Michael Altfield's gravatar

My Cycling Blog

2guys1biketrip

Much to my surprise, I discovered that I have 25 registered users to this web blog. I’d like to take this opportunity to point out that I’ve since created another “blog specifically to document a ~3,000 mile bicycle trip that a friend and me are embarking on this summer (2010). The website is: 2guys1biketrip.com”:http://www.2guys1biketrip.com.

Although this new blog is (obviously) _mostly_ cycling-oriented, there are some technological posts as well. For example, I plan on “plotting our trek in real-time on a Google Maps mashup using a GPS-enabled cell phone”:http://2guys1biketrip.com/wp/?page_id=59. For more info, see “my ‘GPS Tracking’ post on 2guys1bike trip”:http://2guys1biketrip.com/wp/?p=69.

Also, one of the many obstacles I’m trying to dodge for this trip is “how to charge my batteries”:http://2guys1biketrip.com/wp/?p=51. I’ve considered “pedal-power”:http://blog.makezine.com/archive/2009/06/how-to_pedal-powered_phone_charger.html and solar power.

To monitor our progress as we prepare for this epic trip, be sure to subscribe to our “2guys1biketrip RSS feed”:http://2guys1biketrip.com/wp/?feed=rss2. I’m sure there will be some solar panel hacking posts on 2guys1biketrip in the not-too-distant future.

Also, if you’ve found any of these postings to be helpful or you just feel like being exceptionally nice, please consider “contributing to our trip”:http://2guys1biketrip.com/wp/?page_id=6. Donations of any amount will be _much_ appreciated (we are both
. . . → Read More: My Cycling Blog

Michael Altfield's gravatar

Plausibly Deniable File Encryption

Plausibly deniable encryption is a fascinating concept. For example, “TrueCrypt”:http://www.truecrypt.org/ (a FOSS for hard disk encryption) has a wonderful “Hidden Volume”:http://www.truecrypt.org/docs/?s=hidden-volume feature that provides “Plausible Deniability”:http://www.truecrypt.org/docs/?s=plausible-deniability. The concept is: you install 2 OS instances on your computer–1 in a hidden volume. If, for whatever reason, you were forced to reveal your encrypted data, you could give access to decrypt your fake, but seemingly legitimate, OS instance. If done correctly, this could prevent you from forfeiting your sensitive data.

What if you want to encrypt some data to a file, bury it on a thumbdrive somewhere, and make it appear to be just an obscure filetype (possibly corrupted)? I ran across “the answer”:http://old.nabble.com/Is-it-possible-to-decide-what-is-a-gpg-file–td26392408.html when studying for my Secure Computing final.

I haven’t had a chance to research this potential solution, but there seems to exist a project that builds onto the Blowfish cypher to achieve this plausibly deniable encryption: “Blowfish Updated Re-entrant Project (BURP)”:http://www.geodyssey.com/.

Exerpt from “burp.txt”:http://www.geodyssey.com/cryptography/burp.txt

Unlike many similar programs, BURP writes to the output file only the ciphertext (i.e., it writes no “file headers”, password verification data, system, program or content identification strings, etc.). Consequently, such file can not be “provably” identified as ciphertext, as long as the key
. . . → Read More: Plausibly Deniable File Encryption

Michael Altfield's gravatar

gcc Optimizations for Arithmetic Operations using Bit Shifts

I’ve got a hellacious project due and finals all next week, but this was just too much fun to pass up. In any case, compiler optimization increases compile time, and anything that gives me more time to sword fight on $1000 office chairs is worth a little R&D.

I’m working on writing this cut-down MIPS processor simulator for my Computer Organization class at UCF. I googled “word alignments” to help me better understand the most efficient calculations for converting the Byte Aligned Program Counter address to the Word Aligned Memory array when I ran across an interesting article showing that the mere *order* of variable declarations in a C program can affect the amount of memory used by that program.

The article explained the situation very well, and it makes sense why this issue would happen, but I was surprised that the compiler wouldn’t try to optimize situations like this by re-ordering a set of concurrent variable declarations of alternating data types.

In any case, I continued to hack away at my project when I began to think about whether or not gcc translates multiplication and division operations where one of the operands is a power of 2 into simple
. . . → Read More: gcc Optimizations for Arithmetic Operations using Bit Shifts

Michael Altfield's gravatar

Automatic Timestamped ZFS Snapshots with Cron

A couple of months ago I setup a cron job to automatically create timestamped snapshots of my zfs filesystem. Little did I know, there was a syntax error preventing my job from actually executing. Here’s the correct (yet not-so-intuitive) cron job to get a nightly, timestamped snapshot of the ZFS filesystem @tank@:

Michael Altfield's gravatar

Iterative MITM Packet Sniffer

So, I got into a discussion with a friend of mine in my Computer Security class at UCF about this script. I’m posting this for historical and educational purposes only. As always, I never condone the implementation of any of my content for malicious intent. Moreover, this script has flaws that * would make it useless in such a scenario. Don’t do it!

Here’s a script I hacked up last semester when I was playing with MITM attacks and packet eavesdropping with ettercap:. This scripts will automatically:

fake its MAC Address get a new IP Address collect a list of hosts on the same subnet as itself iterate through and ARP poison: each of these hosts one at a time for 5 minutes each save all data collected in host-specific files in a timestamped directory repeat until the hard drive is full
. . . → Read More: Iterative MITM Packet Sniffer

Michael Altfield's gravatar

Google Chrome in 64-bit Sabayon Linux

I really should be studying for my stat exam tomorrow, but I was logging into my.ucf to download my lecture notes, and while Blackboard Learning System (the really shitty replacement for WebCT) was stuck in an infinite loading loop (most probably caused by incompetent javascript) I decided to finally get Google Chromium (which apparently has an excellent javascript engine) working on my Sabayon Linux desktop.


. . . → Read More: Google Chrome in 64-bit Sabayon Linux

Michael Altfield's gravatar

Finding and Killing Processes Blocking Alsa Devices

Quite often, and for whatever reason, I go to play a sound in linux and I get a “device or resource busy” error. Restarting alsasound doesn’t work. Here’s what does:

guttersnipe@guttersnipe ~ $ fuser -v /dev/snd/* USER PID ACCESS COMMAND /dev/snd/controlC0: guttersnipe 21993 F…. python2.5 /dev/snd/pcmC0D0p: guttersnipe 21993 F…. python2.5 /dev/snd/timer: guttersnipe 21993 f…. python2.5 guttersnipe@guttersnipe ~ $ lsof -n | grep "/dev/snd" python2.5 21993 guttersnipe 78r CHR 116,2 0t0 10272 /dev/snd/timer python2.5 21993 guttersnipe 79u CHR 116,4 0t0 10476 /dev/snd/pcmC0D0p python2.5 21993 guttersnipe 80u CHR 116,7 0t0 10466 /dev/snd/controlC0 guttersnipe@guttersnipe ~ $ kill 21993

Source: http://alsa.opensrc.org/index.php/FAQ#How_can_I_find_which_processes_are_using_Alsa_devices.3F

Michael Altfield's gravatar

Rockbox – Sansa e260v2

I bought a cheap, $30 refurbished MP3 player off of woot back in December ’08: the
. . . → Read More: Rockbox – Sansa e260v2

Michael Altfield's gravatar

Cheap PCI Sata Card – XWT-RC040

I recently setup a cheap terrabyte server with an old Dell 2450, 3 1TB Hitachi drives, and this cheap MnssCool XWT-RC040 4-port Sata ‘high speed’ PCI Controller Card.

The best thing about this card was that it was cheap. I got it for $30 off of newegg. The worst part was that it pretty much comes broken. You have to flash the bios to make it work well.


. . . → Read More: Cheap PCI Sata Card – XWT-RC040

Michael Altfield's gravatar

xen hung at “Checking for hardware changes”

So, xen is really beginning to piss me off. I turned off all my machines to do a snapshot, and when I tried to bring them back up, they were all in the ‘blocked’ state. Upon further investigation (using virt-manager/xm console), I found that they were hung at the “Checking for hardware changes” item in their boot process. This could be a CentOS/RHEL 5 issue, but I’m putting my money on xen.


. . . → Read More: xen hung at “Checking for hardware changes”