An Ordinary User’s Adventures In Linux
by Lawrence D'Oliveiro
I helped an elderly friend set up his new PC yesterday. His
previous machine, over a decade old, was running Windows XP. I had set
up an Ubuntu dual-boot a few years back, and he liked playing the games.
But then the Linux boot stopped working--there was a message to the
effect “hd0 out of disk”, which sounded like a GRUB problem (“hd0”
being a GRUB disk name, not a Linux disk name). I booted up
SystemRescueCD, and found that disk space was ample. I did an fsck on
the Linux volume, and found no filesystem problems. I ran a badblocks
scan, and it reported several bad sectors, though oddly they only seemed
to be in the Windows partition (if I interpreted the numbers
correctly).
Naturally I searched online, but the hits I found for that error
message didn’t seem very helpful. Reinstalling GRUB didn’t help, so I
concluded there were likely other hardware problems, so time for a new
machine.
He got an entry-level dual-core AMD box from PBTech--their own house
build, in a CoolerMaster case--for well under a grand. Nothing fancy,
but good enough for his needs--mainly Web browsing, e-mail, a little
bit of word processing, and those games.
The PBTech box came without an OS. He could have got Windows 10 for it,
but considering he would be facing a learning curve coming from XP
regardless, I suggested going 100% Linux for all his daily needs, to
see if that would work. He could always spend the $160-odd extra on
Windows later if need be.
So I set it up with Linux Mint, since that seems to be everybody’s
favourite :). He was already using Firefox on Windows, so moving all his
Web bookmarks across was easy. The Mint install put an icon for
Thunderbird on the desktop by default, so I decided to try that for
e-mail. Getting his address book across from Outlook Express was
fairly straightforward, once I figured out how to map the exported CSV
field names correctly. The mail messages were slightly more fiddly, but
I found this extension
<https://addons.mozilla.org/en-US/thunderbird/addon/importexporttools/>
which directly loads Microsoft’s .dbx files, and that seemed to work OK.
Then he wanted to play CDs. When we put in an audio CD, it came up with
options to run Banshee (media player) or Brasero (disc burner). The
Banshee media player wouldn’t play the CD directly, it insisted on
ripping it to the hard drive first. This was not really what he wanted.
I had a look round, and found KsCD, which will indeed play audio CDs
without trying to rip them to audio files first. As far as I know, this
is the only GUI Linux app that can do so.
So, day 1 ended on a reasonably successful note. He was already
noticing how much faster the new machine was. So we’ll see how it goes
from here...
2 years, 8 months
Listening To Streaming Radio
by Lawrence D'Oliveiro
Currently listening to Sydney’s TripleJ radio station using the ffplay
utility (part of FFmpeg). For anybody else who wants to listen without
having to go through a web browser, ABC helpfully provide a list of
direct-streaming URLs for their stations at
<https://radio.abc.net.au/help/streams>.
ffplay reports some interesting additional details about the stream:
Metadata:
icy-notice1 : <BR>This stream requires <a href="http://www.winamp.com">Winamp</a><BR>
icy-notice2 : SHOUTcast DNAS/posix(linux x64) v2.4.7.256<BR>
icy-name : Triple J NSW
icy-genre : Misc
icy-br : 64
icy-url : http://www.abc.net.au/radio
icy-pub : 0
In other words, they seem to be streaming from a Linux server, but
their recommendation is for a client that doesn’t run on Linux...
3 years, 5 months
Report on U.S. political party having its e-mail servers hacked
by Ian Stewart
You may have read in the main-stream media about a U.S. political party having its e-mail servers hacked and then copies of the e-mails were published on a web-site.
If you'd like to know more, then a 13 page joint report<https://www.us-cert.gov/sites/default/files/publications/JAR_16-20296A_GR...> has been released on 29 December 2016 by the National Cybersecurity and Communications Integration Center (NCCIC) of The Department of Homeland Security (DHS), and the Federal Bureau of Investigation (FBI).
In reading this report please recognise that "The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within."
The report commences...
"GRIZZLY STEPPE – Russian Malicious Cyber Activity
Summary
This Joint Analysis Report (JAR) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). This document provides technical details regarding the tools and infrastructure used by the Russian civilian and military intelligence Services (RIS) to compromise and exploit networks and endpoints associated with the U.S. election, as well as a range of U.S. Government, political, and private sector entities. The U.S. Government is referring to this malicious cyber activity by RIS as GRIZZLY STEPPE."
While the report contains many abbreviations, please note that "GRIZZLY STEPPE" is never written as "Grizzly Steppe" nor is it abbreviated to "GS".
On Page 2...
"Description. The U.S. Government confirms that two different RIS actors participated in the intrusion into a U.S. political party."
The report does not provide the name of the "U.S. political party". For these details you'll need to use a search engine to search the Internet.
The Description continues...
"The first actor group, known as Advanced Persistent Threat (APT) 29, entered into the party’s systems in summer 2015, while the second, known as APT28, entered in spring 2016."
Page 4 lists 48 "Alternate Names" of the Russian Military and Civilian Intelligence Services (RIS). They are not all called names like Advanced Persistent Threat (APT) 28, APT29, APT30... etc. For example one of them is called "Powershell backdoor".
Page 8 has the, "Detailed Mitigation Strategies" with a section on "Protect Against SQL Injection and Other Attacks on Web Services", which states...
"Take steps to harden both Web applications and the servers hosting them to reduce the risk of network intrusion via this vector."
The "vector" (or "link") is to this webpage... https://msdn.microsoft.com/en-us/library/ff648653.aspx
"Improving Web Application Security: Threats and Countermeasures
J.D. Meier, Alex Mackman, Michael Dunner, Srinath Vasireddy, Ray Escamilla and Anandha Murukan
Microsoft Corporation
Published: June 2003
Last Revised: January 2006
Applies to:
Internet Information Services (IIS) 5.0
Microsoft Windows® 2000 operating system"
With a last revision date of January 2006 its interesting to be provided with advice on how to take steps on your Microsoft Windows® 2000 operating system for which mainstream support ended on June 30, 2005 and extended support ended on July 13, 2010.
UNIX does get one mention in the section "Credentials" on page 10...
"Properly secure password files by making hashed passwords more difficult to acquire. Password hashes can be cracked within seconds using freely available tools. Consider restricting access to sensitive password hashes by using a shadow password file or equivalent on UNIX systems."
While the report has IT related abbreviations such as HTTP, HTTPS, FTP, SQL, etc., here is a list to aid you with some of the other abbreviations used in the report...
JAR - Joint Analysis Report
NCCIC - National Cybersecurity and Communications Integration Center
DHS - Department of Homeland Security
FBI - Federal Bureau of Investigation
RIS - Russian civilian and military intelligence Services
APT - Advanced Persistent Threat.
RATs - Remote Access Tools
IOCs - Indicators of Compromise
US-CERT - United States Computer Emergency Readiness Team
EMET - Microsoft’s Enhanced Mitigation Experience Toolkit
For additional reading on this report, use a search engine or go here<https://www.theguardian.com/technology/2016/dec/29/fbi-dhs-russian-hackin...> or here<http://caucus99percent.com/content/all-there>.
cheers, Ian.
3 years, 5 months
siduction and Wayland
by Ian Young
Merry Xmas all
Just saw this. Wayland relevant. Not tested here.
https://news.siduction.org/2016/12/release-notes-for-siduction-2016-1-pat...
The released images are a snapshot of Debian unstable, that also goes
by the name of Sid, from 2016-12-23. They are enhanced with some
useful packages and scripts, our own installer and a custom patched
version of the linux-kernel 4.9, accompanied by X-Server 1.19.0-3 and
systemd 232-8.
Changes that affect all flavours
In the wake of the upcoming Wayland display server, that will replace
the old Xorg-Server, the way input devices are handled, has changed.
The new way to handle devices like Mice, Touchpads, Wacom Tablets, and
the like was developed by Red Hat developer Peter Hutterer and is
called libinput If you look into /etc/X11/xorgconf.d/60-libinput.conf,
you will see that we implemented a basic config, that supports some
touchpad actions, but not all. If you miss anything, look at the above
link, that has ways to set up other actions. Another change over all
flavours is the use of SDDM as Display- and Login-Manager, which is
the new default for Plasma, but suits the other flavours fine as well.
3 years, 5 months
Signal Implements Domain Fronting
by Lawrence D'Oliveiro
Signal, the secure communications application created by Moxie
Marlinspike, has added another tool to its kit to evade Governments
that want to block their subjects from using it: “domain fronting”. The
technique requires routing through a content-delivery network, which
typically is not available for free. But it does mean the only way to
block the use of Signal is to block the user from the entire Internet.
At least for now.
<http://www.theregister.co.uk/2016/12/23/signal_deploys_domain_deceit_to_d...>
3 years, 5 months
January meeting
by Ian Young
I have the most recent Zorin Core Edition. Version 12. This is
available at no charge, they also have a offering that requires
payment. I can try to find something to say if required. ~ Ian Y
3 years, 5 months
