Page 11 of 28
- $25 - Off The Hook t-shirt
- $40 - DMCA coffee mugs; one white on black, one black on white; for coffee only
- $75 - No Starch Press books: Forbidden Lego and Hacking: The Art of Exploitation
- Internals of the ext2 Filesystem - M. J. Dominus
- What’s a file? - M. J. Dominus
- John’s ext2 spec - John Newbigin
- $25 - Off The Hook t-shirt
- $40 - DMCA coffee mugs; one white on black, one black on white; for coffee only
- $50 - TV B Gone
- $75 - 2600 zippered hoodie; “2600” on front, “hacker” on back
- $250 - Super TV B Gone; 100 meter range
Off The Hook - 27 February 2008
This is the synopsis of Off The Hook that aired on 27 February 2008.
In the studio: Emmanuel, Mike, Redbird, Not Kevin, Lazlo
On the phone: Bernie S in Philadelphia, Bill Pollack from No Starch Press
Via Skype: Jon Erickson, author of Hacking: The Art of Exploitation
The last week of fundraising.
Emmanuel plays a clip from 30 November 1999 where Amy Goodman was covering the WTO protests in Seattle, which he cites as the beginning of the independent media movement on the internet. He relates a story of Shapeshifter, 2600’s layout artist, who was arrested in Philadelphia after police saw him talking on a cell phone and accused him of organizing the protests. Shapeshifter later won a suit against the city for wrongful arrest, since his using a telephone was the limit of their evidence.
Premiums for the hour:
Changing a Shortname on Mac OS X
When you install Mac OS X, it asks you for your full name, which is what it will use for what it calls the username. Despite calling it the username, it is not actually field 1 in /etc/passwd, which is what Unix users would call the username. Mac OS X refers to the first field of /etc/passwd as a user’s “short name,” normally a concatenated and lowercased version of your full name. As one would expect, your Unix username, what you would use to login at a console or via SSH, is actually the short name; your files are stored in /Users/
Like many Unix users, I have a username (dinomite) that is different from my real name (Drew Stephens) and I like it that way. Having a username on one machine that doesn’t match that on all of my others is a hassle, requiring me to specify a username whenever I SSH to or from said machine. After having reinstalled OS X recently I wanted to change my short name on the system to rectify this problem. Though some tutorials make it seem like an involved process, it’s actually fairly straightforward if you have some Unix and OS X experience. Here’s how I did it in 10.5 (Leopard).
First, you must enable the root user; we will make all the username changes while logged in as root. You could also login as another user and use sudo (hint: sudo -i) to do this, but I had no other users on my machine. To enable root, open Applications > Utilities > Directory Utility, then click the lock in the Directory Utility window and enter your username & password. Choose “Enable Root User” from the Edit menu and supply a password for root when prompted.
Now that root is enabled, log out of your own account, click “Other…” in the login window and supply root’s credentials. Once logged in, we need to create a the new user with the desired short name. Open System Preferences and select the Accounts pane. Add a new user by clicking the ’+’ at the bottom and fill in the Name & short name fields as desired; I used a temporary name (Drew) and the short name I wanted (dinomite), since you can’t have two identically named users and the name can be easily changed later.
Open a terminal (Applications > Utilities > Terminal) and change to /Users. ls ought to show directories for both your current short name and the newly created one. Now you just have to move your files from your old short name to the new one: mv <old short name>/* <old short name>/.* <new short name>/. Once that completes, you need to change the ownership to the new short name: chown -R <new short name> /Users/<new short name>. Since everything is now in the new users’ domain, you can now delete your old username, log out of root and log in using your newly short named account.
Linux Filesystem Internals
Someone asked me questions about filesystems recently and, though I used to have a good handle on them, my knowledge has waned over the years. I figured writing about filesystem internals was a good way to brush up on that knowledge.
This information applies generally to UFS, FFS, ext2/3 and XFS. ReiserFS and HFS(+) employ B-trees for organization of file metadata rather than inode lists, so they are somewhat different. ZFS is the tits and all of its shenanigans are handled differently.
At a low level, Unix filesystems are made up of three main pieces on the disk: a superblock, inodes and data blocks. The superblock contains information about the filesystem: a magic number to identify the type, the size of the filesystem, free data blocks and other gross information. After the superblock comes a list of inodes, each of which contains metadata about a file including the permissions, the number of links to the file, the file type (symlink, directory, etc.) and the datablocks that hold the actual file data. Note the conspicuous lack of a filename in the inode; more on this later. The balance of the space on a partition is made up of those data blocks which hold the actual file data.
As mentioned previously, inodes only store metadata; the actual data is stored in one or more data blocks, the inode merely keeps a list of the blocks that contain the data for the file. In ext2/3, each inode has 15 blocks that can each refer to a single data block, each of which is usually 1 kilobyte meaning that the maximum filesize on ext2 is 15 kilobytes…but that’s certainly not true. The 15 data-referencing blocks are actually allocated more intelligently than that. The first 12 (0..11) are direct blocks, pointing to the first 12 blocks (kilobytes) of a file. The 12th block is the indirect block; instead of pointing to data blocks that contain data, it points to a data block that contains a list of up to 2060 addresses of blocks that contain data. Since a maximum filesize of (2060+12) 2072 kilobytes isn’t sufficient for most peoples needs, the 13th block is doubly-indirect and the 14th is triply-indirect. With all that indirection, the maximum filesize on ext2/3 is about 35 gigabytes, which ought to be enough for anyone.
So, when you want to read a file, the operating system first checks the metadata in the inode to ensure you have permission to access said file. Assuming you do, data is pulled from the data blocks listed in the inode, with appropriate indirection depending upon the size of the file.
I mentioned previously that filenames are not part of the inode, which seems odd as the filename seems to be a type of file metadata. The rub is that in POSIX systems a file can have multiple names; my home directory can be referred to as /home/dinomite, /home/dinomite/., /home/dinomite/bin/.. or a number of other names. How is this handled and where are filenames actually put? In directories. A directory boils down to nothing more than a list of names and their associated inode numbers, which we refer to has a link, giving name to the system call unlink which most people refer to as delete. When you refer to a file by name, the operating system starts at the root node (/), which is always inode number 2. Beginning with the root directory listing, it matches filenames to inode numbers, cascading this lookup until it has found the file that you referenced.
The important thing mentioned in the previous paragraph is that filenames in a directory list are links to a file; each of those links is noted in the file’s inode as the link count. Whenever a file is given a name (either by being created or a hard link via ln), the link count is incremented; when a link is deleted, the link count is decremented. When the link count reaches zero, the kernel releases those data block, unless the file is currently open. In the latter case, the data blocks are freed when the file is closed. This also lends insight into how undelete programs work and what computer people mean when they say deleting something doesn’t actually get rid of the data on the disk. When you delete a file, more properly known as unlinking it, the only thing that actually goes away is the data in the inode. Until they are overwritten, the data blocks still contain the data prior to being deleted. fsck works in a similar manner, searching for inodes that have positive link counts, but no references in directories.
Finally, there are symbolic links. With a symlink, an inode is allocated and has its symlink bit set. If the file pointed to by the symlink is 60 bytes or less, it is stored directly in the inode. If its longer, the pointed-to file is stored in data blocks and they are pointed to by the inode in the normal fashion. Note that symbolic links to not affect an inode’s link count, hence broken links.
References
Off The Hook - 13 February 2008
This is the synopsis of Off The Hook that aired on 13 February 2008.
In the studio: Emmanuel, Mike, Not Kevin
On the phone: Bernie S from Philadelphia, Mitch Altman from California
Another week of fundraising.
RIM’s Blackberry service had another outage between 3:30pm and 6pm on Monday but the company claims that no data was lost.
Not Kevin’s Verizon Samsung phone went on the fritz and throwing it from a ten-story building didn’t fix it. Emmanuel reports that, upon trying to SMS Not Kevin after he obtained a new phone, receive a response stating that the phone was unreachable, even though it was on.
This week brought many news stories of persons crossing the United States border and having their computers more than thoroughly inspected or even seized by Department of Homeland Security or U.S. Customs and Border Patrol employees. The searches include confiscation of laptops and cellular phones, forcing users to divulge their passwords and in some cases wholesale copying of data of disks or SIM cards. Emmanuel advocates United States citizens refusing these searches. A number of blog posts on the web have suggested keeping a secondary account on your laptop with some fake data, in order to comply with the search request without actually divulging data. Bruce Schneier still recommends employing strong encryption techniques to protect your data. Bernie S proposes the use of tiny memory cards, such as MicroSD, for storing ones data and hiding it when crossing the border. The EFF is suing to stop the practice.
The Senate voted on a bill to give retroactive immunity to telecommunications companies that participated in warrantles wiretapping. Noted votes are those of potential presidential candidates; John McCain voted YEA to grant immunity, Barack Obama voted NAY and Hillary Clinton was (strategically) not present for the vote. The bill passed with 61 YEA votes, including all Republicans and a number of Democrats.
Network neutrality has come up again as Barack Obama spoke about it in a podcast from two years ago. Obama advocated the continuation of net neutrality, a de-facto policy that has been in existence since the beginning of The Internet. The senator chastised cable and telephone companies for being against network neutrality and also spoke in support of increased competition in broadband access. Much like her failure to vote in the above-mentioned issue, Hillary Clinton has been conspicuously silent about net neutrality, despite her numerous speeches covering technology issues. John McCain is on the record against net neutrality instead leaving it to the market to decide; the problem with such a stance is the duopoly that most consumers are left with for high speed access. Mike Huckabee is in favor of net neutrality, explaining his position with an analogy involving trucks on a highway.
Premiums for the hour:
A clip from February 15th, 1995, the day Kevin Mitnick was captured, is played. Emmanuel discusses the situation surrounding Kevin at the time and his near-miss capture a few weeks prior. Phiber Optik made an appearance discussing Kevin Poulsen’s case.
Mitch relates a story of a TV crew following him around Paris, France as he walked around turning off TVs.
Emmanuel mentions the real-world protests of Scientology by “Anonymous”; in New York, more than 200 people were present. Another demonstration will take place on the 15th of March at Scientology sites throughout the world.
Python Switch Statements - part 2
My friend Lex read my post on Python’s lack of switch statements and sent me a note that the normal method for implementing something along the lines of a switch in Python is to use a dictionary. First, let’s define some functions:
def fooFunc():
print 'Got foo?'
def barFunc():
print 'Not foo.'
def nomatch():
print 'No function to speak of!'
string = 'foo'
Now we can create a dictionary and just lookup the variable you want to switch upon:
# Make a dictionary and call it switch
switch = {
'foo': fooFunc,
'bar': barFunc
}
# Find the string in the dictionary, thereby calling the function
switch[string]()
switch['bar']()
# Another way to do the dictionary lookup
switch.get(string, nomatch)()
switch.get('bar', nomatch)()
Which will call the function in the switch dictionary, or call nomatch if none of the dictionary entries match. Or create an anonymous dictionary and do it all at once, more like a traditional switch:
{
'foo' : fooFunc,
'bar' : barFunc
}[string]()
Off The Hook - 6 February 2008
This is the synopsis of Off The Hook that aired on 6 February 2008.
It’s a fund raising week at WBAI, so Off The Hook is a little bit light on content, but they are big on giving you stuff for donating to the station. Be sure to tune in live next week because they often extend the fund raisers, so you might be able to pledge next week for different stuff. The premiums for this show are:
- $25 - Off The Hook t-shirt
- $40 - DMCA coffee mugs; one white on black, one black on white; for coffee only
- $75 - 2600 zippered hoodie; “2600” on front, “hacker” on back
- $125 - Lifetime subscription to Off The Hook DVDs (nearly 1000 hours of OTH)
Bernie S clarifies the rules regarding promotion of business on public radio; though one is allowed to speak well of a business, you cannot compare it to other business.
Redbird mentions the Intelius database, a background check service, which will give you a persons date of birth before you have to pay.
The group discusses London’s expansion of their automated congestion charging to tally high polluting vehicles as well.
Emmanuel plays a clip from a November 1999 show and discussion of the upcoming Year 2000 Problem. Emmanuel laments people who think that 1999 is the last year of the century or that 2000 is the first year of the new millennium. Micro controllers that control municipal functions are brought up, in particular the PDP-11s (not micro controllers) that control the release of sewage into the East River according to lunar cycles, which influence tides.
John McCain is a Soldier of Reaganomics
John McCain’s economic advisor, Douglas Holtz-Eakin, was on Wednesday’s Marketplace discussing the senator’s economic strategy for the country. In the interview, Holtz-Eakin said this of McCain:
He is a foot soldier in the Reagan Revolution. He saw President Reagan cut taxes within the context of budget discipline and controls on spending.
He went on to say that McCain had seen the positive effects of Reagan’s policies of lower taxes on the economy and that the senator supported such actions.
Excuse me? Are we really still bringing up Reagonomics? The trickle-down economics championed by the Reagan administration is a contentious issue and its effects on the general populace, like that of all economic matters, is debatable. One thing that isn’t debatable, however, is the size of the federal debt. To put it quite frankly: Republicans want to cut taxes and spend like there’s no tomorrow. Ideally such a policy should be a boon to the economy and yet there’s no clear evidence for that being the case. What such strategies do affect are programs like Social Security; the money for tax cuts has to come from somewhere and more often than not it is by marginalizing other Federal programs. Don’t get me wrong, I don’t particularly care for Social Security but the fact of the matter is I pay into it and I want to get my money’s worth. As it stands, I may never see the 6% of my pay that goes toward the troubled fund.
Off The Hook - 30 January 2008
In attendance: Emmanuel, Bernie S, Mike, Redbird and Not Kevin.
Bernie mentions that analog cell phone service (AMPS) will be shut off during the week of February 18th.
The entire crew makes note of their significant lack of sports knowledge in light of the upcoming Superbowl. Emmanuel shows a surprising amount of knowledge, though he condemns this knowledge wishing he could replace it with useful information in his head.
The show is on International Delete Your MySpace Account Day and Emmanuel points to it as evidence of the power of blogging and wonders whether. Redbird insists that Facebook is useful and MySpace is not, though he admits to possibly having a MySpace account. He also brings up the flaw in MySpace’s private pictures, which allowed pictures marked private to be viewed by anyone. Emmanuel longs for an antonymous version of Facebook where people create lists of enemies and Bernie says that someone named “Bell” had an online death-pool but was arrested and the site taken down.
The Last Hope will be July 18-20th and more information will be on the website.
Charter Communications accidentally deleted messages for 14,000 email accounts and claims the data is completely irrecoverable leaving all very surprised that Charter didn’t have backups for the data. Redbird is impressed that Charter didn’t simply blame the loss on hackers.
Also not caused by hackers is the Bermuda triangle of car problems around the Empire State building. Purportedly connected to cars with keyless entry, including Emmanuel’s Smart Car, a New York City towing company says that they have to move 10-15 cars in the neighborhood per day. Usually, they claim, towing the car a few blocks away solves the problem. Redbird notes that the radio transmitters on top of the building are powerful enough that they will interfere with all sorts of radio devices.
A woman was awarded nearly the maximum sentence for her crime after making light of her victim’s death on a prison phone. Bernie said that when he was a guest in Federal prison all calls were recorded and there are no provisions for private calls, even with one’s attorney.
Bernie brings up Qwest’s refusal to participate in the NSA’s warrant-less wiretaps over the past few years but mentions that they lost numerous Federal contracts because of this decision.
Estonia and Russia are in a conflict over the movement of a World War 2 memorial in Estonia. Apparently the Russia government was not involved in attacks against Estonian government and business websites rather it was a young Estonian angered by his government’s decision on the memorial.
The group discusses Anonymous’ Project Chanology whose attacks have been successful in bringing attention to the cult of Scientology. Bernie relates a story from when he worked as an offset printer. The owner of the business for which he worked was a Scientologist who tried to convert Bernie who was fired from the job after not joining the crazies.
Though Google changed their algorithm to reduce the incidence of Google Bombs, if you search for “dangerous cult” the first hit is the website of The Church of Scientology. In other news, the cast of Off The Hook is often equipped with blank expressions.
Jim is still recovering and is now in a nursing home. His address is:
Caton Park Nursing HomeBernie says that Jim can now read again but still has trouble writing.
Attn: Jim Vichench
1312 Caton Avenue, Rm. 312B
Brooklyn, New York 11226
A listener wrote in to say that he saw a robots.txt which made mention of significant fines and lawsuits for people using automated methods of grabbing websites. The consensus is that one couldn’t get sued for using wget, but given the zone transfer decision made recently, care should be used when using automated tools to grab websites.
Apparently OTH has a bunch of 80+ year old listeners.
Keyboard Shortcuts With a Non-Apple Keyboard in Mac OS X
I have a non-Apple keyboard that doesn’t have volume buttons of any kind, yet I find the ability to change the volume from the keyboard incredibly convenient. System Properties’ built-in keyboard shortcut manager doesn’t support global shortcuts (I want to be able to change volume no matter what application is active), so I went in search of a solution and found Spark, which fits the bill nicely. Coupled with a few Applescript scripts, I’ve got volume control tied to some function keys.
For those who need help with Applescript, simply open Script Editor (Applications > Applescript > Script Editor) where you can paste in those scripts to test them. Alternatively, just save each one (minus the function definition) into files ending with “.scpt” and they will then open with Script Editor.
Alt+Click Window Moving and Resizing in Mac OS X
Anyone who has used X Windows enough, has certainly experienced the wondrous ability to move windows with alt + left click and resize them with alt + right click. I quickly missed this ability after switching from a Linux machine at home to one running Mac OS X. Luckily, like every small annoyance in Aqua, this one can be fixed with a small utility called Zooom, which allows you to set key bindings for resizing and moving windows. Additionally, Zooom can provide magnetism to screen edges and the menu bar. It’s free for 30 days and then $15.