RyuKent on Life

Finally I did it. I ran HelloOX after signing it using my certificate. It ran for over an hour. I almost gave up. Eventually, I thought enough was enough and after an hour and a half, I selected cancel. But, it worked! I can now install non-signed software on my E63.

Things to remember -

• Run SignSIS in XP compatibility mode, otherwise you can’t output signed files in Vista.
• Wait for HelloOX to do it’s thing. It can take a long time.
• I tested successfully with HelloOX 1.04
• I’m using SignSIS 1.1

I got HelloOX 1.04 from here.

I got SignSIS 1.1 from here.

I got my certificate by following the links in my previous post.

Please do not use this method for running pirate software on the Nokia E63. This should be used for testing purposes only or to run stuff that needs to be released without waiting to be signed or software Nokia don’t like. Software piracy is possibly illegal.

Introduction

This is a guide explaining how to create a secret encrypted drive the easy way using a graphic user interface. It covers installing and using the TrueCrypt software (version 6.2a) and Ubuntu (In my case linuxMint).

Before we start

Why would you want to create a encrypted drive? Why not? Probably the main reason is that you have some security sensitive file that you don’t want other people to have access to. An encrypted drive provides a safe place to put these kind of files so that people cannot see or access them without a password.

Why would you want to create a hidden drive? There are two main reasons. The first is because you have sensitive files as mentioned above. Perhaps you don’t want people to know they exist. The second reason is more serious. Recently a number of governments have implemented laws where you can be forced to provide encryption keys to officers (for example at airports) so that they can decrypt your files. It can be a criminal offence not to provide or to claim you have forgotten these keys.

Imagine if you could comply, give them a key that they can use, decrypt some files you don’t care about and still not have access to your sensitive files. Imagine if they could never prove that you were hiding any additional documents and that you could therefore show that you have been completely complaint with the law and yet still keep your files safe. This is now possible!

DISCLAIMER: I do not, and will not ever advocate breaking laws. If you fail to prove an encryption key when legally required to do so, you could breaking the law. Don’t do it.

How it works

Basically, first a container encrypted drive is created. Some non sensitive files are put on this drive. The remaining space is made up of random data. Then within this random data, a second hidden drive is placed. This drive can only be accessed with a second encryption key. Without that key it should be mathematically impossible to identify whether the random data is in fact random data or a second hidden encrypted drive. It could just be free space within the first drive.

When forced under coercion to provide an encryption key, you provide the first one. They can decrypt the first container drive. They see your not so sensitive hidden files. They cannot ascertain if there is anything in the free space remaining and you have complied with the law and provided the decryption key. Provided the dummy files you have provided are interesting enough they’ll probably be kept busy trying to work out why you encrypted them or simply feel happy you didn’t have anything worth finding.

The TrueCrypt system is easy to use, uses very strong encryption (US government agencies are authorised to use this cipher for all levels up to top secret), and is also Windows and Mac compatible for those people who share external devices with Windows / Mac systems too.

Installing TrueCrypt

TrueCrypt is not currently available in the repositories for various reasons (possibly licensing). However, it is opensource and free for you to use. You need to download it from:

http://www.truecrypt.org/downloads.php

Go to the Linux section and select Ubuntu DEB. 86 and 64-bit versions are available. It will come in a compressed file, so you’ll need to decompress it and then run the deb file. It should install itself from then. The GUI will become available in the ‘other’ folder in your applications menu. While you’re at it, make sure you have the ‘GParted’ package installed too. This is the GNOME Partition Editor and is available in the normal repositories.

Two Different Types of Drive

There are two different types of drive. One is stored like a normal partition on a physical drive. The other is stored in a container file. The file can then be stored anywhere that a normal file can. It can be renamed, copied, emailed etc. For the first example, we will use a physical drive. Then I will cover creating a file too. The benefits of a drive is that you just have don’t have a file lying about that could draw attention to itself. For onlookers it will appear you just have an empty unformatted drive. Maybe it’s new, maybe you haven’t formatted it yet (actually you are hiding stuff there). The benefit of a file is that you don’t need to do any formatting or partitioning, etc. You can send, move, copy, rename the file, etc. Both systems use the same technology and are essentially just as secure, except that the file option obviously suffers from all the usual security issues with having a file.

Using the Physical Drive Method

In this example, we will use a USB key. I’m using the whole drive, you can use a partition on the key if you want, but I’m going to use the whole drive for simplicity. Make sure there is nothing on the drive you need. Then open GParted. This can be found in the System / Administration / Partition Editor menu. Ubuntu should automatically detect the device. If it has mounted existing volumes, dismount (eject) them. In GParted, find the drive in the drop down list at the top right. In my example it is /dev/sdb (117.66). If you’re no sure, use the size to determine which drive. Warning, don’t follow the next few steps on your primary hard disk or you could delete everything on your PC!!!

As you can see in my example, there are no partitions. That’s what you want. If there are some existing ones, delete them (right click on them). Once you are finished, click on the apply button at the toolbar. It should bring you to a screen that looks something like the example. Unallocated is what you want. A disk that looks completely empty, no partitions. Remember the name of the drive (/dev/sdb in my case)

Setting up the Encrypted Drives

Open TrueCrypt (Applications / Other / TrueCrypt). Select Volumes / Create New Volume… Then select “Create a volume within a partition / drive”.

Then select “Hidden TrueCrypt Volume“.

You will now be prompted to select your device. Click on the “Select Device…” button and select the drive that we cleared earlier (/dev/sdb in my case).

Clicking on next will bring up a warning message. Provided you have selected the correct drive, there is no danger of clicking OK. Please check you have selected the correct drive before proceeding.

At this point it will ask you for the encryption type to use for the outer volume. In the example, I have used AES as it is the most common cipher. You can change it if you want.

It will now prompt you to enter the outer volume password. This is the password you might have to divulge under duress. It should not be a dictionary word and should include a combination of letters and numbers. You probably don’t want to have “Display password” on as in my example.

Now select your file system. I recommend FAT as it is readable in Windows as well.

The next screen will allow you to format this drive. Moving the mouse around a bit will allow you to generate a completely random seed to format the disk with. This fills it will random data. Finally, you will be prompted to open the outer volume.

This is where you have the opportunity to place a few ‘dummy’ files that someone would be able to see if you provided them with the dummy key.

When you have finished, close the browser for that drive and return to TrueCrypt. Click on “next” and you will be prompted to go through the processes again for the hidden drive.

You can just use the same encryption as you did for the first drive. Make sure that the password you use this time is different from the first one!

You will need to choose a size. This is the size that the hidden drive will take up. It needs to be smaller than the container drive because it sits in its free space. In my example I’ve chosen 120MB so as to leave a couple of megabytes to store the dummy files in. Select FAT as the file system again and format. You have now set up your hidden drives.

How to Mount the Drive

There are two ways to mount the drive – automatic and manual. Automatic is less hassle but takes longer, manual requires you to select the device.

In the main TrueCrypt dialogue, select “Auto-Mount Devices”. You will be prompted for your password. Here enter the password for the hidden drive (the second one you used earlier).

TrueCrypt will search and find your device automatically. It will mount it in /media/truecrypt1. This is your hidden drive. Feel free to use it as you wish. Files stored there are automatically encrypted.

Make sure you unmount it when you’ve finished. This can be done easily by right hand clicking on the TrueCrypt icon in the system tray and selecting “Dismount All Mounted Volumes”.

Manually Mounting

Let’s manually mount a drive and also see what happens if we try to mount the outer drive. Make sure you’ve dismounted the hidden volume, then click on “Select Device” button in TrueCrypt. Select your drive, then click on “Mount”. This time enter the first password you used.

It will mount the outer volume. Here you can see you dummy file that you used earlier. This is what other people would see you if were forced to divulge the fake key. Make sure you don’t add any more data to this drive as it will write over your secret drive. In fact, after setting up the outer drive, better not to use it at all. You can open in in protected mode so that the hidden system is protected. This is done using options in the mount dialogue.

For quicker mounting, you can add mount points to your favourites so that you can quickly mount that volume by right clicking on the TrueCrypt icon in the system tray.

Using a File

Instead of using a drive, you can create an encrypted volume and a hidden volume within a file. This is done pretty much the same way as in the first example, but you select “Create an encrypted file container” in the “Create New Volume” dialogue. When mounting those volumes, you will need to select the file instead of device.

Things to Remember

Following the above instructions should allow you to set up your hidden encrypted drives. Remember, always use the second password and so the hidden volume. Only ever give away the first password. Don’t write data in the container drive unless you’ve protected it. Make sure the dummy files look realistic or it will be harder to claim that it is you actual encrypted drive. Remember to dismount drives after you’ve finished using them. Operate a physical security regime.

Though it will take a very long time to brute force crack this strong encryption system, no system is ever safe against a brute force (guess every possible key) attack. Better to prevent someone coming into contact with your physical disk! Use long passwords that are a mixture of words and numbers that you can remember, other people cannot guess and are preferably not in a dictionary. For keeping a list of passwords secure, I recommend using KeePass. It is also available for Linux and Windows and uses strong encryption.

One thing that I really think should be added as default in Gnome is the root file browser. So often one needs to adjust permissions or move/copy a file outside the home area.

A quick and easy way to set up a link is to edit a new file:

“gksudo gedit /usr/share/applications/Nautilus-root.desktop” and add the following:

[Desktop Entry]

Name=File Browser (Root)
Comment=Browse the filesystem with the file manager
Exec=gksudo “nautilus –browser %U”
Icon=file-manager
Terminal=false
Type=Application
Categories=Application;System;

On Learning

One thing that I first want to point out is that the most effective way of learning new vocabulary is not from a list at all, but from putting yourself in real life situations where the word comes into context and has a distinct situational meaning to you. This will allow it to stick in your mind and also provide examples of its usage so that you know how to string it into a sentence.

But

However, we are not all lucky enough to be surrounded by such a real life environment and also this system takes a considerable amount of time. Most language students are required to learn large lists of vocab, especially for tests. Subsequently, a different method must be applied (though ideally in parallel to the above).

Most effective way?

So based on the fact that a list must be learned, we then come to the question, what is the most effective way. First look at the goal. How will this list need to reproduced from memory. If the answer is sequentially in order, then go away and read the list 100 times. Usually though, we will need to be able to translate the word in one or both directions on the fly. To achieve this, we will need to create hooks in our mind that bind the two (or 3 in case of Kanji and pronunciation) words together. This can be done by simple looking at them continuously, but normally the greatest problem to overcome is knowing what needs to be learned and concentrating on the the ones that we are least comfortable. To efficiently manage our time, we should target learning specifically to what we need to learn. A Computer Program Can Help!

This is where a computer program such as Tango Blaster can REALLY HELP. I spent hours with paper lists and yes I did manage to learn a lot, but I ended up wasting valuable time reading down words on the list that I already knew and this caused me to get bored and skip ones I didn’t. Also, after a while I began learning the order which was really dangerous as taken out of this order, I found it much harder to produce the answers.

The solution

The solution is to have a program that can dynamically create lists, filter out what you know, leaving a core list of subject to be studied and then to be able to shuffle the data in order to test your ‘on the spot’ knowledge. Also, the other benefit is that it allows you to quickly select which part of the the data you want to be prompted with and which part to reproduce. I have found through bitter experience that simple knowing a word from Japanese > English, does not mean you can then reproduce it back the other way in a real life situation. it is VERY important to learn words both ways round in order to be able to use them.

So I thought jailbreaking an iPhone was an annoyingly tedious task. Looks like the process for a Nakia e63 and symbian is even more tricky. Nokia have really locked down their system. But there is a hack. Only problem is getting it onto your phone in the first place.

If you just want to run uncertified software (you may be a developer or running tests), you’ll need to have a developer certificate. This will allow you to self sign your own applications and specifically the HelloOX. At the time of writing HelloOX 1.4 is the latest version. This will unlock your phone to unsigned apps.

In order to install HelloOX, you’ll need to get a certificate. At the moment there is a Chinese website which will give you 1 certificate for free. Certificates are based on IMEI. That means it will only work for your phone. There’s a great guide to using this site for people who don’t read Chinese here.

Once you’ve obtained the certificate, you’ll be able to sign stuff using the guide on this site. If you’re only going to install a few apps, you can sign them yourself, or download HelloOX to remove the need to sign.

Good luck!

Was sad to read today on TechPress that PCLinuxOS is going to split. I really feel that right now the linux community doesn’t need more fragmentation. Of course it’s great that there are so many distributions out there catering for a wide variety of tastes and demands, but what Linux badly needs right now is a core of large dists that are stable, updated reliably and with a community large enough to create the critical mass needed to really challenge the other OS players (specifically Windows and MacOS). PCLinuxOS does fall into this category and so I feel it’s sad that the community is likely to split.

There are already 101 smaller options and to be quite honest there are arguable only 5 or so mainstream popular titles to chose from. In my opinion, the PCLinuxOS community needs to rally and sort out their infighting. Having a founder / ‘owner’ who disappears for a year is clearly not acceptable, but is that really a reason to break up the project? People must accept in any community there will always be those who don’t agree. If a democratic system is set up with clear guidelines over who is in control and a mechanism to ensure decent project leadership this really shouldn’t be an issue. I think what people need to realise is that the project is bigger than they are and that sometimes we need to put our differences aside for the greater good.

The National Rail app is perhaps one of the most controversial for the iPhone. The information provided is freely available on the web and worst still they’ve threatened legal proceedings against other applications that use this data. So the important question is: Is this app worth £5?

The answer is not so straight forward.

Good points include the GPS enabled find the nearest station feature and built in home station and departures lists. But the real benefit over using safari is the fact that you can use a native interface which is faster, feels nicer and is easier to use.

You really have to ask yourself, how often will I use this app? If your daily commute relies on it and you’ll use it all the time then I really think it’s worth it. If you’ll just use it occasionally then perhaps £5 is a little steep.

It’s a shame they don’t sell this for 2.99, in which case I’d be telling everyone to get it and nobody would complain. The fact is that they know they can skim the extra because they have a monopoly. Despite this, I still think it’s worth it if you use it often.

Price 1/10. App 8/10

I’ve long been a fan of Ubuntu, my favourite brand of Linux. It’s fast, has all the features I need, has a great community and feels good….. only thing is, there are of course some areas where I feel like it’s not quite finished.

Enter linuxMint. Mint is a great distribution built on Ubuntu that finishes off all the little unpolished areas that Ubuntu lacks.

Here are my 10 reasons to use Mint instead of Ubuntu:

1. It is Ubuntu anyway – you get everything in Ubuntu and more.
2. It looks soooo much nicer – swap dodgy orange for sexy green.
3. Start menu style launch system makes loading applications fast and un-clunky.
4. Software installation system simplified with great selection of commonly used applications.
5. Great selection of packages pre-installed.
6. Applications are reviewed and have screenshots so you can see what packages are like before installing them.
7. Codecs for all your standard media comes installed and works out of the box.
8. Grub runs in full graphics mode as standard and doesn’t look like something from 1987.
9. Fully compatible with your existing ubuntu setup, runs on the same repositories.
10. Lots of small tweaks like fonts setup and my own favourite – decent out of the box East Asian language support.

Go on….. give it a try: http://www.linuxmint.com/

Why would you want to jail break your phone? Why not? Doesn’t cost you anything, won’t damage it. Will allow you to  run a  host of great applications and make use of some features that Apple has left locked. Why have they done this? Not for your benefit, but so they can negotiate contracts that force you to buy their products or use their app store and ultimately just increase their income.

Is it illegal? Certainly not in the UK! You are not stealing, you are not hacking into someone else’s system. You own your iPhone, you are just modifying it. True Apple would like you not to, but they cannot do anything about it.

So how do I unlock my iPhone to the world of goodies? I might here you ask. This is pretty simple thanks to those great people over at the iPhone Dev Team. First you’ll need to download redsn0w. This can be found here.

When it’s ready, extract the files to a location of your choice. Remember, if you are using Windows Vista or 7, you will need to put the application in XP compatibility mode and give it administrator rights otherwise you will get the “redsn0w.exe has stopped working” error and it will crash during the upgrade. This can be done by right clicking on the executable file and selecting the compatibility tab on properties.

The next thing you’ll need to do is upgrade your iPhone to 3.0 in itunes if you haven’t already. When it’s all updated and ready, plug the phone into your PC by USB and then switch it off. Now run redsn0w.

You’ll be asked for an IPSW file in the process. This is the 3.0 software that you will already have downloaded in iTunes and can be found in the “AppData\Roaming\Apple Computer\iTunes\iPhone Software Updates” folder within your user directory (parent of My Documents).

Follow the instructions given and with luck, your system should be unlocked (jailbroken) within 5 mins or so. Once unlocked, run the newly installed Cydia application and I’d recommend installing the following packages under the ‘Featured Packages’ section of the home screen:

BossPrefs – Configure your phone easily

MobileFinder – File management

SBSettings – One touch access to WIFI on off and other settings

OpenSSH – Secure access to your iPhone from your PC to upload files etc

There are many other wonders to be found in Cydia. Good luck!

RSS Runner is a great little program. Forget 101 news apps that are supposed to go online and download news from one provider who want to lock you in. Forget 101 apps that all have different interfaces and need to be loaded separately. RSS Runner is all you need on your iPhone.

Once you’ve got your favourite news sites registered (or any other RSS site for that matter and pretty much every decent site is), you can just touch the refresh button and it goes off and downloads all your articles for you. They’re stored in cache as well so you can read offline when you’re on the train and have no signal.

Great little extras include the facility to import your google reader feeds and there’s even a search option to find new feeds by topic.

Best of all it’s free. Don’t delay, download today!!! 9/10