RyuKent on Life

To set Grub 2 to automatically boot to the previously used OS as default you need to turn on saving default and set the default to saved.

In terminal:

cd /etc/default/
gksu gedit grub

Add the following lines:

GRUB_DEFAULT=saved
GRUB_SAVEDEFAULT=true

Then:

sudo update-grub

With the excitement growing over this Monday’s announcement of the new iPhone (yes it still hasn’t been confirmed) the important question is now growing – do we actually care? More importantly, will this be the moment I finaly make the switch to Android. I’m pretty sure now it’s a matter of time rather than if.

There’s an interesting article called 10 things Androd does better than the iPhone and so for convenience sake, I will set out my reasons below according to this list.

1 – Multitasking: This is indeed a big problem for me in my iPhone usage. I frequently read the news in MobileRSS on the train home, only to find a text message from my wife skips out of the application and I have to load the whole thing again. Why can’t twitter update itself without needing 101 push alerts bugging me every 5 seconds. Apple to promise to fix this in the upcoming OS4 though, so I will for now not use this as a reason to switch. Battery life is important here too. I don’t want all my apps running all the time, but I do want at least a choice.

2 – Homescreens and Widgets: The iPhone was clearly not designed to have hundreds of apps as in the beginning there were only a few. Apple never really solved this problem properly and although fanbois claim style superiority, most will agree the iPhone homescreen is badly in need of an overhaul. For me though it’s widgets that are key. I used to think the whole idea of widgets was crap. But increasingly there is information such as the weather, my tweets etc. that I would like to have displayed. I shouldn’t have to stop all the other apps and open a slow loading specific app just to get this. Further more, apple has even banned a legitimate widget like app just because it looked like a home screen. Is this a hint at what is to come. Better hope so or I will be disappointed.

3 – Apple has a better app market: This is true at the moment, but hardly a long term argument. The iPhone launched its app store long before Android did and also there are still many more iPhones out there. This will change as there are many more Android handsets being sold. Plus it is easier to develop for Android. Interestingly, Android phones used to be limited in the apps they can store by the internal memory. With FroYo Android 2.2 though, you can install onto the SD card. Because of this, expect to see much larger applications becoming available, especially games which were limited before. Finally… isn’t it nice that Android phones don’t have to use the google store. So Steve can’t stop you from installing things h doesn’t like. I jailbreak because I need extra functionality, so this is an important issue.

4 – Android gives you better notifications: Yes, as I mentioned above widgets and the lack of the huge iPhone popup that dominates everything and steals focus are definitely luring me in Androids direction. Again, apple has suggested this will change. We shall see.

5 – Android lets you choose your hardware: So does the iPhone, but then again there’s not much choice. I guess this is less of an issue for me as the iPhone format is quite similar to what I want in a phone. If I wanted something smaller then it would be a problem. Actually I’d like something a bit bigger and with a better camera and an FM or DAB radio please. Android can do that. Steve’s gonna have to pull something out of the hat on Monday to sell me over the HTC Desire.

6 – Availability on different networks: I think this is no longer relevant in the UK. Crap O2 performance will probably mean I leave for a better network though.

7 – ROMS: There is so much potential here. iPhone users can jailbreak, but Android users can run whole different version of the OS on their phone. Like SenseUI on a Nexus One or custom patched Androids that remove vendor customisation crap.  I think we’re going to see a lot of development here.

8 – Android lets you change settings faster: One thing that I completely rely on with my iPhone is the SBSettings by BigBoss. This allows you to quickly turn WiFi and 3G on and off. By default I keep everything off to save battery life and only turn on when I need it. This can be done quickly in Android but the iPhone requires you to go into settings and is very long winded. I think this could be solved quickly in the new OS4, but I somehow doubt Steve will bother. If I couldn’t jailbreak my iPhone to do this, I would probably have to bin it.

9 – Android does integration: This is a killer that might well clinch the deal for me. Apple are never going to allow other applications to integrate into their locked down systems. But sometimes integration is a really good idea. Why not have facebook and twitter integrated into the address book. Why not have the option to automatically upload pictures to flickr without having to run a whole new app and close everything else down. To me this is common sense. Unless Apple seriously rethink their entire paradigm on control, Android will keep biting them in the ass on this, over and over again.

10 – Price: The simple fact is Apple stuff is overpriced. Some people don’t care, but eventually it will matter. As Android phones are cheaper, more people will have them. When more people have them, the services on offer will be better. This is the current argument for buying an iPhone. Give it 12 months though and the tables will be reversed. I’m happy to be ahead of the game and spend my saved cash on a nice SD card that iPhones don’t support.

Beyond these key points I’d like to raise the general point of customisation and freedom. A friend said to me recently “I don’t care about open source. It doesn’t help me. I just like my phone to be easy to use and look good.” He had a fair point, but ultimately an open system that you can change and improve will look better and be easier for you to use. Why should I put up with what Apple have designed when a 3rd party can do better?

All this said, I’ll probably go out and buy an iPhone HD or whatever it’s called after Monday. But I will have high expectations. The slightest disappointment and HTC is already there for me. Go on Steve, impress me.

This post is a great list of Linux reference sheets. There are over 25  quick reference guides to use. Worth bookmarking!

It seems the reasons that the PS3 slim won’t have the OtherOS option are not as we expected. Seeing as Sony make a loss on these machines and can only recoup the costs by selling games and peripherals, it does make sense that they don’t want people buying hundreds to use in PS3 cells. Those people don’t buy games or peripherals. Sony just lose out.

But apparently this is not the reason that the new PS3 has had its linux capability removed. According to this post on the official Sony linux site, by a Sony employee, the reason is that the hypervisor drivers were too expensive to maintain.

“I’m sorry that you are frustrated by the lack of comment specifically regarding the withdrawal of support for OtherOS on the new PS3 slim.

The reasons are simple: The PS3 Slim is a major cost reduction involving many changes to hardware components in the PS3 design. In order to offer the OtherOS install, SCE would need to continue to maintain the OtherOS hypervisor drivers for any significant hardware changes – this costs SCE. One of our key objectives with the new model is to pass on cost savings to the consumer with a lower retail price. Unfortunately in this case the cost of OtherOS install did not fit with the wider objective to offer a lower cost PS3.”

So there we go. Maybe in the future we will see this option return. Lets all keep our fingers crossed. In the mean time, lets all go out and buy XBOX 360s as they seem to offer better value for money with a larger range of games should we get no linux love from Sony.

Note to Sony: Linux would have made me buy a PS3 slim. Now I’m buying from your competitor.

Linux-mag have posted a very interesting article comparing Ubuntu and MacOS. Strongly recommend a read. Link here.

I’ve been doing some experiments trying to use Japanese characters in Adobe Air applications. There doesn’t seem to be much written on this subject so far. I’ve discovered that it is possible to input in Japanese in both Windows and Linux (using SCIM), but that it is program specific and depends on the fonts that have been selected in the application. Unlike Java which has a system of switching to a different font when a character is not found in the default set, Air will not continue if it cannot render the character in the selected font.

Some applications seem to have implemented a work around by having an international font that can be selected in the settings. TweetDeck is a great example of this. You can turn on the international font and then SCIM works fine. See below:

So basically, at the moment, until Adobe improve the Air system, it looks like the suggested way of getting east Asian characters to work in Adobe Air is to contact the developer and ask them to implement an international font. I imaging the prospect of their software also working in China, Japan and Korea would probably be enough for most to do this.

Wow. Just read over at the google blog that google are set to launch a new OS. It’s planned to be an ultra fast linux kernel based web browser delivery system. Sounds similar to gOS. All the applications will be online and the windows rendering system will be all new. I’m a bit suspicious about this. Is it not a google attempt to do exactly what Microsoft have been criticised for in defaulting users to their services by tying them to the OS. Also what kind of offline facilities will we see? Are we really happy to run all our software though Java, Flash and the like?

Well it’s quite an exciting development anyway. The backing of a major player like Google can only help develop the linux based platform further. They claim they will need help from the open source community. This sounds great, but only if they give back to us what we put in. Question marks still remain as to how this will tie into Android. Supposedly, “Chrome OS” as it will be known is something completely different. I expect to begin with we will see this installed alongside windows on netbooks for people who need fast boots directly into the browser.

You never know, this could be the ground braking first step in a new era that sees Microsoft’s grip on the OS monopoly slip and herald a new age of more balanced OS competition. We shall see. I wait in anticipation.

What is one of the most dangerous things people do these days? They use one or two passwords for every site that they set up an account for on the internet. They might think that password is secure, but how secure is every site they give it to? A hell of a lot of people use the same password for their primary email account as they do for some random forum they wanted to post on. Dangerous! If someone hacks the forum and gets hold of their password and email, chances are, they’ll try the same combination on every other popular site…. ebay, paypal, online banking. You get the jist.

So if we are to have a different password for every different site, how on earth are we going to remember all these long and secure passwords? The answer is KeePass. This wonderful freeware open source application will keep all your passwords secure. How many times have you forgotten you had an account or had to create a new one because you forgot the password? KeePass will solve this. Moat people fear storing all their passwords in one place, but as long as this place is secure, there is a relatively low chance of anyone getting to the file. Then there’s the fact that the file will be encrypted using AES. This is the same encryption system that US diplomats use. Finally the data stored in memory will also  be encrypted to prevent other applications from accessing it.

KeePass is great, not least because it runs on Linux, MacOS and Windows, so you can take your passwords wherever you go. There’s a Blackberry port, android port, mobile Java port and they are even working on an iPhone port too. Any where you go you can take your password file with you and only with the master password can anyone read it. If course you have to remember one really long, strong password, but if you can remember that, all the rest of your accounts are safe.

And KeePass stores more than just passwords. It stores the URLs to websites you have accounts on and also your usernames. You can even add extra notes for each account. This way you can easily keep track of hundreds of accounts and give each one a different password. The password can be something you’d never be able to remember. The built in copy paste system allows you to transfer these passwords securely when needed without having to type them in, thus avoiding keyloggers.

Of course, no system is without its cons. Keeping your passwords all i one place would increase the danger should someone get hold of your password database along with your master password. But I am very much of the opinion that this would be much harder to do than to hack a small time forum you’ve used the same password as on other sites for. Security is only as strong as the weakest link. Make sure you have decent antivirus and spyware apps. Make sure you avoid using internet explorer and preferably windows if you can. If you follow simple common sense rules, KeePass should help organise your accounts and allow you to implement a more secure password regime.

You can download KeePass here.

OK, why am I really not surprised? ComputerWorld is reporting that the LSE have finally decided to ditch a crappy windows based TradElect system in light of serious failures culminating in nearly a day’s out time. When are people going to understand that the fundamental philosophy that windows is built on does not suit an enterprise mission critical server environment like this.

For example how can security through obscurity and locked down closed source systems still be in place in such important infrastructure. All the evidence points towards the fact that these systems suffer a massively greater number of security breaches than their opensource counterparts.

Then there’s the issue of performance. How can the LSE sit back and accept that their targets for latency have been no where near met whilst rivals enjoy far superior products? It’s about time people woke up. I really hope many onlookers will learn something here.

Introduction

This is a guide explaining how to create a secret encrypted drive the easy way using a graphic user interface. It covers installing and using the TrueCrypt software (version 6.2a) and Ubuntu (In my case linuxMint).

Before we start

Why would you want to create a encrypted drive? Why not? Probably the main reason is that you have some security sensitive file that you don’t want other people to have access to. An encrypted drive provides a safe place to put these kind of files so that people cannot see or access them without a password.

Why would you want to create a hidden drive? There are two main reasons. The first is because you have sensitive files as mentioned above. Perhaps you don’t want people to know they exist. The second reason is more serious. Recently a number of governments have implemented laws where you can be forced to provide encryption keys to officers (for example at airports) so that they can decrypt your files. It can be a criminal offence not to provide or to claim you have forgotten these keys.

Imagine if you could comply, give them a key that they can use, decrypt some files you don’t care about and still not have access to your sensitive files. Imagine if they could never prove that you were hiding any additional documents and that you could therefore show that you have been completely complaint with the law and yet still keep your files safe. This is now possible!

DISCLAIMER: I do not, and will not ever advocate breaking laws. If you fail to prove an encryption key when legally required to do so, you could breaking the law. Don’t do it.

How it works

Basically, first a container encrypted drive is created. Some non sensitive files are put on this drive. The remaining space is made up of random data. Then within this random data, a second hidden drive is placed. This drive can only be accessed with a second encryption key. Without that key it should be mathematically impossible to identify whether the random data is in fact random data or a second hidden encrypted drive. It could just be free space within the first drive.

When forced under coercion to provide an encryption key, you provide the first one. They can decrypt the first container drive. They see your not so sensitive hidden files. They cannot ascertain if there is anything in the free space remaining and you have complied with the law and provided the decryption key. Provided the dummy files you have provided are interesting enough they’ll probably be kept busy trying to work out why you encrypted them or simply feel happy you didn’t have anything worth finding.

The TrueCrypt system is easy to use, uses very strong encryption (US government agencies are authorised to use this cipher for all levels up to top secret), and is also Windows and Mac compatible for those people who share external devices with Windows / Mac systems too.

Installing TrueCrypt

TrueCrypt is not currently available in the repositories for various reasons (possibly licensing). However, it is opensource and free for you to use. You need to download it from:

http://www.truecrypt.org/downloads.php

Go to the Linux section and select Ubuntu DEB. 86 and 64-bit versions are available. It will come in a compressed file, so you’ll need to decompress it and then run the deb file. It should install itself from then. The GUI will become available in the ‘other’ folder in your applications menu. While you’re at it, make sure you have the ‘GParted’ package installed too. This is the GNOME Partition Editor and is available in the normal repositories.

Two Different Types of Drive

There are two different types of drive. One is stored like a normal partition on a physical drive. The other is stored in a container file. The file can then be stored anywhere that a normal file can. It can be renamed, copied, emailed etc. For the first example, we will use a physical drive. Then I will cover creating a file too. The benefits of a drive is that you just have don’t have a file lying about that could draw attention to itself. For onlookers it will appear you just have an empty unformatted drive. Maybe it’s new, maybe you haven’t formatted it yet (actually you are hiding stuff there). The benefit of a file is that you don’t need to do any formatting or partitioning, etc. You can send, move, copy, rename the file, etc. Both systems use the same technology and are essentially just as secure, except that the file option obviously suffers from all the usual security issues with having a file.

Using the Physical Drive Method

In this example, we will use a USB key. I’m using the whole drive, you can use a partition on the key if you want, but I’m going to use the whole drive for simplicity. Make sure there is nothing on the drive you need. Then open GParted. This can be found in the System / Administration / Partition Editor menu. Ubuntu should automatically detect the device. If it has mounted existing volumes, dismount (eject) them. In GParted, find the drive in the drop down list at the top right. In my example it is /dev/sdb (117.66). If you’re no sure, use the size to determine which drive. Warning, don’t follow the next few steps on your primary hard disk or you could delete everything on your PC!!!

As you can see in my example, there are no partitions. That’s what you want. If there are some existing ones, delete them (right click on them). Once you are finished, click on the apply button at the toolbar. It should bring you to a screen that looks something like the example. Unallocated is what you want. A disk that looks completely empty, no partitions. Remember the name of the drive (/dev/sdb in my case)

Setting up the Encrypted Drives

Open TrueCrypt (Applications / Other / TrueCrypt). Select Volumes / Create New Volume… Then select “Create a volume within a partition / drive”.

Then select “Hidden TrueCrypt Volume“.

You will now be prompted to select your device. Click on the “Select Device…” button and select the drive that we cleared earlier (/dev/sdb in my case).

Clicking on next will bring up a warning message. Provided you have selected the correct drive, there is no danger of clicking OK. Please check you have selected the correct drive before proceeding.

At this point it will ask you for the encryption type to use for the outer volume. In the example, I have used AES as it is the most common cipher. You can change it if you want.

It will now prompt you to enter the outer volume password. This is the password you might have to divulge under duress. It should not be a dictionary word and should include a combination of letters and numbers. You probably don’t want to have “Display password” on as in my example.

Now select your file system. I recommend FAT as it is readable in Windows as well.

The next screen will allow you to format this drive. Moving the mouse around a bit will allow you to generate a completely random seed to format the disk with. This fills it will random data. Finally, you will be prompted to open the outer volume.

This is where you have the opportunity to place a few ‘dummy’ files that someone would be able to see if you provided them with the dummy key.

When you have finished, close the browser for that drive and return to TrueCrypt. Click on “next” and you will be prompted to go through the processes again for the hidden drive.

You can just use the same encryption as you did for the first drive. Make sure that the password you use this time is different from the first one!

You will need to choose a size. This is the size that the hidden drive will take up. It needs to be smaller than the container drive because it sits in its free space. In my example I’ve chosen 120MB so as to leave a couple of megabytes to store the dummy files in. Select FAT as the file system again and format. You have now set up your hidden drives.

How to Mount the Drive

There are two ways to mount the drive – automatic and manual. Automatic is less hassle but takes longer, manual requires you to select the device.

In the main TrueCrypt dialogue, select “Auto-Mount Devices”. You will be prompted for your password. Here enter the password for the hidden drive (the second one you used earlier).

TrueCrypt will search and find your device automatically. It will mount it in /media/truecrypt1. This is your hidden drive. Feel free to use it as you wish. Files stored there are automatically encrypted.

Make sure you unmount it when you’ve finished. This can be done easily by right hand clicking on the TrueCrypt icon in the system tray and selecting “Dismount All Mounted Volumes”.

Manually Mounting

Let’s manually mount a drive and also see what happens if we try to mount the outer drive. Make sure you’ve dismounted the hidden volume, then click on “Select Device” button in TrueCrypt. Select your drive, then click on “Mount”. This time enter the first password you used.

It will mount the outer volume. Here you can see you dummy file that you used earlier. This is what other people would see you if were forced to divulge the fake key. Make sure you don’t add any more data to this drive as it will write over your secret drive. In fact, after setting up the outer drive, better not to use it at all. You can open in in protected mode so that the hidden system is protected. This is done using options in the mount dialogue.

For quicker mounting, you can add mount points to your favourites so that you can quickly mount that volume by right clicking on the TrueCrypt icon in the system tray.

Using a File

Instead of using a drive, you can create an encrypted volume and a hidden volume within a file. This is done pretty much the same way as in the first example, but you select “Create an encrypted file container” in the “Create New Volume” dialogue. When mounting those volumes, you will need to select the file instead of device.

Things to Remember

Following the above instructions should allow you to set up your hidden encrypted drives. Remember, always use the second password and so the hidden volume. Only ever give away the first password. Don’t write data in the container drive unless you’ve protected it. Make sure the dummy files look realistic or it will be harder to claim that it is you actual encrypted drive. Remember to dismount drives after you’ve finished using them. Operate a physical security regime.

Though it will take a very long time to brute force crack this strong encryption system, no system is ever safe against a brute force (guess every possible key) attack. Better to prevent someone coming into contact with your physical disk! Use long passwords that are a mixture of words and numbers that you can remember, other people cannot guess and are preferably not in a dictionary. For keeping a list of passwords secure, I recommend using KeePass. It is also available for Linux and Windows and uses strong encryption.