linux

SUSE/Novell plans to no longer distribute proprietary drivers

That's nice. Apparently SUSE/Novell are planning to no longer include any proprietary (kernel) drivers in their Linux distributions. (Most of) the kernel developers dislike binary drivers in the kernel and SUSE/Novell are clearly supporting the developers with their move.

Although they plan a system for including binary drivers from userspace somehow, I still think this is a good sign. I hope it will help to convince some hardware manufacturers to release the source code of some of their (now) proprietary drivers...

This whole debate was started by Arjan van de Ven's original post to the LKML in December 2005, AFAIK.

(via Heise)

HOWTO: Encrypted USB thumb drives and (USB) hard disks using loop-AES

Yet another thing that has been on my TODO list for quite a while: encrypted USB thumb drives and/or encrypted external USB hard drives.

I have finally tried this over the weekend using loop-AES. This is very useful for securing your USB thumb drive contents in case you lose it or it gets stolen. Also, I use an external USB hard drive for backups (previously unencrypted). This is encryped now, too.

Here's a quick HOWTO:

  1. Get the loop-AES kernel patches, apply them, enable "AES encrypted loop device support" in "Device Drivers -> Block Devices -> Loopback device support", and recompile the kernel.
    I also enabled "loop encryption key scrubbing support" as it seems to promise higher security (can anybody confirm that?).
    If you're using the Debian kernel packages, apt-get install loop-aes-2.6-686 (or a similar package) should suffice.
  2. Get a loop-aes enabled losetup, mount etc.:
    apt-get install loop-aes-utils
  3. Securely delete the target partition: shred -n 1 -v /dev/sda3.
    Use -n 25 or higher if you want more security and have a few days time to wait for the thing to finish...
  4. Setup the loopback device: losetup -e aes256 -C 3 -S 'seed' /dev/loop0 /dev/sda3.
    Notes:

    • I used AES-256 as cipher, but others are possible.
    • The -C 3 means "run hashed password through 3000 iterations of AES-256 before using it for loop encryption. This consumes lots of CPU cycles at loop setup/mount time but not thereafter." (see losetup(8)). This is supposed to be more secure.
    • Using -S 'seed' (replace "seed" with a secret string like "g7sN4" or something) should make brute force attacks a bit harder. Don't forget the seed!
    • You'll be asked for a passphrase > 20 characters. Choose a good one. Don't forget it!
  5. Create the filesystem (I used ext3): mke2fs -j /dev/loop0
  6. Detach the loopback device: losetup -d /dev/loop0
  7. Add this to /etc/fstab:
    /dev/sda3 /mnt/crypted_sda3 ext3 noauto,loop=/dev/loop0,encryption=AES256,itercountk=3 0 0
  8. Mount the (now encrypted) partition by supplying the seed and entering the chosen password: mount -o pseed=seed /mnt/crypted_sda3
  9. Done. You can now copy stuff to /mnt/crypted_sda3 which will be encrypted automatically.

For a more detailed guide read the Encrypted-Root-Filesystem-HOWTO. A performance comparison of different ciphers is available, but in general I didn't notice too much of a slow-down because of the encryption...

Beagle 0.2.1 released - fancy desktop search tool for Linux

Beagle screenshot 1

Beagle 0.2.1 is out. Beagle is a very useful desktop search engine for GNOME (but you can use it with KDE, too, or even without any desktop environment like I do). Despite the low version number it is already quite stable and usable, and has lots of features.

It can index all kinds of files and information on your computer (txt, pdf, doc, emails, IM logs, IRC logs, source code, images, music, and whatnot) and provides a very nice (new) search interface (see screenshot).

Yes, Google Desktop Search and Spotlight do the same thing, but neither is available for Linux, and neither of them is Free Software. They can "phone home" without telling you and do other funny things. With Beagle you can easily check what it does (use the source, Luke!).

Oh, and Beagle can now also parse Ruby files, a simple filter I had written and submitted has been included in the latest release (well, actually it was there in 0.2.0 already, but I didn't tell anybody ;-)).

For those who care about SN9C10x based webcams

Webcam
Sonic-snap screenshot
Sonic-snap-gui screenshot
Note: Yeah, I'm abusing the latest Debian flamewar meme for some attention mongering. Sue me.

A few days ago, I have tested my cheap, crappy webcam I bought more than a year ago for the first time. Using the latest SN9C10x driver (which is already included in recent 2.6.1x kernels) worked fine, i.e., the USB webcam was recognized.

I tried running sonic-snap (site is currently down, try the Google Cache) in order to get snapshot images and/or videos off the webcam, which initially didn't work. But I soon found out what the cause of the problem was and created a trivial patch which fixed the problem for me.

Then, after I made myself look like an idiot by reporting a bug against a non-existing sonic-snap Debian package, I finally sent the patch to the upstream author. I'll probably ITP the package, though, as I might be using the webcam more often...

I also tested the webcam with Gnomemeeting for some videoconferencing fun, which didn't work at first either. After some stupid guessing and googling, I finally found out that you need to apt-get install libpt-plugins-v4l2, which is not installed by default (why?). Other than that (and apart from the really, really crappy image quality of the webcam), it worked really nice...

Here's the exact lsusb output for Google to parse, other people might be searching for this info:

Bus 003 Device 003: ID 0c45:602a Microdia Meade ETX-105EC Camera

Genie 1693 PDA - what can I do with it?

Genie 1693 PDA

I'm rich! I won the lottery this weekend! I won 8.70 Euros in total... Of course I went out to spend the huge amounts of money I now possess on some ultimately useless gadget.

I got myself a Genie 1693 PDA thing. Which costs 13 Euros. Next time I'll have to win more money ;)

Anyways, the gadget has 384 KB of memory, a touchscreen, and a serial cable to connect it to a computer. Let's see if I can come up with something interesting to do with this thing (suggestions welcome). I was thinking in the direction of putting my own software on it (I don't think that'll work) or reverse engineering the communication protocol or whatever comes to my mind when I'm bored...

Syndicate content