Archive for the “english” Category

While installing gentoo on my laptop, I had to switch over and use initramfs as I want full disk encryption.
Dracut provides a module which can load gpg encrypted keys and open a LUKS encrypted disk. This is nice, but it requires manual setup.
As I always forget about such things, I went on and implemented a small but easy to use auto-detection for LUKS encrypted volumes.
The script checks /boot/.luks for key-files named <VOLUME UUID>[.gpg] for each LUKS Device found in fstab. if found, it adds a entry to /etc/cmdline.
The patch is simple and consistent with how dracut deals with UUIDS (which is rather odd, they use udev to get the UUID instead using blkid. No idea why).

Patch for the crypt-module in /usr/lib/dracut/modules/90crypt (if using gpg-encrypted files, you need add crypt-gpg to the modules list in /etc/dracut.conf or you won’t be able to open your key on boot!)

--- module-setup.sh.orig	2012-02-24 15:38:08.000000000 +0100
+++ module-setup.sh	2012-03-29 00:24:49.997233979 +0200
@@ -22,6 +22,23 @@
         [[ ${ID_FS_UUID} ]] || return 1
         if ! [[ $kernel_only ]]; then
             echo " rd.luks.uuid=luks-${ID_FS_UUID} " >> "${initdir}/etc/cmdline.d/90crypt.conf"
+	    # look for keyfiles in $luks_key_dir (default:/boot/.luks).
+	    # Keys must be named ${ID_FS_UUID} or {ID_FS_UUID}.gpg
+	    # you need add the crypt-gpg modules to the list of additional modules to have gpg keys work.
+	    local keydir=${luks_key_dir-/boot/.luks}
+	    local keyfile=${keydir}/${ID_FS_UUID}
+	    # check for keyfile. if none try add .gpg
+	    [[ -f ${keyfile} ]] || keyfile=${keyfile}.gpg
+	    [[ -f ${keyfile} ]] || return 1
+            ID_KEY_UUID=$(udevadm info --query=property --name=$(readlink -f "/dev/block/$(find_block_device "/boot")") \
+                | while read line; do
+                    [[ ${line#ID_FS_UUID} = $line ]] && continue
+                    eval "$line"
+                    echo $ID_FS_UUID
+                    break
+                    done)
+	    [[ ${ID_KEY_UUID} ]] || return 1
+            echo " rd.luks.key=${keyfile}:UUID=${ID_KEY_UUID}:UUID=${ID_FS_UUID} " >> "${initdir}/etc/cmdline.d/90crypt.conf"
         fi
         return 0
     }
@@ -29,7 +46,7 @@this
     [[ $hostonly ]] || [[ $mount_needs ]] && {
         for_each_host_dev_fs check_crypt || return 1
     }
-
+    ddebug < ${initdir}/etc/cmdline.d/90crypt.conf
     return 0
 }

The path to the key-directory can be configured in /etc/dracut.conf

# location of keys.
# keys must be named {FSUUID} or {FSUUID}.gpg where FSUUID is the luks-device (not the key device!)
# for example "5b1049c3-ae7c-4b4c-99e7-240ba4a76f94" or "5b1049c3-ae7c-4b4c-99e7-240ba4a76f94.gpg".
#luks_key_dir="/boot/.luks"

dracut-crypt-gpg-extension.patch

anyone knows how to disable that stupid file extension filter in wordpress? simply rename .patch to .patch.txt is enough. This is just stupid in a single user setup as mine.

To answer a question in the comments, if one is paranoid and does not trust the boot partition (which has to be world readable), there are 2 ways to solve this:

  1. Use external boot volumes. Just put everything on a USB-Stick or a SD-Card. Just keep this with you all the time (or hide it in a secure location)
  2. use SATA full decryption (requires BIOS support). This allows to encrypt the disk fully without any LUKS and alike. The BIOS/Disk is responsible for doing all the stuff. This is transparent to linux, it does not even know the disk is encrypted. However, this requires HArdware support, and you have to Trust your Harddisk Vendor to implement the encryption correct (and not insert any backdoors).

Flattr this!

Comments 1 Comment »

Today I went over and had to enable the testing tree of debian.

This was actualy very easy, just adding the correct repository to the sources.list in /etc/ap. One little trouble with this was aptitude crushing with not enough memory. This i solved by add APT::Cache-Limit:26777216 to the apt config. I did this by (dirty ) add the line to the /etc/apt/apt.conf.d/70debconf file (i tried make a new file in the conf directory, but apt ignored my file).

Next was to run aptitude and update my packages. This took quiet some time since a big load of packages got updated, and i had to resolve some conflicts manualy. Actualy i just had to remove a obsolete package that hold a lot of other packages back.

As i was doing maintenance anyway i checked out uname -a to see what my kernel is. Big surprise, even if i had installed about 5 more recent kernes on my Harddisk, it seems i never actualy loaded those! So i headed over to /boot and linked vmlinuz and initrd.img to the most recent ones, run lilo and rebooted.

This was where all went bad. Somehow it didnt installed my lilo, and my system refused to boot. After about 10 reboots into the hetzner rescue system later, i finaly managed to install a working version of the kernel.But finaly i run a 2.26 linux kernel now.

One more problem was to install newest version of VMware. I needed to export a old gcc (4.1 instead 4.3) and ignore complaints about minor version differences. Some time in the future i need try run this shitty legacy server only running on windows with wine again, but guess what..their debian repository just went down today so im out of luck with this (Why don’t those big Software Vendors at least publish their old non-continued software under some open-to-use licence? so at least we could make it run on modern systems like linux,bsd instead need run emulations? Fuck you Adobe!).

Long talk, short outcome..all is back and running now. Yay me!

Flattr this!

Comments Comments Off on upgrade hell

At work, we use the very nice and easy to use DBAN tool to wipe Harddisks before give them out of our reach. This ensures our Users Data are save from restoring by bad people.

However, with the recent growing of Hard-disk sizes up to 1TB this became somewhat hard to do.

Usually we use the DoD-short algorithm, since it provides fair cost/revenue ratio. A 40GB Hard-disk can be wiped in about 8-10h without trouble. Usually i start it near end of day and when i come back next Morning, its done wiping.

Now, Today i have to wipe a Hard-disk from a User concerned about security (A User concerned about security? Actually a very good thing.) So i thought i wont use the DoD-Short but the standard DoD algorithm. Guess how long it takes to wipe those 80GB…. 50 hours.

TGiF, so i can go home and it will be done when i come back next week.

This made me think about 2 things:

  1. I think the DoD standard should be used always. If the US Government doesn’t trust DoD-short algorithm fully, why should we trust it? So if possible always use the standard. But that actually means 2-3 times the time we need now.
  2. This was a 80GB Hard-disk. Today’s HDs are up to 1TB.

Conclusion: Soon Administrators will face the Problem of securely erase much bigger Hard-disks than today. In addition, i don’t think it will be harder to restore Data from Hard-disks than it is now (more likely it will be easier due to improvements in technology). If such a wiping takes more than 1 week, it becomes troubling work with it. In the end I can only see one useful solution: shredding Hard-disk into pieces. Sure this isn’t good for the environment.

The problemis, that we get bigger HDs and better technology, making security growing more painful. A great debacle. I think we will soon see more of those “mistakenly sold HD with Data on it on ebay”-News.

Flattr this!

Comments Comments Off on Wiping Harddisks

master is the name of my main work machine

Flattr this!

Comments Comments Off on Poor master

Well, its time to review my design ideas for the Ghost project.

Ghost aims to be a Full-featured Browser-based RPG. These are some fundamental ideas i had. Feel free to comment em.

  1. Game:
    • RPG style (long time playing, with levelign stats etc)
    • Basic Game is GPL (as it uses GPL things, less trouble if we release with GPL)
    • Make money with Graphics/Extension Packs (eg. a easy extension management), other ppl can provide own extensions.
  2. Client:
    • Browser game (works on FF for sure, IE would be fine, more others cool. For developement we only support FF.)
    • Use standalone FF as a downloadable game client (aka XUL Runner, PRISM etc), we can include graphics there (is secure?)
    • Thin Client. Client displays Data and sends back events to server.
    • No additional requirements, (X/HT)ML, JS and css only. NO PLUGINS
    • 2D Graphics.
    • Security is providen by server. Dont relly on Client input be of anything special. If a client sends bugged Data,never accep.
    • Since we use JS and a BrowserClient side code injection is easy. So we need be extra carefull with player input on server side.
  3. Server:
    • We use php as Language.
    • Game uses phpBB3 for User Management.
    • We use the phpBB3 DB Layer for DB access.
    • Webhoster-ready. We shouldnt require any special settings in the .htaccess or php.ini. Basicaly i want same requirements as phpBB3 (we may go for php5 only since some really usefull things added there)
    • Dont use timers or rely on tasks run on specific times. We use cron jobs like phpBB. But we are asynchron since we cant guarantee the game runs (if no one plays for some days)
    • Shall we use a existing (GPL)-RPG-Engine? It would be cool to make it work with any of those ASCII-Games.
    • No loops!
    • User interaction is done on server with the use of sockets. A output-Script will run until timed out, and send all needed things to the user. If we got shut down by server prozess we send a last exit message and then let the client restart us. This should be done by the basic game processes transparent for the game (so this would be a bi-directional communication via xml-http)
  4. Security
    • All input will be XML
    • All possible input needs be VALID in respect to a provided DTD.
    • Output XML needs be very strict so we dont open XSS trouble. (do we need rich-text??)
    • All operations need be tested for Thread safety. PHP has some trouble with this.
    • Usage of OO would maybe make us less vulnerable. On the other side OO will need some more server cpu. So I rather wont use OO. Lets stay functional as phpBB3 does.
    • Dont use php-hacks, keep code clean.
    • For XML DTD, do we use a hirarchical Tree or keep it in single DTDs? single ones are safer (not in general i think)?
    • If phpBB3 breaks, we break. Therefore we need a phpBB3 security Expert. By make our game a phpBB mod and follow the mod guidelines, we can get help from the phpBB3 ppl.

Flattr this!

Comments Comments Off on Fundamental programming design for ghost

I discovered css some years ago. Since then i used it frequently for some of my websites, mainly to customize phpBB forums. The Greck Website is a nice small css-based html page.

For the Ghost-projekt I started to look a little bit deeper into css. So I went out and checked the World Wide Web Consortium WebSite. While playing around I found this blog entry about css, and got really impressed by those guys and what css can do.

Well, now here i am. Having a lot to play with and even more that I dont understand completly.

For sure, the most interesting part for me right now are the pseudo-elements and -classes. Looks fun to play with. So I tried this:


HTML
<body><div>
<p>first child in this html.<br/>forcing a line break for sake of example.</p>
<p>next child in this html.<br/>forcing a line break for sake of example.</p>
</div></body>

CSS
p:first-child { color: red;}
p:first-line {	color: blue;}

So far so good. You can see the example here.
Looks right? First Child is red, second black. and the first lines of both are blue. Well….
Lets review the css docu on w3c. In special check what type those selectors have.
:first-child is a attribute selector (classes are attributes)
:first-line is a element selector
so whats the precedence for those 2?
checking the relevant css docus we calculate these values:
p:first-child: a=0, b=0, c=1, d=1
p:first-line: a=0, b=0, c=0, d=2
now check the first the first <p> tag. Shouldn’t the first-child be more specific and therefore overwrite the first-line?
well, we can go and try force it even more.
lets change the firs-child style selector to
div p:first-child ...
this time we have a specific precedence of a=0, b=0, c=1, d=2
this clearly should outrule the first-line style.

Well, there is a way to explain this.
According to the css specification about the pseudo elements the UA creates a fictional tag sequence by inserting <p:first-line> and its end tag into the tree. BUT the UA doesn’t (mustn’t ?) write this back into the real Document tree. Therefore, the p:first-child has a p:first-line inside thats not visible to the HTML/Javascript/etc.

Why is that worth a blog here?
Well, basicaly we can create a browser state where the DOM-Tree and the css tree are out of sync. This could be used to hide/display things not in the DOM-tree. I don’t found a way to abuse this so far…but its still interesting to know that css and DOM see different things.

PS: I am a complete newb in css. I have no idea if my explanation above is correct, nor i see a way to prove it. Any explanation/addition/references are highely welcomed.

Flattr this!

Comments Comments Off on exploring css, inside w3c

My present for the net this year: Greck open

Greck is a heavily customized fso2 game server. We backported some fso3 features (dungeons) and implemented a lot quests.

Flattr this!

Comments Comments Off on Happy Christmas.

Well, we are online.

Buggy, Hacky, wacky, laggy…. but at lest something that runs.

Projekt Ghost is aimed to be a full MMORPG based on html/php/javascript. It should run on any Webhoster having some php Version (right now we require php>=5.2.1). In 0.1 we have the forum set up (includes user-management) and some first chat window working.Next step will be to make some map and players there. Wish me luck 😉

Flattr this!

Comments Comments Off on Ghost v0.1