Super-Monko NewsJul
27
2010
The US government on Monday announced new rules making it officially legal for iPhone owners to ‘jailbreak’ their device and run unauthorized third-party applications, as well as the ability to unlock any cell phone for use on multiple carriers.”
The EFF has further details on this and some of the other legal protections granted in the new rules.
May
23
2010
Userspace Filesystem Drivers are becoming more and more popular since they’re portable and have less headache of platform specific filesystem driver issues. For example, NTFS-3G project provides the full read/write support for NTFS under Linux and MacOSX while living in userspace.
I recently discovered an open source project called “fuse-ext2” which is an implementation of Ext2/Ext3/Ext4 filesystem driver in userspace. Before this one, there was an ext2-only native kernel extension (kext) implementation. So I had no write access to my Ext3 and no read access to Ext4 file-system at all.
To use and enable experimental write support for your Ext2 partition, follow these steps :
OPTIONS="auto_xattr,defer_permissions"OPTIONS="auto_xattr,defer_permissions,rw+"May
9
2010
New ‘Ultimate Movie Buff‘ iPhone app is coming your way! Many loved the original and asked for more questions and categories and here it is. We have teamed up with ITN to bring ‘Ultimate Movie Buff’ iPhone app to you, all with videos and almost 5,000 questions.
Play, challenge and boast on Facebook and Twitter. Don’t forget to submit scores to our global high score, so we can see who is the official Global Movie Buff!
The app is set to be released on the 12th of May.
Apr
22
2010
Source-Forge, The huge open-source software repository recently has banned some countries from downloading free softwares from their servers. However there’s a quick trick which you can download the files directly from source-forge mirrors, bypassing that ip check.
You can click on the file you wanna download inside the “Files” section and take care when the following page appeared press ESC key to stop loading the page.
Now right-click on “direct link” and Copy the link address and Paste it into your address bar. It should look like this :
http://downloads.sourceforge.net/project/openproj/OpenProj%20Binaries/1.4/openproj_1.4-2.deb?use_mirror=surfnet
The last part, marked as red, shows the mirror you’re going to download from. Turn the URL into something like this :
http://surfnet.dl.sourceforge.net/project/openproj/OpenProj%20Binaries/1.4/openproj_1.4-2.deb
And it will download the file directly. In addition, some mirrors are not accessible because of routing path problems. I usually use “kent” as my mirror.
Apr
22
2010
I just pressed the Enter key on the file delete confirmation dialog, and removed my code which I was working on for 3 hours. In fact I had made such a mistake before and had no results searching “Ext3 Recovery / Ext4 Recovery …”. But this time, a new project named extundelete appeared which claims to extract file metadata from the file-system’s Journal.
I tried to extract and compile it by just typing “make” and found that ext2fs library is missing, so I installed ext2fs-dev package using the following command (I’m using Ubuntu 9.10) :
sudo apt-get install ext2fs-dev
Then typing “make” in the src folder, presents you the binary file named “extundelete”. You can run it like this :
ali@Velocity:~/tmp/extundelete-0.1.8/src$ ./extundelete
No action specified; implying --superblock.
Usage: ./extundelete [options] [--] device-file
Options:
--version, -[vV] Print version and exit successfully.
--help, Print this help and exit successfully.
--superblock Print contents of superblock in addition to the rest.
If no action is specified then this option is implied.
--journal Show content of journal.
--after dtime Only process entries deleted on or after 'dtime'.
--before dtime Only process entries deleted before 'dtime'.
Actions:
--inode ino Show info on inode 'ino'.
--block blk Show info on block 'blk'.
--restore-inode ino Restore the file(s) with known inode number 'ino'.
The restored files are created in ./RESTORED_FILES
with their inode number as extension (ie, inode.12345).
--restore-file 'path' Will restore file 'path'. 'path' is relative to root of
the partition and does not start with a '/'
(it must be one of the paths returned by --dump-names).
The restored file is created in the current directory
as 'RECOVERED_FILES/path'.
--restore-files 'path' Will restore files which are listed in the file 'path'.
Each filename should be in the same format as
an option to --restore-file, and there should be one per line.
--restore-all Attempts to restore everything.
-j journal Reads an external journal from the named file.
-b blocknumber Uses the backup superblock at blocknumber when
opening the file system.
-B blocksize Uses blocksize as the block size when opening fs.
The number should be the number of bytes.
It seems that running the program with –restore-all, should restore all possible files. Like this :
ali@Velocity$ ./extundelete /dev/sda6 --restore-all
But that option gave me some temporary, hidden and some useless config files over my home folder. I was thinking of rewriting the code …
Suddenly I found that, extundelete supports another option in which you can specify the inode number of your file, and it will bring it back … 
Looking at manual of the “ls” command you’ll find that running “ls” with -i parameter will give you the inode number of files in a directory. I tried to find a range for inode files around the deleted file and search for all files in the range …
ali@Velocity:~/projects/Monko-MovieQuiz/Source/IMDBot/src$ ls -i 7824227 artists.db 7824222 google_spell_checker.py 7824220 merge_tool.py 7824214 movies-merged.db 7824219 movies-vahid.db 7824260 stuff.py 7824252 artists.py 7824211 IMDB.py 7824221 MovieDatabase.py 7824254 movies-sohrab.db 7824256 question_validator.py 7864492 tests 7864514 cache 7824305 lite_tool.py 7824208 MovieDatabase.pyc 7824207 movies-soroush.db 7824293 start.py 7962711 Tools
It seems that most of the files are in the range of 7824xxx, so searching the range of to 7824000 to 7824999 might be a good idea (take a look at the following bash code snippet) :
for((i=7824000; i<7824999; i++)); do
./extundelete /dev/sda6 --restore-inode $i ;
done
Viva !
I got 7 deleted files in this range (inside the RECOVERED_FILES directory), and one of them was my deleted python code ! And I spent my time on writing this article instead of rewriting the code 
Apr
4
2010
Apr
2
2010
The fact that I always try to use open source softwares makes me to find new softwares and try them to see if they can solve my problems and do the job or not. Times ago, I had tried flashrom project to see if it can update my bios chip or not and the answer was NO ! Your chipset is not supported yet !
Later on, it was about May 2009 which I found a program which could change the boot logo of Phoenix bios images and I recalled flashrom. It was interesting that this time it said “Yeah, Your chip is now being supported! ”. I made it to read my Bios image and the result was a real and valid phoenix image which I could change it. After making a new image, running flashrom to write it finished without any warnings or errors. I read the image again and Boom ! It was neither the original bios, nor the new one.
This is exactly where my first email went up online on the community’s mailing list and I knew that any invalid act which yields to rebooting the laptop is going to kill it. :
I tried the latest svn version (6 May 09) of flashrom and unlike older versions didn’t get a warning on my chipset. flashrom reads my chip successfully and outputs a fine Phoenix bios. After writing a new image into the chip
I found that writer is not fully functional and reading the chip again results in an image that is neither original one nor the new image. then I tried erase functionality and it resulted in some 0xFF and some unchanged bytes in the chip. Currently writing either images doesn’t change the chip and it remains in mostly 0xFF bytes.
Most of open source project maintainers use IRC as their collaboration and communication channel both with themselves and community. I went online and Peter one the maintainers was online but he wasn’t the person responsible for ICH7 series chipsets, So I had to wait for Carl to come online. It was midnight in Iran and I went to bed leaving the laptop up and running. Next morning I found Carl and after working with him to find the problem, he suggested to try AAI type of Chip-Programming. It was a time consuming task and I had to go for an important session, So I left home.
When I returned back, I got no good results of AAI. The wonderful part of story is that my little sister had played with my laptop, when I was out, and didn’t power it off, so that I don’t get noticed she touched my laptop without permission. 
Carl reviewed the data-sheets for my Bios chip and found that It doesn’t support writing multiple bytes at a time. Finally he sent me some patches and the last patch wrote the image successfully. I worked a few more hours to finalize the patch and sent some verification emails so that Carl can commit them to the main version tree (And got acknowledges for helping to track down the bug ! ).
It was an amazing experience of active community support and I should really thank Carl-Daniel Hailfinger, Peter Stuge and all other active maintainers of open source projects.
Feb
27
2010
Second Linux Festival has been successfully held at Amirkabir University of Technology (AKA Polytechnic). It has been divided into three main levels of Beginner, Intermediate and Advanced. The topics has been presented inside Computer Site of CEIT department under a much better quality comparing to the last year’s festival. People installed, tasted and utilized a new operating system in a well mannered approach. During the installation process and most of other presentations, our local server and mirror of software packages (aka SSCLinuxBox) helped a lot and became the standard way of sharing files / installing software during the festival.
Topics and Schedule
One month ago, when we were planning for festival topics and schedule, Amir-Mohammad and I reviewed many Linux-related books and their contents. This resulted into a rich outline for the festival topics. Taking a look at topics and presentation quality this was the best and first festival in Iran covering this scope of topics. Here’s a summary of main subjects and presentations :
The complete program and schedule can be found here.
What I learned
Although it was the second experience on Linux Festival in our university and we fixed almost all of problems which could be seen in the last one, there are always problems and we can learn from them. One of the main points I got in the first few presentations, was the importance of coordination between presenters around the topics and details which is going to be presented. Lack of such synchronization and coordination before the festival, resulted into problems in presentation topics and contents since some of presenters did have a different idea about listener’s levels and prepared some extra stuff for those who where beginner. In addition none of us knew about the dependencies of subject that was going to be presented, whether they have been discussed up to now or not.
Yet another point on the art of presentation and teaching. In situations like this, where every presenter is a professional in a field and likes the topic and have chosen to teach it, hiding the unnecessary details is a very very hard task. A teacher should have the ability to place and simulate the thinking process of listeners and remove the details that might break this thinking process. On the other hand, he should analyze the required dependencies of current topic and explain them before anything.
I got many feedbacks regarding the presentation style and found that the estimation of listener’s level and correct decomposition of subject into the simplest form are keys to a successful presentation.
Memories
It was a cool and friendly atmosphere. The support team and technical team were both working hard to reach the best quality and it made it a real memory. Its notable that this was the first serious work/project of our new Scientific Committee and the results were incredible.
Links
Feb
19
2010
The second agreement on serious programming errors have just taken place and computer science professionals reached to a formal agreement on top 25 programming errors. The main idea for such a list is to help and educate programmers to prevent kinds of vulnerabilities that are reason for almost all cyber attacks.
The 2010 CWE/SANS Top 25 Most Dangerous Programming Errors is a list of the most widespread and critical programming errors that can lead to serious software vulnerabilities. They are often easy to find, and easy to exploit. They are dangerous because they will frequently allow attackers to completely take over the software, steal data, or prevent the software from working at all.
The list for 2010 bears a striking resemblance to last year’s list that SANS organization released. Note that Cross-site scripting (XSS) attack and SQL Injection are still listed as top pitfalls.
Feb
12
2010
What should we do, when the intersection of interests reaches zero among friends ?
Copyright © 2009 - The #Shell | Entries (RSS) | Comments (RSS)
WordPress theme by 
9th sphere website design