The EFF has further details on this and some of the other legal protections granted in the new rules.

I recently discovered an open source project called “fuse-ext2” which is an implementation of Ext2/Ext3/Ext4 filesystem driver in userspace. Before this one, there was an ext2-only native kernel extension (kext) implementation. So I had no write access to my Ext3 and no read access to Ext4 file-system at all.

To use and enable experimental write support for your Ext2 partition, follow these steps :

1. Download and install NTFS-3G Package which includes FUSE libraries.
   AFAIK NTFS-3G has been renamed into Tuxera NTFS and is a shareware now. But any way you can download the old GPL version here. it works in both Leopard and Snow Leopard.
   .
2. Download fuse-ext2 package
   .
3. Use Disk Utility to un-mount current Ext2 filesystems if there are any
   .
4. Remove any old filesystem drivers for ext2 from /System/Library/FileSystems (it was ext2.fs for me)
   .
5. Install fuse-ext2 package
   .
6. Since write support is experimental, it is not enabled by default. To enable it, open /System/Library/Filesystems/fuse-ext2.fs/fuse-ext2.util for edit while having super user privileges.
   .
7. Edit the OPTIONS variable at line 207 from
   OPTIONS="auto_xattr,defer_permissions"
   to
   OPTIONS="auto_xattr,defer_permissions,rw+"
   .
8. Open Disk Utility and choose Mount for your filesystem and have fun !

www.youtube.com/watch?v=wril65bHxww

Play, challenge and  boast on Facebook and Twitter. Don’t forget to submit scores to our global high score, so we can see who is the official Global Movie Buff!

The app is set to be released on the 12th of May.

You can click on the file you wanna download inside the “Files” section and take care when the following page appeared press ESC key to stop loading the page.

Now right-click on “direct link” and Copy the link address and Paste it into your address bar. It should look like this :

http://downloads.sourceforge.net/project/openproj/OpenProj%20Binaries/1.4/openproj_1.4-2.deb?use_mirror=surfnet

The last part, marked as red, shows the mirror you’re going to download from. Turn the URL into something like this :

http://surfnet.dl.sourceforge.net/project/openproj/OpenProj%20Binaries/1.4/openproj_1.4-2.deb

And it will download the file directly. In addition, some mirrors are not accessible because of routing path problems. I usually use “kent” as my mirror.

I tried to extract and compile it by just typing “make” and found that ext2fs library is missing, so I installed ext2fs-dev package using the following command (I’m using Ubuntu 9.10) :

sudo apt-get install ext2fs-dev

Then typing “make” in the src folder, presents you the binary file named “extundelete”. You can run it like this :

ali@Velocity:~/tmp/extundelete-0.1.8/src$ ./extundelete
No action specified; implying --superblock.

Usage: ./extundelete [options] [--] device-file

Options:
--version, -[vV]       Print version and exit successfully.
--help,                Print this help and exit successfully.
--superblock           Print contents of superblock in addition to the rest.
                       If no action is specified then this option is implied.
--journal              Show content of journal.
--after dtime          Only process entries deleted on or after 'dtime'.
--before dtime         Only process entries deleted before 'dtime'.

Actions:
--inode ino            Show info on inode 'ino'.
--block blk            Show info on block 'blk'.

--restore-inode ino     Restore the file(s) with known inode number 'ino'.
                        The restored files are created in ./RESTORED_FILES
                        with their inode number as extension (ie, inode.12345).

--restore-file 'path'  Will restore file 'path'. 'path' is relative to root of
                      the partition and does not start with a '/'
                      (it must be one of the paths returned by --dump-names).
                      The restored file is created in the current directory
                      as 'RECOVERED_FILES/path'.

--restore-files 'path'    Will restore files which are listed in the file 'path'.
                    Each filename should be in the same format as
                    an option to --restore-file, and there should be one per line.

--restore-all          Attempts to restore everything.
-j journal             Reads an external journal from the named file.
-b blocknumber         Uses the backup superblock at blocknumber when
                                opening the file system.
-B blocksize           Uses blocksize as the block size when opening fs.
                       The number should be the number of bytes.

It seems that running the program with –restore-all, should restore all possible files. Like this :

ali@Velocity$ ./extundelete /dev/sda6 --restore-all

But that option gave me some temporary, hidden and some useless config files over my home folder. I was thinking of rewriting the code …

Suddenly I found that, extundelete supports another option in which you can specify the inode number of your file, and it will bring it back …

Looking at manual of the “ls” command you’ll find that running “ls” with -i parameter will give you the inode number of files in a directory. I tried to find a range for inode files around the deleted file and search for all files in the range …

ali@Velocity:~/projects/Monko-MovieQuiz/Source/IMDBot/src$ ls -i
7824227 artists.db
7824222 google_spell_checker.py
7824220 merge_tool.py
7824214 movies-merged.db
7824219 movies-vahid.db
7824260 stuff.py
7824252 artists.py
7824211 IMDB.py
7824221 MovieDatabase.py
7824254 movies-sohrab.db
7824256 question_validator.py
7864492 tests
7864514 cache
7824305 lite_tool.py
7824208 MovieDatabase.pyc
7824207 movies-soroush.db
7824293 start.py
7962711 Tools

It seems that most of the files are in the range of 7824xxx, so searching the range of to 7824000 to 7824999 might be a good idea (take a look at the following bash code snippet) :

for((i=7824000; i<7824999; i++)); do
./extundelete /dev/sda6 --restore-inode $i ;
done

Viva !

I got 7 deleted files in this range (inside the RECOVERED_FILES directory), and one of them was my deleted python code ! And I spent my time on writing this article instead of rewriting the code

Later on, it was about May 2009 which I found a program which could change the boot logo of Phoenix bios images and I recalled flashrom. It was interesting that this time it said “Yeah, Your chip is now being supported! ”. I made it to read my Bios image and the result was a real and valid phoenix image which I could change it. After making a new image, running flashrom to write it finished without any warnings or errors. I read the image again and Boom ! It was neither the original bios, nor the new one.

This is exactly where my first email went up online on the community’s mailing list and I knew that any invalid act which yields to rebooting the laptop is going to kill it. :

I tried the latest svn version (6 May 09) of flashrom and unlike older versions didn’t get a warning on my chipset. flashrom reads my chip successfully and outputs a fine Phoenix bios. After writing a new image into the chip

I found that writer is not fully functional and reading the chip again results in an image that is neither original one nor the new image. then I tried erase functionality and it resulted in some 0xFF and some unchanged bytes in the chip. Currently writing either images doesn’t change the chip and it remains in mostly 0xFF bytes.

Most of open source project maintainers use IRC as their collaboration and communication channel both with themselves and community. I went online and Peter one the maintainers was online but he wasn’t the person responsible for ICH7 series chipsets, So I had to wait for Carl to come online. It was midnight in Iran and I went to bed leaving the laptop up and running. Next morning I found Carl and after working with him to find the problem, he suggested to try AAI type of Chip-Programming. It was a time consuming task and I had to go for an important session, So I left home.

When I returned back, I got no good results of AAI. The wonderful part of story is that my little sister had played with my laptop, when I was out, and didn’t power it off, so that I don’t get noticed she touched my laptop without permission.

Carl reviewed the data-sheets for my Bios chip and found that It doesn’t support writing multiple bytes at a time. Finally he sent me some patches and the last patch wrote the image successfully. I worked a few more hours to finalize the patch and sent some verification emails so that Carl can commit them to the main version tree (And got acknowledges for helping to track down the bug ! ).

It was an amazing experience of active community support and I should really thank Carl-Daniel Hailfinger, Peter Stuge and all other active maintainers of open source projects.

Second Linux Festival has been successfully held at Amirkabir University of Technology (AKA Polytechnic). It has been divided into three main levels of Beginner, Intermediate and Advanced. The topics has been presented inside Computer Site of CEIT department under a much better quality comparing to the last year’s festival. People installed, tasted and utilized a new operating system in a well mannered approach. During the installation process and most of other presentations, our local server and mirror of software packages (aka SSCLinuxBox) helped a lot and became the standard way of sharing files / installing software during the festival.

Topics and Schedule

One month ago, when we were planning for festival topics and schedule, Amir-Mohammad and I reviewed many Linux-related books and their contents. This resulted into a rich outline for the festival topics. Taking a look at topics and presentation quality this was the best and first festival in Iran covering this scope of topics. Here’s a summary of main subjects and presentations :

• Beginner (1st Day)
  • Linux W5H2 ?
  • Distributions
  • Installing Ubuntu Linux
  • Package Management
  • Linux File System Structure
  • Desktop Environments
  • Useful Programs
• Intermediate (2nd Day)
  • System Configuration
  • Introduction to command line
  • Linux and Network
  • Web Development in Linux
  • Installing software from source
  • GUI Development Using QT
• Advanced (3rd Day)
  • Boot-up Process
  • Network concepts in Linux
  • Linux Servers
  • Scripting in Linux (Bash, Python, …)
  • The Linux Kernel
  • Linux Security

The complete program and schedule can be found here.

What I learned

Although it was the second experience on Linux Festival in our university and we fixed almost all of problems which could be seen in the last one, there are always problems and we can learn from them. One of the main points I got in the first few presentations, was the importance of coordination between presenters around the topics and details which is going to be presented. Lack of such synchronization and coordination before the festival, resulted into problems in presentation topics and contents since some of presenters did have a different idea about listener’s levels and prepared some extra stuff for those who where beginner. In addition none of us knew about the dependencies of subject that was going to be presented, whether they have been discussed up to now or not.

Yet another point on the art of presentation and teaching. In situations like this, where every presenter is a professional in a field and likes the topic and have chosen to teach it, hiding the unnecessary details is a very very hard task. A teacher should have the ability to place and simulate the thinking process of listeners and remove the details that might break this thinking process. On the other hand, he should analyze the required dependencies of current topic and explain them before anything.

I got many feedbacks regarding the presentation style and found that the estimation of listener’s level and correct decomposition of subject into the simplest form are keys to a successful presentation.

Memories

It was a cool and friendly atmosphere. The support team and technical team were both working hard to reach the best quality and it made it a real memory. Its notable that this was the first serious work/project of our new Scientific Committee and the results were incredible.

Links

• Official site of Linux Festival /دومین جشنواره لینوکس امیرکبیر
• Photo Albums on Facebook : First Day , Second Day and Third Day
• Presentation Files and Resources

The 2010 CWE/SANS Top 25 Most Dangerous Programming Errors is a list of the most widespread and critical programming errors that can lead to serious software vulnerabilities. They are often easy to find, and easy to exploit. They are dangerous because they will frequently allow attackers to completely take over the software, steal data, or prevent the software from working at all.

The list for 2010 bears a striking resemblance to last year’s list that SANS organization released. Note that Cross-site scripting (XSS) attack and SQL Injection are still listed as top pitfalls.

What should we do, when the intersection of interests reaches zero among friends ?