Just a quick geeky note — the free internet workstation at this hostel, the Alberguinn in Barcelona, uses Ubuntu Linux, how cool!
Posts Tagged ‘geekiness’
travelling geek
Wednesday, March 29th, 2006sound for sabrent sbt-tvfm composite and s-video in linux
Monday, August 29th, 2005Last year, I sent in a patch for the saa7134 linux kernel module (part of video4linux) to add support for the Sabrent SBT-TVFM tv tuner card. Unfortunately, I didn’t get the chance to test it beyond the TV and radio, but a couple people were kind enough to e-mail and point out that the audio settings for composite and s-video were wrong. The first person e-mailed something like nine months ago, but then I forgot about it until someone e-mailed today, at which point I got off my lazy ass and sent in the dinky little patch that I should have made last year. Here’s the diff against the latest CVS snapshot (2005/08/10) for anyone interested:
--- saa7134-cards.old 2005-08-29 15:06:41.987728113 -0400
+++ saa7134-cards.c 2005-08-29 15:09:30.519188225 -0400
@@ -1374,7 +1374,7 @@
.inputs = {{
.name = name_comp1,
.vmux = 1,
- .amux = LINE2,
+ .amux = LINE1,
},{
.name = name_tv,
.vmux = 3,
@@ -1383,7 +1383,7 @@
},{
.name = name_svideo,
.vmux = 8,
- .amux = LINE2,
+ .amux = LINE1,
}},
.radio = {
.name = name_radio,
I haven’t tested it myself, but I’ve received more than one report about it. Hopefully I’ll do some more work on this in the coming weeks, specifically adding support for the remote at last, because I’m going to be using the card to set up a media center for my family.
liferea
Friday, August 26th, 2005Still searching for a good RSS reader… Just a note to myself to try out Liferea when I get a chance, io_error says it’s good. I’m currently using Sage for Firefox, but it’s annoying because it doesn’t automatically update the feeds and I wish I could see just a little more information about each feed item before having to click it. I do like its compactness, though, and the fact that it’s right there in Firefox, where I spend a lot of my time.
matt and the mikecam save the world
Friday, August 26th, 2005Last night, Matt managed to get himself blocked from the MikeCam by an anti-spam plugin I’m using called “Bad Behavior” when he installed Google Desktop 2 and used it to try and add an RSS feed from my blog. As it turns out, Matt’s accidental banning was most fortunate, because it led to two fixes for Bad Behavior, possibly a fix for Google Desktop itself, and resulted in me beginning to use FeedBurner to distribute my RSS feeds.
To address each of those in order: The reason Matt got banned was that when Google Desktop 2 accesses an RSS feed, it sends its user agent as “Mozilla/4.0 (compatible; Google Desktop)” but then does not send the required “Accept:” header that all Mozilla-compatible user agents send. As a result, Bad Behavior thought it might be a spambot pretending to be Mozilla and consequently banned Matt. Further, when I tried to whitelist Matt so that he could access the site regardless, it had absolutely no effect! I e-mailed Michael Hampton/io_error, the author of BB, and he responded this morning, confirming my suspicions regarding GD2′s RSS handling being the problem, and providing the explanation I just paraphrased here. This evening, he released an update fixing both of the bugs that Matt and I had discovered. Not only that, but when I mentioned it to someone in the Gallery IRC channel, Bharat, the founder of Gallery and a Google employee, asked me to e-mail him the info so he could look into the Google Desktop side of things! How cool is that? Matt’s little episode may very well result in a Google fix! The last little outcome of this episode is that, in the meantime, to avoid accidentally banning GD2 users, Michael Hampton had suggested I use FeedBurner, which I had glanced at before but never really had an interest in because I wasn’t doing anything with RSS. Now that I’m interested though, I realize that it’s a terrific free service that not only mirrors your feeds (saving you server load and data transfer), but can do about anything you could dream of to your feeds. Automatically make them compatible with the RSS reader the user is using? Yes! Statistics on your readership? Yup. Automatically add enclosures for podcasts or other media? Sure! It’s really great, and it’s really free, and I love the copy on their site – it conveys a fun, friendly attitude.
In related news:
- My patch to fix XHTML compliance in the great EventCalendar plugin was incorporated into the latest release today (well, it’s 12:30am, so really it was yesterday, but who’s counting?).
- Sent in a couple crash traces to Amarok today as well, since I use bleeding edge SVN code and after updating and recompiling today it started crashing out on me on playback. As of this evening it works again, so hopefully my reports helped make that possible.
- A SmartEnforcer exploit I discovered and wrote about five months ago was finally reported on SecurityFocus, as it apparently still exists. Idiots.
Finally, I also reported a couple more phpdoc errors in the Gallery code (one of which I proceeded to accidentally copy and paste into my code, which my mentor then pointed out, heh.. stupid me) and wrote a patch for their phpunit testing platform that was briefly committed and then rolled back because of philosophical concerns regarding Gallery’s testing methodology. It all started from a minor problem I was having with some unit tests I had written. I asked about it and wound up providing a very little patch to fix this problem, and from there it exploded into a big discussion, a revert of the patch, and now I have to write an entire additional abstraction layer for my module! It was quite unexpected, to say the least. It is for the best, though, as I learned something new and my code will be much better for it. It also lead to me having a great talk with my mentor, Andy a.k.a. “valiant,” in which he helped me out with this new bit that I have to tackle and also offered his very kind and sincere hope that, despite the frustrations of working with Zen Cart, I had enjoyed and benefited from doing this project. Which I can honestly say I have. :)
palm vx internet networking over serial
Thursday, August 18th, 2005So I saw that Métro had an updater program, called MétrUp which will update the program and all installed city files if run when the Palm is connected to the Internet. Looking into it, I discovered that one of the Palm networking options was to use serial! So, I checked it out and sure enough I was able to put my my Palm Pilot Vx in the cradle and route its networking through the serial connection and my computer. It was really pretty easy, and I did it following the steps at the end of this page. The “Point to Point networking on Palm” HOWTO is even more detailed, check it out if you need an explanation of a specific step or want to tweak.
fix for eventcalendar xhtml validation
Tuesday, August 16th, 2005The EventCalendar 3.0.1 plugin for WordPress was failing XHTML validation because of incorrect nesting of tags, so I took a look and fixed it. Here’s the patch:
--- eventcalendar3_1.php 2005-08-16 17:01:42.003399602 -0400
+++ eventcalendar3.php 2005-08-16 16:58:27.088002867 -0400
@@ -616,10 +616,11 @@
$pad=7-$col;
if($pad>1)
echo "<td colspan='$pad' class='pad' style='vertical-align:bottom'>"
- . "<a href='http://blog.firetree.net/?ec3_version=$ec3->version'"
- . " title='Event Calendar $ec3->version'"
+ . "<div class='ec3_ec'"
. ($ec3->hide_logo? " style='display:none'>": ">")
- . "<div class='ec3_ec'> </div></a></td>";
+ . "><a href='http://blog.firetree.net/?ec3_version=$ec3->version'"
+ . " title='Event Calendar $ec3->version'>"
+ . " </a></div></td>";
elseif($pad)
echo "<td colspan='$pad' class='pad'> </td>";
You can test the XHTML on my page to see it in action.
the abrupt switch to wordpress
Tuesday, August 16th, 2005Well, today I’ve finally had enough and had to switch my blog to WordPress abruptly. In the two weeks of this month so far I have already received two and a half times the amount of traffic that I got last month, but from one third the number of visitors. It’s all going to my b2evolution blog and is clearly from spammers. Hell, 2gb of it was from only two IP addresses, both tracing back to Mexican providers. I’ve firewalled some of them out, but I still got another gigabyte of traffic yesterday, in just one day. This is ridiculous and has to stop, so today I installed WordPress, loaded it up with antispam plugins, and I’m hoping for the best.
I have to say, the switch to WordPress was nice and smooth, thanks to the b2evo importer script that I updated a bunch and which Isaac Schlueter has worked on further. There’s also a terrific number of WP plugins available to use, and I’ve already installed quite a few. I love the Events Calendar (look to the top of the sidebar on the right) and I’m hoping that Spam Karma 2, Referrer Karma, and Bad Behavior will all help to filter out spambots. As soon as I get around to it, I’ll update my Gallery to Gallery 2 and start using the WP-Gallery2 plugin to post images here. After I finish my Google Summer of Code project I’ll be working on it a little to add some functionality and make it easier to insert Gallery items into posts.
Anyway, for now WordPress is terrif and I hope it works out…
circumventing smartenforcer
Thursday, March 24th, 2005Update 2005/08/25: Will this work on Cisco Clean Access (the new name for SmartEnforcer)? I don’t know, I haven’t tried it and don’t plan to until the next time I have to connect a Windows machine to a network with this crap on it. This “Cisco Clean Access Agent (Perfigo) installation bypass” report says that it does, though. Bastard stole my idea. I should have thought to post this to SecurityFocus earlier this year. Oh well.
Well damn. I had a whole post written out and then X crashed on me and took my post with it. It’s late, I don’t feel like writing the whole thing all over again, so I’ll be brief (yay):
Intro
ASU, along with many other universities, uses a set of programs from Perfigo (now owned by Cisco) known as CleanMachines. The purpose is to keep the network safe and healthy by scanning machines for vulnerabilities before allowing them to connect to the Internet. While this is a great idea it causes many problems. As one school paper reports, there are many “student complaints about slow performance and frequent disconnections.” I also don’t appreciate the invasion of privacy in installing a program that will scan my computer and report its findings to its evil, faceless masters. Luckily, I use Linux and there is only a Windows client, so I don’t have to deal with the client software. In connecting another machine, however, I discovered that it is both possible and quite easy to trick SmartServer or SmartEnforcer or whatever into thinking you’re running a different OS. Apparently their idea of OS detection is simply checking the user-agent field from the browser (the info a browser sends about your computer when it visits a web page), which is plenty easy to spoof. Talk about weak.
Exploit details/Howto
First, a warning/disclaimer that if you’re attending a university using this program, it’s most likely against their network use policy that no one reads to try and circumvent Smart Enforcer. My intention is to show the ridiculous weaknesses of this system and that trying to force client-side scanning like this – in addition to the privacy concerns – just doesn’t work. Hopefully that will cover my ass enough in case any suits wander by…
There are a couple steps to it, but it’s really pretty easy and even a novice could accomplish it. This assumes that you’re using Firefox. You are using Firefox, right?
- Install the “User Agent Switcher” extension.
- After restarting your browser, go to Tools > User Agent Switcher > Options > Options…, click on “User Agents” and click “Add…” Enter the following in each field:
Description: Firefox 1.0.1 (Linux i686)
User Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.6) Gecko/20050225 Firefox/1.0.1
App Name: Netscape
App Version: 5.0 (X11; en-US)
Platform: Linux i686
Vendor: Firefox
Vendor Sub: 1.0.1 - Click Tools > User Agent Switcher > Firefox 1.0.1 (Linux i686).
- Open the school’s DHCP registration page (https://author1.asu.edu/dhcp for ASU), log in, and Smart whatever will now think you’re running Linux and let you connect without a problem. This is what perfectly good tuition money is going towards.