Posts

Posted on

Palm TX: There’s more than one way to install an application

When I got my Palm TX, I didn’t realize that the Palm Desktop software wasn’t completely compatible with Windows Vista. For example, I can’t install new palm apps via hot syncing. Here are some alternative install paths:

1. Attach the pdb files to an email, and send it to myself. Use VersaMail to retrieve the message, and install the pdb attachments.
1. Use the web browser to download and install a pdb file.
1. Have someone beam it using the IR interface.
1. Have someone send it using bluetooth.
1. Install from an SD card. I haven’t verified that this works.

While I’m at it, it seems like configuring Linux to hotsync with Palm devices can be a pain. As an alternative, I think I’ll get an SD card and use [nvbackup](http://handypalmstuff.sourceforge.net/) to backup to SD, and then copy the backup from SD to my Linux box and use it with JPilot.

There’s more than one way to do things, especially for a Palm equipped with built-in WiFi, bluetooth and an SD expansion card.

Posted on

Disk Encryption: Not as secure as I thought

Apparently, it’s easier than I thought to recover disk encryption keys from a stolen laptop computer. The attack works against “several popular disk encryption systems: BitLocker (a feature of Windows Vista), FileVault (a feature of Mac OS X), dm-crypt (a feature of Linux), and TrueCrypt”. Watch the demonstration video at [http://citp.princeton.edu/memory/](http://citp.princeton.edu/memory/).

> The root of the problem lies in an unexpected property of today’s DRAM memories. DRAMs are the main memory chips used to store data while the system is running. Virtually everybody, including experts, will tell you that DRAM contents are lost when you turn off the power. But this isn’t so. Our research shows that data in DRAM actually fades out gradually over a period of seconds to minutes, enabling an attacker to read the full contents of memory by cutting power and then rebooting into a malicious operating system.

Encrypting a disk drive _does_ increase the confidentiality of data. It’s just not as secure as once thought.

Sidenote: Software and hardware based [key loggers](http://en.wikipedia.org/wiki/Keystroke_logging) can reduce the security of encryption as well.

Posted on

‘iotop’ shows top I/O consumers

Want to know why your Linux box is sluggish? Some program is probably hogging disk I/O. I just discovered a cool utility that shows what programs are using the most disk I/O: [iotop](http://guichaz.free.fr/misc/). To install it on Fedora, run

yum install iotop

Otherwise, download and run [iotop.py](http://guichaz.free.fr/misc/iotop.py) — it requires Python 2.5+ and Linux kernel 2.6.20+

Posted on

Evince broken: unhandled x-extension-pdf

On Linux and the Gnome Desktop, Evince is the default application for viewing Adobe Acrobat (PDF) files. Recently, it started giving me the message “Unhandled MIME type: ‘application/x-extension-pdf'”. Here’s how I fixed it.

1. Edit $HOME/.local/share/mime/packages/Override.xml
2. Replace “application/x-extension-pdf” with “application/pdf”
3. Run “update-mime-database $HOME/.local/share/mime”

[Reportedly](http://www.mail-archive.com/evince-list@gnome.org/msg00485.html), a bug in the Nautilus file manager causes this behavior.

Posted on

XRandR in Fedora 8

Fedora 8 ships XRandR 1.2 (the X Rotate and Render Extension), which makes it possible to render a screen onto an overhead projector, among other things. Here’s instructions on [how to do useful things with XRandR](http://www.thinkwiki.org/wiki/Xorg_RandR_1.2#Using_xrandr_to_do_useful_things) (not Fedora specific). For now, control of XRandR is handled through the command line. In Fedora 9 or 10, there will likely be better user interfaces to configure XRandR.

Posted on

Security Lessons from Dick Marcinko

In January, [Dick Marchinko](http://www.dickmarcinko.com/) spoke to my company. Here are some of the lessons that I drew from his hard-to-follow speech:

Most importantly, he said, there is no substitute for human intelligence.

Attackers can…

1. defeat security systems, such as locks, by replacing them with their own security system in advance of a break-in. Security response will trust in their security system to help catch or contain attackers, not realizing that it was replaced and turned to the service of the attacker.
1. use decoys to mislead security response. For example, crews might diffuse one bomb, and they forget to look for a second one.
1. attack during noisy, chaotic, busy times, like shift-change. (My note: Hackers like to hide their malware on busy networks and on busy file servers, such as in university or ISP networks.)
1. trip alarms to assess response capabilities. Once assessed, booby-trap the response capabilities so they are ineffective.
1. evade security systems. TSA secures airports from passengers, but what about security airport construction sites and access? America’s ports and waterways are largely unprotected.

Posted on

Vista’s VirtualStore silently causes problems

When our household bought a Vista laptop, I migrated our install of Quicken 2002 to the new computer. My wife and I have separte accounts, and we update the checkbook separately. When she went to balance the checkbook, she noticed that my entries were missing.

On further investigation, it turns out that when I run Quicken, I can see my entries, but not hers. When she runs Quicken, she sees her entries, but not mine. It appeared that we are using two different databases. Quicken 2002 is supposed to write its files to the c:\Program Files\QUICKENW directory. I had given each of our non-Admin users access rights to write to that directory. I installed [Process Explorer](http://download.sysinternals.com/Files/ProcessExplorer.zip) so that I could see what files Quicken had open, and their location. It turns out that Quicken was writing its files to C:\Users\\[USERNAME]\AppData\Local\VirtualStore\Program Files\QUICKENW\. Why was it doing that? What is this VirtualStore thing?

Apparently, Windows Vista enforces security policy and doesn’t allow applications to write to C:\Program Files. Instead, it redirects badly behaved applications, like Quicken 2002, to write files to a per-user [VirtualStore](http://www.google.com/search?q=vista+virtualstore) directory, and it does this silently (for backwards compatibility). I wish Vista had simply denied write access to Quicken, so I would have known that there was a problem early on, before getting into this mess of having two diverging checkbook databases. I like the additional security that Vista enforces, but it’s inconvenient in subtle and exasperating ways.

Now I need to figure out how to merge our separate copies of the checkbook.

Update: I never did merge the two quicken databases.

Posted on

LatencyTOP

Jake Edge writes “Stuttering audio or an unresponsive desktop – typically caused by operating system latency – are two things that annoy users. They can be difficult problems to diagnose, though, as they are transient and buried deep inside the [Linux] kernel. A new tool, [LatencyTOP](http://www.latencytop.org/), seeks to provide more information on where latency is occurring so that it can be fixed or avoided.”

Read more: [http://lwn.net/Articles/266153/](http://lwn.net/Articles/266153/)

Posted on

Palm TX and Windows Vista

For Christmas, Santa gave me a [Palm TX](http://www.palm.com/us/products/handhelds/tx/) to replace my five-year-old [Sony Clie](http://en.wikipedia.org/wiki/CLI%C3%89). It was more cost effective than a Microsoft Pocket PC device or an [iPhone](http://en.wikipedia.org/wiki/Iphone), and it’s backwards compatible with my tried-and-true software.

Unfortunately, the [Palm Desktop](http://en.wikipedia.org/wiki/Palm_Desktop) software doesn’t work so well on [Windows Vista](http://en.wikipedia.org/wiki/Windows_Vista). It appears to work, but fails in subtle and non-obvious ways.

– Each time I hotsync, it repeatedly backs up all programs and databases, which takes a long time. _Solution_: I gave user write access to the folder where it was trying create the backup.
– CSV import of multi-line Note fields is broken. I used this feature to import addresses from MIS2PALM. _Solution_: I upgraded to [MIS2PALM version 4](http://www.mis2palm.com/), and configured it to export in vCard format. Palm Desktop properly imports multi-line Note fields from vCard format.
– CSV import forgets field-association. It used to remember this. Again, I’ve switched to vCard format, so this doesn’t get in my way anymore.
– HotSync > FileLink doesn’t work.
– The Beta Palm Desktop that’s supposed to be compatible with windows Vista hung on startup.

I had gone through a tedious download, uninstall, install process to try the beta out. I had another tedious process to uninstall the broken beta, and then I installed the previous Windows XP version, which I downloaded from the website to save time (I didn’t have the Palm TX install CD with me at the time). This was a big mistake, I realized several days later, because the downloaded version was missing several features such as the Media, Note Pad and VersaMail plugins to the Palm Desktop. So, I had to go through another tedious uninstall, reinstall process. Amidst all of this, the Desktop conveniently forgot some of my customized preferences, which required yet more time.

What a rant… maybe my experience will help someone else figure out how to solve some of the issues I’ve faced.

I really do like my new TX. It’s faster than my previous Clie. It has built-in bluetooth, which allows me to share contacts with my wife’s cell phone, or with other people. The built-in WiFi allows me to read the [mobile edition of the Deseret News](http://deseretnewscom/mobile) and the [Salt Lake Tribune](http://m.sltrib.com) with the Blazer browser. It’s not good for much more than that. If it’s handheld web browsing that I had wanted, I would have asked Santa for an iPhone or a [Nokia N800](http://www.nseries.com/n800) internet tablet. For me, the address book, the calendar and the [Plucker](http://www.plkr.org/) e-book reader are the most needed features.

Posted on

Getting core dumps on RHEL/CentOS 4, 5, Fedora

Sometimes, it’s nice to get core files, system wide, on a RedHat, CentOS, or Fedora Linux system. Here’s how: [http://kbase.redhat.com/faq/FAQ_49_3652.shtm](http://kbase.redhat.com/faq/FAQ_49_3652.shtm)

The “[core manpage](http://linux.die.net/man/5/core)” is also useful, in particular, the bit about /proc/sys/kernel/core_pattern.