h1

Linux Computer Forensics: Deft Linux 8.0b

08/07/2013
Deft Linux 8.0b is out and it's looking great.

Deft Linux 8.0b is out and it’s looking great.

A month or so ago I did a walk-through of some simple computer forensics using Deft 7 Linux (Carve and Sift: My Primer to Linux Computer Forensics). There have been several other versions of this distro to come out since then, but now that the beta for 8.0b has been released publicly, it marks a slight shift in the way Deft handles.

While my previous guide is still valid, there are a few additions that really place this version above its predecessors. Now, I’m not going to go through every change, you can do that by going to their website, but there are some really neat features that I’d like to point out.

New Feel

The first thing that will hit you when you start Deft 8.0b is the new layout. While the base operating system is still Ubuntu (Lubuntu to be precise) the LXDE desktop has been further customized from its 7.x version and now looks and feels like its own OS rather than a 1-off from an Ubuntu derivative. The menu is themed for Deft 8.0 with a little 8-ball and more icons have been added to the bottom panel.

The Desktop is more reserved and better organized.

The Desktop is more reserved and better organized.

[Screenshot of Deft 7]
(Opens in a New Window)

The desktop still has the LXTerminal (a must) and the evidence folder, but gone is the “Install” option. Since this is a beta version it is unclear whether this is gone forever or if it will be back later. 8.0b is certainly installable as the boot menu attests.

Guymanager, a very nice disk managing/imaging tool, has been added as well as the file manager for quick access. You’ll see in my screenshots that there is a “Get Screenshot” icon on the desktop, but that was added by me for this article and is not default.

The menu panel is almost entirely new, with only LxKeyMap being carried over with the standard desktop selector. There is a whole host of new software moved in, some from previous versions of Deft but were housed in the menu (like Autopsy) or on the command line. All-in-all this is a good move, as the most used programs are put front and center and the more specialist and less-used are in the easily navigable menus.

New Software

GuyManager is a welcome addition to Deft 8.

GuyManager is a welcome addition to Deft 8.

Deft 8.0b brings a lot of new software to the distro by default and the latest versions of most of it. This version is 64-bit only, and able to work in up to 256TB of RAM. Previous versions could only “see” 4GB because of the 32-bit limitation.

Again, their post on the update gives a broader view of the changes, but there are a few that I wanted to note in summary:

  • Cyclone is now at 0.2 and appears to be mostly the same as before. I’m assuming the changes are back-end.
  • Sleuthkit 4.0 stable is now included, but the Deft devs say that 4.1 will be on the official 8.0 release. [Website]
  • Guymanager 0.7.1, mentioned before, is a very nice forensics tool/disk mounting utility. [Website]
  • Tor is now available pre-installed with browser. I’ve not much use for this, but it is an increasingly-popular internet-access method. [Website]

Skype Xtractor is also new and is probably my favorite addition to Deft 8. While I’m not a criminal investigator, and I’m generally only using the distro for file-recovery, its future utility could be invaluable. Skype Xtractor is a command-line program that extracts the tables from Skype’s main.db and chatsync files and outputs them to html. So far, you can only get it on Deft 8, but it’s so useful I can’t imagine that it won’t show up elsewhere.

New Everything Else

SciTE is a new-ish text editor to Deft 8 and is the sole resident of the new Programming menu.

SciTE is a recently added text editor and is the sole resident of the new Programming menu.

Almost every other piece of software has gotten an update since Deft 7 and some have been given GUI front-ends, which is nice for beginners or those not terribly familiar with Linux command-line. The focus on 64-bit architectures with this version will mean that it probably won’t supplant my use of Deft 7 completely; there are quite a few machines in use out there that are single-core systems.

If you’re familiar with Deft 7, then I’d recommend getting 8 and using it on your 64-bit machines when able, since everything that was in the previous version is in this one (even though it’s beta) and better. Switch back to 7 only if you have to do so. However, if you’re new to computer forensics then I’d recommend sticking to 7 or waiting for the official Deft 8 release which should be very soon.

-CJ Julius

h1

Syncing Between Linux and Windows with BitTorrent

28/06/2013
Skip the insecure Cloud with BitTorrent Sync

Skip the insecure Cloud with BitTorrent Sync

I’ve always been a DIY kind of guy when it came to technology, and the idea of giving my data to cloud services such as Dropbox or Box.com (and whoever has access to that data besides them) seemed a little iffy. The cloud, as great as it is for some things, isn’t really built for too much security. Keeping data private on an internal system is hard enough, but throwing it out to the internet only multiplies these issues.

That’s where BitTorrent Sync comes in. Built by BitTorrent Labs (and using the BitTorrent Protocol), this solution boasts that it will allow you to sync between different OSes, securely, and without throwing any of it out to the cloud. This increases security incredibly, and isn’t that hard to set up. I put it on my Linux laptop (Stu) and a Windows 8 desktop (Zer0), both of which I’ve used in previous projects. It works, but it has a few caveats as you’ll see below.

Installation on Linux

Linux installation is fairly easy, if a bit obtuse. Instead of an installer of any kind, the package for BitTorrent Sync comes with a License.txt file and a single btsync binary. To start up the software, simply unpack it, navigate to the containing folder in a terminal and run the ./btsync command. That’s it.

$ cd /Location/of/File
$ ./btsync
The Linux binary can be configured through the webGUI (kinda) or the more robust sync.conf file.

The Linux binary can be configured through the webGUI (kinda) or the more robust sync.conf file.

However, unlike it’s Windows and MacOS brethren, there’s no independent GUI to use. You’ll need to open a browser and head to a webpage to administer it. In most cases you can use the address 127.0.0.1:8888

From there you can select the folder you want to sync as well as generate a secret key for said location. The key is to allow other computers on your network to access the folder securely. Barring any conflicting firewall settings on your local machine, this should just be a matter of putting in the secret when you add a folder.

If you need the key from a folder you’ve set up previously, you can get it again from the gear icon next to the listing in BitTorrent Sync. Also, if you head to the Advanced tab you can grab a “Read-Only” secret. If you use this key when setting up another computer, it will read from the folder but never write to it. This is useful if you want the updates to go only one way or you want to give someone the ability to see what’s on your machine without running the risk of them deleting or altering the files.

Installation on Windows

Next, I went to Zer0, my Windows machine, and installed the software. From what I understand, the Windows and MacOS versions are pretty much the same, so other than the intricacies of the Mac platform the installation and use should be very similar.

The Windows application is a little plain, but gets the job done.

The Windows application is a little plain, but gets the job done.

After running the installer, you’ll be presented with a page that has several tabs. Go to the “Shared Folders” tab and click on “Add”. Put in the secret from the share that we want to access and click “Okay”. It should have all the information it needs to connect and start syncing. Mine did it automatically and pulled the four or so test files with no further work on my part.

You can also add a local folder and sync it here. By default it’s the btsync folder in your Documents directory. I just left this as it is for my testing purposes.

Tweaking the System

Now that it’s set up, you can do a few more things to shape it to your preferences. As you first may have noticed you can add any number of folders to sync, for no cost unlike most cloud services. So if your primary concern is just moving files back and forth behind the scenes (as I do) then that’s probably this setup’s greatest strength beyond security.

There are further options as well that fall into the more advanced users’ category. On the Preferences page in both the Linux WebGUI and the Windows application, you can set rate limits, alter whether the software loads at boot and some other odds and ends. In the Advanced section, you can do even more. Here’s a quick rundown of these options:

The conf file has pretty good explanations for every editable line

The conf file has pretty good explanations for every editable line

disk_low_priority: If True, BitTorrent Sync will set itself to Low Priority on the system. Turn this on if you’re noticing serious speed problems when using BitTorrent Sync

lan_encrypt_data: If True, BitTorrent Sync will encrypt data sent over the local network. Turn this on if you want to hide your traffic from others who may be using the same network as you.

lan_use_tcp: If True BitTorrent Sync will use TCP instead of UDP for local transfers. Will use more bandwidth but will be (at least theoretically) more reliable.

rate_limit_local_peers: If True, BitTorrent Sync will apply rate limits (set in General Preferences) to local users. By default rate limits are only applied to external peers (those not on your network).

In Linux, these options as well as a few others are all stored in the configuration of btsync. You’ll need to go to the folder that you have btsync running in to access it. First, you’ll probably want to output a sample configuration and open it in a text editor to see all options you have. There are quite a few.

$ ./btsync --dump-sample-config > sync.conf
$ gedit sync.conf

It’s pretty self-explanatory, but I want to direct your attention to the username/password fields. Remember that webpage we went to earlier to set up the shared folder on Linux? Well it’s actually hosted from your machine, meaning that anyone who as the access to the network can pull up your BitTorrent Sync options and mess with them. So it might behoove you to set this option.

Once you’ve organized things the way you want them in your sync.conf file, save it. Now, you can import it back into the BitTorrent Sync application by running btsync with the modified conf file as such:

$ ./btsync --config sync.conf

Worth the Effort?

And that’s pretty much the ins-and-outs of the BitTorrent Sync application. I imagine that I’ll be using this not as my primary software to sync things between machines or as backups, but I will have it move files and folders from one machine to another periodically. Perhaps one could set up a backup drive on a server that just copies one way from all the machines that are linked to it. I imagine that could be a project for a different day.

On the whole this is a nice piece of software that pretty much does what it says it’s going to do, and securely. I know it’s Linux, but the lack of a real GUI and the complication of editing advanced options by way of the .conf file is kind of a downer. I’m totally fine with using the command line (in some cases I prefer it), but that drags down the score a bit on this one because it’s not very user friendly. Still, a fine piece of software that I will definitely be utilizing in the future.

Rating: 4.5/5 – Pretty darn good. However, the Linux version takes a little work to get customized and the Windows/MacOS advanced pages are a little confusing at first.

-CJ Julius

h1

Online Privacy: How to Get It and How to Keep It.

24/06/2013
Is complete privacy online even possible?

Is complete privacy online even possible?

In the wake of the NSA/British Intelligence scandal, and the continuing surveillance of Internet Service Providers and websites such as Google, the interest in personal privacy has grown. While this article won’t be a long-form argument for personal privacy (mostly because I don’t think I need to do so), there are a few relatively easy things you can do to keep your online persona under your control and there’s good reason for it.

The oft-repeated adage is that “you shouldn’t put anything on the internet that you want to keep private.” While this sounds logical and simple, it usually isn’t. So much of what we do is tied up in the Internet. If you’ve ever bought anything online, done a web search or even paid a bill via a website, then that information is stored somewhere and is accessible to someone. And, while many make the argument that they have nothing to hide, the truth is that you probably do.

Not all of us have a murder or mob ties to cover up necessarily, but almost everyone has a debit/credit card information that we don’t want out there, or a few less-than-flattering pictures. On a different note, just because what you’re doing isn’t illegal, it doesn’t mean that you want to broadcast it to the world. In fact, you might be breaking the law without even knowing it.

That said, what do we do about it? Is there any way to hide everything we do on the net from everyone? The answer is: not really, but there are things you can do to minimize the amount of data you drop into the internet, and at best make it anonymous (not directly tied to you).

I’m going to outline a few steps you can take if you’re concerned about your privacy that will give you the most return for time invested. Much like my recent post on internet security, this is a short list of simple to do things that give you the greatest “bang for your buck”.

Your Browsing and Searching

The browser is where most websites will get the information they collect on you. Most of it is pretty general, the OS/browser you’re using, how long you were on the site, and things like that. However, sites that are more clandestine or that you use frequently can collect a large amount of information about you.

Firefox can be set to wipe everything but passwords every time it's closed.

Firefox can be set to wipe everything but passwords every time it’s closed.

Take Google for example. This is a website that we know collects data on its users and we know has been syphoned by the NSA (National Security Agency). When you log into any of their services, or do any searches from the site, all that information is stored and linked together. This data, over time, can build a pretty accurate picture of you based on your search and browsing habits. It’s not even necessary for you to give Google a name for them to find out who you are, as this can be mined from the data you give them. If you’re constantly going to a few sites and logging in, and any one of them has your name anywhere on it, then that can be linked back to your data.

The data doesn’t even necessarily have to come from you. The recent Facebook breach allowed people to access the contact lists of people they didn’t even know and download them. If you are in the contact lists of people who have Facebook and they’ve uploaded their contact lists to Facebook, then you’re on the site… even if you’re not on the site. Your information can be compromised if you’ve never had an account.

There’s not too much that you can do about the Facebook debacle, short of making sure that no one who has you as a contact uploads their data to the site. Though, there are a few things that you can do in general to reduce your footprint online.

As mentioned in my Internet security post, set your browser to hide you online. Most major browsers now have a “Do Not Track” option in them that will tell sites that you want to opt out of being watched. Most “good” sites will honour this and not track you. However, a few will still do so.

DuckDuckGo is not the most powerful search engine, but it's definitely the most stealthy.

DuckDuckGo is not the most powerful search engine, but it’s definitely the most stealthy.

To combat this, we need to take the browser work a bit further. Having the browser automatically use incognito mode (Chromium/Chrome) will greatly reduce the amount of tracking data that the browser can pass on. However, incognito mode can cause problems with certain websites, so, you can do like I do and have the browser clear everything every time you close it. Firefox has this option, and while it’s not as robust as the incognito/stealth mode, it does make browsing significantly easier. Every time I close the browser and reopen it, it’s like I’ve just installed the browser; websites have nothing to track because as far as they can see, I’ve never been to any websites.

Now, if you don’t want to make any changes to your browser or you want another layer of security, you can change the search engine that you use. While the biggest ones such as Yahoo! and Bing also collect your data and share it, there are ones that are built specifically with privacy in mind. The main engine I use to do all of my searching is DuckDuckGo which keeps no logs on its users and sets up an encrypted connection (via SSL) between you and the search engine so nothing can be intercepted.*

Using the above techniques you can keep your search history private, or at the very least separate you from your searches.

Your Connection and Software

This is all well and good, but it doesn’t protect you against someone snooping on your connection to the internet. Even though you’re anonymous to the search engine, you’re not so anonymous someone who’s watching you browse, such as your ISP or someone sniffing packets in a cafe. To secure that, we’re going to need to hide your internet connection.

The easiest (cheapest) way to do this is to always try the https:// version of a website before the http:// (note the “s” for secure). This little change will create a secure connection between you and the website, making your traffic unintelligible to a malicious viewer. Not all sites support this, but some of the big ones do. The site you’re going to will still be visible, but the contents will not. Keep in mind that this is the “free” option and is very hit-or-miss.


Private Internet Access’s “Why use a VPN?” video.

Another option, which is the route I would recommend, is to push all your data through an encrypted VPN (Virtual Private Network). There are a lot of them out there, depending on how much privacy you want and what price you’re willing to pay for it. Some offer a full range of services including news access as well as other benefits like VyperVPN (will run you about $20/month) or simple unlogged access like PrivateInternetAccess **(about $4/month). In both cases, the system creates an SSL (Secure Socket Layer) VPN between you and their servers and then pipes you with an anonymous IP out to the internet.

Someone spying on you would only see a mass of garbled data being sent to some server somewhere where it disappears. Any website or person on the internet would see your data coming from a block of IPs owned by a VPN company. There’s virtually no way to connect the two (no pun intended).

Skype will allow you to stop cookies and not keep a history as well as other privacy options.

Skype will allow you to stop cookies and not keep a history as well as other privacy options.

If you’re only concerned about eaves-dropping when you’re out and about, you can also use something like Hamachi Log Me In to create an SSL VPN between a mobile device/another computer and a home machine. Keep in mind that with this system, anyone watching your home machine will be able to see the data unencrypted. The secure connection is only between your remote device and the home computer.

Lastly, the software you use on the internet that isn’t your browser, such as Skype or Yahoo! messenger is also targetable. While there’s only a little you can do to secure these, you can do a few things. First of all, check your privacy settings and make sure you have everything locked down. Most of these services have a small but useful section in the options called “Privacy”. Also, make sure your chat history isn’t being saved. You can turn this off in every messenger. While it doesn’t guarantee that the data isn’t being stored elsewhere, it does reduce the lifetime of the data and the chance that it will be recovered.

Am I Private Yet?

So the question remains as to what affect will all this have? The truth is that we don’t know entirely. Depending on who’s targeting you and why, the things listed above, if implemented properly, can range from significant annoyance to complete blackout. However, if you implement no privacy measures you can rest assured that some, if not all, of your data is being collected and catalogued.

Tor is a more advanced way of getting privacy online, but it has it's own weaknesses. Check it out here.

Tor is a more advanced way of getting privacy online, but it has its own weaknesses.

Not all of these may be for you. But a smattering of them in some form or another will help, especially the VPN services, and I recommend you at the very least lock down your browser as mentioned above and in my previous internet security post. Even if you think you have nothing to hide, you may find out in the worst way possible, that yes, you did.

* You can get the add-on/plugin for your browser of choice as well so it’s automatically in the upper right search box on your browser.

** If you’re just looking for privacy and nothing else, this is the way to go.

h1

Vietnam and My Interest in the Minutiae

21/06/2013
Image (c)2010 by Think0.

Image (c)2010 by Think0.

As I had mentioned on a placeholder post (since deleted) I have been in Vietnam for the past few weeks on an academic trip. This blog is generally geared towards technology, so I won’t be focusing on my trip per se, but on the technology I encountered there. There are a few things of interesting note to me and perhaps others that are part of every day life in Vietnam. I decided to combine these all into this one post.

This has got to be a nightmare for installers.

This has got to be a nightmare for installers.

Keep in mind that this is from an American’s point of view, so some of this stuff may be, and is, used all over the world, but this was my first encounter with it in mass. The air conditioning systems mentioned later are a good example of this minutiae that I find interesting, but is probably old-hat for people who’ve always used this stuff.

The first thing that struck me when I arrived was the cabling over the streets. While Vietnam is generally well “wired” in the sense that basic broadband was available in the cities I went to, the majority of it seems to be above ground. Cabling that would normally be hidden beneath the streets was up on posts, creating some very haphazard-looking displays close to that of spider webbing.

I actually saw some installers putting in some new wiring, but I was unable to catch any video of it. It mostly involved threading the wiring around the post and to its destination. It wasn’t clear to me how they were differentiating different cables from each other, or how they were avoiding cross-talk and interference, or if they were even concerned about that.

One of the wiring boxes that I, uh, "found" open.

One of the wiring boxes that I, uh, “found” open.

Speaking of being wired, the city of Da Nang was in the process of implementing a city-wide WiFi service. Even though it wasn’t officially available (it should be by the time this post hits) I was able to use it almost everywhere in the city with varying levels of success. It was about what you’d expect from a public wireless service. Useful, but not as robust as a privately-owned system.

3G service was fairly ubiquitous, and the VNMobile Blackberry that I had been given had signal just about everywhere I went. I did not have the ability to test data transfer speeds, but 3-4 bars was present in most locations, and cities were generally solid throughout. Mobile devices themselves were everywhere, just as in any city anywhere in the world, though I saw much fewer tablets than state-side. I’m not sure the reason for this, but I imagine transportation might be part of it. Most Vietnamese ride motorbikes so maybe finding a place for a device of that size is difficult. I can only speculate.

The timers on the lights are a really neat idea.

The timers on the lights are a really neat idea.

Moving on to more minutiae, the traffic light systems are quite similar to what you’ll find in just about every country, with the addition of a timer. Especially in the larger cities, lights had timers that would tell you how many seconds until it would change. It was my understanding that this was prevent people from preempting the lights and causing accidents, as well letting motorists check their mobile devices or do other things at a stop light without holding up traffic when it suddenly went green.

Also, while this might be odd to point out, the air conditioners, both in private residences I visited as well as in most hotels, were these single-room setups. They were mostly operated by a remote, and as I found out later, called “ductless” air conditioners. Here in the United States, A/C units are usually large affairs (especially in the case of central heating and air), even the small units, and have to be planted on the outside of a residence. The ones I encountered in Vietnam used less power, could be placed anywhere in a building and were hyper-efficient. However, they had the drawback of not quite offering quite the cooling power of some of the Western ones that I’m accustomed to.

The A/C on the inside feeds through a tube to a fan mounted somewhere on the outside of the building.

The A/C on the inside (top) feeds through a tube to a fan (bottom) mounted somewhere on the outside of the building.

Lastly, along the same line as the air conditioners, the most common type of water heater was not a tank water heater as is common in the States. Almost every place I went used in-line tankless water heaters. These work by heating water as it’s used rather than heating and holding it until use. These can be set up to heat with electricity (the most common I saw), natural gas or even propane. The only problem I had with these was that they sometimes didn’t get hot enough or took a long time to get “warmed up”. Again, very efficient but not as robust as the tank ones I’m used to using in the US.

I did a lot more on this trip than look at water heaters and street lights, but I thought that these little tidbits were the best suited for this blog. I find the differences in the technology that people use on a daily basis the most interesting, as all “good” technology intertwines itself seamlessly into our lives.

-CJ Julius

h1

Creating a Simple Linux Webcam Server

31/05/2013

Whether you’re needing to create your own security camera, or you’re wanting to set up an always-on web video, having constant, recorded video feed can be useful. It’s even more so if you can access it while you’re not at home, say, over the internet. That’s what I did a few weeks ago, with an old computer (Crusher) that I’ve been using as a file server. Now it’s pulling double duty as a constantly-streaming video service that broadcasts over the internet.

See and Record from anywhere

See and Record from anywhere

Now, this setup is quite simple, and as such has a few drawbacks. There is no security implemented in this guide, though that can be done fairly easily afterwards. There is a little bit of upkeep, and it doesn’t do everything on its own (such as file cleanup). On the flipside, it’s not very resource intensive, records everything, can be set up, sent off and running in an afternoon and is extremely stable. I’d also like to mention that it’s dirt cheap, as this can be put on almost any machine made in the last decade.

If these strengths and weaknesses sound like what you’re trying to do, here’s how to put it together.

The Tools

What you’ll need:

  • A PC with at least one free USB port.
  • Ubuntu Linux 10.04LTS or later installed.
  • A Linux-compatible webcam.
  • Access to the internet (from the PC).
  • A Router that can support Virtual Servers or Port Forwarding.

The USB port can be 1.1 or higher. Most webcams don’t push through enough data to really need the higher speeds. Though if you did get a higher-resolution webcam, then make sure you’re attaching it to a port that can handle the load.

This old Dell Optiplex GX1 is enough power to run both a Linux fileserver and webcam server.

This old Dell Optiplex GX1 is enough power to run both a Linux fileserver and webcam server.

In my case, I’m assuming that you picked up a really cheap webecam. For my purposes, I chose the Logitech C200. Everything Logitech is pretty much plug-n-play (ie “It just works”) with Linux. You can pick up that cam for about $12-20, but there are even less expensive ones out there that will function just as well.

The PC that I’m showing you this on is a very old one (Pentium 3-era) with about 512MB of RAM and running Ubuntu 10.04 LTS (server repositories). Now, 10.04 is out of date as of this writing, but I’ve since migrated the repositories over to the sever versions. This guide will still work on 12.04, as I tested it on that system as well, but for the sake of consistency, I’ll be showing you everything from my actual server’s view.

The router needs to support port-forwarding or virtual servers for you to be able to get to it from the internet. If you’re not worried about that, then you can ignore this requirement. Most routers support this anyway, so you’re probably fine. In either case, your “server” will need to able to access the internet.

Motion Setup

Booting your computer with the webcam plugged in should be sufficient to register it in the system. To find out if it is indeed in the system, use the lsusb command (List USB) to see all of the devices connected to your computer via USB. You should get output that says something like the following:

cjjulius@CRUSHER:~$ lsusb
Bus 001 Device 002: ID 046d:0802 Logitech, Inc.
Bus 001 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub

The Logitech device is being registered by the system. If you don’t see your device here, then you’re most likely looking at a hardware issue, as Logitech uses the standard uvcvideo drivers and software-wise sets up very smoothly. If you’re not using Logitech and you’re not seeing your device here, then you’ve got some troubleshooting to do.

Next, we’ll need to find out where in the system our camera is mounted so we can point our software to it. Use the following command to see where your usb device is currently mounted. Basically this command lists all the devices connected to your system, then sends that to the grep tool which in turn filters everything out but devices with the word “video” in them.

cjjulius@CRUSHER:~$ ls /dev/ | grep video
video1

Make a note of this device’s lotion, which in my case is: /dev/video1

Now we need to install motion, our webcam recording software. So, we’ll act as a superuser, telling aptitude to get the software from the repositories and install it:

sudo apt-get install motion

Then we’ll go to the configuration file and edit it, so we can point motion to our webcam and maybe edit a few options. First I’ll copy a backup (in case we goof) and then we’ll edit the original. You can use either nano or gedit, depending on your preference. I’ll use nano, because it is low-resource and Crusher is an old computer doing a lot of stuff. Again, we’ll need to act as a superuser to do so.

sudo cp /etc/motion/motion.conf /etc/motion/montion.conf.bak
sudo nano /etc/motion/motion.conf

In here are a lot of options, and some you’ll probably want to tweak at a later date. Right now we’re just interested in getting this thing rolling and we don’t want to get bogged down in the details. We’re looking for a line labeled “videodevice” under the “Capture Devices” heading. It should be pretty close to the top.

On the same line as videodevice, we want the /dev/video0 line to point to our webcam that we found earlier. So, in my case it reads:

videodevice /dev/video1

Your device line should look something like this in motion.conf

Your videodevice line should look something like this in motion.conf

Save the file and exit the editor. Again, there are lots of options in here (including password protection) but we’re not interested in that right now. We just want to get a simple webcam server up and going, though I encourage you to come back and tweak the settings, or at the very least see what you can do with this program.

Now, you can run motion by simply typing “motion” at the command line. Remember that motion stores video streams as .jpgs and uses the folder you run the command from to store the files. This can fill up smaller drives very quickly.

My method to deal with this is simple, but isn’t elegant. I navigate to the Trash folder and run motion from there. Then, when I want to clear the files, I just log in and empty the trash.

cd ~/.local/Trash/files/
motion

Webcam Viewing

Assuming that motion is now running successfully in your terminal, we can see what your camera is seeing. Open a browser and go to http://127.0.0.1:8081

If you go to any other computer on your network, you can simply put into your browser the following to see your webcam:

(PC's IP address):8081

If you don’t know your Webcam Server’s IP address, we can look at the interface configuration output and filter it for an internet address. You can do this by opening a terminal and typing:

ifconfig | grep "inet addr"

It should be the first one on the first line. Not the 127.0.0.1 line. In my case it’s 192.168.100.6

But, if we’re away from the building with the webcam, that’s not very helpful. We want to be able to access our server from anywhere in the world. So, we need to set up a method of getting to our home machine from elsewhere.

First, we need to forward the appropriate ports so we can see the video stream. Motion, by default, uses only the one you saw before: 8081. We just need to get our router to connect the dots between any connection that comes in from the internet on that port, with our server.

This is what mine looks like, but they're all a little bit different.

This is what mine looks like, but they’re all a little bit different.

Go into your router’s settings page, in my case it’s an Arris modem/router, and go to the Firewall/NAT page (or something like it). Look for “Port Forwarding” or “Virtual Servers”. Select that you want to “Add New”.

Use the 8081-8081 range for both incoming and local ports and then put the local PC’s IP address that we got with the ifconfig above. The description can be anything.

Now, if you go outside your network, you can put in your own home IP address with the :8081 on the end and connect to your webcam. If you don’t know your outside IP address go to a site like WhatisMyIP.com and it will tell you.

Again, this is all well and good, but your IP can change, and even if it doesn’t for a while, that number is hard to remember. So, as our last step, let’s make this more human-readable and dynamic. We’ll go get a free dynamic DNS account and use it to redirect traffic from a more user-friendly name. Keep in mind that while useful, this is still an option and you can still use the IP web address [Your Outside IP]:8081 to get to your webcam.

This is approximately what the Dynamic DNS redirect setup should look like.

This is approximately what the Dynamic DNS redirect setup should look like.

Go to a site like NoIP.com and sign up for a free account. Select that you want to Add a Host and then come up with a unique hostname and use one of the default domains; usually only a few are available for free. You should see your outside IP listed in the box.*

Set it to a port 80 redirect and that you want it to connect to port 8081. You can also mask the URL if you want, but I’ve found that rarely works. Add the host and you should be good to go. Now pointing any browser to your no-ip domain name (without the :8081 on the end) will pipe you from anywhere to your webcam server.

And that’s it, you can go to any computer that has internet access and see what’s going on wherever you set up your webcam.

*I chose NoIP because they have a Linux software package that will update the IP your redirect is associated with automatically. Eventually, your IP is going to rotate and it’s nice to have that piece of software watching that for you. See their page for instructions on how to install it.

-CJ Julius

h1

The Easiest Way to Root a Galaxy Note 10.1

27/05/2013
Unlocking your Samsung Galaxy Note 10.1 (Proceed with Caution)

Proceed with Caution

Rooting your device is a pretty dangerous game, even nowadays when it’s almost commonplace. You can lose your data, void your warranty or even brick your device. However, if you’re looking to really unlock the power of your Android tablet, there’s really no better way. It gives you unparalleled access to your files, ability to install apps that do some pretty amazing things, or even install your own OS aside from Android.

So, obvious warnings aside (above), I want to show you the easiest way I’ve found to root the Galaxy Note 10.1, my favorite tablet. Ideally, you’ll lose no information and really not notice much of a change to the OS, excluding a new app that manages root access. It’s also really quick (maybe 30 minutes at most).

However, one last time, I am pointing out that this can destroy everything, and is just here for your edification; I take no responsibility for you turning your Galaxy Note into a dinner tray.

The Tools

There are four pieces of software and two pieces of hardware that you’ll need for this.

Software:

  1. Windows – Sorry, but you’ll need to use Windows Vista or later (I haven’t tried on XP, so I have no idea, but I imagine it will work)
  2. Android 2.2 or later – Works all the way up to Jellybean 4.1 that I’ve tested.
  3. Samsung Kies – This is the software that you’ll need to set up your computer to modify the system files we’re going to be changing. [Download]
  4. CF-AutoRoot – The rooting software itself, just open this link in a tab and we’ll get back to what you need later. [Download]

Hardware:

  1. Samsung Galaxy Note 10.1 – Your tablet, durh.
  2. Charging Cable – Has a 30-pin connector on one end and a USB on the other.

The Process

First of all, install Samsung Kies if you haven’t already. At the end of the install select the option that you don’t want to launch it (there’s no reason to, we’re not going to be directly using it) and to launch in Normal Mode. That’s all we’re doing with that.

This is what it should look like if you've done it right.

This is what it should look like if you’ve done it right.

On your tablet, open Settings and go to the “About Device” page, usually located at the bottom of the options. You can see your Android version here (make sure it falls in the range listed in tools) and the Model Number. It should be something like GT-N8xxx. Remember this model number.

Look at the page for the CF-AutoRoot forum that is listed above and find a link with your model number in the third post. It must EXACTLY match that number. Download that zip file and unpack it somewhere.

Now, on your tablet, hold in the Power Button and the Volume Down button for about 10 seconds. Your tablet will take a screenshot and then reboot. Keep holding down the buttons until you see a diagnostic screen with an Android symbol and the WARNING page which you should probably read. We’re reaching the point of no return. Click the Volume Up button to acknowledge that you understand the risks. You will see a “Downloading…” message.

This new app will be installed after reboot and will let you manage how apps get access to root.

This new app will be installed after reboot.

Plug the charging cable into the tablet and into a suitable USB port on your computer. Set the tablet aside and leave it alone.

Open the Odin-vxxxxx.exe as an administrator.* You should see a yellow box with COM1 or something like that in it. If not, reboot your computer and try again, starting from the beginning of this paragraph.

In Odin, click on the PDA button. Navigate to the folder where you unpacked Odin executable, select the .MD5 file (it should be the only option) and open it. Click the Start button.

After a few seconds the first box should turn green and say PASS. Once it does the tablet will reboot and your tablet is now rooted.

The Aftermath

Root Explorer App is a really powerful tool, especially for the price (free).

Root Explorer App is a really powerful tool, especially for the price (free).

This “autoroot” is the simplest of roots and keeps your tablet as close to stock (as Samsung released it) as possible. It gives you and apps superuser access and manages them through a new app called SuperSU. This is perfect if you’re looking to install some stuff that needs Superuser access or you want to go poking around yourself. However, this isn’t tailored for power users or those who want to supplant Android with another OS.

The first super-user required app that I send most people to is Root Browser on the Play Store. It’s a powerful file browser and it’s free. Be careful not to damage your system!

*If you don’t see the Odin executable, then you may need to get it separately. A stand-alone version of Odin can be found on the same forum attached to the second post. Just download it and extract it to the same folder as the MD5 and continue on.

-CJ Julius

h1

How I Got My Android Tablet to Boot Windows 95

24/05/2013

I was rummaging through some old software of mine a few weeks ago and taking stock of the old operating systems that I had commercially. I noticed that along with some older versions of Redhat and Ubuntu Server, I owned every version of Windows since 95, including quite a few server versions. I wondered what I could possibly do with them, since I don’t even use my store-bought copy of Windows XP anymore.

Hey, I remember you.

Hey, I remember you.

Then I looked at my new Galaxy Note 10.1 tablet and got an idea. I wondered if I could get Windows 95 to boot on it. So, I fired up Virtual Box and an old machine I had and got to work.

Note: I am using Ubuntu 12.04LTS and a Galaxy Note 10.1 to do this project. Also, I had access to another, older machine with which I could install Windows 95 myself. Your mileage may vary.

Build 95

There are a few ways to go about this. One is to use Virtual Box to create working Windows 95 VDI file and then convert that to an IMG after you’ve got it running and another is to just find a computer with Windows 95 and make an image of the drive. Either way you’ll have to do three things:

  1. Install DOS 5.x or better before installing Windows.
  2. Install Windows 95 and get it working.
  3. Make your image (.IMG) file.
Click to Enlarge

In Virtual Box, you’ll need to set up an MS-DOS environment first and then probably migrate to 95 later.

Now, I’ve tried both ways, and they’re both complex. In the first example, using Virtual Box to create a Windows 95 compatible area for the OS to work in is a pain. This is because the Windows 95 disk is not bootable (and neither is Windows 98 for that matter). You have to have DOS 5.x or later installed first and THEN go to Windows 95. This is as much work today as it was back in when Win95 came out.

Then, once you have Windows 95 running you need to get all the drivers (and you’ll probably have to use an older version of Virtual Box because of compatibility issues), some of them custom-made, install them, and squash bugs as they come up.

When you have everything set up Virtual-Box side, you can convert the VDI to an IMG file to make it usable with the vboxmanage command in termninal:

vboxmanage clonehd Win95.vdi Win95.img --format RAW

This is not the method I recommend, as it is the hardest even with a walk-through, however it may be the easiest for people with limited access to hardware. I had, luckily, a piece of hardware that would run Win95 with minimal effort so I went that route.

First, I put I installed MS-DOS 5.0.7 (available legally and for free here) from some image files to actual real-live 720KB disks. Yes, I still have a few of those. Then I set up my CD-ROM*, no small feat, and began the Windows 95 install.

Once this had been done, I pulled the HDD out of the computer and connected it to an IDE slot in another machine. I then used the dd command to make a raw image file of the newly-added drive. This ended up giving me a large file because I had given a Gig of space to the virtual drive so I’d have lots of space to move around. You could probably get away with only 200 or 300 MB if you wanted to do so. In any case, the command to image the drive was:

dd if=/where/drive/is/mounted/ of=where/you/want/image/ bs=4K

Now I had my Windows 95 image and it was time to get it running on the tablet!

Install 95

There are multiple ways to get Windows to run on your tablet once you have an image you like. I personally went through my version and pulled out all the things I didn’t want so I could create a smaller image. I eventually got the entire thing down to 200MB, but that was with a lot of work. There are also two ways to get the image running on your tablet. There’s the way I did it initially, and then the easy way. I’ll be showing the easy way and then give a brief overview of the more difficult path.

The Easy Way

You’re also going to want to use something like AirDroid, which I’ve reviewed before, to move the files over because chances are you’re going to be doing this a lot. As you make tweaks or move different things back and forth that GUI is going to come in real handy.

Click to Enlarge

After you put in the image location and name, it will need to copy it to the SDLlib’s directory, probably on your internal memory.

Move your image file over to your device and take note of its location. You’ll probably want to write it down or something, make sure you note the CASE of the letters, because that will be very important. Also you’ll need to make sure you have enough space to copy the image over to the working directory of the emulator that we’re going to use here in a minute. So you’ll need at least twice the space of the original IMG file to use it.

Go to the Play Store and find Motioncoding’s Emulator. It looks like an Android with the Windows XP flag colors on it. Download, install and run it.

Once running, go through the menus (using the forward/back buttons, it really couldn’t be more simple) until it asks you to install libSDL and do so. Then select the option under “Import from Library” to Add Custom Images. Name the image whatever you want and put in the path to the image in there. For example, mine is:

/storage/extSdCard/SDL/Win95.img

Select the image from My Images and continue to the end. You should see your OS boot.

The Hard Way

The reason I’m putting the hard way on here is because it gives you a bit more control over your install and, I think at least, runs a bit faster. In any case I’m going to assume that you’re doing it this way because you’re a little more experienced/curious and don’t need me to hold your hand.

Click to Enlarge

Copying over the SDL apk and related software.

Step one is getting a working version of the SDL apk and installing it. You can do a quick Google search for it, but I’m not sure of the legal ramifications (or its copyright) so I’m not putting a direct link here. Keep in mind that you will need to allow “Apps from Unknown Sources” to be installed on your device. This can usually be found in the “Application Settings” area, depending on your version of Android.

Place your Win95 image in the SDL folder with the APK and rename it c.img, and load SDLlib. You may have to do more tweaking at this point as Networking didn’t work out-of-the-box for me. I needed to modify some already existing .bin and .inf files to coax them into doing what I needed to do, and even then it’s a little haphazard. You’ll need to have some method of editing the img file if you can’t get networking going or you’re going to need to re-image the drive every time you want to make a change.

This way you’ll also have access to the BIOS and VGABIOS bin files, if needed, but I didn’t end up touching them.

Android 95

My reasons for doing this were purely academic. I just wanted to see if I could get it to boot and get it usable. After several weeks of poking at it I was, by all of the above methods, able to get 95 and 98 going this way. Windows 98 was just a matter of upgrading 95 and creating a new image file. I can’t think of many reasons to do this other than for the learning experience, though there are lots of pieces of software out there that don’t work so well in modern versions of Windows and maybe you want to take them with you.

Click to Enlarge

Windows 95 successfully running on my Galaxy Note 10.1 with mouse and keyboard support

Also, I was able to get my Logitech keyboard/mouse combo to work through the 30-pin charging port, and while dragging the cursor across the screen and “clicking” by tap was interesting, the keyboard is the way to go. It’s just too cumbersome for daily use otherwise.

So there it is, an Android tablet booting Windows 95/98! You can supposedly do this with Windows 2000 or XP, but I have not tried. If you have let me know, because I’d be interested in how you got native NTFS to work.

*There’s no instruction here because it really depends on your CD-ROM as to how you’d go about this. You’ll have to find one that will work with Win95 and DOS. I had one in the machine already so it was just a matter of setting it up manually through DOS.

-CJ Julius

Follow

Get every new post delivered to your Inbox.

Join 59 other followers