Tag: hacking

Posted on

Chrome OS install, hints and tips & my first experience

Horay! Chrome OS is out at http://www.chromium.org/
You can preview it a bit here http://www.engadget.com/2009/11/19/googles-chrome-os-revealed/

First you need to go to install all the pre-requisites to compile it on your Linux system listed here http://code.google.com/p/chromium/wiki/LinuxBuildInstructionsPrerequisites – OR
If you run ubuntu just do this
wget http://src.chromium.org/svn/trunk/src/build/install-build-deps.sh
sh install-build-deps.sh (hit Y near the end when it wants to install binutils-gold ok?)

Download the tar.gz from here http://build.chromium.org/buildbot/archives/chromiumos-0.4.22.8.tar.gz
Or grab the git repo

sudo apt-get install git-core
mkdir [chromiumos]
cd [chromiumos]
gclient config http://src.chromium.org/git/chromiumos.git
gclient sync

Note: This process may appear to hang while downloading the kernel source. It may take anywhere up to 10-20 minutes before you get more feedback

Follow the build instructions here http://sites.google.com/a/chromium.org/dev/chromium-os/building-chromium-os/build-instructions.

Once its booted up and running, you will realize very quickly its just a bootable web browser. There’s nothing else installed or to install. No logout button, no shutdown, no nothing.
If you are cunning like me and want to play then nothing like a ctl+alt+t to bring up a terminal then use your sudo to get root access. (no tutorials on this, if you dont know the power of sudo you shouldn’t be messing with things!)

First thing i noticed was that the main root file system was mounted what seems to be read-only. This i can only presume is for speed (and it is blimmin fast!) amoung other things.

The home directory was mounted read-write however to allow for downloading etc.
Package management or editing system files is impossible without remounting the root filesystem as read-write
mount -o remount,rw /

It appears to be based on Ubuntu, and its so cut down nothing much is installed. However in saying this, its still 589MB on disk when installed, which considering the fact that its not actually running anything other than a web browser, that’s pretty shocking. I can get a full debian install with xwindows and basic apps in that size fairly easily. Perhaps they havn’t had time to strip more garbage from it yet?
I noticed when its running that its using 653MB of my 1GB RAM, and has no swap at all. I presume its entirely running in RAM which contributes to its speed.

Catch 22, ChromeOS uses your google user/pass to login, if you use this then it will automatically log you in to your google acct at the same time, however, Wireless networking doesn’t come up until you are logged in (WPA key) .

I decided I wanted to add another offline user, so i did. My default username/password was chronos/chronos and i didn’t want that (yes downloaded a precompiled image). I added myself a user, then added my user to the admin,video,etc groups identical to the main user. I was still not able to login using this user which sucked, so i copied the homedir over from the first user to the second.

Still no go, so i checked in /etc for hard coded user names and found a few
/etc/security/pam_mount.conf.xml had the homedir to be mounted hard coded into it
/etc/init.d/start_login.sh has export USER=firstusername
/etc/init.d/session_manager.sh has su firstusername -c “/etc/init.d/start_login.sh ${MCOOKIE}”
/etc/acpi/lid.sh has export HOME=/home/firstusername

I edited all these to point to the new username, also copied the firstusername to secondusername homedir, chown’d all the files and grep -r’d and changed all instances of username hard coding.

Whilst editing these files i noticed that the pam_mount.conf contained information for mounting the home directory as an encrypted area.
I rebooted and hoped like heck after editing it would all go well. I should mention here that I’m using my 701 EEE PC laptop here, its a great test bed for lots of things.

After reboot i was still unable to login as the new user, so i checked directories other than /etc and found /usr/lib/chomeos-cryptohome/common

At this point, im tired, its late on a sunday evening and i never quiet got it the other user going. Since i need that offline user account to login before my WPA key/WIFI works, i will pursue this one further, for now im heading to bed (may update post later)

Posted on

Hackers in the Media – Autovoting Polls etc

One little thing that REALLY bugs me, is the medias cluelessness about anything computer related at all. Often referring to ‘Hackers’ without a second thought at all.

A few months back a man was harassing another person on trademe, was blocked, and created another trademe account to harass them further. The media titled the article something akin to ‘man hacks trademe to abuse woman’. Hang on, wouldn’t that mean he did something illegal? or had some sort of computer skill? Are they seriously not aware that any old person who knows next too nothing about computers, can use a second email address signed up freely at gmail.com or hotmail.com, and sign up another trademe account?

This happens regularly, and today is no exception. In the media today i see this article. http://www.nzherald.co.nz/nz/news/article.cfm?c_id=1&objectid=10606941

Hackers force web poll to close after skewing results

4:00AM Tuesday Nov 03, 2009
By Beck Vass

Online polls on nzherald.co.nz have been pulled until further notice.

Online polls on the Herald’s website nzherald.co.nz have been pulled until further notice after hackers entered the system, skewing the results of three polls.

The polls – which included questions relating to whether people thought Destiny Church was a cult or a church, if people thought it was okay for MP Rodney Hide to take his girlfriend on tour at taxpayers’ expense and if people were sick of being told they were ruining the planet – were hacked late last week.

Jeremy Rees, nzherald.co.nz publisher, said a staff member was alerted to the hacking when, in the space of four hours last Thursday, the Destiny Church poll swung from 97 per cent of people saying it was a cult to 60 per cent saying it was a church, with an unusually high number of responses.

On Friday, the Rodney Hide Poll showed 90 per cent of people thought it was unacceptable that he took his girlfriend Louise Crome overseas, leaving taxpayers to foot the $25,163 bill. But that poll also swung rapidly, moving in favour of the MP.

The poll was pulled down and the one that replaced it asked if people were sick of being told they were ruining the planet and from 4pm it was noticed that the number of votes was unusually high for a Friday afternoon, with about 2000 votes an hour.

Mr Rees said IT specialists were looking into the problems and had identified internet protocol (IP) numbers 118.92.185.135, 118.90.40.97 and 203.109.154.13 as the source of the problems but polls had been stopped until issues were resolved.

While some people might think the poll hacking was a conspiracy from interested parties, that was often not the case, Mr Rees said.

“Often most likely it’s some kind of 18-year-old guy in a black T-shirt who’s bored from looking at the new Google wave [a type of software] product and has decided to take a hack.”

Now, seriously, men in black shirts? really? are we back in the 90s when most people on a computer had to be fairly technical to do such a thing, and usually teenagers ergo wearing black shirts?

I’ve been known to use autovoting a few times on various game websites for a little fun. Its not hacking, its skewing the results for sure, but these are not for a competition, they are not voting for a particular government party, and in fact if they were serious about wanting the results to be accurate they would enforce logins, and dynamic hidden fields to help control it.

I notice that they also have included the IP addresses of the computers that were doing the voting, hmm not such a good idea really to do so, however this illustrates that these are not ‘hackers’ , they didnt even use an anonymous proxy.

liz@tulip:~$ host 118.92.185.135
135.185.92.118.in-addr.arpa domain name pointer 118-92-185-135.dsl.dyn.ihug.co.nz.
liz@tulip:~$ host 118.90.40.97
97.40.90.118.in-addr.arpa domain name pointer ip-118-90-40-97.xdsl.xnet.co.nz.
liz@tulip:~$ host 203.109.154.13
13.154.109.203.in-addr.arpa domain name pointer atm1-0-939.akl-grafton-car1.ihug.net.

They are using ihug, xnet and the last one looks much like router or business connection – clearly in Grafton Auckland.

Whilst they may have loaded up something simple like greasemonkey on firefox, then written a few lines of code, they more than likely just downloaded an application similar to those used for runescape to automate things.

So, lets get this straight, there is MUCH debate over what a hacker is, and the difference between a hacker, and a cracker. However, neither one covers whatever the heck the medias idea is. They are what’s generally referred to as a pain in the butt, and in any case, if you are one of the top websites in a country, you should have a LOT better security if you are worried about the validity of your poll data.

ps. I’m a female, and i rarely wear black shirts, i’m also nowhere near 18 , however my son is almost 18, who also doesn’t wear black shirts, and who also could easily ‘hack’ those polls.