Archives for the month of: June, 2013

Happy 20th Birthday FreeBSD!

Today marks the 20th birthday of Berkeley Software Distribution, the dissertation project of computer science visionary Bill Joy, and also the codebase for Apple’s OSX.

NSA proof font?

Stumbled across this on Slashdot, and am interested, but curious regarding deployment and practical application of such.

With the recent surveillance nightmares of 90s hackers coming true, I’ve begun moving a bit toward the “dark arts” of networking, as agencies such as the NSA and CIA are rather blatantly spying on the American people now. I am not fully informed on how the rest of the web looks, but I don’t think it’s much better. I know Brazil is a mess at the moment.

Facebook is currently the most popular social network site, and has gotten more commercial by the day since it achieved its popularity. Numerous companies use facebook “likes”, comments, and social patterns of Facebook for marketing purposes, and borderline legal data mining for their own purposes. Facebook is also notorious for disrespecting the assumed privacy of such a network, and anything discussed in Facebook messages can be assumed to be open for their admins, other companies, and law enforcement to read.

In this mini-tutorial I will guide you through how to run Facebook chat through a separate client, and encrypt the messages so Facebook’s staff and records cannot read them. Other Facebook interaction cannot be secured from their own servers this way, but there is a great open-source, community maintained social network called Diaspora* starting up now. If one really cares about security, a direct connection from server to server is optimal, followed by secure forums such as IRC. However, Facebook’s pre-existing network is too convenient to ignore.

*DISCLAIMER* If you use this to mask illegal activities, don’t blame me

*DISCLAIMER* BOTH ends will need to be set up like so for this to work

1.) Install pidgin. Pidgin is a small IM client on a GNU General Public License, and works in Linux with Gnome, KDE, and on Windows. (Windows is not featured on this blog, but the Windows set up should just be an install .exe or .zip, then again for otr which will be mentioned later on)

for Debian/Ubuntu/Mint: su -c “apt-get install pidgin”

for Fedora/Red Hat: su -c “yum install pidgin”

for Arch Linux: su -c “pacman -S pidgin” (unverified, but should be there, otherwise check AUR)

2.) Get pidgin-otr. To save time this could have been done with the above step, but I felt it was important to identify this extension separately. OTR means “off the record”, which is a feature of pidgin allowing encrypted chat between users. I believe this method will use PGP, but I could be wrong.

for Debian/Ubuntu/Mint: su -c “apt-get install pidgin-otr”

for Fedora/Red Hat: su -c “yum install pidgin-otr”

for Arch Linux: su -c “pacman -S pidgin-otr” (unverified, but should be there, otherwise check AUR)

3.) Configure otr in pidgin. This is done by launching pidgin, the at the top navigating Tools > Plugins, or hitting ctrl+u. In these plugins, check the checkbox next to otr, then in those settings, enable otr, but do NOT require it. Requiring it will prevent pidgin from sending unencrypted messages, so the client will not work unless both ends of chat are configured this way. Next it will have an option to create a key, which will take a few moments. Try to move the cursor around and hit random keys to create entropy.

4.) Configure facebook. Pidgin should have a wizard for this, and if you do not know your username, go to your facebook page and the URL will be www . facebook . com/YourUserName, and your password will be your password.

5.) Begin otr chat. Open your “buddies list” for Facebook, then right-click a name and choose “IM”. This will being an IM session with this user. Pidgin, if properly configured, with have a button which reads “not private”, which is used to toggle private, aka encrypted conversation. If the other end is not set up, the message will read [encypted message], and then all messages after the “starting off the record chat” message will show up normal, and unecrypted. Again, both ends must be set up this way, and they must accept the invite to otr, or this will not be encrypted.

In conclusion, one can essential ignore Facebook as a social network, and just pretend it’s a very popular IM client, and after removing personal data from their site, ones security is restored. Through encrypted messaging Facebook is unable to read messages, and with no “likes” or personal info to mine, they have nothing to gain from you, and you are, as the title says, using Facebook without them using you.

As far as I know, Facebook stores all removed data for a period of 6 months before actually deleting. Please comment, ask questions, provide further info, or notify me of errors or vulnerabilities of this method in the comments.


photo credit:

As promised, my overall Debian 7.0.0 “Wheezy” review.

I have spent the last 3 years settling on a Linux distro, and I think Debian is the one. Although I liked Mint and Ubuntu’s broad software support, I was quickly repelled by their lack of customization ability, and general “fatness”. I then migrated to the redhat based distros, but didn’t like openSUSE and left Fedora because of the faulty sleep mode and power issues. Arch could’ve been the one, but software support was sparse, and I had some serious python issues. Anywhere further to the “conservative south” of Unix-based operating systems was simply too inconvenient to be used within reason (Slackware, Gentoo, FreeBSD, etc). Debian ultimately came out on top as it was both reasonably lightweight, and had aptitude for software support.

I took a few install discs to get Debian working, but I believe that was more the fault of my CD burner than the install ISOs. I had tried Debian previously, but was repelled by the childish and inconvenient interface of KDE, and did not know how to change out desktop environments. However, I now have Debian running with gnome 3, and am satisfied with the interface.

My favorite aspect of Debian is the package manager, Aptitude. I still prefer Arch Linux’s package manager, Pacman, but Aptitude currently has a drastically wider range of software due to the success Ubuntu, which began life as a Debian fork. A few repetitions “apt-get install -f” are sometimes necessary when installing software from .deb packages, but for the most part installation hasn’t been a problem. Unfortunately, Valve’s Steam network will not work on Debian as some of its dependencies are proprietary to Ubuntu. The only distros aside from Ubuntu I have seen Steam work on are Fedora and Arch Linux, although the Fedora package has since vanished.

I have yet to reach the expert level in knowledge of OS development, but I feel confident saying Debian is much more lightweight than Mint or Ubuntu, as it does not focus nearly as much on user friendliness and looking pretty (in my humble opinion, plain gnome looks better anyway). It is also the second fastest-booting OS I’ve used with gnome 3, bested only by Arch Linux.

Overall, due to its lightweight nature, and vast software support, Debian is tentatively “the one.”

please leave any opinions, recommendations, questions, or answers in the comments.


Debian fun facts:

Releases are codenamed after characters from the movie Toy Story

The name Debian is a concatenation of one of the developer’s name, Ian Murdock, and his girlfriend’s name, Debra Lynn.

After attempting to introduce some less skilled to the wonderful world of Linux, I realized the vocabulary can be quite esoteric. Here’s a quick guide on common used terms, and commands you may need to use accordingly.

OS: Operating System. This is the software that enables you to run programs on your machine.

*nix: Common abbreviation for Unix-based operating systems, using the wildcard character *, as is common in unix-based commands.

x86_64: Could write for a while on this, but in short, this means you have a 64bit os. (can be found with command uname -m)

i386: Same as above, except it means you have a 32bit os.

distro: short for distribution. the GNU/Linux operating system has many branches, or “distributions”, the most common of which are Debian, Fedora, Ubuntu, Mint, and openSUSE.

kernel: The software which acts as a bridge between the os and the machine hardware. Linux is a kernel.

package manager: Software responsible for upgrading, installing, removing, and check compatibility for programs and libraries. Some examples of package managers are aptitude, yum, pacman, and zypper.

CPU: Central Processing Unit, aka the processor. The processor is the component of a computer responsible for performing the mathematical operations which make a computer run.

RAM: Random Access Memory, main memory, or just memory. This is where active programs and open files are stored. RAM tends to have a dramatically higher data transfer rate than auxiliary memory (your hard drive), and 4GB is recommended for home PCs.

Path: Can mean either the path to a file (for example, /home/linuxsupernoob/Documents/blogpost.txt), or the list of directories in which terminal searches for commands (type echo $PATH to view).

IDE: Integrated Development Environment. Special programs used for making other programs.

JRE: Java Runtime Environment. You will very likely need one of these.


There should be wikipedia links in case I’m wrong or you require more reading, and please let me know in the comments if I missed anything

Finally got around to running Debian, will review upon further use.

Thus far am I very impressed, and think this will be the one.