Skip to content

Posts from the ‘Internet’ Category

Feb 21

Warning! Linux Mint – Multiple hacks.

The Linux Mint blog announces that the project’s web site was compromised and made to point to a backdoored version of the distribution. It is advised that if you did download an ISO on the 20th, then you avoid using it.

If you are a forum user it is advised that you change your passwords, especially if it is a shared password on other sites.

The following information was posted on the Linux Mint blog with regards to hacked ISOs:

Beware of hacked ISOs if you downloaded Linux Mint on February 20th!

I’m sorry I have to come with bad news.

We were exposed to an intrusion today. It was brief and it shouldn’t impact many people, but if it impacts you, it’s very important you read the information below.

What happened?

Hackers made a modified Linux Mint ISO, with a backdoor in it, and managed to hack our website to point to it.

Does this affect you?

As far as we know, the only compromised edition was Linux Mint 17.3 Cinnamon edition.

If you downloaded another release or another edition, this does not affect you. If you downloaded via torrents or via a direct HTTP link, this doesn’t affect you either.

Finally, the situation happened today, so it should only impact people who downloaded this edition on February 20th.

How to check if your ISO is compromised?

If you still have the ISO file, check its MD5 signature with the command “md5sum yourfile.iso” (where yourfile.iso is the name of the ISO).

The valid signatures are below:

6e7f7e03500747c6c3bfece2c9c8394f linuxmint-17.3-cinnamon-32bit.iso
e71a2aad8b58605e906dbea444dc4983 linuxmint-17.3-cinnamon-64bit.iso
30fef1aa1134c5f3778c77c4417f7238 linuxmint-17.3-cinnamon-nocodecs-32bit.iso
3406350a87c201cdca0927b1bc7c2ccd linuxmint-17.3-cinnamon-nocodecs-64bit.iso
df38af96e99726bb0a1ef3e5cd47563d linuxmint-17.3-cinnamon-oem-64bit.iso
If you still have the burnt DVD or USB stick, boot a computer or a virtual machine offline (turn off your router if in doubt) with it and let it load the live session.

Once in the live session, if there is a file in /var/lib/man.cy, then this is an infected ISO.

What to do if you are affected?

Delete the ISO. If you burnt it to DVD, trash the disc. If you burnt it to USB, format the stick.

If you installed this ISO on a computer:

Put the computer offline.
Backup your personal data, if any.
Reinstall the OS or format the partition.
Change your passwords for sensitive websites (for your email in particular).
Is everything back to normal now?

Not yet. We took the server down while we’re fixing the issue.

Who did that?

The hacked ISOs are hosted on 5.104.175.212 and the backdoor connects to absentvodka.com.

Both lead to Sofia, Bulgaria, and the name of 3 people over there. We don’t know their roles in this, but if we ask for an investigation, this is where it will start.

What we don’t know is the motivation behind this attack. If more efforts are made to attack our project and if the goal is to hurt us, we’ll get in touch with authorities and security firms to confront the people behind this.

If you’ve been affected by this, please do let us know.

The following information was posted on the Linux Mint blog with regards to the compromised databases:

All forums users should change their passwords.
It was confirmed that the forums database was compromised during the attack led against us yesterday and that the attackers acquired a copy of it. If you have an account on forums.linuxmint.com, please change your password on all sensitive websites as soon as possible.

The database contains the following sensitive information:

Your forums username
An encrypted copy of your forums password
Your email address
Any personal information you might have put in your signature/profile/etc…
Any personal information you might written on the forums (including private topics and private messages)
People primarily at risk are people whose forums password is the same as their email password or as the password they use on popular or sensitive websites. Although the passwords cannot be decrypted, they can be brute-forced (found by trial) if they are simple enough or guessed if they relate to personal information.

Out of precaution we recommend all forums users change their passwords.

While changing your passwords, please start with your email password and do not use the same password on different websites.

Apr 24

Dropping Dropbox

I’ve been a Dropbox user since 2008. I’ve enjoyed using Dropbox over the years, with native linux support and native android support I was able to back up what I wanted to back up (i.e. phone, desktop and server contents) with ease and without having to think about it.

Alas, the time has come for me to give up using Dropbox. Dropbox made a decision this month to appoint Condoleezza Rice, the former secretary of state, to the company’s board of directors. Condoleezza Rice is no friend of privacy. Anyway, I could go on but this issue has been covered in the media enough. For more info visit drop-dropbox.com.

Basically, I cannot trust my data with a company who has an advocate of wire tapping in their board of directors. I was hoping Dropbox would change their minds amidst all the concerned customers raising their voices, but they are standing by their decision.

For now I am considering switching to ownCloud while my data is rsynced to my backup server for the time being.

Aug 16

Android-Motorola

Google acquires Motorola Mobility

Google Inc. (NASDAQ: GOOG) and Motorola Mobility Holdings, Inc. (NYSE: MMI) yesterday announced that they have entered into a definitive agreement under which Google will acquire Motorola Mobility for $40.00 per share in cash, or a total of about $12.5 billion, a premium of 63% to the closing price of Motorola Mobility shares on Friday, August 12, 2011. The transaction was unanimously approved by the boards of directors of both companies.

The acquisition of Motorola Mobility, a dedicated Android partner, will enable Google to supercharge the Android ecosystem and will enhance competition in mobile computing. Motorola Mobility will remain a licensee of Android and Android will remain open. Google will run Motorola Mobility as a separate business.

Larry Page, CEO of Google, said, “Motorola Mobility’s total commitment to Android has created a natural fit for our two companies. Together, we will create amazing user experiences that supercharge the entire Android ecosystem for the benefit of consumers, partners and developers. I look forward to welcoming Motorolans to our family of Googlers.”

Sanjay Jha, CEO of Motorola Mobility, said, “This transaction offers significant value for Motorola Mobility’s stockholders and provides compelling new opportunities for our employees, customers, and partners around the world. We have shared a productive partnership with Google to advance the Android platform, and now through this combination we will be able to do even more to innovate and deliver outstanding mobility solutions across our mobile devices and home businesses.”

Andy Rubin, Senior Vice President of Mobile at Google, said, “We expect that this combination will enable us to break new ground for the Android ecosystem. However, our vision for Android is unchanged and Google remains firmly committed to Android as an open platform and a vibrant open source community. We will continue to work with all of our valued Android partners to develop and distribute innovative Android-powered devices.”

The transaction is subject to customary closing conditions, including the receipt of regulatory approvals in the US, the European Union and other jurisdictions, and the approval of Motorola Mobility’s stockholders. The transaction is expected to close by the end of 2011 or early 2012.

Source

Google now have in their hands a hardware manufacturer. Google have reiterated that they remain committed to the android platform and hope to continue working with their partners, as seen in this statement from Larry Page (CEO of Google) on the official google blog:

This acquisition will not change our commitment to run Android as an open platform. Motorola will remain a licensee of Android and Android will remain open. We will run Motorola as a separate business. Many hardware partners have contributed to Android’s success and we look forward to continuing to work with all of them to deliver outstanding user experiences.

No doubt this acquisition will be worrying for hardware manufacturers who are part of the open handset alliance, it will definitely be interesting to see how this acquisition will affect Android’s hardware partners.

This acquisition also means that Google will have access to more intellectual property thus strengthening their patent portfolio. It is probable that the main reason for this acquisition was to obtain defensive patents rather than Google’s interests in manufacturing hardware for the android platform.

Thus the patent war continues.

Mar 15

NinjaVideo.net + Linux

DivX streaming from Ninjavideo.net on windows was simple enough with the installation of the DivX web player. On linux, the old mplayerplug-inused to work fine when used with a greasemonkey script. Recently however this was depreciated in debian testing, and replaced with gecko-mediaplayer.

With the removal of the old mplayerplug-in for firefox, things stopped working! The videos would not load with gecko-mediaplayer (which uses gnome-mplayer rather than mplayer), and so after some investigation I was able to find a bug report where someone was having similar issues.

It appears to have been fixed in the latest release, but it is not yet in the debian repos. So in order to start using ninjavideo again, you need to compile gnome-mplayer an gecko-mediaplayer. I have keep all my source files in $HOME/src dir simply because it’s easier to manage. You can stick to your habits, or follow the instructions below.


sudo aptitude build-dep gnome-mplayer
sudo aptitude build-dep gecko-mediaplayer
cd ~/src
wget http://gnome-mplayer.googlecode.com/files/gnome-mplayer-0.9.9.2.tar.gz
wget http://gecko-mediaplayer.googlecode.com/files/gecko-mediaplayer-0.9.9.2....
tar xzfv gnome-mplayer-0.9.9.2.tar.gz
tar xzfv gecko-mediaplayer-0.9.9.2.tar.gz

First let’s compile gnome-mplayer:

cd gnome-mplayer-0.9.9.2
./configure
make
sudo make install

Then, gecko-mediaplayer:

cd gnome-mplayer-0.9.9.2
./configure
make
sudo make install

And that’s it, you’re done! Restart firefox, remove/disable any conflicting plugins (e.g. totem, vlc) and ninjavideo should be running as it was!

Jul 27

[mIRC] Request: Coloured nicks

This little snippet will simply colour nicknames when you send a message to a channel that contains nicknames within a line. It wont work if you have other on input events, I.e. acronyms, etc.. you’d have to implement it into that input event. Enjoy!

on *:INPUT:#:{
  if ($active == Status Window) return
  if ($left($1,1) == $readini($mircini,text,commandchar)) || ($left($1,1) == $chr(47)) return
  haltdef
  var %msg $1-
  var %num $numtok($1-,32)
  var %x 1
  while (%x <= %num) {
    var %rand $rand(2,15)
    if ($gettok(%msg,%x,32) ison $chan) var %msg $puttok(%msg,$+($chr(3),%rand,$gettok(%msg,%x,32),$chr(3)),%x,32)
    inc %x
  }
  msg $chan %msg
}

Feb 22

[mIRC] Colour talker.

Version 1.02 – Now detects if +c or +S is set on the channel, and will stop using colour if it is.

Copy the code below:

; Colour talker v1.02
;v1.00
;- first release
;v1.01
;- fixed a silly coding error -_-, my bad (numbers wouldn't show in colour talker)
;- added a bit more error checking, still not perfect, but I can't be arsed right now.
;v1.02
;- Detects channel mode +S or +c (strip colour codes, block colour codes) and will stop using colour in accordance

on *:LOAD:{
   echo -atc info * Info: Successfully loaded colour talker.
   echo -atc info * Info: For a quick guide on how to use this, type /ctalk help.
   echo -atc info * Info: Alternatively you may use the menu, Colour Talker, to set up this script, it only takes a few moments. Enjoy ;).
}
on *:UNLOAD:{
   echo -atc info * Info: Unloading all colour talker variables...
   .unset %ctalk.*
   echo -atc info * Successfully unloaded colour talker.
}

#Ctalker off
on *:INPUT:*: {
   if ($left($1,1) == $chr(47)) || (Status Window == $active) || (@* iswm $active) return
   if ((c isincs $chan($chan).mode) || (S isincs $chan($chan).mode)) return
   if ($ctalk == $false) {
   echo -atc info * Error: You have colour talker enabled but have not set up your colours, type $+($chr(2),/ctalk set,$chr(2)) to set it up.
}
else {
   ;set start marker
   var %x 1
   ;loop, while marker is less than total tokens
   while (%x <= $gettok($1-,0,32)) {
   ;get the first letter of current token
   var %first $mid($gettok($1-,[ %x ],32),1,1)
   ;get the rest of the word, set it to our text variable
   var %text %text $replace($mid($gettok($1-,[ %x ],32),1,1),[ %first ], $+($chr(3),[ %ctalk.c1 ],[ %first ],$chr(3),[ %ctalk.c2 ])) $+ $mid($gettok($1-,[ %x ],32),2,$calc($len($gettok($1-,[ %x ],32) - 1)))
   ;increase our marker, move on to next token
   inc %x
   }
   msg $active %text
   halt
   }
}
#Ctalker END
alias ctalk {
   if $isid {
      if ($len(%ctalk.c1) == 1) || $len(%ctalk.c1) > 2) || (%ctalk.c1 > 15) || (%ctalk.c1 !isnum) return $false
      elseif ($len(%ctalk.c2) == 1) || $len(%ctalk.c2) > 2) || (%ctalk.c2 > 15) || (%ctalk.c2 !isnum) return $false
   else return $true
   }
   if ($ctalk == $false) echo -atc info * Error: Type $+($chr(2),/ctalk set,$chr(2)) to set up.
   if ($1) {
      if ($1 == on) {
         if ($group(#ctalker) == on) echo -atc info * Error: Colour talker is already enabled
         else {
            .enable #ctalker
            echo -atc info * Info: Colour talker is now $+($chr(2),enabled,$chr(2))
         }
      }
      if ($1 == off) {
         if ($group(#ctalker) == off) echo -atc info * Error: Colour talker is already disabled
         else {
            .disable #ctalker
            echo -atc info * Info: Colour talker is now $+($chr(2),disabled,$chr(2))
         }
      }
      if ($1 == set) {
         var %ctalk.confirm $$input(We are now going to set up the colour talker! $+ $crlf $+ $crlf $+ Press "Ctrl + K" for colour reference.,oi,Colour Talker)
         :colour1
         set %ctalk.c1 $remove($$input(Choose a colour: e.g. 2,eo,Select Colour One,%ctalk.c1),$chr(3))
         if ($len(%ctalk.c1) > 2) || (%ctalk.c1 > 15) || (%ctalk.c1 !isnum) {
           echo -atc info * Error: Colour selected must be a numerical value between 0 and 15.
           goto colour1
         }
         if ($len(%ctalk.c1) == 1) set %ctalk.c1 $+(0,%ctalk.c1)
         :colour2
         set %ctalk.c2 $remove($$input(Choose a colour: Ex. 12,eo,Select Colour Two,%ctalk.c2),$chr(3))
         if ($len(%ctalk.c2) > 2) || (%ctalk.c2 > 15) || (%ctalk.c2 !isnum) {
            echo -atc info * Error: Colour selected must be a numerical value between 0 and 15.
            goto colour1
         }
         if ($len(%ctalk.c2) == 1) set %ctalk.c2 $+(0,%ctalk.c2)
      }
      if ($1 == help) || ($1 == info) {
         echo -atc info $str($chr(42),115)
         echo -atc info * The colour talker enables you type in colours that will brighten up your IRC chat a bit (or annoy other users!).
         echo -atc info * Please note this script took just a few minutes to conjure up. Any problems get in touch! forgotten, #mIRC, #Coding, 12www.binaryfront.com
         echo -atc info * Now the important stuff, how to use this thing:
         echo -atc info * To set the colour talker colours type: /ctalk on
         echo -atc info * To turn the colour talker on type: /ctalk on
         echo -atc info * To turn the colour talker off type: /ctalk on
         echo -atc info * For this guide again type: /ctalk help
         echo -atc info $str($chr(42),115)
      }
   }
   elseif ($1 == $null) echo -atc info * For help using the colour talker type: /ctalk help
}

menu channel,status {
Colour Talker
.Set Colours:ctalk set
.Help/Info:ctalk help
. -
. $iif($group(#Ctalker) == on,$style(1) Enable,Enable):ctalk on
. $iif($group(#Ctalker) == off,$style(1) Disable,Disable):ctalk off
}

Usage:
/ctalk help
– Concise information on using this script

You can also use the popups.

I can’t remember who requested this script, and I’m sure I passed it on via IRC anyway. But regardless 😛 here it is for everyone else to see. As always comments/criticism/advise welcomed.

Sep 22

[mIRC] Request: Ban an IP file

A quick and short script written to zline IPs in a specified file. The IPs must be listed in the file as one IP per line, e.g.:

1.3.4.5
1.2.3.4
1.4.5.6
5.6.3.2
6.7.8.6
etc…

Follow the instructions to use.

; To use:
;1) Type /ipban.reset
;2) Ensure you specify the right file/directory in set %ipban.ipfile "nodes.csv"
;3) Type /ipban
;4) Wait until script completes, can take a while depending on size of file.

alias -l ipban_next {
  if (%ipban.pos <= %ipban.total) {
    zline $+(*@,$read(%ipban.ipfile,%ipban.pos)) 1d Tor Exit Servers are not permitted on this network
    inc %ipban.pos
    ipban
  }
  else {
    echo -atc info *** Zlined %ipban.total IPs from %ipban.ipfile
    .unset %ipban.*
  }
}
alias ipban {
  set %ipban.ipfile "nodes.csv"
  if ($isfile(%ipban.ipfile) == $false) { echo -atc info *** IP Ban Error: %ipban.ipfile does not exist | return }
  set %ipban.total $lines(%ipban.ipfile)
  if (%ipban.pos == $null) { set %ipban.pos 1 }
  .timer -m 1 5 ipban_next
}
alias ipban.reset .unset %ipban.*

Let me bring to attention my use of timers over a while loop for budding scripters.

The reason is for large IP files, a while loop will freeze your script. For this reason a timer was used with a 5 millisecond delay, ensuring fast zlines but without freezing the script.

I will edit this script to auto carry out /ipban.reset upon execution, but, as of now, this isn’t required as it does its job (plus I’m short on time again!!!).

Note: to edit the zline time and message:

zline $+(*@,$read(%ipban.ipfile,%ipban.pos)) 1d Tor Exit Servers are not permitted on this network

Change:
“1d” to something you want
“Tor Exit Servers are not permitted on this network” to something you want

Jun 5

[mIRC] Request: !protect & !deprotect

Someone requested a !protect and !deprotect script be made for mIRC, so here it is! It uses chanserv to set the +a and -a modes.

I’ve not tested extensively so errors are entirely possible, let me know if you spot any errors or have suggestions for improvements.

Please set the level yourself, this scriptlet is to be used as a guideline i wouldn’t recommend you all stick it in your scripts as everyone has permission to use it! If you wish to restrict it, have it check a users database or make use of mIRC users lists.

; !deprotect, !protect public commands
on *:TEXT:*:#:{
  ; set max usage, 3 commands in 2 seconds, this prevents people flooding you
  hinc -mu2 usedprot max
  if ($hget(usedprot,max) >= 3) return
  if ($1 == !protect) {
    ;if already in raw processing, return
    if (%pubcmd.prot.busy == $true) {
      msg $chan Try again in a few moments.
      return
    }
    ; identify that protect was used
    set %pubcmd.prot.usedprot $true
    ; set variable to let script know that a request is currently underway
    set %pubcmd.prot.busy $true
    ; set which channel
    set %pubcmd.prot.chan $chan
    ; set nickname as that specified or use nickname of user
    if ($2 == $null) set %pubcmd.prot.nick $nick
    else {
      if ($2 !ison $chan) {
        msg $chan $2 is not on $chan $+ $chr(46)
        return
      }
      set %pubcmd.prot.nick $2
    }
    .enable #check_a
    mode $chan a
  }
  if ($1 == !deprotect) {
    if (%pubcmd.prot.busy == $true) {
      msg $chan Try again in a few moments.
      return
    }
    ; identify that deprotect was used
    set %pubcmd.prot.useddeprot $true
    ; set variable to let script know that a request is currently underway
    set %pubcmd.prot.busy $true
    set %pubcmd.prot.chan $chan
    if ($2 == $null) set %pubcmd.deprot.nick $nick
    else {
      if ($2 !ison $chan) {
        msg $chan $2 is not on $chan $+ $chr(46)
        return
      }
      set %pubcmd.deprot.nick $2
    }
    .enable #check_a
    mode $chan a
  }
}
#check_a off
raw 388:*:{
  ; Check that this raw event occured
  set %pubcmd.prot.388 $true
  if ($3 == %pubcmd.prot.nick) {
    msg %pubcmd.prot.chan $3 is already protected.
    set %pubcmd.prot.isprotected $true
    return
  }
  if ($3 == %pubcmd.deprot.nick) {
    cs deprotect %pubcmd.prot.chan $3
    set %pubcmd.prot.isprotected $true
    return
  }
}
raw 389:*:{
  ; If raw 388 didn't happen (i.e. no +a's)
  if (%pubcmd.prot.388 == $null) {
    if (%pubcmd.prot.usedprot == $true) {
      cs protect %pubcmd.prot.chan %pubcmd.prot.nick
      goto end
    }
    if (%pubcmd.prot.useddeprot == $true) {
      msg %pubcmd.prot.chan %pubcmd.deprot.nick is already deprotected.
      goto end
    }
  }
  if (%pubcmd.prot.388 == $true) {
    if (%pubcmd.prot.usedprot == $true) {
      if (%pubcmd.prot.isprotected == $true) goto end
      cs protect %pubcmd.prot.chan %pubcmd.prot.nick
      goto end
    }
    if (%pubcmd.prot.useddeprot == $true) {
      if (%pubcmd.prot.isprotected == $true) goto end
      msg %pubcmd.prot.chan %pubcmd.deprot.nick is already deprotected.
      goto end
    }
  }
  :end
  .unset %pubcmd.*prot.*
  .disable #check_a
}
#check_a END

This script goes in remote, usage is as follows:

!protect
ChanServ sets mode +a nick1
!protect nick2
ChanServ sets mode +a nick2

Same with deprotect. Not much use if you’re not running an mIRC bot, but a nice look into how raw events work if you’re getting into it!

Enjoy.