Father of 3 – Victim of a HIT AND RUN

On Tuesday 7th June 2011 at approximately 7:30pm, A friend of mine was cycling home from a day at work, heading southbound on Princes Highway near Preston Ave in Engadine. He was struck from behind by a car at approximately 60kmh/hour then rammed into the back of a parked car suffering very serious injuries.

His name is Greg Holden.

Greg is a loving father of 3 kids, a husband and a friend of many who consider Greg the most caring and down-to-earth, genuine person on this planet.

Greg was admitted to St George hospital with severe trauma requiring immediate surgery to his face which has many lacerations. Greg also has severe injuries to his right arm & hand which may require surgery depending on the outcome of scans to Greg’s most serious injury, his broken neck.

Greg is self-employed (not a desk job either) and out of work for an unknown period of time due to his injuries.

As the driver of the car that hit Greg fled the scene leaving him to die, Greg is unable to claim for insurance or compensation due to no person coming forward and being ‘at fault’.

If anybody was a witness to the incident, or has seen a car with a broken windscreen or any damage that would indicate they have hit somebody; Or even if you have any (albeit minor) information about the incident – Please come forward.

Constable Dave Maione from Sutherland Local Area Command will be able to take your call on (02) 9542 0899.

Alternatively you can contact myself if you wish to remain anonymous or do not wish to speak to police, I can be contacted via email at: [email protected]


If you can also help spread this message, by forwarding this on to anybody who lives in the area and may have seen something, It would be greatly appreciated.
- Greg’s Familly and Friends

Apple iCloud Release Tomorrow

For a long time now it has been said that Apple will open up their MobileMe platform to compete against Google’s free to use SaaS Products (GMail, GDocs, etc.). With Amazon’s Recent push into their mp3 cloud player and the huge market share that iTunes holds, it makes sense that the MobileMe product will soon interact with iTunes and users will be able to store their music in some sort of online HD, However the question about how Apple can charge users to stream music they already own lingers.

More will be revealed when Apple officially announces the service. The cost is going to be an interesting contributing factor. At the moment, MobileMe costs $99 a year per subscription.

With storage moving to a cloud service, the need to huge hard drives will start to diminish. Once content is stored remotely, Apple’s iPad will take on a whole new importance.

Steve Jobs will officially announce iCloud at 10am June 6 at the Apple Worldwide Developers Conference.

Linux 3.0 will support Xen

After a relatively long road traveled with a few bumps along the way, as of yesterday, Linus’s mainline tree (2.6.39+) contains literally every component needed for Linux to run both as a management domain kernel(Dom0) and a guest(DomU).

Xen has always used Linux as the management OS (Dom0) on top of the hypervisor itself, to do the device management and control of the virtual machines running on top of Xen. And for many years, next to the hypervisor, there was a substantial linux kernel patch that had to be applied on top of a linux kernel to transform into this “Dom0″. This code had to constantly be kept in sync with the progress Linux itself was making and as such caused a substantial amount of extra work that had to be done.

Another bit of code, that’s been in the kernel for many years, were the paravirt drivers for xen in a guest VM (DomU). Linux has had this as part of the codebase for quite a few years, the xen network, block and xenbus drivers that are loaded when you run a hardware virtualized guest (hvm) on Xen with paravirt (pv) drivers. This is always referred to as pv-hvm.

A pure hardware virtualized kernel without any xen drivers, just emulated qemu devices is just simply called an “hvm guest”. This does not perform well as any type of network or block IO goes through many layers of emulation. As hardware virtualization has improved over the years in the chips, pv-hvm has become performant and is frequently used. The pv-drivers basically are highly optimized virtual devices that communicate through the hypervisor to do network or disk io, handled behind the scenes by the Dom0 kernel and what is called backend devices (netbk, blockbk).

A pure paravirtualized guest is/was an OS kernel that was totally modified to really be in sync with the hypervisor and let the hypervisor take care or own a number of tasks to be as optimized as possible. Performance and integration is the best with a paravirtualized kernel and this also allowed xen to run on x86 hardware, optimally, without hardware virtualization instruction support – this is referred to as pv-guest. The Dom0 kernel runs in pv mode (more on this later) and the DomU guests could run in hvm, pv-hvm or pv mode.

Over the years, a number of efforts were made to get these pv / dom0 patches submitted into the mainline kernel but at times the code was not considered acceptable by a number of the linux kernel maintainers and little progress was made. Over the last 2 years a renewed effort started to really convert the code into patches considerd acceptable and a set of people : Jeremy Fitzhardinge, Konrad Rzeszutek Wilk, Ian Campbell , Stefano Stabellini (and others not mentioned but obviously also important) focused on getting this stuff done once and for all… and so.. bit by bit. code was rewritten submitted for review, rewritten again until it was considered ok. In terms of timeline, a good chunk of code has gone in over time to handle Linux as a well behaved guest (DomU) first, then followed by all the work to make the Dom0 happy as well.

One change that happened in the Linux kernel to be able to better handle such an infrastructure in a virtual world for more than one hypervisor, was called pvops.

pvops, is a mode where the kernel can switch into pv, hvm or pvhvm at boot time. Instead of having multiple kernel binaries, there is just one and it will lay out its operations at boot time when it detects on what platform it runs. Linux as a DomU guest on Xen has had pvops support since 2.6.23/24 with good use starting around 2.6.27. So the frontend network and block drivers and running pvops on xen has been around also for quite some time. As this finalized the work focused more on preparing the Dom0 parts of integration and a migration from the old classical pure pv kernel mode to what’s now called pvops.

Late last year in 2.6.37, we had a mainline kernel that was able to actually run as the “Dom0″ for the Xen hypervisor. That was a big step, followed shortly by adding the remaining bits that were needed to really handle every area : memory management, grant table stuff, network pv driver backend and block pv driver backend code (and other misc components). The last remaining driver just got merged 2 days ago into 2.6.39+ mainline – the block backend driver blkback.

Google Taunts Android Rooters

{EAV_BLOG_VER:7be099741d96f563}

Google’s new movie rental service will not work on Android devices where the user has gained root file permissions (otherwise known as “rooting”). Instead, users will receive an error message when trying to rent movies. We can the hear the grinding of hacker teeth as we write this.

Android

Google Android

Blog Android Central heard it straight from the horse’s mouth, with Google passing on the message that it will block such devices “due to requirements related to copyright protection”. This is being interpreted as pressure from the licence owners — the movie studios — who feel that owners of rooted devices pose a greater risk to their intellectual property. It’s also worth noting that the movie rental service is only available in the US for now, and that an Australian release would require new licence negotiations. There’s a slim chance that this could result in a more hacker-friendly result down under.

Many will argue that this move is another dent in Google’s claim of the openness of Android, but blaming Google feels like shooting the messenger. If Google really wanted to stamp out user exploits, it could go a lot further with stronger deterrents, like blocking users from the Market or other core services.

Twitter Acquires Tweetdeck

A little over a year ago, Twitter purchased the most successful iPhone application for using the mini-messaging social networking service, Tweetie. Twitter took that product, made it free and hasn’t really looked back since. Now, it plans to do the same with the popular TweetDeck application.

TweetDeck is more widespread, as it runs as a desktop app via Adobe Air, on Google Chrome as a Web app, an iOS app and on Android. But the long and short of it is, Twitter now has its bases covered for ways to interact with the core service in all arenas.

The deal, which has been speculated on for some months as one of the more straightforward moves that Twitter could make, is for around US$ 40 million and takes TweetDeck off the table as other companies were interested in buying.

The British-based TweetDeck team is currently touting TweetDeck 2.0 for iPhone and will probably keep on churning out the goods for their new masters. The app, for those out of the loop, helps create columns of topics that users can keep an eye on, an approach not unique to TweetDeck, but it is often the most mentioned.

TPG are Censoring my Internet

Well, Internet censorship in Australia has unofficially commenced.

To give some background, I’ve been a (reasonably) happy TPG customer for a number of years, That is until it rains, or for any number of reasons I have to call TPG tech support and sit on hold for 2 hours only to get connected to some idiot that’s sitting offshore in some call center reading from a pre-written script, telling me that I need to buy a new modem or install some sort of microsoft service pack on my mac..

Why do did I like TPG? It’s cheap and has no capped data allowance (for the particular plan that I’m on). This was before they restricted all of my access to port 80 of my favourite creative commons index, ThePirateBay.

And before you start saying that it’s my stupid self or my router or my firewall.. I’m not an idiot and I am probably more experienced at diagnosing network problems than the average Joe, having worked in the Datacenter & Hosting industry for many years now.

Here is a nslookup from my laptop:

JaekBook-Pro:~ jake$ nslookup thepiratebay.org
Server:         61.88.88.88
Address:        61.88.88.88#53

Non-authoritative answer:
Name:   thepiratebay.org
Address: 194.71.107.15

Here is an nmap scan from my laptop of thepiratebay.org’s resolving IP at this time:

JaekBook-Pro:~ jake$ nmap -P0 194.71.107.15

Starting Nmap 5.21 ( http://nmap.org ) at 2011-05-23 22:44 EST
Nmap scan report for thepiratebay.org (194.71.107.15)
Host is up.
All 1000 scanned ports on thepiratebay.org (194.71.107.15) are filtered

Nmap done: 1 IP address (1 host up) scanned in 207.79 seconds

That’s a bit odd, no ports appear to be unfiltered and open? Let’s try telnet’ing to TPB’s IP from my linux box (not my laptop) at home:

[root@nugget ~]# telnet 194.71.107.15 80
Trying 194.71.107.15...
GET / HTTP/1.1
telnet: connect to address 194.71.107.15: Connection timed out
telnet: Unable to connect to remote host: Connection timed out

And to confirm there’s no firewalls on that box:

[root@nugget ~]# iptables -nvL
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination

And just to ensure that I’m not going crazy, Here’s a test from my (Australian hosted) VPS, telnet’ing to the same IP:

From Hosted-VPS (AU)

-bash-3.2# telnet 194.71.107.15 80
Trying 194.71.107.15...
Connected to 194.71.107.15.
Escape character is '^]'.
GET / HTTP/1.1

HTTP/1.1 400 Bad Request
Content-Type: text/html
Content-Length: 349
Connection: close
Date: Mon, 23 May 2011 12:33:21 GMT
Server: lighttpd

Now seriously.. Was the downloading and seeding of the high definition copy of “The Tunnel” enough to permit my ISP to censor my access to particular URLs? I hope not. You would think that some sort of speed shaping would be introduced… right? Or maybe a phone call to ask if my usage could be reduced.

What makes this a slight bit amusing, only because I know they’re idiots, is that even though access to the website is censored, I can still access the actual trackers. Additionally, I can still bounce my connection through any number of servers or proxies on the internet and download the creative commons & open source .torrent files I need.

BackTrack5 Released

The BackTrack Dev team has worked furiously in the past months on BackTrack 5, code name “revolution” – they released it on May 10th. This new revision has been built from scratch, and boasts several major improvements over all our previous releases. It’s based on Ubuntu Lucid LTS – Kernel 2.6.38, patched with all relevant wireless injection patches. Fully open source and GPL compliant.

BackTrack 5 – Penetration Testing Distribution from Offensive Security on Vimeo.

New in Version 5

  • Based on Ubuntu 10.04 LTS;
  • Linux kernel 2.6.38 (with wireless injection patches);
  • KDE 4.6;
  • GNOME 2.6;
  • 32-bit and 64-bit support;
  • Metasploit 3.7.0;
  • Forensics mode (a forensically sound instance);
  • Stealth mode (without generating network traffic);
  • Initial ARM image of BackTrack (for Android-powered devices);

BackTrack 5 can be downloaded here: http://www.backtrack-linux.org/downloads/

Wiki: http://www.backtrack-linux.org/wiki/index.php/Main_Page

 

Decrypt Blueray Discs or Benchmark Your Computer

The HDCP Encryption/Decryption code was released and already there is an open source tool available that can encrypt or decrypt your blueray discs. I’m hosting it here (Safe, tested).

Download the archive, fire up your terminal and extract the contents to a folder, get in that directory and issue the ‘make’ command to quickly compile yourself a working executable.

To test the tool: ./hdcp -t
(If there is any “!” in the output, then there was an error)
To benchmark your computer: ./hdcp -S
I have a macbook pro i7 @ 2.66Ghz and i scored 242 640×480 Frames/second – Post your results in the comments.

The HDCP cipher is designed to be efficient when implemented in hardware, but it is terribly inefficient in software, primarily because it makes extensive use of bit operations. This implementation uses bit-slicing to achieve high speeds by exploiting bit-level parallelism. The developers of this software have created a few high-level routines to make it as easy as possible to implement HDCP.
Decryption of 1080p content is about 7x slower but decryption can be parallelized across multiple cores, so a high-end 64-bit CPU should be able to decrypt 30fps 1080p content using two cores and about 1.6GB of RAM.

Download an Oracle rpm to Server using wget

If you’ve tried to download Oracle 10g express database (or any oracle rpm) from their website using wget, you’ve probably hit a bit of a brick wall that looks like an oracle login page. Then, when you try to wget using the link to the rpm you’ve also been unsuccessful.  So, Here’s your solution:

$ wget http://download.oracle.com/otn/linux/oracle10g/xe/10201/oracle-xe-univ-10.2.0.1-1.0.i386.rpm

https://profile.oracle.com/jsp/realms/otnLogin.jsp?remoteIp=xxx.xxx.xxx.xxx&globalId=&redirectUrl=http%3a%2f%2fdownload-llnw.oracle.com%3a80%2fotn%2flinux%2foracle10g%2fxe%2f10201%2foracle-xe-univ-10.2.0.1-1.0.i386.rpm

Take note of this and craft the following wget:

wget -c --no-check-certificate "https://profile.oracle.com/jsp/reg/loginHandler.jsp?remoteIp=174.xxx.xxx.xxx&globalId=&redirectUrl=http:%2F%2Fdownload-llnw.oracle.com:80%2Fotn%2Flinux%2Foracle10g%2Fxe%2F10201%2Foracle-xe-univ-10.2.0.1-1.0.i386.rpm&username=USERNAME&password=PASSWORD"

You will still need an username/pass for this, so create yourself a free account on their website. Best of luck!