Speed wiping a hard drive with crypto garbage generated by openssl

0
Filed under Hacking, Linux
Tagged as , , , , ,

random garbage

I just sold an old hard drive on eBay. Before I could do that I wanted to wipe the drive with random data. I started doing it the usual way by overwriting the whole drive with data from /dev/urandom with dd. Like this:

# dd if=/dev/urandom > /dev/sda

And oh my, was it slow. It took ages. So I wondered, what is the hold up? Is dd so slow? Or is it /dev/urandom? It turns out it was both. To be able to compare it I created a small test partition of 524288000 bytes on /dev/sda1 and took some time measurements. Note that this was an old drive in a really old computer. So the absolute speed is catastrophically slow anyway. I am here just interested in the relative speed differences of different methods.

First the dd way:

stargate:~# time dd if=/dev/urandom > /dev/sda1
dd: writing to ‘standard output’: No space left on device
1024001+0 records in
1024000+0 records out
524288000 bytes (524 MB) copied, 139,46 s, 3,8 MB/s

real    2m19.463s
user    0m0.516s
sys     1m47.979s

Now again by avoiding dd and copying the data straight with cp:

stargate:~# time cp /dev/urandom /dev/sda1
cp: error writing ‘/dev/sda1’: No space left on device
cp: failed to extend ‘/dev/sda1’: No space left on device

real    1m38.376s
user    0m0.012s
sys     1m37.226s

Alright. A little bit faster. So cp is a lot faster then dd.

And thanks to the Arch Linux Wiki, here is the super fast way with openssl:

stargate:~# time openssl enc -aes-256-ctr -pass pass:"$(dd if=/dev/urandom bs=128 count=1 2>/dev/null | base64)" -nosalt </dev/zero > /dev/sda1
error writing output file

real    0m22.451s
user    0m14.929s
sys     0m1.476s

So 22 seconds compared to over 2 minutes is quite a nice performance improvement. Note, that dd and /dev/urandom are only used to create a 1024 bit random pass phrase. openssl takes a stream of zeros from /dev/zero and encrypts it with aes-256 and the random pass phrase. The result is basically random garbage. So that way I was able to wipe the whole drive in minutes instead of hours.

If you want a nice progress bar you can also throw in pv like this. Just replace <DISK_SIZE> with the actual size in bytes of the drive you are wiping.

openssl enc -aes-256-ctr -pass pass:"$(dd if=/dev/urandom bs=128 count=1 2>/dev/null | base64)" -nosalt </dev/zero | pv -bartpes <DISK_SIZE> > /dev/sda

Great Scott!! My Volkswagen can travel in time.

0
Filed under Hacking, Hardware
Tagged as ,

Here is a little gem that my brother found. He is working with cars a lot. And there is a special software he uses called VCDS (formerly VAG-COM) which is used for diagnostics and adjustments of cars. Mainly VW, Audi, Skoda and others. And it seems to contain a cool easter egg. In one of the menus it offers the option to enable the flux capacitor (= Fluxkompensator in German).

VCDS Flux Capacitor

VCDS Flux Capacitor

I heard that even though this would work in theory, you would still be short of 1.21 jigawatts to trigger the thing :-).

Great Scott

On a side note: In the German dubbed version of the movie, they translated “Flux Capacitor” wrong. Fluxkompensator actually means flux compensator. Where it should heave been Fluxkondensator.

Reset the Toner Cartridge of a Samsung CLP-510 with a Raspberry Pi

0
Filed under Hacking, Hardware, Linux, Raspberry Pi

Update: In the meantime I developed a user friendly Python program which does all the work with a single command line: SPEER – Samsung Printer EEprom Resetter for Raspberry Pi.

Lousy Business Practices

A little bit more than a year ago I bought a used Samsung CLP-510 color laser printer for a few bucks. It printed fine, but I suspected that the toner was probably almost empty. And with laser printers it’s almost as bad as with ink jets. New toner cartridges are more expensive than the value of the printer. It is even worse with color laser printers, since they need four cartridges. But I figured that I would try to refill the toner cartridges once the time comes. So I bought it. It turned out that the toner cartridges where not completely empty. I used the printer for almost a year. But eventually the printer informed me that it was empty. It contains three toner cartridges:

  • CLP-510D7K/ELS – That’s the black color for 7000 pages.
  • CLP-510D5C/ELS – That’s the cyan color for 5000 pages.
  • CLP-510D5M/ELS – That’s the magenta color for 5000 pages.
  • CLP-510D5Y/ELS – That’s the yellow color for 5000 pages.

The black one was the one which was empty first. So no problem, I thought. Let’s refill them with some new colorful powder. Only then I found out that the cartridges contain a build-in page counter – a little electronic circuit board – which stops you from using the cartridge even if it’s refilled. Well, those are really lousy business practices if you ask me. The manufacturer forces you to buy an expensive new cartridge, even though it would continue to work perfectly by refilling it. Luckily there are some solutions to that problem.

  • You can replace the counter board inside the cartridge with a new one. You can buy those for a few bucks on eBay.
  • You can reset the page counter by reprogramming the EEPROM of the toner counter board.

Solution 2 sounded really geeky. So I went for that.

Read More »

Python script to fix messed up “Date Added” in XBMC / Kodi

0
Filed under Programming, Uncategorized
Tagged as , , ,

I recently switched from MediaPortal to XBMC on my living room HTPC. I was using MediaPortal for a long time. But unfortunately it got more and more unstable from release to release. So I gave XBMC a try and so far I am pretty satisfied with it. I really like how fast it is.

When I add movies to the library, XBMC sets “Date Added” to the file creation date. That is exactly how I like it. I am using 3rd party tools to add movies to the library which are not automatically recognized by XBMC itself (e.g. XBNE). I just added a lot of movies with XBNE. Worked great. Unfortunately XBNE added them with the current date in “Date Added”.

So I wrote a simple python script which goes through all movies in the library’s database and changes “Date Added” to the file’s last modification date.

Read More »

Compiling an Android Linux Kernel for Xperia Phones

0
Filed under Android, Hacking, Hardware, Linux, Xperia T
Tagged as

The Linux kernel for Sony Xperia phones is open source. So nobody is stopping you from compiling your own custom kernel. All you need is a Linux machine, the kernel sources and a couple of tools.

custom_kernel

I will explain the steps needed to build, package and flash a custom kernel by using the Xperia T (LT30p) as an example. The steps should be pretty similar for all other modern Xperia phones.

Read More »

How to Troubleshoot CIFS Problems on Android and Linux in General

33
Filed under Android, Hacking, Linux, Xperia T
Tagged as , , , ,

If you are using Linux kernel 3.4, especially on Android, and you are having troubles mounting windows or samba shares, and you are in a hurry, please skip to section 2 or the conclusion at the end. I just need to tell a little story first.

1. The Story of a Fool

That’s how it’s supposed to be: You take out your Android phone. Mount a windows share to a directory of your liking and start accessing your files from any app you like. Yes, eat that, iPhone. Welcome to the 21st century. At least that’s how it used to be on my Xperia T until I updated the firmware to a newer version.

To be more precise, you need a rooted Android phone. And an app like CifsManager. It’s pretty easy. You can enter a number of windows shares, including user name and password if necessary, and the paths you want them to be mounted to. From now on, you can mount and unmount the shares with a single click. Really neat.

Then one day, I updated the firmware of my Xperia T from 7.0.A.3.195 (Android 4.0.4) to 9.1.A.0.489 (Android 4.1). And the days of happy networking with windows were gone. CifsManager stubbornly denied mounting with an “Invalid argument” error. A very helpful error, I must say.

After hours of googling around, I found many articles, telling me that the linux kernel of the new firmware is probably missing CIFS support. If I am lucky, somebody will create a CIFS kernel module, which could be loaded with insmod. Again many hours later I realized that nobody seems to have done that for my phone. So I gave up, hoping that the issue would be fixed in another firmware.

Read More »

How to install Linux Mint Debian Edition (LMDE) on an encrypted hard drive.

17
Filed under IT, Linux, VirtualBox

Debian is my favorite distro, but I usually don’t recommend it as a desktop environment. LMDE is a nice alternative for Debian fans who want to use Debian as their everyday home/work desktop environment. Unlike Ubuntu, it’s a pure Debian installation (basically Debian Testing), but it uses a more agile and up to date package repository. Many software packages which are known to be a hassle on Debian desktops run seamlessly out of the box. Who hasn’t cried out “Come on Debian, who needs Iceweasel. I want the latest version of Firefox with Flash running”. LMDE goes a little bit along the line “I like to have my cake and eat it too”.

One thing that bothered me tough, is that the LMDE installer didn’t offer any options to encrypt the partition(s). I found a howto by hashstat Howto install LMDE with LVM (with or without encryption). However I didn’t like the idea of transforming the Live CD into the final system.

The main part of the solution I describe here is heavily based on hashstat howto. However, we install LMDE onto a virtual machine and then transfer it onto the encrypted partition. There are three steps:

  1. Install LMDE on a VirtualBox VM
  2. Prepare encrypted disk
  3. Transfer LMDE from the virtual machine to the real machine

In my case, I installed LMDE on a virtual machine on my notebook. If you don’t have an extra computer, it might also be possible to install LMDE on a flash drive and use it later to transfer it to your real machine. However I didn’t try that. The virtual machine method was fitting for me, since I had LMDE already installed on it for a test drive.

Read More »

Geo Relocate Firefox Extention

0
Filed under Firefox, Geo Relocation Firefox Extension, Internet, Programming, Uncategorized
Tagged as , , ,

The other day I wrote about my experiments with Firefox’s implementation of the W3C geo location API.

I was able to package my modifications as a Firefox Extension, which anybody can use to the change the coordinates reported by the geo location API. Check it out at the Geo Location Firefox Extension project page.

Copy Paste Hell Between Windows Host and Linux Guest in VirtualBox

5
Filed under Linux, VirtualBox
Tagged as , , ,

The X server maintains three different selection buffers, PRIMARY, SECONDARY and CLIPBOARD. The PRIMARY buffer is usually used for copying and pasting via the middle mouse button. And the CLIPBOARD buffer is used when the user selects some data and explicitly requests it to be “copied” to the clipboard, such as by invoking “Copy”.

The VirtualBox client tool synchronizes the Windows clipboard content to the PRIMARY and CLIPBOARD buffer of a Linux host. But it only synchronizes the CLIPBOARD buffer back out to the Windows host. The reason why it’s not using the PRIMARY selection is that by only selecting a text in Linux overwrites the Windows clipboard immediately, which is an unexpected behavior for Windows users. At least that’s their excuse.

It might not be the expected behavior for Windows users. But it’s definitely not the expected behavior for Linux users. The forums are filled with posts like “Copy/Paste from Linux guest to Windows doesn’t work”. It is especially annoying that the selected text from a terminal window can not be easily pasted out to the Windows host. There are a couple solutions. But none are really satisfying.

Read More »

Spoofing W3C Geolocation from a Different Angle

2
Filed under Firefox, Hacking, Internet
Tagged as , , ,

The other day I watched an episode of Hak5 – Spoofing the W3C Geolocation API were Darren was introducing us to the W3C geolocation API. (Btw. Hak5 is so awesome, you definitely have to check them out right now if your don’t know them already). This API uses certain informations like IP address, RFID, WiFi and Bluetooth MAC addresses, and GSM/CDMA cell IDs to determine the exact location of a users computer. It’s implemented by browsers like Firefox and Chrome.

One can test the geolocation API by going to Google Maps and clicking on the “Show MyLocation” icon. The geolocation API is actually pretty simple. Browsers make it available through a JavaScript object, which can be queried by the web application for the location. For privacy reasons, the browser will ask you if it is allowed to detect your location, since it has to transfer WiFi addresses and the likes over the net.

    <script type="text/javascript">
    // locate position
    navigator.geolocation.getCurrentPosition(displayPosition);

    // callback function
    function displayPosition(pos) {
        var mylat = pos.coords.latitude;
        var mylong = pos.coords.longitude;
        alert('Your longitude is :' + mylong + ' and your latitude is ' + mylat);
    }
    </script>

Read More »