I was kind of messing around with my (ghetto) home(made) desktop/server for a couple of days on our home network, and I thought it would be sweet listen to and control the music coming through my stereo, without having to constantly go over to the desktop when I wanted to change a song, change volume, etc. Also, partially because I couldn't get any sound from my laptop speakers (I've tried almost EVERYTHING). So, being the (?)creative(?) person I am, I set out to make my server sing - all through SSH-ing to it from my laptop, on the local network. This would be the best way for me to still control and listen to music with my mute laptop, and give my allegedly 1337* terminal skills a run for their money.

* - sorry. I just had to get that out of my system... :)

Here's How you can too...
 
 
I just thought I would post this, partially as a lame excuse for a blog post, and mainly because I think others dealing with sensitive files in linux will find this useful.

As you all know (or should, anyway) when you just delete files, on just about every operating system, the files are not actually gone. For some saving of confusion, I'll briefly cover why.

When you send something to the Trash Bin, or "Recycle Bin", as known in windows, the file gets sent to a temporary holding folder, where it stays, until either you decide you didn't really want to delete the file, and resurrect it, or until you empty the trash bin. The problem is this.

Let's say you have a file, "IMPORTANT.doc", and you sent it to the trash bin a week ago. Now it's time to clean the computer, so you open your trash bin, and empty the recycle bin. When you do this, it warns you that the files is going to be remove permanently, blah blah blah. So you hit yes and your file is gone.

This is not totally true.

What happened was that, when you emptied the recycle bin, the operating system wrote to your hard drive on a part of the file, known as the pointer. This pointer used to say:

 "This file is located here, and the data should not be messed with!".

When you deleted the file, it wrote over that pointer, and changed it to say:

 "This file is no longer important. If you need to put another file on the hard drive, feel free to write over me."

Or however the depressing story goes.

So, as you see, the data is never really deleted, it's just marked as unimportant, like the back of used scrap paper ( You know, that lame half messed up printed on paper your mom gave you to color on when you were a kid... ).

So, theoretically, the file can still be recovered with special software and, in more high profile cases, with an electron microscope.

"Well..." you're saying, "how DO I delete my files, then?". Long story short, in all scientific reasoning, theoretically, there is no way to completely be sure your data is securely removed, beyond recovery- excluding the physical destruction of your hard drive (for just one file? Psh. Come on...).

But there is a way to come close of this. The best way is to use a technique that recursively writes over the file data, multiple times, before removing the pointer. It's kind of like scribbling over a secret message with ink. Permanent ink.

The more passes, the better the chances of the file being unrecoverable. The DoD has it. So why shouldn't you? To begin with, under windows you will usually need a third party application, such as Eraser.
Under linux, the command is already there, you just need to know it!
I have made a simple one-line script tested on ubuntu, so that all you have to do is open a terminal, right-click-and-paste, and then re-open the terminal. Here are the steps, to a more secure linux deletion method:

1. Open your terminal (located in "Applications > Accessories > Terminal".)
2. With terminal open, right click in the window and paste this code:

echo 'alias sdel="shred -f -n 50 -v -z"' >> $HOME/.bashrc & exit

3. The terminal will close, usually almost instantly. This is supposed to happen.
    Open up the terminal again. Now you have a command called "sdel". Use this
    command on any file you would like to securely delete. For example:
 
    sdel IMPORTANT.doc

This will go over the file 50 times with random and repeated data, then fill it with zeros, and THEN, remove the pointer. You have a file that is very likely 99% unrecoverable. Now we can all sleep at night.

Anyway, this isn't too much in terms of a hack, but I just thought I'd throw it out there for people wanting to know if their files are really, truly being removed from their linux computers.
Ciao!

EDIT:

I have come to find out that this trick may not completly apply on newer journaled file systems, such as ext3. This has yet to be confirmed (I'm no expert on FS's), but it is still worth using for that extra assurance.
 
 
Hey, just posting this in the meantime, until the next project...
I was looking over hackaday, and I saw that Lubuntu - a distribution variant of Ubuntu, utilizing the lightweight X11 Desktop Environment, or LXDE - has been released for testing. This is a little late notice, but if you didn't know, now you do. Beta testing is very fun if you're into it- and if you're not, you should start! You may like this distro anyway, because it's very easy on lower-end hardware, and so will work better on older computers (and nicer on new ones ;) ), possibly repurposing old PC's into- whatever you can make linux do...

You can check out the blog page here, as they post the most recent download information.
 
 
Hey everybody, sorry it's been like a month since my last post, which is way too long, but don't give up hope; I will always be here to hack away, and will never just quit posting (unless in a sad event I am killed and thus can no longer post, but you already knew that :/ ). 
    In the meantime, I've been just busy enjoying the summer, and reading LOTS of manuals, and books, from everything JavaScript to using the Processing language to interface with virtual COM port data. Also, a little bit of driving around town has led me to a (hardly) epic discovery. It's about the belkin router crashing exploit that I told you guys about a while ago, where, when you had access to an unsecured belkin router, you just enter a formatted URL that crashes the login program, and ultimately the entire router. Bye-bye internet.
   What I didn't know is that this exploit pretty much works on any belkin router, because the problem is that they use the same web interface on nearly all their routers, including the basic programs that come with it. A flaw in proprietary coding. So, to a certain extent, this is a pretty big thing, because people could just  go wardriving around, crashing any unsecure, or poorly secured (Who uses WEP anymore???) Belkin routers ( For goodness sake, don't use the default router name!).
 
Hello There... 07/08/2009
 

Hi guys I'm back; sorry for the long wait, as I have been pretty busy for the last couple weeks.
I'm sorry I haven't been pushing out as many projects and how-to's  lately, but I plan to soon be back on my game, providing for all!

I recently had a suggestion as to applying new themes on weebly, importing the templates from nuvio.com. After stumbling around for a couple days (as I said, I was busy and didn't get to spend much time on this) I found it very difficult to apply these themes. First off, I'm not very good with CSS, and I need to brush up a little with my HTML.
   So far, because each template is very different, and weebly's dynamic variables are not all listed in the help page (these are markers in your HTML, that make your page dynamic, such as your blog posts and new page tabs, your Archives directory, etc.). So, as of now, it would be very difficult to automate or easily describe how to apply a theme, BUT, if you really need a theme, and if I have the time, drop me a message with the link to the theme you want on nuvio, and your website URL, so I can get a little overview of what to work with, and I may send a customized tutorial for your site, specifically. Again, this is not on a guaranteed basis, and I cannot be absolute it will work,  but if you're pretty much desparate, it won't kill to try :).
    In the meantime, I will be researching and working on a way to at least halfway automate this task.

In other news, I have ordered 2 new Arduino microcontrollers, and hope to get them in the mail soon! These will definitely get me going for new ideas in hardware hacking, especially an upcoming project I hope to finish when getting them; I'm going to voice control things in my room, and specifically, my frustrating electric heater!

Beside these and probably many other projects, If you have any suggestions or help don't be afraid to shout out!

 
 

Today I finished writing a program I started last night, that works on Windows Vista, and should work on windows XP.

This program, when executed will reset the passwords to ALL accounts on whatever computer it was executed on, and works like magic (not really). This will be a very useful tool for admins, since in Vista there isn't ease of access to an admin account.

All the PC technician or Admin would have to do is boot up their favorite linux liveCD (or USB boot), and access the windows/system32 directory of the windows hard drive, renaming Utilman.exe to oldUtilman.exe, and then copying this program, named "Utilman.exe" there.

After that, the admin just boots up the computer, and at the login screen he hits the WINDOWS+U key, and voila! the password for any and all accounts is now "password".

If you click on the Downloads tab, and read the description, it will give you some more organized steps for accomplishing this.

 
 

As you may have noticed, I have change the website so that the home page is now the "Hacks" tab. This way when you visit the site you can go straight to the hacks, instead of having to click through or wait five seconds every time you visit. The information that was presented on the "Home" tab is now in the new, "About" tab, along with the (non) liability notice.

 
 

Here is a screen recording of it in action, on Windows Vista. Just because the program doesn't work on Windows, I didn't say you couldn't crash it by hand. Really, you could do this with anything that has a web browser and WiFi 802.11/g support.

Upcoming is a picture of the type of wireless router I am talking about, but first, I have to say a few things.

If you have this router, It is vulnerable, but only if someone has or gains access to it. To prevent that from  happening, put a password on it (preferably WPA2 encryption) so that only people you allow on can use it. If someone does happen to crash it (or you do :] ) just unplug it from the power source to force a reboot, and it should run like normal.

That is, 99.99999999% of the time. If you  happen to be the 0.00000001% that break their router by doing this, I am NOT to be held liable. You had you warning.
Here's the photo:
Picture
If your router looks like this, you're (not really) in trouble...
 
 

I have - because of want to keep up my programming skills this summer, and plain boredom ;) - written a sockets command line application in C that exploits the hack that I discovered a little bit ago, that crashes Belkin routers. I have it on my downloads page. I did NOT write this program to be evil! I did this to help expand my experience and skill at hopefully someday becoming a CEH (or at leased some pen-tester dude, lol), but I'm not perfect at sockets programming (let alone in C, I prefer C++), so don't whine! Just use it wisely!
I claim no reponsibility for the use of this program, and ask that you don't use it for more than testing, research, or just being a little mischevous with someone you know.

I created this on the Ubuntu GNU/Linux platform, and if you look at the README file included with the package, and you follow the directions accurately, it should work like a charm. This specific program will not compile on windows, as some of the defined headers and terms are not found on windows.
Download

 
 

Usually, I post about hacks or techie-like things on here, but today, I HAVE to post about something amazing that happened to me today. AMAZING. First of all, I would like to thank everyone at Hennessy Music, a local music store where I live, and more specifically Mr. Hennessy and staff for doing this for me.

Yesterday, I asked my mother to go over to the Hennessy Music store. I love playing the piano, and the have ALL KINDS of piano's there. Heaven. They have steinways, Yamahas', Pearl Rivers' (another company spawned from yamaha) and lots of them. Grands, uprights, mahogany, you name it. Anyway, we arrived to pick up an excercise book so that I could continue practicing at home. Of course, I couldn't resist poking around and looking at the pianos. That's when I got to talk to two wonderful people, whose names I cannot mention for respect of privacy, but it was a nice staff member and the main owner of the store.

So as I was in the store, I learned that the Hennessy music store would be providing Pianos for the upcoming Blind-Boone Ragtime and Jazz festival in a few days. First, I played the cheapest piano, an upright Pearl-River piano, for about $1,500. Even though it was cheap, it sounded beautiful. On to the next piano.

Next, I played a wonderful glossy jet black Yamaha upright piano, with the top and front opened up. It sounded even better than the first. That one was about $4k or $5k, and would be featured in the Blind-Boone festival. I got first dibs on it (yay me!).

Next, he directed me to a ~$70k jet black grand piano (about 6ft long). This one was EVEN BETTER than the last! Now I was in dream-land. "Psshh-", I thought, " Like I could ever afford a 70k grand (let alone have anywhere to put it). Were dirt poor, lol. ". So I played a quick song on that on ( the first few verses of Jelly Roll Morton's "The Crave".

I thought I was done. I had my fun, and that's probably all they wanted to hear anyway. After all, I'm just some poor kid with no hope of even being able to buy one of their wonderful pianos. "Ok," I thought, "That's it. So long, wonderful dream pianos'...".

Nope. On to the next piano.
Next, Mr. Hennessy directed me to the most expensive piano in the building! This one cost over $174k (don't get me started on sales tax, although I believe there's a cap limit, somewhere...). I was scared to touch this one, but, trying to be confident, dove straight into it with one of my own compositions, similar to a carnival / carousel type song. And, as I was playing, ironically enough, that's exacly how I felt. I was in "carnival-land". I was experiencing a fulfilling enjoyment from playing this musical behemoth, making it sing and trill and whine. I was in a virtual heaven!

The song eventually came to crescendo like close. "Okay. Now I'm SURELY done. That HAS to be it....".

NEXT, (I'm sounding repetitive, but I swear this is the last one in the sequence!) Mr. Hennessy directed me to one of his prized All-Mahogany Steinways. A gorgeous piece of musical machinery to gawk at, I sat down in front of its glossy keys of intermitten ebony and ivory. Literally shaking (my nerves got the best of me) from playing the last piano, I had almost no song left in me! So, as all less-than-intermediate pianists resort to, I defaulted, and began to play Golliwogg's Cake-Walk, by Debussy. It sounded better than I had expected, because of the assumption of it being worn, broken-in, and refurbished from the 1800's. I got halfway through the song and just had to stop. I couldn't do any more. I loved it.

In the end, no matter how that day began, I forgot all about it. I have done something today! I had fun!

After purchasing the book we had came for, one of the staff asked me for my name and email which I was happy to give, just gleeful that someone appreciated my playing.

So, fast forwarding to today, what does that all have to do with anything?

I'll tell you.

Mr. Hennessy asked his staff to email me concerning 2 extra tickets they had to the Blind-Boone Ragtime and Jazz festival. He wanted ME to have them!
When I recieved the email, I was ecstatic! We were just discussing if and how we would be able to go to at least one day of the festival. Low and behold, Mr. Hennessy gave us 2 "ALL PASS" tickets, so that I could attend any or all days, and any or all times during  the 3-day music festival. It was like a dream come true! Those tickets that we got were about $100 each, and there was no way we would have attained them otherwise.

All I can say is, I can't wait to go to the festival next week, as I have never been to ANY piano concerts in my life. This will be a first for me, and I would like to thank all at Hennessy music for allowing this to come true!