Suramya's Blog : Welcome to my crazy life…

February 12, 2012

Google Wallet PIN cracked on Android devices

Filed under: Computer Related,Computer Security,My Thoughts,Tech Related — Suramya @ 8:53 PM

The past few days there has been a lot of press around the fact that the Google Wallet Pin was cracked on rooted android phones. Lots of people including computer programmers and technologists (who should frankly know better) have reacted to this by posting messages/comments equivalent to: “rooting is bad”, “rooting causes security holes” etc etc etc… Guess they have forgotten the simple rule of computer security: “physical access is total access”, basically it means that if I have physical access to a device I can get full access to it eventually.

This fact was demonstrated it quite nicely by the news that you don’t really need to root your phone to get your pin hacked, all you need to do is reset the application data.

The problem in both cases is caused by the fact that the Google Wallet’s pin is stored locally on the phone itself instead of online so if you can get access to it you can bruteforce it or if you clear the app data it removes the pin and lets you choose another.

One way of fixing the second issue would be to force the phone to link to the internet after the local cache is cleared to sync the pin with the online secure server instead of just letting a user choose a new one. The fix for the first case is a lot harder because you can’t have a wallet that requires the phone to be connected to the web everytime you use it, and if you store it locally then you are just asking for trouble.

Another way would be for the receiving side to validate the pin sort of line how we do it for credit cards but that doesn’t seem too feasible either. Or we could salt the pin with the user’s account info/do a dual encryption, first one requires the pin to unlock the second one requires the account password.

Now if I can come up with such solutions then I am sure the people at Google and the various banks working on this issue will come up with other more secure options. Its not the end of the world. yet. This is a new technology and like all new tech it has its teething issues and I am looking forward to the final fixed product.

– Suramya

February 11, 2012

Dr Who and Star Trek now to have an official Crossover

Filed under: Interesting Sites,Tech Related — Suramya @ 10:38 PM

Dr Who and Star Trek are my two favorite shows and even though there have been numerous fan fiction titles where the two cross over, there was no official cross over till now…. 🙂 In May IDW is going to publish a Doctor Who/Star Trek: The Next Generation crossover series. I am definitely going to go buy the books when they come out. I have read the Star Trek cross overs with X-Men and a couple of others but I believe this one is going to be the best.

Make it… geronimo!

Bleeding Cool has squirrelled out news of an upcoming crossover that might send certain minds reeling. That in May, IDW are to publish a Doctor Who/Star Trek: The Next Generation crossover series. Featuring The Doctor, Rory, Amy, Captain Picard, Worf, Data, Geordi LaForge, Deanna Troi, Will Riker and the rest. And that this art, featuring the Doctor, Rory and Amy on the bridge of the Enterprise is a cover that will be used in the series.

Doctor Who has never engaged in any such officially sanctioned crossover outside of the Doctor Who universe before. The closest was Dimensions In Time, a much derided charity telethon show which featured characters from the BBC soap opera Eastenders. Then there was Death’s Head who kinda popped in and out. Star Trek has also seen comic book crossovers with X-Men and the Legion Of Superheroes. But this is the first time that two such major competing TV sci-fi franchises have been allowed to merge in any way before.

Source: Bleedingcool.com

Maybe there is hope for an official Star Trek & Star Wars crossover?

– Suramya

February 9, 2012

Biocomputer can retrieve images from DNA storage

Filed under: Interesting Sites,My Thoughts,News/Articles,Tech Related — Suramya @ 4:06 PM

Practical bio computers took a step closer to reality thanks to work by Sivan Shoshani1, Dr. Ron Piran1, Prof. Yoav Arava2& Prof. Ehud Keinan. They have managed to create a Biomolecular computer that is capable of decoding images stored in DNA. Biocomputers are something that I find really interesting and I try to keep an eye out for any new developments in the field. Even though this doesn’t sound like a big deal, its a huge step forward because till now we could only store a very limited amount of data in Biocomputers (stuff like a couple of 0’s & 1’s) but now that we can store an image we are closer to being able to store more complex data and the best part is that since this doesn’t require an interface it can work directly with organic flesh.

A biomolecular computer made in a test tube has proved capable of decoding images stored in DNA. The computer, built by scientists from The Scripps Research Institute and Technion–Israel Institute of Technology have created a mixture of DNA molecules, enzymes, and ATP (the substance that provides energy for our own cells) that successfully decrypts information from a DNA chip, in this case the images shown above. The images were first encrypted onto the chip, and then decrypted by the computer and stained in a way that displays only particular sequences. This means that several images can be overlapped on the same chip, then recovered separately by looking for separate genetic sequences.

The boffins have published their paper in Angewandte Chemie, a German journal of chemistry. Tried to read the paper but unfortunately its behind a pay wall and I am curious about the issue but not curious enough to pay for access.

Thanks to The Verge for the initial story.

– Suramya

February 3, 2012

Star Trek Catan: It exists

Filed under: Tech Related — Suramya @ 11:45 AM

Wow! Just wow. I didn’t think that Settlers of Catan could get better, but there is a version of the game based in the Star Trek Universe… Vinit, Surabhi, Pompy… You guys going to buy this?

Official Description:

In Star Trek Catan, players start the game with two small space stations at the intersection of three planets, with each planet supplying resources based on the result of a dice roll. Players collect and trade these resources – Dilithium, Tritanium, food, oxygen and water – in order to build spaceships that connect regions in the galaxy, establish small and large space stations at new intersection points in order to increase resource acquisition, and acquire development cards that provide victory points (VPs) or special abilities.

On a dice roll of 7, a Klingon ship swoops in to prevent resource production on one planet, while taxing spacegoers who hold too many resources.

The one new element in Star Trek Catan compared to the Settlers version is a set of character cards, each featuring one of Kirk, Spock, McCoy, Sulu, Scott, Uhura, Chekov, Chapel, Rand or Sarek. Each character card has two special powers that the holder can use on his turn, such as a forced trade.

I think I need to go buy this even though I probably will never play it. Even the board looks pretty cool.

– Suramya

January 28, 2012

Rooting the Samsung Galaxy Nexus

Filed under: Knowledgebase,Linux/Unix Related,Tech Related — Suramya @ 1:45 AM

A rooted android device gives you a lot of flexibility so one of the first things I did after I got back home was to root it using the following instructions (modified from Android Forums: [HOW TO] Root the GSM/HSPA+ Samsung Galaxy Nexus):

Note: I am assuming you are using Linux in the instructions below. If not then visit the link above for steps in Windows.

  • Download the Android SDK from here to a folder on your PC.
  • Power down your device
  • Connect the USB cable between the phone and your PC
  • Open a shell session
  • Switch to the directory where you downloaded the SDK (In my case it was Media/Downloads)
    • cd Media/Downloads
  • Extract the SDK Zip and switch to the new directory
    • unzip sdk-tools.zip
cd sdk-tools
  • Make the applications executable
    • chmod a+x fastboot-linux adb-linux
  • Now, Boot your phone into fastboot mode by pressing and holding the volume-up AND volume-down AND the power buttons UNTIL you see the little green Android laying on his back with door on his chest open
  • Verify that fastboot can “see” your device
    • ./fastboot-linux devices

    You should see something similar to this:

    0146B5030B02100E        fastboot

    If you don’t see anything, try running the command as root.

  • Next we start the unlock process for the bootloader by issuing the following command. Keep in mind that this will completely wipe out all data from the phone so make sure you backup before running the command.
    • ./fastboot-linux oem unlock

    Confirm that you want the bootloader to be unlocked by acknowledging the warning message on the phone. (Please note that this will void your warranty). Use your volume rocker/keys to select the confirmation and press the power button to actually confirm.

At this point you have an unlocked bootloader and now we will start the rooting process.

  • Download the su.zip flashable root package

    • I had to manually copy the su.zip to the Phone because for some reason I kept getting an ‘error: insufficient permissions for device’ when I tried copying the file using adb. I used FTP (as I have SwiFTP on the phone, but you can use any method that you are comfortable with)

  • Download the Clockwork Recovery for Galaxy Nexus (GSM) to the same folder as fastboot and adb
  • Soft boot the ClockworkMod custom recovery by issuing the following command. This method will not replace the currently installed recovery partition on your phone, so you can still receive updates from Google.
    • ./fastboot-linux boot recovery-clockwork-5.5.0.2-maguro.img

    Your phone should now boot into ClockworkMod custom recovery. The next few steps are done on the phone. You shold use the volume key / rocker to navigate and the power button to select an entry.

  • From the main ClockworkMod Recovery screen / menu, select ‘install zip from sdcard
  • Select ‘choose zip from sdcard
  • Select ‘su.zip’
  • Confirm that you want do this.
  • Select ‘*****Go Back*****
  • Select the ‘reboot system now

That’s it. 🙂 Once your phone finishes rebooting, you should now have root. If you hit issues, try reaching out to the folks in the Android Forums for help.

Hope this helps.

Update (14th Feb 2012): As you all know links/stuff tends to disappear over time on the internet so I have updated the post with links to my mirror of the software required to root the Nexus. Original links are still listed below.

Original Download links:

– Suramya

January 13, 2012

Official style guide for Android developers launched

Filed under: Computer Software,Interesting Sites,Tech Related — Suramya @ 3:01 PM

Google has just launched Android Design, a website created to help aid developers in the creation of applications for ICS. This makes it easier for developers to code visually consistent applications, so if you are interested in Android development check it out. I took a look and it has some good tips/suggestions on design etc.

Duarte wants to remedy this. On Thursday, Google launched Android Design, a web site created specifically to help aid developers in the creation of applications for ICS. The site offers a comprehensive visual to third-party application developers, giving suggestions on everything from how to implement different visual elements to overall back-end patterns for the OS itself.

In theory, it will help developers better understand just how the Android team thinks about layout and implementation, while simultaneously giving suggestions to interaction designers on how to maintain visual integrity. Basically, it will help both first-time developers and Android veterans make apps look less crappy.

Since have been thinking of diving back into mobile development for the past few days, this site will be very useful and has been launched at just the right time. Considering the previous experience I have with mobile development was on Symbian using Python, I can use all the design help I can get.

– Suramya

January 11, 2012

Enter a 1 TB Pen Drive

Filed under: Computer Hardware,Tech Related — Suramya @ 1:43 PM

Have you ever despaired of not having enough storage space when on the move? Are the 16GB pen drive no longer enough for you? In that case this announcement from ‘Victorinox’ is just for you: their new SSD Flash drive will be available in capacities up to 1 TB (1024 GB) while still retaining the same size format as the regular pen drives.

Designed for the person who’s never deleted a single file and maxes out their monthly bandwidth limits on torrents, Victorinox dropped a bomb on CES with their new SSD flash drive which will actually be available in capacities up to one terabyte. That’s a thousand gigabytes people

It’s actually the largest flash drive Victorinox has created in terms of its physical size too, but it’s still very easy to slip in a pocket or tether to a keychain. It’s not like they just slapped their shield logo on an external hard drive and attached a pop-out blade. Read and write speeds are promised at 220MB/s and 150MB/s respectively, and from my personal experience Victorinox’s drives have been some of the fastest I’ve ever used.

I have a 8GB pen drive which is currently missing in action. But unfortunately this device is not available yet for retail and there is no information of the pricing yet, however I am sure it will have a hefty price. Still: me want!

Thanks to Gizmodo for the story.

– Suramya

January 3, 2012

Working without Free diskspace in Linux

Filed under: Computer Tips,Linux/Unix Related,Tech Related — Suramya @ 5:52 AM

On linux machines you can fill your root partition to 100% utilization and the system would still continue to function giving you a chance to free up space without downtime, but on Windows machines the same is not possible and if you have managed to fill your C:\ to 100% then the system will go down (Know this for sure for Windows versions up to Vista, not sure about Win7) hard. This is something that has puzzled me a lot over the years but didn’t know how it worked, but now I finally have an explanation:

When you format a partition in Linux , 5% of the total space gets reserved for privileged processes, by default. This is done so that system processes continue to function correctly ,if the filesystem gets full. This is useful for your ‘root’ partition.

The really interesting part is that you can configure this to reduce the percentage of the reserved space using the tune2fs command. e.g. if you wanted to reduce the reserved space for /dev/sda1 to 1% of the total space then issue the following command as root:

tune2fs -m 1  /dev/sda1

Source: Flossstuff’s Blog

Enjoy.

– Suramya

December 10, 2011

Thinking about changing Hosting providers. Any suggestions?

Filed under: Computer Related,Tech Related — Suramya @ 10:57 PM

I have been using 1and1.com as my hosting provider for a while now (since 2005) and have been happy with the service for the most par, however after their recent pricing change the service is getting to be a bit more expensive than I am comfortable with so I am thinking about changing webhosting providers. What hosting providers do you use and would recommend? I need the following feature sets in the service:

  • PHP4/5
  • MySQL DB: Fairly large no of databases with large storage allocations
  • Full SSH Shell Access
  • Unlimited Bandwidth (Have gotten bit by this a few times)
  • Email Accounts: A fairly high no with large quota’s (I never delete mails)
  • Perl Support
  • Multiple Domains allowed
  • High availability/uptime

Thanks in advance.

– Suramya

October 26, 2011

Connecting a WordPress blog to Facebook

Filed under: Computer Software,Linux/Unix Related,Tech Related,Tutorials — Suramya @ 5:01 PM

Over the past few months I have been trying to connect my blog to my Facebook account so that whenever a post is made on the blog it automatically gets posted on Facebook to varying degree’s of success. Most of the attempts would work for a while and then stop. I even tried using some of the existing plugins for WordPress but since they required a developer account (which needs a valid phone no or CC#) and for some reason I never get the validation code on my cell I was never able to get them to work.

Then I found an article on Linux Magazine on a Command Line interface for Facebook and decided to build on top of that to get the linkage working. Now this is a very hackey way and is not at all elegant or anything but it gets the work done which is what I wanted, so I am good. 🙂 All the work was done in about 2 hours including testing so that should tell you something on its own.

I had to install this on my local system since my webhost didn’t have all the per-requisites to get this to work. That and the fact that I can’t connect to my MySQL db’s from a machine outside of my hosting provider is why this convoluted method was created. The steps I followed to get this to work are as follows.

Install Facebook Commandline

To install Facebook Commandline, follow the instructions on their site.

Authenticate the Application to be able to talk to Facebook

For some reason there was a difference when I run the application from the commandline and when I run it from the web, in as to where the preferences file and the session details were saved, so all the steps have to be done either from the command line or via the web, you can’t interchange the two.

Creating a Web interface for the FBCMD

Since I wanted to be able to get data from WordPress and pass it on to FBCMD I created a new PHP page called run.php that basically pulls the data from WordPress and then passes it to FBCMD as command line parameters. I know that using passthru is probably not very secure and I should have modified the FBCMD file to accept parameters as a URL but didn’t want to spend that much time trying to get this to work. (Hey! I told you it was a quick and dirty ‘fix’).

The contents of this file are very simple:

error_reporting(E_ALL);
$handle = fopen('https://www.suramya.com/blog/LatestPost.php', 'r');
$current = fopen('/var/www/fbcmd/latest.dat', 'r');
$current_id = fgets($current, 4096);
fclose ($current);

if ($handle) 
{
 $ID = fgets($handle, 4096);
 $link = fgets($handle, 4096);
 $title = fgets($handle, 4096);
 $content = fgets($handle, 596);
 $content = chunk_split(htmlspecialchars(strip_tags($content)), 500) . "...";

 if($ID != $current_id)
 {
  // If we have a new post then call FBCMD to make a post
  $command = '/usr/bin/php /var/www/fbcmd/lib/fbcmd/fbcmd.php POST " " "' . chop($title) . '" "' . 
              chop($link) . '" "' . $content . '"';
  passthru ($command);
  // Write the new PostID to a file
  $current = fopen('/var/www/fbcmd/latest.dat', 'w');
  fputs($current, $ID);
  fclose($current);
 }
}

The file basically calls ‘LatestPost.php’ and gets the latest post details on the blog(see below for details), then it checks if the post made is newer than the last post processed and if so it proceeds to post to Facebook using FBCMD.

‘LatestPost.php’ file looks like this:

< ?php

define('WP_USE_THEMES', true);
require_once( dirname(__FILE__) . '/wp-load.php' );

$month = $_GET['month'];
$year = $_GET['year'];

$args = array( 'numberposts' => 1);
$myposts = get_posts( $args );

//print_r($myposts);

foreach( $myposts as $post ) : setup_postdata($post); 
echo $post->ID . "\n";
the_permalink();
echo "\n";
the_title();
echo "\n";
the_content();
endforeach; ?>

This file need to be put on the server in the WordPress Root directory and when called returns an output in the following format:

Post ID
Post Link
Post Title
Post Content

Once all this is done and the FBCMD has access to post to Facebook all we need is a cron job to run on a frequent basis to run the code. So I created a shell script that contains the following line and have it run every 15 mins.

/usr/bin/curl http://localhost/fbcmd/run.php > /tmp/FBPost.out

That’s it. So far it looks like its working great and if this post shows up on my FB wall then all is well. If not, then its back to the code to see what went wrong this time.

– Suramya

« Newer PostsOlder Posts »

Powered by WordPress