My IT projects : We are conspiracy

The bad, The good, and The ugly Picture

This is a subject I wanted to write about for a while, and here it is, after a long hour of playing God of War Ascension, I saw the avatar of a friend of mine and it directly reminded me of the post I wanted to write.

Should parents post pictures of their children online ?

Sooner or later, I will be a dad and as a future parent working in IT security I want my children anonymity, I want them being protected and be able to make their own choices when they will be old enough, till then, I will have to make a choice, regarding my family and friends living far away, how will I share pictures with them and how will I show them how my children grown.

So I decided to have a careful look at my friend’s on facebook, and see what my friends decided about their children anonymity, and what I saw was horrifying !

Hilarious videos about their babies
Hilarious tweets about their babies
Their babies naked in their bath
Breast giving
Food overall the face
and much more

Well, those are fun pictures, fun moments in a family life, and I do agree that these moments need to be captured, in fact we have so much devices to capture them that it would be sad if parents wouldn’t do it, but those are in my opinion private moments.

I wouldn’t like my parents publishing content about me being a baby without being able to filter it, and I am pretty sure, that some of those children will somehow suffer latter from this over-exposition they didn’t chose.

I do believe that they should be able to make their own choices.

Don’t get mistaken, I do not say that publishing one picture of your child will make a difference in his or her life, but I believe that putting his entire life on Internet is not the best way to raise your child, although as I said, I’m not a parent and this is a personal opinion.

There are also other concerns,

what is published on Internet stays on Internet
you will never know where the picture of your naked baby in his bath will end up
misappropriation of the pictures
pictures could also be edited and could be used by someone to fool you
Cyber -bullying .

Sources of examples : The NY Times ,The Mirror .

So here are a few alternatives that you could use instead of Facebook, Twitter, Instagram for sharing pictures of your children to family and friends :

Private website / FTP domain that you could set up only accessible with a password
Use a dropbox account and share folders
Use shutterfly as a platform to control privacy and easily creating a sharing private site
Use Vimeo to share private videos (although those are now own by someone else)

As a personal recommendation, I would only use email and RAR files and usb sticks, because the pictures do not have to be stored on any other server than your computer.

And finally a simple example of why these pictures should stay private : STFUParents blog.

That’s it.

How To Start with Gnuplot

Gnuplot:

Gnuplot is a “simple” command line tool that generates 2D, 3D, GIF graphs which can be used along with all major operating systems and which is often used in publications due to it’s high quality graphics. The next paragraphs illustrate a few simple examples to start as well as how and why to make attractive plots.

Examples:

Starting with gnuplot is not always as easy as it appears, many examples do not work, or use deprecated and “magic” to create graphs without any comments in the files and this might be disconcerting at first but everything comes with practice and patience.

To start open a text file in your favorite text editor (vim, sublime text, etc)

How to Plot a Function:

To start plotting it is important to specify the output terminal, which means how the plot will be displayed. In this case the plot will be displayed as a PNG image, some other output such as SVG, PDF, POSTSCRIPT, EPSLATEX can also be used.

#specify the the output type
set terminal png
#specify the name of my file 
set output 'function.png'

#specify the the output type

set terminal png

#specify the name of my file

set output 'function.png'

The second step is to set the line style, the colour, and finally the line type and line width.

set style line 1 linecolor rgb '#0060ad' linetype 2 linewidth 2

1	set style line 1 linecolor rgb '#0060ad' linetype 2 linewidth 2

The last step is to set the function and plot it.

function = 0.9
f(x) = function * sin(x)
plot f(x) title 'sin(x)' with lines linestyle 1

function = 0.9

f(x) = function * sin(x)

plot f(x) title 'sin(x)' with lines linestyle 1

and this is what we get :

sin(x)

As we can see gnuplot as generated our sin(x) in blue as specified before. It also possible to plot two function on the same graph by modifying our file to :

#set output
set terminal png
set output 'function.png'

#set linestyle
set style line 1 linecolor rgb '#0060ad' linetype 1 linewidth 2
set style line 2 linecolor rgb '#EE0000' linetype 1 linewidth 2

#set variables
a = 0.9
b = 0.3
f(x) = a * sin(x)
g(x) = b * cos(x)

#plot
plot f(x) title 'sin(x)' with lines linestyle 1, \
g(x) title 'cos(x)' with lines linestyle 2

#set output

set terminal png

set output 'function.png'

#set linestyle

set style line 1 linecolor rgb '#0060ad' linetype 1 linewidth 2

set style line 2 linecolor rgb '#EE0000' linetype 1 linewidth 2

#set variables

a = 0.9

b = 0.3

f(x) = a * sin(x)

g(x) = b * cos(x)

#plot

plot f(x) title 'sin(x)' with lines linestyle 1, \

g(x) title 'cos(x)' with lines linestyle 2

this gives the following output :

sin(x) cos(x)

How to Plot Data:

To plot data from a file, the same principles are used

Create a file.gnu (This file contains the gnuplot commands)
Create a file.dat (This file contains the data)

Histogram with string as XTICS :

This plots ramdom data, strings are used as TICS and the output as set a PNG below you can find the data used :

Data Car1 Car2
Data0 2.4 2.5
Data1 3 5.5
Data2 9	60

Data Car1 Car2

Data0 2.4 2.5

Data1 3 5.5

Data2 9 60

Here is how to generate the plot :

#The output is set 
set terminal png
set output 'data.png'

#The output is set

set terminal png

set output 'data.png'

Once the output is set, we make up titles for the plot and the axis :

#Place the title and the axis caption
set title "Example"
set xlabel "X label"
set ylabel "Y label"

#Place the title and the axis caption

set title "Example"

set xlabel "X label"

set ylabel "Y label"

The data are quiet different in term of size, a logarithmique scale is used for the plot, the range is also defined as well as the tics on the Y axis :

#using a log scale 
set logscale y

#set our range
set yrange[1:200.000000]

#set tics on the graph
set ytics (1.000000,10.000000,50,200.000000) nomirror

#using a log scale

set logscale y

#set our range

set yrange[1:200.000000]

#set tics on the graph

set ytics (1.000000,10.000000,50,200.000000) nomirror

The legend is set at the bottom of the plot on the right side :

#set the keys in the bottom
set key right bottom

1 2	#set the keys in the bottom set key right bottom

To generate an histogram this code is used :

#plot 
set style fill solid border
set style data histogram
set style histogram clustered
plot for [COL=2:3] "data.dat" using COL:xticlabels(1)  title columnheader

#plot

set style fill solid border

set style data histogram

set style histogram clustered

plot for [COL=2:3] "data.dat" using COL:xticlabels(1) title columnheader

As shown, it is possible that COL:xticlabels(1) corresponds to the first column, therefor column XTIC has Data0 as name and this is the output generated.

Histogram

Histogram with Error Bars :

Simply replace the last line by the following (do not forget to add columns for the appropriate erros ) :

set style histogram errorbars gap 2 lw 1
plot "data.dat" using 2:5:xtic(1) title columnheader ,"" u 3:4:xtic(1) t columnheader

1 2	set style histogram errorbars gap 2 lw 1 plot "data.dat" using 2:5:xtic(1) title columnheader ,"" u 3:4:xtic(1) t columnheader

to generate the following plot :

error bars

Generate a heat map :

Create a data file using 3 columns :

0 0 0
1 1 1
2 2 2
3 3 3
...
999 999 999

0 0 0

1 1 1

2 2 2

3 3 3

...

999 999 999

set your title in your gnuplot file, your x and y axis legend and use the following code to generate the plot :

# start value (HSV Values from GIMP) 
X1 = 117/360.0
# end value 
X2 = 227/360.0
# creating the palette by specifying H,S,V
set palette model HSV functions (1-gray)*(X2-X1)+X1,1,0.7

plot "data.dat" using 1:2:3 title columnheader w l lc palette

# start value (HSV Values from GIMP)

X1 = 117/360.0

# end value

X2 = 227/360.0

# creating the palette by specifying H,S,V

set palette model HSV functions (1-gray)*(X2-X1)+X1,1,0.7

plot "data.dat" using 1:2:3 title columnheader w l lc palette

This will generate the following plot :

heat map

Attractive plots:

Even though the plots generated with gnuplot have a “good quality” it is possible to enhance the output by using simple tweaks and the ‘cairo’ library, to go a bit further, I would suggest to avoid underestimating the power of a “sexy” plot ! (and this takes us back to Social Engineering).

Why would people create sexy plots ? it’s a plot after all ! simply because plots are catching the eyes much faster than a long text, and that it is easier and faster for the reader to look at a plot and identify the information contained.

And as someone once said : “A picture is worth a thousand words”.

This section is based on Brighten Godfrey’s post So, in this section I will only make a simple summary of the steps to follow a a simple comparisons of two plots generated with “pngcairo”.

Change the outer layout of the graph to the gray colour including the tics.
Change the colours of the line to pleasant colours, do not chose bright or dark colours.
Add a grid to the background, to allow the reader to analyse the data as fast as possible.

Here is the first boring plot :

boring plot

While this is the amazing plot :

Amazing Plot

And finally this is the code used to achieve the precedent plot :

set terminal pngcairo
set output 'boring.png'

#Place the title and the axis caption
set title "Example"
set xlabel "X label"
set ylabel "Y label"

# Style of the lines
set style line 80 lt rgb "#808080"

# Grid lines in grat 
set style line 81 lt 0  
set style line 81 lt rgb "#808080"

#set style + no mirror 
set grid back linestyle 81
set border 3 back linestyle 80
set xtics nomirror
set ytics nomirror

#Chose simple colours as mentioned in Brighten Godfrey<b>'s blog post.</b>
set style line 1 lt rgb "#A00000" lw 2 pt 1
set style line 2 lt rgb "#00A000" lw 2 pt 6

#plot the data
plot 'data.dat' u 1:2 t 'Example line' w lp ls 1, \
     ''                  u 1:3 t 'Another example' w lp ls 2

set terminal pngcairo

set output 'boring.png'

#Place the title and the axis caption

set title "Example"

set xlabel "X label"

set ylabel "Y label"

# Style of the lines

set style line 80 lt rgb "#808080"

# Grid lines in grat

set style line 81 lt 0

set style line 81 lt rgb "#808080"

#set style + no mirror

set grid back linestyle 81

set border 3 back linestyle 80

set xtics nomirror

set ytics nomirror

#Chose simple colours as mentioned in Brighten Godfrey<b>'s blog post.</b>

set style line 1 lt rgb "#A00000" lw 2 pt 1

set style line 2 lt rgb "#00A000" lw 2 pt 6

#plot the data

plot 'data.dat' u 1:2 t 'Example line' w lp ls 1, \

'' u 1:3 t 'Another example' w lp ls 2

and that is pretty much it.

Tricks :

http://gnuplot.respawned.com/ is an online Gnuplot written in JS made by Christian Huettig

References :

http://www.gnuplot.info/
http://youinfinitesnake.blogspot.co.uk/
http://gnuplot.sourceforge.net/demo/

Tagged cairo, errorbars, gnuplot, heatmap, histogram, online, plots

2013 04 26 Noktec PhD Comments (1) Permalink

Google Two Factor Authentication and SSH

For my research and during my free time I’m managing and using multiple GNU/Linux machines over SSH so I decided to try the Google Two Factor Authentication. Google Authenticator is a completely open source project, this means that you can compile the sources from scratch, contribute to the project, or even examine and read the source code.

The two factor authentication is based on time, which means that once installed on your server, and on your phone, you will have approximately 30 seconds to 4 minutes to enter the code provided by the Google app to be able to log in on the server. The two factor authentication provides the user a second layer of security which might be useful if you deal with confidential information, or simply to avoid your server from being hacker from a brute-force attack. This article is thus a simple “How to” covering the installation of the Google Two Factor Authentication on an Ubuntu Server.

Installing Google Authenticator :

The first step to install the two factor authentication is to install the pluggable authentication module (PAM). The first way of doing it is to download the source code and to compile it, however in this “how to” we will simply install the package via the command line.

This command line is installing the PAM module / authentication module on the system.

Creating an Authentication Key :

To be able to use the two factor authentication, each user will have to create an authentication key. You will thus need to repeat this step for each user on your system. In this case I did it for the root user, however keep in mind that it is not recommended to log and administrate a server as root.

To do so run the following command without sudo otherwise the two factor authentication will be applied to the root user.

Some questions should also appear here Is what I answered :

Do you want me to update your "~/.google_authenticator" file (y/n) y Do you want to disallow multiple uses of the same authentication token? This restricts you to one login about every 30s, but it in creases your chances to notice or even prevent man-in-the-middle attacks (y/n) y

1
2
3
4
5
6

Do you want me to update your "~/.google_authenticator" file (y/n) y

Do you want to disallow multiple uses of the same authentication
token? This restricts you to one login about every 30s, but it in
creases your chances to notice or even prevent man-in-the-middle
attacks (y/n) y

If the computer that you are logging into isn't hardened against brute-force login attempts, you can enable rate-limiting for the authentication module. By default, this limits attackers to no more than 3 login attempts every 30s. Do you want to enable rate-limiting (y/n) y

1
2
3
4
5

If the computer that you are logging into isn't hardened against
brute-force login attempts, you can enable rate-limiting for the
authentication module. By default, this limits attackers to no
more than 3 login attempts every 30s.
Do you want to enable rate-limiting (y/n) y

Once answered the following screen should appear :

As you can see, a QR code has been generated, you can scan it with your mobile phone and the phone will automatically pick up the secret key and the username for which it has been activated. Or you can simply add the user manually on your phone and add the secret key. The emergency scratch code should however been kept safe since they are “rescue codes” in case you would lose your phone, this seems to me like the biggest weakness of that system.

Activating Google Authenticator :

To activate google authenticator you will need to edit two files. They need to be modified to tell the system that it needs to use the PAM module we installed when a user tries to log in via SSH. To do so use the following commands.

And add the following lines at the end of the file:

Then edit the following file

and modify the existing line as shown

You can now restart ssh

and use the google two way authentication with your smartphone.

Sources :

Tagged google, ssh, two factor authentication

2013 01 23 Noktec Linux
Security Comments (0) Permalink

Install Nvidia Drivers and CUDA 5 on Linux

This post is a simple, quick and easy “how to” install Nvidia Tesla drivers and CUDA 5 on Linux Ubuntu Server 11.10. CUDA is a parallel computing architecture which enables dramatic increases of computing performances by harnessing the power of the graphic processing unit (GPU). This guide covers the installation of the Nvidia Tesla K20m drivers as well as the installation of the CUDA and SDK toolkit on Ubuntu.

System Requirements :

Before beginning this tutorial you need to make sure that you have CUDA enabled hardware ( CUDA-capable GPU).

The list of all the CUDA capable devices can be found here.

To find out the type of Nvidia Graphic card your computer posses use the following command in a terminal :

lspci | grep -i

1	lspci \| grep -i

Driver Installation :

Before installing the drivers, it is important to check that you have a supported version of Linux, to check so use the following command in your terminal :

uname -m && cat /etc/*release

1	uname -m && cat /etc/*release

A similar output should appear on your screen :

$ uname -m && cat /etc/*release
x86_64
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=11.10
DISTRIB_CODENAME=oneiric
DISTRIB_DESCRIPTION="Ubuntu 11.10"

$ uname -m && cat /etc/*release

x86_64

DISTRIB_ID=Ubuntu

DISTRIB_RELEASE=11.10

DISTRIB_CODENAME=oneiric

DISTRIB_DESCRIPTION="Ubuntu 11.10"

As you can see “x86_64” indicates that you are running a 64 bit system, while the “ DISTRIB_RELEASE” field indicates your version of the operating system. In this case Linux Ubuntu 11.10 which is a supported version of Linux for CUDA5.

Following these information, download the drivers of your card via the nvidia’s driver website here.

If you have installed Ubuntu 11.10 Server you should not have any graphical user interface (GUI), you can thus download the drivers by using the command “wget url_of_the_drivers.run” .

Once the driver downloaded, install the following libraries and packages required by CUDA5 :

sudo apt-get install freeglut3-dev build-essential libx11-dev libxmu-dev libxi-dev libgl1-mesa-glx libglu1-mesa libglu1-mesa-dev

1	sudo apt-get install freeglut3-dev build-essential libx11-dev libxmu-dev libxi-dev libgl1-mesa-glx libglu1-mesa libglu1-mesa-dev

Then black list the un-required modules of the operating system.

sudo vim /etc/modprobe.d/blacklist.conf

1	sudo vim /etc/modprobe.d/blacklist.conf

The previous command opened the blacklist.conf file, press the “i” key, to edit the file and add the following lines to the file :

#blacklist Nvidia

blacklist amd76x_edac
blacklist vga16fb
blacklist nouveau
blacklist rivafb
blacklist nvidiafb
blacklist rivatv

#blacklist Nvidia

blacklist amd76x_edac

blacklist vga16fb

blacklist nouveau

blacklist rivafb

blacklist nvidiafb

blacklist rivatv

To save, press the “esc” key and enter “:wq” to quit.

If you are using a graphical user interface before installing the drivers, please follow these steps :

In the terminal write the following command to change the system run level :

sudo init 3

1	sudo init 3

Disable the graphical user interface :

sudo service lightdm stop

1	sudo service lightdm stop

We can now proceed to the installations of the drivers. The first step is to change the rights of the drives to be able to execute the drives, to do so write the following command in the terminal :

sudo chmod u+x  NAME_OF_THE_DRIVER.run

1	sudo chmod u+x NAME_OF_THE_DRIVER.run

We can now execute the drivers :

sudo ./NAME_OF_THE_DRIVERS.run

1	sudo ./NAME_OF_THE_DRIVERS.run

Once the drivers installed you can now download CUDA5 (here) by using the command wget in my case it will look like

wget http://developer.download.nvidia.com/compute/cuda/5_0/rel-update-1/installers/cuda_5.0.35_linux_64_ubuntu11.10-1.run

1	wget http://developer.download.nvidia.com/compute/cuda/5_0/rel-update-1/installers/cuda_5.0.35_linux_64_ubuntu11.10-1.run

you can now reboot your system.

Cuda Toolkit Installation :

To install the drivers, we will have to follow the same procedure has before, and give the rights to the cuda5 file to be executed :

sudo chmod u+x cuda_5.0.35_linux_64_ubuntu11.10-1.run

1	sudo chmod u+x cuda_5.0.35_linux_64_ubuntu11.10-1.run

and we can now install CUDA5

sudo ./cuda_5.0.35_linux_64_ubuntu11.10-1.run

1	sudo ./cuda_5.0.35_linux_64_ubuntu11.10-1.run

Once Installed we should now define the environment variables, to proceed so, open the following file : ~/.bash_profile via the following command :

sudo vim ~/.bash_profile

1	sudo vim ~/.bash_profile

(use the “i” key to edit, “esc” + “:wq” to save)

If you use a 32 bit system add the following lines :

export PATH=/usr/local/cuda-5.0/bin:$PATH
export LD_LIBRARY_PATH=/usr/local/cuda-5.0/lib:$LD_LIBRARY_PATH

1 2	export PATH=/usr/local/cuda-5.0/bin:$PATH export LD_LIBRARY_PATH=/usr/local/cuda-5.0/lib:$LD_LIBRARY_PATH

If you use a 64 bit system add the following lines :

export PATH=/usr/local/cuda-5.0/bin:$PATH
export LD_LIBRARY_PATH=/usr/local/cuda-5.0/lib:/usr/local/cuda-5.0/lib64:$LD_LIBRARY_PATH

1 2	export PATH=/usr/local/cuda-5.0/bin:$PATH export LD_LIBRARY_PATH=/usr/local/cuda-5.0/lib:/usr/local/cuda-5.0/lib64:$LD_LIBRARY_PATH

Once done, you can now restart the computer, and use CUDA via the GUI. If you are not using a GUI, read CUDA Error 38. However if you use a GUI system, you can now restart your system and you should now be able to use CUDA5 on your Linux Machine.

CUDA Error 38:

If you happen to see this error while executing a CUDA example, you should edit the following file /etc/rc.local via this command :

sudo vim /etc/rc.local

1	sudo vim /etc/rc.local

and add the following line :

/home/noktec/NvidiaStartup.sh

1	/home/noktec/NvidiaStartup.sh

Then create a file called NvidiaStartup.sh in /home/(your user name) via the following command :

vim NvidiaStartup.sh

1	vim NvidiaStartup.sh

and add the following lines :

#!/bin/bash

/sbin/modprobe nvidia

if [ "$?" -eq 0 ]; then
  # Count the number of NVIDIA controllers found.
  NVDEVS=`lspci | grep -i NVIDIA`
  N3D=`echo "$NVDEVS" | grep "3D controller" | wc -l`
  NVGA=`echo "$NVDEVS" | grep "VGA compatible controller" | wc -l`

  N=`expr $N3D + $NVGA - 1`
  for i in `seq 0 $N`; do
    mknod -m 666 /dev/nvidia$i c 195 $i
  done

  mknod -m 666 /dev/nvidiactl c 195 255

else
  exit 1
fi

#!/bin/bash

/sbin/modprobe nvidia

if [ "$?" -eq 0 ]; then

# Count the number of NVIDIA controllers found.

NVDEVS=`lspci | grep -i NVIDIA`

N3D=`echo "$NVDEVS" | grep "3D controller" | wc -l`

NVGA=`echo "$NVDEVS" | grep "VGA compatible controller" | wc -l`

N=`expr $N3D + $NVGA - 1`

for i in `seq 0 $N`; do

mknod -m 666 /dev/nvidia$i c 195 $i

done

mknod -m 666 /dev/nvidiactl c 195 255

else

exit 1

You can now restart your computer and run your CUDA examples.

CUDA Error 10 :

If you face a CUDA Error 10, you might have plugged your card in the wrong way ! We faced this error after having received our Supermicro computer, and discovered after multiple research that the cables plugged to our card were not plugged correctly, after reading documentation of the Tesla K20m card (available here) we noticed that the supplier had plugged two 6 pins connectors into the card instead of one 8pin and one 6 pin connector, once the 8 and 6 pin connectors plugged correctly our CUDA Error 10 disappeared.

This problem was discovered by using the following command :

nvidia-smi -q

1	nvidia-smi -q

This might help you debug your problem. In this case “-q” should list the available GPUs on your system.

I hope this helped and you are now ready to use CUDA on Linux.

Tagged 11.10, code 10, code 38, cuda5, drivers, errors, Linux, nvidia, ubuntu

2012 12 07 Noktec Linux Comments (2) Permalink

Windows 8 Clean Install 70GB Used ?

Yesterday after some problems with an Nvidia graphic card on Linux, we decided to install Windows 8 – 64bit on the new Supermicro computer in the office to see if the problem was only happening on Linux, or if Windows was also affected.

Specs of the Supermicro Computer :

8 * 8GB DDR3
160 Gb SSD
Nvidia Quadro 400
Nvidia Tesla K20m
2 * Intel E5-2620
Intel 10 Gigabit
SuperMicro Superworkstation

So, after a clean install of Windows 8 (the only Windows OS we had at the time) we discovered that our graphic card problem was still there but we also discovered that Windows had taken 70GB of the hard drive ! This had of course nothing to do with out graphic card problem, however we decided to spend some time on this second problem, and quickly discovered that Windows was using an option called “Page Filling” which allocated the size of ram on the hard drive (+ the size of windows = 70GB), so we decided to look into it, to have a clear idea of problem, and eventually a solution.

Page Filling :

Pagefile is a service that allows your computer to move memory pages to an hidden file called pagefile.sys and in the mean time to free your ram of unused applications. So, for example, when an application had been minimised and is not in used pagefile will place the memory pages used by that software into pagefile.sys if the RAM it is using is required by another software. This means that pagefile.sys also requires to be the size of the actual RAM in place on the computer.

In our case, we could disabled that service due to the fact that we were simple testing, however, it is not recommended to disable this service if you are using the computer as a production system, or as an everyday computer, and disabling that system may lead (undefined) system problems.

Conclusion :

This was not a bug but an actual feature in Windows, that might be annoying the users however some more information on page file may be found here : lifehacker to tweak the system and resize pagefile.sys.

Tagged 8, hard drive, pagefile, pagefile.sys, ram, Windows

2012 12 07 Noktec Windows Comments (1) Permalink

CPU Information on Linux and OS X

This is small blog post detailing how to obtain information on your CPU on Linux and Mac OSX. These commands give information such as the instruction set of the processor, the type of processor, the number of cores, number of CPUs, information about the caches etc.

Linux :

In Linux, the “proc” file system is providing most of the important information on the system. It interfaces with the kernel to obtain these information and is mounted as “/proc” on most of the Unix machines. More information can be found here.

The command to obtain information is this one.

$ /proc/cpuinfo

1	$ /proc/cpuinfo

If using GCC to compile C programs, you might want to use the “-march=cpu-type” to optimise your compilation to your type of processor and it’s set of instructions, to do that you can use use the following command :

$ grep flags /proc/cpuinfo

1	$ grep flags /proc/cpuinfo

Another useful command on multiple linux distributions is this one :

$ lscpu

$ lscpu

The command try to display information on your CPU in a human readable format but do not include all the information available.

OS X :

On OS X mountain lion and probably some other versions, the commands to use are a bit different, some general information about the system can be found by using the “system_profiler” command. This command includes some simple information on the system in use:

$ system_profiler

1	$ system_profiler

However more dedicated information can be found by using the “sysctl” command which is an interface to dynamically change system variables and obtain detailed informations on the system. This command is also present on BSD systems.

$ sysctl hw

1	$ sysctl hw

This command will give you the following type of output :

hw.ncpu: 4
hw.byteorder: 1234
hw.memsize: 8589934592
hw.activecpu: 4
hw.physicalcpu: 2
hw.physicalcpu_max: 2
hw.logicalcpu: 4
hw.logicalcpu_max: 4
hw.cputype: 7
hw.cpusubtype: 4
hw.cpu64bit_capable: 1
hw.cpufamily: 1463508716
hw.cacheconfig: 4 2 2 4 0 0 0 0 0 0
hw.cachesize: 8589934592 32768 262144 4194304 0 0 0 0 0 0
hw.pagesize: 4096
hw.busfrequency: 4800000000
hw.busfrequency_min: 4800000000
hw.busfrequency_max: 4800000000
hw.cpufrequency: 2800000000
hw.cpufrequency_min: 2800000000
hw.cpufrequency_max: 2800000000
hw.cachelinesize: 64
hw.l1icachesize: 32768
hw.l1dcachesize: 32768
hw.l2cachesize: 262144
hw.l3cachesize: 4194304
hw.tbfrequency: 1000000000
hw.packages: 1
hw.optional.floatingpoint: 1
hw.optional.mmx: 1
hw.optional.sse: 1
hw.optional.sse2: 1
hw.optional.sse3: 1
hw.optional.supplementalsse3: 1
hw.optional.sse4_1: 1
hw.optional.sse4_2: 1
hw.optional.x86_64: 1
hw.optional.aes: 1
hw.optional.avx1_0: 0
hw.optional.rdrand: 0
hw.optional.f16c: 0
hw.optional.enfstrg: 0
hw.cputhreadtype: 1
hw.machine = x86_64
hw.model = MacBookPro6,2
hw.ncpu = 4
hw.byteorder = 1234
hw.physmem = 2147483648
hw.usermem = 877899776
hw.pagesize = 4096
hw.epoch = 0
hw.vectorunit = 1
hw.busfrequency = 4294967295
hw.cpufrequency = 2800000000
hw.cachelinesize = 64
hw.l1icachesize = 32768
hw.l1dcachesize = 32768
hw.l2settings = 1
hw.l2cachesize = 262144
hw.l3settings = 1
hw.l3cachesize = 4194304
hw.tbfrequency = 1000000000
hw.memsize = 8589934592
hw.availcpu = 4

hw.ncpu: 4

hw.byteorder: 1234

hw.memsize: 8589934592

hw.activecpu: 4

hw.physicalcpu: 2

hw.physicalcpu_max: 2

hw.logicalcpu: 4

hw.logicalcpu_max: 4

hw.cputype: 7

hw.cpusubtype: 4

hw.cpu64bit_capable: 1

hw.cpufamily: 1463508716

hw.cacheconfig: 4 2 2 4 0 0 0 0 0 0

hw.cachesize: 8589934592 32768 262144 4194304 0 0 0 0 0 0

hw.pagesize: 4096

hw.busfrequency: 4800000000

hw.busfrequency_min: 4800000000

hw.busfrequency_max: 4800000000

hw.cpufrequency: 2800000000

hw.cpufrequency_min: 2800000000

hw.cpufrequency_max: 2800000000

hw.cachelinesize: 64

hw.l1icachesize: 32768

hw.l1dcachesize: 32768

hw.l2cachesize: 262144

hw.l3cachesize: 4194304

hw.tbfrequency: 1000000000

hw.packages: 1

hw.optional.floatingpoint: 1

hw.optional.mmx: 1

hw.optional.sse: 1

hw.optional.sse2: 1

hw.optional.sse3: 1

hw.optional.supplementalsse3: 1

hw.optional.sse4_1: 1

hw.optional.sse4_2: 1

hw.optional.x86_64: 1

hw.optional.aes: 1

hw.optional.avx1_0: 0

hw.optional.rdrand: 0

hw.optional.f16c: 0

hw.optional.enfstrg: 0

hw.cputhreadtype: 1

hw.machine = x86_64

hw.model = MacBookPro6,2

hw.ncpu = 4

hw.byteorder = 1234

hw.physmem = 2147483648

hw.usermem = 877899776

hw.pagesize = 4096

hw.epoch = 0

hw.vectorunit = 1

hw.busfrequency = 4294967295

hw.cpufrequency = 2800000000

hw.cachelinesize = 64

hw.l1icachesize = 32768

hw.l1dcachesize = 32768

hw.l2settings = 1

hw.l2cachesize = 262144

hw.l3settings = 1

hw.l3cachesize = 4194304

hw.tbfrequency = 1000000000

hw.memsize = 8589934592

hw.availcpu = 4

As you can see, the command is displaying specific informations such as the instruction set supported by your processor amongst many other information. For more information on the sysctl command use RTFM.

Have fun.

2012 11 17 Noktec Linux
mac Comments (0) Permalink

[Review] 5 Days With an iPhone5

It all began on Friday 21st at 4:30 AM on my way to the Apple store ! Yes ! this time I was living in a “relatively” small town with an Apple Store, so I decided to change my old phone with a brand new iPhone5 running on iOS6 with a broken map app, and wait there for approximatively 4 hours. This time, I would do something that I call “an only once in a life time” or (OOILT) (This is my small bucket list). Before leaving my flat, I had already made up my mind and told myself that if the queue was too long, or if it was too cold for me I wouldn’t stay there.

I arrived at the Apple store around 4:45 AM and the queue was approximatively 120 person, I had a tick jacket and the temperature was around 5 Degrees, I could definitively handle that, so I decided to stay !

– 5AM (a coffee with a friend)

waiting

– 6AM

– 7AM

– 8AM

– 8:30 (I was inside !)

– 8:35 (I had an iPhone !)

And here I am 5 days later ! There have been many reviews on the web, so I’ll keep mine short, with simple Pros and Cons.

Pros :

I quickly opened the box and took the smartphone in my hands, my first impression was, “wow, that crap is light” I was afraid of letting it slip off my hands ! Then I turned it on and I was impressed by the brightness of the screen ! My old phone (3 years old) had a smaller and darker screen ! I liked it ! I then configured the phone and played a bit with it and I have to say that iOS6 and the iPhone are quiet fast ! Web pages load quickly, loads of apps can run without making it slow, panorama is awesome and there are a few features such as “Do not disturb” that I really like ! I also really enjoy the new speakers which are amazing and the videos that the phone is able to make. The new connector is also great, I read that a few people were mad about it, because they had to buy adapters, but … sometimes change is needed and the old one was just out of date !

Cons :

Apple ? seriously … what’s wrong with you guys ! that map app called “Plan” is the worst thing I have EVER seen ! I guess all of you have seen tweets about it, but if you haven’t used it, you cannot imagine how crap this app really is ! anyways …
The phone itself is not bad at all, however there is a serious problem of finition with the iPhone5 black! The aluminum on the side is a bit too friable ! One day in my pocket and it seem that the sides of the phones are already getting back to their original colour ! WTF ? and you don’t have any bumpers on the market yet ?

Yes obviously I am ! no bumpers yet, and the paint getting away … but when I went to the Apple store monday, they replaced it directly with a brand new one ! so I have to admit that they take “care” of their customers and they even told me that if it happened again I could change it again ! So since I was going to buy a bumper anyway at some point, I’m pretty ok with that ! even if it’s a bit annoying to have to choose the right pocket each time I have to move, to be sure that the iPhone is not in contact with keys, or with my coins.

Conclusion :

The iPhone 5 is not too bad, I like it, it’s fast, it has a bright screen, I like siri, the camera is great ! and If you had an old phone before, you will probably like it despite it’s numerous flaws. However if

someone has an iPhone 4 or 4S or a recent new android phone, I’m not sure if there is a point getting an iPhone5. I have to say that’s its a great product, maybe not worth the price, but I will have to see if it last as long as my previous phone without any problem, and if it does, then I’ll be happy with it for the next 3 years.

To answer the question : “Was it worth to wait outside the Apple store for 4 hours“, I will answer “no“ as I said, only once in a life time ! those 4 hours were the most boring hours of my life, but it was fun to do it once and to see how an Apple store was handling all the customers waiting ! I obviously don’t understand all the people doing that each time there is a new Apple product but … I guess everybody can spent his time according to his schedule.

—

[EDIT] New Issues after 10 days:

A friend an I discussed a flash problem on the iPhone5 ! which is very bad, the iPhone is not taking pictures properly due to a software issue ! look at this pictures in the dark with flash enabled.

We had to take the picture at least 5 times to get the flash working and the quality is terribly bad ! We also tried with his iPhone and he got exactly the same problems.

I hope these issues are gonna be fixed asap by Apple.

Tagged cons, iOS6, iPhone5, problems, pros, review

2012 09 26 Noktec iOS Comments (0) Permalink

[Review] Practical Lock Picking

Lately I bought the book “Practical Lock Picking : A physical Penetration Tester’s Training Guide” by Deviant Ollam, and I loved it. I have been practicing lock picking since a year now and always enjoy such as great reading to improve my hobby skills. The book takes a practical approach and describes locks with clear figures and efficient explanations.

The book is written for a general public, from first timers to “advanced” lock pickers or hackers, and gives a clear view of Physical Penetration testing.

The book also shows us, how locks and keys are manufactured and how locks work. Each mechanism is described using a great diagram. It allow you to think outside the box, and tries to broaden your view of lock picking. The book also shows us that lock picking is not “that” difficult and that it “simply” takes practice to become good at it (or efficient).

No matter what your background is, by the end of the book , you will be able to open some simple locks. Buying a lock picking toolkit is therefor useful while getting the book. I practiced along side the book and I evolved quickly from simple locks to medium locks and I really enjoyed reading it.

The chapters are organised like this :

Fundamentals of pin tumblers and wafer locks
The basics of picking : exploiting weaknesses
Beginner Training : How to get good very fast
Advanced Training : Learning some additional skills
Quick-entry Tricks : Shimming, Bumping, and by passing
They all come Tumbling down : Pin tumblers in other configurations

The only chapter I found missing was : How to conduct a real physical penetration test in a company. As the author is one of the most famous lock pickers in the field it would have been nice to have and overview of how he would conduct a physical penetration test.

The book also come with a DVD and an extensive appendix detailing tools and toolkits available for lock pickers.

As a final word, this book will be helpful if you are a beginner in lock picking or if you want to read about a practical approach of lock picking.

Tagged book, lock picking, practical, review

2012 09 20 Noktec Real Life
Security Comments (0) Permalink

Infinite Loop with Dashlane

Today I ran into my first problem using Dashlane, do you remember this post where I said : “Guys you should use Dashlane because it’s awesome, especially in case of a password leak” ? I remember it well ! and I believe that Dashlane is an awesome tool to “avoid” your passwords to be leaked. However it has some flaws ! For the story, I was playing with CUDA yesterday and I almost broke my system, so i decided to make a fresh install of OS X Mountain Lion on my MacBook Pro. Everything went well, until I wanted to use Dashlane again. I had downloaded Chrome, and Dashlane from their website ! and when I decided to log back in to access my passwords, Dashlane told me :

Enter your e-mail (login) and we will send you an e-mail with a token on your e-mail or phone number !

Wow ! What ?

ok ! it’s a good idea, but the password that I used for my e-mail account (online) was on Dashlane, and I had no access to my e-mails anymore since Dashlane had my password ! And there I was, sitting in front of my computer logged out of almost all my accounts !

I began to think, and remembered quickly that I had my iPhone with me and that I had access to my e-mails via 3g (awesome …) I tried to obtain the token from Dashlane to log back in … and it never came ! I’m still waiting for it ! I requested it at least 25 times ! nothing ! nada, rien ! geen e-mail ! I contacted the Dashlane support for more information but I never got any answers back ! I also checked my spams box but nothing in there either !

Finally I got another idea:

The computer had to be identified at some point via a file ? so why not find that file on my TimeMachine drive and replace it ? so basically that trick worked !

I replaced the Dashlane folder from my new Install with the Dashlane folder from my time machine ! and that’s how I finally could log back into all my accounts ! This is where the folder is located :

/Users/Noktec/Library/Application Support/

1	/Users/Noktec/Library/Application Support/

Edit 1 : So Dashlane got bak to me about that problem and told me that they implemented a new message in their popup. Now when you want to generate a password for your e-mail account associated with Dashlane show this message :

And I simply replied the following :

@dashlane The Pop up should say “it is not recommended to generate a password with dashlane” because the password should still be strong.

Because I thought the popup was not clear enough. However, it’s a good step forward !

Screenshots in Dashlane ?

While I was copying my Dashlane folder I discovered a folder containing unencrypted screenshots of me purchasing something on Amazon. I then wondered “why does that Dashlane’s folder contain multiple folder with screenshots of my purchases, that’s kind of silly ? isn’t it ?” So I contacted them and we will see what happens.

Edit 2 : A t Some point Dashlane got back to me via their twitter account and mentioned this :

1) My first question was :

Why are you making screenshots while we buy things ?

This answer does not convinced me at all ! especially since I saw that those screenshots were not encrypted so I asked a second question :

2) My second question was :

Why are the screenshots not encrypted in the folder ?

~/Library/Application Support/Dashlane/www/{...}/

1	~/Library/Application Support/Dashlane/www/{...}/

and that we need to enter our master password in the application ? :

So I hope that at some point they’ll get back to me with an answer, or with an update ! and they did !

Edit 3:

I got an e-mail back with a brief description of what is happening in Dashlane :

I have to say that since people are connected most of their time, unencrypted screenshots are thus vulnerable most of the time ! However has they said, those screenshot do not represent your password, and are thus information that are not “really” “valuable” for a hacker. On the other hand I have to say that their team is very responsive, and seems to care about the problems that happens with their software ! I’m really impressed about that in a good way ! and will definitely recommend Dashlane to whomever wants to try to keep their passwords safe.

Tagged Dashlane, error, OS X, screenshots

2012 09 14 Noktec mac
Security
Web
Windows Comments (0) Permalink

Facebook HOAX [Phone Numbers Have Names]

Today I have seen a few people on my news feed talking about : “Your Phone Number has a Name on Facebook“, as I am a curious person I wondered what the fuzz was all about and read the small image til the end.

1) enter @ followed by [ then a 3 digit number followed by : then 0 then ] and press enter !

So basically the 3 digits should be the last 3 digits of your phone number and a name should appear.

I tried the following

@[123:0]

@[123:0]

And obtained

@[123:2048:]

1	@[123:2048:]

Then I tried

@[10:0]

@[10:0]

and obtained

Marcel Laverdet

1	Marcel Laverdet

That looked interesting, however some entries give you ‘0’ as a result !

but

@[4:0]

@[4:0]

should give you

Mark Zuckerberg

1	Mark Zuckerberg

What Really Happens ?

Basically, using the ‘@’ sign tags someone, and it seems to me that the guys “tagged” in the posts are early users or facebook engineers and the first one to seven digits are an ID identifying us, so you can use

from 1 to 7 digits and you should always get an answer.

@[1234567:0]

1	@[1234567:0]

So I guess, this might be a small privacy concern, because you get names from people you shouldn’t ! I guess it would be fun to make a small automated script posting to find yours (if it is possible), and I really wonder how doubles are managed, anyways that was fun looking at.

I wonder if those numbers also indicate a position in a database, so maybe a hacker could establish a list and use it later for an SQL injection ?

[Edit : This seems to be an hold trick, I have no idea why my entire news feed is full of people publishing this thing ! … Hoaxes are probably remanent on Facebook, I guess ]

2012 09 11 Noktec Security
Web Comments (0) Permalink

Should parents post pictures of their children online ?

Gnuplot:

Examples:

How to Plot a Function:

How to Plot Data:

Histogram with string as XTICS :

Histogram with Error Bars :

Generate a heat map :

Attractive plots:

Tricks :

References :

Installing Google Authenticator :

Creating an Authentication Key :

Activating Google Authenticator :

Sources :

System Requirements :

Driver Installation :

Cuda Toolkit Installation :

CUDA Error 38:

CUDA Error 10 :

Page Filling :

Conclusion :

Linux :

OS X :

Pros :

Cons :

Conclusion :

[EDIT] New Issues after 10 days:

Screenshots in Dashlane ?

What Really Happens ?

Pages

Categories

Friends