The Storm Worm

I want to point out a very interesting article by Bruce Schneier about the Storm worm. If it were not so illegal, the techniques used by this worm are very, very advanced and very interesting from a development and network/load-balancing point-of-view. Anyone interested in development, network administration, and security should read the article.

The worm has grown to a real epidemic by continuously adapting, changing its code, the code signature, etc. It has infected this huge number of computers because the resulting bot-net is hardly ever used, it keeps in a dormant stealth mode. Most users are not aware they are infected with the worm because it tries to avoid detection by not using to much ressources and therefore hardly attracts attention by system administrators. Bruce Schneier points out that maybe we should be worried about what’s coming in “Phase II”, once the gigantic bot-net is brought into action.

To avoid detection, the worm and the bot-net operators apply several advanced load-balancing and stealth techniques, namely a DNS technique called “fast flux” which very effectively blurs the traces to the real operators.

As I said, it is very interesting read. I recommend you also follow several of the outbound links.

Affordable offsite automatic backup for Windows and MacOS

I just discovered Mozy (via TechChrunch), a service for automating the backup process by automatically storing all your data encrypted on their server for backup purposes. It is a Windows software that automates the backup process and provides secure online storage. According to the specification you can either use their encryption key or provide your own public key for the encryption.

Mozy comes in two flavors, a version for home-users which they call MozyHome (4.95$/month for unlimited storage) and a service for businesses, called MozyPro, which bills 3.95$ per computer, but also 0.50$/GB per month. I think the service would definitely be interesting but the storage costs seem to high for me. There is also “MozyHome Free” which provides you with free 2GB of backup storage. Maybe the recent purchase by EMC Corporation will change the pricing list (honestly, I don’t think so…)?

The idea of storing my confident data or even corporate data on remote servers not under my control is a little bit frightening, but in case you are able to believe they have not built a master-key in the software, it might be a nice option for offsite backups which definitely everybody should use. Maybe one should give the “MozyHome Free” a test-drive… Too bad there is no Linux version available.

If I can convince myself to try out the “MozyHome Free” I will write another report here.

.NET strings are not always immutable!

Strings are immutable. If you want to modify a sequence of characters, use StringBuilder. At least, that’s whats officially said. But in the framework there is at least one method that does modify a string:

TextRenderer.MeasureText() with ModifyString and EndEllipses will modify your string to match the ellipsed text if ellipsing happens. You can look at this VB# example on codeproject using TextRenderer.MeasureText() for trimming text on how it is used.

The string seems to be modified directly in native code by DrawTextEx from user32.dll. Additionally to the scary fact that strings are not immutable, the length of the string is not updated, regardless if the resulting string is shorter!

For instance if you have a string “aaaaaaa” which will be truncated to “aa...“, the Length property will still return 7 for the shortened string. The debugger shows that the string will in fact be “aa…\0a” after the operation. So maybe it might be right that the string is still 7 characters long but most outputting functionality like Console.Out.WriteLine() gets confused sometimes and stops any further output to the debugger or console under certain conditions.

A very quick investigation of the System.Drawing assembly using Lutz Roeder’s fabulous .NET Reflector showed that at least there should be no memory corruption in case “WW” would get ellipsed to “W...“, as DrawTextEx takes the length of the buffer and should result only in “W.“.

Summing up, I find the corruption of an immutable string by an official Microsoft API very troubling.

Content-aware image resizing

Krispin made me aware of a very cool new technique for resizing images: content-aware image resizing. Based on an energy-function path of an image are removed when shrinking or are duplicated and interpolated when growing the image in a non-uniform way.

This technique can also be used to remove objects from a given image. There is a nice demo video available on YouTube (it’s the same as in jfo’s coding blog, where Krispin originally found the information):

[youtube vIFCV2spKtg]

(via jfo’s coding and slashdot)

Vista UAC: Firefox (and other Mozilla apps) automatic updates

If you disable the automatic installer detection of User Account Control (UAC), for instance because it interferes with your every-day operations (like in my “Git and Windows Vista” article), you will notice that the Mozilla updaters don’t work as expected. Automatic updates will fail. This is due to the fact that the updater will not be automatically elevated any longer.

As the easiest workaround, you should perform the following steps:

  • Once you get notified about the update and you are asked if you want to install it, say “No”.
  • Close the Mozilla application in question.
  • Search for the application in your “Start” menu.
  • Right-click the entry and choose “Run as Administrator…”
  • Choose “Check for Updates…” in the “Help” menu
  • Confirm you want to install the update and walk through the update process.

The installation will now work. For security reasons you should close the application once installation is finished, because it will still be running with elevated privileges. Now start the application again normally.

The same principle works for any application that is not Vista-aware and fails on automatic update. For security reasons make sure you keep the time you run with elevated privileges as short as possible.

git-svn on Windows (cygwin)

Update 2008-10-10: Often perl will not work due to memory-remapping problems. A solution can be found in my article about the issue.

What I really love about Git is the fact that it nicely integrates with existing Subversion repositories. At our company, we are using Subversion as our SCM, but I personally like Git more and I want to use it as a side tool for more flexible branching, merging, and for checking in versions I wouldn’t check in the shared repository.

Git is supplied with git-svn, which can import an existing SVN repository and also commit back to it. Under cygwin, you need to perform two additional steps for getting git-svn to work, otherwise it is likely to fail with “failed to include Error.pm”.

You need to download Error.pm from CPAN. You have to save it to <cygwin-dir>\lib\perl5\Error.pm

Voila! git-svn should work now.

Waiting for WLAN and UMTS for OpenMoko

I am currently thinking a lot about the OpenMoko project. Unfortunately OpenMoko at the moment provides hardware which is limited to GPRS, Bluetooth, and/or USB 1.0 for connectivity. In autumn there should be the next generation which should include a WLAN (and maybe even UMTS?) support. It will be called Neo 1973 – GTA02.

Together with Austrian-based one “H.U.I. Starter” rate (250MB @ UMTS, reduction to 56kBit/s above, 10€/month) this would be a nice package. However, if I could have UMTS, well, that would be better. Personally, WLAN is even more important for me, I could use it in the office or in my home, where I have WLAN access available and fall back to GPRS while being “on the road”.

For me this means: standby for autumn, because I can’t afford to invest US-$300 now and another US-$450 in a couple of month. Still, I am really, really interested in OpenMoko (and normally I wouldn’t invest that amount of money into a hobby of mine). Which means, I am standing by and waiting for news from the OpenMoko community…

In the meantime, if you understand German, you could listen to this very interesting Chaosradio Express Podcast.

On YouTube there are some very interesting videos about the Neo 1973.

Git on Windows: “You have some suspicious patch lines”

Update 2008-04-24: as commenter Jakub Narebski correctly points out, it should be better to use core.autocrlf and crlf attribute for resolving this issue, but I have had no chance to test this up to now. The solution below is still valid, but more of the sort of an ugly hack.
Update 2008-06-11: I have stopped using this solution and only use “git-config core.autocrlf true” and “git-config core.safecrlf true” any more. It works reliably and is exactly what I need and not such an ugly hack.
Update 2008-06-22: Well, of course you can still get “You have some suspicious patch lines” if you follow the core.autocrlf approach… but this time it really means you have trailing whitespace, not just line-breaks. If you really don’t care about trailing white-space at all, my initial solution is still valid, as it simply disables this check.

If you are using Git under Windows using cygwin, and you got through the initial problems, you will soon realize that Git likes to fail with “You have some suspicious patch lines” when committing.

The cause for this problem is the carriage-return/line-feed problem of Git under Windows/cygwin: The patches contain a trailing line-feed if you edited them with a Windows editor and not strictly inside cygwin. This will trigger the pre-commit hook to fail on patches where the last line of a file has been changed.

To solve the problem, you need to edit .git/hooks/pre-commit and comment out the following lines:

if (/\s$/) {
bad_line("trailing whitespace", $_);
}

Now committing should work.

OpenMoko – the Open Mobile Phone

This is cool! If you want to have a mobile phone based on Linux and pure OpenSource software, OpenMoko might be the right thing for you! I’m not so much in mobile development, but I find this almost more appealing than the iPhone, which at the moment is a very closed platform. If I find some time for a hobby like this, this US-$ 300 would be a nice investment. I hope this becomes a success to reward the company and the idea to explictly invite hackers/developers (both software & hardware) to improve a phone. A nice contrast to the usual anti-reverse-engineering and “hacking” philosophy most companies go along with.

Edit 2007-07-18: I accidentially misspelled OpenMoko as OpenMonko in the inital release, both in the title and in the text. I corrected this and the URL of the article to reflect the real name of the project: OpenMoko.

Git and Windows Vista

I recently started using Git, the version control system now used for developing the Linux Kernel. While there is no native support for Windows at the moment, you can install it using cygwin. While this works reasonably well in Windows XP, I got into severe troubles when trying the same in Windows Vista.

First, I ran into troubles installing cygwin. I figured out, that it seems to work well if you run both the installer and bash in “Windows XP SP2 compatibility mode”. I needed to adjust the file system permissions of the cygwin folder to give me write permissions, though. (Note: you have to manually install the TK-libs if you want the GUI elements of git to work.)

But Git kept failing with “access denied” messages when trying to commit from command line. The failure message said it was denied access to git-update-index. I soon found out this is due to the “User Account Control” (UAC) default behavior of auto-detecting installers and prompting if you want to execute them with raised privileges. You can see if this is the case by running git-update-index manually from bash; if you get the UAC confirmation dialog you have this problem. It seems the substring “update” triggers this behavior. As the git-update-index is launched by git commit, it won’t display the confirmation dialog of Vista, so the execution will be denied.

There are two possible workarounds:

  • Run bash with administrative privileges (not recommended!)
  • Disable the auto-detection of installers by UAC.

I used the latter way. You can disable the auto-detection by following these instructions. Brief summary:

  • Open the Local Security Policies
  • Disable “User Account Control: Detect application installations and prompt for elevation”
  • Reboot (the security policy will not be updated before!)

It should work now. You can confirm this by running git-update-index manually again. If you do not get the UAC confirmation dialog now, it worked. Try git commit now, and verify it is working. Of course, you will from now on have to right-click and “Run as Administrator” every installer you want to install, as most installers will require administrative privileges.

Update 2007-08-22: Reader EGarcia posted an interesting comment below: using the Microsoft Manifest Tool you can add an according manifest to the git-update-index.exe and git-update-ref.exe

Update 2009-02-12: Reader Kevin Broadey points out the best solution so far: create a seperate .manifest file for the affected files. He has provided an example for git-update.exe.manifest.