Stuff from Twitter for Sun Feb 7, 2010

2010-02-07 14:24 - Twitter

Just defeated the final boss in Final Fantasy X. Wonderful game.02:24 pm

Read comments (0) - Post a comment

Stuff from Twitter for Fri Feb 5, 2010

2010-02-05 17:13 - Twitter

I now have a shiny new MacBook Pro at work. And I'm remembering why I'm not a Mac fan.05:13 pm

Read comments (0) - Post a comment

Stuff from Twitter for Thu Feb 4, 2010

2010-02-04 20:02 - Twitter

Playing a Wii for the first time.08:02 pm

Read comments (0) - Post a comment

Stuff from Twitter for Tue Feb 2, 2010

2010-02-02 14:23 - Twitter

Been thinking about buying a place in Manhattan for a few weeks. Set up an appointment to see the first co-op on Monday afternoon.02:23 pm
Woke up feeling like I had a whopper of a weird dream. Can't remember a bit of it though.09:11 am

Read comments (0) - Post a comment

National Cryptyologic Museum

2009-12-30 15:28 - General

I've been playing with Twitter, through my phone. So I first announced this yesterday, but since no one reads/knows about my Twitter stream, and I can put better pictures here, I'm writing this post as well. I don't remember where, exactly, but I know when: back in September, I happened upon the webpage for the National Cryptologic Museum. Run by the NSA, it's just outside Fort Meade, which happens to be just minutes away from my grandparents' house. I know this because grandpa is a vet, and they regularly go to Fort Meade for vet-only services (including shopping). I was there (Maryland, grandparents' house) for xmas, so we visited.

It's mostly a collection of code breaking, and code making, machines from the first half of the 20th century, with a bit of newer and a tiny bit of older stuff, as well. Military applications. Here's my tiny photo tour.

An ENIGMA machine, from 1937. The 'Tunny' machine, a less famous cipher machine like Enigma. A Japanese machine, much like the Enigma, based on shared knowledge from the Germans. A selection of 'secure telephones'. This was beside the nearly-room-size machine that preceded it. A quaintly out-of-date chart depicting some details of the evolution of the supercomputer, from the '60s through the early '90s. A cute-ish rack of machines with an old Intel logo, and the disturbing-sounding 'digital slicer unit'. In the next rack over was a device from Singer. Not a sewing machine.

For some more details: The first picture is an ENIGMA, the famous German encryption machine. The label at the top of this one shows it is from 1937. The second picture is the "Tunny", which

... was nicknamed Tunny by the British, after the ... [tuna fish]. ... [It] was used by the German army for high-level communications, and ... unlike ENIGMA, it did not substitute letters but instead encrypted elements of the electrically generated "Baudot Code" used in normal telegraphic transmissions.

This from no later than 1941 (when the British first discovered it). The third is a Japanese ENIGMA-like device, but

The Germans manufactured ENIGMA machines for the Japanese government but they were never received. "Officially," they were lost when the German submarine tasked with the delivery was sunk. Japanese experts, having very basic shared knowledge of the ENIGMA, created their own device.

Part of me really wonders how that keyboard worked, with the Japanese language. The other three pictures I have very few details for. Click them for the description in the lightbox.

Read comments (0) - Post a comment

Gentoo Encrypted Root, with LUKS and LVM

2009-12-20 11:22 - Linux

I'm upgrading my home server to be a bit beefier, as I've started using it for some video processing and other demanding tasks. Along the way of configuring a new blank machine from scratch, I decided to set up disk encryption (better safe than sorry, eh?), something I've never done for a linux server before. I found it a bit tricky, so here's a log, with some explanations, of what I did. If it's useful to you, great! It's geared towards the Gentoo linux distribution, as that's what I use and love, and generally towards experts. If you don't understand anything below, please research it, before you try to do something like this.

  1. Boot a recent Gentoo Minimal LiveCD. I used install-x86-minimal-20091103.iso. Anything newer than that should probably also work.

  2. Work through the Gentoo Handbook until step 4. Using fdisk as described there, define one small partition (I used 256M) to boot from, and one more taking the rest of the drive. This left me with:

    # fdisk -l /dev/sda

Disk /dev/sda: 640.1 GB, 640135028736 bytes
255 heads, 63 sectors/track, 77825 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Disk identifier: 0x83e6d949

   Device Boot      Start         End      Blocks   Id  System
/dev/sda1               1          34      273073+  83  Linux
/dev/sda2              35       77825   624856207+  83  Linux

    With that done, format the boot partition:

    # mke2fs /dev/sda1
mke2fs 1.41.3 (12-Oct-2008)
Filesystem label=
OS type: Linux
Block size=1024 (log=0)
Fragment size=1024 (log=0)
68272 inodes, 273072 blocks
13653 blocks (5.00%) reserved for the super user
First data block=1
Maximum filesystem blocks=67633152
34 block groups
8192 blocks per group, 8192 fragments per group
2008 inodes per group
Superblock backups stored on blocks:
        8193, 24577, 40961, 57345, 73729, 204801, 221185

Writing inode tables: done
Writing superblocks and filesystem accounting information: done

This filesystem will be automatically checked every 20 mounts or
180 days, whichever comes first.  Use tune2fs -c or -i to override.

    And the encrypted partition:

    # cryptsetup --verify-passphrase luksFormat /dev/sda2
WARNING!
========
This will overwrite data on /dev/sda2 irrevocably.

Are you sure? (Type uppercase yes): YES
Enter LUKS passphrase:
Verify passphrase:
Command successful.

  3. At this point we need to set up the encrypted partition layer.

    # cryptsetup luksOpen /dev/sda2 root

    In order to get multiple "partitions" inside the single encrypted layer, we set up LVM. I keep /tmp (nosuid and no execute), as well as /var (in case logs fill it up) and /home, separate from /, so I did:

    # pvcreate /dev/mapper/root
  Physical volume "/dev/mapper/root" successfully created
# vgcreate vg /dev/mapper/root
  Volume group "vg" successfully created
# lvcreate --size 1G --name swap vg
  Logical volume "swap" created
# lvcreate --size 10G --name root vg
  Logical volume "root" created
# lvcreate --size 1G --name tmp vg
  Logical volume "tmp" created
# lvcreate --size 10G --name var vg
  Logical volume "var" created
# lvcreate --size 573.9G --name home vg
  Rounding up size to full physical extent 573.90 GB
  Logical volume "home" created
# vgchange --available y
  5 logical volume(s) in volume group "vg" now active

    Use vgs or vgdisplay to find out how much room you have left for the last logical volume.

    Format these partitions as you like, I did:

    # mkswap /dev/mapper/vg-swap
Setting up swapspace version 1, size = 1048572 KiB
no label, UUID=b43468c8-8652-4035-9227-6ef562975dbd
# mkfs.xfs /dev/mapper/vg-root
meta-data=/dev/mapper/vg-root    isize=256    agcount=4, agsize=655360 blks
         =                       sectsz=512   attr=2
...
# mkfs.xfs /dev/mapper/vg-tmp
meta-data=/dev/mapper/vg-tmp     isize=256    agcount=4, agsize=65536 blks
         =                       sectsz=512   attr=2
...
# mkfs.xfs /dev/mapper/vg-var
meta-data=/dev/mapper/vg-var     isize=256    agcount=4, agsize=655360 blks
         =                       sectsz=512   attr=2
...
# mkfs.xfs /dev/mapper/vg-home
meta-data=/dev/mapper/vg-home    isize=256    agcount=4, agsize=37611264 blks
         =                       sectsz=512   attr=2
...

  4. Continue with the Gentoo Handbook, until step seven. We need cryptsetup installed and configured properly before we build our kernel, so first emerge cryptsetup. Now follow step seven as normal, but be sure to use genkernel. Do not use any splash, vga or framebuffer related options (trying to use these caused me lots of grief).

    # genkernel --menuconfig --install --symlink --lvm --luks all
* Gentoo Linux Genkernel; Version 3.4.10.904
* Running with options: --menuconfig --install --symlink --lvm --luks all

* Linux Kernel 2.6.28-hardened-r9 for x86...
* kernel: >> Running mrproper...
* config: Using config from /etc/kernels/kernel-config-x86-2.6.28-hardened-r9
*         Previous config backed up to .config.bak
*         >> Running oldconfig...
* kernel: >> Cleaning...
* config: >> Invoking menuconfig...

*** End of Linux kernel configuration.
*** Execute 'make' to build the kernel or try 'make help'.

*         >> Compiling 2.6.28-hardened-r9 bzImage...
*         >> Compiling 2.6.28-hardened-r9 modules...
* Copying config for successful build to /etc/kernels/kernel-config-x86-2.6.28-hardened-r9
* busybox: >> Using cache
* initramfs: >> Initializing...
*         >> Appending base_layout cpio data...
*         >> Appending auxilary cpio data...
*         >> Appending busybox cpio data...
*         >> Appending lvm cpio data...
*               LVM: Adding support (compiling binaries)...
*         >> Appending luks cpio data...
* Including LUKS support
*         >> Appending modules cpio data...
*
* Kernel compiled successfully!
...

    Since you might be running genkernel again in the future, for upgrades, it might be worth looking at /etc/genkernel.conf to set the options passed on the commandline, above. In the config step be sure to include these kernel options statically (not as a module):

        Device Drivers  --->
    [*] Multiple devices driver support (RAID and LVM)  --->
        <*> Device mapper support
        <*> Crypt target support
-*- Cryptographic API  --->
    *** Ciphers ***
    <*> AES cipher algorithms

  5. The machine I'm setting up has some sort of problem with grub. I'm not sure what, but it detects free memory incorrectly, thinks there's 0k available, and refuses to run anything, because 0k is not enough room. So at the bootloader step, this time I'm using LILO. So:

    # echo "sys-boot/lilo device-mapper" >> /etc/portage/package.use
# emerge lilo

    Then, I need to properly fill out /etc/lilo.conf, based on Handbook step 10c. Note the crypt_root, which is the real device, encrypted with LUKS, and the real_root which is the virtual (LVM) device, under the LUKS encryption layer, that we tell the kernel is the real root, after LUKS and LVM has been set up properly.

    append="init=/linuxrc ramdisk=8192 dolvm crypt_root=/dev/sda2 real_root=/dev/mapper/vg-root"
boot=/dev/sda
compact
default=gentoo
lba32
prompt
read-only
root=/dev/ram0
timeout=50

image=/boot/kernel
  initrd=/boot/initramfs
  label=gentoo

image=/boot/kernel.old
  initrd=/boot/initramfs.old
  label=backup
  optional

    Finally, install LILO as the boot loader with:

    # /sbin/lilo
Added gentoo *
Added backup

  6. Continue with the Gentoo Handbook, which at this point is basically just rebooting and using the system!

If something goes wrong somewhere in the middle, and you need to re-boot from the LiveCD, and mount your virtual encrypted partitions, it should go something like:

# cryptsetup luksOpen /dev/sda2 sda2
Enter LUKS passphrase:
padlock: VIA PadLock not detected.
padlock: VIA PadLock Hash Engine not detected.
key slot 0 unlocked.
Command successful.
# vgscan
  Reading all physical volumes.  This may take a while ...
  Found volume group "vg" using metadata type lvm2
# vgchange -ay
  5 logical volume(s) in volume group "vg" now active

Then a bunch of mount commands.

It was a bit difficult to find all the right information to make this happen. Some of the references I used:

Read comments (1) - Post a comment

Valkyria Chronicles

2009-12-15 19:31 - Gaming

I've just finished a very interesting game called Valkyria Chronicles. It has a bit of role playing, a bit of strategy, with a mix of real time and turn based strategy. Some of the gameplay was actually quite annoying — to "win" each battle with a good rating, the only goal was speed. Conquering some enemies brought an extra bonus, but one that completely paled next to the level completion bonus. As a result, sometimes the only "right" thing to do was to run your character straight into an incoming tank's fire: it's the only way to get to the end fast enough. And it had plenty of points where the only good strategy involved a lot of saving and reloading.

That said, it was a really beautiful game in general, and especially in the (numerous) cutscenes, which looked a bit like a water-colored cartoon strip. The shot above is from one of those cutscenes. The cartoon theme continued through the live action bits, with big batman-style "Bakoom" text flowing over explosions, and "Vroom"s over moving tanks. The story, also, was head-and-shoulders the best I've ever seen in a video game (competing only perhaps with Metal Gear Solid 4 for that spot). I'm quite sure I actually saw a DVD movie of the game on eBay.

Read comments (0) - Post a comment

Rands In Repose: Gaming the System

2009-12-14 17:14 - Links

As with all mental excursions with geeks, there's a well-defined process by which we consume a game, and it goes like this:
  • Discovery
  • Optimization, Repetition, and Win
  • Achievement

The snippet I quoted is awesome in its simplicity and sageness. The rest of the article goes into amazing detail, most of which I agree with wholeheartedly. A very good read. via

Read comments (0) - Post a comment

Music Video: The TV Show

2009-12-07 14:12 - Links

I'm not sure if it's Chinese or Japanese, but I'm sure of one thing: it's awesome! The TV Show is an amazingly intense animated music video. The music is great, with no words (just as I like it). But the video manages to tell an amazing story along the entire way. I actually like it enough, I'm gonna go and embed it, which I normally hate:

Read comments (0) - Post a comment

Archive >>