Skip to content

I HATE JAVA

I haven’t really added a post to this blog in, what nearly 3 years. The web is rammed with “bloggers” who think they are important and have something to say. I’m fairly certain I am neither important nor have anything of value to say most of the time. So file this post under the  “Rant and need to offload” category.

I’ve been working in 3rd Line / Dev / Application Support position for the past couple of years. Mostly I LOVE it, I’m naturally love a challenge, enjoy investigating, problem solving and helping others. Coupled with a great company and colleagues that are the best I’ve ever worked with, i really couldn’t ask for a whole lot more. Well, with one exception really I really really hate JAVA.

Our applications are massively complex, I mean massively complex, built up organically over the past decade and half. They have all been coded in Java, with Spring and Hibernate and to be fair, they are mostly pretty damn stable. They have never completely crashed in my time there. Due to their necessary complexity though, they are riddled with bugs. In part because we have 100s and 100s of JAVA classes, edge cases and the inevitable patching that introduces regression bugs or creates bugs in other parts of the interconnected system.

It’s my job, in part, to look through the code and (if I can) determine what it’s doing and if it’s doing it incorrectly.

I’m not a coder any more. Once, a long time ago I was a web programmer, but I was never very comfortable as a programmer nor any good. So my coding now is restricted to PL/SQL and Bash shell scripting.

I’ve never been a massive fan of the whole pure Object Oriented paradigm though. The purists evangelising how OO is the ONLY way to code and how anything else is just a bag of wanky shite. To me, OO coding has its place, but so does functional programming, procedural programming and all the other paradigms.

As our platform is all pure JAVA I’ve noticed not only how spectacularly verbose it all is but how unbelievable complex it is to read, understand and debug when working with enterprise level applications.

Typically, I find myself opening up a Java class, and then having to open, literally a dozen or so other classes so that I can understand what is going. Trying to keep all those classes in my head and understanding them all is so difficult. It’s not that I can’t read the java, the syntax is fine. it’s trying to keep it all in my head at the same time I find hard.

To help us improve my team has been on a JAVA training course for the past few days. Whilst I sit in the class I can understand what we’re donig and it is helping, but as we go through different elements I find the same little voice in my head getting louder and louder all the time.

This is soooooo very long-winded and verbose

Compared to Python, PHP, Javascript, Ruby, Smalltalk, C# of VB, Coding anything in JAVA just seems not just like a lot of typing, but a lot of mental acrobatics. Sure the IDEs like Eclipse and IntelliJ reduce that down somewhat, but only because they can automatically add all the cruft that Java seems to need. Even with the IDE adding a lot in for you, it’s still all seems like a very roundabout way of getting things done and maintaining and this is further complicated when you add MVC type frameworks in there too.

Today, for example we started with MVC and then GUI building with Swing. We literally spent all afternoon building a single window with a single label and single text box. All I could think of was how much easier it would have been if we’d been doing this in C# or Mono, VB, Lazarus, Delphi, HTML/Node, QML, QT or Python (with or without Pyside/PyQT)

Had we been using Netbeans we probably could have used their designer, but we were using eclipse (which I personally rather like as an IDE)

I’ve been looking at programming languages and code for decades now and the more I see and use JAVA the more i absolutely detest it. Whenever I have to do some code analysis my head and heart sink. they used to say that Basic led programmers to write spaghettii code, but nothing is more spaghetti like than having to juggle a dozen classes and even more methods in your head.

 

 

 

Installing Google Music Manager in Linux

I really like Google Music’s Service, the ability to upload virtually all of my music collection to the cloud for free is great and Google’s music interface is actually superb, making it really easily to spot artwork or tags that need changing or replacing. My music collection is quite well organised, with artwork and lyrics added to most files and I’m quite particularly about my tagging too. I thought it was almost 100%, but after uploading to Google Music I found that was far from an accurate assessment.
However, Despite what Google want to you think, their Linux support is a bit of an afterthought as none of the downloads for Linux work out of the box anymore. For a Start there are ONLY RPM/DEB downloads, which is fine for most people and what most linux users want, but how hard could it be to include a zip file and bash script installer? 
Neither the .deb or .rpm files work in their intended Distros, and they haven’t been working for a long long time. Fedora 17 was the last distro where the RPM worked for me, Suse, Rosa, Mageia, and Fedora 18 onwards are all unable to install either 32 or 64bit RPM. From the Ubuntu forums the same has been true since Ubuntu 12.04 and personally it fails to install on all and every debiand based distro I’ve tried.
I have tried to tell Google about it and file it as a bug/request about a year ago but it’s been ignored.
However, there is a workaround and a way to run Google’s Music Manager in probably almost any linux distro. So that once installed you can finally upload and download your music to and from Google Music.
The Workaround is not install via your package manager but to install the application manually. Here’s how:
Point your browser at:   https://play.google.com/music/listen#/now and log in to your existing Google Music Account (or create a new account if you haven’t already got one)
When you’re logged in, Click on the orange “Upload your Music” button. This takes you to the Music Manager download page. 
Click on the Download Music Manager Button
Google autodetects your operating system and presents you with the Linux versions to choice from. 
Pick the download file that best suits your system and processor architecture.
 If you don’t have either a Debian or RPM based distribution, like Arch, Puppy etc, I’d recommend downloading the RPM.. 
Although the principle is the same of the .deb version, I’m using ROSA Linux which is RPM based, RPM files are more or less just compressed archives. Open up your file manager and navigate to where you downloaded your RPM file. In KDE, you right click on the RPM file and select 

Extract Archive Here, Autodetect Subfolder

This will run Ark and extract the contents of the RPM to the same folder, in doing so it will create three subfolders

etc,  opt  &  usr

Open up your file manager as Root this time and merge the contents of these three new files into your filesystem.
IF you’re using Dolphin you can split your file manager F3
When you drag the contents over you can select “Write Into” as the copy option.
Merge  etc, opt and usr to /etc/ /opt and /usr

To run Music Manager you’ll find it in 

/opt/google/musicmanager/google-musicmanager

You can optionally add Music Manager to you menu by editing it manually using your menu editor and, if you’re running KDE easily run it by using KRunner (Alt+F2) and typing “google-musicmanager” (without quotes)
I’ve tested this approach in Rosa Linux 32 and 64bit, Mageia 3 and Fedora 19 and it works in all of them.

Gnome Gnome Gnome

I’ve been having a good run lately, hadn’t managed to break any of my installations in a few months. Well, that was until last week and I swear I hadn’t been tinkering. One of my laptops running my favourite Rosa Linux updated as normal, then crapped out trying to log into the desktop.

Some strange error about not being able to “login to  home with /”

I think it was a systemd or KDM error, and I’m sure it was just a line in some config file somewhere, but I just couldn’t track it down at all. So once again I found myself having to reinstall. Rosa Linux is a KDE distro, based on Mandriva and mighty fine it is too. nice to look at, nice to run, has some little extras you don’t find in other distributions and overall, I really really like it.

Recently though, they released a Gnome version instead of KDE. So it felt like a good time to revisit my second most disliked Desktop Environment.  I have had serious misgivings about Gnome 3 since I saw a video highlighting all the great features, the first of which being. “whatever application you want to run, just type in the first few letters …” and immediately my heart sank. Whilst that is exactly how I, personally run applications, maybe you too. Average Joe does not.  From an HCI point of view it’s awful as it demands you take your hand off the mouse and use the keyboard . I can touch type, lots of people cannot and using the keyboard throws up all sorts of other issues (what if you’re using a keyboard from another language for instance) Average Joe, doesn’t know the name of an application, Average Joe barely knows what an application is. Average joe has the thing for his email, Word for writing documents and “The Internet” and couldn’t give a rat’s ass what they’re called.  but mostly, that is quite a silly way to make people launch apps as often the names of applications don’t hint at their function (tooltips on the other hand can give clues)

My last try with Gnome 3 and Gnome shell left me pulling my hair out, it was the slowest, most painful experience imagineable. But, things change and it’s only fair to revisit them.

Rosa Gnome installs very well by the way, I had problems with earlier installs of Rosa, not this time. Smooth and sleek.

Image
The Default Desktop


Gnome 3

Well, on the positive side, it’s certainly improved an awful lot from my last use, it’s much more responsive, although still much much slower than any other desktop.

It looks lovely. The Font rendering in gnome is really lovely, nicer than KDE, nicer than anything else anywhere I think. it really does make fonts beautiful.

Image
Font Rendering looks lovely

When up and running Gnome shell didn’t max my CPU which surprised me, in fact, it’s actually quite low in terms of CPU usage I think. KDE does have a tendency to max my cpu at various times, (especially any time the god awful akonadi does anything at all – seriously, why is that still even used, it’s awful) Gnome 3, doesn’t cause my fan to whizz away, and my laptop stays reasonably cool. A very pleasant surprise.

What it saves in terms of CPU and therefore heat it makes up for in RAM usage. I’d approximate that KDE running uses between 500-900Kb of Ram on any of my machines. sometimes that goes up, naturally, but I’d say it averages around 600-700Kb most of the time. Like for Like, Gnome Shell casually sits around the 1.3-1.5Gb of Ram range. That seems an awful lot to me, especially as my laptop only has 1.7Gb in total. Maybe it managed memory differently, or better, I couldn’t say, but it did mean that running ram hungry apps like Chrome or LibraOffice caused Gnome to slow down noticeably.

However, it’s certainly a vast improvement over earlier versions.

But.. it’s still shockingly clumsy to use. Everything you would normally do in any other desktop environment, KDE, XFCE, Gnome2, Windows, etc takes either several more mouse clicks or much much mouse travelling to achive in Gnome shell.

For Example:

You have two applications running, Gnome hides the background application, that seems a good idea, except when you want to get the background application to the fore, the method is clunky and clumsy. Click on “applications” to show the desktop grid, then click on the window of the other application.  That is slow at best, but if you ramp that up to having dozens of applications running, you then find yourself scouring the screen looking for the tiny window that looks like the application you want. The reason other desktops have a task bar or dock is to make application switching as quick and simple as possible. Click the icon in the taskbar and it brings that window to the front. Simple, easy, one click and what we’re all used to doing.

If you want to run two applicationis windows side by side.. I found that to be hellishly fiddly to set up, much more complex than it need be, or is with anything other desktop.

The system tray/notification area:

[I would put a screenshot in here, but I can’t even get Shutter to take a screenshot of the system tray#

That’s hidden away underneath the windows at the bottom of the screen, there is no clue to how to access it, and it doesn’t show some notifications that I think it should. My package manager changes the icon in the notification area to signify updates are available. But Gnome chooses to it all so I can’t see the icon change. It was only by sheer accident that I even found out the notification was there in first place. I missed two alarms from my calendar because they didn’t appear on screen, I just saw an icon in the notification area sometime later.

What’s running

Other desktops use the taskbar or the dock to represent the applications you have running. Gnome, once again hides these and gives no clue how to find them.

The Lock Screen:

it’s lovely to look at least it is in Rosa 2012. The lock screen is the default Rosa wallpaper with a nicely rendered clock in the center of the screen. Looks terrific. But there is absolutely no clue whatsoever as to how to unlock the screen. It took me quite a while to work it out, partly due to the fact that there is a lag between pressing the Enter key and the unlock screen being displayed. (the unlock screen is lovely to look at as well). I can certainly see Average Joe user having no clue whatsoever and being so confused they just turn the computer off and back on again to resolve the problem.

The Unity Style Dock

ImageCopying Unity is foolish enough in my opinion, Unity is awful. But the Dock thing in Gnome 3 I can’t work out at all, It’s hidden by default only appearing when you click on the Applications menu, But it neither acts as a proper dock, nor as a menu, it just seems to show favourite applications. It seems pointless and not very well thought out.

No Scrollbar Buttons

This is theme specific I think, but it drove me insane, there are no up and down arrows at each end of the scrollbars in Gnome 3. I’ve noticed this trend also with a few themes popping up for KDE lately as well. Whilst it might look nice, when you’re only navigating via a touchpad it’s the most frustrating thing ever, because invariable you can’t get smooth tiny movements with the touchpad and I continually found that things scrolled off screen without me being able to see or use them. The scrollbar buttons provide a nice easy way to scroll by the smallest amount. If you have a mouse with a wheel this isn’t an issue at all, but using a touchpad on a laptop it is often deeply frustrating – I couldn’t find any way to alter any of the themes to reinstate them either. it might seem utterly trivial, but it’s almost the biggest reason for me to not use Gnome, because I use my touchpad all time, even when i have the mouse connected.

No Start Menus.

Without a proper, old fashoioned menu, finding applications is a slow and tedious process. Click on Applications, then either look through all applications for the one you want, or else, search in the categories. Again it’s more mouse travelling, more guessing and much more time consuming. Sure, with a menu, you might not know what category your application is in, but it’s just a few pixel movements of the mouse to find out. With Gnome it’s a whole screen you have to traverse.

You can retro fit a couple of menus that work quite well, but they shouldn’t have to be retrofitted

Lack of Configurability

I found the Tweak tool for Gnome, but it still lacks reconfigurability  For Example. I can’t remove the Accessibility menu option on the title bar. I have to download a 3rd party extension just to do that. I can’t add shortcuts to the title menu, I can’t seem to change very much about the title menu it seems.

There was also no clue or hint how I might get new themes or how they might be installed. OK I’m a bit spoiled I suppose having KDE’s built in access to KDE-Look and the ease with which you can download install or remove many theme elements, But there was just no clue where I might get themes or how to install them, which was a shame, not a big problem at all, just a shame.

Some of these issues can be solved by downloading extensions, but having to download 3rd party addons to fix so many failings in the UI just highlights that however far Gnome Shell might have come since my last using it, it’s still a flawed methodology and poor user interface design.

That is quite sad, because one of the things I remember admiring about Gnome 2 was their  strict and some might say, overly fussy Gnome HCI guidelines. I can remember reading various discussions about how rigidi and anal some of their guidelines seemed, taking things down to quite an extreme level. Yet I think that was a very good thing to bring consistency, polish, professionalism and ultimately led to a very good, very useful, desktop environment.

Switching from Gnome 3 to Mate (Gnome 2) for example, is pleasure. Gnome 2 is fast, sensible and easy to navigate around, everything you need is on screen and it’s not cluttered at all.  Gnome 3 fails to simplify the desktop environment, fails to give user feedback or clues about how to use the desktop, and fails for speed and usability.

Image
Switch Applications: umm. which one was the window I wanted?

EndNote

By adding, what seems like a thousand extensions,  you can get a much more intuitive and usable user experience.
I’ve managed to add a taskbar to show what’s running, Places menu, remove my name, remove Accessibility menu opton, and added a nice menu that makes finding and starting applications significantly faster.

I Tried for a week with Gnome, I’m trying again right now as I right this, So it’s not just a quick, ten minute “oh it’s different therefore it’s awful” kind of review. I took my time, I learned about the way it works (i think). I tweaked and configured it as much as I could.

But after a week I installed KDE and switched over, and it was an absolute pleasure to do so. Yes, I’m familiar with KDE now, so that did help a little, and certainly although i love KDE it’s far from perfect by any means. But there was so much that frustrated me in Gnome that just isn’t there in KDE, nor in XFCE, or LXDE, or OpenBox or Enlightenment 17,  Gnome stands along side Ubuntu’s Unity, as a usability disaster, slow, less productive, less intuitive, less configurable, less friendly and in my opinion altogether just less of a user experience and method of interaction with the computer than any other desktop. Yes, it is lovely to look at, really lovely, but such hard work to use. Mate, Cinnamon, XFCE, LXDE, KDE, E17  all have their differences and different way of working, yet they all follow a standard “grammar” that we have all learned and they’re although not as pretty are all much much usable than Gnome Shell

A Bit more usable?

A Bit more usable?

Thank You Mr Hacker 謝謝你中國黑客

The Original idea for this blog was to write about the tweaking and fiddling I did in Windows  (and to a lesser extent Linux). With the advent of my persistent Chinese Hacker that kind of fell by the way side as I spent most of my free time scouring logs and / or wiping my computer and reinstalling my OS. 

A year ago I would have said I was mostly a Windows user, maybe even a Windows Expert (in terms of skills and ability with the operating system). However, it became clear that Windows security wasn’t really as strong as I’d have liked. In fact with my discovery of just how easily Windows Management Instrumentation bypasses every security settings and gives you access to pretty much anything inside the OS, I decided to ditch Windows and go 100% Linux.  

I had to learn quickly when I made the change and it was very much a baptismal of fire, going from a Linux “user” of moderate ability. To get down and dirty with the nitty gritty of conf file and the terminal.

 

The last year has certainly been a bit of a roller coaster but ultimately I’ve learned so much along the way. Learned about hacking, penetration testing, and hardening of Windows and Linux. I’ve discovered a huge amount about computer forensics on both platforms, what to look for, what to filter out, and where to look to uncover what might have been deleted.

I’ve learned that Linux for all the claims out there isn’t nearly as secure as many linux user would like to believe and also realised that the way Linux tries to protect unauthorised access is just stupid. The whole “Sudo” password thing is just utterly stupid for most home users. As I found out, any hacker with a scrap of ability bypasses all that user nonsense and gets straight into root access anyway . Most importantly, SSH might be secure when you’re connected by easily hacked with the right dodgy certificate. 

However, here I am, a year down the line. 100% linux, not a windows machine in sight. It’s been enjoyable, fun, geeky, frustrating beyond belief at times and also incredibly satisfying. 

I’ve finally been able to give something back to the Linux community as well. OK  it’s hardly the most amazing contribution, merely the odd bit of KDE customization http://kde-look.org/usermanager/search.php?username=netean but I doubt I would have done that had i still been mostly a windows user. 

i wouldn’t go so far as to say I’m now a Linux expert, far from it, I’ve still got a lot to learn. But having installed somewhere in the region of maybe 30 Linux distributions or versions I think I’m fairly comfortable describing myself as a dedicated Linux user now and perhaps you can forgive me if I happen to use the word Expert on my CV because that’s the other thing. Since my job ended last month I’ve been intensively looking and feel confident enough to look at those “Linux expert” roles, read the job description and think.. “yeah I can do that”. Which wouldn’t have been the case last year.

So as frustrating and annoying and miserable it was having my little Chinese hacker visiting every day with impunity. He, she or they have really done me a favour.  Forcing me to Linux full time and forcing me to learn so much more about the deeper workings of windows, Linux and networking. 

So.. especially now that I’ve gotten rid of you at last:

You’re a fucktard, a pain and don’t come back,

but

Thanks for what you made me learn and do.

 

now if I can just get myself a new job using what I’ve learnt…..

Hacking update

Well, thank you for asking if there were any developments and well, Yes, there sort of is more news on the hacking front.. ish. But it’s more a case of: No news is good news –

I have three DVB TV Adapters at the moment:L

  • Avermedia Volar HD Pro
  • Pico TV
  • Kworld 499-UT AKA The Backdoor Bandit

With the Avermedia or the Pico installed I can work and play like a happy chappie. (well as much as you can with Linux and DVB television) No spurious file additions or file attributes changed, no file last modified dates that preceded the file creation date Nothing, not a peep.

I can even run a windows box without incident, not the slightest hint of penetration -all of this as I’d expect for a “normal” PC user, on a dynamic ip address and behind 3 different firewalls with all machines inside the last firewall set to ignore pings.

Now.. whether in Windows or Linux, plug in the Kworld adapter, install the drivers and wait. Within a day or soI start to see “strange” activity. The windows box being the worst: Terminal services is reactivated, Windows Explorer replaced, Windows updates spontaneously restart again (when they were most definitely off) and off we go with dodgy file attributes and file accessing and modification in the early hours of the morning ( 2am-5am GMT).

I’ve not left it long enough because seemingly once whoever it is has access inside my firewall, they seem to be have free access everywhere and an ability to log on to any and all of my other PCs. Although Linux provides a much more comprehensive logging system it’s also much harder to spot another user using your computer, because it’s designed to be that way.

I’ve tested this on three different occasions now since I first discovered the adapter as the source. Every single time it’s the same. The only thing I’ve not been able to track down is what the TV adapter is broadcasting or where its broadcasting it to. None of the outgoing logs I’ve spotted look strange or odd,

But since my last “test” I’ve not had a single thing to suspect the hacker is still visiting.

Trying to convince anyone that this was real.. well that’s altogether been another matter. I get looks ranging from “you’re delusional”, to “you’re an idiot”. But I spent most of my spare time in 2012 scouring logs and file attributes, monitoring alternate streams, packet sniffing and undeleting files to know that this was most certainly real.

“Why” is the normal question and one I’ve asked myself many times over the last year. I’m not a bank, nor a file repository, nor a porn collector, or warez dealer, just a regular user.
“why would anyone go to all that trouble of hacking your computer just to watch tv” which was the next most common question. Well if you have a back-door to a system anywhere then it’s no effort at all to hack, and why just watch tv.. well sadly it wasn’t just TV but that was the most common thing. In part, because its’ a TV adapter..!duh! and well, there’s lot of people who wouldn’t mind free access to British tv. Lets also not forget that all governments listen to broadcasts by other countries. Here in the UK we have a whole massive government building that solely “listens” (GCHQ).

Of course, if you manufacture hardware and it has a back-door. (as a previous Kworld TV adapter had by the way!) . Imagine selling, I don’t know, say 10,000 units, that gives you a fairly good distributed network to make use of. whether it streams tv or just gives you a backdoor to transmit or receive data that’s a lot of potential computer nodes to get access to.

Not forgetting of course that things like hardware are often freely allowed to go out to through firewalls by default. Virtually all firewalls are permissive by default for outgoing traffic, so what a great way to bypass security firewalls and NAT routers.

It was just by chance that I found this hacking in the first place, I imagine that most users would never ever know, so they have some extra C++ runtime installed, would they notice it was a Chinese c++ runtime.. probably not. Would they also notice that the version of Windows Explorer wasn’t the most current? of course not, Would they even notice that their Tv Adapter didn’t let them watch that other channel when it was recording, yes they’d notice, but like most of us you’d put it down to a glitch or just an annoyance. I know that the times I tried to use the tv adapter and it responded with “all tuners are in use”. I just thought it had crashed, so would unplug the tv adapter and plug it back it in, that fixed the problem, so I thought nothing more of it.. But now… now I wonder if it really was “in use” by someone else.

All I can say now is that it doesn’t happen now. Linux only tells me that the adapters are busy when they genuinely are.

Of course trying to convince anyone that this is happening is quite another matter. The typical response is “why you?” and to that I’ve no answer. I have nothing at all of value, except a back-door onto my home network. “Why would anyone go to all that trouble just to watch TV?” which is the second question.

Well it’s not just to watch TV, my email was being read, at one point a web server was installed then removed and most annoyingly is the cloning and repartitioning of my hard drive. The more I think of it though, the more I wonder… if someone is skilled enough to put a back-door into their hardware or driver and you sell, i dunno even 1000 units, that’s a nice little distributed network right there. But maybe they were just using my computer because they could, because it had a back-door they could access.

This wouldn’t be the first time KWorld TV adapters had a back-door either. I found out that an earlier model was famous for it’s trojan back-door. person Although I seem to be either the only person who’s noticed this or the only person affected as I can’t find anything anywhere who has the same issue. All I can say with certainty it that when I plug it in I get a “visitor”, and for the last few months with this adapter tucked away in a drawer I see nothing strange at all.. and trust me, I have looked and looked.

Hello Again

Yes, I am still alive and still both fiddling and geeking.

It’s been a while since my last post, in part because of someone very
close to me died and it kind of threw everything out of kilter for a
while. In part, because I’ve been damn busy fiddling and install Linux.

For those who might care, I have had a problem with a real, living
and breathing hacker for the last eight months or more. Chinese in
origin (more specific than that I can’t say, but does seem to install
both traditional and simplified chinese locale stuff whenever possible).
in part he/she or they have been making use of my TV adapter cards to
watch, record and download tv. Highly highly skilled and I have to say
other than a few slips up, most people would never even they were
hacking. It was only when they started downgrading Windows Explorer and
compiling their own python code and then ultimately when they
repartitioned my hard drive did I finally realise what was going on.

After literally months and months of trying in vain to thwart their
attacks I’ve more or less given up now. Nothing I have tried has stopped
them. I’m already behind 3 firewalls and my ISP runs me on a non static
IP address. I’ve rebuilt Windows, and Linux so many many many times
these past few months, wasted 1000s of hours trawling through logs and
then tutorials on hardening and security.. It’s all for nothing really.

I discovered that Windows is just staggeringly insecure, Windows 7
default firewall settings are so lax that they might as well not bother
having one.

By default it’s set to:
Incoming connection of unknown origin -> Deny (as you’d expect and hope_
Outgoing allow (which isn’t that unreasonable at first glance)

Looking deeper and you quickly find that the default rules actually
allow incoming IPv4 and IPv6 traffic, DHCP, DNS and http from any
source. When windows asks you if you want to let this or that
application through your firewall, you naturally answer yes.. because
otherwise Firefox, Chrome, Opera, etc doesn’t work. In doing that you
create two incoming rules that say more or less “allow any TCP or UDP
traffic to come in)

Why didn’t Microsoft include some kind of configurability to their
firewall, so when apps request access they could tell the firewall:
“I’m an app, i’d like access going out on this/these IP/UDP ports
and incoming access via this/these” (and only those) Rather than the
blanket “allow access please” to anything and everything.

That aside, as I’ve discovered, with a good hacker you might as well
not bother wasting your time trying to configure your firewall, because
Windows allows anyone who get onto your router, or inside your network
the ability to turn your firewall off and on at will. In fact thanks to
the magic of Windows Remote Management and Windows Management
intrumentation any hacker can tell your computer to turn on or off any
system they please.

for months I would notice that my event logs would log the firewall
going off then a minute later coming back up, Windows profiles,
similarly going down then back up again. it looks totally normal until I
occasionally came across an error in the WMI scripts they were clearly
running. I didn’t notice what they were at first, just thought they were
errors from the OS. But it’s him, them working his very clever magic.

latterly I made sure all non essential services were off, disabled in
the services control panel. Yet was still finding in the event logs
listing for Terminal Services -errors about being unable to start, or
just more commonly about terminal services shutting down. Even though it
was disabled as a service.

i won’t go into details, but I’ve recently learnt how, in part at
least, this is done. it wasn’t a hacking tool I download, it was
actually one of the network tools I had installed on my sub stick as a
portable app that first showed me how simple it was. It scans my network
for computers, and then gives me a list of option, one of which lists
services that I can remotely stop and start. Hey ho wouldn’t you know
that despite being disabled I could turn on remote desktop RDP services
and then connect. With a bit more learning, I could even connect
conncurrently WITHOUT HACKING remote desktop to allow remote concurrent
connections. (the trick is to log into the the other computer and
masquerade as “network services”)

Windows Remote Management allows full and unrestricted access to the
windows shell. it’s naturally off by default but once you know how to
remotely start and stop services it takes 2 seconds to turn it on and
remotely log into another computers command prompt.

Windows Fucking Powershell…the amount of times i’ve come across
Windows Powershell getting invoked to run something was driving me
fucking mad. I know powershell runs a few backend jobs in Windows 7, but
if you can get access to it on another computer, and know how to use
powershell, you can do whatever the hell you want with the operating
system thereafter. I am very unskilled in Powershell myself but I have
seen the evidence.

The hard drive partitioning. You’d think that would be really obvious
to any user wouldn’t you? Now of course it is, it’s the first thing I
would look for every time I booted the machine, but at first I didn’t
really notice. when you’re the only user of the pc, you don’t stop to
see if you hard drive space has suddently dipped by 50gb, nor do you
routinedly check for the appearance of your system drive as .vhd file.
But windows gives you the facility to create a virtual hard drive on the
fly, even if you’re logged in . (see Sysinternals tools for more
details)

there was even one night (it’s nearly always after midnight GMT that
this happens – most of it after 3am GMT) I even managed to capture some
logs of my chinese hacker as he played solitaire on my fucking pc! I was
trying my best to detect his presence and had been monitoring the
alternate streams of files as well as the strings that were stored
within the memory of the operating system. Bear in mind here that
during this particular evening, the machine was doing nothing other than
scanning the network and monitoring the OS, the OS that should in
effect be dormant doing nothing. But up pops some alternate streams
showing Solitaire coming active, showing scoring, showing a game ending
and restarting… all whilst I’m sitting in front of it watching nothing
but the illusion of a default desktop.

I’ve got a cracking log from one evening’s wiresharking as well.
Showing regular traffic from about 10pm dying down at midnight as I got
ready to snoop on my visitor. Around 1am wireshark starts seeing lots of
ACK packets on the network (Acknowledgement packets). An average ACK
packet is tiny, it’s measured in bytes, but within a few minutes, these
ack packets get bigger, 5k, 10k, 50k, in size. Then connections start
appearing from my machine going out via dns, out via https. At the same
time, on my network one of my other computers appears. “Hello” i
thought.. glancing down at the laptop that was supposed to be online and
seeing that it was well and truly powered off (the battery had died and
I hadn’t plugged it back in). Being a machine on my own internal
network, a computer that my desktop knew and trusted, they started
talking to each other – just as they would in any network and of course.
Inside your firewall, the computers in your local network are generally
speaking “trusted”.

Linux.. well 8 months of intense and enforced learning, I’ve realised
that it can be more secure, but is still open to attack. Just last week
I was reading about two new vulnerabilities that had been discovered
with a couple of files. Red Hat warning to be aware that there was
currently no patch for one of them and to make sure that the file was
either locked to all users or removed from it’s default location.
Further detailing how to see if the file might have been used to
compromise a system. 20 seconds of Konsole action later I discover that
this file is on my system, furthermore this file is newer than all the
rest in the same folder, has different permissions than all the rest –
and unlike the rest of 100s fellow files in that folder, was created and
last accessed just a day before hand.

All my linux machines are somewhat hardened. none of them run ssh
(the fascade of security for SSH is just a joke – my chinese hacker can
somehow present a certificate to ssh that allows him to log in without
so much as twitch by the operating system)

The only thing that Linux does do is make things harder for him.
harder because Linux networking is just terrible. I now have 5 computers
in my house running Linux, all connected to the itnernet through my
proxy which in turn connects to my router. All of them online in the
same workgroup and not one of them can see each other on the network.
They could all see my windows machines when they were there, but not
each other – No matter what i have tried in linux they just don’t want
to talk to each other at all (I’ve even turned off the firewalls just in
case they were blocking things) – All the samba settings were the same,
NFS settings match on all machines, but nothing.
The other benefit to stopping him.. Windows records TV, and there are a
plethora of quality PVR based solutions for recording broadcast
television. Linux.. linux has three options as far as I can see and not a
single one of those options works with any of my recording cards
(despite them all allegedly being supported )
Believe me when i tell you that I have tried and tried and tried and
tried. FReevo, Myth, VDR, XBMC PVR, myuthbuntu, xbmcbuntu, FDR, Linhec,
Openelec.. you name it, i’ve tried it and not a sodding thing works.

however, this has led me to question one important thing. The ONLY
thing that is always installed when I reinstall Windows are the drivers
for my tv adapter. The thing my chinese hacker is interested in stealing
is.. television recorded from my tv adapters.. My TV adapters are ….
you guessed it.. Chinese. and they are always connected to my windows
machines inside my network, inside my 3 firewalls. Other than my ATI
graphics card drivers and my wifi drivers, the ONLY thing that is
consistently installed each time. Even windows itself has varied from
OEM recovery partitions 32bit, to a MSDN 64bit home edition, to a
torrented 32bit ultimate edition to a legitamate 64bit retail DVD. I’ve
tried installing no software other than doing windows updates,
installing shed loads of software and it makes no difference.

This hacker can find me wherever I am in the IP address “soup”, can
seemingly appear through my two firewalls, masquerade on my network if
he wishes and remotely access any of my windows machines with impunity –
regardless of windows firewalls, third party firewalls. They never
appar on malware or antivirus because they never install their own
binaries – (although they have installed some I saw that they had
compiled various binaries from source (python and c++).

When you’ve eliminated all the possibilites, the one that remains is
likely to be true.. and all that remains is this one notion that I have
nothing of value worth stealing on my systems, nothing at all. They come
to record and steal television, they’re Chinese and my TV adapters use
Chinese manufactureed hardware and chinese made windows drivers. Could
it really be that these drivers or the firmware itself contains some
kind of back door?

The tv cards I have are `__.

I would be VERY VERY interested to hear from anyone who might also
have either of these cards and be suffering from little chinese
visitors?

 

Addendum. Whilst looking on my router stats last night I noticed this little anomoly:

My router is set to restrict access not by password and by Mac address – This PC managed to bypass both and join my internal network. Looking at the MAC address that it belongs to (assuming it’s not spoofed) it was made in Taiwan. Oddly, the same city as my Kworld TV adapter. (OK everything is made in China, either this China: The “democracy” or the big communist one., but still, seems a strange coincidence don’t you think. Of all the cities in either China it could have come from it was made just down the road (literally according to Google maps) from the Kworld dual TV adapter I own!)

 

if anyone has any suggestions to stop him/her/they just waltzing past 3 firewalls and bypassing my mac authentication and only recently changed wifi password, Please, tell me and as I know you read my emails, and other blog posts:    You, my hacker… can you just stop please it’s really really getting me down and ruining my evenings and enjoyment of technology.

 

Please just stop and leave me alone:

請只留下我獨自一人

请只留下我独自一人

 

(google translate)

Not my pc,not my naming convention and doesn’t shouldn’t have access to my network!

The Natasha Method

The Natasha Method

I can’t find anything exacly the same as this password strategy anywhere, so I’m assuming it is unique or an adaptation of another system.

 It was written by a very 20 year old dear friend Natasha Brown, who sadly is no longer alive to lament my own weak passwording system. This is her very good password strategy and published postumously in her memory.

This is the password system I’ve been using for the last 2 years. I’m always surprised by the awful

passwords I see: my neighbours WiFi used to be 123456789, and my dads work email password spent some time as saab (The

car he used to drive) This system is based around codes, and I’ve found it so simple to have good passwords with it.

 

There are 3 cyphers… they are:

 

Weak

Low secure easy cyphers, used for

Facebook

Forum Accounts

Alternate email accounts

Wifi Router

 

Medium

Good cyphers for more important things, such as:

Main Email

University systems

Flickr

Private forum accounts

Computer logon passwords

Bios Passwords

 

Strong

The best cyphers, used for the most secure tasks

Online Banking

Student Finance

Drive Encryption

 

The cyphers are applied as follows…

 

Weak:

Keyboard Co-ordinates, with the first and last characters as caps, and using 3117 speak used when possible…If the password is shorter than 10 characters, then the uncyphered word is typed backwards until 10 is reached

For example

 

theescapist becomes T5h33335cap0185t%

facebook becomes Fac33b09cK

 

Medium

Pressing the buttons either side of the key (Left first, then right) followed by the followed by the co-ordinate of the

original character. First and last characters are always pressed with the “shift” button depressed.

If the password is shorter than 10 characters, then every other letter from the uncyphered word is typed backwards

until 10 is reached

For Example:

 

JoeBloggs becomes Hk9-24VNk;9-fhfh4^

NatashaBrown becomes Bm35ry3546gj1dVn9-qebM

Flickr becomes Dgk;uo8xvjlet$

Hotmail becomes Gj9-ryn,35k:

 

Strong

Similar to medium except that the direction keystroke direction is reversed going right to Left.

1337 speak is used when ever it can be, as are keyboard coordinates (1337 is typed first if both are available), however the co-ordinate of the original character is not depressed after the side

keys. The first and last characters are always typed with “shift” pressed, and in the event that the password is shorter

than 15 characters, then the word is typed again, this time using the weak cypher, until 15 is reached.

For Example:

 

Abbey becomes 5VNVNW2R4T5U7Abb33y6

Bitlocker becomes: Vnu709r4y6k;18p0xvjlw2r433t5

 

 

As you can see this system enables you to only need to remember simple keywords (And these could be written down, or kept in

a file) and 3 cyphers (Don’t write these down) you get long passwords with a good mix of upper and lower case, symbols, and

numbers. By using a 3 tier system you have protection in the event that someone is smart enough to figure out one of your

codes, and you don’t have overly strong passwords for pointless stuff.

 

I hope this can help some people, as I know making good passwords can be a tricky thing (Constant balancing between security and memory!) and I’ve found this system to be really useful. Also, if it’s rubbish and there’s some glaring flaw that I’ve missed, please tell me so that I can stop using it and come up with a better way!

 

Finally, don’t try to get in to my accounts with any of this! The codes I put up here are very different to the ones I am using, and my keywords are a bit more obscure than the ones here!