06 September 2017

Intel ME Security Issue and how to fix it

Intel ME is a coprocessor integrated in all post-2006 Intel boards, for which this Libreboot page has an excellent description. The main component of Intel ME is Intel AMT, and I suggest you to read this Wikipedia page for more information about it. In short, Intel ME is an irremovable environment with an obscure signed proprietary firmware, with full network and memory access, which poses a serious security threat. Even when disabled from the BIOS settings, Intel ME is active: the only way to be sure it is disabled is to remove its firmware from the flash chip.
Before Nehalem (ME version 6, 2008/2009) the ME firmware could be removed completely from the flash chip by setting a couple of bits inside the flash descriptor, without the need to reverse-engineer the ME firmware.
Starting from Nehalem the Intel ME firmware can't be removed anymore: without a valid firmware the PC shuts off forcefully after 30 minutes. This project is an attempt to remove as much code as possible from such firmware without falling into the 30 minutes recovery mode.
me_cleaner currently works on most architectures, see me_cleaner status (or its discussion) for more info about them. me_cleaner works also on the TXE and SPS firmware.
If you want to understand how me_cleaner works, you can read the "How does it work?" page.
If you want to apply me_cleaner on your platform I suggest you to read the "How does it work?" page and then follow the guide "How to apply me_cleaner".
For pre-Skylake firmware (ME version < 11) this tool removes almost everything, leaving only the two fundamental modules needed for the correct boot, ROMP and BUP. The code size is reduced from 1.5 MB (non-AMT firmware) or 5 MB (AMT firmware) to ~90 kB of compressed code.
Starting from Skylake (ME version >= 11) the ME subsystem and the firmware structure have changed, requiring substantial changes in me_cleaner. The fundamental modules required for the correct boot are now four (rbe, kernel, syslib and bup) and the minimum code size is ~300 kB of compressed code (from the 2 MB of the non-AMT firmware and the 7 MB of the AMT one).
This project is based on the work of the community; in particular I thank Igor Skochinsky, for the core information about Intel ME and its firmware structure, and Federico Amedeo Izzo, for its help during the study of Intel ME.

Source, author and tools: Github

02 September 2017

How to stop Microsoft messing up your privacy in Windows 7.

     As I stated here for Windows 10, this one is for windows 7.
     I did a lot of research and I don't remember all the sources (sorry, let me know in comments if you have some so I can put here).
     There's a shitload of KBs, so I'll not link every single one, you can research yourself right? RIGHT?. I've checked every single KB and none of them have a direct impact to windows functionality (actually, it's just a bunch of hideous reporting mess).
     Heres a script to make your life easier. You can run safely after doing a full update (reboot after running the script).


06 June 2017

Pidgin icon issue

     If you use pidgin, you'll notice that pidgin have issues in most window managers (gnome, cinnamon, <put something more here>). I see this issue a lot of times in pidgin's issue tracker but i don't know exactly who did it wrong, but since I'm able to fix it easily....
     After searching for a while, I find this (quite old and still an issue). So the problem is the hicolor icon theme... ffs. Let's fix this (atm, it's quite different to fix it, but it works):

1) Go to this folder: /usr/share/pixmaps/pidgin/tray/hicolor
2) Make a backup or just rename your 16x16 to something else (16x16.old will do it)
3) Link or copy your 22x22 to a new 16x16 folder
4) Restart your WM

     It's quite an odd fix, but it works (until someone fix it properly and I have OCD with the problematic icon).

08 February 2017

TL-WN725N: "link is not ready, ERROR indicate disassoc" issues and how to fix it

     I was trying to configure a notebook with a R8188EU adapter and I see an interesting issue. In some random scenarios, this adapter just doesn't work and gives errors in dmesg like this:

[ 1063.859661] IPv6: ADDRCONF(NETDEV_UP): wlp0s26u1u3: link is not ready
[ 1063.907145] R8188EU: ERROR indicate disassoc
[ 1064.008095] IPv6: ADDRCONF(NETDEV_UP): wlp0s26u1u3: link is not ready
[ 1065.279303] R8188EU: ERROR indicate disassoc
[ 1065.380294] IPv6: ADDRCONF(NETDEV_UP): wlp0s26u1u3: link is not ready
[ 1065.430806] R8188EU: ERROR indicate disassoc

     You can connect if you try to connect a "hidden network" and actually put your non-hidden ssid there and password, if you don't care to do this every time you boot the system, of course. To fix this issue, edit your /etc/NetworkManager/NetworkManager.conf and add this:

[device]
wifi.scan-rand-mac-address=no

12 December 2016

The stupid chit-chat around and how to fix it (for people that prefer reality than some herp-derp)


     Yeah, it seems this just landed on linux world.....    
     At first, only people in MacOS and Windows have some sort of mental illness about "NO, YOU DON'T NEED TO DO ANYTHING, THE ENTIRE OS IS JUST OPTIMIZED FOR YOUR NEEDS, IT WORKS IN THIS WAY". Now this starting to land on linux, so let's get started.

1. It's useless to compile, it's a waste of cpu cycles.

     I see someone in #archlinux saying that. Uh.. your cpu have limited cpu cycles? Can you count that? So you're economizing cpu cycles for the future? Do you know how stupid this sounds? 
     It's starting to be more and more common jerks saying that, so ignore completely. Someone that says this doesn't really have the solution for what you're searching for.

2. You can't optimize compiling, only coding.

     This one was said by an OP in #ubuntu-br. Fancy uh? When you see an OP in freenode, you usually expect people with the better knowledge there and capability to help, but it's seems isn't like that happens there. Well.. We know how freenode works, right? 
     Yes, you CAN optimize, no matter how you're trying to convince someone that this isn't possible, but you're wrong and you can cry all night long if you want. Of course there's issues: Optimization isn't magic, specially in OS level, it's a big set of stuff that MUST be done together to have visible optimizations, for example, if you just compile xorg, it'll not be faster or probably you'll not even notice. If you made an entire system with custom cflags for your processor, file systems optimized, elevators sets and everything else, the OS have a high chance to be faster than any other binary distribution.  
     If you're still verbiaging about that, do a favor to all of us: https://gcc.gnu.org/onlinedocs/  

3. IoT isn't interesting because I can emulate all my emulators better in my PC

     IoT devices aren't dedicated emulation stations. IoT devices doesn't the solely purpose to be an emulation console. IoT devices are lowpower machines capable to a lot of things, specially in some scenarios like weather stations using solar power. It's like saying that arduino only serves to robotics. IoT is a good lowpower machine, with GPIO and capable of lot of things that ALSO HAVE the option to turn into a dedicated emulation station, so stop saying this crap.

4. If you have a lot of RAM, you don't need swap.

     When your machine starting having issues, you'll cry right? Swap isn't "a place to be occupied when your RAM is full", swap was never have this solely function and probably will never be (it probably will use it IF you get your RAM really filled, but this is an emergency situation). Swap is used for a lot of different scenarios, and even your filesystem use it from time to time (specially in x86 machines). If you really want to do in the right way, you have to figure out this:

vm.swappiness = 20 # Increase or decrease the swap footprint, making less use of swap but still having his features. The best value for more than 16Gb of ram is 10, but it's better to test yourself what fits you better.
vm.dirty.ratio = xx # The maximum amount of system memory that can be filled with dirty pages before everything must get committed to disk. When the system gets to this point all new I/O blocks until dirty pages have been written to disk. This is often the source of long I/O pauses, but is a safeguard against too much data being cached unsafely in memory. 
vm.dirty_background_ratio = xx # Percentage of system memory that can be filled with memory pages that still need to be written to disk before the pdflush/flush/kdmflush background processes kick in to write it to disk. It's up to you and your computer usage.
vm_dirty_expire_centisecs = xx # How long something can be in cache before it needs to be written. When the pdflush/flush/kdmflush processes kick in they will check to see how old a dirty page is, and if it’s older than this value it’ll be written asynchronously to disk. Since holding a dirty page in memory is unsafe this is also a safeguard against data loss.
vm.dirty_writeback_centisecs = xx # How often the pdflush/flush/kdmflush processes wake up and check to see if work needs to be done.

    You can use a ramdisk for that, (if you're short in ram, this will kill the purpose). You can use a ramdisk with 256Mb or more and use for swap, but remember to always have the footprint low or you'll be sorry if something happens (specially using xfs).


5. FAT32 doesn't need journal because they sync automatically from time to time and have an R/O flag when the writing is done

     From freenode. And this is the most dumb thing I ever read in my entire life about any filesystems.
     If you really want to protect a fat32 from damage and mounting at boot (like the EFI partition), just use sync option in fstab and you're good to go.

6. I don't have any privacy concerns about windows 10 because I don't have anything to hide

     This is hideous and sad. It's not about having something to hide you sick fuck, it's not about being a criminal or having some illegal in your harddrive. This doesn't mean that any jackass company have the right to spy on EVERYTHING YOU DO. Or even worse if you think in man-in-the-middle scenarios (anything can create a bug making man-in-the-middle possible, a lib, a software, ANYTHING).

     If you need to use windows 10 for whatever reason and you're not mentally disabled and want to stop microsoft to messing up your privacy, use my post.

22 November 2016

There's no social media anymore

     Yeah, the title is just right, there's no social media anymore, now we have the monetizing everything, like my other post.
     No, it's not only this, now we can see that most consultants of the most social websites have issues to understand simple things AT ALL. Let's get straight, when you access a social media, you have your TIMELINE, its called timeline for a reason, its ordered by time the posts, so when you open your mobile app, you're supposed to be at the last post you stopped and continue reading until you reach the last one, right? RIGHT? No, they don't think in this straight line...
     Most social media sites now ordered by whatever comes to his minds. Facebook forces you most of time to read the "top stories" that use a random trollercoaster way to order the posts that makes no sense at all, but they think its good for you, specially if with lots of posts that you already read and missing a lot of other posts you missed it. So you choose to order the news feed (they call news feed a timeline filled with idiocity, crap and many other lies) by most recent, but still not the most recent, you'll miss a lot of posts anyway. And ads.. oh the facebook ads... some days you'll even have 1 ad per 2 posts. If you try to mark that ad isn't relevant to you, they'll show you even more random ads, and some even had malware. Congratulations.
     Twitter have his own dumb issues, for example, "you might like". For fucks sake, if I want something that "I might like", perhaps "I MIGHT SEARCH SOMETHING I WANT", and this will be offered to you in daily basis! At fist was something really related to your posts and posts you follow, now they offer ads in the middle of this crap. And it's not done yet, in hourly basis or if you close the damn tab for some time, they'll show you what happened "while you're away". FFS isn't a timeline? If I want to see what's happened while I was away, perhaps something is blocking me to scroll down? And about the ads, they have the same issues than facebook, offering even malware to you. 
     G+ was my prefered social media for everything, now Google Plus is messing in his own way too. There's no ads but theres no timeline anymore, everything is messed up like twitter and facebook. If you use a domain... well... you know that google doesn't want you to use your own domain right? Everytime you want to post or make a comment, G+ will warning you that you're posting outside your domain, and no, there's no switch to turn this crap off. Oh, if you use play store, you know that if you want to change your credit card, you have to mail a google admin to do that for you right? "Because it's dangerous, your admin can get your credit card", they'll even say the same crap if you even prove that YOU are the owner of the damn domain. Makes sense for you? Well.. it seems that makes sense for them.
     Now we see how the internet was just borked, monetizating everywhere (with people saying that you're immoral for blocking annoying ads and popup) and people with 0 knowledge making stuff happening. Yes, ZERO knowledge, who the fuck will say that is nice for you have a timeline based on /dev/random? 

03 October 2016

The new age of webspam

     I've started using internet and related with BBS and the advent of www let me get a lot of stuff like tablatures and sheet for music, at start was quite ok to search this type of stuff without any harm. After some years, they discovered how to monetize and at this moment, there's no browser with anti-popup and tabs, so... the hell came to the internet, with his brothers: harmful ads, popups with trojans and a shitload of terrible staff. Well.. years passed, browsers had a way to make tabs, blocking annoying popups, etc.
    Now we are at 2016, and this time came back, and now is stronger than ever and theres a shitload of stupid dumb people that will defend this practice and even call you an "ignorant" or "immoral" because you choose ways to prevent this type of practice.
     As developer/curious/tester, I use to get apps or roms on xda and many other site to test things to sort out (specially with VR, there's a lot of indie stuff out there). Even some developers post games and software in reliable sites that you can test and even get some ideas, but now the problem: EVERYONE WANT TO MONETIZE EVERYTHING! Welcome to the internet whorehouse.
     So, lets make a scenario: I want to download a rom for a <put the name of cellphone here> to just having fun, testing or whatever reason. So you go to the thread, click on the link to download but WAIT, that's not the download yet. It'll open a link in ad.fly, that you make you wait 5 seconds while some dumb propaganda shows up and meanwhile you close a popup, then you click on continue, a new popup will open, so you choose to close the popup and go back to the site and guess what? There's another monetizing site, so you have to repeat all the steps I said above. If you're lucky, the FUCKER use only two monetizing sites, sometimes they use even 4 or 5 monetizing sites one inside the other. A good example of this is the free pdf/mobi sites (there's a bunch out there with reliable free documents, no warez at all), they'll do this to you, and they'll do bad.
    So the people choose to monetize this crap instead of getting a job? Really? I see this happening year after year and it's getting worse! There's a lot well known sites with well known audience and getting a well known shitload of money and even so, they'll block you if you're using an adblock. News sites are getting worse every time they discover a way to annoy you: I can't use even a RSS Feed anymore without blocking fucking html5, because the dumbfuck discovered that can send you A DAMN VIDEO inside the feed, so it'll play a random crap when you're reading. Who the hell is supposed to like something playing out loud when you're trying to read? So if you choose to go to the site instead of using the RSS Feeder, you're even more fucked than before, because you'll have a lot of propaganda and probably two videos playing at the same time. And of course, you're forced to love this type of practice or the site will not let you read the article, because fuck you.
     Remember idiocracy? Well then, this is your computer screen in some years.