12 October 2017

Fixing the network device names

     If you are struggled with a distro with systemd for a random reason, you can fix this dumb nonsense of network devices with this command:

ln -s /dev/null /etc/systemd/network/99-default.link

     I don't know what will break doing this, but since I'm testing this crap using a VM, I don't really care (but you should, so beware where are you doing this). I've tested on Debian and Arch.
     Some people reported that most problems with network manager can be fixed when doing this. 

09 October 2017

Sensors for ASUS P8H61-M LX2 R2.0

     It's just a configuration for sensors of this motherboard (since lm_sensors website is long gone and I never find anything about the sensors for this motherboard). After reading a lot of stuff, I think I figure out to be more readable. Pay attention to some ignored values since some of them is just because I don't have it enabled/present (like case fan, intrusion, etc). Don't mind the way i've formated, blogger doesn't let me use damn tabs (it's on my github).

06 September 2017

Intel ME Security Issue and how to fix it

Intel ME is a coprocessor integrated in all post-2006 Intel boards, for which this Libreboot page has an excellent description. The main component of Intel ME is Intel AMT, and I suggest you to read this Wikipedia page for more information about it. In short, Intel ME is an irremovable environment with an obscure signed proprietary firmware, with full network and memory access, which poses a serious security threat. Even when disabled from the BIOS settings, Intel ME is active: the only way to be sure it is disabled is to remove its firmware from the flash chip.
Before Nehalem (ME version 6, 2008/2009) the ME firmware could be removed completely from the flash chip by setting a couple of bits inside the flash descriptor, without the need to reverse-engineer the ME firmware.
Starting from Nehalem the Intel ME firmware can't be removed anymore: without a valid firmware the PC shuts off forcefully after 30 minutes. This project is an attempt to remove as much code as possible from such firmware without falling into the 30 minutes recovery mode.
me_cleaner currently works on most architectures, see me_cleaner status (or its discussion) for more info about them. me_cleaner works also on the TXE and SPS firmware.
If you want to understand how me_cleaner works, you can read the "How does it work?" page.
If you want to apply me_cleaner on your platform I suggest you to read the "How does it work?" page and then follow the guide "How to apply me_cleaner".
For pre-Skylake firmware (ME version < 11) this tool removes almost everything, leaving only the two fundamental modules needed for the correct boot, ROMP and BUP. The code size is reduced from 1.5 MB (non-AMT firmware) or 5 MB (AMT firmware) to ~90 kB of compressed code.
Starting from Skylake (ME version >= 11) the ME subsystem and the firmware structure have changed, requiring substantial changes in me_cleaner. The fundamental modules required for the correct boot are now four (rbe, kernel, syslib and bup) and the minimum code size is ~300 kB of compressed code (from the 2 MB of the non-AMT firmware and the 7 MB of the AMT one).
This project is based on the work of the community; in particular I thank Igor Skochinsky, for the core information about Intel ME and its firmware structure, and Federico Amedeo Izzo, for its help during the study of Intel ME.

Source, author and tools: Github

02 September 2017

How to stop Microsoft messing up your privacy in Windows 7.

     As I stated here for Windows 10, this one is for windows 7.
     I did a lot of research and I don't remember all the sources (sorry, let me know in comments if you have some so I can put here).
     There's a shitload of KBs, so I'll not link every single one, you can research yourself right? RIGHT?. I've checked every single KB and none of them have a direct impact to windows functionality (actually, it's just a bunch of hideous reporting mess).
     Heres a script to make your life easier. You can run safely after doing a full update (reboot after running the script).


06 June 2017

Pidgin icon issue

     If you use pidgin, you'll notice that pidgin have issues in most window managers (gnome, cinnamon, <put something more here>). I see this issue a lot of times in pidgin's issue tracker but i don't know exactly who did it wrong, but since I'm able to fix it easily....
     After searching for a while, I find this (quite old and still an issue). So the problem is the hicolor icon theme... ffs. Let's fix this (atm, it's quite different to fix it, but it works):

1) Go to this folder: /usr/share/pixmaps/pidgin/tray/hicolor
2) Make a backup or just rename your 16x16 to something else (16x16.old will do it)
3) Link or copy your 22x22 to a new 16x16 folder
4) Restart your WM

     It's quite an odd fix, but it works (until someone fix it properly and I have OCD with the problematic icon).

08 February 2017

TL-WN725N: "link is not ready, ERROR indicate disassoc" issues and how to fix it

     I was trying to configure a notebook with a R8188EU adapter and I see an interesting issue. In some random scenarios, this adapter just doesn't work and gives errors in dmesg like this:

[ 1063.859661] IPv6: ADDRCONF(NETDEV_UP): wlp0s26u1u3: link is not ready
[ 1063.907145] R8188EU: ERROR indicate disassoc
[ 1064.008095] IPv6: ADDRCONF(NETDEV_UP): wlp0s26u1u3: link is not ready
[ 1065.279303] R8188EU: ERROR indicate disassoc
[ 1065.380294] IPv6: ADDRCONF(NETDEV_UP): wlp0s26u1u3: link is not ready
[ 1065.430806] R8188EU: ERROR indicate disassoc

     You can connect if you try to connect a "hidden network" and actually put your non-hidden ssid there and password, if you don't care to do this every time you boot the system, of course. To fix this issue, edit your /etc/NetworkManager/NetworkManager.conf and add this:

[device]
wifi.scan-rand-mac-address=no

Update: This problem doesn't happens if you use a sane network nomenclature.

12 December 2016

The stupid chit-chat around and how to fix it (for people that prefer reality than some herp-derp)


     Yeah, it seems this just landed on linux world.....    
     At first, only people in MacOS and Windows have some sort of mental illness about "NO, YOU DON'T NEED TO DO ANYTHING, THE ENTIRE OS IS JUST OPTIMIZED FOR YOUR NEEDS, IT WORKS IN THIS WAY". Now this starting to land on linux, so let's get started.

1. It's useless to compile, it's a waste of cpu cycles.

     I see someone in #archlinux saying that. Uh.. your cpu have limited cpu cycles? Can you count that? So you're economizing cpu cycles for the future? Do you know how stupid this sounds? 
     It's starting to be more and more common jerks saying that, so ignore completely. Someone that says this doesn't really have the solution for what you're searching for.

2. You can't optimize compiling, only coding.

     This one was said by an OP in #ubuntu-br. Fancy uh? When you see an OP in freenode, you usually expect people with the better knowledge there and capability to help, but it's seems isn't like that happens there. Well.. We know how freenode works, right? 
     Yes, you CAN optimize, no matter how you're trying to convince someone that this isn't possible, but you're wrong and you can cry all night long if you want. Of course there's issues: Optimization isn't magic, specially in OS level, it's a big set of stuff that MUST be done together to have visible optimizations, for example, if you just compile xorg, it'll not be faster or probably you'll not even notice. If you made an entire system with custom cflags for your processor, file systems optimized, elevators sets and everything else, the OS have a high chance to be faster than any other binary distribution.  
     If you're still verbiaging about that, do a favor to all of us: https://gcc.gnu.org/onlinedocs/  

3. IoT isn't interesting because I can emulate all my emulators better in my PC

     IoT devices aren't dedicated emulation stations. IoT devices doesn't the solely purpose to be an emulation console. IoT devices are lowpower machines capable to a lot of things, specially in some scenarios like weather stations using solar power. It's like saying that arduino only serves to robotics. IoT is a good lowpower machine, with GPIO and capable of lot of things that ALSO HAVE the option to turn into a dedicated emulation station, so stop saying this crap.

4. If you have a lot of RAM, you don't need swap.

     When your machine starting having issues, you'll cry right? Swap isn't "a place to be occupied when your RAM is full", swap was never have this solely function and probably will never be (it probably will use it IF you get your RAM really filled, but this is an emergency situation). Swap is used for a lot of different scenarios, and even your filesystem use it from time to time (specially in x86 machines). If you really want to do in the right way, you have to figure out this:

vm.swappiness = 20 # Increase or decrease the swap footprint, making less use of swap but still having his features. The best value for more than 16Gb of ram is 10, but it's better to test yourself what fits you better.
vm.dirty.ratio = xx # The maximum amount of system memory that can be filled with dirty pages before everything must get committed to disk. When the system gets to this point all new I/O blocks until dirty pages have been written to disk. This is often the source of long I/O pauses, but is a safeguard against too much data being cached unsafely in memory. 
vm.dirty_background_ratio = xx # Percentage of system memory that can be filled with memory pages that still need to be written to disk before the pdflush/flush/kdmflush background processes kick in to write it to disk. It's up to you and your computer usage.
vm_dirty_expire_centisecs = xx # How long something can be in cache before it needs to be written. When the pdflush/flush/kdmflush processes kick in they will check to see how old a dirty page is, and if it’s older than this value it’ll be written asynchronously to disk. Since holding a dirty page in memory is unsafe this is also a safeguard against data loss.
vm.dirty_writeback_centisecs = xx # How often the pdflush/flush/kdmflush processes wake up and check to see if work needs to be done.

    You can use a ramdisk for that, (if you're short in ram, this will kill the purpose). You can use a ramdisk with 256Mb or more and use for swap, but remember to always have the footprint low or you'll be sorry if something happens (specially using xfs).


5. FAT32 doesn't need journal because they sync automatically from time to time and have an R/O flag when the writing is done

     From freenode. And this is the most dumb thing I ever read in my entire life about any filesystems.
     If you really want to protect a fat32 from damage and mounting at boot (like the EFI partition), just use sync option in fstab and you're good to go.

6. I don't have any privacy concerns about windows 10 because I don't have anything to hide

     This is hideous and sad. It's not about having something to hide you sick fuck, it's not about being a criminal or having some illegal in your harddrive. This doesn't mean that any jackass company have the right to spy on EVERYTHING YOU DO. Or even worse if you think in man-in-the-middle scenarios (anything can create a bug making man-in-the-middle possible, a lib, a software, ANYTHING).

     If you need to use windows 10 for whatever reason and you're not mentally disabled and want to stop microsoft to messing up your privacy, use my post.