TangoRangers.com's Blog

A few days ago I was with one of my good friends who owns a computer repair shop. I love going there because he always has something new and cool to show me (and I get to change to “geek out” for a bit), plus I like helping out so I don’t forget how to fix even the most basic computer problems. While there, a long time customer of his came in to pick up his computer and a very interesting conversation came up. The customer asked why his computer won’t stay clean after bringing it down to the shop.

It’s an interesting thing isn’t it? Why is it that we as admins and security experts and never seem to keep computers clean? Even the most skilled professionals can’t keep a computer clean. Well, it’s not our fault. There are so many security issues out there, and to be very blunt, the bad guys are always one step ahead of the security experts. Sometimes the good guys get a patch out (or publish the exploit) before the bad guys get a chance to exploit the security hole.

Unfortunately even when the good guys find the security hole before the bad guys there is the problem of getting the OS patched before someone becomes a victim. For example, a short time ago there was an ActiveX Draw exploit that affected millions of Windows PCs. Basically the bad guys somehow gained access to Google’s Adsense archive (and several other advertiser’s archives) and “infected” roughly 20% of the ads in the archive. I’m unsure of how the exploit functioned. I have heard everything from nothing to allowing someone to gain full control of your computer. Now, lets say for example that you visit a site, any site. You usually have two ads. One along the top and one down the side. So with one page view you have seen two ads. You click on something, new page, four ads have now been seen. You click again, six ads. Now you have reached the mark. There is a high probability you just saw one of the exploited ads. Whether you like it or not what you see in your web browser is also stored locally on your computer. No one was at fault with this (excluding the bad guys). Microsoft put out a patch after about a week of the exploit being known and Google fixed the hole allowing the bad guys to gain access to the Adsense servers. The problem now? Actually, two problems. One, some people are still making ads that are infected and trying to get them onto your computer. Two, there are still millions of computers that have not been updated.

There are always problems like this. I never like to blame any company directly unless they know of the issue but don’t bother fixing it. Other examples include more advanced techniques. You can gain access to a computer by sending certain information to it causing a hole to open temporarily.

The $1000 question is how do we keep out computer clean. Everyone has their own ways, but we came up with just a few basics. So if you run Windows try these out: Run FireFox instead of Internet Explore. Within FireFox get the extensions Adblock Plus and NoScript. Make sure you have a good Virus Scanner and it’s up to date. Turn on Automatic Windows Updates and keep your Windows up to date. Get anti-spyware programs like Adaware (the free one is fine for me) and Spybot: Search and Destroy. Make sure you have a firewall even if it’s the one built into Windows XP (or later), and lastly, be sure your not connected directly to the internet. Most ISPs will provide you with a modem or router, make sure you have a router even if it has the modem built in! It adds just that slight bit of extra protection.

Granted, those are just a few of the things you can do to keep your computer clean. I always recommend talking to an expert when wanting to try new software. If you feel your computer may not be clean find a “hole in the wall” style computer shop. Those are often the better choice compared to the larger companies. Ask questions to the shopkeep. Will they charge you even if they don’t fix the problem? Do they guarantee their work for at least 30 days? Will they wipe your computer’s hard drive or remove personal files without asking? Will they look at your personal files or web history? The best repair shops will answer honestly and quickly. Hesitation is a bad sign.

Lastly for all your Windows users out there. Get a program called Secunia PSI. It is free for home users. This program will check almost every piece of software on your computer and see if there is an update for it. It works very well. For example a few weeks ago Adobe was consistently updating their Flash Player because of several security holes. Secunia PSI found the version I was running was insecure and provided me with a link to directly download and install the updated version! I must say it has been one of the best security programs I have seen for some time.

P.S. Just a note about NoScript. It can be hard for some users to get accustom to using it, and if you unblock the wrong script you will get infected.

After trying to get my Android (aka, T-Mobile’s G1) working on my Slackware laptop and having many problems I looked for help at androidcommuinity.com. Even tho they didn’t technically help me solve the problem they were still a great help, and there quick replies kept me thinking of what the problem could be, and I thank them for that. In the end it was my own fault. Here’s the story.

My laptop runs Slackware 12.0 with a new custom 2.6.28 kernel and there was were the problem was. As it turns out I failed to turn on and modularize certain USB functions, now I’m unsure of what I enabled that made it work.

First, if you think it’s a problem with your kernel check your USB device settings. I use the make menuconfig when I build kernels, if you use xconfig it may appear slightly differently.

Check under Device Drivers –> USB Support. I turned on just about everything and modularized just about every USB device, don’t forget to turn on USB Gadget Support I turned on the top 3 options, they are for debugging and also Serial Gadget was modularized. Click Here to download my .config file. This file is in the root of where you extracted your kernel (usually /usr/src/linux-2.6.28/). Be sure to rename the file from DaijoubuKun.Android.config to .config otherwise you will need to tell your kernel to use that file. Quick note: I know I have a lot here that does not need to be turned on, I like large kernels with lots of modules.

UPDATE!
Put your 50-android.rules file in /etc/udev/rules/ and chmod it to 755!
Also in your kernel build make sure you turn on USB debugging mode!!!

If you think your kernel is OK check out graha.ms. There is a lot of the stuff your going to need to know there.

Now, at this point I’m assuming you visited the link above but your Tetherbot still isn’t working. This may be because the commands google gives may not work in Slackware. I wrote 4 lines more designed in Slackware’s udev style. Below are 8 lines. I’m sure you only need one, but it didn’t hurt me none to use all 8, the bottom 4 are mine. Here is my 50-android.rules

SUBSYSTEM=="usb", SYSFS{idVendor}=="0bb4", MODE="0666"
SUBSYSTEM=="usb_device", SYSFS{idVendor}=="0bb4", MODE="0666"
SUBSYSTEM=="usb", SYSFS{idVendor}=="0bb4", MODE="660"
SUBSYSTEM=="usb_device", SYSFS{idVendor}=="0bb4", MODE="660"
SUBSYSTEM=="usb", ENV{DEVTYPE}=="usb", SYSFS{idVendor}=="0bb4", MODE="0666"
SUBSYSTEM=="usb", ENV{DEVTYPE}=="usb_device", SYSFS{idVendor}=="0bb4", MODE="0666"
SUBSYSTEM=="usb_device", ENV{DEVTYPE}=="usb", SYSFS{idVendor}=="0bb4", MODE="0666"
SUBSYSTEM=="usb_device", ENV{DEVTYPE}=="usb_device", SYSFS{idVendor}=="0bb4", MODE="0666"

I know it’s got to be overkill to have 8 lines in there, so if you figure out which is the one that works post it in a comment and I will edit this to show that line with credit to you.

NOTE: When you plug in your phone you will be asked if you want to mount the sdcard to your computer. SELECT NO! According to rynosaur of androidcommunity.com.

Note, to make things easier copy the files is your tools/ directory (from the android sdk) to /bin. This way you do not need to go to the download directory to run the adb program. You can also copy the libs to /bin/lib

Now run adb devices. You should get some out put like

List of devices attached
HTxxxGZxxxxx    device

If you do then we are ready to go!
If not did you remember to run on USB debugging?
Start the Tetherbot program and hit Start Socks
Now type ‘adb forward tcp:1080 tcp:1080‘. This will forward and thing you send to ‘localhost:1080’ to the phone.

Using nmap I found that Tetherbot uses socks 5 with no authentication. This makes things a bit easier. Once you have gotten this far you are ready to setup your web browser to use the socks proxy. I have done this in SeaMonkey and Firefox (haven’t tried anything else yet) so here are the instructions for FireFox 3.0.x (should stay about the same for future versions).

Go to Edit –> Preferences –> Advanced (top tab) –> Network (lower tab) –> Connection Settings (button).
Select ‘Manual Proxy configuration‘ and put localhost in SOCKS Host and port 1080 in port. ONLY put that information in the SOCKS Host! Do NOT put it in HTTP Proxy! Be sure to select Socks v5 and (this may not be necessary) remove anything in the field No Proxy for:
Here is a picture:

Once you do that everything will go through your phone. I did read that there is a 1GB per month limit on the phone. I do not know if this is true or not. I’m only going to use Tetherbot when I’m doing a service call, I need a file and there is no other way to get online.

Lastly, just as quick bit of info. I live in an area where T-Mobile doesn’t have 3G! It sucks, but I’m told it’s coming later this year. It damn well better with how much I pay every month for this thing. I ran a bandwidth test through the EDGE network (it’s like 2.5G) and below is my speed.

Granted, I only ran the test once, and early in the morning. Plus I don’t think the phone was designed to have these sort of things run through it, but it will have to do for now. P.S. Thanks for the awesome speed test program Speakeasy.

Special note: I could be wrong, but it seems that after you put the required information into 50-android.rules you may need to either restart or run /etc/rc.d/rc.udev restart to restart the udev service. You may also need to replug in your phone, make sure you don’t mount your sd card as it may cause tetherbot to not function properly.

If this helped you in anyway please let me know. If it didn’t help post your problem and I will try to help.