rockstarmode

rockstar mode - [noun] 'räk'stär 'mOd: Expressing the insanity of living with your knobs permanently cranked to eleven.
 

Samsung Android MTP devices on Fedora 15

I'm lucky enough to have recently picked up a Samsung Galaxy 10.1 tablet running Android 3.1. The tablet itself is pretty impressive but uses a protocol I'm unfamiliar with to connect to other computers as a mass storage device. Since the tablet doesn't have a removable SD card (which is kind of strange) Google decided to build the Media Transfer Protocol (MTP) into the device. MTP is great because it allows the tablet and your computer to read/write to the tablet filesystem without Android having to unmount the tablet filesystem first. This means that your Android apps that require the storage area to be mounted won't be killed when you put the device into mass storage mode. This technology apparently can also be referred to as "PlaysForSure" which is a Microsoft brainchild.

This new awesome doesn't come without a few growing pains though. To mount the filesystem on a fully updated Fedora 15 computer you must go into the Android Settings area and select "Applications > Development" and make sure that "USB debugging" is unchecked. On my tablet this box was checked by default (it is a retail device, not the Google I/O edition). After disabling debugging it can simply be plugged into the computer via the included USB cable. If a file manager window doesn't pop up asking what you'd like to do please make sure you have the fuse and libmtp packages installed (they should be by default).

Unfortunately this is where I ran into another bug, check out this screenshot:

Samsung_android_001

Every folder in the root level of the device is listed as empty! A quick read around the intertubes leads me to believe that MTP does some sort of file translation based on file extensions. This is odd since Android is basically Linux and OSS operating systems have pretty much moved away from file extensions being the sole determinator of file type. I'm at a loss for where to report this bug as it could be present in MTP itself (perhaps as a weird Microsoft-y "feature"), in the libmtp implementation or in the Gnome file manager. However copying files to the device worked as promised, even though they disappeared from the file manager listing on a subsequent connection to the Fedora machine. This could possibly be related to file ownership or permissions.

One more thing to note: it's annoying that the only way to initialize an MTP connection on the tablet is to physically unplug the USB cable and plug it in again. It would be nice if you could enable this from the tablet interface sort of how other Android devices handle the mass storage mode.

For those of us that may want to compile mtpfs for fuse manually (as of version 0.9 this didn't change anything) the source code can be found here. Fedora users will probably have to install some development packages to successfully compile:

yum install fuse-devel libid3tag-devel libmtp-devel libmad-devel

Filed under  //   android   fedora   howto   samsung  
Posted June 30, 2011 by rockstarmode 
 

Getting Tor onion routing + Chrome working

*** EDIT *** I used Google Chrome version 6.0.453.1 dev from their official yum repository, YMMV

I spent about an hour figuring this out tonight so I figured I'd send it along.  Up until now I've never really gotten the combo of Tor, a browser and a proxy working to my liking.  This is how I did it:

  1. Install Tor, get Vidalia if you can, this makes it a couple clicks to get going
  2. Install the Switchy! extension for Chrome
  3. Use Vidalia or whatever to start Tor, make sure the onion turns green
  4. Disable DNS pre-fetching in Chrome -> Options -> Under the Hood (ignore this if you don't care who sees the domains you are looking up)
  5. Restart Chrome (I couldn't get #4 to kick in without a restart)
  6. Configure a proxy in Switchy!  I named mine "Tor", under "Manual Configuration" I filled in "127.0.0.1" and port "9050" as the SOCKS Host, click SOCKS v5, leave everything else blank and save
  7. Click the Switchy! icon and choose your new proxy, visit the Tor Project to confirm, you might have to wait a second after choosing a proxy for the settings to start working.
SOCKS v5 and v4a have the ability to forward DNS lookups but apparently the threading model in Chrome makes it difficult to catch and forward the prefetched DNS queries so you must disable that feature (source)

I've verified with wireshark that the DNS queries and all other browser traffic (HTTPS included) also go through the proxy.

Filed under  //   fedora   howto   proxy   security   tor  
Posted August 24, 2010 by rockstarmode 
 

Microsoft and OpenSSL

I recently had to re-figure out how to coax windows and linux with GoDaddy to obtain compatible code signing certificates. This is *much* harder when using a mixed environment than it should be.

GoDaddy issues spc files and needs csr files which are generated in conjunction with pvk files but Ant/Java want p12 files and most Microsoft signtools want pfx files but you can't generate any of these without pem files. Here are the steps:

  1. Log into your build server
  2. Generate private key, don't forget the password: 
    openssl genrsa -des3 -out code-sign.pvk 2048
  3. Generate the csr: 
    openssl req -new -key code-sign.pvk -out code-sign.csr
  4. Take csr to GoDaddy
  5. Download spc file
  6. Convert spc to pem: 
    openssl pkcs7 -inform DER -in code-sign.spc -print_certs \
-out code-sign.pem
  7. Add the private key to the pem, this was the trickiest part. Apparently openssl outputs files in pem format unless otherwise instructed and the pkcs12 export doesn't like to be given more than one file during import: 
    cat code-sign.pvk >> code-sign.pem
  8. Generate p12 (which is also a pfx), use the passwords from above again to simplify things: 
    openssl pkcs12 -export -in code-sign.pem -out code-sign.p12

The P12 file is basically the same thing as a Microsoft PFX, awhile ago Microsoft switched to PKCS12 P12 but insists on calling their files PFX source

Filed under  //   frustration   howto   nerd   openssl  
Posted February 26, 2010 by rockstarmode 
 

Fedora 12 preupgrade issues

If you are having issues with upgrading Fedora from 11 to 12 with error messages saying that your /boot partition is full *and* this walkthrough doesn't help I may have a solution for you:

  1. Boot into your Fedora 11 kernel
  2. remount /boot as read write (mount -o remount rw /boot)
  3. move the file /boot/upgrade/install.img to unencrypted storage, I used a USB key
  4. Reboot into the Fedora 12 upgrade kernel, when it errors out with a message claiming it can't find the installation image point it at the place you moved the install.img file to. 
  5. Have a beer, the upgrade takes awhlie

The walkthrough on Fedora Project was for people preparing to upgrade, I however was stuck halfway though an upgrade so their solutions didn't help me.

Filed under  //   fedora   howto   linux   nerd  
Posted November 19, 2009 by rockstarmode