Monday, October 17, 2011

Camera on SE X10i (Android 2.3)

This is a howto on a Sony Ericsson (SE) X10i with Android 2.3.3.

Photos can be captured with a 4 inch capacitive touch screen, and 8.1 megapixel camera. It also comes with digital zoom of up to 16x, image stabiliser (due to small hand shakiness) and a flash. The updated Android provide a default camera apps that meet most requirements.

Step 1. Starting the camera

Method 1
At the Home screen, tap the Application icon, then tap Camera icon.
Method 2
On the X10i, press the Camera quick button.

Step 2. Select Camera (optional if already selected)
Tap the Camera icon.
Step 3. Snap the photo
There are several methods to do this, but I will note down just the Touch and Normal.

Method Touch
  • Select Camera mode icon, and tap Touch capture. (optional if already selected)
  • Point the camera to the person or object, press on the screen where is the desired focus.
  • Release finger, to take the photo.
Method Normal
  • Point the camera to the person or object.
  • Half press the Camera button, to focus.
  • Press Camera button down fully to take the photo.

Step 4. Preview photo
Press on the last taken photo at bottom of the screen, or tap the Filmstrip icon


Other setting for the camera can be accessed by the on screen icons or by the Menu key.






Thursday, October 13, 2011

Call handling on SE X10i (Android 2.3)

This is a Howto on a Sony Ericsson (SE) X10i updated with the latest Android (in this case to version 2.3.3). So you've got the smart phone, many do not have the time to experiment, so here is the first share on some of the solutions to common things you might need.

After the update, Sony Ericcson did not provide an easy to find help document for the Help option in Android. It is a bit disappointing considering its SE, and the help is in the phones menu, but empty. At SE website, there is a download to “restore your user guide in your phone” (instructions are not good at this moment)


Make a call (yes, the phone can make calls)

Step 1. You will need to start the dialer.
From the home screen, tap the Phone button.

Step 2. There 3 methods to dial a number;
Method 1:
Enter the number using the screen Keypad, and tap Call.

Method 2: Tap the Contacts button and choose the contact to call
Method 3: Tap the Favourites button and choose the contact to call



Step 3. During the call you have the options to
  • Put call on loud speaker – tap the Speaker button
  • Mute, so the other party cant hear you but you can listen – tap the Mute button
  • Use the onscreen dialpad for automated transactions like Phone banking – tap the Dialpad
Step 4. When you want to end the call, tap End call button.


Decline a call (in a meeting and suddenly a call comes in, lets cancel that call)
Step 1. Drag the Decline button to the left.

Access to other applications during a call (Retrieve or to write a note. It is a smart phone)
You have 2 ways to do this;
1. Return to a previous running application (just before you were interrupted by the call)
Press the BACK key (left arrow sign)
2. Return to Home screen to select an application.
Press the HOME key (This is the key with a square sign) then tap on the application you wish to start

Monday, June 27, 2011

Clone a VirtualBox disk

Duplicating a disk for a new VirtualBox VM requires addressing the disk UUID conflict with same value. The following steps address this matter.

1. Start VirtualBox graphical interface (GUI), and edit settings for the VM using the disk we wish to clone. E.g VM name is centos and the virtual disk as centos_hdd.vdi

2. Remove (Do not delete) this disk from the VM.

3. At a command prompt
VBoxManage clonehd centos_hdd.vdi copy_centos_hdd.vdi
VBoxManage internalcommands setvdiuuid copy_centos_hdd.vdi

The first command duplicates the virtual disk. In the second command we assign a new UUID to the new disk (copy_centos_hdd.vdi)

4. Return to VirtualBox GUI and attach back the centos.vdi to the VM.

5. Create a new VM to attach the copy_centos_hdd.vdi

The new virtual machine is ready to use the cloned virtual disk. As a note, why not just make more copies of the disk with new UUIDs in case you need another image.

Thursday, June 23, 2011

An Open source software antivirus called ClamAV

The ClamAV is the only OSS implemented on a large scale with a consistenly updated virus database.

It can be used in 3 different ways:
  1. Installed on a PC. It can be scheduled to run at specific times or to scan all new storage medium and incoming files.
  2. Installed on a server. It is used in conjunction with server services such as email servers, backup and file servers.
  3. Application built with the ClamAV library. Customised applications can manage how and when the file scannings are done.
There are lots of cool features that is comparative to proprietary antivirus. As of June, it is rank as the top 10 antivirus in terms of virus detection.

I just ran an update, output as below:

daily.cvd updated (version: 13231, sigs: 130699, f-level: 60, builder: arnaud)
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Current functionality level = 58, recommended = 60
DON'T PANIC! Read http://www.clamav.net/support/faq
bytecode.cvd is up to date (version: 143, sigs: 40, f-level: 60, builder: edwin)
Database updated (976953 signatures) from db.local.clamav.net (IP: 222.124.18.201)

Configuration of the ClamAV installed can be inspected with the command clamconf, and the virus scanner GUI is simple to use.




Tuesday, June 14, 2011

Linux security checklist

The Anonymous is announcing an attack on www.malaysia.gov.my, which is a central portal to reach all other Malaysian Government portals. This is reported by F-Secure Corporation and theStar, 14 Jun 2011. Makes you wonder why Anonymous would want to do that.

Follow up from my previous post, I realise that many Linux Admins out there do not have a Security Checklist for their web application. I am sharing the following checklist here as it provides a standard security consideration for almost all web application on Linux or LAMP stack. It is by no means the only security guide, please apply all other security concerns specific to your needs and you can then sleep better at night.

Check List for Web Application (deployment)

Category

Item

Notes

Logins

A.1

Operating system

-Administrator password is secured and recorded as only accessible by ONE administrator

-All login's are done as normal user

-Normal users with access to Administrator priviledges are recorded. Access should be via SUDO.

-All logins are recorded



A.2

Application

-All users to have secured logins

-Administrator logins are assigned to specific individuals and listed

-Web based self registered user must have email and spam prevention facilities

-Lock down on Web server's user/application access

-Default access and password for all administrator applications must be secured. This includes the main application, phpmyadmin, firewall.


A.3

Database

-Each application to have a specific user and password access. This user cannot access other databases.

-Administrator access is with secured password. Assignment to specific individuals must be recorded.



Services

B.1

Disable unnecassary services

-Firewalls must be enabled to restrict external access to only the approved application (via port numbers).

-Identify every services running. Disable those not in use.

-Remote access must be via encrypted protocols

-Disable local email server (e.g. sendmail) from runnin/listening continuously. Or use external email server.

-Email servers controlled to allow access to specific application and directories.

-Anti-virus if implemented, must have patches and pattern updates kept to the most recent.




B.2

Create a base point of security

-A penetration test must be carried out. The type and complexity is based on the specific application.

-Establish an integrity check point


B.3

Tell them you do not allow access

-Place warning messages to all points of access. E.g. motd and issue.net



B.4

Logging

-Log activities to separate files for operating system and application.

-Make logs available to a centralised log server.



B.5

Backup

-Establish a backup plan.

-Implement a backup process



B.6

Create a boot disk and rescue of the Linux



B.7

System updates

-Disable the automatic system updates. Updates should be installed only after it is verfied working with the application.

-Periodically check with security issues, respective application security notices and update as needed.



Physical

C.1

Physical Access

-Ensure only authorised personel can access to the server.

-A record of physical access is maintained.



C.2

Storage Media

-All storage media is tagged.

-Storage location and transportation is secure and recorded.



C.3

Security Policy

-Ensure the document is readily available to authorised users.





Creative Commons License

Checklist for Web Application (Deployment) by Nicholas A. Suppiah is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.
Permissions beyond the scope of this license may be available at http://www.blogger.com/profile/06749525177696246387.

Monday, June 13, 2011

Linux security for organisations

Linux provides a great solution for small and large organisations. Its scalability and reliability have been continuously promoted over the years as reputable organisations keep adopting them.

The recent spate of security breaches at Citibank, USA and Sony Online Entertainment (SOE), Sony Playstation tells us a lot about the amount of importance organisations put on security. In 2009, There were words that Citibank was robbed and in 2011, there was a breach to over 200,000 USA Citibank card holders in the Citigroup. ZDNet in 2011, "Sony security hole exposes another 24.6 million accounts" tells about how over 100 million users can be affected by failures on security. Maybe Sony Certified Security Professional needs to consider a systems security program for Sony (I am joking).

Other security compromised news (hacked) in 2011
  • Vendor-sec email list was compromised and this was a discussion on linux vulnerabilities at openwall.com
  • Wordpress.com root access was gained to their servers. Nothing else much on extend of damage to users or blogs at wordpress.com
  • Mobile devices like Android could potentially have user data compromised when using public wifi, says University of Ulm, Germany
  • International Monetary Fund (IMF), network break-in sounded like it was blamed to the staff use of internet and emails when read in ZDNET.
  • Lockheed Martin, provider of defence technology breach in their remote access via use of tokens affected Pentagon.
  • GMail major phishing was traced back to China and Google looks geared up for more changes as spear-phishing becomes a term many would see more often.
  • In Malaysia, the newly launched 1Malaysia Pengguna Bijak's portal costing RM1.4 million wasn't built with safe guarding the users information at all. Here the only explaination (NO apology to the rakyat) was that the system was not built to cope with the 3 million hits it received within 2 days of its launching. Over 2,000 1Pengguna user account details were confirmed compromised. I took it as a government initiative but the name www.1pengguna.com made me wonder if its a Malaysian government effort or a private business.

Over the years of implementing Linux based solution, there are a few basic things I can share when deploying web applications and other similar systems.

  1. Put a security policy in place. This includes security administrators reading emails from public who voluntarily lodge about security flaws.
  2. Budget to implement these policies
  3. Have security checklists (use it, audit with it)

If disaster happens, you just need to fix it. There are people's "life" at stake. At the same time get those culprits, if you can.

Wednesday, May 4, 2011

What are Perlis students going to do with Netbooks?

Its in NST that 700 students will receive netbooks.

Not reported how it will be usable to the students. Or if they have internet access.

Schools should prepare wifi so that these students can access education freely in school.

Sunday, March 27, 2011

New Android App on Market

Just post my Application to Android Market. It is for those who are learning to use Gnome as a Linux Desktop.

Its called Learn Linux - Gnome and developed entirely on Ubuntu. If I managed to get Gnome 3, will work to get some of its updates into the application.





:)

Wednesday, March 23, 2011

Flex 4 MouseEvent

After completing the Flex 4 on Eclipse Galileo installation, here is an example for Flex 4's MouseEvent.

Flex 4 on Eclipse Galileo for Linux

Flash development on Linux is done with Flex SDK. Some nice people started at FB4LINUX have provided a GUI to develop Flash on Linux and this can be integrated into Eclipse IDE.

This article is an update to my other article. Additionally, Adobe placed a notice that they will no longer continue with the Flex Builder development. This means that you can only use command lines to work on future version of Flex. I guess this will affect FB4LINUX.

Following is a reference to install Flex SDK 4.0 on Eclipse Galileo 3.5.2.

Pre-installation checks: Have you installed Eclipse 3.5+ and Java Development Kit 1.6+


Step 1. Download the fb4linux files
Download in 4 parts from http://code.google.com/p/fb4linux/downloads/list
FB4Linuxaa
FB4Linuxab
FB4Linuxac
FB4Linuxad

Merge them together into a BZIP2 format and extract using the command prompt at the terminal. At the folder where you downloaded the 4 files, just type

cat FB4Linux* >FB4Linux.tar.bz2 bunzip2 FB4Linux.tar.bz2 tar -xvf FB4Linux.tar
I renamed the folder “Adobe Flash Builder 4” to “AFB4” since I did not want spaces between the folder name.

Copy contents of AFB4/eclipse/plugins to ~/.eclipse/[eclipse user folder]/plugins/

Step 2. Install Flex SDK

Download Flex 4.0/4.1 from http://opensource.adobe.com/wiki/display/flexsdk/Download+Flex+4

Extract a copy of the Flex SDK from Adobe into a folder, example ~/.eclipse/flex4.0


Step 3. Configure Eclipse with the Flash Builder Application

Start Eclipse, from menu choose
Help → Software update → Find and install

Search for new features to install
Choose the folder AFB4/eclipse



Click Finish.

A new window will open,
Select the features to install → Others






Accept the license agreements.
5 new applications for Flash Builder / Flex will be installed.



Restart Eclipse

Step 4. Apply the SDK to a project

In Eclipse, create a new Flex project
File → New → Other...
Choose Flash Builder ->Flex Project → Click 'Next'
Enter a project name, example “HelloFlex” and click on “Configure Flex SDKs”
Click “Add”




Browse to the Flex SDK directory, e.g. ~/.eclipse/flex4.0 (See step 2)
Check on Flex 4.0 (or Flex 4.1), choose Apply then OK.
Choose Next, Next then confirm the library path (no changes required, normally).






Accept to switch to Flex perspective.


Step 5. Test with HelloFlex

Double click HelloFlex.mxml
Enter following code before the last line



<mx:panel title="Welcome" color="blue" paddingleft="30" paddingright="30" paddingtop="20" paddingbottom="20">

<mx:label text="Hello World">
<mx:button id="b1" label="Click Me">
</mx:button>

Right click HelloFlex.mxml and choose Run as ->Run Swf






These are notes just for references.

Wednesday, March 9, 2011

Using LVM


It was fun trying out LVM. Following are basics that needs to be remembered;

1. Partition the disk as type 8e (fdisk).

2. Create physical volume (PV). Use pvcreate

3. Create one volume group (GV) using all the PV. Use gvcreate

4. Create logical volumes (LV) on the GV. Use lvcreate

5. Format each LV with respective filesystem. E.g. Ext3fs, reiserfs using mkfs

6. Mount each LV. Use mount.

Wednesday, February 16, 2011

Mobile phone programming with AXDT

Free and open sourced cross platform Flash development tools are available for Eclipse IDE. This is good news to have a change to explore what flash can do for the mobile devices. There are other tools out there for development but for now, this will be my starting point.

As a start to ActionScript3 development, the IDE and APIs need to be setup. Here are instructions for Ubuntu 10.04 with Eclipse 3.5 Galileo to use AXDT. Older version of AXDT used the Eclipse's IMP, but now it uses XText.

Step 1: Install Eclipse and the plug-in environment

sudo apt-get install eclipse eclipse-pde

Step 2: Install the ActionScript3 environment with AXDT

- Start Eclipse
Choose Help -> Install New Software…
Location is http://download.eclipse.org/modeling/tmf/updates/releases
(previously used http://download.eclipse.org/technology/imp/updates)
- Click Add and give it a name, IMP
- Click OK to return to Available Software window and select IMP and IMP Prerequisites
- Click Next and Finish to install
- Restart Eclipse once installation is done
Choose Help -> Install New Software…
Location is http://svn.codespot.com/a/eclipselabs.org/axdt/trunk/site
- Click Add and give it a name, AXDT
- Click OK to return to Available Software window and select Axdt builds
- Click Next, check in to accept the terms (agreement) and click Finish to install.

Step 3: Apply correction for embedded images. See http://axdt.org/ticket/97
Here, to remove the AXDT errors on "static-link-runtime-shared-libraries option to true" the configuration file needs to be edited.

- Find the AXDT flex-config.xml file, choose Windows->Preferences, choose AXDT->Flex 4 SDK
- Open the file .eclipse/org.eclipse.platform_3.5.0_155965261/plugins/org.axdt.flex4.sdk_4.0.0.14159_mpl/flexsdk/frameworks/
/flex-config.xml
- Edit the line
<
static-link-runtime-shared-libraries>false
</static-link-runtime-shared-libraries>

and change value false to true.
Restart the Eclipse.

Step 4: Deploy the IPhone apps
Install Adobe AIR from http://get.adobe.com/air

Step 5: Deploy Android 2.1 Apps
See My Android post

Step 6: Install a debugging environment
Install De MonsterDebugger

Friday, February 11, 2011

Using shared folder on virtualbox OSE

Virtual box has a feature to access the host folder from a guest machine. Following is Centos 5.5 Linux guest that is set to access the Ubuntu 10.04 Linux host machine.

Host machine (Ubuntu)
- shared folder: /home/username/Downloads
- virtualbox share name: shared

Guest machine (Centos)
- mount share as /mnt/hostfolder

Step 1: Install Virtualbox Guest Additions.
Read the manual.

Step 2: Apply the shared folder for Virtualbox
Open the virtualmachine (guest) and go to Devices ->Shared Folders
Click on "Add Shared Folders", its a plus sign. Enter the following values
Folder path: /home/username/Downloads
Folder name (no white spaces): shared

Step 3: Mount the shared folder
Reboot the guest machine and mount with following command (use root/administrator);

mount -t vboxsf shared /mnt/hostfolder

Then apply the required permissions to the folder.

Free magazine from HITB!

In issue 5 of the HITB magazine 2011, there are 2 articles of interest.

1. An experiment Linux kernel auditing

2. Measuring SSH attacks (with Honeypot)

See http://magazine.hackinthebox.org/issues/HITB-Ezine-Issue-005.pdf

Howto clone Ubuntu 10.04 display on a projector

The Ubuntu 10.04 on HP ProBook 4420s was able to connect to the projector by pressing the fn+f4 keys. This cycled through 4 modes but nothing that allowed me to view a clone of the display on laptop and projector.

Here are steps to resolve this (results in 800x600 for most projectors).

Step 1: Login to laptop and then plug-in projector.

Step 2: Identify the mode available for 800x600 and add to the existing display modes

xrandr -q
cvt 800 600

example of output:
nicholas@nicholas-laptop-kde:~/scripts$ xrandr -q
Screen 0: minimum 320 x 200, current 1366 x 768, maximum 8192 x 8192
VGA1 disconnected (normal left inverted right x axis y axis)
LVDS1 connected 1366x768+0+0 (normal left inverted right x axis y axis) 310mm x 174mm
1366x768 59.6*+
640x480 59.9

$ cvt 800 600
# 800x600 59.86 Hz (CVT 0.48M3) hsync: 37.35 kHz; pclk: 38.25 MHz

Modeline "800x600_60.00" 38.25 800 832 912 1024 600 603 607 624 -hsync +vsync

Step 3: Create following script called clone800x600.sh that add the 800x600 capability to the display and enables on both projector and laptop. Notice the bold fonts above is copied to the first xrandr command below.


#!/bin/bash
xrandr --newmode "800x600_60.00" 38.25 800 832 912 1024 600 603 607 624 -hsync +vsync
xrandr --addmode LVDS1 800x600_60.00
xrandr --output VGA1 --off
xrandr --output LVDS1 --off
xrandr --fb 800x600
xrandr --output VGA1 --mode 800x600 --rate 60
xrandr --output LVDS1 --mode 800x600_60.00 --same-as VGA1 --auto --scale 1x1 --panning 0x0

Step 4: Make executable and run the script

chmod u+x clone800x600.sh
./clone800x600.sh

To switch back to original settings, press fn+f4.

Next, try to get it working at higher resolution that the projector can support.

Thursday, January 13, 2011

Installed Ubuntu 10.04 on HP ProBook 4420s

Screen shots after installation on the laptop.





Restore Gnome desktop to default

IF you are like me trying all the different gnome tools and utilities, the desktop could get messed up and system screen freezes.

Solution:
Get a terminal (or press Ctrl+Alt+F1) and delete the Gnome desktop configuration file for that user. Command is as follows;

rm -rf .gnome .gnome2 .gconf .gconfd .metacity

Tuesday, January 11, 2011

AAC encoding not included in 10.04 ffmpeg

As a reminder, the Lucid or Ubuntu 10.04 does not have AAC decoding support. This means I cant convert FLV (Youtube) movies into a format that the Android can use.

Solution, is to use the Mediabuntu packages as informed by Ubuntu Forums.

In a nut shell, remove existing ffmpeg and use the Mediabuntu repo to download a fixed version of FFMPEG. Some of the other version of Ubuntu is fine, and no need to follow this step.

sudo wget http://www.medibuntu.org/sources.list.d/`lsb_release -cs`.list --output-document=/etc/apt/sources.list.d/medibuntu.list && sudo apt-get -q update && sudo apt-get --yes -q --allow-unauthenticated install medibuntu-keyring && sudo apt-get -q update

sudo apt-get install ffmpeg libavcodec-extra-52

Saturday, January 1, 2011

Shifting of OSCC


Staff operation area.

24 seater training room.

Front reception area.

Server hosting room for OSS mirror site and OSCC applications available to anyone. It is demo and showcase area.

Training material boxes arrive at MAMPU Cyberjaya.


The OSCC (oscc.org.my) has officially shifted address to MAMPU in Cyberjaya, Malaysia.