Decipher
Since some time I am an user of encfs. I actually did want to encrypt my whole root filesystem (just for fun, nothing to hide ;-)), but the loopback way is a hack and the old weak initialization vectors make watermark attacks easy. The weak key management was also a showstopper. Now that luks is relatively standard I hoped that with ubuntus upcoming edgy the eft the dm crypt + luks setup would be well enough integrated.
Unfortunately this is not the case. The installer does not support this yet. There is a myriad of conflicting documentation on how to set this up properly. Most of these are misleading and outdated. There are thousand ways to do this.. but I wanted to do it in a way that will be supported properly in the future. This guide is the best there is on this topic and following it literally does work for Edgy Eft.
One thing Edgy has changed (compared to the guide, which is actually for Dapper Drake) is that the latest cryptsetup package already has encrypted root initramsfs hooks. With adding cryptopts in the kernel line (or via kopts in grub) or making a /etc/initramfs-tools/conf.d/cryptoroot file the system _should_ come up automatically with the passphrase question. After a lot of fiddling (every distro seems to have their on ways of specifying the parameters) I still did not get this working. If you use the kernel line options cryptsetup is not installed in the initrd and if you use the conf file option, the proper kernel modules are not loaded.
Usually I behave like a good open source citizen and file nice bug reports about this, instead of whining in a journal entry. This time the 1000 different ways of doing these + the already very confusing bug reports about this package, left me feeling disqualified to do so. In the end, just following the guide for ubuntu and writing my own initramfs non configurable hook functions (which conflict with the future cryptopts settings !!) seems the best way right now. What makes the situation even more difficult for starters is that google does not list the proper page for ubuntu but a very outdated howto, so hopefully this entry will help the proper guide bubble up.
Hopefully this is something that is going to get better in future! Distributors, please fix this and standardize! On the bright side, the debian future for this looks most promising, clean implementation and support in the beta installer..
[Permalink] -- Filed under: [linux]
S/G541 (A flat major)
Back from my holiday in Belgium and Luxembourg. I had a good time, turned 30; now I am trying to get back to business.
[Permalink] -- Filed under: [personal] [holiday] [photos]
Faraway voice
Hacked a bit more on audio captchas lately, but the source is not in releasable form right now.. Anyway, I now recognize the audio captchas from microsoft 95% correct and from google (also blogger/blogspot) 60%+ by tweaking the segmentation. captchas.net (35%) and paypal.com (10%) are also doable, but some improvements are still needed.
Time to add some neural network learning.
[Permalink] -- Filed under: [linux] [science]
Danza Ritual del Fuego
Back
from a long week Andalusia. It took me a while to get used to the weather (dropping from 27 C to -2
C!) and updating this page. The atmosphere (and the trip) were great. Nature was beautiful (where
can I donate for bringing mountains to Holland ;-) and the (medieval) buildings special (especially the
mix between christian and moorish architecture). The romans also had discovered the good weather
and fertile ground early and left lots of trails (some villages still have a roman ground-map and
small white 3-level 'concrete flats').
Just before I left, I bought a new Canon 350D. One of the most mainstream (SLR) camera's. I had some positive experience with the analog version and reviews of the digital thing were ok. I am very happy with it. It works fine with gphoto2. (Sorry for the analog camera lovers).
These two items combined gives some new photo albums on this site. Enjoy.
[Permalink] -- Filed under: [personal] [holiday] [photos]
Forever may not be long enough
For
years I have struggled to find a proper music player. Most players are too playlist- and metatag
oriented for my taste. My files are all stored in a nice directory hierarchy with proper
filenames. The tags are very incomplete and buggy (a lot my music file predate ID3 tag
standards, i8n is a disaster in most tags).
XMMS and winamp were pretty usable and fast (no meta-data reading in advance, but newer versions tried to do the same database building as other new programs (and failed)). One feature was particularly missing from these players: the ability to play random albums. This should (imho) be the standard setting of any music player: You are working and want to listen to an album in the background. Also it would be nice if you would be able to give a subset of your collection (for example all jazz music) and than the software picks an album for you in this genre. XMMS and winamp lack these features.
Even newer music players (banshee, amarok, rhythmbox, XMMS2, beep, windows media player, mpd, etc.) cannot do this, although they come closer nowadays. However I have lots of trouble trying them. For years they crashed on loading my large (100Gb+) collection. Now they usually do not crash anymore, but start crunching for hours (sometimes days) and when they finish loading the library and you restart the application; it just crunches again on their index for minutes. And more often than not, they load the index (sometimes 100MB+) to memory. This is intolerable if you just want to listen to one song.
I realized pretty quick that just whining is not going to help, so I wrote my own player in a few lines of Perl. It is far from perfect: I really want to:
- NOT start gconf-tool externally
- use gstreamer-perl bindings, instead of mplayer
- thread/fork so better key-bindings are possible
Despite these drawbacks I use it for months already and it works flawlessly . Therefore I release the script to the world. It sets your album cover in the background and just starts playing random directories (=albums in my library).
[Permalink] -- Filed under: [linux]