Sunday, August 26, 2012

Reinstalling Ubuntu while keeping the home partition intact

I've been using Ubuntu on my desktop alongside Windows 7 for a little while. I started with 11.04 and since then I have been simply upgrading it using the update manager. It worked well enough up until 12.04, I have since experienced a few problems. For instance, my sound all of a sudden stopped working on my Linux, I have had a lot of issues managing my ipod with rythmbox or banshee (which I don't tend to use since it's so buggy), my Conky now looks a bit funky and I often get errors when I try to update my distro using the software manager.

Anyway, lot's of problems. So I decided to install a fresh copy of Ubuntu 12.04 from a disk, and my main problem is that I would like to keep my /home partition intact and of course keep my Windows partitions the way they are. So this is what I have done:

  1. Using a GParted live CD, I formatted my \ partition (root partition) but I left the partition as it was
  2. Rebooted the machine with the Ubuntu live disk and selected the install Ubuntu option
  3. Chose to do "somthing else" on the installation. There I selected my original root partition to and "changed" it to be an active partition and be used as root. You have to make sure all the Linux partitions are in Ext4.
  4. Chose the original /home partition and select it as active and as the "/home" partition.
  5. Chose the original /swap partition and keep it as /swap, although for this I didn't seem to need to do anything about it.

This method seems to work in terms of getting my distro installed fresh, however it did not seem to fix my sound problem, probably because the configuration information is probably located on my /home. Regardless of that, at least I have a fresh install of ubuntu now. So my next course of action will be to see if I can fix the sound issue without having to install the OS again. If that doesn't work maybe I'll install Ubuntu again and create a new /home partition. From there I could just keep my old /home partition and move the files later.

Wednesday, August 22, 2012

Settled on Astrill as my VPN service

For a while I have been looking into different ways to gain a bit more privacy while online. I love the internet, and I do think it is the greatest invention of the 20th century, however, political parties and their archaic outlook on new technologies, slows down the natural progress of it. One of the main problems with the internet is privacy. Laws have not been evolving as quickly as the community, so a lot of them are outdated and infringe on basic freedoms already achieved in the real world. For that reason, I have decided that investing a little bit on a VPN service would be worthwhile.

I did a fair bit of research, and ended up settling on Astrill. I looked at a lot of different services, and as a package I think Astrill's service really suited my needs. One of the other contenders was "Hide my ass", which seems to be one of the most popular services out there. Indeed it was one of the ones I was most interested in. However, HMA made big news at one point when the folks from lulzSec got caught. Apparently HMA did provide authorities with logs that gave away a lot of vital information about its members. So entirely due to principles, in this case being that it makes no sense to pay a fee for privacy, if privacy is not really garanteed. It's not like LulzSec killed anyone.

The other big contender was Strong VPN, which I almost signed up with before I had done more reading. Their prices seem fair, and they do have a lot of options in terms of where their servers are, however, I really was looking for a service that included servers in different countries, freedom to switch servers frequently, the ability to connect via PPTP or OpenVPN. At Strong VPN, the ability to have all those things would cost me quite a lot, so I decided to go with Astrill. They offered pretty much all I wanted for a decent price if you do at least a 3 month contract.

The installation in Ubuntu as well as Windows 7 was easy. On Ubuntu you may need to download OpneVPN through apt-get, but after that you just click to download a small client. Windows just requires the client. I'll use it during the next few months, and I'll post if I encounter any problems.

Tuesday, August 21, 2012

Joseph Heller's "Catch-22"



 The chaplain was apologetic. "I'm sorry, sir, but just about all the prayers I know are rather somber in tone and make at least some passing reference to God."

"Then let's get some new ones. The men are already doing enough bitching about the missions I send them on without our rubbing it in with our sermons about God or death or Paradise. Can't we take a more positive approach? Why can't we all pray for something good, like a tighter bomb pattern, for example? Couldn't we pray for a tighter bomb pattern?"

This was one of those books I had been planning to read for quite some time, and it was as good as I expected. It is an interesting read, since it is written in quite an unusual way. The story is not told in a chronological order, instead you are told events in a way that all the pieces are presented as different characters are introduced and explored. Heller keeps feeding you different parts of the story and only giving you hints to when the events occur. The hints on the timeline are given in a very clever way, by using the number of mandatory missions pilots have to have before they can be sent home, which keeps going up as the war progresses.

The story is really interesting and Heller really twists things up as you go, by starting the book in a very humorous tone, that eventually turning it into a dark humor that really paints a grim image of war. Better than the plot in my opinion, was the prose. Heller, to me, writes some of the funniest proses I've ever seen, and even when I felt that the plot was dragging a bit, I never felt compelled to quit, because there were so many hilariously absurd dialogues.

Overall, this was a great book, and a must for anyone looking to read a classic WWII satire. In the next while I would like to read Slaughterhouse-Five by Kurt Vonnegut, as I've heard it is also a good satire. For now however, I will leave Catch-22 with a 8.5/10.

PPTP, OpenVPN, IPSec and L2TP - What's the difference?

I have recently started to look into VPN services to enhance my privacy while using the interwebs. One thing that started to confuse me pretty quickly was the variety of different servers available, and honestly it took me a while to start to understand what the differences are. Well to make this process simpler for other people, here is a nice short summary from zzing123, which was posed at "perfect-privacy.com forum.


On a general level, PPTP was invented by Microsoft as a VPN that could be used with dialup, and is far older than OpenVPN, and as such is practically available from any device that supports a VPN of some description. That and the fact it's easy to use are really the only reasons it's used. In terms of security it's basically crap: at best it uses 128 bit encryption with an RC4 handshake (Handshake is the authentication/login process for setting up the VPN). At worst, 64 bit encryption and a plain-text handshake (so it wouldn't even take 2 weeks: just read the packet!). Naturally, PP uses the better sort.

OpenVPN is - in this league - very new technology. It's basically the amalgamation of several technologies, like SSH, Stunnel, OpenSSL's encryption libraries all of which provide unix with best of breed power and together form OVPN, a best of breed VPN. OVPN allows you to choose the method and algorithm for handshaking as well as for data encryption, plus uses SSL certificates, PSK's or User/Pass (or a combination of) to authenticate clients on top of that. With hardware acceleration, OVPN is easily faster than PPTP. Without acceleration, it's entirely dependent on the algorithms chosen - Blowfish is designed to be the fastest software-only algorithm, so OVPN would be a lot faster than PPTP. Encumbered with a software AES-256 implementation, and PPTP's 128 bit encryption is faster. This ultimate configurability is also OVPN's downfall: it's pretty complicated to set up.

With PP's OVPN service, ideally they should provide a client.crt and client.key unique to every customer, instead of using the auth-user-pass directive for ultimate security, but management of these keys becomes a nightmare. That said PP uses RSA 4096-bit encryption for the handshake and AES-256 for data, which are probably the two most secure algorithms you can use currently in OVPN.

There is also a third technology: L2TP / IPSec. L2TP provides the layer 2 tunnel, and IPSec the encryption, and was invented by Cisco to bridge 2 networks together. IPSec uses either RSA or a Pre-Shared Key (PSK) for the handshake, which uses Diffie-Hellman hashing over and above that. For data, it can use 3DES, DES, Blowfish, AES and CAST-128. IPSec does have pretty good support in clients and is widely regarded as being PPTP sorted out. Because Cisco developed it to sell more routers, a lot of expensive network gear has IPSec support built in, meaning that if you have very expensive network kit using IPSec, your VPN's will be so fast there's practically no latency overhead. Software implementations are as fast as PPTP.

So in summary:
- Choose PPTP: If you want an albeit crusty VPN technology available everywhere
- Choose OVPN: If you want the most powerful, secure and modern VPN
- Choose IPSec/L2TP: If you want high performance between two sites