I am back with the backup!

All I wanted was a very simple tool - I give it the list of directories I care about and run it daily with my USB hard drive attached and it quietly backs up only files/folders that have changed since the last time

Goal for the long weekend was to learn enough python to write myself a backup utility.The official backup utility I am supposed to use on my work laptop is not user friendly ( or maybe it is and I just haven't bothered to learn about it - who knows).

Mission Accomplished ( Though being very new to Python I am not really sure how ugly/inefficient this program looks to decent python programmers)  - Here is the code if you like to see/use ( Disclaimer: Use at your own risk)

Morals and Ethics

           So I have had this discussion on morals and ethics with a friend of mine multiple times.It really boils down to what is right versus what is wrong.I guess to truly answer that if such a question is a valid question at all or if it is a valid question then does the question have a valid unambiguous answer - we need to know all of reality.Which includes questions like why we exist and what is the purpose of our existence.

           Religion tried to show us the reality but in my opinion failed miserably.Science is attempting to uncover the same reality now but I think we are far far from really understanding all of it.I base this opinion not from any deep understanding of the current state of science but by a reasonable guess that we humans think with our brains and everything around us suggests that these brains were mean't more for making sense of the senses as a better survival mechanism than to understand the underlying mechanism of nature.If our brains were mean't to understand the real nature of nature ,we would probably have senses to detect everything from microwaves to  gravity waves instead of having pretty much the same set of senses as a dog or a cat or a donkey

               I think it is too pompous of we humans to think we are somehow more "special".Yeah we probably are the smartest species on Earth but then probably for a more smarter Species than us, the difference between we Humans and Chimpanzees is probably the same difference we see between let's say a Star Fish and a Gold Fish.

               Think about it we have so many animal traits, we are frickin way too territorial. and have no qualms in killing people in the name of patriotism.Of course we use maps to mark our territory and not pee on the trees - so some improvement there from animals. Like animals we primarily care for our species over anything else - we don't mind de-foresting and killing other animals in the process to accomodate humans,killing such big Elephants for just their tusks, killing tigers for their skin and the list goes on. And of course within our own species we operate in packs  and whenever one pack gets to dominate other it will - In India the upper castes did all sorts of brutality against the lower castes, in the west the whites did that to blacks ,the English Empire went and fucked around with so many countries in the name of "culturizing" the "barbarians" and the list is endless.

              The last of the animalish trait that is probably only in humans is enforcing their views on others.Clearly every major religion in this world which was backed by rich people at one point or other tried to trash other religions,some countries can have nuclear weapons but if other countries try to pursue them they are rogue states - maybe what they say is right maybe not, now people tell that capitalism is a better thing over socialism but then who knows.
   
               Not that I am being judgemental and saying the above said behaviour is right or wrong.All I am saying is we really don't have all the facts and we are way to influenced by our hard wired natures  to even understand whether a question like "What is right and what is wrong" is even valid or not.And I don't believe I will ever  be able to answer that question in my lifetime

              But as a temporary band aid kinda fix - I like to believe that all things peaceful are right and all things violent and hurtful (physical or mental) to others are wrong (parly because I am a bit of a wuss and have fought (physical or verbal)  with a grand total of 1 person  in my 30 years and that too happened only once and lasted for 5 mins max and I ended up having my spectacles broken (of course other than my wife and mother with whom I seem to fight on a regular basis :-) ) )

              And yeah I dislike everything that is propoganda-ish where one person tries to influence or potray a wrong impression to the other by deliberating giving wrong information or half information.I just like my cold facts please.

            And the people who I like the most are guys  and gals who do science for the sake of science and help others for the sake of helping others

TCS Hack

So today India's biggest IT company TCS (Tata Consultancy Services) was "hacked".The idiots on internet wasted no time in calling out - it is India's biggest IT company and they got hacked and they are so pathetic and blah blah blah.

It was apparently a DNS hijack which basically means that the TCS servers themselves weren't compromised but the DNS server cache was somehow compromised to point it to the attackers ip.I don't know enough about it to understand if TCS could have taken any sort of preventive action on such attacks are not.

But here is a very nice article  that explains DNS spoofing , talks about a couple of techniques of doing it and  even gives step by step instructions for doing it  in one way.

Wireshark and Java API for packet sniffing

Here is a nice tutorial I found on the web for basics of networking.It gave a decent very high level overview of Network Topology, OSI Layers, Protocols  and Routing.

If you want to look more on how your network traffic looks you can try a packet sniffer called wireshark.Works extremely well for me on both Windows and Linux(Ubuntu).Wireshark is open source software that depends on another open source package called libpcap.You can set filters in wireshark on pretty much anything so you see only those packets for example show only ARP packets, Show only DNS requests requesting for facebook.com etc. If you are on a ethernet network, it is probably based on CDMA/CD so if you sniff your Network Interface Card in promiscous mode you will pick up not just packets meant for you but probably also other packets on the wire

If you like to use Java for packet sniffing , there is also an open source API for that - JpCap .It basically is against based on libpcap and has tons of native calls.Nothing like trying to debug a ArrayIndexOutOfBoundsException you get from within the native code ! :-)

Anyways here is what I had to do to be able to run the code from eclipse on my Ubuntu

1. sudo apt-get install build-essential (for libpcap compilation)
2. sudo apt-get install (for libpcap compilation)
3. sudo apt-get install bison (for libpcap compilation)
4. sudo apt-get install autoconf (for libpcap compilation)
5. Then get libcap from here 
6. Then pretty much ran ./autoconf, ./configure, ./make and sudo make install from within the libcap source directory
7. sudo apt-get Install openjdk6
8. sudo apt-get install eclipse
9. Download the source for jpcap from here.
10. The source has both Java and C code, so if you want to get it into eclipse, create a regular Java project and just copy the Java files under the src folder and dump the rest directly under the Project folder itself.
11. You'll need to compile the C code first into object code.I had to update the makefile to use -fPIC flags for gcc.This is needed apparently if you are running on 64 bit machine else gcc will complain.
12. copied libjpcap.so from above step to here /usr/lib/jvm/java-6-openjdk/jre/lib/amd64/libjpcap.so
13. sudo cp *libpcap* /usr/lib/jvm/java-6-openjdk/jre/lib/amd64/
14. Run eclipse with root priveleges i.e. sudo eclipse to launch the IDE

Botnets

If you still think that cyber crime is just over hyped and not that serious like real crime  and "hacking" is just done by a bunch of smart kids who have disproportionate amount of free time - think again! check this video out from Google Tech Talks How to Steal a Botnet and What Can Happen When You Do

Here is a text summary from another blog.The UCSB folks took control of the botnet by figuring out the domain name generation algorithm and then creating the domains before the bad guys could create it.Of course once the bad guys figured out, they changed the domain generation algorithm code and downloaded the new version on the infected machines.The interesting part was I watched this video around the time Google - China stand off was going on and then the video also mentions Torpig downloads a list of about 200 banks from around the world to launch its phishing attacks and then they mention for some reason in the video that not one of the banks was from China :-)

The gist is that when you typically visit sites you are not supposed to visit(you know the type I am talking about) this may happen.

1. They entice you with a irresistible pop up to click on or they may exploit some vulnerability of the browser to install the mebroot rootkit on your system.This is called as Drive By Download i.e. downloads which you did not explicitly ask for.
2. Mebroot is a rootkit which infects the Master Boot Record.I always thought messing with the MBR wasn't that easy but Symantec says otherwise "The main problem is that some versions of Microsoft Windows allow programs to overwrite disk sectors directly (including the MBR) from user mode, without restrictions. As such, writing a new MBR into Sector0 as a standard user is a relatively easy task."
3. Next Mebroot opens up a backdoor and downloads another Trojan horse called Torpig  
4. And then you are pretty much screwed.Torpig injects itself into to some 29 different dlls and actively sends everything from your key strokes (keylogger) to your Http Form data back to command and control servers.It also does phishing attacks from your browser

• You can't just block the ip of its command and control server from your firewall because it uses an extensive algorithm to calculate the domain names of the command and control servers almost every day and the criminals create the new domains for running command and control servers
• Using https does not help because torpig has already injected itself into your browser, so it will send the form POST data even before the browser can encrypt it
• Anti-Phising software won't help because again since Torpig is part of your browser now, you will see bankofamerica.com on your browser window and not some fake URL, but the page it shows is still fake and it will just send the details you enter to the command and control servers
• And it can use the mebroot backdoor to update its executable code regularly, so the algorithms keep changing

my home page

I guess that is what happens if you have ten bucks to spare and a weekend to kill - you get yourself a home page on the intertubes and here is mine http://home.bgurupra.org/.The weird name bgurupra is because it is the auto generated short id for my email at work and I am so used to that short id after using it for 8 years that I use it almost everywhere

Wubi Baby!

I was getting a little tired of using Ubuntu over VMWare because it was really slow and decided to install full fledged Ubuntu on my laptop and this thing called Wubi HAS to be the easiest way to install Ubuntu on Windows EVER!.

It runs like a windows installer.All it asked me was how much space I want to allocate for Linux and what is the user id and password I would like.period.Then it took about 30 mins to download the installation files.Next it asked me to reboot and by then it had added Ubuntu to the windows boot menu, I selected Ubuntu - another 15 mins for it to setup( It did not ask me for ONE SINGLE THING during this whole process).Then restarted again and that is it - Ubuntu installed!

It does not need you to partition your disk like the regular installation, instead it just creates a big files under windows and Linux treats that big file as the entire hard disk.And when I am want to uninstall - just need to uninstall from the regular Add/Remove Programs on Windows.Pretty neat huh?

oh and don't worry if you see it downloading amd64 installation for your Intel 64 Bit machine - apparently the amd64 installation works both on AMD and Intel,that is listed on the FAQs on Wubi site and I do have an Intel machine and the amd64 installation is working for me.