Frank Groeneveld's blog

Fix Your Insecure Passwords

Everybody knows it, but nobody does it: using real secure passwords. One of the most heard reasons is the fact that people can’t remember weird passwords with all kinds of punctuation characters and no actual meaning. Well, I’ve never really had this problem. How do you remember those weird passwords you might ask. I’ll explain in this post.

Guest Blog Post Published at CDT

The launch of pleaserobme.com received a lot more media attention than we had expected. We were on a number of international radio stations, national television etc.

Furthermore, Adam Rosenberg of Center for Democracy & Technology (CDT) asked us to write a guest blog post. Of course we were interested in doing so, because it gave us another opportunity to make people aware of the potential problems of sharing your location with the whole world. The post was pusblished today and can be read on the CDT website.

Location Spam, Annoying and.. Risky?

Hey, do you have a Twitter account? Have you ever noticed those messages in which people tell you where they are? Pretty annoying, eh. Well, they’re actually also potentially pretty dangerous. I’m about to tell you why.

Don’t get me wrong, I love the whole location-aware thing. The information is very interesting and can be used to create some pretty awesome applications. However, the way in which people are stimulated to participate in sharing this information, is less awesome. Services like Foresquare allow you to fulfill some primeval urge to colonize the planet. A part of that is letting everyone know you own that specific spot. You get to tell where you are and if you’re there first, it’s yours. O, and of course there’s badges..

Foursquare Foursquare

The danger is publicly telling people where you are. This is because it leaves one place you’re definitely not… home. So here we are; on one end we’re leaving lights on when we’re going on a holiday, and on the other  we’re telling everybody on the internet we’re not home. It gets even worse if you have “friends” who want to colonize your house. That means they have to enter your address, to tell everyone where they are. Your address.. on the internet.. Now you know what to do when people reach for their phone as soon as they enter your home. That’s right, slap them across the face.

To raise some awareness on this issue and emphasize how easy it is to retrieve this information let me introduce: http://www.pleaserobme.com. Have fun and please don’t hook up Foursquare to your Twitter account, okay?

Crawljax 1.8 Released

I’m working on a cool project for my master thesis: Crawljax. Crawljax is a website crawler that supports JavaScript. This is done by opening a real browser such as Firefox and controlling it via WebDriver. The core of Crawljax does only that: crawling websites. However, there is a very flexible plugin system available that allows you to do all kinds of cool things such as creating a static mirror of an AJAX website or creating test suites for you AJAX webapplications.

Download Crawljax now and give it a try!

To get a better grasp of what is possible, have a look at the Google Tech Talk a colleague of mine did:

Update Your HTC Hero Radio

One week after I bought my Hero, I found out it is possible to install a newer radio-firmware on the HTC Hero. This has all kinds of positive improvements such as better reception and better battery life. I don’t know where these radio updates come from (I guess from HTC themselves), but they aren’t published on the HTC website. You can find them at the xda-developers forums (currently, there is a newer update that is not listed in that thread) and they can be installed by saving them to the SD card of your Hero as “update.zip”. Next, turn off your phone and turn it on again by holding home+poweron. Enjoy the better reception and battery life!

WordPress 2.9 Released

WordPress 2.9 was just released. All in all this seems to be a great release again, including some features I had been looking forward to:

  • Easier bulk plugin upgrades
  • In browser image editing
  • A trash for posts you remove, so you can undo it if necessary

Upgrade now!

HTC Hero Without Sense

A few weeks ago I bought my first smartphone: The HTC Hero. It’s been a great purchase since the beginning, but I was wondering how Android would “feel” without all the HTC customizations such as the SenseUI. So, I installed an AOSP (Android Open Source Project) ROM for the Hero. It was a build of the Android 2.0.1 sources combined with the Google closed-source applications such as Gmail, Talk and Calendar. This was a really great experience, because all the features I use worked great. There was just one problem that is quite important for me: battery life. Somehow this ROM seems to drain the battery at night. When I first brought up this issue, nobody had noticed it, but quickly other people started to monitor their Hero’s and it appeared they were experiencing the same problem. I’ve switched back to the official ROM until this is solved, but you should really give this a try. The developers of the ROM did a great job!

Howto: Live Migrate to Software RAID 1

Feel insecure about your data? Don’t trust your harddrive anymore? Use this howto to migrate your running Ubuntu Linux system to software RAID 1.

Before starting off, I assume you have your running system on /dev/sda and your new harddrive is called /dev/sdb.

Boot up your system and install the mdadm package. We now have to create partitions on sdb that are the same as sda. Because I have identical disks, I just copy the partition table from sda to sdb like so:
sfdisk -d /dev/sda | sfdisk /dev/sdb
After that, I use partprobe to let the Linux kernel know I have changed the partition table.

Next step is to create a degraded RAID array on sdb which we can copy the files to and than add sda to the array. For every partition you have to run:
mdadm --create /dev/md0 --level 1 --raid-devices=2 missing /dev/sdb1<br />
Where you replace sdb1 with the partition you want. Now create filesystems on these new raid devices:
mkfs.ext3 /dev/md0
Again, run this for all your mds.
After copying all the files to your new array, we have to modify a few files.

  • /boot/grub/menu.lst
  • /etc/fstab
  • /etc/initramfs-tools/conf/resume

All these files contain references to UUIDs that are no longer correct. I simply replaced them with /dev/md0 for example. You can try to use UUIDs, but I believe that the (striped) partitions have the same UUIDs as the raid devices (the mds). If you’ve changed everything, run:
mdadm --detail --scan >> /etc/mdadm/mdadm.conf
And don’t forget to update your initrd:
initramfs -u

That’s all! You can now enjoy the safety of RAID 1 without to much hassle. To check the status of your array, look in /proc/mdstat. Also make sure you setup a mail server or ssmtp, because the mdadm tools will try to send you an email if one of your RAID devices is degraded/corrupt.