EPH

WiFi

WiFi Woes

After all the buzz in the news lately, are you now finally planning on patching your WiFi router, buying a new one, or just saying the hell with it and going back to Cat 5e Ethernet?

“Krack” WiFi exploit news got you bummed out, or are you just now learning about Re-using a “Nonce” to fake out your trusty old router with a “key re-installation attack”……that you always thought was secure using WPA2?

How often have you even heard of or used the word “nonce” in a sentence?

You don’t want someone decrypting your packets and/or forging new ones to basically hijack your connection. Maybe you don’t care and like to surf the web on public WiFi at your favorite coffee shop. That’s up to you.

It’s been a very odd year for cyber security issues.

If privacy isn’t your main concern, then maybe avoiding someone or something trashing your laptop with malware is. Either way bad things seems to appear to be accelerating, or maybe it just feels that way because such reports are more readily available online than a few years ago. (More information = more awareness……and often stress)

 

Latest Headache:

For a very rudimentary, somewhat sketchy and brief explanation let’s say that in a WiFi 4 way handshake there is the possible retransmission of the 3rd message because a potential loss of the final message. (the other end for whatever reason never sees it)

– Apparently this creates a potential exploit against the “client” because of the odd rule set or way in which the WiFi router fumbles the ball with encryption. This all happens because of a possible “PERSON in the MIDDLE” attack,

 

Is a VPN or Cellular link a better alternative?

– hmm, possibly.

Actually, I do think WiFi will be around as a consumer LAN for a while. So, you’ll just have to keep current with all the available security parameters……forever?

 

What can the average user actually do?

 

-Well, let’s first make sure your “clients” are all patched and up to date. Your laptop, TV, refrigerator, security cameras and anything else connected to your local network

-If you have access and permissions, check to see if you can disable your router’s ability to act as a client (maybe you use your router as a repeater or access point) and see if your equipment’s vendor has or will have a patch soon.

-Running a relatively modern operating system and keeping your patches up to date is always a good idea.

-A decent firewall policy and a trusted Anti Virus program make sense for most user’s  systems.

-Having a backup procedure or scheme could be very handy also.

-Using strong password protection policies and in some cases encryption for your computer drives are all common sense now.

Nothing really new, just a reminder, but unfortunately replacing your WiFi router each time a new vulnerability is publicized could get a little expensive especially if that’s the only fix available.

As a general recommendation I’d say update your client equipment’s software/firmware if you can soon.

Relax, you’ll be fine…..Probably.

 

Do you depend on venders and your local Internet providers to patch there “rental” equipment or do you add your own newly updated super cool WiFi router ? (Probably both would be nice)

Ubuntu Studio 16.04.3 LTS

Halloween will soon be here, so I figured I’d get with the spirit of the season and do something scary!

Yes, that’s right, venture out of my comfort zone and take the long and twisted path through the spooky digital dark woods of lonely Linux distributions.

In a world where Mac OS and Windows dominate the DAW (Digital Audio Workstation) world, Linux offers some impressive potential. That said, it’s time I put a little effort into actually doing something with all that potential.

My favorite DAW has been Logic Pro X on a MacBook Pro. I’ve even used it on a Mac Air with some success. I’ve never been too impressed with using a standard Windows laptop for a portable DAW, but let’s see what I can do with a somewhat low powered laptop and Linux.

To build this “Frankenstein” I chose Ubuntu Studio 16.04.3 LTS.

(Xenial Xerus) 64-bit. I’m using an old Thinkpad (Intel N2940 @ 1.83 GHz) with 4 gigs of ram. This is not a powerhouse by any means, but it might be closer to what some Linux users have available if they are on a budget.

“It’s Alive!” Well, it’s running. I installed the Distro, ran apt update & apt upgrade – then went right into LMMS 1.1.3.  For a basic DAW LMMS is pretty straightforward. The built-in samples are solid, and the Beat+Baseline Editor is easy to use with the Piano-Roll. Audacity 2.1.2 is a very good sound recorder/editor. This is probably the most useful software for what I would use. There are a lot of audio utilities and effects. As far as a software studio, Ubuntu Studio packs a lot in the audio production selection. Add these tools to the provided Graphic Design and Video production selections and you have a lot of tools to leverage with some creativity.

I’m going to try to explore as much of this Distro as I can in the coming weeks and see what I can do with all these tools. Maybe I’ll learn a few new tricks along the way. I might even treat myself to some play time on some of these software synths.

Check out our blog post on Music Production with a home studio!

 

Linux

Linux Rolling Releases

Linux Rolling Releases

I have come to appreciate Linux rolling releases. Particularly Arch based or related distributions. The one issue I have run into on occasion has been stability after an update/upgrade. I haven’t experienced any show stoppers lately as my current favorite Manjaro XFCE has been very solid, but why take chances. My initial approach years ago would have been to dual boot Windows 10 with Manjaro. I never really thought I was gaining anything, other than to have the ability to run Windows-only software. If you don’t, then what’s the point. I’m not going to keep Windows around just for a security blanket

Yes, I’ve done the Win/Linux dual boot in the past more for convenience than practicality. Sure I could have gone the Virtual Box route, but that seems to have more drawbacks depending on your hardware than a dual boot.  Why divide up resources on a machine that’s already limited? Why go backwards? If I have to rebuild a laptop, so what? It’s good practice and a fresh start is sometimes a good thing.

Simple Solution

A simple solution for my backup laptop setup has been to load Ubuntu Mate on a laptop first (16.04.3 LTS (Xenial) Recommended for stability and mission-critical systems. Supported until April 2019), then install Manjaro and let Calameres partition the drive and add Manjaro alongside the now reduced in occupied drive space Ubuntu OS. (MANJARO 17.0.4  “X”)

I find this sequence works better for booting into either of the Systems. The reverse install order tends to leave me with a slower boot selection. To me, this type of dual-boot “potential” daily driver could be much preferred and I have found that it works well. That is the goal. I don’t have Windows available on this laptop, and I don’t feel that I need it. If I find that I really truly need a Windows machine, I’ll just run it on a separate laptop. In fact I sometimes do, but regrettably so. I might have to actually do a new install, but that’s not such a big deal, it’s just the update times I’m not a big fan of. The basic install is usually pretty quick – not as quick as installing a lightweight Linux distro, but not too horrible.

I do like some things about Windows 10, but the point is that I don’t want to be a “Windows User” if I don’t need to be because I like working with Linux a lot more. I know I have more control over my system, but with Windows, I’m never quite sure who’s actually controlling who. Anything “*nix”ish including OSX I enjoy working with. I’ll give MS credit for developing Powershell into a decent tool, but I already have decent shells to work on both Linux and OSX.

I could use this older Lenovo dual-boot laptop for my daily driver, but I prefer to rely on my very inexpensive, lightweight IdeaPad.Using Manjaro on that laptop — half the ram, and a third the memory – perfect!  I can experiment with the backup. You might question why I don’t use Ubuntu-Mate LTS on the daily driver. The answer is – there isn’t enough space for a dual boot — but I actually sometimes do run Ubuntu-Mate only but at the moment I’m happy with what I’m using now “Manjaro 17.0.4”. If I have a problem I know I have a usable backup. There is some comfort in that. If I feel the need to do some Distro hopping – I can use either laptop to try a new build. I have Manjaro on both, so I’m set there.

The fun is in learning and trying new Linux software and operating systems. A rolling release keeps me interested in what has been improved or changed. The LTS is simply just dependable – not overly inspiring, but dependable. You have the best of both.

The Bottom Line

The bottom line is as always — does your system work for you, and are you getting the most out of what you have? You may be getting all this done with Windows 10. In some ways, Windows 10 also acts like a rolling release with some of the large updates that have enhanced and added some new functions. When it comes down to having something I can depend on and know works, I prefer Linux, but I do see Windows getting better and Linux-like in some respects. Whatever you prefer – one operating system, or multiple operating systems, if it works for you – great. If you really like a system, you’ll most likely get more use out of it.

Luckily there are a variety of systems to choose from. Try them all if you can.

Windump

Windump (back to basics)

Sometimes I like to go back to the basics, for network troubleshooting a good packet analyzer is what I need. I use Wireshark and Tshark if I can, but sometimes I get everything I need out of TCPDUMP. Sometimes I find myself staring at a Windows machine and not at a Linux command line. No problem, Windows has a couple of useful shells to work with, and it can run something very very close to TCPDUMP.

So, if you are also looking for a simple alternative to Message Analyzer, Wireshark, or Tshark than WinDump – (a port of LibPcap ) may be just what you’re looking for. If you are familiar with TCPDUMP on Linux or UNIX, than you will find WinDump works very much the same.

Download windump here

verify your download:

SHA1: d59bc54721951dec855cbb4bbc000f9a71ea4d95

MD5: 7b50683722d9efd3dccbb9e65ec0f2df

You can use Sigcheck to verify the file:

https://download.sysinternals.com/files/Sigcheck.zip

Also available is the entire suite of System Internal Tools which also contains SigCheck

https://docs.microsoft.com/en-us/sysinternals/downloads/sysinternals-suite

Another available but currently unsupported command line utility that computes MD5 or SHA1 cryptographic hashes for files that works with Windows 10:

Microsoft File Checksum Integrity Verifier tool

(Windows-KB841290-x86-ENU.exe)

https://www.microsoft.com/en-us/download/details.aspx?id=11533

 

I find it easier to place both WinDump and fciv in the same folder.

You may choose to move WinDump after you scan your download with an antivirus and/or Malware detection tool and verify the file integrity

 

 

 

Windump

 

Windump

 

 

Using “-both” to see both the SHA1 and MD5  output together

Windump

 

You can find the manual for WinDump (actually its also the TcpDump manual) at:

https://www.winpcap.org/windump/docs/manual.htm

 

windump.exe version 3.9.5, based on tcpdump version 3.9.5

WinPcap version 4.1.3 (packet.dll version 4.1.0.2980), based on libpcap version 1.0 branch 1_0_rel0b (20091008)

Usage: windump.exe [-aAdDeflLnNOpqRStuUvxX] [ -B size ] [-c count] [ -C file_size ]

                [ -E algo:secret ] [ -F file ] [ -i interface ] [ -M secret ]

                [ -r file ] [ -s snaplen ] [ -T type ] [ -w file ]

                [ -W filecount ] [ -y datalinktype ] [ -Z user ]

                [ expression ]

 

 

If you’re interested in whats new with Tcpdump and LibPcap check out the latest releases:

http://www.tcpdump.org/#latest-releases

 

If all you want to do is collect packet data (with low overhead) so that you can examine the capture later in Tshark or Wireshark, and you have Wireshark tools installed, than Dumpcap is another useful option. I believe on Linux, TcpDump may drop fewer packets than Dumpcap (and Tcpdump can parse data in near real time for viewing), so I would lean more toward using WinPcap on Windows machines if available. You may find that Tshark and Dumpcap work better for your system, but I tend to use either Tcpdump/WinDump or Wireshark. I will use Tshark on occasion, but rarely would I limit my use to Dumpcap only.

 

Portable Folding Keyboard

Portable Folding Keyboard

Should you get a portable keyboard for your smart phone?

You don’t always want or need to carry around a laptop or even a tablet. If you have a smart phone, you can still do a lot of the things you would have done with a larger device. I’m trying to simplify what I carry around on a daily basis. One thing I like about traditional laptops is the keyboard. I’ve started using a folding Bluetooth keyboard with my iPhone 7plus. I’m using the SMICK Foldable Wireless Bluetooth Keyboard for iPad, Macbook, iPhone7 etc.,F66 GOLD. It received 3.5 out of 5 stars and on sale for about $20.00 on Amazon. As soon as I realized I had to hit the Fn and Bluetooth keys together and pair the unit before I tapped the Fn and E (IOS) keys the rest was pretty straight forward.

Overall it does the job

Ive type on many different keypads, and this was not bad. I’m much slower typing on these keys, but it’s workable, and I’m slowly getting used to the spongy response. The major point is that it is very portable when folded. The stand for the iPhone doesn’t attach but works very well at holding my iPhone in landscape mode. This isn’t meant to be a product review. There are a few other folding keyboards available on Amazon that also have good reviews and would most likely work very well for anyone interested in minimizing their “mobile office”.

I’m more interested in the idea of getting things accomplished with a very basic setup that I can carry in my pocket – which for a few years now has been a smart phone. The biggest drawback about using a phone as my “mobile office” has been typing with one finger using the on screen keyboard. I’ve gotten a little faster over the years, but I don’t always hit the correct key. On a laptop or netbook the typing feels more comfortable.

The portable folding keyboard works well, but still doesn’t feel as comfortable as laptop keys, and now I see that I’m actually able to type faster with just the on-screen keyboard. This I did not expect.  I guess for a best portability solution all I really need is the iPhone.

Pages-(IOS)

I use “Pages” for writing. I was previously only using “notes” on the iPhone, as it was simple and perfect for – taking notes or quickly jotting down ideas. The iPhone 7 plus has a big enough screen for comfortably viewing what you’re typing – either with or without the foldable keyboard. I can take pictures, record audio, edit, and publish right from my iPhone.

 

For a basic daily driver computer, you probably already have all you need in your phone.

The folding keyboard is a nice hardware add-on that isn’t too expensive and doesn’t take up much space. It does take some getting used to, and I’m sure I’ll use it more than I had originally anticipated. It is amazing how useful one device design has become, how it keeps us connected, and productive. Just writing this post I’ve bounced between using the keyboard and using the touch screen. Right now I’m liking the much larger keys on the folding keyboard.