Active Topics

 


Reply
Thread Tools
Maemish's Avatar
Posts: 1,718 | Thanked: 4,764 times | Joined on Apr 2018 @ Helsinki, Finland.
#31
As always your advices are acknowledged and will be followed under other threads. I will soon edit the first post under this thread to be even more clear of how to situate oneself with everything said under this thread my Maemish. I will probably add in every this kind of post a header stating for new readers to see the first post preface. Thank you again for your seriousness cause it always guides me to proper conduct in this forum and I really appreciate it. And I'm serious now. I will not sign this with Maemish which will be a mark of not to be taken seriously. I hope there is room for my presence of which one part I have tried to box here.

Edit: So far haven't happen again but I haven't yet surfed with chromium, only adjust some settings. But the 'rational 'causes' which I presented seem to be the reason for unnatural behaviour.

Last edited by Maemish; 2019-03-07 at 13:43. Reason: Including neccessary information
 

The Following User Says Thank You to Maemish For This Useful Post:
wicket's Avatar
Posts: 634 | Thanked: 3,266 times | Joined on May 2010 @ Colombia
#32
I can't really say I'm surprised you got hacked. Running stuff like "chmod -R 777" over system directories? Running non-admin tasks as root? If it's any consolation, you're not the only one. I see many people doing this sort of thing all the time.

Oh, and then there's also this little Chromium 0-day:

https://nakedsecurity.sophos.com/201...t-this-minute/

It's generally not a good idea to run unsupported software, but if you you've got to do it, at least try to avoid running things that would tell a hacker, "Hi, come and get me!"
__________________
DebiaN900 - Native Debian on the N900. Deprecated in favour of Maemo Leste.

Maemo Leste for N950 and N9 (currently broken).
Devuan for N950 and N9.

Mobile devices with mainline Linux support - Help needed with documentation.

"Those who do not understand Unix are condemned to reinvent it, poorly." - Henry Spencer
 

The Following 3 Users Say Thank You to wicket For This Useful Post:
Maemish's Avatar
Posts: 1,718 | Thanked: 4,764 times | Joined on Apr 2018 @ Helsinki, Finland.
#33
I'm trying to use this browser only for two services, using chrome data saver (the two services are already a compromize of privacy so chrome servers do not take away but give a certain amount of security add) and now trying to find right settings for firejail sanedbox which I installed from the jessie-backports. So no intention of using this to anything else than visiting/using two sites. And yes, the privacy matters in linux are not my best area. I just to use subgraph to secure my self but it was too difficult to mess around cause everything was behind something I didn't understand so here I am. Learning. Chmoding and chowing are things I just now learning not yet knowing exactly what they do. Now I have though learned that they do open many places and that I do not want. Trial and error.

Edit: I don't know yet how to do it but hoping to learn to restrict chromium access only to .cache, .config and some folder where I can stash images for downloading to internet. No need to download from internet anything.

And most probably did not got hacked except by myself messing with the settings from backup.

Last edited by Maemish; 2019-03-07 at 15:24.
 

The Following 2 Users Say Thank You to Maemish For This Useful Post:
wicket's Avatar
Posts: 634 | Thanked: 3,266 times | Joined on May 2010 @ Colombia
#34
Originally Posted by Maemish View Post
I'm trying to use this browser only for two services, using chrome data saver (the two services are already a compromize of privacy so chrome servers do not take away but give a certain amount of security add) and now trying to find right settings for firejail sanedbox which I installed from the jessie-backports. So no intention of using this to anything else than visiting/using two sites. And yes, the privacy matters in linux are not my best area. I just to use subgraph to secure my self but it was too difficult to mess around cause everything was behind something I didn't understand so here I am. Learning. Chmoding and chowing are things I just now learning not yet knowing exactly what they do. Now I have though learned that they do open many places and that I do not want. Trial and error.
I have to applaud you for experimenting, it's the best way to learn. I'm glad you found and are using Firejail, it's a great little tool that not many know about and will certainly help in securing your apps, but it may not help if you're making general usage mistakes. It's interesting to see that you're using Subgraph OS too, which uses a sandboxing system called Oz, somewhat similar to Firejail. It's fundamentally flawed as users must declare beforehand which apps/programs they want to be sandboxed, it's implemented entirely in userspace and relies on a daemon. Both of these tools actually inspired my Master's thesis. I wanted a something that sandboxes processes with namespaces and seccomp automatically and couldn't be circumvented by taking down a daemon. So I took a Linux kernel with grsecurity and I modified the execve system call to sandbox all spawned processes. I then modified grsecurity's RBAC tool to allow whitelist system call and namespace policies to be applied. It was pretty much a proof of concept but it mostly worked.
__________________
DebiaN900 - Native Debian on the N900. Deprecated in favour of Maemo Leste.

Maemo Leste for N950 and N9 (currently broken).
Devuan for N950 and N9.

Mobile devices with mainline Linux support - Help needed with documentation.

"Those who do not understand Unix are condemned to reinvent it, poorly." - Henry Spencer

Last edited by wicket; 2019-03-07 at 16:05.
 

The Following 5 Users Say Thank You to wicket For This Useful Post:
Maemish's Avatar
Posts: 1,718 | Thanked: 4,764 times | Joined on Apr 2018 @ Helsinki, Finland.
#35
Now I understand better how bad it must feel to you to read of my learning curve.

There is somewhere on this forum possibly a thread where I discribed my most stupid endeavour which led me to start to learn about linux and security. About 10 years ago and look how far I have made it! I use N900!

Last edited by Maemish; 2019-03-07 at 16:24.
 

The Following 4 Users Say Thank You to Maemish For This Useful Post:
endsormeans's Avatar
Posts: 3,141 | Thanked: 8,161 times | Joined on Feb 2013 @ From my Gabriola Island hermitage, near the Edge of the World
#36
I am not trying to be a buzzkill Maemish, nor insist you change your posts..
But saying around here "the n900 hacked me" ....casually...
is an alarming thing to say...
Like saying on a flight "I have a bomb"

For myself I can only speak...
(but I am guessing other n900 users as well ...)
but knowing exactly what you did ....
so as to avoid said issues.

Wicket is dead on the money concerning his post #32.
glad he showed and filled you in..
some things though fun to do aren't the safest...
We have some known weak spots to keep an eyeball on..
My concern was you found a big one.

Most important question is ...
"once your n900 was vulnerable...did they find your porn?"
__________________
Lurker since 2007, Member since 2013, Certifiable since 1972

Owner of :
1-n770 (in retirement), 3-n800's / 3-n810's (still in daily use), 5-n900's ((3 are flawless, 1 loose usb ( parts), 1 has no telephony (parts))
3-nexus 5's : 1 w/ Floko Pie 9.1 (running beautifully) waiting for Stable Droid 10 rom, 1 w/ ̶Ubuntu Touch, 1 with Maru OS (intend maemo leste when ready)

1/2 - neo900 pre- "purchased" in 2013. N̶o̶w̶ ̶A̶w̶a̶i̶t̶i̶n̶g̶ ̶r̶e̶f̶u̶n̶d̶ ̶p̶r̶o̶c̶e̶s̶s̶ ̶l̶a̶s̶t̶ ̶f̶e̶w̶ ̶y̶e̶a̶r̶s̶ - neo900 start up declared officially dead -
Lost invested funds.


PIMP MY N8X0 (Idiot's Guide and a video walkthrough)http://talk.maemo.org/showthread.php?t=94294
THE LOST GRONMAYER CATALOGShttp://talk.maemo.org/showthread.php...ight=gronmayer
N8X0 VIDEO ENCODING THE EASY WAYhttp://talk.maemo.org/showthread.php...ght=mediacoder
242gb ON N800http://talk.maemo.org/showthread.php?t=90634
THE PAIN-FREE MAEMO DEVELOPMENT LIVE DISTRO-ISO FOR THE NOOB TO THE PROhttp://talk.maemo.org/showthread.php?t=95567
AFFORDABLE MASS PRODUCTION FOR MAEMO PARTShttp://talk.maemo.org/showthread.php?t=93325

Meateo balloons now available @ Dave999's Meateo Emporium

Last edited by endsormeans; 2019-03-07 at 16:59.
 

The Following 2 Users Say Thank You to endsormeans For This Useful Post:
Maemish's Avatar
Posts: 1,718 | Thanked: 4,764 times | Joined on Apr 2018 @ Helsinki, Finland.
#37
They may only find pictures of me flashing to my N900. Have learned to flash with this device.
 

The Following User Says Thank You to Maemish For This Useful Post:
endsormeans's Avatar
Posts: 3,141 | Thanked: 8,161 times | Joined on Feb 2013 @ From my Gabriola Island hermitage, near the Edge of the World
#38
bad enough ...



if there is evidence on your n900 of flashing...
__________________
Lurker since 2007, Member since 2013, Certifiable since 1972

Owner of :
1-n770 (in retirement), 3-n800's / 3-n810's (still in daily use), 5-n900's ((3 are flawless, 1 loose usb ( parts), 1 has no telephony (parts))
3-nexus 5's : 1 w/ Floko Pie 9.1 (running beautifully) waiting for Stable Droid 10 rom, 1 w/ ̶Ubuntu Touch, 1 with Maru OS (intend maemo leste when ready)

1/2 - neo900 pre- "purchased" in 2013. N̶o̶w̶ ̶A̶w̶a̶i̶t̶i̶n̶g̶ ̶r̶e̶f̶u̶n̶d̶ ̶p̶r̶o̶c̶e̶s̶s̶ ̶l̶a̶s̶t̶ ̶f̶e̶w̶ ̶y̶e̶a̶r̶s̶ - neo900 start up declared officially dead -
Lost invested funds.


PIMP MY N8X0 (Idiot's Guide and a video walkthrough)http://talk.maemo.org/showthread.php?t=94294
THE LOST GRONMAYER CATALOGShttp://talk.maemo.org/showthread.php...ight=gronmayer
N8X0 VIDEO ENCODING THE EASY WAYhttp://talk.maemo.org/showthread.php...ght=mediacoder
242gb ON N800http://talk.maemo.org/showthread.php?t=90634
THE PAIN-FREE MAEMO DEVELOPMENT LIVE DISTRO-ISO FOR THE NOOB TO THE PROhttp://talk.maemo.org/showthread.php?t=95567
AFFORDABLE MASS PRODUCTION FOR MAEMO PARTShttp://talk.maemo.org/showthread.php?t=93325

Meateo balloons now available @ Dave999's Meateo Emporium
 

The Following 4 Users Say Thank You to endsormeans For This Useful Post:
Maemish's Avatar
Posts: 1,718 | Thanked: 4,764 times | Joined on Apr 2018 @ Helsinki, Finland.
#39
The guy even got the same coat I'm wearing! Wait a minute... Was it you who got access on my beloved one? I remember that pose.
 

The Following 2 Users Say Thank You to Maemish For This Useful Post:
Maemish's Avatar
Posts: 1,718 | Thanked: 4,764 times | Joined on Apr 2018 @ Helsinki, Finland.
#40
Optimizing your device

I have been doing this for years 'cause I never like to be slowed down. If I have a task and something is slowing me down I like to get rid of it - not the task but what is slowing me down. I have had many possibilities. I have changed the swap parameters, optimized performance to current task instead of saving resources for the backround programs, disabled all smoothing animations to get more rapid responses, disabled indexing, disabled all the update checks for both hardware drivers and programs, disabled automatic defragmentation, as an admin stopped all the services I didn't need, prevented most startup programs, disabled healthchecks and sanity checks from the hard drive, and run the machine like crazy 20 hours a day long periods of time. I have also started overclocking to the limits. I know what is the maximum limit for cpu but still try once and a while if I could hold a hundred more.

What I have gained? Where I have got myself? Not finding anymore files 'cause they are not indexed, the machine has become unstable and not being able to run hard tasks like before. And at last got myself heart problems. I started to think of this and understood that this my machine which I have used like this is now 43 years old. If I overclock it all the time, run 20 hours a day, disable all backround programs which have a purpose of keeping the machine in good shape, disable indexing and sanity checks, no wonder I start to forget things, not being able to do big tasks, and get sudden reboots.

I think it is time for me to slow down the machine and start to use it inside the factory limits and with the parameters ment for it. Not to run fast 10km sprints, multitask all the time with wrong nutrition and too little sleep. 43 years old machine and can't change it. Each year one year older. Sigh. The reality is sometimes so unpleasent place to live in.
 

The Following 2 Users Say Thank You to Maemish For This Useful Post:
Reply


 
Forum Jump


All times are GMT. The time now is 20:26.