Migrating to Firefox from Google Chrome

After Firefox Quantum was released, I tried it out and decided to switch. I had a few reasons why:

  1. Faster
  2. No tracking
  3. Can run Add-Ons (Extensions) on mobile

I was very impressed, especially with Tracking Protection, how much faster Firefox has become. Number 2 refers to all your browsing data being sent to Google HQ, encrypted I imagine, but still. And for number 3, on Android certain sites would have 3rd party ads that redirected the browser from the new article or whatever page I was reading to some spammy ad page. After discovering that you can run, say uBlock Origin, on mobile I was determined to switch.

So to switch, I needed two profiles (“work” and “personal”, always separate as God intended) and as I found out later, a way to get those two profiles as separate taskbar tabs–which was much harder than it should be.

Switching was not so easy. I’ve had Firefox installed, even with multiple profiles before but it’s definitely not as simple to setup as Chrome. In Chrome, there’s a profile button on the top right of the title bar that makes switching profiles easy.

In Firefox, when it first starts after a fresh install it asks you for a profile name but by default will not ever ask again. So you have to run firefox -profilemanager (after closing any and all Firefox windows), and add a new profile.

Now, you can setup this Firefox installation to allow multiple profiles, but this causes problems with the Windows (7 and 10, at least) taskbar. The separate instances have the same appId, causing both profiles’ windows to be grouped. Which is annoying. And any shortcuts you make to each profile will not inflate with the respective process. In other words, your shortcut and the running application will both be visible at the same time, using up space. And if you click the shortcut, Firefox shows a dialog that complains it can’t start because it is still running. Ugh.

So forget trying to setup shortcuts and pin them to your taskbar for now. The best solution is to just run two installations of Firefox, each using a separate profile by default.

For work, since I’m a developer, I’m using Firefox Developer Edition. For personal crap, I just use regular Firefox. You might be able to install the same edition of Firefox alongside but in a different directory, but I believe the appId will still be the same. In my case, these each have separate appIds, so no issues. Install the second copy of Firefox, and then select the other profile you want to use with it.

Pin it to the taskbar, and your done.

Education in Futility: WarpWallet Brute Forcing

So, WarpWallet is a so-called brain wallet for Bitcoin. That is, you only have to remember a relatively short password and it generates the corresponding private key for use. It uses a memory and CPU hard set of cryptographic algorithms to ensure that brute-forcing is slowed way down. That is, when generating the private key, it takes considerable time. Their Javascript implementation takes over 10 seconds on my machine.

So the makers of it had challenges setup. By the time I stumbled on it, only the last challenge was left, with 6 months remaining. For that challenge, the reward for cracking an 8-character alphanumeric password was 20 BTC (and BCH and BTG!), which was worth over $100,000 USD at the time of the challenge end date.

Since their Javascript implementation is terribly slow I wondered if anyone had ported it to any other language, and found a Go version–but it was outdated and would not compile. So, as my first exercise in Go, I updated it and got it compiling. Instead of 10+ seconds per keypair generated, it took about 1 second. But, it took input from the command line, so I decided to make a brute forcer that used this newly updated generator. It would feed it the passphrase and salt and store the result (the private key and public key) and then I could parse these results later.

So the basic design was this:
My WarpWallet Brute Forcer (using Go WarpWallet implementation) -> SQL Database

The brute-forcer underwent many revisions. First it checked the history of passphrases to ensure no duplicates were stored, but this eventually took longer than the time to generate private keys, slowing the whole processes down. So it was eliminated (and there was virtually no chance of generating the same passphrase twice, the same odds as finding the correct passphrase).

It also did not store anything at first besides the date and the passphrase. The client checked each public key against the target one and discarded the result. This meant if the client was killed before I could check the output, I was out of luck! Later improvements added the private key, public key, and the hostname of the computer that generated it (as I used all available idle personal computers to do so).

Another misstep was having the Go pipeline switch sleep. First it slept 100 ms if no channel had data or their buffers were full, then I increased it to 250 ms inexplicably, then realized it waits by default. So this was leaving processing power on the table. Removing the sleep command on my main desktop gave a ~20% improvement in performance (from 5.12 to 6.14 keypairs/s on an i7). Below are the contributions from various machines. The IPs at the end are AWS servers, the largest chunk of which was from a c4.xlarge machine over a single day!

 

And then on January 1st, 2018 the challenge expired. There’re just over 24 million rows, 4.5GB data. It takes a few seconds to test any result. I investigated testing each public address to see if they had a balance but on my local Bitcoin node it takes minutes to scan the blockchain for transactions for newly added addresses. And web APIs rate limit you to where it would take a year or so to test each one. Less if I spread requests out across API providers. So, in the end, I just deleted all the results. It was fun, I learned a lot about Go, cryptocurrency nodes, and I’m ready for the next, hopefully more fruitful, project.

 

Reverse Engineering the firmware on a Kenwood DDX9903S

I bought and really like my Kenwood Excelon DDX9903S headunit. I had it in my WRX, and moved it to my LS430. It supports Android Auto and CarPlay, which I find really useful when driving.

However, it has a nag screen every time it boots up. This got me curious as to how it worked, and see if it could be patched to skip this disclaimer. I figured it probably ran Linux on a SoC, as pretty much everything does nowadays. So I grabbed the latest firmware for it (mine was already updated to it), and started probing.

S_V2_7_0008_0600_AT1.zip

Extract that and you get 3 folders under S_V2_7_0008_0600/:

BOOT_V2_7_0008_0600_release/
MAIN_V1_0_2758_0400/
SOC_V2_7_0008_0600/

In each there’s a .nfu file, which I’ve never encountered before. I ran binwalk on each:

[BOOT_V2_7_0008_0600_release]$ binwalk Boot_2.7.0008.0600.nfu
DECIMAL HEXADECIMAL DESCRIPTION
--------------------------------------------------------------------------------
248776 0x3CBC8 Android bootimg, kernel size: 0 bytes, kernel addr: 0x4F525245, ramdisk size: 1226848850 bytes, ramdisk addr: 0x6C61766E, product name: "ERROR: Cannot read kernel image"
1571592 0x17FB08 ELF, 64-bit LSB shared object, AMD x86-64, version 1 (SYSV)
2358024 0x23FB08 ELF, 64-bit LSB shared object, AMD x86-64, version 1 (SYSV)
3209992 0x30FB08 ELF, 64-bit LSB shared object, AMD x86-64, version 1 (SYSV)

Surprise, surprise, it runs Android. But, I’m thinking this image is possibly just the firmware updater, and not what I am looking for.

Continue reading

Adding a disk to an encrypted mdadm array

My RAID6 was originally planned with 6 drives, but only had 5 for a while due to space concerns with the case. However, I found as a file, media, and multiple cryptocurrency node it filled up the 2.7TB pretty quickly. So, I got a new case (and some more RAM), which has proper space for 6 3.5″ drives (and 2 5.25″). When migrating to this I decided to add the extra 1TB WD Red NAS drive I bought but have not been able to use.

The case is a Fractal Design Define Mini, and I am thoroughly impressed. Six 3.5″ slots, two 5.25″ external slots, and lots of sound padding on the doors and sides.

Continue reading

Sync login/lock screen wallpaper to current desktop background

For Windows 7, this turned out to be pretty easy to do via PowerShell. I just had to look for a native image resizing library since the lock screen for some odd reason, only supports JPEGs up to 256KB in size. Probably one of those legacy items left over from NT, like the file system permissions dialogs, and the built-in environment variables editor…

I ended up using WIA’s ImageProcess COM library which worked surprisingly well. It just resizes whatever you give it to the primary desktop resolution, so that’s not guaranteed to be less than 256KB, but it works more often than not so it was good enough for my purposes.

https://github.com/nearwood/wallsync

Windmill – Windows Window unclobberer

I noticed during the (many) meetings I attend that disconnecting and reconnecting my laptop from the dock reorganizes all my windows to the laptop’s display. This got annoying to have to drag and resize everything when returning to my desk, which has a 3 monitor setup. So, I wrote this small Win32 application to allow you to save the positioning and size of all windows and then restore them at a later time.

https://github.com/nearwood/windmill

There are binaries in the releases tab.

There doesn’t seem to be an API to detect when removed or added from a dock, so a futher enhancement I’d like to do is to detect when (the same) monitors are re-connected and then automatically move all the windows back. But, it works really well as it is.

405HP 280Z

A somewhat local place had a surprise dyno day so I went to try and tune my car a bit. Was somewhat successful, reaching 405 HP and 420 Ft-lbs. before giving up. I was hoping for 450 HP, as my turbo and injectors should be able to support it easily, but oh well. I couldn’t get past ~14psi or so.

But I kept experiencing some spark blow-out and had a rear main leak, so I decided to cut it short.

Fixing mirrorlist on Arch Linux Arm (Raspberry Pi)

I hadn’t updated my Raspberry Pi (a B+ model for my rpi-drd project) in about a year. Pacman -Syu kept complaining about being unable to find files on any of the mirrors.

So I, without thinking, ran reflector on an x86 host and copied it over. Oops. Now it definitely can’t find packages.

The archlinuxarm.org website gave me the hostname I needed, but not the entire URL. Put this in your mirrorlist (as the sole entry) to restore functionality:

Server = http://mirror.archlinuxarm.org/$arch/$repo