Friday, October 31, 2014

Gap for Gimp (gif creator) Windows Installer mirror

Mirror for Gap for Gimp version 2 (Gimp-GAP-2.6.0-Setup2).

MD5 938d9da31c2e9c34de1612e80d5b9a0c
SHA1 4422fb72a27ff73261e3b7ec1ec5c199cd1913ac
SHA256 6c7287cef151dfed96cd8a86a5d097fa40f691c28dcb071b127ee384620ea3fe



Download link  (Current as of 10/31/2014)




Source: http://photocomix-resources.deviantart.com/art/GAP-2-6-for-Gimp-2-6-Windows-135464357

Saturday, October 11, 2014

Re-enable non Chrome Store extensions in Stable/Beta builds - Current as of October 11th, 2014 - Chrome version 38.0.2125.101 m

I wrote an extension a while back for Chrome to help me export bulk DNS requests in xml format so I could import them into my firewall easier.

Since Google blocked apps/extensions from being installed from outside the Chrome store, I wasn't able to run the app I wrote without becoming an official developer... So I didn't bother.

I finally found a (sane) solution to the problem. This was posted on the Google Product Forums. Thought I'd share the steps with a bit more detail:

  1. Download the Chrome group policy templates: http://dl.google.com/dl/edgedl/chrome/policy/policy_templates.zip (Mirror located here: https://drive.google.com/file/d/0B_Kat9gPjQAVdXV2Q3BEOVpja28 MD5 Hash7eac305720bb2f70e9e3940205b45796)
  2. Extract the files. Copy (zip)\policy_templates\windows\admx\chrome.admx to C:\Windows\PolicyDefinitions\
  3. Copy (zip)\policy_templates\windows\admx\en-US\chrome.adml (or your language/region) to C:\Windows\PolicyDefinitions\en-US
  4. Open Chrome and go to Options > Tools > Extensions (Or simply chrome://extensions/) and at the top, check Developer mode (if not already checked)
  5. Scroll for the extension you wish to re-enable. You should be able to double click on the ID to select it, then copy. 
  6. If you've already uninstalled the extension, you can drag the .crx files back into this extension page to reinstall. You will not be able to enable it, yet, but this will give us the ID to allow it to enable it.
  7. Run gpedit.msc from the start menu or command line (Or, if running a Home Edition version of Windows, MMC and add the Group Policy Editor snap-in)
  8. Expand User Configuration > Administrative Templates > Google > Google Chrome (not the Google Chrome with "Default Settings" in the name) > Extensions
  9. Edit the Configure extension installation whitelist on the right pane.
  10. Change the options from Not Configured to Enabled.
  11. Under the Options, click the Show button and paste in the Extension ID(s) you want to re-enable. 
  12. Ok and close out of the group policy editor. Close out of Chrome completely (check the task manager to be sure).
  13. Once you launch Chrome, navigate back to your extensions. You will not have the ability to re-enable your app/extension. 

Tuesday, October 7, 2014

Quality Belkin Wemo support...

So, I have the Developer version of Android L. All my apps work, with the exception of the Belkin Wemo app. The error message I get when I try to install it is:

Unknown error code during application install: "-112"


I sent in an email to Belkin's support. I got this as a response:




Thank you for contacting Belkin Technical Support.

It appears that you're getting an error 112 upon installing the latest WeMo app. We apologize for the inconvenience it has caused you. 

Error 112 is a setup installation error. It means that the setup is unable to decompress and copy all of the program files needed to proceed with the installation. 

This issue occurs because you do not have enough disk space available in the temporary files folder. You may need to free some space in your smartphone.

In as much as we would like to assist you, deleting files in your smartphone is beyond our scope of support. You may need to check the manual or contact the manufacturer of your smartphone.

Should you have any Belkin concerns, please feel free to contact the hotline of your country or that of a country near you. For the list of countries with phone support, you may click on this link: 

http://www.belkin.com/us/support-article?articleNum=55022.



Well, that's funny... A quick google search for "Error 112" returns this link:

https://support2.microsoft.com/kb/326678

Error 112 Setup Installation Error: Setup is unable to decompress and copy all of the program files needed to proceed with the installation.


What Belkin Says: Error 112 is a setup installation error. It means that the setup is unable to decompress and copy all of the program files needed to proceed with the installation. 

The Windows support site: Error 112 Setup Installation Error: Setup is unable to decompress and copy all of the program files needed to proceed with the installation.


They literally are using a Windows support KB for an Android app... no wonder they have such a low rating (2.9) on their app 

Tuesday, September 30, 2014

How to get Ubuntu 14.04 security update notifications sent to your inbox using Gmail.

We can set up a cron job to email security updates using Gmail over SSMTP (yes, the same app we used before to send email notifications for someone pressing the doorbell in a previous project). SSMTP, not to be confused with SMTP, is easy enough to use and set up, but it's not the most secure as your password is in plain text. I recommend signing up for and using a throwaway/junk Gmail account for this.

Prerequisites:

  • Ubuntu 14.04 LTS Server
  • A spare gmail account that you don't care about



SU into root and install ssmtp:

sudo su - 
apt-get install ssmtp

Move the default config to a backup:

mv /etc/ssmtp/ssmtp.conf /etc/ssmtp/ssmtp.bkp

We are going to create a new conf file in its place:

vi /etc/ssmtp/ssmtp.conf

(for new vi users press "i" here to enter insert mode... or just use nano or whatever you prefer)

# The user that gets all the mails (UID < 1000, usually the admin)
root=youremail@gmail.com

# The mail server (where the mail is sent to), both port 465 or 587 should be acceptable
# See also http://mail.google.com/support/bin/answer.py?answer=78799
mailhub=smtp.gmail.com:587

# The address where the mail appears to come from for user authentication.
rewriteDomain=gmail.com

# The full hostname
hostname=yourhostname

# Use SSL/TLS before starting negotiation
UseTLS=Yes
UseSTARTTLS=Yes

# Username/Password
AuthUser=youremail@gmail.com
AuthPass=yourpassword

# Email 'From header's can override the default domain?
FromLineOverride=yes

(again, for new vi users save the file by pressing Escape and typing :wq)

Update the security for your conf file since your password is in plain text:
chmod 640 /etc/ssmtp/ssmtp.conf

cd back to root:
cd /root
(or just simply type cd to get home)

Verify your SSMTP is working and has proper permissions:

echo "Hello world" >  test.txt
cat test.txt | ssmtp myemail@gmail.com



Once you receive an email (make sure to check the sent folder on the sending side and the spam folder on the receiving end) now we can check for security updates using my previous post:

/usr/lib/update-notifier/apt-check --human-readable

To break this down, look at what it's doing. /usr/lib/update-notifier/apt-check by itself returns a very unhelpful 0;0. The --human-readable directive adds some verbosity:

0 packages can be updated.
0 updates are security updates.

...but we don't want an email for every chrome/firefox/general bug update. We want to focus in on the security patches. To do this, we can use grep to give us just the security update totals. The script so far is, check for updates, make it easy to read, pipe it to "grep" with a "-i" (case insensitive) with the term "security".

/usr/lib/update-notifier/apt-check --human-readable | grep -i security

and the output

0 updates are security updates.

While the output is better, now we see  0 updates are security updates, we can distill it even further with awk.

/usr/lib/update-notifier/apt-check --human-readable | grep -i security  | awk '{ print $1 }'

So, that line is reduced to the first set of numbers. Literally the number itself

0

We are passing the argument to awk, $1, which means the first set of numbers in that row. We can now put together a very simple and crude cron job (there are many ways to skin a cat, this is for demonstrative purposes... also because I'm not the worlds best scripter)




Let's start off by creating the script.

vi patch_notify.sh

Now, we can paste in the following:

#!/bin/bash
CURDATE=`date`
TTIME=`date +"%r"`

SECUPD=$( /usr/lib/update-notifier/apt-check --human-readable | grep -i security  | awk '{ print $1 }' )


if [ $SECUPD -eq "0" ]
then
       echo "There are $SECUPD updates."

else

       if [ $SECUPD -eq "1" ]
       then

       ssmtp your-send-to-email@gmail.com <<-EOF
       From: username <youremail@gmail.com>
       To: your-send-to-email@gmail.com
       Subject: Weekly security updates - $CURDATE

       $SECUPD security update is waiting for your installation as of $TTIME.

       EOF

       else

               if [ $SECUPD -gt "1" ]
               then

               ssmtp your-send-to-email@gmail.com <<-EOF
               From: username <youremail@gmail.com>
               To: your-send-to-email@gmail.com
               Subject: Weekly security updates - $CURDATE

               $SECUPD security updates are waiting for your installation as of $TTIME.

               EOF
               fi
       fi
fi


To break this script down, ultimately it's in 3 parts. Is the patch total 0? No emails. Is the patch level 1, yes, email (but with proper syntax; singular vs plural, because I'm anal like that). Is there more than one patch? Yes, send an email.

To get into the guts of it

We are telling it to use (the recently very infamous) bash shell.
#!/bin/bash
Now we are setting the variables for the date and time
CURDATE=`date`
TTIME=`date +"%r"`
You can run date in the command line and see what's copied into the variable, now CURDATE. Also date +"%r" which shows just time time 06:58:46 PM, that is copied as TTIME.

We are also setting the SECUPD variable. This takes the output from awk output and associates itself with SECUPD.

SECUPD=$( /usr/lib/update-notifier/apt-check --human-readable | grep -i security  | awk '{ print $1 }' ) The only difference is the formatting around the command.

The -eq command operator is "equal". So we are saying if the value of $SECUPD is exactly 0,

if [ $SECUPD -eq "0" ]
echo "There are $SECUPD updates."

We display "There are 0 updates." and an email is not generated.


If there is 1 security update for us:

if [ $SECUPD -eq "1" ]

We send an email to our main email address. The subject will show "Weekly security updates" and the current date. The body will show

$SECUPD security update is waiting for your installation as of $TTIME.
or
1 security update is waiting for your installation as of 07:01:32 PM.

The EOF's encapsulate what will be sent to SSMTP


If there is more than one update available:

if [ $SECUPD -gt "1" ]
If the updates are greater than one, (not greater or equal, but literally 2+) then we send this:

$SECUPD security updates are waiting for your installation as of $TTIME.
or
12 security updates are waiting for your installation as of 07:03:13 PM.

We now need to make our script executable

chmod +x patch_notify.sh

You should just be able to run

./patch_notify.sh

If you have no critical patches, you should see:

There are 0 updates.



This script is butchered pretty bad, but it's a good beginner script. You can change the context, remove the dates, the layout, the wording. You can also simplify it to send you an email only if it's above a dozen updates. Or even send you an email, regardless of how many security patches, even 0, at a set interval with cron.

So, now to automate the script (this was written for Debian based systems, specifically Ubuntu 14.04 LTS Server... but should be pretty close to the same across all platforms)

We are going to do a weekly scan, on a Saturday at noon.

Edit the crontab:

crontab -e

To edit the cron job (also crontab -l to list jobs you already have)

0 12 * * 6 /root/patch_notify.sh

This tells the cron daemon to run your script in its relative path /root/ every Saturday at noon.

Feel free to bug me and ask questions (or correct me... I know I probably screwed up somewhere... but it's working for me so far)

Check how many security updates are available on Ubuntu 14.04 LTS

/usr/lib/update-notifier/apt-check --human-readable | grep -i security


This can be added to a cron job or via your favorite notification method. It's part of the MOTD when you first log in, but if you are like me, you do not log out that often, so it comes in handy.

Saturday, July 19, 2014

Use Arduino Yun to send emails (simple instructions for new users)

To send emails for your projects in Arduino Yun, you can install SSMTP. SSMTP allows you to send emails directly from the yun and is a package you can install from the browser or over ssh.

I'll create a simple project to demonstrate pushing a button to sending an email. First, we need to set up the Yun. Make sure it's connected to wifi and you can connect to it over SSH.

Using putty (or your favorite terminal) log into the Yun as root and update your packages:
opkg update

Install SSMTP 
opkg install ssmtp

Once installed, make a backup of the current ssmtp conf file
mv /etc/ssmtp/ssmtp.conf /etc/ssmtp/ssmtp.bkp

Create a new conf file
vi /etc/ssmtp/ssmtp.conf

(for new vi users press "I" here to enter insert mode)

Paste this in and update your email, password and username (works with Google Hosted email accounts as well)
# The user that gets all the mails (UID < 1000, usually the admin)
root=my@email.com

# The mail server (where the mail is sent to), both port 465 or 587 should be acceptable
# See also http://mail.google.com/support/bin/answer.py?answer=78799
mailhub=smtp.gmail.com:587

# The address where the mail appears to come from for user authentication.
rewriteDomain=gmail.com

# The full hostname
hostname=YUN

# Use SSL/TLS before starting negotiation
UseTLS=Yes
UseSTARTTLS=Yes

# Username/Password
AuthUser=my@email.com
AuthPass=password

# Email 'From header's can override the default domain?
FromLineOverride=yes


(again, for new vi users save the file by pressing Escape and typing :wq)

Update the security for your conf file since your password is in plain text
chmod 640 /etc/ssmtp/ssmtp.conf

Go back to /root
cd /root

Create a new test file called test.txt with "Hello world"
echo "Hello world" >  test.txt

Now we can test this out by sending it to an email
cat test.txt | ssmtp myemail@gmail.com

If it works you should get an email from "root" with no subject and "Hello world" in the body



Once this works, we can create a simple push button project to send that email whenever a button is pressed.

Make sure your Arduino app is installed and you have selected the board Arduino Yun and the port is set to the correct IP. 
  • Tools > Board > Arduino Yun
  • Tools > Port > YUN at 192.168.x.x (Arduino Yún)
Clear out the blank sketch and paste this


#include <FileIO.h>
#include <Process.h>

int pushButton = 2;

void setup() {
Bridge.begin();  
Serial.begin(9600);
FileSystem.begin();
}

void loop() {

 // read the pin number 2
 int buttonState = digitalRead(pushButton);

Process p;
if (buttonState > 0)
  p.runShellCommand("cat /root/test.txt | ssmtp myemail@gmail.com");
  delay(5);  // wait 5 milliseconds before you do it again
}

Unplug the Yun and wire it up like this. I'm using a 10K ohm resistor.




Power it up and wait for it to connect to wifi. Now you should be able to press the button and get an email.




Some notes on this setup.

The code is very small so it has some shortcomings. The delay is set to 5 milliseconds, which should be good for a quick press... but if you hold it down too long you will get multiple emails. There are ways around this using (millis) and other tricks, but the purpose of this example is for a simple code to use so you can build on.

Also, you can modify the test.txt file to include a subject, or even insert values. vi the file again and use this template instead:

From:arduino yun
Subject: put subject here
put message body here

Saturday, June 14, 2014

Debugging Elertus (and a general review)

Since no information on the hacking of the Elertus door/water sensor is available, I thought I'd share some basic information about the device.

The Elertus is a simple, but powerful, wifi alert sensor. It captures temperature, humidity, light, movement and optionally a door sensor or water sensor. It then sends an email/sms/push notification to your Android.

There's not much in the way of a custom Android app for this to tie in with IFTTT and the app itself is pretty basic. The device connects to Elertus every hour (or more frequent if movement is detected). The app connects to the Elertus server. The app never connects directly to the device, except during initial setup.

Using Wireshark to capture the packets, it looks to be a very basic POST to 108.166.81.152 with the following information:


device_type=1
posix_time=1402786108
email_id=test@test.com
mac_address=000680000000
alert_flags=
light=5
temp=301
humidity=50
battery=100
motion=1
int_contact=1
ext_contact=1
ext_temp=-1
fw_ver=4.0.1_EL_v7
debug=rssi:49


The device itself seems to be a very basic. The CPU is a Freescale Kinetis K (K10 48pin series) with the following specs:



Silicon - Rev 2.0
MC Partnumber - MK10DN512VLK10(R)
Superset - PK10DN512ZVLK10
CPU Frequency - 100MHz
Package - 80LQFP
Total Flash Memory - 512KB
Flash - 512KB
SRAM - 128KB




The Elertus device lacks in some basic areas:

  • No graphing
  • No "all clear" when the threshold for alert situation subsides
  • No IFTTT integration
  • Fixed hourly check-ins with no option to adjust
  • Battery powered only
  • Fixed external IP with information sent cleartext, unencrypted
  • No Android integrated features (widgets, nested api, deep links)
  • The alerts advise you of an alert, but not what the alert is. You have to open the app.
  • No way of updating the firmware, from what I've seen... but I could be wrong...
I've tackled the graphing issue by setting up a small VM with wireshark to continually monitor any traffic from the mac address to the external IP with a filter for the POST traffic. This in turn updates a very basic sql server with the temperature and humidity levels and displays this information on an internal webserver. While not ideal, this is the only way I can find to hack the Elertus to enable historical view. 

While I hope changes are made, I still think this was a good purchase. It does what I need, but can do more. Hopefully an update is in order.