Productivity Sync Just another WordPress weblog

September 29, 2016

making time laps mp4’s

Filed under: Uncategorized — admin @ 4:06 pm

I copied this URL’s info:

watch out or type-oh’s like a space between a dash and a n option.

The command line I used was:
ffmpeg -r 5 -start_number 668 -i DSC_0%d.JPG -s 1280×720 -vcodec libx264 dawn-moon-rise-9-28.mp4

July 31, 2016

More ubuntu-bash on Windows 10.0.14393

Filed under: Uncategorized — admin @ 10:30 am

Second impressions:

Its been a few weeks since I’ve played with bash on windows and now that we are close to the Aug release of the “anniversary edition” and the fact that I just got my 2014 yoga 2 pro back from my daughter, I am re-trying the feature.

FWIW Everything seems to work from the ubuntu 14.04 repo’s.  The only problem I still have is installing openjdk8 using the ubuntu 15.10 deb files following the instructions for setting up a build host.  The Java8 seems to get stuck in a loop and I needed to purge the related openjdk8 packages.

Other than Java8 things are looking really great.  Note: without Java8 I cannot use this configuration to build Android.

Tmux works!, SSH works, scp works, git works, vim works, irssi works, fetchmail works, mutt works… pretty much all the command line tools I need seem to be good.

I’m even getting used to the power shell cut and paste support.  The only gripe I have is the power shell does not support CTL-+ or CTL– to change the font sizes easily.

There where a few configuration and setup items that I will capture as notes below but, I’m liking what MS has done for the developers.

Setting up the windows subsystem for linux (beta) on the new version of Windows.

Setup / configuration notes:

  • SSH defaults to looking for id_rsa where I have id_markgross keys on my linux boxes.  After copying id_markgross to id_rsa SSH worked as expected for me and the servers I connect too.
  • edit the /etc/apt/sources.list file to include deb-src items:
  • deb trusty main restricted universe multiverse
    deb trusty-updates main restricted universe multiverse
    deb trusty-security main restricted universe multiverse
    deb-src trusty main restricted universe multiverse
    deb-src trusty-updates main restricted universe multiverse
    deb-src trusty-security main restricted universe multiverse
  • apt-get setup commands:
    • sudo apt-get install vim-gnome tmux cscope ctags vim-doc minicom git-core curl mutt ca-certificates ssmtp msmtp fetchmail procmail ssh sshfs openssl nmap manpages-dev manpages-posix manpages-posix-dev quilt subversion mercurial ipython gcc-avr gcc avr-libc gcc-avr binutils-avr avr-libc avrdude python-numpy python-matplotlib graphviz python-scipy python-numpy-doc python-pip python-virtualenv laptop-mode-tools powertop latencytop libncursesw5-dev gitk rar libav-tools git gnupg flex bison gperf build-essential zip curl libc6-dev g++-multilib mingw32 tofrodos python-markdown irssi irssi-scripts
    • sudo apt-get build-dep linux-image-4.4.0-31-generic

May 1, 2016

More notes about Bash on Windows 10

Filed under: Uncategorized — admin @ 8:00 am

How to clean out the root file system and start over:

  • start a “power shell” that is not bash and run “lxrun /uninstall /full /y”  : This wipes the root FS and your HOME directory for bash.
  • know about searching for “Turn Windows features on or off” in the settings search box. : use this to load/unload or enable /disable the WLS. (Windows Linux Subsystem)

So I so lxrun /uninstall /full and then turn off wls to remove my bash on windows.   (reboot)

Then I turn on WLS  (reboot) and then run bash from a power shell and answer y to the prompt to down load the latest root file system and re-enable the ubuntu 14.04 bash.

Note: It seems my home directory did not get wiped when I did these steps.  The command line prompts indicate that they will be wiped.  Bug?

I’m no longer a root user to bash and sudo works.

Where is the root file system stored in the Windows FS?  And where is $HOME in the windows FS?

  • windows directories are found under the mount point /mnt/c/  from within the bash shell
  • the ubuntu root FS is located at c:/Users/<windows-login>/AppData/Local/lxss/rootfs
    • note: AppData, lxss and rootfs are hidden directories but, you can type the path in the explorer window to get to them anyway.
  • Your $HOME directory under bash is located at c:/Users/<windows-login>/AppData/Local/lxss/home/<bash username>
    • note: AppData and lxss are both hidden directories but, you can type the path into an explorer window to get to them anyway.


April 30, 2016

France Attacks! …. or my website got hacked again.

Filed under: Uncategorized — admin @ 10:29 am

This time it was not my WP site.  Rather somehow they managed to attack my html/* directory directly.  I thought I had locked up access but it seems I missed something somewhere.

The attacker installed a new directory and some php files and a directory of files with sha’s for names into my account and added an .htaccess file to my html-root to invoke the php.

  • blackbirds-hurricane.php : has a reversed string to eval (base64_decode) <some big long string I guess I need to decode> .
  • dir.php :
  • gdform.php
  • gdform_prevv1.php
  • iioqbejo.php
  • webformmailer.php

Fortunately I have my account backed up in a git project locally so I can quickly diff what the heck is going on by scp-ing my site over my local copy and run “git diff” to see the new files and changes.  This attack did not change existing files.  It added files .htaccess and the php files commented above.

I don’t know how they got access to my http document directory yet.  But, I’ve restored the site to what was there before and closed up an old django prototype I had running on my site (just in case that was the attack vector)


But, some interesting notes:

  • in python to revers a string use something like my-long-string[::-1]  (worked great)
  • to decode use base64 –decode.  (cat | base64 –decode > decoded.file)
  • The decoded attack was a php file that had the following URL hidden in it
    • when I went to this url the page is an empty document.
    • shows that the attackers are from France.  Wow, that’s a change from the Slavic attacks I’m accustom too.


Thanks to google for flagging the attack!

April 9, 2016

Checking out building Android on Windows using Windows 10 (redstone?) beta

Filed under: Uncategorized — admin @ 8:03 am

I’m taking my old-ish HP envy17 I got new Jan 2012.  Its a beefy box with quad core i7 with 16GB of ram and multiple SSD’s.  I got it for building Android.  FWIW other than being a power pig its still a good performing laptop.  Its been running Ubuntu versions since I got the thing.  Now I’ve been reading that MS Windows 10 will have the bash shell and access to all of ubuntu 14.04 user mode.  So, my first thought was “cool, I wonder if I can build Android with that?”  My next thought was “finally, Microsoft is doing something for the developers that don’t give a shit about visual studio or .net.  I bet they where fed up with all the nerd conferences (even Linux conferences) being awash in Macintosh laptops.  Good on Microsoft.

I like the direction and I hope the ubuntu support within it is good enough for what I like to do.

Lets find out.

Step 1: restore factory settings.  Uhg what pain in the ass / slow install.  I had the recovery DVD’s already so that was a a plus.  But, wow it takes a long time to run the recovery install.  It feels like 2 hrs to me (but it might be only 1).  It did give me time to vacuum a few rooms in my house between DVD’s.  Sadly my first attempt failed, and the thing still grubbed into ubuntu on me.  so I dd if=/dev/zero of=/dev/sda   and /dev/sdb.  Just to be safe.  Then I re-started the recovery install.  Sucks to be me.

Goddamnit!  I’m on my 4th attempt to install the DVD’s.  OMG, who knew you need to get the bios in the default settings otherwise you are wasting your 2hrs.  4 tries then I set the bios to default settings and then the 5th try looked like it worked.  but, did not.

Ok I gave up on the envy17 ever installing windows from the recovery DVD’s.  (Damn it HP!  Your recovery media I paid 25$ for doesn’t work AND it takes 2+hrs to find out for each try…)


  1. Switching to a newer Lenovo  T540 laptop I got from work that still has the original HD with all the factory install on it.
  2. go through the Windows 10 setup for a new laptop including taking an update and registering it with my gmail email.
  3. setup up a windows insider account so I can get access to the beta programs 
  4. Get the beta version and install it… go to the advanced tab for the Windows upgrade (settings/update&security/windows update/advanced options/get insider preview builds and do the setup stuff as requested.   Note after you have yourself registered for insider updates you need to set the “update level”  to fast (or slow) and then (maybe after a reboot to set up your PIN code for logging on) go back into windows update and click on “Check for updates”  where hopefully you’ll be asked if you want the lastest beta version of Windows 10 to come down the wire.  Now you have Windows 10 home insider preview Evaluation copy. Build 14316rs1_release. 160402-2217 (or newer)
  5. install the ubuntu root file system and start trying stuff.
  6. type bash in the Cortana (aka start) text box.  Boom, you are running bash in a strange terminal window as what looks to be root.
  7. try to setup for building AOSP (fails on installing openjdk)
  8. file bugs in the issue tracker for using bash on windows.   Notice your problem is already logged.
  9. figure out how to clean up messed up apt-get databases after the java/openjdk install blows chunks.  (apt-get purge <whatever is failing>; apt-get install -f)

First impressions:

  • The terminal is annoying.
    • It has awkward copy and paste mechanisms from windows 3.11.
    • I can’t easily change font sizes (I miss ctrl-+ and ctrl–)
    • I can’t easily change the color scheme.
  • tmux doesn’t work
  • Ubuntu thinks I’m root.
  • The location of my home directory is : c:\Users\mark\AppData\Local\lxss\root
  • The location of the ubuntu root file system is located: c:\Users\mark\AppData\Local\lxss\rootfs
  • I was able to run apt-get dep build-dep linux-image-3.13.0-24-generic successfully and most of my new system setup apt-get’s  (except for the java stuff)
  • I had to get better at cleaning up screwed up apt data bases after failure in installing.
    • apt-get purge <whatever is failing>; apt-get install -f
  • git clone git://  works.  (seems to be a lot slower than I’m used too.  Not sure if its the network or the environment)
  • building the kernel:
    • make menuconfig looks fugly but seems to work
    • make -j8 seems ok.
      • builds 4.6.0 RC2 with the default config in 3m 59 seconds
    • cscope -Rk works perfectly.  (so does ctags -R)
  • Vim works ok.  But, the color scheme sucks and I have not figured out how to change it so my terminal is easy to read while running vim.  (putty does this shit to me too)
  • irssi works after editing the .irssi/config file to set my user name and nick name to something other than “root”


Why am I trying this at all?

Well, I work in an organization pregnant on using MS-Windows/outlook/Lync(or skype for office)/MS-Office and I spend 1/2 my day in phone calls over the soft-phone sharing desktops with power point documents.  Its true that we also use goolge drive or docs but, its the soft-phone that kills me.   Sure, I’ve giving running a windows VM a good try but, the soft-phone never works well and I’m always getting messages about how my system was causing audio quality issues.

Now I use the stock system and a putty window to a tmux session on a proper linux workstation.  i.e. I’m using Windows as a thin client when I’m working on Android and all other times I use it as a phone, conferencing client and email client.  Even when I ran Linux on the laptop I use the workstation for builds because its got 16 physical cores compared to the 4 in the laptop.  So the work laptop is mostly used as a thin client anyway.

I hope Microsoft and Ubuntu get this feature working well and address the issues I ran into.  Then I will be pretty happy to use Windows 10…on my work laptop anyway.   I’m still running native ubuntu on my other laptops and computers.  But, if it becomes easy to do all the command line base work I’m used to doing with out having to wipe a system and install Linux (and risk not having the ability to go back to Windows even if its for a bios update) then I think I would just leave Windows 10 on the thing.  Assuming it “just works”…

Random links:


January 31, 2015

Cleaning my WP from spam and attempts to harden my web service from hacking

Filed under: Uncategorized — admin @ 8:09 am

This week I noticed I had a redirect.js malware injected into my this word press application hosted on my godaddy hosting.  (what you are reading now)

I used free / demo-were sucuri labs scanner plugin “Sucuri Security” to identify the signature:
“””write(‘<‘+x[0]+’ ‘+x[4]+’>.’+x[2]+'{‘+x[1]+’}’);}xViewState()”””

Its a very nice plug in.  They make there money by offering cleaning services .  Not bad but, I chose to try to go it alone.

I ssh-ed into my web site and grep -ir xViewState and found a few (2) files with this string and then edited them with VIM. The first thing I noticed was that the lines around this xViewState string had ^M (where DOS based strings created on a windows box) As those where the only ones with the ^M’s I nuked those lines I’m pretty sure those were the trouble makers.

Then I re-ran the scan and my site was clean.  And my blog still works.

Next I went about hardening my site with updating passwords created using uuidgen. (I put the passwords in a text file that is gpg encrypted and uploaded to the cloud and a few other locations)
I updated my godaddy passwords, removed all the ftp accesses I could and change the ftp access I couldn’t delete to have a uuidgen’ed passwd too.

I removed extra WP logins and now I’m down to just one admin login with a nasty uuidgen based passwd.

Next I followed a few blogs advising the nuking of unused logins and themes. As although WP claims there are no known vulnerabilities if you upgrade with a attack already installed that attack vector compromises your installation anyway. 🙁

Some useful links that helped me (pretty much all from a google search on “wordpress redirect trojan” ):


Lets see how long before I get hacked again 🙁

November 2, 2014

Debian Wheezy (debian v7) on a c710 with coreboot bios.

Filed under: Uncategorized — admin @ 7:29 pm

fix random wake ups after suspending: — yeah its a yoga2pro tweak that helps with the c710.

I put the following in my rc.local file:

echo deadline > /sys/block/sda/queue/scheduler
 echo 1 > /sys/block/sda/queue/iosched/fifo_batch
powertop --auto-tune
# Disable wake up on anything for Yoga Pro 2, otherwise it sometimes wakes from suspend
cat /proc/acpi/wakeup |
    grep '*enabled' |
    cut -f 1 -d ' ' |
    xargs -n 1 -I {} sh -c 'echo Disabling wake up on {}... && echo {} > /proc/acpi/wakeup'


fix brightness keys:

Installed xbackliight and hooked up to the crtl-f6 and ctrl-f7.   I have not yet figured out how to get the keys to work with fn-f6 and fn-f7 yet 🙁

Getting ubuntu-like tab completion:

source ./etc/bash_completion

Add my login to the sudor group

update volume key mapping to work with crtl-f8, ctrl,-f9, ctrl-f10

put the following into my fstab file:

UUID=1c917fc1-f9be-4f2f-9018-cdd00a3d6c20 /               ext4    noatime,nodiratime,errors=remount-ro 0       1
 # swap was on /dev/sda5 during installation
 UUID=ac7db340-7602-47ec-9686-9fee177cb079 none            swap    sw              0       0
 /dev/sdb1       /media/usb0     auto    rw,user,noauto  0       0
 /dev/sdb2       /media/usb1     auto    rw,user,noauto  0       0
tmpfs /tmp tmpfs mode=1777,size=2500m 0 0
 tmpfs /var/log tmpfs mode=0750,size=250m 0 0


April 25, 2014

Hacking coreboot, using dediprog to re-flash C710 and discovering SSD FW updates matter

Filed under: Uncategorized — admin @ 10:19 pm

3 weeks ago I buggered up my C710 after trying to get coreboot with a grub2 payload to boot on my laptop with an older Intel SSD.  I’ve been having issues with the SSD not getting seen by the coreboot payloads without some funny busyness (more on this issue later.)  Anyway after bricking it I put things aside for a few weeks and got back to it last night.  I’m now back to running the prebuilt coreboot from John Lewis that does both GRUB2 and SeaBIOS and finishing up the installation tweaks for ubuntu 14.04 LTS (64 bit)  It was booting a little goofy.

It seems that the older Intel SSD (INTEL SSDSA2M160G2GC (2CV102HD) circa 2009 ) isn’t visible to SeaBIOS unless GRUB2 attempts to probe it and fails.  I suspect there is a quirk I need to do or maybe a SSD FW upgrade I need and that this issue is almost certainly unique to my setup. And, if I swap in a normal HD or a different SSD I’m confident it will just work.  (Hmm, lets try that FW upgrade and see…. sonava@#@%!  after running the Intel® SATA Solid-State Drive Firmware Update Tool  and updating the FW now that strangeness does not happen.  I bet my build of coreboot will work just fine no too!  Lets find out… ok it almost works.  my build boots but losses the mouse pad.  I probably have a config option messed up.)

Ok, well to flash a buggered C710 using a clip and a dediprog wire the clip to the pins on the dediprog the so:

pin 1 === CS
pin 2 === mso
pin 3 === I/O2
pin 4 === gnd
pin 5 === msi
pin 6 === clk
pin 7 === N/C
pin 8 === 3.3v

Follow the instructions from last years OSCON tutorial on coreboot hacking.  (based on the c710)  Every screw except the 2 holding the heat pipe to the main board needed to come out.  (I think it was more like 21 screws)


FWIW I did try to use by buspirate 4.5 to do this as well.  But, it failed the read test.  It was able to see the windbound spi chip but it seemed to fall over / hang when reading the 8MB.  Maybe I need to update its FW too?


Now I just need to get the brightness controls to work right again (not a coreboot issue.  I re-installed ubuntu 14.04 and need to re-enable the key mappings I had in my 13.10 install I guess I’ll look at the post install instructions now.)


February 1, 2014

post 14.04 install configs

Filed under: Uncategorized — admin @ 5:12 pm
Assuming a 64 bit install I like to have the following packages on all my systems

sudo apt-get install vim-gnome tmux cscope ctags vim-doc minicom git-core curl mutt \
  ca-certificates ssmtp msmtp fetchmail procmail ssh sshfs xchat openssl \
  nmap manpages-dev manpages-posix manpages-posix-dev quilt subversion \
  mercurial ipython gcc-avr gcc avr-libc gcc-avr binutils-avr avr-libc \
  avrdude python-numpy python-matplotlib graphviz python-scipy \
  python-numpy-doc python-pip python-virtualenv laptop-mode-tools powertop \
  latencytop libncursesw5-dev gitk rar gimp synaptic libav-tools openjdk-7-jdk
sudo apt-get install git gnupg flex bison gperf build-essential \
  zip curl libc6-dev libncurses5-dev:i386 x11proto-core-dev \
  libx11-dev:i386 libreadline6-dev:i386 libgl1-mesa-glx:i386 \
  libgl1-mesa-dev g++-multilib mingw32 tofrodos \
  python-markdown libxml2-utils xsltproc zlib1g-dev:i386

sudo ln -s /usr/lib/i386-linux-gnu/mesa/

sudo apt-get build-dep linux-image-3.13.0-24-generic linux-image-3.13.0-24-lowlatency

sudo apt-get install linux-image-3.13.0-24-lowlatency
sudo dpkg-reconfigure dash (answer no) 

Now the system is acceptable for use and ready for configuring assorted dot-files the way I like them. 

sudo apt-get install unity-tweak-tool ubuntu-restricted-extras indicator-multiload 

sudo sh -c 'echo "deb quantal partner" >> /etc/apt/sources.list' 
sudo apt-get update sudo apt-get install skype 
sudo apt-get install gstreamer0.10-plugins-ugly libxine1-ffmpeg gxine mencoder libdvdread4 \
totem-mozilla icedax tagtool easytag id3tool lame nautilus-script-audio-convert libmad0 mpg321 \

If you are rocking a C710 running Seabois then you'll want to add the following to your /etc/modules file:

then install google chrome form their site.

For skype correct behaviour with the notifier icon don't forget to:
sudo apt-get install sni-qt:i386


January 26, 2014

Crazy (or Cool?) Python idiom using __getattr__ hackery

Filed under: Uncategorized — admin @ 11:36 am

I was exploring the python-git package and how the version differences between the version of python-git you get using apt-get install python-git on Ubuntu 12.04 and 13.10 seems to break a program I use.  In my investigation I was trying to sort out how the library worked.  I found a new python idiom that I’m having a hard time accepting as a “good thing” or a path to chaos.

The Specifics:

  • ubuntu 12.04 will put version 0.1.6 of the library in your python lib.  The project is hosted at:””  With version “9a4b1d4 Bumped version 0.1.6”
  • ubuntu 13.04 will put version 0.3.2-rc1 from github remote : “” With version “0e9eef4 Bumped version to 0.3.2 RC1”
  • It looks like the development moved to gitbub after 96c7ac239a2c9e303233e58daee02101cc4ebf3d — 0.3.1-beta2.

The API change that broke a program I was using between 0.1.6 and 0.3.2-rc1 was “Repo.commits_between” it was removed.  After some tracing through the 0.1.6 version of the code I find commits_between calls a function “commit.find_all” and then looking at its implementation I see it call repo.git.rev_list(…) function.  And through some grepping I see that there is in fact NO DEFINITION of rev_list in the python code!   This was a head scratcher.

After some more digging I see the repo.git is an object defined by of class Git.  and it has a _call_process member that gets invoked as a side effect of __getattr__ and uses a “dashify” trick to change any attempts to call a git command using the convention of using underscores instead of dashes to map to calling the popen-ing the correct program.

Basically with this trick *every* git API is available as a python call.  So repo.git.rev_list maps to a popen call too “git-rev-list”

WRT the loss of “commits_between” function in the library, as this function was a one-liner calling another one-liner it can be replaced with a one-liner  “reverse( Repo.git.rev_list(sha1,sha2))”  FWIW I do agree with the removal of the trivial one liner abstractions in the older git-python version.  Still, I feel abused by the lack of introspection and confusion this implementation has provided.

I don’t know if I should be irritated by this idiom of creating an indeterminate number of callables implicitly or be impressed by the crazy shit I could do with it.

It seems that __getattr__ is the last in a series of python look ups when the interpreter evaluated a statement.  So if there is no existing match it eventually falls through to __getattr__ and at this point you can do almost anything.


  • commits_between was replaced by iter_commits on version 0.2 (says the project changes.rst file)
  • The tutorial.rst calls out how to use git directly and calls out what I just learned in my reverse engineering.  Guess I could have read the tutorial first but, what’s the fun in that?  I wouldn’t have learned how it works to provide the direct access to git commands if I stopped there.


Older Posts »

Powered by WordPress