Google Chrome Privacy Issue

If you read Google Chrome’s privacy policy, it seems like pretty typical stuff. It appeared legitimate to me until I found that they omitted a feature explained in this blog post:

RLZ: When you do a Google search from the Google Chrome address bar, an “RLZ parameter” is included in the URL. It is also sent separately on days when Google Chrome has been used or when certain significant events occur such as a successful installation of Google Chrome. RLZ contains some encoded information, such as where you downloaded Google Chrome and where you got it from. This parameter does not uniquely identify you, nor is it used to target advertising. This information is used to understand the effectiveness of different distribution mechanisms, such as downloads directly from Google vs. other distribution channels. More information is available in the Google Chrome help center. This cannot be disabled so long as your search provider is Google. If your default search provider is not Google, then searches performed using the address bar will go to your default search provider, and will not include this RLZ parameter.

Make what you want out of this, but this is nowhere to be found in the current privacy policy. Also, it still sends this parameter in Incognito mode. I fixed the problem in my browser (you just craft your own search URL in the “Default search” settings dialog) and I sent Google an email requesting that they mention the RLZ parameter in their privacy policy. I encourage you to do the same.

Note: Chromium does not include this “feature.”

2010 CIS/ACM Awards Dinner

Thursday night was the annual CIS/ACM Awards Dinner, a formal event open to the students and faculty of the Temple CIS Department. I had the honor of receiving the department’s Student Leadership Award. I also had the opportunity to help present awards from my organization, the Temple ACM. We presented our Outstanding Teaching Award to Professor Sanford Sorkin, and also our Student Service Award to Brian Stempin.

Congratulations to all of the award winners. Also, thanks to everyone else who came and helped out!

Professor Sorkin was kind enough to take pictures of the event and host them on his Picasa account. Chris Willman also has some great pictures of the event and the ACM Crew.

Evacuating from a dying drive

Before I begin: Congrats to Brian Stempin and Steve Palumbo for winning third prize at the Future of Computing Competition. Also, everyone else who participated did excellent work!

A friend recently brought me his Windows Vista laptop, which was acting up due to a malware infection. The infection was no longer present, but no programs would launch unless he ran them as administrator. I decided that the virus probably hosed his profile, and decided to just make a new one for him.

Problem:
The new profile worked great, except a new symptom showed up: freezing. It was an unusual type of freeze, but one I had seen before. The system doesn’t totally lock up, but programs, windows, and menus either won’t open or will freeze. This was consistent with a failing hard drive.

Diagnosis:
In some cases, the drive is still healthy enough that you can look for problems in the event log. I couldn’t even make it that far. I decided to pop in an Ubuntu live CD and use the smartmontools package to determine the health of the drive. Within the package, there’s a utility called smartctl that will spit out all of the drive’s SMART information. SMART is a self-testing feature that modern drives have in order to help predict failure. I used smartctl on that drive, and sure enough, there were 3 attributes in the “pre-fail” category.

Solution:
I told my friend to get a new drive. In the meantime, I backed up his personal files to another drive. Once the new drive arrived (same capacity), I installed it and attached the failing one to an external enclosure. I used my Ubuntu live CD again to make a carbon copy of the old drive with the dd tool. The command I used was:
dd if=/dev/sdb of=/dev/sda conv=noerror,sync

That’s instructing dd to copy the failing drive (/dev/sdb) to the new one (/dev/sda), converting errors to nulls (conv=noerror,sync). I did not specify partitions, so it does a one-to-one copy of the entire drive (except on errors). One frustrating thing about dd is it does not give you any status indicator. I dug around on the internet, and it turns out you can use the kill command to send dd a special signal while it’s working:
kill -USR1 ddPIDgoeshere

That will make dd print out how much it has copied at that point. After hitting a bumpy spot around 166GB and finally getting past it, dd finished the copy. I had an exact replica of the failing drive’s data on the new one. There was a problem with this though: the copy was damaged! I was 99.9% sure that the only damaged data was the main Vista partition, so I was able to get into Vista’s Advanced Boot Options (hit F8 before the logo shows), choose “Repair your computer” (safe mode won’t work), pull up a command prompt, and enter:
chkdsk C: /R

That does a thorough check of the Windows C: drive and fixes problems with the file system. After that, I only had to fix the antivirus (it was damaged by the initial drive failure) and the laptop was set!

Other free recovery/disk copy utilities worth noting: Clonezilla, TestDisk and PhotoRec

Facebook API

I just created my first Facebook application last night within a couple of hours. That’s how easy they make it. I’ll tell you real quick how I did it with PHP.

1) I went through this to create a canvas (your app can embed into Facebook) and landing page.

2) Uploaded their PHP client library to my web hosting space. Facebook does NOT provide hosting for your apps. You must run it all on your own hosting.

3) Wrote my application in HTML, PHP, and some FBML (their own markup language to make things look more Facebook-y). I used their “footprints” example provided in the PHP client library as a guide to make my application.

4) Changed my callback URL to point at my web application, and I was done… after lots of troubleshooting of course!

For me, it took quite a bit of trial and error to figure out just how everything works. Eventually I got a working app! The main thing that I still want to do is make obtaining permissions seamless for the user.

If you want to see my application, it is here. It’s a very silly idea I had, but it turned out to be a good exercise. You type something into the provided text box, click “Share”, and it updates your status with the subheading “via Posting from my Toilet.”

Temple ACM at Spring Fling 2010

Temple University holds an event each Spring called Spring Fling. Companies, student organizations, and other groups can set up booths to fundraise and/or promote themselves. I assisted with the Temple ACM tent for the day. We had snacks for sale, a 50/50 raffle, and arcade games available to play. ACM-W was also present handing out fliers. We drew quite a few people to our tent using our games as the main attraction. I posted some pictures of our tent on Picasa. I’m not pictured because I was taking the pictures, but you can see our overall setup.

Click here to see the album.

DIY Wireless Access Point

I have a Nintendo DS and I wanted to play online with it. Unfortunately, the DS and DS Lite do not support WPA encryption. Instead of removing security on my home network, I wanted a temporary way to create an insecure wireless network for my DS. I ended up temporarily turning my netbook into a wireless access point with WEP encryption whenever I wanted to play. Here’s how I did it:

Required tools:
-Existing wired ethernet network
-Computer with an ethernet port, supported wireless chipset, and a way to boot from CD/USB.
-Recent Linux live CD or live USB stick (I used Fedora 12)

Here’s what you need to do:

1) Check to see if your wireless chipset is supported. Check this table to see if your wireless chipset supports AP mode.
2) Prepare your boot media. You’ll need a fairly recent (probably post-2008) Linux distro to ensure you have mac80211/nl80211 and the latest drivers for your wireless chipset. Fedora 12 is great for this, and they also have a tool to make a bootable USB stick for you in case you lack a CD drive.
3) Connect your computer to your wired network and boot into Linux. You’ll want to plug in your ethernet device first because sometimes Linux will disable the device if it is not in use on boot.
4) Once booted, disable the firewall. The firewall will cause connectivity problems.
5) Install hostapd. This utility will put your wireless chipset into AP mode and accept client connections. In Fedora 12, there is a hostapd package which will install it for you.
6) You’ll also need a program called brctl. In Fedora 12, it comes with the bridge-utils package.
7) Set the parameters for your wireless network in hostapd.conf. In Fedora 12, it should be located in /etc/hostapd/ and it should include what you need to get started. If you don’t know what to do, I will probably post mine soon as an example.
8) If you’re using a distro with GNOME (like Fedora), right-click the Network Manager icon in the upper right corner and disable wireless. Network Manager and similar wireless utilities will conflict with hostapd and this will not work.
9) Create a bridge between your wireless device and your wired device. You need to use brctl for this. Execute the following commands as root:
brctl addbr *name of bridge*
brctl addif *name of bridge* *name of wired device*
brctl addif *name of bridge* *name of wireless device*
For *name of bridge*, I used br0. For *name of wired device*, you usually want eth0. For wireless, you usually want wlan0.
10) Start hostapd with your chosen settings. As root, execute “hostapd *path to hostapd.conf*” If you screwed up, hostapd should tell you where you went wrong.
11) Connect to your brand new shiny wireless network! If it doesn’t work, try unloading/reloading your wirless driver (with modprobe) and re-adding the wireless device to the bridge. Sometimes the wireless device will go into a funky non-working state and needs to be reset.

KNOWN ISSUES:
-I am aware this is not permanent. You’ll need to do a little more research on how to make it permanent and more secure.
-Once you make the bridge and add devices to it, you’ll lose internet connectivity on the computer you do this on. Don’t panic, just remove your internet-enabled device from the bridge (brctl delif…etc.) and it should work again.

MORE INFORMATION:
http://wireless.kernel.org/en/users/Documentation/hostapd – hostapd documentation
http://linux.die.net/man/8/brctl – brctl man page
https://fedorahosted.org/liveusb-creator/ – Live USB creator for Fedora