Terminally Incoherent

Did you know that NTFS supports hard links? This is an interesting tidbit about windows that not many people know about. But let me quickly explain what is a hard link to the clueless windows people.

Imagine the following file C:\temp\a.txt. Where is that file really located? If you said the temp folder then you are only partially right. Yes, the logical location of that file is in that folder. But the real physical location of this file can probably be best expressed in terms of track and sector it occupies on the hard drive. Your file system (NTFS for example) maps the physical location, to the logical location for your convenience. This is usually accomplished via some sort of lookup table (FAT for example).

So what happens when two or more entries in that table point to the same physical file? Nothing spectacular really - you simply get several logical pointers (or hard links) to the file that behave exactly the same. If you change permissions on one of them, all other pointers will be affected. When you delete a hard link, you simply remove one entry from the table. The physical file is only deleted when all the links are gone.

Unix users have been utilizing this nifty functionality for ages now, but Windows crowd only got it recently in the NTFS file system. So how do you make a hard link? You use the fsutil command:

fsutil hardlink create LINK TARGET

In the above LINK is the name of the created hard link, and TARGET is the file you are linking to.

There is one disadvantage in this method. You can’t create hard links to directories. But once again, this functionality is present in Windows API - it is called a junction. Unfortunately, Microsoft does not provide any out of the box support for creating Junctions. The official Microsoft tool you can use is linkd.exe which is part of the Windows Server 2003 Resource Kit. As with many other Microsoft utilities, this one will work just fine when used on XP box - so don’t be scared by the server part. The usage is very simple:

linkd LINK TARGET

If you don’t want to be bothered downloading the whole resource kit, you can just grab the 16Kb sysinternals Junction app. It has the same functionality as linkd, but it is free and comes with a complete source code. The syntax is almost identical:

junction LINK TARGET

Unlike hardlinks, junctions can be easily identified by using the dir command. They will show up on the list marked as <JUNCTION> rather than <DIR>:

09/06/2006 10:50 PM <DIR> TEMP
09/06/2006 10:49 PM <JUNCTION> test
09/06/2006 10:53 PM <JUNCTION> test2
09/22/2005 10:31 PM <DIR> Themes

This leaves out soft links, which for now still seem to be exclusive tho the unix/linux world. Windows does implement a similar functionality with it’s shortcuts. Unfortunately, shortcuts can’t be used on the command line which makes them only marginally useful. Perhaps in a few years Microsoft will be able to figure out that one too…

I think I found this tip at Lifehacker at some point and decided to implement it. The idea is simple - you set up a script that will ask you what you are currently doing every hour or so, and collect the information in a text file. Then you can parse the file later to see how much time you spend on a given task, or how many things have you accomplished that day.

If the boss asks you what did you do all day yesterday, you can immediately produce a detailed hour by hour activity log. This also comes in handy when the company wants you to long your time in a very detailed way.

I vaguely remember that someone posted a VB script to do that on Lifehacker. I didn’t feel like digging out the post so I just decided to implement it myself. You can go as simple or as complicated as you want with this. I opted for simplicity. I hacked up this nice little shell script:

#!/bin/bash
echo What are you doing right now?
read -e what
echo `date` - $what >> timelog.txt

I really don’t think this can get any simpler than this. For a while I was toying with the idea of using XDialog. But then again I just wanted something quick, easy and robust. So I opted for pure bash.

Now I just needed to create a cron job. Unfortunately, by default cron will run shell scripts in the background. I actually wanted my script to pop up on the screen, get in my face and prompt me for input. So I used kstart to pop up a konsole window on all the desktops:

0,30 * * * * /usr/bin/kstart --windowclass "Konsole" --alldesktops --activate --ontop /usr/bin/konsole -e /home/lmaciak/track

I set my script to annoy me every half an hour. It gives me a better idea of how am I spending my time during the day. But if that’s to much for you, just delete “,30″ from the line, and it will bother you once every hour.

One thing you have to remember is that cron daemon does not really know, or care about X environment. So you need to explicitly state which display should be used for the job. Add this somewhere in your cron file:

DISPLAY=:0

I added it above my cron jobs, but I don’t see why you couldn’t place it below them.

If you look in the timelog.txt code you will see nice grep-able output like this:

Thu Aug 10 15:00:15 EDT 2006 - responding to Bob’s email
Thu Aug 10 15:30:10 EDT 2006 - php class
Thu Aug 10 16:00:27 EDT 2006 - looking into setting up another demo
Thu Aug 10 16:30:15 EDT 2006 - php class coding
Thu Aug 10 17:00:17 EDT 2006 - coding eval.class.php
Thu Aug 10 17:30:19 EDT 2006 - replying to an email from ACE project (timesheet)

Most of these are very brief statements. For example, I can always go back and see what did I write to bob on August 10 around 3pm.

As an added benefit, that nag-window usually jolts me back to work. If I was idling, or wasting time, it forces me to concentrate on what I was supposed to do, and reminds me to get back to work.

In lieu of the privilege escalation hax I started to wonder what exactly do you need to do to lock down an XP Home machine. In XP pro you can use the group policies to limit what user can do on the local machine. Unfortunately, the home edition is missing gpedit.msc so we can only rely on registry hacks.

In the examples below I use HCU to denote HKEY_CURRENT_USER.

First order of business is to lock the user out of the command prompt so that he can’t issue the at command. This is controlled by the DisableCMD dword. To disable it:

KEY: HCU\Software\Policies\Microsoft\Windows\System\
DWORD: DisableCMD = 1 (use 2 enable it back)

Next is the Task Manager. We don’t want the user being able to kill the explorer process:

KEY: HCU\Software\Microsoft\Windows\
      CurrentVersion\Policies\System
DWORD: DisableTaskMgr = 1 (use 0 to enable it back)

If you feel especially nasty (or security conscious) you can also disable access to regedit

KEY: HCU\Software\Microsoft\Windows\
     &nbspCurrentVersion\Policies\System
DWORD: DisableRegistryTools = 1

This of course will make it a little difficult to change any keys for this user in the future do probably this is not the best idea. Chances are that the would-be h4×0r will get discouraged after seeing that neither task manager nor CMD are working.

This method is not perfect, but it is a step in the right direction.

reg-hax © j79zlr

Did you know that you can escalate you can become the SYSTEM user on a WinXP box simply by using the at command? Try this at home:

at 11:45pm /interactive cmd.exe

You just scheduled a job that will pop up a new cmd window exactly at 11:45pm. Who is the parent of this window? Why SYSTEM of course. But we are not done yet.

Have the new cmd window up? Good. Now kill explorer.exe using the Task Manager. Yes, just kill it! Keep the new cmd window open though. Use it to run explorer again by typing in explorer.exe. Done!

You are now logged in as SYSTEM. You can now go ahead and do all the nifty admin things that you always wanted to do but your IT department wouldn’t let you. You might get in trouble when they find out though. So, don’t go crazy with your newfound power.

If you still don’t believe me, here is a video that shows you how it’s done.

I finally solved my ndiswrapper issue. If you remember my previous rants, I could never get WEP to work with my Linksys WPC54G v1.2 card. It simply wouldn’t work for me. I think the problem was not with me but with my ndiswrapper module version. I was using 1.13rc1, while the current stable version is 1.17.

Stable release sucks, because they removed the whole debian folder. This means that making a deb package out of it, just became 100% more difficult. Yes, I could simply install from source, but I don’t like doing that.

Most modern linux systems use packages, and there is a very good reason for that. Unless you keep track of all the stuff you install, you will soon find yourself in dependency hell. In fact, each time you type make install you introduce a new set of dependencies that may possibly conflict with some package you will be installing 6 months from now. Unfortunately unless you tell your package manager that you installed something from source, it is not going to know, and it will fail to prevent dependency conflict.

1.16rc2 had the debian rules included but gave me funky error messages. So i settled for 1.15rc2. If you had similar issues, here is a step by step instruction:

1. Download 1.15rc2 source or another version. Note, this method is only going to work for versions 1.16 or lower. For 1.17 and above you need to do something more fancy.

2. Make sure you have all the dependencies (you will need kernel headers, and some other stuff):

apt-get install linux-headers-$(uname -r)
apt-get install dh-make
apt-get install fakeroot
apt-get install gcc-3.4
apt-get install build-essential

3. Untar the source, and cd into the directory

tar xvfz ndiswrapper-[current version].tar.gz
cd ndiswrapper-[current version]

4. Build deb packages using fakeroot:

fakeroot debian/rules binary-modules
fakeroot debian/rules binary-utils

5. The deb files will be built in the parent directory. So go one up, and install the packages using dpkg:

cd..
dpkg -i ndiswrapper-modules-[version]-1_i386.deb
dpkg -i ndiswrapper-utils_[version]-1_i386.deb

After that you can do the normal ndiswrapper magic. Since I had a previous version already installed this was all that I needed to do. WEP is working like a dream

The step by step howto instructions were shamelessly stolen from the super helpful ubuntu forums

Fixed the last code segment.