Saturday, August 10, 2013

Install Debian on an emulated ARM machine in Mac OS and Windows

A quick post with some commands to create a running ARM machine in your hackintosh or Windows.

  1. Install QEMU.
    • On Mac:
      1. You need Homebrew. If you do not have it, stop everything and go install it.
      2. Then install QEMU.
        brew install qemu
    • On Windows: Download and install the prebuilt QEMU.
  2. Download a pre-built ARM kernel and init ramdisk from Debian.
    wget --continue
    wget --continue
  3. Create a raw disk image for your virtual machine.
    qemu-img create -f raw hda.img 2G
  4. Launch the virtual machine and finish installation. You will see a no-boot-loader warning near the end. Do not worry about it. When the machine reboots, you can safely terminate QEMU.
    qemu-system-arm -M versatilepb -kernel vmlinuz-3.2.0-4-versatile -initrd initrd.gz -m 256 -hda hda.img
  5. Extract the newly installed kernel and init image.
    • On Mac:
      1. Install ext4fuse. Remember to copy the kernel extension (kext) to the right place and chmod it properly.
        brew install ext4fuse
      2. Mount the disk image to extract the installed kernel and init ramdisk.
        hdiutil attach -noverify -nomount hda.img
        # take note of the device name
        mkdir tmp_mnt
        ext4fuse <device> tmp_mnt
        cp tmp_mnt/boot/initrd* tmp_mnt/boot/vmlinuz* .
        umount tmp_mnt
        rm -rf tmp_mnt
        hdiutil detach <device>
    • On Windows: Use Ext2Read to mount hda.img and extract the files from /boot.
  6. Launch the virtual machine again with the new kernel and init ramdisk. Notice that you need to replace the kernel and init ramdisk in the below command with what you copied in the above command.
    qemu-system-arm -M versatilepb -kernel vmlinuz... -initrd initrd... -m 256 -hda hda.img -append "root=/dev/sda1"

Wednesday, August 7, 2013

Notes about DEFCON 21 CTF

Last week was DEFCON 21, one of the many conferences I'd been saving up for. I was fortunate to play in the Capture the Flag game this year with team CLGT. I like the design of the game, so I'm jotting down here a few notes about that.

  1. This is a zero sum game. There is a fixed amount of points in the game. These points change hand but they are not produced, nor consumed. When one team earns points, some other team must lose points.
  2. Defense is at least as important as offense. Gained points may be taken away quickly due to failure in maintaining a required service level agreement (SLA), and breach of security.

As an analogy, each team is given a patchy water tank filled with some water. The amount of water in the tank is your points. Your goal is to steal water from other teams. If the patch on your tank is broken, the water runs out. Therefore, it is extremely important to properly fix the tank up. Even if you have only one unfixed hole, water still runs out quickly.

Unlike other CTFs, DEFCON 21 CTF placed great emphasis on the blue side of the coin. I like that. It feels more wholesome.

By the way, if you're wondering how we did, the answer is our water ran dry ;).

Tuesday, August 6, 2013

Samsung, Apple, and Protectionism

In June, the ITC handed Samsung an import ban on some old Apple's products which violate Samsung's patents.

Then came the presidential veto of ITC's determination, overruling the exclusion order and cease and desist order. I have to emphasize that the US Trade Representative did not veto ITC's finding that Apple had violated Samsung's patents.

The question is if this is an example of protectionism in a free market economy.

If the ban is vetoed, what can the ITC award to Samsung in lieu? If there's no remedy for Samsung, and no punishment for Apple, has the whole thing been a huge waste of time and money?

Who is going to appeal to the higher Courts?

I welcome the US Trade Representative's veto because it protects consumer's interest. At the same time, the veto brings with it many more unanswered questions. This might signal the beginning of some rework in the US intellectual property system.