Archive for February, 2008

Down with Pidgin, Round II


Down with PidginI’ve been using IM in various formats since back in the BBS days with a program called IceChat that I ran under RemoteAccess Pro BBS.

I moved on from dial-up BBS systems to Internet Relay Chat (IRC), and have continued to use IRC for the last 14 years near-daily for personal and professional business needs with a program called Bitch-X (text-mode) and then later a program called X-Chat (gtk+ based with support for lots of plugins).

A few years ago there was some controversy about the licensing of X-Chat, specifically for Windows. If you want a completely free, unencumbered version of X-Chat for windows, use the version from Silverex instead.

Then I moved on to using Instant Messaging (IM), via a program called ‘gaim’, which was a multi-protocol IM client. Within the same interface, you could aggregate your AOL AIM, MSN, Yahoo Messenger, Jabber, ICQ and other accounts into one place. Life was good.

Then the developers began having internal turf wars, and they broke it. Badly.

Then they renamed it.

Then they removed all of the previous gaim releases (which is actually a potential violation of the GPL licensing which binds gaim and is also directly violating the Terms of Service of Sourceforge, ahem).

Then they began removing more and more of the useful features of the client.

Then they broke it again. And again. And again.

Then they closed off their irc channel and began banning people who differed with their philosophical opinion on what features should and should not be allowed in the client. Right now there are 172 users in the project support channel (##pidgin on Freenode), and 45 of those users are permanently banned.

Now they’ve removed the ability to let the window manager decide where it should place the application’s windows and you can no longer resize the edit box. Because of all of the turf wars and in-fighting, Jabber servers outright block pidgin clients from connecting (but those same Jabber accounts work fine from other IM clients; Linux, Windows and Mac OSX).

And now there are enough pissed-off users of pidgin that a group of developers have released a project called “Funpidgin“, which puts back most of the features that the core Pidgin developers removed, and Funpidgin promises to remain in lockstep with the core pidgin releases.

Open Source projects like X-Chat and Gaim should not undergo this kind of turmoil. We’re here to HELP, and to create communities, not to act like children and crack and sever communities apart.

But it looks like my professional and personal colleagues and friends will be migrating away from these “kiddie war” applications to Skype and FWD, where adults work on the code.

Building TrueCrypt 5.0a on Linux

The new TrueCrypt 5.0/5.0a was recently released, and because I’ve had to make a [few] [previous] [posts] on how to patch it to build and run cleanly on Linux, I thought it only appropriate that I follow that trend here with version 5.0a.

Here are some of the new features in TrueCrypt 5.0/5.0a:

  • Ability to encrypt a system partition/drive (i.e. a partition/drive where Windows is installed) with pre-boot authentication (anyone who wants to gain access and use the system, read and write files, etc., needs to enter the correct password each time before the system starts). (Windows Vista/XP/2003)
  • Pipelined operations increasing read/write speed by up to 100% (Windows)
  • Mac OS X version
  • Graphical user interface for the Linux version of TrueCrypt
  • The TrueCrypt Volume Creation Wizard now allows creation of hidden volumes within NTFS volumes. (Windows)
  • XTS mode of operation, which was designed by Phillip Rogaway in 2003 and which was recently approved as the IEEE 1619 standard for cryptographic protection of data on block-oriented storage devices. XTS is faster and more secure than LRW mode (for more information on XTS mode, see the section Modes of Operation in the documentation).

    Note: New volumes created by this version of TrueCrypt can be encrypted only in XTS mode. However, volumes created by previous versions of TrueCrypt can still be mounted using this version of TrueCrypt.

  • SHA-512 hash algorithm (replacing SHA-1, which is no longer available when creating new volumes).

    Note: To re-encrypt the header of an existing volume with a header key derived using HMAC-SHA-512 (PRF), select ‘Volumes’ > ‘Set Header Key Derivation Algorithm’.

To build this to run on Linux, you will need two things:

  1. Download the tarball version of the 5.0a source
  2. Download the latest stable wxWidgets library (wxAll in that list)

This version requires a little more than the previous versions, because it now includes a fully-graphical UI like the Windows version has for quite some time. If you simply enter the ./truecrypt-5.0a-source directory and try to build it with ‘make’, you’ll get the following errors:

Compiling CoreLinux.cpp
Updating library Core.a
make[1]: /src/compiling/truecrypt-5.0a-source/wxrelease/wx-config: Command not found
make[1]: /src/compiling/truecrypt-5.0a-source/wxrelease/wx-config: Command not found
Precompiling SystemPrecompiled.h
In file included from /usr/include/wx/platform.h:88,
                 from /usr/include/wx/defs.h:19,
                 from /usr/include/wx/wx.h:15,
                 from SystemPrecompiled.h:9:
/usr/include/wx/chkconf.h:47:9: error: #error "wxUSE_DYNLIB_CLASS must be defined."
/usr/include/wx/chkconf.h:55:9: error: #error "wxUSE_FILESYSTEM must be defined."
/usr/include/wx/chkconf.h:68:9: error: #error "wxUSE_DYNAMIC_LOADER must be defined."

This is because the required ./wxrelease subdirectory is not built or prepared. Steps to building this correctly are as follows:

  1. Unpack the wxWidgets source tree into some local directory. I put mine in /src/compiling/, but your own path may vary. The version used at the time I’m writing this post, is version 2.8.7 (direct download link from SourceForge). This will create a tree named ./wxWidgets-2.8.7.
  2. Unpack the TrueCrypt 5.0a source into another directory. This will create a tree named ./truecrypt-5.0a-source.
  3. Change into the ./truecrypt-5.0a-source directory and run the following:
    WX_ROOT=/src/compiling/wxWidgets-2.8.7 make wxbuild

    You will see the following output:

    Configuring wxWidgets library...
    Building wxWidgets library...

    This will build the ./wxrelease subdirectory of the ./truecrypt-5.0a-source source tree.

    You’ll get the following warning, which you can safely ignore:

    ./wxWidgets-2.8.7/src/gtk/gsockgtk.cpp:134: warning: ‘wxDummyGsockVar’ defined but not used
  4. Now run the following:
    WX_ROOT=/src/compiling/wxWidgets-2.8.7 make

    As you build this, you’ll see the following warning:

    Compiling PlatformTest.cpp
    PlatformTest.cpp: In static member function ‘static bool TrueCrypt::PlatformTest::TestAll()’:
    PlatformTest.cpp:243: warning: unused variable ‘finally243’

    And these:

    TextUserInterface.cpp:70: warning: unused variable ‘finally70’
    TextUserInterface.cpp:297: warning: unused variable ‘finally297’
    Unix/Main.cpp:55: warning: unused variable ‘finally55’

    You can safely ignore this and similar warnings. They are simply internal self-tests, which checks the line of source code in that file, as follows:

      // finally
      TestFlag = false;
              finally_do ({ TestFlag = true; });
              if (TestFlag)
                      throw TestFailed (SRC_POS);
      if (!TestFlag)
              throw TestFailed (SRC_POS);
      TestFlag = false;

That’s it. Now you should have a truecrypt binary in ./truecrypt-5.0a-source/Main which includes full graphical capability.

Main/truecrypt: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), dynamically linked (uses shared libs), stripped

If everything builds clean, the new TrueCrypt 5.0a GUI will look like this:

TrueCrypt 5.0a GUI on Linux

Choosing your presidential candidate just got easier

If you’re wondering who to vote for in this year’s elections, the process just got a LOT easier.

The United States Senate has just granted retroactive immunity to the telecommunications companies who were found to be illegally wiretapping millions of innocent, law-abiding citizens without warrants, without FISA approval and without any legal foundation.

President Bush himself even stated that he would veto any bill that hit his desk that did not include an immunity clause in this specific matter.

Bush Freedom Quote

Senator Kit Bond from Missouri was quoted as saying:

“…permitting lawsuits against the companies would lead to public disclosure of vital intelligence-gathering methods and would discourage the private sector from cooperating with the government in the future.”

How did your favorite candidates vote? Here’s a quick rundown:

McCain: No (supports retroactive immunity)
Obama: Yes (voted to remove the immunity clause)
Clinton: Did not vote (abstained from voting)

McCain voted to continue the wiretapping, thus proving that he is truly antithetical to a free society.

Obama voted to keep the telecommunications companies accountable for their illicit activities. That’s really no different from where they are today, where they continue to illegally wiretap citizens of the United States without cause, warrant or legal grounds.

Hillary Clinton abstained from voting on the measure at all.

For me, that just discounted ALL of the candidates from my short list of whom to vote for in the 2008 elections.

The full breakdown of the voting per-senator can be found here.

Vote wisely in 2008, because the very foundations this country was founded upon are literally at stake here. If we make a mistake and put the wrong candidate into office, we will have lost what little remains of our freedoms and the Constitution that upholds them.

Bad Behavior has blocked 1004 access attempts in the last 7 days.