UDS Video: Security, Cloud, and Ubuntu

I stepped away from a busy schedule of awesome sessions the Ubuntu Developer Summit in Oakland, CA to speak for a few minutes about the requirement of "openness" in modern Cloud Computing, the absolute necessity of security and encryption of data, and benefits of Ubuntu as both a Cloud host and guest. Enjoy!

• https://pages.canonical.com/gazzang.html

If you're interested in learning more about security considerations when planning your cloud or big data deployment, consider subscribing to Gazzang's blog feed, or reading some of our white papers.

Cheers!
:-Dustin

Introducing zEscrow -- or, How to save your encrypted life!

I had the honor of introducing zEscrow about a week ago, at the Ubuntu Developer Summit during Friday's plenary of lightning talks.  You can also view my slides now!


zEscrow is a free service offered by my employer, Gazzang, to users of Ubuntu's Encrypted Home Directory, to aid them in safely backing up and retrieving the bit of configuration and key material necessary to recover that data later.  I can't state this emphatically enough...

This very well may
save your encrypted life at some point!

The Quick Start Guide

If you're running a version of prior to Ubuntu 12.04 LTS, first add the PPA:

  
  sudo apt-add-repository ppa:zescrow/ppa

  sudo apt-get install zescrow

And if you're on Ubuntu 12.04 LTS, just install.

  sudo apt-get install zescrow-client

Now, just run zescrow, and follow the three simple prompts:

1. Choose your server
2. Enter your login password
3. Visit the one-time URL

How it Works

Some inquiring minds might want to know the nitty gritty details.  You're welcome to read the code, as Gazzang has released both the client and server as free and open source code in Launchpad under the AGPL.  Here's a narrative pseudocode of the algorithm though:

1. Choose your zEscrow server.  I recommend that you use the default, zescrow.gazzang.com.
2. The zescrow utility will download the public GPG key associated with your zEscrow server and load it into a temporary keyring stored entirely in memory.
3. Enter your LOGIN password.  This will be used to decrypt your ~/.ecryptfs/wrapped-passphrase file.  Under NO circumstances will your LOGIN password will sent to the remote server!!!
4. The utility will create a tar archive of your entire ~/.ecryptfs directory, but replacing your wrapped-passphrase file, with unwrapped-passphrase.  This protects your LOGIN passphrase from ever leaving your system, but ensures that your randomly generated MOUNT passphrase will be securely transferred to the remote server
5. This ecryptfs.tar archive is securely transmitted to the zEscrow server over SSL.
6. Upon a successful transmission to the zEscrow server, a cryptographically nonced URL link is sent back to the client utility, which embeds a checksum of the transmitted archive, verifying the integrity of the transmission.
7. You MUST complete the transaction by opening the link IMMEDIATELY, to "claim" this upload as yours.  Upon doing so, you'll be required to login using Google OpenID.  
• (Yes, you must have a Google OpenID to use this service.  Sorry.  Send a patch, if you want support for another OpenID provider).
8. That's it!  You can now download your backups from zescrow.gazzang.com at any time, and use ecryptfs-recover-private to get your data back, following these instructions!

The Motivation

This might help explain why I have personally received hundreds (probably climbing north of a thousand) emails, IRC messages, forum posts, StackExchange questions, Launchpad bugs, SMS messages and even phone calls to my cell phone (!?!) from users who have forgotten their login password, or did not record their randomly generated eCryptfs mount password at installation, and are now cryptographically locked out of their own data :-(

Unhappy Users Don't Back Up their eCryptfs Passphrase

A few random quotes from the last 2 months alone:

• "Through idiocracy I have screwed up my encrypted home directory and if possible I need help getting it back."
• "I was trying to mount my encrypted home directory from a livecd in order to back up my data (according to the instructions), when I accidentally deleted one of the .ecryptfs folders in my encrypted home."
• "Mr Kirkland, my name is MB. I used an Ubuntu system with ecryptfs. Something happened and it all went up in smoke. I saved a backup and moved on. Chalked it up to bad backup practices and moved on. I found the encrypted backup a few days ago, and I've been trying to unscrew it. I *think* I found the old wrapped-passphrase file, and I tried to fix it. So far, I've been unable".
• "Please help as I am stuck in Korea and will be totally shagged without my e-mail and data. I have 6 months un-backedup work on the disk, of course. And I saved the password for the disk on my home partition...great move eh?"

I can't even respond to most of these emails, if it's clear that the user hasn't backed up their random, mount passphrase.  These are usually 16 or 32 characters of hexadecimal [0-9a-f], representing 128-bits or 256-bits of entropy.  You're doing battle with a mathematical Highlander at this point...  There can be only one, and the chances are absolutely astronomical that it won't be you :-(

But Happy Users Do Back Up their eCryptfs Passphrase!

On the other hand, I have helped hundreds upon hundreds of users recover their data, when its clear that they HAVE backed up their randomly generated MOUNT passphrase.  These two blog post of mine, about the ecryptfs-recover-private utility and how to mount your encrypted home from a live CD, are my two all-time most viewed posts.  A few quotes from happy users:

• "you saved my life, thank you!"
• "Where do I send hugs? It's great, thanks so much! I just want to add my note"
• "Worked like a charm - thanks."
• "YOU SAY IT! *YOU* *THE* *MAN* JUST SAVED MY LIFE! THANK YOU"
• "Thanks $deity and Dustin, this method works for recover my encrypted private directory and backup it to external drive. Thanks again for this tutorial."
• "Thanks Man!! it worked for me!!"
• "Today, making a liveCD and following your instructions above put a massive smile on my face. I can't believe I've now got access to everything again and nothing is lost. Thank you so much for sharing your knowledge - I shall sleep well tonight!"
• "Thank you for this addition to Natty! I was having a hard time mounting my files on a system I wrecked ;)"
• "thank's a lot, u'r save my life"
• "My god. Thank you so much! I tried to upgrade to 11.04, and it wrecked my OS. This is a lifesaver."
• "This is cake my friend nice job! I remember when this was stuff was hard. I've been trying to recover a drive for some time now."
• "I just wanted to say thanks for building this. I used it to recover a ~/.Private directory on an external drive, and it worked flawlessly. It's folks like yourself building tools like this that makes open source projects such a pleasure to use. So kudos, and thanks."

If you use the free zEscrow service from Gazzang, in conjunction with Ubuntu's Encrypted Home Directory, and the ecryptfs-recover-private utility, you'll almost certainly be counted in the "Happy Users".  And if not...well, you're a bit on your own!  Please, please, please write down your passphrase and store it in a very safe, very private place!!!

:-Dustin

Introducing eCryptfs.org!

I'm very proud to announce today the launch of eCryptfs.org!  For the first time in the 7 year history of the project, eCryptfs has it's very own, dedicated home on the web at eCryptfs.org.

eCryptfs.org now serves as the project's official portal to numerous resources, including: information about the project, StackExchange questions and answers, mailing list archives, the Google Plus page, package download links for all major Linux OSes, pointers to the kernel and userspace source code repositories, support resources, documentation, and news.

The kernel sources continue to be hosted on git.kernel.org, and the user space sources and bugs hosted on Launchpad.net.  We are now using StackExchange.com for questions and answers rather than Launchpad.

A special thanks goes out to the original authors and developers of eCryptfs in the IBM Linux Technology Center Security Team, the Canonical Kernel and Security Team, Red Hat and beyond, as well as all of the contributors to eCryptfs over the last 7 years.  Gazzang commissioned the artwork and web design, and is sponsoring the web hosting of eCryptfs.org as a bit of a "thank you" to the eCryptfs community growing far and wide.  Let us know what you think!

Cheers,
:-Dustin

Project Sputnik: Developer Focused Dell XPS13

I'm absolutely thrilled to have been invited by Barton George to participate in Dell's Project Sputnik!  As of this morning, the gag order has been lifted and I can finally publicly blog about it :-)

I'm writing this blog post from a brand new Dell XPS13, given to me by Dell!  Project Sputnik is a new endeavor from Dell to produce a portable hardware and software platform specifically designed for developers.  Have you been to a conference recently where the predominant hacker platform involved a legion of Mac Airs running OSX?  Well, I think we finally have a contender :-)

I drove clear across Austin on Monday last week to meet Barton at The Domain and pick up the new machine.  Saying this sounds strange, but the experience unboxing this laptop was significantly different than any other computer I've ever opened.  The packaging itself was elegant, even beautiful.

And the hardware -- wow!  Aluminum outer shell.  Chiclet back-lit keyboard.  Thin, light, sexy.  At 13", it's the perfect balance between portability and usability.  The accessories and peripherals are simple, but sufficient.  Two USB ports.  A combination mic/headphones jack.  An external display port (dongle required).  And one very slim and trim AC/DC power adapter.  Oh, and there's a little button that you can press and see how much battery you have left.  There's a quad-core i7 with VT.  Intel video and wifi.  Bluetooth.  256GB Samsung SSD.  4GB of RAM (I really could have used 8GB, and it's soldered onto the motherboard).  With a 46W-h battery at 7.4V, I'm getting 6+ hours of uptime.

I installed Ubuntu 12.04 LTS myself (as the pre-built image didn't actually exist when I received my device as an Alpha Cosmonaut).  Everything worked out of the box, except as mentioned by Barton in his blog post (I had the toggle the hardware wifi kill a few times to get wifi working, and without proper drivers for the touchpad, it's lacking multi-touch support).

From the software side, I'm really excited about the idea of developing a derivative or customized distribution of Ubuntu, precisely tailored for developers.  I've used Linux as my development platform for 12+ years, and Ubuntu for the latter half of that.  In fact at Gazzang, the vast majority of our developers use Ubuntu desktops, and our development largely happens (or starts) on Ubuntu cloud images and servers.

Ubuntu is such a modern platform, with stable, recent versions of thousands of open source software packages.  Partnered with Dell and this breathtaking piece of hardware, I think we're seeing the first glance of an amazing developer platform!

Any downsides?  I'm looking forward to a proper driver for the touch pad (I'm told it's in the works).  And I really want 8GB of RAM (I usually give my VMs 4GB).   Aside from that, this is a truly beautiful machine -- easily the best laptop I've ever seen or used from Dell.  I love the focus and attention they're paying to Ubuntu in this space.  Well done, Dell!!!

:-Dustin

15 Flags of a Sophisticated and Highly Personalized Scam

During the course of a recent public thread on Google+ this weekend, I mentioned that I am in the market for a used, late model Cadillac CTS-V (sort of an American equivalent of the BMW M5).  Truth be told, I've been watching CraigsList, eBay, Autotrader, and Cars.com for a very specific vehicle.  There's only a few hundred ever made to my precise specification.  I've contacted a small handful of dealers and individuals for more information about a couple of cars, but haven't quite found exactly what I'm looking for.

Yesterday, I received the following email:

Mary Smith ga.marysmith@gmail.com 7:37 PM wrote: 

Hi Dustin Kirkland,My name is Mary Smith & I am the Sales Manager of a large auto dealer group, we actually have a store in Conyers,GA.We are selling the 2009 Cadillac CTS-V, for a customer of ours. It is an Original, non-smoking adult owner and was parked in the indoor garage most of the time. Very fast, powerful but yet smooth drive. It is loaded with all the standard features. No accidents. All power features work properly just like they should and everything is in excellent working condition. The carpeting is very clean and stain free. No rips, no odors. This is a non smoker vehicle. A real head turner on the road. Always stored inside and never driven in the snow. Black Raven Exterior / Ebony Interior Leather Seating with Suede Inserts.Navigation System.AM/FM Stereo with CD/DVD Player, Bose 5.1 Cabin Surround Sound 10 speaker system. 40GB Hard Drive Device.Bluetooth.Universal Home Remote. 5 Speed Manual Transmission.The price is $35,750 ( the owner selling it due to a change of job)This car has less than 15,000 miles and a CLEAN CarFax with One Previous Owner! The mileage represented on this vehicle is accurate.We proudly stand behind each vehicle we sell because it has passed a thorough inspection. VIN# 1G6DN57P590172365The warranty is full active, fully transferable to the new owner.The vehicle is warranted as being free of lien. It has a clean title in to the owner's name. The pictures speak for themselves. If you need more details or would like additional pictures, please contact me. 

-- Thank-You!  

Mary Smith

951 Dogwood Dr 

SE Conyers, GA 30012 

sales@ga-autogroup.com

1. On the surface, this seemed very attractive.  It's pretty much the exact car I'm looking for, but at a significantly-better-than-market price (flag #1).
2. I have been shopping at Cars.com, though I don't recall contacting this individual or dealer (flag #2).
3. I found it slightly odd that she would have sent this email from ga.marysmith@gmail.com, rather than an @ga-autogroup.com address (flag #3), but hey, maybe their internal email system was Exchange or worse (Lotus Notes).
4. While the prose was readable, there were a couple of missing periods, sentence fragments, and poor use of capitalization.  Also, the description claims a 5-speed manual transmission, while this car only comes in a 6-speed manual transmission (flag #4).
5. So I visited the website, ga-autogroup.com, and found a small collection of used cars, including the car advertised here, at the price listed in the email.  While the website was reasonably well done, I found it odd that the domain name had only been registered on March 27, 2012 -- less than a month ago (flag #5).
6. The IP address hosting the site, 50.28.2.79, is also hosting 7 other similarly suspect looking auto dealership websites: quadcitiesnewandusedcarsandtrucks.com, carmau.com, mamotorsllc.com, randycrowlautosales.com, blueridgeautos.com, etnaautosolutions.com, imperialmotorspdx.com (flag #6).
7. The physical address listed in the email does match the one on the website -- 951 Dogwood Dr SE, Conyers, GA 30012 -- but that address doesn't actually exist!  There are only even numbered addresses on that street, including several car dealerships, but none of them named GA Auto Group (flag #7).  Google Streetview helped me browse the area remotely.
8. The text on their home page claims to "have sold over 10,000 cars" but I couldn't find a single review (positive or negative) about them on the internet (flag #8).  That's just not even possible in today's world, when buying and selling vehicles over the Internet.
9. They also claim to be a "Carfax Advantage Dealer", but checking Carfax's website, there's 12 Carfax Advantage Dealers with a matching zipcode, but none of them are this GA Auto Group (flag #9).  I contacted Carfax and they had never heard of this dealership.
10. I called the phone number (albeit after hours) listed on their website, 1 (678) 487-7289, and received a completely generic "Please leave a message" recording (flag #10)...
11. ...in a vaguely British accent (flag #11).  Have you ever been to Georgia?  If not, watch a few clips of Gone with the Wind on Youtube (unless you have 6 hours to kill).
12. The "About Us" section of the website claims that they have been in business since 1981 -- odd for a company that just launched its website 30 days ago (flag #12).
13. I checked the Conyers Chamber of Commerce website and there's no record of GA Auto Group (flag #13).  I also picked up the phone and called the Chamber of Commerce this morning.  No one there had ever heard of the auto group.  Pillar of the community since 1981, eh?
14. The "Service" page of the website has a top notch photo of an automotive service department -- really clean and slick looking!  Using Google's Search by Image technology, it's remarkable that the Auto Group of San Antonio has the exact same service facility (flag #14)!
15. I paid $40 and bought the Carfax report, which shows an excellent, clean, never-wrecked vehicle matching the description.  However, VINs are not secret -- anyone could claim to have possession of a vehicle with a given VIN.  Googling around for the listed VIN, I see the same car for sale on 7 different websites (flag #15), and tellingly, more appropriately priced on a few of those.

As a followup....  "Mary" called me on the phone, and I had a short conversation with her.  She "demanded" that I take down my blog post, or else she would "contact the authorities."  I asked her to kindly email me a copy of GA Autogroup's business license for the city of Conyers, or their state franchise tax number for Georgia, and if she did that, I would verify that with a local government authorities.  If she does this, I'll remove this post and issue a sincere public apology.  She hasn't gotten back with me, of course.

To a less savvy buyer, this probably would have proceeded with "Mary" insisting on a deposit being paid in advance of ever seeing the vehicle or title.  And sadly, a few people will probably fall into this trap and lose a few grand :-(

What strikes me about this attempt to defraud me, as compared to the thousands of other random email messages that fill my spam box each month, is how precisely and surgically directed it was.  At me.  Offering something I'm specifically shopping for.  Right now.  That's more than a bit scary...

Well, beware....it seems the bad guys are getting even more sophisticated :-/

Dustin

Thinking of ditching an iPhone for an Android? Do it!

One of my esteemed colleagues, at Gazzang, our lead Sales Engineer Robert Linden asked me a great question via email this week.  As I wrote my response to him, I realized that I've composed similar answers before to friends and family and colleagues who have asked me about iPhone and Android devices.  With Robert's blessing, I'm posting both his question and response here in my blog.  Enjoy!

On Tue, Apr 17, 2012 at 5:53 PM, Robert Linden wrote:In the spirit of open source, trying new things, etc...   I'm considering replacing my iPhone with an Android phone.  I've done some research, but wanted to get your thoughts on things.   I know "Ice Cream Sandwich" is the latest release of the OS, and next month the big wave of new phones will hit the market with this version of the Android operating system.   I believe that the Samsung Galaxy is the only one currently out with the latest OS already on it, right?

Some things I'm wondering about are... Is there a phone / carrier that is more 'open' than others?  I heard Eddie talking at the All Hands how he had just upgraded to 'Sandwich' on his phone... I know that this isn't always possible to do, is it? The "guy at Best Buy" mentioned a phone that had "less bloat-ware" and "free apps" installed (a desirable situation I think).   I didn't make note of this.   Can I "un-bloat" my phone? Do you have to "jailbreak" some Android phones, like you can do with iPhone to open it up?  I'd appreciate any advice / recommendations if I do decide to make the switch soon...

Hey Robert,

These are great questions!

As a rule, I always "root" my phone.  It voids the warranty (to some extent), in that if I have to return the phone to manufacturer, I'd need to "unroot" my phone before mailing it to them.  If it's still functional, that's possible to do.  If it's totally dead, then it's not possible.  In which case, if the manufacturer can tell that I've rooted, they *could* possible refuse to repair it.  I also have to "hide" the fact that I've rooted the phone from Sprint (my carrier).
Mostly, this just means being smart when you're talking to them on the phone.  It's about like hiding from your parents in high that you occasionally went to parties when kids were doing less than wholesome things :-)  Sprint *probably* knows that you've rooted your phone, but definitely don't flaunt it or even admit to it.

For me, it's a matter of personal choice.   I buy my devices out right, without any contract or rebate.  I often buy them used off of swappa.com.  I like to "take control" of my device, uninstalling the "bloat ware" and "crap ware" that comes with the device from the manufacturer, and re-installing the OS and all applications per my choice.  That's not for everyone, of course.  My wife, for instance, doesn't really care.  Nor does most of the waking population of the world.  But for hard core hackers, it often is important.  That's actually one of the interview questions we've started working into our engineering interview process...asking if the candidate has ever rooted their phone or tablet or router, etc.  :-)

So yeah, step 1 is rooting (unlocking, jailbreaking) the phone, which allows you to replace the bootloader.  This is easier on some devices, and harder on others.  Some are "development" models (like my old HTC G1, and my original WebOS Palm Pre), which basically come rooted by default.  I flash my bootloader with a tool called ClockworkMod (CWM).  This allows you to do two very important things...make a complete backup image of your phone, and boot any kernel/os you choose.  Note that most, but not all, devices are supported by ClockworkMod.  You'll need to check that website to see its compatibility with your device.  If you're buying something that just hit the market, it can sometimes take 3 months for the very smart developers to port CWM to it.

Next, I backup my stock image from the manufacturer.  This is what you'd need to re-image the device with, if you ever return it.  I've had to recover and send back to the manufacturer one phone (HTC Shift), and one tablet (Lenovo A1) for repair.  Both HTC and Lenovo fixed my device exactly as requested, no problem. 


Then, I typically install CyanogenMod (CM).  Cyanogen is a "distribution" of Android, much like Ubuntu and Red Hat are distributions of Linux.  Cyanogen removes all the bloatware and adds some really nice utilities and functions.  It's sort of like the DD-WRT of Android (if you're familiar with the DD-WRT Linux distribution for routers).  Cyanogen actually DOUBLED the battery life of my HTC Shift, having removed all of the crap ware that Sprint and HTC load the phone with, and tweaking a number of power settings.


Cyanogen has its own versioning scheme.  I'm running CM7 on my HTC Shift.  You mentioned "Ice Cream Sandwich" -- that will be CM9, which is currently in a beta testing mode.  Again, you'll need to check the
Cyanogen website for compatibility with your device, but if you want a stable CM9 installation for your device, you might need to wait a few more weeks/months.

Hopefully this all makes sense :-)  I usually allow about 2 hours nowadays for:
 - rooting
 - installing CWM
 - backing up
 - installing CM
 - configuring to my liking
However, the first time you do it, the first 2 steps might take you a bit longer.

If you don't mind buying something slightly used, I highly recommend swappa.com.  There, you can find many gently used Android devices that are *already* rooted, and some are already running Cyanogen. Perhaps do a little browsing there before you overpay "the guy at Best Buy" for a brand new phone brimming with bloatware :-)


--
:-Dustin

Kirkland 12.04 LTS Released -- Hello World!

AUSTIN, Texas -- Kirkland Family Life Enterprises are thrilled to announce the timely release of the first product of its next generation -- Kirkland 12.04 Ultra LTS (code name: Camille).

Chief Architect and Lead Developer Kimberly Kirkland (code name: Mommy) delivered a perfect new child process at 9:35am on April 12th, 2012 -- impressively, three days ahead of schedule.  As with most technical projects, the development team labored all the way through the night, having begun the release procedures with an all-night Sprint that kicked off around 7pm the previous evening.

Project Manager and Community Coordinator Dustin Kirkland (code name: Daddy) multitasked a stream of procurement and support requests, and helped ensure a smooth delivery.  He tagged each milestones with numerous snapshots, offering encouragement throughout each work item.  Kim and Dustin were bolstered by an expert pair of support engineers, Stephanie Carter (code name: Nanny) and Gerri Gros (code name: Mimi), who joined them on-site for the final QA and the initial release party.  Dustin wore an Ubuntu 9.10 "Karmic Koala" t-shirt for the duration of Sprint, with Kim noting that the Koala face made her smile any time the going got tough.

Camille 12.04 is an "Ultra" Long Term Support release, with first class expert support for at least 18 years (wow, take that, Ubuntu!).  She is already showing tremendous input/output capabilities and impressive throughput performance on both ends.  A contract technician confirmed that her dual-channel stereo input is in good working order, and that her analog output volume, while still a bit inarticulate and compressed, is quite audible.  "I thought release day would never come," says Kimberly, exhausted but joyful.  Kim sheds a tear, "We've been waiting to meet her for so long!"

Complete release notes do state that Camille is currently prone to frequent, spontaneous reboots and random periods of inactivity.  Fortunately, her init and shutdown sequences are quite efficient.  Kim and Dustin shared the design responsibilities for Camille's look and feel.  They seem to have done quite an elegant job, having achieved a bit of unity around her outer shell.  She has a simply gorgeous greeter!  They are still getting used to the new user interface.  And they're working their way through the various documentation and manuals whenever she enters one of her multiple sleep states.

"We've wanted this for so long, we're going to cherish every second of uptime!" says Dustin, while dealing with Camille's un-handled garbage collection on the system console.  "We've actually decrypted and documented a few of her error codes."

Camille is currently in a limited-release mode, with access only granted to a few privileged associates.   But in another 6 weeks or so, she's expected to make her first GA appearances, with a formal release party still to be held.

While Kirkland Family Life Enterprises are most certainly still in start-up mode, their trajectory looks quite promising, as we confirmed with Board of Directors chairmen Allen Kirkland (code name: Paw Paw) and Robert Gros (code name: Bob).  "We're extremely pleased with our venture investments and they have our complete backing...in fact, they're looking reeeeeal good!" claims the chairmen.  Technical Advisors Donna Kirkland (code name: Gran) and Gerri Gros (code name: Mimi) said, "We're so proud of the whole team, they're really doing a fine job!"

Asked if there's a 2.0 update in the works, Dustin, wearing his VP Product hat, shrugged and noted that they still have plenty of development to do on this one.  "Let's work on maturing our 1.0 with a few stable release updates before we start talking about a whole new product line -- there's so many SRUs to process!  We're not on a time-based release schedule, so just ask me again in a year or two."

:-Dustin