define round(n)
{
    oldscale = scale
    if (n > 0)
        value = n + 0.5
    if (n < 0)
        value = n - 0.5
    scale = 0
    rounded = value / 1
    scale = oldscale
    return rounded
}

If you don’t feel like typing this in every time, you can add it to a file that will be loaded when you start bc. Type it into a file, such as $HOME/.bcrc and then add the following to your .bashrc file:

export BC_ENV_ARGS="$HOME/.bcrc"


If you are writing
if (this != &rhs)
in your assignment operator, you are probably doing it wrong, or at the very least, not as right as it should be.

That’s it. Take a deep breath, sit back, relax and just let it settle. I’ve been told to do it this way for years, and you probably have too, so it might be a bit of a shock. But please, please stop telling people to write it this way. It’s important to understand why people do it, but it’s just as important to understand why it’s wrong.

Self-assignment

Let’s look at why people recommend writing this check. Imagine we have the following class:

class Foo
{
public:

    ...

private:
    Bar* myBar;
};

A first attempt at an assignment operator might look like the following:

Foo& operator=(const Foo& rhs)
{
    delete myBar;
    myBar = new Bar(*rhs.myBar);
    return *this;
}

So what can we do instead? The commonly suggested solution is to check for self-assignment and skip the allocation and deletion in that case. This does solve the problem, but let’s take a step back and look at our code again. The problem with self-assignment in the above constructor is that by the time we are ready to copy the Bar object, we’ve already deleted it. But what if we did the copy first, swapped that copy with our member variable, and then deleted what used to be our member variable?

Here’s a new code snippet that does that instead:

Foo& operator=(const Foo& rhs)
{
    Bar* temp = new Bar(*rhs.myBar);
    swap(temp, myBar);
    delete myBar;
    return *this;
}

But just avoiding a special case doesn’t necessarily make this version better, does it? Well…

Exception guarantees

In C++, there are several guidelines you should try to follow whenever you’re writing a function. These are known as exception guarantees. In some cases, it is impossible to implement the stronger ones, but you should try to implement them if you can.

The first guarantee is the basic guarantee which states that your code should not leak memory if any exceptions are thrown. In both our copy constructors, the only line that could throw an exception is the memory allocation. If it does, then there is no memory cleanup required because we’re only trying to allocate a single object. If our class did have more objects, we would need to allocate them sequentially, catch any exceptions that might be thrown while making copies of them and delete the copies that we had made so far before rethrowing the exception.

The second guarantee is the strong guarantee which states that your code should leave the object in a consistent state if any exceptions are thrown. Let’s imagine that I was using the Foo class in the following context:

do
{
    try
    {
        Foo f1, f2;

        ...

        f1 = f2;

        ...

    }
    catch (bad_alloc& e)
    {
        // Clean up some memory and keep running
    }
} while (!done);

Now imagine what happens with our first assignment operator. We first delete the member variable myBar, then try to make a copy of the right hand side’s myBar. If this throws an exception, then our Foo will be left with myBar pointing at some invalid memory. When our program tries to pick up where it left off, it will try to access that memory and will probably crash.

What about with our second assignment operator? We first try making a copy of the right hand side’s myBar. If it throws an exception, our Foo is left unchanged. The program can run the loop again and nothing crashes.

By doing any allocations before deleting objects, we’ve managed to avoid the problems of self-assignment without writing if (this != &rhs) . In addition, this code implements the strong guarantee and is therefore safer. If your code relies on a check for self-assignment for correctness, then it probably doesn’t implement the strong guarantee and is less safe than it should be.

But what about speed?

One question I’ve received when explaining this concept is that the second version is much slower when doing self-assignment than the original version. That is true – comparing two memory addresses is much less costly than allocating and deleting memory. However, in practice, self-assignment is generally rare. Optimizing one specific rare case at the expense of the much more common general cases will likely not gain you much. Putting in a special case to guarantee that your program does not crash 1 out of 1000 times is important; putting in a special case to optimize 1 out of 1000 cases is not. If you are concerned about speed, profile your code first and determine how often self-assignment really occurs.

Alternatives

It turns out that there is an even easier way to write an assignment operator as long as certain conditions are met. The strongest exception guarantee is the no-throw guarantee which states that no exceptions will be thrown. As long as we’re not allocating any memory or other objects, this should be possible. In Foo, the only member variable we have is a pointer. Because moving pointers will not throw an exception, we can write a swap() method that swaps the contents of two Foo objects that has the no-throw guarantee. Then, we can write the whole copy constructor as follows:

Foo& operator=(Foo rhs)
{
    swap(rhs);
    return *this;
}

Rather than sending the right hand side object by reference, we send it by value; this causes the compiler to make a temporary copy of the the right hand side object using Foo’s copy constructor. This temporary object will be sent to the method, and the copy will be swapped with the local object. Then, upon exiting the method, the temporary object will go out of scope and be automatically destroyed. And so, without doing any extra work, we automatically get the basic and strong guarantees.

Prey is software that allows you to track computers and other devices in case they are stolen. After it’s installed on a machine, it periodically checks to see if you have reported it as stolen, and if you have, it will contact you with details about the machine’s current status. This information includes its IP address, GPS position, a screenshot of the current desktop and a picture (or video) of the perpetrator using the webcam.

This makes it much easier to recover your property. However, I also wanted to be able to have full control of the machine in order to access my data and to be able to directly monitor the thief. The easiest option is to ssh directly into the machine; however, this is only possible if the router they are connected to doesn’t block outside connections. One solution is to set up Prey to open a remote port on another machine that forwards back to itself; this way, your laptop initiates an outbound connection and evades the block.

Prerequisites

To accomplish this, you will need root access on a server that’s running OpenSSH so that you can add a user that’s only used for Prey. You could conceivably use your own account instead of creating a new one, but if your laptop is stolen, the thief would be given full access to your account. Your laptop also needs to be running Linux (the same procedures should work for other *nix systems, but modifications will have to be made to the directory structure of the download).

Account preparation

To allow Prey to access your server, we will be setting up SSH keys that allow automatic login onto a server. Because of this, it is very important that you create a new user on the server and disable their shell, so that if your laptop is stolen, the thief won’t be given access to an account.

On the server, run the following as root to add a new user:
root@server:~# adduser preyuser
Set a password and whatever other options it asks for.

On your laptop, run all of the following commands as root:
root@laptop:~# ssh-keygen -t rsa
Do not enter a passphrase.
Now use ssh to create a ~/.ssh directory by running:
root@laptop:~# ssh preyuser@server mkdir -p .ssh
Enter the password for the user you just created.
Now append the laptop’s public key to the authorized keys on the server:
root@laptop:~# cat ~/.ssh/id_rsa.pub | ssh preyuser@server 'cat >> .ssh/authorized_keys'
You should now be able to log into the server as preyuser without entering a password.

Finally, back on the server, disable preyuser‘s ability to login by disabling their login shell:
root@server:~# which nologin
/usr/sbin/nologin
root@server:~# chsh -s /usr/sbin/nologin preyuser

Trying to log into the server should now give give you the message that the account is currently not available.

Configuring your laptop

The only thing to do now is to configure Prey. Download the AutoSSH module onto your laptop and decompress it:
root@laptop:~# wget http://www.skari.org/blog/prey-autossh.tgz
root@laptop:~# tar -xzvf prey-autossh.tgz
Edit the autossh/config file and fill in your server, username, and remote port. When you’re done, move the folder into the Prey modules directory:
root@laptop:~# mv autossh /usr/share/prey/modules/
That’s it!

Prey should now open a forwarded tunnel from your server to your laptop when activated. However, if the connection is interrupted, the tunnel will die. You may want to consider installing autossh which will start and actively monitor an SSH connection and restart it as necessary. This module will use autossh if it is available and fall back to plain ssh otherwise.

Logging into your stolen laptop

Now, if your laptop is stolen, Prey should activate and send you a report. To access your laptop, login to your server and run:
user@server:~$ ssh user@localhost -p port

Enter the laptop’s user‘s password,and you should be in. Now go catch the bastard!

Word Aligned has an excellent introduction on setting up pre-commit hooks and includes a small example. I use a more complex script on my own server, and thought it might be of use to somebody else. It verifies the following:

• The commit message is at least 10 characters long
• The commit message is different from the previous message (handy when hit the up arrow and accidentally try to commit again)
• Tabs are used for indentation instead of spaces (sorry, I’m a tabs guy – you can change it if you need to)
• PHP files don’t have syntax errors
• C and C++ files don’t have any digraphs or trigraphs

#!/usr/bin/python
import sys

# These should point to the respective commands
SVNLOOK = '/usr/bin/svnlook'
PHP = '/usr/bin/php'
MIN_MESSAGE_LENGTH = 10

# Gets a command's output
def commandOutput(command):
	import subprocess
	process = subprocess.Popen(command.split(), stdout = subprocess.PIPE)
	return process.communicate()[0] # 0 is stdout


# Returns an array of the changed files' names
def getChangedFiles(svnPath, transaction):
	# Run svnlook to find the files that were changed
	output = commandOutput('%s changed %s --transaction %s' % (SVNLOOK, svnPath, transaction))

	# The output from svnlook looks like the following:
	# U   folder/file1.cpp
	# A   folder/file2.cpp
	# where U means updated and A means added
	def changed(fileName):
		return len(line) > 0 and line[0] in ('A', 'U')
	changedFiles = [line[4:] for line in output.split('\n') if changed(line)]

	# svnlook inserts an empty line, so output.split() will have an extra
	# line with nothing in it - ignore the last lines if they're empty
	while 0 == len(changedFiles[-1]):
		changedFiles = changedFiles[:-1]

	return changedFiles


# Checks that the message is a minimum length
def checkMessageLen(svnPath, transaction, minLength):
	# Run svnlook to get the message log
	output = commandOutput('%s log %s --transaction %s' % (SVNLOOK, svnPath, transaction))

	if len(output) < minLength:
		sys.stderr.write('Message must be at least %d characters\n' % minLength)
		return 1
	else:
		return 0


# Checks that the message is different from the last message
def checkRepeatMessage(svnPath, transaction):
	# Run svnlook to get the message log
	output = commandOutput('%s log %s --transaction %s' % (SVNLOOK, svnPath, transaction))

	currentMessage = output

	lastRevision = int(transaction.split('-')[0]) - 1

	# Empty repositories have no messages
	if lastRevision  0:
			sys.stderr.write('Regex \'%s\' matched \'%s\' on line(s): %s\n' % (regex, fileName, badLines))

	return matches


# Checks a PHP file for syntax errors
def checkPHPSyntax(svnPath, transaction, fileName):
	# Run svnlook to get the file contents
	output = commandOutput('%s cat %s %s --transaction %s' % (SVNLOOK, svnPath, fileName, transaction))

	# Run PHP syntax checking on the file contents
	command = (PHP, '-l')
	process = subprocess.Popen(command, stdin = subprocess.PIPE, stdout = subprocess.PIPE, stderr = subprocess.PIPE)
	output = process.communicate(fileContents)[0]
	process.wait()

	if 0 != process.returncode:
		sys.stderr.write('Found syntax errors in \'%s\':' % fileName)
		# Print the offending lines that were returned from php -l
		for line in output:
			sys.stderr.write(line)
		return 1 # Error found

	return 0 # No errors


svnPath = sys.argv[1]
transaction = sys.argv[2]
files = getChangedFiles(svnPath, transaction)

errorCount = checkMessageLen(svnPath, transaction, MIN_MESSAGE_LENGTH)
errorCount += checkRepeatMessage(svnPath, transaction)

for file in files:
	# Prefer tabs for indentation
	# Skip .txt files
	if not file.endswith(".txt") and not file.endswith(".sql"):
		errorCount = errorCount + stringsInFile(svnPath, transaction, [' {4}'], file)

	# Check PHP syntax
	if file.endswith('.php'):
		errorCount += checkPHPSyntax(svnPath, transaction, file)

	# C and C++ files should not use digraphs or trigraphs
	digraph = '%s|%s|%s|%s|%s' % ('<:', '', ':>', '%:')
	trigraph = '\?\?[=/\'()!-]'
	if file.endswith(('.c', '.cpp', '.cxx', '.cc', '.C', '.h', '.hpp')):
		errorCount += stringsInFile(svnPath, transaction, [digraph, trigraph], file)

sys.exit(errorCount)

• Compressing it last won’t reduce the file size much. Good encryption should make any input data (especially redundant data) appear random. But compression works by removing redundancy, and doesn’t work well on random data. You can see a good example of this here, where encrypting a file and then compressing it actually made it larger than the original!
• Compressing it should decrease the effectiveness of some attacks. Compression works by reducing the redundancy in the data. A common cryptanalysis method is frequency analysis, which relies on finding repeated data. Compressing it should reduce its effectiveness!
• Brute force attacks will take longer. Brute force attacks work by trying various keys and decrypting the data and checking if the output data makes any sense. By compressing it first, an attacker must decrypt the data and then decompress it before seeing if the output data makes any sense. This takes much longer, and if an attacker doesn’t know you’re compressing the data at all, they might never break the encryption.

I wanted to see how effective the third point was, so I wrote a Python script that encrypted a short message and used a brute force attack to break it. Then I repeated the experiment, but compressed it using gzip before encrypting it. Here’s how long it took on average, in seconds, to guess a single password:

As you can see, compressing it before encrypting it took about 9 times as long to break.

Details: A short message was chosen, specifically, “a message“, to encrypt. Because gzip is a block compression algorithm, an attacker only needs to decompress the first bytes rather than the whole file, so I wanted to keep the message short to simulate this. I used 128-bit AES, using a password with only lower case letters. In each iteration, a random password was chosen and both the zipped and unzipped versions were tested. The test was run 1000 times for each password length.

This is a simple Python script that will connect to your local MySQL database, pull out the password hashes for all users, and either run a dictionary search or a brute force search on it. Either give it an argument for the dictionary file, or give it a number for the length of passwords you want to test. If you want to use a different character set (e.g. include special characters), change the characterSet variable near the top of the script.

On my system, I was able to test around 50,000 words per second. Note that this cannot be used to recover the root MySQL password, as it requires the root password to connect to the database in the first place.

#!/usr/bin/python
 
import MySQLdb
import sha
import sys
import os
import getpass
 
alpha = "abcdefghijklmnopqrstuvwxyz"
numbers = "0123456789"
# Set this to a string with the character set you want to check
# Examples:
characterSet = alpha
#characterSet = alpha + alpha.upper()
#characterSet = numbers
#characterSet = alpha + alpha.upper() + numbers
 
def recurse(width, logins):
  for i in range(0, width + 1):
    print "Checking width %d" % i
    recurse2(i, logins, 0, "")
    print ""
 
def recurse2(width, logins, position, string):
  for char in characterSet:
    # Show progress
    if position == 0:
      print char,
      sys.stdout.flush()
 
    if (position < width - 1):
      recurse2(width, logins, position + 1, string + char)
    else:
      hash = sha.new(sha.new(string + char).digest())\
          .hexdigest()
      for login in logins:
        if hash == login[2]:
          print "\n'%s'@'%s': '%s'\n" %\
              (login[0], login[1], string + char)
          logins.remove(login)
 
if len(sys.argv) > 1:
  password = getpass.getpass('Enter the root password: ')
  conn = MySQLdb.connect(host = "localhost",
    user = "root",
    passwd = password,
    db = "mysql")
  cursor = conn.cursor()
  cursor.execute("SELECT User, Host, Password from user;")
  logins = cursor.fetchall()
  cursor.close()
  conn.close()
 
  # Preprocess the logins
  processed = []
  for login in logins:
    ignore = False
    # Ignore empty passwords
    if 0 == len(login[2]):
      print "'%s'@'%s' has empty password, ignoring" %\
          (login[0], login[1])
      ignore = True
    # Ignore duplicates
    for p in processed:
      if p[2] == login[2][1:].lower():
        print "'%s'@'%s' has same password as '%s'@'%s', ignoring" %\
            (login[0], login[1], p[0], p[1])
        ignore = True
    if not ignore:
      processed.append((login[0], login[1], login[2][1:].lower()))
 
  if os.path.isfile(sys.argv[1]):
    f = open(sys.argv[1])
    lines = f.readlines()
    f.close()
 
    for line in lines:
      hash = sha.new(sha.new(line[:-1]).digest()).hexdigest()
      for login in processed:
        if hash == login[2]:
          print "'%s'@'%s': '%s'" % (login[0], login[1], line[:-1])
          break
  else:
    try:
      depth = int(sys.argv[1])
    except:
      print "Usage: %s [dictionary file | brute force depth]" % sys.argv[0]
    recurse(depth, processed)
else:
  print "Usage: %s [dictionary file | brute force depth]" % sys.argv[0]

First, enter
sudo apt-get install sun-java6-doc
The installer will prompt you to download a zip file containing the documentation from Sun. Bring up Firefox and head to Sun’s website. Click the Download link next to Java SE 6 Documentation, agree to the terms and click Continue. Click the zip file to download the documentation.

When the download finishes, in another terminal, enter
sudo mv /path/to/zip/file/documentation.zip /tmp/jdk-6-doc.zip
You need to rename the file to jdk-6-doc.zip for the installer to work. Enter
sudo chown root:root /tmp/jdk-6-doc.zip
to change the file permissions.

Back in the first terminal, hit enter, and the installer should continue. When it finishes, in Eclipse, click Window – Preferences – Java – Installed JREs, and click the JRE (mine was called java-sun-1.6.0.07). Click Edit, and use Shift+Click to select all the JRE system libraries. Click Javadoc Location, and enter file:/usr/lib/jvm/java-6-sun/docs/api/ in the box. Click Validate to test it (you can open it in your browser to double check), and click OK out of all the dialogs. Javadoc should now be working!

Things you will need

• an i386 computer running Linux (other architectures won’t work with the bootloader)
• ISO images of LiveCDs (or LiveUSBs) you want to run
• a large USB stick that can hold all the images
• Optional: QEmu can be installed to test the stick, or boot LiveCD’s from within your host OS.

I started off by downloading five ISO images: Belenix, Backtrack, Freesbie, Knoppix, and NimbleX.

Insert your USB stick. In a console, enter
dmesg | tail
You should see something similar to
sd 9:0:0:0: [sdc] Attached SCSI removable disk
My USB stick is therefore attached at /dev/sdc, although yours will probably be different. From here on out, I’ll refer to your drive as driveName. To make sure you have the right drive, as root, enter:
fdisk -l /dev/driveName
It should report the size of your USB stick.

We’re going to partition the USB stick for use with each LiveCD. This will destroy all data on the stick! Make sure you’re using the correct drive from above too, or you might accidentally wipe your hard drive!
As root, enter
fdisk /dev/driveName
You can enter p to show the current partitions. It should list a number of partitions. Delete each of them by entering d and entering each number.
When you’ve deleted them all, enter n for a new partition. Choose p for a primary partition, hit enter for the default, and enter +16M to make a 16 MB partition at the beginning of the drive. Enter a to make the partition bootable, and enter t to change the partition type. Enter 6 for the partition type.
Now you’re going to make an extended partition, and logical partitions for each of your ISO images. First, note the size in MB of all of your ISO images. Mine were 696, 784, 672, 697, and 200. You can find these in another terminal by running
ls -lh *.iso
in the directory containing your ISO images. When you use these numbers, you’ll want to add 5 MB to them to make sure they fit in the partition.
In fdisk, enter n for new partition, e for extended, and enter twice to fill the rest of the drive. Enter n, l for logical, enter for the default, and +sizeM, where size is the size of your first ISO image plus 5 MB. In my case, I ran +701M. Repeat this procedure for the remainder of your ISO files.
When you are done, enter p to make sure everything looks right. Your output should look similar to this:

Device Boot      Start         End      Blocks   Id  System
/dev/sdc1   *           1           3       24066    6  FAT16
/dev/sdc2               4         488     3895762+   5  Extended
/dev/sdc5               4          97      717824+  83  Linux
/dev/sdc6              98         203      809984+  83  Linux
/dev/sdc7             204         294      693248   83  Linux
/dev/sdc8             295         388      718848+  83  Linux
/dev/sdc9             389         416      209920+  83  Linux

If everything looks good, enter w to write the changes to the USB stick. If you messed up, you can enter q to quit and try again

Now we’re going to install the bootloader. Most Linux distributions use GRUB or LILO, which are great, but since we’re trying to boot ISO images off of a USB stick, we’re going to use something a little different. Gujin is an alternative bootloader that can boot all sorts of things, and will automatically scan your partitions to look for Linux kernels. It’s a handy piece of software, and if you find it useful, you should consider donating. (Disclaimer: I don’t know the author and make no money off of your donation)

First, format the first partition on your USB stick by entering
mkfs.msdos -F 16 /dev/driveName1
Then, download the
Gujin installer and unzip it. Enter the gujin-install directory and run
./instboot boot.bin /dev/driveName1 --disk=BIOS:0x80 -w
This will install the bootloader to the first partition. The -w option prints out useful debugging information.

At this point, your USB stick should be bootable. You can test it in another terminal by running
qemu -usb /dev/diskDrive
Your output should look similar to this:

Now, you’re ready to copy the ISO images onto your disk. Enter
fdisk -l /dev/diskDrive
and find the number of the first partition under ‘extended’ block. For example, mine above was sdc5. This is where the first ISO image will go. Make sure you’re using the right ISO image for the partition size, and enter
cat nameOfImage1.iso > /dev/diskImage5
to copy the ISO image to partition 5. When that finishes, similarly copy the other ISO images onto the other partitions.
cat nameOfImage2.iso > /dev/diskImage6
cat nameOfImage3.iso > /dev/diskImage7
...

You can test your USB stick in another terminal again by running
qemu -usb /dev/diskDrive
The full Gujin menu should now be displayed!

At this point, I had to scroll down a page (using Page Down). The options you want are listed with the code 0×80 and the ‘El Torito‘ option:

Press the appropriate key (F1, F2, etc.) to boot and you should see that CD’s particular GRUB screen!

If everything works, you should be able to boot any of your LiveCDs from USB.