How to sell your old Android on eBay

technology 2015-07-05
I recently broke the display of my smartphone and wanted to sell it on eBay. However, I am paranoid about my data. So this is what I did: * Get a new phone and set it up. * Encrypt the Phone with Android's builtin encryption feature: * Set a lock screen password (not a PIN) with a random 16 letter string (at the time of writing, Android won't let you choose longer passwords). * Go to security in your settings and find the option to encrypt the phone, confirming your password. * After this is done, open an ADB shell on your phone. Because the phone's internal memory is flash, there might still be areas that contain sensible and unencrypted information. We will overwrite them with random data. 
cat /dev/random > /data/junkfile
* If you have a stock Android installed, perform a factory reset. If you do not have a stock Android installed: * Go to the Google Developers' Factory Images for Nexus Devices page and grab your image. * Extract that file and find a batch file that will flash this stock distribution on your phone automatically. Warning. You might really have to try several different USB cables and several different USB ports on your computer before fastboot succeeds. For me it worked on the 3rd port and the 2nd cable, that's 7 failed attempts. * Take pictures of your old phone with your new phone and make sure to remove all the metadata from those pictures: 
for img in $(ls *.jpg); do mogrify -strip $img; done
* Now you're good to go, put that old heap of junk up for sale! If you have any comments, go ahead.

Where to get ADB and Fastboot

technology 2015-07-04
So you want to have some more control over your android phone? Sure you do. For any, just slightly above userlevel stuff you might want to do with it, you require the tools ADB (the Android Developer Bridge) and Fastboot (Fast boot). Since I am still quite ignorant to all of this, I decided to write a small reminder blagpost for myself on how to get those tools. Oh yea, this is all on Windows. Linux users have package managers and stuff like this just works. You will need the Java Development Kit. After you got that, you need to get the Android SDK Tools. Download "SDK Tools Only". Once you have installed it, open the SDK Manager. It will want to install a lot of stuff, but unless you actually want to do development, you might not even have to install anything. I installed the following only: * Android SDK Tools * Android SDK Platform-tools * Google USB Drivers Assuming that %GSDK% is the path where you installed the SDK tools, you will find the applications adb.exe and fastboot.exe in 
%GSDK%\Android\android-sdk\platform-tools
You might want to add that to your path, or not. Fun fact. If you use cygwin, you can call adb shell from a cygwin terminal and then invoke bash on the phone, and the cygwin terminal will interpret all the color codes sent back from the phone's bash correctly, so you can have a really comfortable shell open on your phone:
Shell from Cygwin on LG G3
MinTTY on LG G3 sporting CM12

Which FalseCrypt is the true Crypt?

technology 2015-04-07
TrueCrypt is pretty dead. We need some options here, and as far as I can see, there are only two three: * CipherShed. Currently a vanilla fork of TrueCrypt. * VeraCrypt. A fork of TrueCrypt with some fixes and improvements. * Keep using TrueCrypt. Neither of the two alternatives has had an official source code audit or anything. They are both open source. I will give a quick summary of the facts on both forks, concluding that I have no clue and will probably flip a coin roll a D3. Whether these facts are pro or con is up to your discretion.

CipherShed Facts

  • They are on github.
  • They seem dedicated. Meaning, the information on their homepage sounds like they thought this through.
  • Not much has happened yet, they only forked TrueCrypt.
  • There is only a pre-alpha version available, which I won't touch.
  • They do not have any licensing information at all.
  • Longterm Plans are a bit fuzzy, according to their wiki they want to
    • Secure the code through audits, simplification, and a secure architecture.
    • Migrate towards a OSI-approved licensed codebase
    • Work closely with existing efforts such as OpenCryptoAuditProject, LUKS, GELI, and tc-play.

VeraCrypt Facts

  • According to the author in this thread, VeraCrypt was first published on June 22nd 2013, so it has already aged a bit.
  • In fixing some of the security flaws in TC, they break backwards-compatibility. There is a conversion tool available.
  • They are on CodePlex and the software is under Microsoft Public License.
  • Binaries are available for download, cross-platform.
  • Most relevant longterm plan is the ability to encrypt Windows system partitions/drives on UEFI-based computers (GPT).

So. If you have additional information, let me know in comments or by eMail. I am rattled beyond my usual level of confusion as to what I should do. Currently, I will probably give the VeraCrypt binaries a test ride on some machine.

The magic hands of the Phone Guy debunked

technology 2015-03-28
I was promised (and am paying for) a certain bandwidth $X$. But sites like http://www.speedtest.net/ indicated a bandwidth $Y$ (much smaller than $X$). To gather more empirical data over time and to make sure, that I am not hallucinating, I installed a Zabbix server on a Raspberry Pi ((https://www.zabbix.org/wiki/Zabbix_on_the_Raspberry_Pi_%28OS_Raspbian%29)) and set up a monitoring for my Fritz!Box ((http://znil.net/index.php?title=FritzBox_mit_Zabbix_%C3%BCberwachen_HowTo_mit_Template)). The data for the item "Fritz!Box DSL-Downstream" clearly indicated that $Y$ was around 6 Mbps. So I called my ISP and they ultimately sent the tech-guy to the rescue: He was at my home around 8:30 in the morning and measured the bandwidth with a small magical device. First at the basement where the cable enters the house and then at my office on the first floor. To my surprise, both measurements indicated a much bigger number $Y'$ (which was bigger than $Y$ and looks much more like $X$). He also left me under the impression, that everything was fine with my internet connection the whole time, which I might have believed. But: netcologne-zabbix-bandwidth Note the time, when something changed! I rest my case. He doesn't have magic hands. He cheated!

USB tethering with a Nexus 5 on Linux

technology 2015-01-31
Sitting on the ICE to Munich, I'm using my Nexus 5 to open a WiFi Hotspot for my laptop. However, I'd like to use USB tethering instead; my mobile is plugged in to charge anyway, and it would also allow me to buy Telekom WiFi for my phone for a day and use it for my laptop, too. Sadly, it didn't work so easily, and I had to write a small patch for my kernel. (more…)

Binary Determinantal Complexity

code, mathematics 2014-11-11
My good friend and colleague Christian Ikenmeyer and I wrote this cute preprint about polynomials and how they can be written as the determinant of a matrix with entries equal to zero, one and indeterminantes. Go ahead and read it if you know even just a little math, it's quite straightforward. The algorithm described in section 3 has been implemented and you can download the code from my website at the TU Berlin. Compilation instructions are in ptest.c, but you will need to get nauty to perform the entire computerized proof.

Switching the switching of Keys!

code, technology 2014-11-03
I recently lamented about switching two keys on my new Lenovo Yoga. Big problem: In my office, I attach that notebook to a docking station and to that docking station I attach a keyboard. On that keyboard, all keys are precisely the way I want them to be. Therefore, I do not want to switch the Insert and End keys when I am docked. I ended up writing a little batch script based on this nice google code wiki entry for the registry update and this stackexchange answer to elevate the batch script: 
@ECHO OFF
NET FILE 1>NUL 2>NUL
if '%ERRORLEVEL%' == '0' goto run 
powershell "saps -filepath %0 -verb runas" >nul 2>&1
goto eof
:run
REG QUERY "HKLM\SYSTEM\CurrentControlSet\Control\Keyboard Layout" ^
 /v "Scancode Map" >nul 2>&1 
IF '%ERRORLEVEL%' == '0' goto remove
<nul set /p ="> adding scancode map "
REG ADD "HKLM\SYSTEM\CurrentControlSet\Control\Keyboard Layout" ^
 /v "Scancode Map" /t REG_BINARY /f ^
 /d 00000000000000000300000052E04FE04FE052E000000000 >nul 2>&1 
IF '%ERRORLEVEL%' == '0' goto success
goto fail 
:remove
<nul set /p ="> removing scancode map "
REG DELETE "HKLM\SYSTEM\CurrentControlSet\Control\Keyboard Layout" ^
 /v "Scancode Map" /f >nul 2>&1 
IF '%ERRORLEVEL%' == '0' goto success
goto fail
:fail 
echo failed.
pause
goto eof
:success
echo succeeded.
pause
Sadly, it always requires a reboot for the changes to take effect.

Bit Twiddling Hacks

code, mathematics 2014-10-04
I recently implemented an algorithm that has to perform checks on all subsets of some large set. A subset of an $n$-sized set can be understood as a binary string of length $n$ where bit $i$ is set if and only if the $i$-th element is in the subset. During my search for code to enumerate such bitstrings, I found the greatest page in the entire internet. If anyone can explain to me how computing the next bit permutation (the last version) works, please do.

Switching Keys!

technology 2014-08-25
The university supplied me with this really cool yoga 2 pro notebook and even though I have grown to like it, it does have some serious design flaws. I will not go into detail on all of those, but one problem is that they decided to put the End and the Insert key onto the same button, and to press End you have to simultaneously hold the function key, which is on the opposite side of the keyboard ((I am talking about the German Keyboard layout by the way. I realize now that I am quite possibly the only person on the planet with this problem.)). I personally need to press End quite frequently while typing text or code, while Insert is only required occasionally. To make a rather boring story short at the very least, I got myself SharpKeys, an open source tool which alters a registry key that is able to re-map keys as you see fit. It's quite awesome. Apparently, some people use it to turn off the capslock key. WHY THE HELL WOULD I WANT TO DO THAT?

Simple WordPress Update Script

code, technology 2014-08-07
I need to update this wordpress install every once in a while. There are lots of bash scripts on the internet that perform this task, and they are complicated beyond reason. This is what I use: 
function cfg {  
    grep $2 $1/wp-config.php | awk 'BEGIN {FS="[, )\x27]*"}; {print $3;}'
}

echo "> backing up database."
mysqldump --user=$(cfg $1 DB_USER) \
          --password=$(cfg $1 DB_PASSWORD)  \
          --host=$(cfg $1 DB_HOST)          \
          $(cfg $1 DB_NAME) > backup.database.sql

echo "> backing up website."
tar -cjf backup.files.bz2 $1
    
echo "> retrieving latest wordpress."
wget -q https://wordpress.org/latest.zip
unzip -qq latest.zip

echo "> updating wordpress."
rm -r $1/wp-includes $1/wp-admin
cp -r wordpress/* $1/

echo "> cleaning up."
rm -r wordpress
rm latest.zip
It takes a single argument, which is the name of your wordpress root directory. It backups your database to the file backup.database.sql and backups the files to backup.files.bz2, then it simply proceeds as described in the wordpress codex for updating manual. I do not see what all the fuzz is about.

Fresh Windows 8.1 Install on OEM Laptop

technology
When you have a Laptop with Windows 8.1 preinstalled, then you will find yourself having a hard time installing a clean copy of Windows 8 on said Laptop. That, however, might be desirable for various reasons and so I am telling you how it's done. In my case, I am doing it with the firm intention to encrypt the system partition with TrueCrypt Setup 7.1a, which requires me to have an MBR rather than a GPT. There are probably ways to change this in-place, but there's really no point because I want a clean install of Windows anyway. (more…)

Member Variables in Python

code 2014-07-27
Member variables in python are horrible. They are not visible in the layout of the class which is instantiated, but instead the __init__ function of a class creates certain member variables for the instance. I have never liked this about python, to be honest. For a recent project, I devised the following solution. Assume you would want this behaviour: 
>>> class test(Base):
...     # Variables
...     number = 4
...     string = "hodor"
...     # Functions
...     def stringmult(self):
...         return self.number * self.string
...
>>> test().stringmult()
'hodorhodorhodorhodor'
>>> test(number=2).stringmult()
'hodorhodor'
>>> test(string="Na",number=8).stringmult() + " - Batman!"
'NaNaNaNaNaNaNaNa - Batman!'
>>> 
>>> test(end="Batman!")
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
ctypes.ArgumentError
>>>
In other words, any class that inherits from Base can be constructed with keyword arguments who must match exactly the correct class variables which you specify. This one does it: 
from ctypes import ArgumentError
class Base(object):
    def __init__(self, **kwargs):
        # "given" is the list of keyword arguments passed to the constructor
        # of this object, "needed" is the list of class variables which belong to  
        # the base class of the object which is being created, which do not end 
        # with two underscores and which are not a function. Trust me, we do not 
        # want to meddle with those.
        given = list(kwargs.keys())
        needed = [attr for attr in dir(self.__class__) if attr[-2:] != '__' \
             and type(self.__class__.__dict__[attr])!=type(lambda:0) ]

        # Check if keyword arguments have been provided which are not among the
        # required arguments and throw an exception if so. Remove this check for
        # a less restrictive base class. I wouldn't recommend it.
        if not set(given) <= set(needed):
            raise ArgumentError()

        # First, initialize the attribute dictionary of the object being created
        # with a list of default values, indicated by the values of the class 
        # variables. Then, update the attribute dictionary again with the values
        # provided to this constructor.
        self.__dict__.update({k: self.__class__.__dict__[k] for k in needed})
        self.__dict__.update(kwargs)
I personally like this approach a lot and hereby dare you to tell me even a single reason not to do this, in the comments.

Why someone thought that sudoku might not be boring, while actually you should learn how to properly implement backtracking

code, technology 2014-07-03
It causes me unspeakable agony to see that my post about why sudoku is boring is one of the most frequented posts in this blog, mostly because most of my readers clearly disagree with the title. I recently received an email titled "why sudoku is not all that boring" by an old friend, and he taunted me that the sudoku 
S = [
  0, 0, 0, 0, 6, 0, 0, 8, 0,
  0, 2, 0, 0, 0, 0, 0, 0, 0,
  0, 0, 1, 0, 0, 0, 0, 0, 0,
  0, 7, 0, 0, 0, 0, 1, 0, 2,
  5, 0, 0, 0, 3, 0, 0, 0, 0,
  0, 0, 0, 0, 0, 0, 4, 0, 0,
  0, 0, 4, 2, 0, 1, 0, 0, 0,
  3, 0, 0, 7, 0, 0, 6, 0, 0,
  0, 0, 0, 0, 0, 0, 0, 5, 0 ]
would take my 5-minute hack of a backtracking algorithm 
real    51m3.656s
user    50m32.260s
sys     0m2.084s
to solve. So, it seems like some sudokus are really hard, even for a computer, right? Wrong wrong wrong wrong wrong. Read how to implement backtracking properly.
Authors have copyrights. People say these things in footers.
All Hail the Great Yawgmoth, Father of Machines.