Medo's Home Page

Ubuntu Under Windows

During BUILD conference Microsoft announced it would be possible to run bash shell and Ubuntu binaries on Windows. My personal reaction to this was meeh.

Those familiar with me and blog might know I love some things about Linux - especially bash - and I have more Unix/Linux-based computers than ones running Windows (although the number is close). For server-like tasks - even at home - nothing beats Linux. Yes, learning curve is a bit steep due to heavy reliance on the command line but that becomes a strength once you get used to it. And don’t start me talking about superiority of SSH. Anybody with interest in technology is losing a lot if they don’t at least try Linux.

Reason for my less than warm welcome is because I already have all Linux command-line applications worth running under Windows. If you download Git for Windows, you will get Bash shell and bunch of tools that go with it. Frankly, I rarely go into Windows command-line (or its bastard child PowerShell) anymore. Bash is simply more powerful and more practical. With a few easily remembered commands you can do wonders - especially when filtering files. And anything bigger 95% of time has Windows version too.

I don’t view Ubuntu on Windows as a bad step. But I don’t believe it will bring much to developers who had bash running on Windows, one way or another, for years. Considering it is a Windows Store application I am sure there will be enough gotchas to keep it from being practical…

Of course, details remain to be seen once Windows 10 Anniversary edition is out.

POST Cannot Be Redirected

Few days ago I’ve found a bug in a program of mine. As I have feedback built-in in most programs, I decided to use it for once. And failed. All I’ve got was an error message.

A bit of troubleshooting later and I’ve narrowed the problem down. It would work perfectly well over HTTPS but it would fail on HTTP. Also it would fail when redirected from my old domain, whether it was HTTP or HTTPS. And failure was rather unusual error code 418. That was an error I’m often using to signal something wrong with redirects. A bit of a digging later, I’ve noticed I was using POST method for my error reporting (duh!).

You cannot redirect POST requests. And I was doing server-side redirecting (or trying to) from my old domain to a new one and from HTTP to HTTPS.

At the end I’ve changed all my programs to use HTTPS, temporarily disabled redirecting to allow HTTP-only connections, and I’ve had to re-enable same script on my old site so I can get error reports from old versions without update. I knew this last domain move has gone too smooth…

How to Secure Memory?

Sometime you might want to protect your data in memory - the greatest example is when dealing with anything related to passwords. It is simply not smart to keep that data around in a plain-text.

In .NET there are multiple methods you can use for this purpose, starting with SecureString, ProtectedMemory, and my favorite ProtectedData.

Each of these has its advantages and disadvantages and definitely each can find its place in a security toolbox. However, I prefer ProtectedData because it doesn’t require any Win32 API magic to read (as SecureString), nor it has any limitations on block length (as ProtectedMemory). As long as you are ok dealing with byte arrays, you can use it almost as a transparent storage.

Most of the times I end up having something like this (the most basic form):

private static RandomNumberGenerator Rnd = RandomNumberGenerator.Create();
private byte[] RawDataEntropy = new byte[16];
private byte[] RawData = null;

internal byte[] Data {
    get {
        if (this.RawData == null) { return new byte[0]; } //return empty array if no value has been set so far
        return ProtectedData.Unprotect(this.RawData,
                                       this.RawDataEntropy,
                                       DataProtectionScope.CurrentUser);
    }
    set {
        Rnd.GetBytes(this.RawDataEntropy); //new entropy every save
        this.RawData = ProtectedData.Protect(value,
                                             this.RawDataEntropy,
                                             DataProtectionScope.CurrentUser);
    }
}

On each write we let Windows encrypt the data using a random entropy (in addition to its standard encryption) while on every read we simply decrypt the data and return a copy of it. Care should be taken to delete copies lying around, i.e. when you set the property and encrypt data, you should delete the original. Best practice for delete is to use Array.Clear, e.g.:

Array.Clear(value, 0, value.Length);

I will leave it for reader’s exercise why that might be preferred to a simpler value = null.

PS: Note that, as soon as you convert bytes to a string (e.g. to show it to the user), you have signed capitulation as now you have an unencrypted copy of the protected data in memory. Yes, sometime you need to do it, but keep it brief.

Bimil and Summae

After using it myself for last five years, I finally decided to give my password manager a version 1.00 designator.

It is a simple password manager using Password Safe database format. Unlike Password Safe, it allows for storage of credit cards and two-factor authentication keys. Give it a try and see whether you like it.

Other application that got slight version bump is Summae. It now supports per user context menu settings. On other hand, you cannot install it on Windows Vista and below. If you are using Windows 7 you are good. If not, upgrade. :)

Going Big With FAT32

FAT32 is an aging file system with many faults. However, it does have one great advantage. It has been with us long enough that every OS supports it. Whether it is smallest IOT device or big mainframe (anybody uses those?), it will just simply work.

Because of that ubiquity I always keep one FAT32 formatted drive with me. It used to be 8 GB, then 4 GB, and now whooping 128 GB. And it is those 128 GB that posed a curious problem - Windows will allow you to format FAT32 only on disks 32 GB and less.

Mind you, that restriction doesn’t come from FAT32 design itself. If you use whooping 512 KB sectors and maximum count of 4,177,918 clusters, you can reach 2 TB. But, in order to keep backward compatibility with its NT-inherited 16-bit setup, Windows XP decided to drop sector size to 32 KB and inexplicably to limit total partition size to 32 GB (my guess is to promote NTFS). Mind you, it will read even bigger FAT32 volumes if they are already formatted. However, as soon as you try to reformat it first time, it will refuse to do so.

Solution is simple. Either go to ancient Windows 98 that actually supported FAT32 up to 127 GB (ok, that is a bit unrealistic), use pretty much any Linux distribution, or get a Windows application that will do formatting for you.

My go-to application is FAT32 Format. It is simple, free, works on any Windows version you throw at it, doesn’t require installation, and it has acceptable UI. For something one might need just once in a while, a perfect choice.

1 … 113 114 115 116 117 … 269