Extreme triple boot with 2x truecrypt system volume encryption (XP (!), Windows 7) and 1x LUKS (Linux)

What a long title, but it says what it’s all about. Nevertheless, here’s the little story around it: My girlfriend wants to play some old XP only games (because of the not-so-excellent DRM that fucks up anything above Windows XP and renders it unbootable when installing) on her laptop, but also play newer games that probably require Windows 7, at least sooner or later. Bare-metal Windows installations are required, because it is about playing games, so VMs are not an option.

As third system, Arch Linux x86_64 should get installed, because sometimes people want to do something serious with their PCs other than gaming 😉

All this would be fairly easy up to this point. However, to make it a real challenge, we chose to encrypt the whole thing. And by that I really mean everything.

The two systems of choice are, for Windows: Truecrypt and for Linux: LUKS.

There are tons of tutorials how to dual-boot just the two of them (especially this one was helpful, because it uses Syslinux), so I won’t go into detail very much.

This post is just about telling you that it CAN be done and showing you a short diagram I made myself while figuring out this brainfuck, that shows how it will boot:

Triple Boot With 2x Truecrypt and 1x LUKS

As you can see, you will have to select a Windows OS twice (eg: select XP from Syslinux, type in the TC password and then select it again from the Windows 7 bootloader). This is absolutely necessary from what I understand, because Truecrypt automagically selects the first partition that is marked bootable. Thus only the Windows 7 partition gets that flag (sda2 in my example) and Syslinux needs to be installed with the alternate MBR (as mentioned in the linked blog post and the fine Arch Wiki). But that’s the only drawback and everything else just works™ (you know, after countlessly reinstalling syslinux and setting the boot flags right again after TC messed with them).

Anyhow, the last important information would be, that I’ve selected “Single-Boot” in the Truecrypt System Volume Encryption dialog.

If you don’t understand anything about what this blog post is about, that’s fine, you would probably trash your PC anyway :p

systemd sucks!

This blog was missing a systemd rant for quite some time. But fear not, here it is!

As you may know from the previous articles, me and the two other name-giving authors on this blog, who write articles about once a year, all love the awesome Arch Linux. However, it has lately switched to systemd from the good old sysv-init.

I have really tried to like it and installed it on all my two linux machines as soon as I have read the news on archlinux.org, since they always put up good stuff there, right?

When you have just installed systemd and everything works™, it’s quite okay. It even seems to boot fast, although the very characteristic boot messages from the old days are gone. But that’s the new way I thought there, when you boot fast, you don’t need these messages anyway (kernel parameter ‘quiet’ is your friend).

After using it for a long time now, I can present you the reasons why I started to hate it:

First of all, it tries to hide everything from the user. That’s not the arch-way at all :( I liked the simple init scripts, where I could hack in everything I needed just by modifying some shell scripts. Adrian and I used to modify the rc.sysinit file to speed up the boot manually for example. Or you could start custom commands in rc.local back then, which was very useful. This especially annoys me on my home server, where I need to start the wlan access point, configure IP tables for traffic shaping and do lots of other stuff, to configure it properly. Who gives a fuck about boot time on a server anyway? I ended up writing my own “Fuck Systemd” service file hack, which starts the shell script /root/startup.sh on every boot.

Writing service files is a real pain, too, compared to rc-files. They are more complex and harder to debug. And once you change them, you must tell systemd to reload all service files. It will notify you, that some service files have changed and you must reload them, but it doesn’t do that automatically! What an asshole!!

Oh and the log feature is equally shitty. Everytime I do systemctl status $service, I need to wait 30 seconds until I see some logs! What the fuck? Ever heard of the unix philosophy, that says do one thing and do it well? It’s more like do everything and shit the admin in the face while doing so.

And systemd is really not intuitive. For example: I want to start a service, which I have not enabled before. It gives me a file not found error! With rc scripts, you can do this any time, but here you really need to enable a service (at boot!) before you can start it. This is just bad design and it is fucking annyoing.

Last but not least: I really liked the old boot messages, they looked so much better. Without the quiet kernel parameter, arch looks now just like any other distribution. What a shame :-\

I really hope that sooner or later it will be possible to use arch linux (with the shiny pacman, abs, aur etc.) in combination with the old rc scripts.

So after some months of usage, I am sure that systemd is the worst thing that has happened to my favorite Linux distribution  :(

There are already some alternatives out there, but they are far away from being a drop-in replacement. Anyway, I’ll probably switch to one of those, when I find enough time to do so.

Noch mehr Do It Yourself Kram

DIY ist ein altes Punk-Ideal, das für sehr viel steht. Vor allem aber seinen Ding selbst zu machen und nicht dem Mainstream hinterher zu laufen.

Aber auch in der Technik ist es anwendbar. Zum Beispiel, wenn man Altgeräte repariert, anstatt gleich was neues zu Kaufen. Deshalb finden sich in diesem Blog auch Artikel, wie man im Jahre 2013 das iPhone 3G oder Nokia 5800 noch benutzen kann. Schließlich sind die Geräte ja noch voll in Ordnung, es wird nur für diese Handys absichtlich keine brauchbare Software mehr veröffentlicht. Damit man eben schön brav jedes Jahr ein neues kauft und die Smartphone-Industrie keine wirklichen Innovationen mehr liefern muss.

Wer nach weiteren Anleitungen sucht, wie man teilweise wirklich kaputte Geräte oder eben auch Geräte mit alter Software wieder benutzbar bekommt, sollte sich auf iFixit umsehen. Es lohnt sich wirklich über den für nicht-Apfel-Konsumenten schlecht gewählten Namen hinweg zu sehen und sich mal anzuschauen, wie viele Anleitungen es da zum reparieren gibt. Alles Kostenlos, jeder kann mitwirken so wie bei einem Wiki. Verdammt gute Sache eigentlich!

Coldboot Protection für Handys

Mal kurz notiert: Im Moment steht in den Heise Schlagzeilen ja, dass sich die Full Disk Encryption von Andrioid mithilfe eines Gefrierfachs und entsprechender Software, die man dann über den hoffentlich installierten bootloader nachladen kann, aushebeln lässt.

 

Mir fällt dazu eine ziemlich triviale Lösung ein, die vor allem bei Handys funktionieren sollte (jetzt mal abgesehen davon, den entsprechenden Bootloader nicht installiert zu haben): Temperatursensoren überwachen und bei entsprechend vielen Minusgraden einfach das Telefon ausschalten.

 

Das ist wahrscheinlich ein einzeiler in Bash. Schön als daemon nebenbei laufen lassen und Problem gelöst :p

bash randomly starts to overwrite lines from the left!111

Well, that’s an issue I faced when I started with linux a few years ago. I’ve typed stuff into the terminal and randomly it started to overwrite the line from the left — although there was already something there!

Today I faced the same problem, but this time in a bash script. It should read some stuff from a text file and then echo it with some other stuff – but for some reason bash started to overwrite the exact line while doing the output.

Example:

it should output

abcdefghijklmnopqrstuvwxyz123456789

but it gave me

23456789ijklmnopqrstuvwxyz1

 

This was driving me crazy – I’ve even installed zsh and used #!/bin/zsh at the top of the script (to interpret it with zsh instead of bash, because I thought there was some kind of memory leak in bash).

But it turns out that zsh just reacts like bash… I didn’t know that trick back in the days when I started, so it gave me the hint that this is not a bash issue.

 

Finally (after one hour) I’ve figured out that it was caused by the file I parsed earlier — it contained the windows new-line-format CRLF. Linux uses just CR! I’ve stripped the CRs, but the LFs remained.

 

LF stands for line feed, which made the line go to the left again — that’s the big miracle!

 

I guess when I started with Linux, I had handled some Windows files and faced the same issue OR pressed the key combination for LF (google it yourself :p).

 

Anyway, to get rid of those LFs, I recommend tr.

 

I couldn’t find this with google, so maybe this post will help someone who thinks his shell has gone mad, too 😉