Chrome: Prevent the Gnome-Keyring Prompt (Chrome and Chromium)

You have once again entered the Chrome world of survival horror… Good Luck…

For the purposes of this post, I’ll be referring to Chrome & Chromium as Chromium because Chromium is the open source code-base from which your Chrome is built and I use the “Chromium” build so it makes my life easier to just call them both Chromium. Apply your own changes where needed. Now, to get rid of that annoying prompt…

First open Chromium. Make sure any extensions you want to keep are enabled in Incognito Mode (there’s a checkbox that says as much).

Next clear your full history. That’s everything, including saved passwords. Bookmarks *should* be safe to keep, I’ve never tried because I fixed this during my transition from Firefox (which I still use) so I hadn’t imported my bookmarks yet.

Now exit Chromium and restart it in Incognito mode. To do this, use the “--incognito” parameter, like this (remember “chrome” = “chromium”):
$ chromium --incognito

Now go to a random site like https://wordpress.com and check that there’s no password prompt. There shouldn’t be.

Assuming it was successful, you now realise that all you need to do is run in Incognito Mode, something you should always do by default. However, running “chromium --incognito” from the console or gExec can be tedious, so here are your alternative choices:

1. The Preferred Way: Take advantage of the nice launcher script provided.
2. The Fallback: You could create a launch-script. I won’t cover that in much depth.

Since I don’t know what ships with the official Chrome (as I mentioned, I use Chromium), I can’t be entirely sure that The Preferred Way will be applicable, but I’m pretty sure based on the contents of the launch script (there’s a variable call APPNAME assigned the value “chromium”).

If you’re afraid of the console, editing scripts or anything else, create a launcher to Chrome/Chromium on you desktop/dock/panel and then edit it so the command has “ --incognito” at the end. Click here for an example. Please note, this does not solve opening links and files from outside of Chrome/Chromium.

The Preferred Way
Editing the Startup Script

The location of the startup script should be /usr/bin/chromium (or chrome) on most distributions. Remember you can always use “whereis chromium” or “which chromium” to find out where the launcher script is. Once, you’ve found the launcher script, open it as root in your plain-text editor of choice (mine is nano because it’s simple and comes stock with most Debian children). If you’re lost, don’t fret, just follow the steps below.
Become root (because it is easier than privileging each command):
$ su root
or (Ubuntu users especially):
$ sudo -i
You should (but don’t have to) back it up before editing it:
# cat /path/to/chromium > /path/to/chromium.bkp
Now (where you see nano, substitute your editor)…
# nano /path/to/chromium
Now navigate to the bottom of the script and you’ll find this line:
exec $LIBDIR/$APPNAME $CHROMIUM_FLAGS "$@"
which you will change to this:
exec $LIBDIR/$APPNAME $CHROMIUM_FLAGS "--incognito $@"
and save it. If you’re using nano, just press Ctrl+o and Ctrl+x. Congratulations, try running “chromium” (or “chrome”) from the console without parameters. If it starts at all and does so in Incognito Mode, you’re done. If not, go back and ensure you didn’t break anything. To restore the original from the backup (if you made it):
# cat /path/to/chromium.bkp > /path/to/chromium
Don’t give up kid, it’ll happen some day.

The Fallback
Creating a Launch Script

I’m not covering this in detail, if you aren’t comfortable or knowledgeable, just use The Easy Way. You need to be root.
$ su root
or (Ubuntu users, again):
$ sudo -i
Now just do the following (remember “chrome” if you’re using Chrome):
# echo -e "#! /bin/sh\nchromium --incognito\n" > /usr/bin/mychromium
# chmod a+x /usr/bin/mychromium
Now you can set “mychromium” as your default browser via you DE’s settings and you’re done.

Stupid Questions and Assertions

“But now I can’t save my passwords and browsing history!”

And why is it a bad thing? Seriously, saving passwords and history is a bug in the actual design of all browsers. Saving passwords with your browser is probably one of the worst practices of all time. As for history, well you decide.

“Using extensions in Incognito Mode defeats the purpose… blah, blah… It can compromise your privacy… blah, blah…”

If you’re relying on Chrome’s Incognito Mode for absolute privacy, you’re already doing it wrong. Incognito mode is just a way to mitigate, not stop, many, but not all, forms of tracking. By clearing browsing history and cache automatically, it saves me doing it manually. It’s just a convenience (unless you use Grandma’s laptop to visit porn sites, in which case it may be quite vital).

Update on Privacy: Now there’s a very easy way to prevent being tracked (which I’ll cover in detail later) called Privacy Badger. It’s available for Chrome/Chromium and works by “learning”. Simply install the extension and visit some mundane sites filled with advertising (example Gmail, travel agencies, etc) first. After this, you’ll start to see things getting blocked as you browse.

A Final Note

There are many other solutions, but I find this method is most preferable because it prevents the pop-up window entirely, saves the time-wasting of building Chromium, and I use Incognito Mode by default so it serves as a convenience, too, the Gnome Keyring issue notwithstanding.

As usual, feel free to leave comments, ask questions, or post death threats using the comment button below. If you found this post useful, it’s good to share or like it, or even both.

Share the Love:

Easy Print:

The End User Patch

Below is the beta version (0.1) of the End User Patch, the “JoDo”, by John Doe. You can read more about how he came about it here. The patch requires no installation and improves security on all devices and platforms simply by reading it. The security increase is estimated to be around a whopping 80%.

JoDo v0.1:

We’ll address the IoT stuff first

Stop acquiring IoT devices. When did you ever need a web interface for your dryer? It’s easier to turn the dial to 60 than to click three to four buttons on a PC. You don’t need a MacBook to operate your microwave. It’s more of a hassle to put food in, go to your MacBook, set the timer, and return to the microwave. That’s why the microwave has a keypad or dial, so that you can activate it without leaving the area. Why did you learn to drive? To drive a car, yes? You don’t need some “smart” software to do it for you. In fact, shocking as it may be, you don’t need GPS to find the Seven Eleven, you can get directions from the gas station. You do not want your door lock to be connected to the internet. That makes it vulnerable to hackers. You will find that a regular lock key is immune to remote attack and even local hacking.

Next, address the hand-helds

Don’t download unofficial software. Your mobile device comes with a built-in package manager. You needn’t understand this. All you need know is that is you “Software Center” or “App Store”. You get safe and verified applications from there. Anywhere else is a risk. You do not need superuser privileges if you are not a superuser. To clarify, if you cannot manually configure things, if you do not understand the difference between an OS and a kernel are, if you have never made system changes without the aid of a How-To or automated software or your friends, then you are not a superuser. The commercial game you want to download from an unofficial source is not free. It is pirated and therefore you still pay for it by risking your security. Is risking all your online accounts, saved passwords, personal information, and nude selfies worth saving five bucks? In case you’re feeling indecisive, the answer is no. Not even for double, triple, or one-hundred times that. What is your phone for? Answer for the two-dgit IQ: making calls and sending texts. So do you need a plethora of apps? No. You may benefit from VOIP and IM apps because they’re cheaper. You may benefit from social media apps. But that’s it. Can you really enjoy a movie on a five inch screen? Be honest. No. Do you need a music player? Maybe, if you don’t own another music player or an iPod, yeah. But that software comes stock so you don’t need to download one. Your phone is not a home theatre or media centre and you will never make it one. Can you really enjoy gaming on a 5 inch screen? Yes. But, can you enjoy gaming without a proper gamepad or kayboard? If you’re a hardcore games, then no. If you’re a casual gamer, the games that you’d enjoy are available from the official store. Do not install all apps on one device. Your phone should be kept strictly for comms. If it is a smartphone, install IM and VOIP, by nothing else. There’s no need for XYZ Saga. Use your tablet. The same is true of web browsing. You don’t need to browse the web every second of every day. Smartphones give a generally bad experience any way. Use a PC or your tablet. By the same token, do not use your tablet for sensitive apps. It is not a good idea to have a banking app on the same device as a game from some publisher with about five downloads and no reviews. The official software sources are usually safe, but it is foolish to rely completely on a system. Don’t have more than one device? Get one. Get a cheap smartphone for your games and insecure activities. If you cannot afford a secondary device look at your monthly expenditure. There is one smart device that retails for less than twelve slabs of chocolate. In other words, one less slab of chocolate per month covers the repayment on a twelve-month credit.

Personal Computers

Do not download software from unofficial sources. Open source software is different because it can usually be trusted to not be malicious. However, if you cannot build it yourself, you probably should not use it. It will appear in your operating system’s repositories when/if it meets the quality and security criteria. Keep your system up to date via to official method described by your OS documentation. If you do not understand, call your IT person.

General

Do not download or click on anything you see on the internet. There’s no magic pill to enlarge your penis. If you need a bigger penis, it is recommended you speak to a medical practitioner. There aren’t tons of singles dying to meet you. How can there be when they don’t know you? To find singles, use reputable sites. Paid-for sites are highly recommended because they filter out out scam-artists. If you want a free platform to meet potential soul mates, there’s a free service called The Outside World. You do not need to click on porn adverts because there are many, erm, reputable porn (sounds like an oxymoron) services through the internet or cable. Surprisingly your local video rental will have media too. You do not need to click adverts for clothing, fashion, make-up, or diets. All these can be obtained for a small fee at the mall. Is your security really worth the off-chance that an outrageous claim that you can shed five kilograms per day is true? High speed weight loss is detrimental to your health and leaves you with flabby skin and a fatigued look. So the answer is no, unless you want to look like the undead. Use a different password for each site you frequent or lock you have. It does not need to be something like @#$%B2A16709. Length is much better strength than complexity. Experts have been saying for years that using some simple words and a non-dictionary one is sufficient. Something like MyKittieIsPregnant@8Months is very hard to crack or guess so consider it. It also meets the criteria that more sites force on their users. Another example, WishIWas30&Flirtie. Do not store sensitive information digitally if you are not well-read on Information Security. Programs may promise to secure your data and passwords, but taking their word for it without assessing them and at least doing some research on them is similar to accepting an offer for heart surgery from a door-to-door salesman. If you have any doubts, remember the most secure place to store passwords is on a piece of paper. Paper, so long as stored and hidden responsibly, is immune to remote attack. If you have your own shorthand, even better, because deciphering it is difficult so if your adversary gains possession of it, it may be useless to them. Never give your details out. A site will never ask for your password or user name except when you login. They’ll never ask by email. If you receive an email from a site telling you to log in, never use the link in the email. Always log into the site from your browser history, bookmarks, or memory. Make sure the address starts with https for extra protection. Do not click links in emails generally, unless they are emails you are expecting, for example an account activation link. Do not login after activating you account, leave the site and return using the above-mentioned methods. Do not download attachments from emails unless you’re expecting them. Example A: your friend sends you some holiday pictures. This is fine. Example B: a random email offers a free something. Not a good idea

Finally:

Disconnect. Ask yourself the following questions about anything you do online.
Did I need to do this online ten years ago?
Did I ever need to do this online?
Can it easily be accomplished without physical internet access?
Do I even need an electronic device for this?
Do I even need to do this?
Do I even need this in my life?

Imagine how you’d feel, after reading all this, if you were the victim of cyber crimes. Imagine how bad you’d feel if a friend, family memeber, or other loved one was harmed by a virus that mailed itself to them from your PC all because you didn’t heed this warning.

Done!

Congratulations. You have just been patched. You can continually update your security by reading this note over and over again.

Share the Love:

Easy Print:

The Ultimate Cross-Platform Patch Arrives

September 25, 2016 at 00:45 John Doe, a system administrator and security engineer was doing the thing most that most sysadmins do: monitoring his remote servers while playing Prince of Persia in a DOSBox. Despite the game’s dreadfully sticky controls and difficulty level, he’d been playing it long enough to allow his mind to wander on to one of his most recurring thoughts: cyber security.

“How does one deal with security all those different platforms? Patching one will not patch any of the others…”

In a world where more and more devices are becoming “smart”, the Linux kernel has moved away from its common uses in desktops, servers and embedded systems to become ubiquitous in “Internet of Things”, IoT, consumer electronics, too. Since all these devices were running the same kernel, they shared the same possible security vulnerabilities that a standard desktop or server may face. The difference? Where Linux-based servers are run by professionals, and can receive security updates, many consumer electronics can’t or won’t because manufacturers seldom, if ever, release updates. The logical step seemed to secure the Linux kernel and educate manufacturers and vendors about securing and maintaining systems. But manufacturers and vendors, even educated, may simply ignore the warnings. Also, this did not account for non-Linux devices. Many routers, for example, use firmware derived from BSDs, and though they share a common Unix-alike ancestry, they are very different. It didn’t end there. There many different operating systems form hand-helds and other smart devices, from Linux-based Android, to IOS, to Windows. “How does one deal with security all those different platforms? Patching one will not patch any of the others,” John Doe thought. “The biggest players on any platform seldom cooperate. They’d never modify their OS to help secure others.”

“I’ve found the single point of failure in all technologies! What’s more, I think I can patch it!”

It was then John had a thought that was so radical, he almost choked on his cold coffee, causing him to die in Prince of Persia. “That’s it!” he cried, standing swiftly and killing his DOSBox session. Immediately he called a friend of his to pitch his idea. “What if there was a single patch that was platform and architecture agnostic, available to every user that worked for all devices!?” he yelled as the call, connected. His friend was still half asleep and barely able to string a response together when John proclaimed, “I’ve found the single point of failure in all technologies! What’s more, I think I can patch it!” Although his friend had been catching up on much-needed rest, John’s idea went surging through him like a shot of adrenalin straight to the heart. The two immediately began their work as John outlined the plan details.

Two days without sleep later, John unveiled “JoDo beta”, the John Doe Security patch for for all things, and made it freely available across the web. It doesn’t require installation on the device, firmware flashing, or anything beyond the abilities of even the most technophobic user.

While he admits this patch won’t solve everything, John estimates it would mitigate around 80% of everyday vulnerabilities. Below you’ll find a link to the patch. It’s easy to activate on all devices from whatever you’re reading this on.

View or Download the Patch Here

“I know it doesn’t fix every issue, but I feel that this patch does away with the biggest problems which leaves developers free to focus on the important ones,” John said nearing the end of our Linphone conversation. After that he explained he needed some rest and would probably not be ready for the mass media for a few days. “[I] need to crash for twelve hours. Then I’m going to order myself a pizza and sit playing Centipede in my DOSBox. Afterwards, I might dust the old PlayStation off, invite some friends round and do a Tekken 3 marathon. Then, I may even see if I can remember how to breed a Gold Chocobo. At this point, I just want to chill,” John explained before disconnecting.

Share the Love:

Easy Print:

Mednafen: Dealing with CD Image Problems

This post assumes the following:

*. You’re running a Linux OS environment
*. You can install software
*. You’re not afraid of spending about two minutes in front of the CLI.
*. You’re having some sort of problem running a CD image. This post is specific to PlayStation games but it’s probably applicable to any other CD-based consoles too.
*. You’re a Mednafen user of any level (novice to expert).

Before we proceed with the real troubleshooting, it is important to note that with Mednafen, one does not open the actual image file. To play a game, you’ll need to open the accompanying cue sheet (a .cue file). So, firstly, make sure of the following:

*. You’re opening the accompanying .cue file, not the .bin or other image file

So, having gotten that out of the way, now we can actually start troubleshooting. The following is a list of common problems:

*. I have a .mdf and .mds file
*. I have no .cue file.
*. I only have a .iso file.
*. I only have a .bin file.
*. I have some other format that doesn’t work

To proceed, you need to install mdf2iso. If you don’t know how to, see your distribution’s documentation or glean this table (the Arch Wiki is one of the best information sources, even for non-Arch users). So:

*. Install mdf2iso. Read the man page too (yeah right).
*. Open the CLI in the same directory as your problem CD image. For this example, our game is called Example.

Now, back to the problems. Below are all your solutions in Q & A format:

Q: My file is Example.mdf
A: That’s what this was originally about. Issue the following command:
$ mdf2iso --cue Example.mdf
Short wait. A .cue file will be created. You do not need to convert the image, but simply generate the cue sheet. Open Example.iso.cue and play.

Q: My file is Example.iso
A1: Issue the following command:
$ mdf2iso --cue Example.iso
Somewhat of a wait. A .bin file and an accompanying cue sheet called Example.iso.bin and Example.iso.cue respectively will be generated from your ISO file. Open Example.iso.cue and play.

Q: I have some other format Mednafen won’t play
A: Try the procedure. If it works you’ll get one of the above results.

Q: I only have a .bin file
A: This is unlikely if you ripped it yourself (implicit accusation unto illegitimate dealings). Luckily there’s a an archive at redump.org that will likely have the cue sheet you need. You can select your system from the Discs menu. This is not intended to enable you if you obtained a rip illegally.

If mdf2iso does not work for you, don’t panic. There are many conversion tools out there and the easiest and safest way to find them is to search for the image’s format (usually indicated by the file extension) in your package manager’s database. You should find some tools, even if all they do is mount the image (note mounting the image should be a last resort and won’t be discussed further as it is outside the scope of this post).

If you found this post useful then please like it, tweet it, or whatever. Questions, queries and feedback welcome, simply leave a comment.

Share the Love:

Easy Print: