Moving To a New Site

I have just decided that it's time to move on and have my own domain. All the posts in this blog will be moved to:

Personal posts will be transferred to:

Monday, December 19, 2005

Turn the looks of your Windows XP into a Mac

WinOSX 2

WinOSX is an installer which can customize your whole system very easily : windows, controls, Finder, Dock, shadows, and many other features. If you don't like some features or the complete pack, you can uninstall some components or the full software safely.

So, if you are a Mac user who recently switched to Windows, or if you just think that Macs have a far better look than Windows, WinOSX is for you ! Change easiely the interface of Windows XP into a Mac OS X one !

Download the WinOSX 2 here.


FlyakiteOSX is a transformation pack. It will transform the look of an ordinary Windows XP+ system to resemble the look of Mac OS X. The installer simply automates the process of replacing critical system files, setting registry tweaks, and installing extras such as cursors, sounds, visual styles, etc. FlyakiteOSX DOES NOT contain any spyware or ad-ware of any kind. All files needed for FlyakiteOSX are stored in the Windows directory in a folder named 'FlyakiteOSX' that is hidden by default. All registry values for FlyakiteOSX are written to HKEY_LOCAL_MACHINE\Software\FlyakiteOSX.

Download FlyakiteOSX here.

Monday, December 12, 2005

MS Windows Vista is 20 Years Behind!

Just recently, Microsoft is bragging about its new feature that will be integrated in Windows Vista called the Restart Manager. The guys at Redmond think that this is a significant addition to the new version of Windows.. a big deal.

The Restart Manager is designed to update the operating system without having to do a manual or forced reboot of the machine. This feature is significantly important to servers having a lot of connected clients. With this feature, network administrators would not have to worry about telling the client computers to save your work ang log off the network because the damn server needs to reboot.

Desktop wise, a user may continue working on the machine while doing an automatic update or patch. After an update, the screen will go blank and on again with all your works still there where you left them.

So, the guys at Redmond really are right in saying that this is really an important feature of Windows Vista.. but as far as I know, this feature is already in Linux/Unix since the mid 80s. A feature enjoyed by Linux/Unix users for almost 20 years! And it is only now that Microsoft came to think that it is important!

I have an Ubuntu and SUSE machine running everyday, and I have made a lot of updates without an interruption of a single reboot. I love how this feature works in Linux machines. Will Microsoft catch up to Linux/Unix and make this feature a seamless integration to Vista? A technology perfected by Linux/Unix for almost 20 years.. its about time that Microsoft wake up.

Sunday, December 11, 2005

Make Firefox run up to 30 times faster

1. Type "about:config" into the address bar and hit return. Scroll
down and look for the following entries:


Normally the browser will make one request to a web page at a time.
When you enable pipelining it will make several at once, which really
speeds up page loading.

2. Alter the entries as follows:

Set "network.http.pipelining" to "true"

Set "network.http.proxy.pipelining" to "true"

Set "network.http.pipelining.maxrequests" to some number like 30 (mine is set to 100..hehehe). This means it will make 30 requests at once.

3. Lastly right-click anywhere and select New-> Integer.
Name it "nglayout.initialpaint.delay" and set its value to "0".
This value is the amount of time the browser waits before it acts on information it recieves.

If you're using a brodband connection you'll load pages 2-30 times faster now.

Orignally posted at: Halomods

Saturday, December 10, 2005

Ravi's Top 10 Linux Ubuntu Sites

I'm a Linux SUSE user, but somehow I also use Ubuntu a lot of times on my other machines... you may ask why I haven't migrate totally to SUSE? Well, Ubuntu is such a great distribution and I myself also recommends this distro to friends. I like SUSE because of its almost perfect integration to KDE, but when it comes to GNOME, Ubuntu has done a very good job, is very easy to use and stable.. I've been visiting several help sites for Ubuntu and below is a list originally collected at All About Linux Blog. I totally agree with Ravi that these sites are great Ubuntu help sites...

1) - This is the official site of Ubuntu Linux. All Ubuntu enthusiasts should make this the starting point of their journey towards embracing Ubuntu. On this site, you can get the latest official news related to this project, place orders for your free Ubuntu Cd's and search or browse for a particular package for your version of Ubuntu among other things.

2) - This is the official documentation site for Ubuntu Linux developed and maintained by the Ubuntu documentation project. This is the first place any Ubuntu user must go to get his problem solved. While you are here, do not forget to visit the FAQ Section on this site.

3) - This is a part of the official Ubuntu project and as you can see is a wiki. A wiki can be edited by anybody a good example of a wiki being the wikipedia project. On the Ubuntu wiki, you can get a wealth of information about configuring this distribution. First time visitors to this site may be interested in checking the Help Contents page. A section which is specially interesting is the Restricted Formats section which gives tips on getting support for proprietary file formats in Ubuntu.

4) - This is a high traffic web forum where you can post queries you have and get your doubts clarified. You need to first register to post in this forum. But just searching this forum will throw up a wealth of information a.k.a the issues that others faced and the solutions to these issues.

5) - This guide is not affiliated with the official Ubuntu project but claims to be an unofficial FAQ where you can find solutions to getting your problems solved in Ubuntu. This site takes a How-To approach in giving the answers. Though recently, this site has become a bit outdated as I ran into some problem while configuring Ubuntu Breezy according to their directions. Nevertheless a very good site.

6) - This is a site which hosts the documentation for all flavours of Ubuntu. This site is maintained by the guys themselves and contains information in a more structured format. One page which might interest the Ubuntu users while on this site could be the Hardware Compatibility Guide.

7) Ubuntu Blog - This is a very good blog maintained by a Ubuntu enthusiast and as the name of the blog indicates, exclusively caters to all things related to the Ubuntu distribution. Here you can get latest news, links to popular sites and experiences of the blog author in getting things done in Ubuntu Linux.

8) - This site claims to be an information hub for the Ubuntu community bringing together news, grassroots marketing, advocacy, team collaboration, and great original content. This is a site you can enter in your watch list if you are interested in knowing about the happenings in the Ubuntu world.

Automate all the Ubuntu housekeeping tasks
The next two sites list scripts which can be downloaded and used on your system to get support for a lot of proprietary features in Ubuntu without any (or very little ) user intervention.

9) Automatix - This is a script which can be used to get mp3, wmv, quick time, encrypted DVD support and more on Ubuntu and all this as the name indicates rather automatically. All the user has to do is run the script. Unfortunately, this project is not supported any longer but the users can still download the script and use it.

10) Easy Breezy - On this site you can get another script which helps in automating the tasks of getting proprietary file support in Ubuntu Breezy v5.10. The author claims it to be a safer alternative to another well known project.

Wednesday, December 07, 2005

How to Share Internet Connection in Ubuntu and Debian

Note: Type all the following commands in a root terminal, DO NOT use sudo.

1. Start by configuring the network card that interfaces to the other computers on you network:

# ifconfig ethX ip

where ethX is the network card and ip is your desired server ip address (Usually is used)

2. Then configure the NAT as follows:

# iptables -t nat -A POSTROUTING -o ethX -j MASQUERADE

where ethX is the network card that the Internet is coming from

# echo 1 > /proc/sys/net/ipv4/ip_forward

3. Install dnsmasq and ipmasq using apt-get:

# apt-get install dnsmasq ipmasq

4. Restart dnsmasq:

# /etc/init.d/dnsmasq restart

5. Reconfigure ipmasq to start after networking has been started:

# dpkg-reconfigure ipmasq

6. Repeat steps 1 and 2.

7. Reboot. (Optional)

Tuesday, December 06, 2005

Scary truth about Google: And then there were four

Google is one of about four search engines that matter. There are many more than four engines, but only about four have the technology to crawl much of the web on a regular basis. As of July 2003, Yahoo owned Overture, Alltheweb, AltaVista, and Inktomi, and finally dumped Google in February 2004. Everything needed to turn Yahoo into a major search engine was now under Yahoo's roof.

It is still possible that Yahoo will shoot themselves in the foot with all of this firepower -- their desire to monetize everything appears to be high on their agenda. But so far, after only a year, Yahoo has shown that their main index search results are on a par with Google's. This is true despite the fact that Yahoo has has infiltrated some pay-per-click links into the main index. One reason for Yahoo's success is that Google's main index, though free from paid results, has declined considerably since early 2003. Amazingly, there is on average only a 20 percent overlap between Yahoo's first 100 results and Google's first 100 results for the same search -- and still, Yahoo is just as good as Google. These days there is so little room at the top of the search results heap, that any combination of algorithms will produce acceptable results. The main difference now is in the depth of the crawl.

Microsoft recently developed their own engine because they found themselves squeezed between the advertising engine of Overture and the search engine Inktomi -- both of which became Yahoo property. In 2003 Microsoft began experimenting with their own crawler. Their new engine was launched in early 2005. If Microsoft puts their greed on a back burner for a few years, by doing deep crawls and presenting a clean interface, they could do to Google what they did to Netscape. There is no "secret sauce" at Google -- we now believe it was all hype from the very beginning. (To the extent that there ever was a secret sauce, the recipe is now known by countless ecommerce spammers, which makes it a liability rather than an asset.) Thousands of engineers in hundreds of companies know how to design search engines. The only real questions are whether you can commit the resources for a deep, consistent crawl of the web, and how aggressively you want to use your search engine to make money.

That gives us Google, Yahoo, and Microsoft. The last one worth watching is Teoma/AskJeeves. Their search technology is good, and they seem serious about expanding their crawl. It remains to be seen how deeply and consistently they will be able to crawl websites with thousands of pages.

Google is easily top dog. They provide about 75 percent of the external referrals for most websites. There is no point in putting up a website apart from Google. It's do or die with Google. If we're all very lucky, one of the other three will soon offer some serious competition. If we're not lucky, we will be uploading our websites to Google's servers by then, much like the bloggers do at (which was bought by Google in 2003). It would mean the end of the web as we know it.

It is worthwhile to understand the pressures that the average, independent webmaster is under. And given that Google is so dominant, it's important to understand the pressures that are being brought to bear on Google, Inc. It does not take too much imagination to recognize that there's a struggle going on for the soul of the web, and the focal point of this struggle is Google itself.

At one level, it's a struggle for advertising revenue. The pundits look at only this level, and are unanimous that the only advertising model on the web with any sort of future is one where little ads appear after being triggered by keyword searches, or by the non-ad content of a web page. For example, a search for Google Watch may show some ads on the right side of the screen for wrist watches. While the technique doesn't work for this example, often it serves its purpose. There is only so much pixeled real estate that the average user can be expected to survey for a given search. Today up to half of each screen is dedicated to paid ads on Google, as compared to the ad-free original Google. Everyone wants a piece of this new wave in web advertising, and Google is making a lot of money.

Unfortunately, early evidence suggests that Yahoo is less interested in pure search algorithms, than in acquiring market share in a pay-for-placement and/or pay-for-inclusion revenue stream. The same may be true for Microsoft. Even Google, dazzled by the sudden income from advertising, must be wondering why they go to all that trouble and expense to crawl the noncommercial sector. Those public-sector sites, such as the org, edu and gov domains, do not provide direct income, even though the web would be unattractive without them. All the excitement over a revived online ad market, pushed by pundits hoping for another dot-com gold rush, is beginning to look like the days when AltaVista decided that portals were the Next Big Thing. That notion caused AltaVista to lose interest in improving their crawling and searching -- which is how Google succeeded in the first place.

There has been almost no interest in establishing search engines that specialize in public-sector websites. Where is the Library of Congress? Where are the millions of dollars doled out by the Ford Foundation? How about the United Nations? Why can't some enlightened European entity pick up the slack? Everyone is asleep, while the Internet is getting spammed to death.

At another level, it's a struggle over who will have the predominant influence over the massive amounts of user data that Google collects. In the past, discussions about privacy issues and the web have been about consumer protection. That continues to be of interest, but since 9/11 there is a new threat to privacy -- the federal government. Google has not shown any inclination to declare for the rights of its users across the globe, as opposed to the rights of the spies in Washington who would love to have access to Google's user data.

Much of the struggle at this new level is unarticulated. For one thing, the spies in Washington don't talk about it. Congress has given them new powers, without debating the issues. Google, Inc. itself never comments about things that matter. The struggle recognized by Google Watch has to do with the clash of real forces, but right now all we can say is that potentially this struggle could manifest itself in Google's boardroom.

The privacy struggle, which includes both the old issue of consumer protection and this new issue of government surveillance, means that the question of how Google treats the data it collects from users becomes critical. Given that Google is so central to the web, whatever attitude it takes toward privacy has massive implications for the rest of the web in general, and for other search engines in particular.

Call it class warfare, if you like. Because that brings up the other major gripe that Google Watch has with Google. That's the PageRank problem -- the fact that Google's primary ranking algorithm has less to do with the quality of web pages, than it has to do with the "power popularity" of web pages. Their approach to ranking is anti-democratic, in that already-powerful pages are mathematically granted extra power to anoint other pages as powerful.

It's not that we believe Google is evil. What we believe is that Google, Inc. is at a fork in the road, and they have some big decisions to make. This Google Watch site is trying to articulate and publicize the situation at Google, and encourage more scrutiny of their operations. By doing this, we hope to play a small part in maintaining the web as an information tool that is more useful for the masses, than it is for the elites.

That's why we and over 500 others nominated Google for a Big Brother award in 2003. The nine points we raised in connection with this nomination necessarily focused on privacy issues:

1. Google's immortal cookie:
Google was the first search engine to use a cookie that expires in 2038. This was at a time when federal websites were prohibited from using persistent cookies altogether. Now it's years later, and immortal cookies are commonplace among search engines; Google set the standard because no one bothered to challenge them. This cookie places a unique ID number on your hard disk. Anytime you land on a Google page, you get a Google cookie if you don't already have one. If you have one, they read and record your unique ID number.

2. Google records everything they can:
For all searches they record the cookie ID, your Internet IP address, the time and date, your search terms, and your browser configuration. Increasingly, Google is customizing results based on your IP number. This is referred to in the industry as "IP delivery based on geolocation."

3. Google retains all data indefinitely:

Google has no data retention policies. There is evidence that they are able to easily access all the user information they collect and save.

4. Google won't say why they need this data:
Inquiries to Google about their privacy policies are ignored. When the New York Times (2002-11-28) asked Sergey Brin about whether Google ever gets subpoenaed for this information, he had no comment.

5. Google hires spooks:
Matt Cutts, a key Google engineer, used to work for the National Security Agency. Google wants to hire more people with security clearances, so that they can peddle their corporate assets to the spooks in Washington.

6. Google's toolbar is spyware:
With the advanced features enabled, Google's free toolbar for Explorer phones home with every page you surf, and yes, it reads your cookie too. Their privacy policy confesses this, but that's only because Alexa lost a class-action lawsuit when their toolbar did the same thing, and their privacy policy failed to explain this. Worse yet, Google's toolbar updates to new versions quietly, and without asking. This means that if you have the toolbar installed, Google essentially has complete access to your hard disk every time you connect to Google (which is many times a day). Most software vendors, and even Microsoft, ask if you'd like an updated version. But not Google. Any software that updates automatically presents a massive security risk.

7. Google's cache copy is illegal:
Judging from Ninth Circuit precedent on the application of U.S. copyright laws to the Internet, Google's cache copy appears to be illegal. The only way a webmaster can avoid having his site cached on Google is to put a "noarchive" meta in the header of every page on his site. Surfers like the cache, but webmasters don't. Many webmasters have deleted questionable material from their sites, only to discover later that the problem pages live merrily on in Google's cache. The cache copy should be "opt-in" for webmasters, not "opt-out."

8. Google is not your friend:
By now Google enjoys a 75 percent monopoly for all external referrals to most websites. Webmasters cannot avoid seeking Google's approval these days, assuming they want to increase traffic to their site. If they try to take advantage of some of the known weaknesses in Google's semi-secret algorithms, they may find themselves penalized by Google, and their traffic disappears. There are no detailed, published standards issued by Google, and there is no appeal process for penalized sites. Google is completely unaccountable. Most of the time Google doesn't even answer email from webmasters.

9. Google is a privacy time bomb:
With 200 million searches per day, most from outside the U.S., Google amounts to a privacy disaster waiting to happen. Those newly-commissioned data-mining bureaucrats in Washington can only dream about the sort of slick efficiency that Google has already achieved.

Originally posted at:

Thursday, December 01, 2005

Share Windows XP Printer to Linux Machines

All my machines in my network are already running Linux, Ubuntu 5.10 and OpenSUSE 10.0 are my distros of choice. Only one machine is running Windows XP because of custom Visual Basic Programs, and this Windows machine also serves as our Print Server. In this mini-How-To, I'll discuss how to share a Printer in Windows XP to Linux machines particularly Ubuntu 5.10 and OpenSUSE 10.0. We will use the graphical interface of Ubuntu (GNOME) and SUSE (KDE) to set up the printer.. no command lines.. promise.. =)

The Windows XP Machine (The Print Server)

  1. Install your printer.
  2. Open your Control Panel, then open your "Add or Remove Programs"
  3. Click on "Add/Remove Windows Components" located on the left side of the dialog box
  4. Put a check on "Other Netwrok File and Print Services" then click "Details" make sure that the "Print Services for Unix" is selected. (you may need your XP CD and a reboot)
  5. Open "Printer and Faxes" then right click on your printer then "Share", give your printer a share name that is short and with no special characters or spaces (ex. "HP940c" quotations not inclucded). This Share Name would later be used as the Print Queue on your Linux machine.
  6. The Windows Firewall may block Linux machines from printing, turn off your firewall for the meantime.. we will turn it back on later.
  7. Make sure that your Windows' IP number is Static.
The Ubuntu 5.10 Machine (Print Client)
  1. From the panel (default is on top) open System>Administration>Printing
  2. Click on "New Printer"
  3. Select "Network Printer" then use "Unix Printing LPD"
  4. Type on the "Host" Field the IP number of your Windows Print Server (ex.
  5. Type on the "Queue" field the Share Name of the printer, in our example we used "HP940c" (quotations not included)
  6. Click "Forward" then select the manufacturer and model of your printer from the list. Then click "Apply".
  7. Your new printer will now appear in the dialog box. Print a test page to make sure that the paper settings and print out mode are in the right settings..
  8. That's all... =)
The SUSE 10.0 Machine (Print Client)
  1. Open the "YaST Control Center" (you need root access)
  2. Select "Hardware" from the choices on the left
  3. Under Hardware, click "Printer"
  4. Under Printer, click "Add", if it asks you for a new Queue, just click "No" (this will happen if you have an exisiting installed printer)
  5. Under Printer Type, select "Print Directly to a Netwrok Printer" then click next.
  6. on the next dialog, choose "Remote LPD Queue" then click next.
  7. Type on the "Hostname of Print Server" Field the IP number of your Windows Print Server (ex.
  8. Type on the "Remote Queue Name" field the Share Name of the printer, in our example we used "HP940c" (quotations not included) then click next.
  9. For "Queue Name and Spooler Settings" put the "Queue Name" or Share Name of the printer that you used under "Name for Printing"... you may leave the other fields blank. Then click next.
  10. Now choose the proper Manufacturer and Model of your printer. click next.
  11. Accept all the changes, then you may try to print a test page..
  12. That's all... =)

Back to the Firewall

At this point, you should have already succesfully installed your printer and have printed a test page. Now, we will turn back on the Firewall of your Windows XP machine (this is a necessity because Windows has very poor security).

  1. Turn back on your personal firewall in your Windows XP.
  2. Now, print a test page from your Linux machine... the printing would fail because it was blocked by the firewall.. but that's ok.. will fix that..
  3. Locate your firewall log file by opening the Firewall Settings, then under Advance tab click on the Settings of Security Logging and there you will find the location and filename of your firewall log file..
  4. Open the firewall log file using Notepad and look for the Port number to which the printing was blocked.. this port number is between 500 to 700.
  5. After determining the port number, go back to the Firewall Settings and under the Exceptions tab, click "Add Port".
  6. Now, just enter the port number which was blobked previously by the firewall then select "TCP", give it a nice name like "Netwrok Printing".. and you're all set..
  7. Try again to print again a test page, you should have no more trouble printing..
Enjoy... =)

Copyright Notice:

Copyright (C) 2005 Gerald Cortez
Verbatim copying and distribution of this article is permitted in any medium, provided this copyright notice is preserved.

Sunday, November 27, 2005

10 Things that make Ubuntu a Neophyte's Distribution

Ubuntu is fast on its way to becoming a peoples OS. I have always wondered what is it that makes people embrace Ubuntu over other Linux distributions. After some pondering, it struck me that the USP (Unique Selling Point) of Ubuntu is its user friendliness. Ubuntu is a distribution targeted at the non-techie crowd - those that want to get their job done and not spend time tinkering with the OS. And consequently, the developers at Ubuntu have bundled simple easy to use GUI front end tools to achieve common system administration tasks. Here I have put together 10 things in Ubuntu that make a new user's life that much simple. . read the full article...

Thursday, November 10, 2005

Windows Software Equivalents, Replacements, and Analogs in Linux

One of the biggest difficulties in migrating from Windows to Linux is the lack of knowledge about comparable software. Newbies usually search for Linux analogs of Windows software, and advanced Linux-users cannot answer their questions since they often don't know too much about Windows :). This list of Linux equivalents / replacements / analogs of Windows software is based on our own experience and on the information obtained from the visitors of this page (thanks!).

To see the full list of software click here.

Sunday, November 06, 2005

A Simple Website Hacking using Linux and Konqueror

I want this article to be real simple so that new Linux users (KDE based) would have fun exploring the power of Linux and its browser Konqueror. This tutorial will show you how to access restricted websites, password protected websites, or members' only area by changing the "USER AGENT" of Konqueror into GoogleBot 2.1.


Konqueror is the default browser of KDE based Linux. Some Linux Distribution that uses KDE and Konqueror are SUSE, Mandriva, and Kubuntu. Konqueror is a very flexible browser and yes, very powerful too.

User Agent

Almost every internet browser has the capability to adjust the user agent. A user agent is the client application used with a particular network protocol; the phrase is most commonly used in reference to those which access the World Wide Web. Web user agents range from web browsers to search engine crawlers ("spiders"), as well as screen readers and braille browsers used by people with disabilities.

When Internet users visit a web site, a text string is generally sent to identify the user agent to the server. This forms part of the HTTP request, prefixed with User-agent: or User-Agent: and typically includes information such as the application name, version, host operating system, and language. Bots, such as web crawlers, often also include a URL and/or e-mail address so that the webmaster can contact the operator of the bot. The user-agent string is one of the criteria by which crawlers can be excluded from certain pages or parts of a website using the "Robots Exclusion Standard" (robots.txt). This allows webmasters who feel that certain parts of their website should not be included in the data gathered by a particular crawler, or that a particular crawler is using up too much bandwidth, to request that crawler not to visit those pages.

How To Change the User Agent

Simply open Konqueror, and from "TOOLS>Change Browser Identification>Other" and set it to "Googlebot 2.1".

The Application

In order for you to understand how this really works, follow this steps as an example:
1) go to you will NOT see the FULL article because only members may read the full article.
2) Change the User Agent of Konqueror to Googlebot/2.1
3) Go back to the same page and reload/refresh it and you can read the full article.

Saturday, October 29, 2005

Hacking OpenSUSE

Eversince I've used my first Linux (Mandrake 9.2) I never wanted to go back to Windows. And in pursuit of finding the best Linux Distro, I find some time to install the latest OpenSUSE 10.0. I donwloaded the 5 CD ISO, burn to CD and install. Since I have many Workstations and only got 2 CD-ROMS to swap around, I tried looking for a way such that after installing OpenSUSE 10.0, I will no longer need any CDs if I want to add other packages. And here I found an article by Jem Mantzan about how to maximize your user experience in SUSE.

When you’re done installing OpenSUSE 10.0, your desktop system is not complete. You still need support for Java programs, MP3 audio files, and browser plugins for Macromedia Flash, Adobe Acrobat, RealPlayer, and Windows Media Video. You may also want to add support for playing DVD videos on your computer. Here’s how to effectively make the open source version of OpenSUSE 10.0 into SUSE Linux 10.0.

OpenSUSE is comprised entirely of free, open source software. What you will be doing in this tutorial is installing proprietary add-ons that add functionality. All of the browser plugins are proprietary and will require you to agree to software licenses. The DVD playback capabilities are in violation of the U.S. Digital Millennium Copyright Act (and similar laws in other countries), which many believe to be unconstitutional and a violation of consumer fair use rights. Click here for more information on DMCA reform. In other words, installing the DVD decoding software could be illegal where you live; therefore I’m not telling you to do it, but I’ll tell you how it’s done for educational and informational purposes.

Adding sources to YaST

First you’ll need to add some software repositories to your YaST installation sources list. Go into the YaST utility by clicking on the green Gecko menu in the lower left corner of your screen. Select System, then click on Control Center (YaST). You’ll be prompted for your root password. Go ahead and type it in, check the box next to Keep Password, and click OK.

You’re now in YaST, and the Software category is already selected by default. Click on the Installation Source icon. This will bring up a window that will allow you to add software repositories so that you can download the add-on software. You’ll notice that your CD or DVD installation media is already listed. Go ahead and disable it by clicking the Enable Or Disable button — we’re going to add an Internet address that will replace your discs. That way if you need to add software from the CDs or DVD, you can get the packages from the Internet instead of putting a disc into your computer. If you need to, you can just as easily enable the CD/DVD source later.

Click the Add button, then click on HTTP in the popup menu. Add the following Internet address to the Server Name field and then click on OK:

Now repeat this process and add the following servers to your installation sources using the FTP option instead of HTTP:


Without adding the preceding sources, it will not be possible to follow the next three steps. You can now close the Installation Source window.

Installing Thunderbird

OpenSUSE 10.0 doesn’t come with Mozilla Thunderbird. If you’re a Thunderbird fan, rather than download it separately, why not install it properly through YaST?

Go back to YaST, then select Package Management. In the Search box, type in MozillaThunderbird and click on Search. Click on the MozillaThunderbird checkbox in the right-hand pane, then click on Accept. When it’s done, click on Finish to go back to YaST.

Java support

To add support for the Java language both for standalone applications and as a browser plugin for Web applets, go into YaST, then select Package Management. In the Search box, type in sun and click Search. A bunch of packages will show up in the right-hand pane. Click the checkbox next to the following packages:

  • java-1_5_0-sun
  • java-1_5_0-sun-alsa
  • java-1_5_0-sun-jdbc
  • java-1_5_0-sun-plugin

There is no harm in selecting all of the java-1_5_0-sun packages (you’ll notice that there are a few more that weren’t selected), but they are not necessary for running Java programs. If you’re a Java programmer, of course you’ll want at least some of the other packages. When you’re done selecting them, click on Accept. When it’s done installing, click on Finish in the popup window to go back to YaST. Your computer will now be able to run Java programs and applets.

Flash, Acrobat, Windows Media, MP3, and RealMedia support

Go back into the YaST software manager. In the Search box, type in w32codec-all and click on Search. A single package should appear in the right-hand pane. Click the checkbox next to it.

Erase your previous search term in the Search box, type in acroread and click on Search. Click the checkbox next to the acroread package in the right-hand pane. You’ll have to accept a software license agreement to continue.

Now search for flash and click Search. Select that package for installation by clicking its checkbox and agreeing to its license.

Search for realplayer and click Search. Click its checkbox. You only need the RealPlayer package itself — the other search results are not necessary.

Search for mplayer and click Search. Click its checkbox. You don’t need the other package that appears in the search results.

Search for kaffeine-mozilla and click Search. Click its checkbox.

When you’ve done all of this, click on Accept. Other packages will be dependent on some of these, so you’ll have to click Continue in the Automatic Changes screen that comes up. After that, all of the packages you just selected will be installed and your Firefox Web browser will have all of the plugins it needs. You’ll also have the ability to play MP3 music files. A popup window will appear when it’s done — just click on Finish and you’ll be brought back to YaST.

DVD playback

I couldn’t find any SUSE installation sources for the DVD decoding program, so you’ll have to download it on your own. Go to your Gecko menu, then select Internet, then Web Browser, then click on Web Browser (Konqueror). When Konqueror opens, copy and paste in this address:

Or just click here if you want a link. Konqueror will ask you what you want to do with the file. You could save it to your Desktop, then double-click it to install it, but an easier way is to select the Open With button. That will bring up a popup window. In that window, click on System, then Configuration, then Package Manager (KPackage). (If you do not have KPackage installed, go back to the YaST software manager and install the kdeadmin3 package, then restart this process.) The KPackage program will read the DVD decoding package from the Web. Click on the Install button at the bottom of the KPackage window, then click on Install in the next window too. You will be asked for your root password; type it in and press Enter. Shortly thereafter, the DVD decoding library will be installed. Click on the Done button, then close KPackage and Konqueror.

Next you’ll have to modify the video player so that it will play DVDs. While it originally had this functionality built in, Novell has removed it to make life more difficult for people who want to watch DVDs on their computer.

Go into YaST and select Software Management. The familiar package selection screen will come up. In the Search box, type in xine and then click Search. About two dozen entries will appear in the right-hand pane. Right-click on all of the blue-colored packages (there should be at least two) and select Update from the drop-down menu. Click on Accept when you’re done, and then click on Continue in the ensuing Automatic Changes screen. The updated software will now download and install properly. When it’s finished, a popup window will ask you if you’d like to install more software. Click on Finish and you’ll be brought back to YaST’s software manager.

You now have the ability to play commercial DVD movies on your computer — put one in and try it, if it’s legal where you are. A popup message should appear when you put in a DVD movie. If it asks you if you want to play the movie with Kaffeine, click on Yes and you’ll go straight to the video player. In some instances the disc may be recognized as a data disc, and SUSE will ask you if you want to open the DVD with K3b. In that case, click on Ignore, then go to the Gecko menu, select Multimedia, then Video Player, then click on Media Player (Kaffeine). When Kaffeine starts, click on the Open DVD icon.

Tuesday, October 18, 2005

Using JavaScript to Rotate Google Adsense and YPN ContentMatch Ads

By: Amr Awadallah

I wanted to test the performance of Adsense versus YPN-Content match on my site, so I wrote this little javascript wrapper to rotate both ad formats, 50% of the time for Google Adsense and 50% of the time for Yahoo-YPN-ContentMatch.

Feel free to use it, but note that you need to paste your ads in the correct places as demonstrated below. Just copy the javascript code for adsense and ypn ads and put them in the googlead and the yahooad variables, respectively. But make sure to make these changes to the javascript ads:

  1. replace all " with \"
  2. end each line with \n
  3. replace /script with \/script

<script type="text/javascript">

var i = Math.random()
var googlead = PASTE ADSENSE AD HERE
if (i < 0.5)


This is an example of how to paste your ad javascripts correctly into the googlead and yahooad variables (do not use these as is, otherwise you will end up sending me money Image ):

var googlead = "
<script type=\"text/javascript\"><!--\n
google_ad_client = \"pub-1023215734600446\";\n
google_ad_width = 728;\n
google_ad_height = 90;\n
google_ad_format = \"728x90_as\";\n
google_ad_type = \"text\";\n
google_ad_channel =\"3618420306\";\n
google_color_border = \"CCCCCC\";\n
google_color_bg = \"FFFFFF\";\n
google_color_link = \"000000\";\n
google_color_url = \"666666\";\n
google_color_text = \"333333\";\n
<script type=\"text/javascript\"\n

var yahooad = "
<script language=\"JavaScript\">\n
<!--\nctxt_ad_partner = '2432839150';\n
ctxt_ad_section = '1181';\n
ctxt_ad_bg = '';\n
ctxt_ad_width = 728;\n
ctxt_ad_height = 90;\n
ctxt_ad_bc = 'A1A5A9';\n
ctxt_ad_cc = 'FFFFFF';\n
ctxt_ad_lc = '0000DE';\n
ctxt_ad_tc = '737374';\n
ctxt_ad_uc = '439341';\n
// -->\n
<script language=\"JavaScript\"\n

Sunday, October 16, 2005


By: Robert Storey

Ubuntu LinuxUbuntu has stormed the Linux distribution scene like no other project before. Although barely a year old, it has already succeeded in attracting thousands of satisfied users ranging from absolute Linux beginners to seasoned UNIX administrators. What are the secrets of this tremendous success? A quality product combined with friendly community resources and clearly stated objectives. Robert Storey, no longer able to resist the forces of humanity, set out to investigate this new king of Linux distributions.

Greatest Hits

Don't look back; something might be gaining on you.
- Satchel Paige, baseball player

The first release of Ubuntu Linux (version 4.10) occurred on 2004/10/20, and life hasn't been the same since. Unless you've been living under a rock in Antarctica, then surely you've heard of Ubuntu, which now tops the charts on the DistroWatch greatest hits list.

I must confess that I was caught off guard by the overnight success of Ubuntu, and thus neglected to review it (or even download it) when it first arrived on the servers. However, it's just as well that I didn't bother, because for the past year, not a week has gone by without somebody writing an Ubuntu review and posting it to one (or all) of the popular geek web sites. Indeed, it's become something of a joke that the only things you can't avoid in life are death, taxes and Ubuntu reviews.

The first anniversary of Ubuntu has just passed, and as of last week, the world has once again been treated to a new release (version 5.10), code-named Breezy Badger. Unable to avoid the onslaught of the Ubuntu steamroller, I have decided to at last concede defeat. I downloaded the CD, installed it, hacked it, contemplated it, meditated over it for a whole weekend, and now it's time for me to share my thoughts about this operating system with the rest of the world.

Money Talks

Ubuntu is Debian-based, a fact which warms my heart because I've been a Debian fan since the time of The Ark. There was a time when Debianistas were regarded as a small and mysterious cult, admired as "quaint" but doomed to extinction because (as everyone knew) RPM-based distros were destined to rule the universe.

Fast forward a few years, and the Linux world looks very different. Debian-based distros have experienced a renaissance which more or less began with the release of Knoppix in 2003. In the beginning Knoppix was just a live CD, but once it acquired a decent installation program, developers swiftly jumped on the bandwagon and hardly a week went by without yet another "Knoppix knock-off" being released.

Needless to say, not all of these distros have been successful - many disappeared soon after version 0.1-alpha was announced. Fortunately, some of the better ones have endured. Debian is clearly on a roll, which raises the question - why choose Ubuntu? What does it offer that the rest of the Debian family doesn't?

The answer to this mystery appears to have as much to do with marketing as technical excellence. Like some of its commercial competitors, Ubuntu is available on a two-CD set enclosed in a slick-looking cardboard case. Unlike commercial distros, Ubuntu is considerably cheaper with a price tag of US$0.00, shipping included. Furthermore, if you request one set, you'll probably receive 10 with instructions to hand out the other nine to friends and enemies alike. Of course, CDs sent by snail mail take time to arrive, so if you want Ubuntu fast the simple solution is to download it. In fact, if you can forego the sophisticated look and feel of the packaged CDs, downloading is the socially responsible thing to do since somebody does in fact pay for those CDs.

The "somebody" in this case is South African multi-millionaire, Mark Shuttleworth, who generously donated US$10 million to create the Ubuntu Foundation. The foundation's philosophy is that Ubuntu is free and will always be free. Furthermore, it is released under the GPL, meaning that if ever it somehow becomes unfree, anybody can grab the source code and morph it into a new operating system with no need to pay royalties.

Can't We Just Get Along?

For those new to the world of Debian, a little bit of background is required to understand The Big ControversyTM that has erupted over Ubuntu's existence. Debian's great claim to fame has always been APT (Advanced Package Tool), which makes installing, removing and updating software a breeze. This is no small feat because Debian is the biggest of all distros, with over 15,000 packages in its repository. Juggling so much software is the work of about 1000 developers, most of whom are under-praised and unpaid for their monumental efforts.

To make this massive project manageable, Debian is segregated into three releases - stable (currently nicknamed Sarge), testing and unstable (nicknamed Sid for the mentally "unstable" kid in the movie Toy Story). Not surprisingly, all the latest and greatest software is found in the unstable branch. Therefore, the most up-to-date Debian-based distros tend to be based on Sid.

Despite the name, unstable does not mean that the operating system or its applications are likely to crash. However, it does mean that the package collection constantly changes. New packages are added and old ones are kicked out on a daily basis. The best way to think of unstable is that it's a moving target. This can cause problems when you go to install new software - thus, distros based on unstable can suffer from "package breakage", a serious disease that can lead to hair loss (as well as a smashed computer monitor).

To solve this problem, once every six months Ubuntu syncs with Debian's unstable package collection, but then goes its separate way. Thus, as time passes, the two distros get out of sync. This has some people concerned, among them, Ian Murdock, Debian's founder. In an interview at, Ian pulled no punches:

"If anything, Ubuntu's popularity is a net negative for Debian. It's diverged so far from Sarge that packages built for Ubuntu often don't work on Sarge. And given the momentum behind Ubuntu, more and more packages are being built like this. The result is a potential compatibility nightmare."

Ian's main concern is that Ubuntu is not truly Debian compatible, and that development efforts are being sapped as everyone concentrates on Ubuntu. Contributing to the controversy is the fact that Ubuntu is not a member of the Debian Common Core (DCC) Alliance. In the true tradition of online discourse, this has generated some significant flame wars.

Going Live

As someone once said, politics is the world's second oldest profession. So let us now leave the political flame-fest behind and get down to what really matters, Ubuntu's technical prowess.

I've already mentioned that Ubuntu comes as a two-CD set, but actually that is a little misleading. There are two CDs in the spiffy cardboard package, but you don't really need both. One is a live CD which allows you to boot up and run Ubuntu without installing it to the hard drive. The other CD is for installation only.

I fired up the live CD to see what it could do. Most users will probably find it works as expected, but I found it to be a little bit awkward. Not bad, just not aesthetic. Booting the CD brings up what appears to be a text-mode installation program. You have to answer a few questions and then there is a lengthy wait while Ubuntu does hardware detection and configuration. Eventually, you will be presented with a brownish GNOME-based graphical desktop. I was slightly disappointed to see that the live CD did not automatically recognize the computer's hard drive, but I was able to mount it manually. Mounting the hard drive may not be important to you, but it would be crucial if you were trying to rescue data (one of the best uses of a live CD). Rescuers will probably be somewhat dismayed to discover that logging on as user root is not allowed (fortunately, buried in the menus is the ability to open a root window).

Aesthetics aside, the Ubuntu live CD works OK as a demo. You can use it to show off for your friends, test your hardware compatibility before installing, or to perform emergency surgery on a crippled hard drive.

Taking the Plunge

Ubuntu gets a lot more interesting when you actually install it. The installer is a slightly modified version of Debian's, and is ncurses-based (that is, text-mode with menus) rather than graphical. Although some users seem perturbed that there are no fancy graphics, the whole installation procedure is really very simple and even greenest of newbies should have little problem with it.

Although not required, you'll get far more mileage out of the installer if your computer is plugged into the Internet (preferably broadband). Ubuntu will attempt to use DHCP to find the network, but if you're not connected to a router or DHCP server you'll be given the chance to type in network parameters (necessary if you want to connect via pppoe or dial-up). Once the network is found, considerable additional software will be downloaded and installed. The only drawback to all this is that it can take quite a while, and if your network connection is slow or the servers are very busy, installing Ubuntu could occupy several hours. This is why you might consider downloading the DVD edition.

An issue that has produced much comment (and the requisite flame wars) is that Ubuntu randomly chooses a password for root, and you will have no way of knowing what it is. Therefore, unless you make an incredibly lucky guess, you will not initially be able to log on as root. This sounds disastrous, but really isn't. What actually happens is that the installer requires you to create one user, and that (first) user will automatically be given membership in the exclusive admin group. This user will then have almost as many privileges as root, including the ability to change the root password. Thus, without ever knowing the original root password, you'll be able to change it to your liking and then you can log in as root. Presumably, this convoluted process is to prevent inexperienced newbies from logging in as root and running amuck, gleefully trashing the file system with commands like "rm -fr *".

The exact procedure to change the root password: click System --> Administration --> Users and Groups, and then click Show all users and groups. Then choose root and click Properties.

As an alternative, you can open up an xterm and type:

sudo passwd root

Although not required, it might not be a bad idea to give your privileged first user a special name - I chose the name "big-cheese". You can later create at least one other user who will lack admin privileges. Although the Ubuntu FAQ assures us that it is safe to be surfing the Internet as big-cheese, I don't get a warm and fuzzy feeling doing this. One of the first laws of network security is to keep user privileges to a minimum.

Upgrading to Breezy Badger

If you've already installed a previous version of Ubuntu and now want to update to Breezy Badger, there is no need to start from scratch. In the true Debian tradition, updating is dead easy.

If you're updating from a Breezy Badger beta or release candidate, all you've to do (as root) is open an xterm and type:

apt-get update
apt-get upgrade

If you're upgrading from Hoary Hedgehog to Breezy Badger, the process is just a little more complicated. First edit file /etc/apt/sources.list and change all occurrences of the word "hoary" to "breezy". If you're updating from a beta or RC version, you will probably also have to comment out the first line in /etc/apt/sources.list which refers to the cdrom - it should look something like this:

deb cdrom:[Ubuntu 5.10 _Breezy Badger_
- Release Candidate i386 (20051005)]/ breezy main restricted

Commenting out the above line means that Ubuntu will no longer nag you to insert a CD into the drive - it will go directly to the Internet in search of packages. Thus, with your /etc/apt/sources.list properly altered, you can now run these commands:

apt-get update
apt-get dist-upgrade

It should be noted that upgrading can take quite a long time. Just how long depends on the number of packages that need upgrading, and the speed of your Internet connection. It definitely helps to have broadband, but even then be prepared to let your machine run overnight.

Updating and Installing Software

Even if you've installed from scratch, don't be surprised when the very first time you log in, a message will pop up informing you that updates are available. To perform the required magic, you will need to log in as the privileged user (big-cheese?), and then run the Ubuntu Update Manager. Just follow the menus, as so:

System --> Administration --> Ubuntu Update Manager

Packages are being added and updated all the time, so you will no doubt be seeing new messages every few days admonishing you to update again. Although that may get wearisome, it is in fact a good idea to keep your package collection up-to-date for security reasons and to stamp out bugs.

Ubuntu also includes Synaptic, the famous user-friendly GUI package manager. It's so easy to install/remove software with this tool that I won't bother explaining it. Just point-and-click, and you'll know.

That having been said, one little "gotcha" is that, by default, Ubuntu limits itself to a relatively small package collection. Most users will not be satisfied with this for very long, but there is a simple little secret for fixing the problem. As the privileged user (or as root) fire up an editor and take look at the self-explanatory file /etc/apt.sources.list, which should contain (among other things) the following:

## Uncomment the following two lines to add software
## from the 'universe' repository.
## N.B. software from this repository is ENTIRELY
## UNSUPPORTED by the Ubuntu team, and may not be under
## a free licence. Please satisfy yourself as to your rights
## to use the software. Also, please note that software in
## universe WILL NOT receive any review or updates from the
## Ubuntu security team.

# deb hoary universe
# deb-src hoary universe

# deb hoary-security main restricted
# deb-src hoary-security main restricted

# deb hoary-security universe
# deb-src hoary-security universe

Once you've uncommented the universe and (optionally) the security repositories, run the following command:

apt-get update

You will then find that the list of available packages has greatly expanded. Despite all the dire warnings from the developers, there are few risks in using these additional repositories. However, it has already been pointed out that Ubuntu's packages are seriously out of sync with Debian's, so don't try to add additional repositories to /etc/apt/sources.list. If you fail to heed this warning, you'll almost certainly experience the dreaded package breakage.

Once you've done the above, you should find that all the KDE apps are available for installation. Ubuntu is GNOME-based, but you can certainly run KDE as your desktop. However, if you want to work in KDE most or all of the time, consider installing Ubuntu's alter-ego, Kubuntu.

If you're a little more daring, you might want to add the debian-marillat repository to /etc/apt/sources.list (use testing/main). This will allow you to install Lame, MPlayer and other software which has "problems" with software patents and the DMCA. As for just where you can find the nearest debian-marillat repositories, you'll have to do some Googling.

Swatting Bugs

I don't expect any OS to be trouble-free, but I did encounter a few more bugs with Breezy Badger than anticipated. Fortunately, Ubuntu has a nice bug reporting form. I'm pleased to say that the first bug I reported was swiftly acknowledged and fixed. The second and third bugs are still pending. The others were acknowledged but the developers didn't feel that these were bugs.

The first bug involved the hdparm command. This has already been fixed, so I needn't say anything more about it.

The second bug involved my favorite text editor, Xemacs, when running under GNOME. The problem is that it won't recognize X fonts which, among other things, prevents me from typing in non-Roman scripts. As a temporary fix, I've solved the problem by not using GNOME and instead running IceWM.

The most serious bug still on my pending list concerns the video driver. Although the installer correctly identified my video card as radeon, I noticed that performance in graphics mode was sluggish. I attempted to confirm this by running glxgears, which revealed a further surprise - if you launch glxgears in an xterm on Hoary Hedgehog, it will report frame rate, but on Breezy Badger it fails to do so. I later learned that you can force it to do so by running the command:

glxgears -printfps

That's all very nice, but I discovered to my chagrin that when (using my mouse) I attempted to drag the window with the spinning gears, Ubuntu froze. I no longer had a mouse cursor and the keyboard was dead. Only a hard reboot could restore the system to normal. I repeated this experiment several times, with the same fatal result.

I have found the fix for the problem, but this bug definitely needs to be addressed by the developers. First, I searched for (and then installed) an accelerated video driver for the Radeon card. To find out what was available for Radeon, I did this:

bob@x31:~> apt-cache search radeon
xserver-xorg-driver-ati - X.Org X server -- ATI driver
fglrx-control - Control panel for the ATI graphics accelerators
xorg-driver-fglrx - Video driver for ATI graphics accelerators
xorg-driver-fglrx-dev - Video driver for ATI graphics accelerators
(devel files)
gatos - ATI All-in-Wonder TV capture software
radeontool - utility to control ATI Radeon backlight functions
on laptops

Then I checked to see if xorg-driver-fglrx was installed (it was not):

bob@x31:~> dpkg --get-selections | grep xorg-driver-fglrx

So then I installed it:

root@x31:~> apt-get install xorg-driver-fglrx

With the new driver, my video performance has improved and glxgears no longer crashes the system. However, esoteric bugs like this could easily blow away even experienced geeks, let alone newbies. Hopefully this issue will be resolved soon.

Minor Quibbles

A minor annoyance was that the wrong kernel was installed. In this case, "wrong" was not disastrous. What happened was that a 386 kernel was installed even though I have a 686 processor. The machine ran OK, but performance clearly suffered. I initially filed a bug report, but the developers replied that the Ubuntu CD just doesn't have room for multiple kernels so they have to go with the lowest common denominator, which is 386. You can check which kernel is installed as follows:

root@x31:~> uname -r

The solution is to upgrade your kernel. If you're upgrading to a 686-based kernel, the command would be as follows:

apt-get install linux-686

I assume the above is a non-issue if you install Ubuntu on an AMD64 or PPC.

Though by no means a bug, Ubuntu has been criticized for not including a built-in firewall. The official response to this complaint is that - since most services are turned off by default - no firewall is needed. Personally, I find that explanation as satisfying as saying you don't need to lock the door of your house because there's nothing to steal inside. If nothing else, I'd rather have a firewall for the warm fuzzy feeling it gives me. Fortunately, you can easily add one. Probably the easiest one to install and configure is firestarter. I actually prefer guarddog, because it gives more precise control over the firewall rules, but it's also a little more complex to set up.

Another little quibble is that Ubuntu doesn't protect you from accidentally deleting or overwriting files by careless use of certain commands. In particular, rm, cp and mv can cause you grief, but even cat can be dangerous. I know I've mentioned this problem too many times before in other reviews I've written, but in Ubuntu the situation is especially severe since not even the dangerous root user is protected. As an example of how disastrous this can be, if you meant to type rm -r *.bak but instead typed rm -r * .bak, you can kiss all the files in your current directory goodbye. The way to prevent this is to enable interactive mode with the -i option. You can also prevent overwriting files with cat by using the "noclobber" option. The way to do all this is edit files .bashrc and .bash_profile in your home directory (and especially in /root) and add these lines:

alias rm='rm -i'
alias cp='cp -i'
alias mv='mv -i'
set -o noclobber

The Road Ahead

Various reviews I've seen about Ubuntu have attacked the release names (Hoary Hedgehog, Breezy Badger and upcoming Dapper Drake), or the "ugly" brown GNOME screen background (which is easily changed). I consider such "flaws" to be trivial. When push comes to shove, I want my operating system to "just work", and in this department Ubuntu delivers.

Despite a few fixable bugs, it's hard not to like this distro. I greatly appreciated the rock solid package management - never once did I have to pussyfoot around with the notorious broken packages which plague Debian unstable fans. Similarly, upgrading Ubuntu was a breeze. The default GNOME interface is very intuitive, a great relief to Linux novices as well as more jaded users. The installer might not be pretty, but it works as promised. There were lots of thoughtful little touches, such as powernowd (which keeps your processor cooler) being installed and started automatically.

Ubuntu is still not my favorite distro, but it comes very close. And I must confess that I've only been running it a few days, so I can't swear that it won't crash under worst case conditions (though my Ubuntu-loving friends assure me it's solid as the Rock of Gibraltar). There is some grumbling that Ubuntu's repository of packages is not quite as massive as Debian's, though it seems to be catching up fast.

A big plus is the helpful and friendly Ubuntu online community. When you're racking your brain with what seems like an insurmountable problem, it's good to know that assistance is just a few mouse clicks away. You probably won't be told to RTFM, but if you need an FM to R, some good references include the Unofficial Ubuntu Guide and the amazingly-detailed Debian Reference Manual.

Ubuntu started with a huge advantage by being well-funded, but ultimately a distro is judged successful only if it attracts a large and stable user base. With the number of Ubuntu converts increasing by leaps and bounds, it would seem that this is one operating system that won't go away anytime soon. Needless to say, some geeks will stubbornly refuse to test Ubuntu until the next ice age. Others will hesitate, experimenting with distro after distro, seeking the "perfect operating system" but never quite finding it. The huge collection of Linux/BSD systems listed on DistroWatch is a testimonial to how difficult it is to make a decision. However, after spending weeks trying to get XYZ distro to recognize your wireless card, it's really nice to have an OS that just works. Spending your life wandering in search of Utopia can have consequences. One might keep in mind the words of Aneurin Bevan... We know what happens to people who stay in the middle of the road. They get run down.

Copyright Notice
Copyright (C) 2005 Robert Storey
Verbatim copying and distribution of this article is permitted in any medium, provided this copyright notice is preserved.
Note: If you'd like to discuss this article, please do so on the DistroWatch Weekly page.

Reverse Engineering Software

By g0df4th3r

Here is a short tutorial to explain some reverse-engineering techniques. Reverse engineering is the modifaction of data to make it do what you want to do. You MUST realise that reverse engineering can be used illegally, and doing so can lead you into trouble, and hurt our economy and developers. You can though use it legally too, for example:

Some wargames present challenges that require the modifaction of applications.

It helps understand some of the very basics of assembly.

You may develop techniques useful in finding exploits, or exploiting them.

Greated debugging skills, at lower-level, and learning about patching and similar.

This is why reverse-engineering should be learned, not to learn how crack programs illegally, as this takes away profit from the software industry, and we want better programs and games. Let's now continue on with the tutorial.

The Program and the Objective

For a start, you have to know what we are going to reverse-engineer, don't you?

Here is the short program written in C++:



int main() {
int i;
for (i=100; i <= 200; i++) {
cout << i << "\t";
if (i == 0) {
cout << "You won the challenge, congragulations.";
else {
cout << "You failed to complete the challenge. Please try again.";

This program, written in C++ for MS-DOS, it is very simple. If I write anymore tutorials on this subject, the programs will be more compilicated and most likely win32. Anyway, the programs counts up from 100 to 200. You objective is to count down to 0. The program must be compiled in its original form. So how can we change the compiled application to display the string "You won the challenge, congragulations." instead of the string "You failed to complete the challenge. Please try again.". This, with our tools, is infact easy. By understanding how to do it, it does not take long to figure out similar challenges. You will, however, have to know some basic assembly (which I will tell you) to do these operations. By this you will not have to know how to write full blown assembly applications (I can't really) but to read assembly code, in a pseudo affect. To do this, you must learn some very basic assembly. I am listing the important ones below, do not worry if you do not understand these, as I will explain what things do throughout the tutorial.

Assembly Rundown:

Here are some basic assembly functions. The will help throughout the tutorial.
These are not designed to teach assembly, and are not explained very well.

Jumps and Calls

je destination - Jump if equal
jne destination - Jump if not equal
jmp destination - Unconditional jump, always jumps ot destination.
jl destination - Jump if not less
jle destination - Jump if less or equal
ja destination - Jump if greated (above)
jae destination - Jump if greater or equal
jnl destination - Jump if not less
jng destination - Jump if not greater
call destination - Calls a subroutine

Jumps are easy to remember. If you haven't noticed, the operators are derived from abrievated english.


je - Jump if Equal
jae - Jump if Above or Equal

Stack operations

push src - Pushes data on the stack (memory). Used for calls, passing data to subroutines.
pop src - Takes data off the stack, puts it into a register.

Stack is last in first out (LIFO) meaning the last piece of data you push in, is the first data you pop out.

Math Operators

inc src - Increment by one (src++)
dec src - Decrement by one (src--)
add src, number - Adds the number to src. ie. src=1, number is 3 so it is 4.
sub src, number - Subtracts the number from src. ie. src=4, number is 3 so it is 1.


cmp src, data - For example, if src=1 and data=1, then the cmp was true.
test src, data - Another comparision operation, useful for testing is a register is zero.


nop - No Operation.

Studying The Program

Programs Needed

Although you can use many tools to get the task done, I will be writing this tutorial to work with these two tools under windows.



Which can be found quite easily, and I believe are both freeware, or offer freeware packages.

If you are working under *nix, then you will have to learn how to use appropiate programs on your system (like gbd).

Finding out what to change

To change this program, we need to study it. You could pull out a hex editor, or a cheap disassembler, and go reading through the assembly, but that would mean more work for you. So, we will use W32Dasm, as it is great for studing the program. To change the program, we are using Hiew (Hacker's View) which is quite easy to use.

So, what do we need to change. In this tutorial we will be reverse-engineering this program in two different way, whose output will be similar, but a little different.

Studing the program is the most important part you do. First run the program and examine it output. It counts up from 100 to 200, and then prints a string: "You failed to complete the challenge. Please try again.". This is enough to start tracking down the operations and the desired result.

Make 2 copies of the application which you have compiled. Open up W32Dasm, and select Disassembler-> Open File to Disassemble. Locate the original application, and open it. This should start the disassembly process, which is quite quick for this application. When disassembly is done, make sure the font is of readable type. If not, change it to something more suitable by going to Disassembler -> Font -> Select Font. Now, what do you think we have to do to find out what to change. I will tell you, we have to find our string "You failed to complete the challenge. Please try again." (without quotation marks).

There is two ways we can find this out:

One way is to go to the string references by clicking on the the toolbar option Str Ref (string references) or by going to the menu option Refs and String Data References. This is all the strings used by out application. The majority of them being junk (to us) added by the compiler. You can then search down through this list, which is in alphabetical order, for our string. When you find the string, double click on it, and you should be taken to a new location in the disassmbly listing.

The other way is by going to Search -> Find Text, and searching for our string. Type in something like "You failed" without the quotation marks.

I am now assuming you are near a push instruction. Above this push instruction is our string, and some text. This looks like this:


* Referenced by a (U)nconditional or ©onditional Jump at Address:

* Possible StringData Ref from Data Obj ->"You failed to complete the challenge. "
->"Please try again."
:00401196 68A2A14100 push 0041A1A2
:0040119B 685C044200 push 0042045C
:004011A0 E88F810000 call 00409334
:004011A5 83C408 add esp, 00000008

Now, we are most interested in where the program decided to choose this option, instead of an other option. So, look at the second line. It has this written within it: 00401180©. The © means that it was from a conditional jump, meaning it was not a jmp statement, it had some critera to judge what to do. So now, we want to see the instruction that called this, so go to Goto -> Goto Code Location. Type in the text box, the location, which is 00401180 (may differ on your computer). We can now see this:


:0040117E 85DB test ebx, ebx
:00401180 7514 jne 00401196

* Possible StringData Ref from Data Obj ->"You won the challenge, congragulations."
:00401182 687AA14100 push 0041A17A
:00401187 685C044200 push 0042045C
:0040118C E8A3810000 call 00409334
:00401191 83C408 add esp, 00000008
:00401194 EB12 jmp 004011A8

The failed string area was called by a jne (jump if not equal) statement. Look at the statement above it, is reads test ebx, ebx. This statement test that ebx is equal to zero, ebx holds the number used for the loop. Now, we know that ebx cannot hold zero without changing the code, but in this example, we don't care. We just want the jump to never occur, because if it doesn't, the winning string is displayed, and although we didn't actually match the objective, we got the string. So how do we stop this jne statement occuring? By replacing it with a nop instruction (No Operation). This way it will continue on, and print our string. So, how do we change this. Okay, take down the offset when you are over the jne statement (when it is green/blue highlighted, green in jumps, you are over the statement), which can be seen in the status bar. For example, on my computer, the status bar reads this:


Line:309 Pg 4 of 607 Code Data @: 00401180 @Offset 00000780h in File:crackme.exe

So I know the offset I want to change on my computer is: 00000780. The h tells me it is a hex number. The offset may differ on your computer, so remember the one which corresponds to you, not me.

Reverse Engineering the Program

We will now use Hiew. We want to open a copy of our application (I told you to make 2 before), because W32Dasm is using the original, and we want to keep the original application. Now, you can open Hiew, and work your way through directorys to find the application, or you can do as I prefer and drag the copied exe icon into the hiew.exe icon, and it will open our application (same as issuing the command hiew file.exe in MS-DOS). You will now be presented with a hole bunch of characters on your screen. Press F4 for Mode, and select Decode (shortcut being pressing enter twice). Now, press F5 for Goto. Type in the offset, for me it is 00000780, but I can type in 780. Zeros to the left can be taken out, for example 00102101 would be 102101, but you can leave the zeros in to, if you prefer. You should be at the jne statement. Before I tell you how to change the program, I have to tell you this important note.

Every instruction in assembly is represent by a numerical instruction, called opcode. For example, JNE is 75, JE is 74, nop is 90. Statements like jne have parameters (like destination) and therefore take more bytes (our jne statement opcode is 7514). When changing a program, you must remember that when you change an instruction, you must not just leave the paremeters there, as these will turn into invalid instructions, usually causing an error. So, every 2 bytes relating to the instruction must change. For example if we wanted to change our jne statement (7514) into a nop, we must use 90 twice, so the opcode would be 9090. You do not have to remember opcodes, you can type in assembly codes, but knowing how to replace codes is important. Do not stress if you do not fully understand what I just said, as it will be demonstrated again soon.

Okay, now, lets change our jne statement. Press F3 for edit, and then press F2 for Asm (short for assembly). A box will open, with the asm instruction used. Delete this instruction, and type in "nop" without the quotation marks. Now what happens is directly related to the important note above. Our jne opcode was 7514, we typed in a nop which opcode is 90, 14 now makes an invalid instruction. So, we must replace this byte with another nop instruction, so type in nop, press enter, then escape to close the asm dialog. Press F9 for update, and then F10 for Quit. Run the application through the command line, and you will notice the end statement change from "You failed to complete the challenge. Please try again." to "You won the challenge, congragulations.". Although it still counts up. Now, we are going to reverse-engineer this application once more, to make it count down, completely fulfilling the objective, and furthering your understanding of the situation.

Reverse Engineering the Program - Part 2

What we do now is more compilicated, and requires a more deeper understanding of assembly (not too much more though). What we are going to do is make the application count down, and then display the winning string. We have already done the basic study, so we can skip that, now we want to look at the original application again (not the one we just engineered) and work out what to do. Realise that I have added comments in this readout, which are not displayed in W32Dasm (for obvious reasons), ; is the comment symbol, read these comments, it tells you what the code is doing. Here is the section we are looking at, which is the one we were looking at before, and a bit more up:


* Referenced by a (U)nconditional or ©onditional Jump at Address:
|:0040117C© ; The below jle statement jumps back to this, forming a loop.
:00401159 6878A14100 push 0041A178
:0040115E 53 push ebx
:0040115F 685C044200 push 0042045C
:00401164 E8EF7F0000 call 00409158
:00401169 83C408 add esp, 00000008
:0040116C 50 push eax
:0040116D E8C2810000 call 00409334
:00401172 83C408 add esp, 00000008
:00401175 43 inc ebx ; Increase ebx by one
:00401176 81FBC8000000 cmp ebx, 000000C8 ; Compare ebx with 200, used by jle
:0040117C 7EDB jle 00401159 ; Jump is less or equal than 200.
:0040117E 85DB test ebx, ebx ; test if ebx is 0, same as before.
:00401180 7514 jne 00401196 ; Jumps to failed message, like before.

* Possible StringData Ref from Data Obj ->"You won the challenge, congragulations."
:00401182 687AA14100 push 0041A17A
:00401187 685C044200 push 0042045C
:0040118C E8A3810000 call 00409334
:00401191 83C408 add esp, 00000008
:00401194 EB12 jmp 004011A8

From my comments, you should see the low level structure of a for loop. The jle jumps back through the whole process if it is under 200 (hex C8, assembly uses hex). We can see the inc increases ebx by 1 each time called.

So psedu of this is:

if x is less or equal to 200, goto loop
end loop
if x does not equal 0 goto the failed message, leave here, returns after back to pseudo.
if x does equal 0 print failed message
below code initialises the cleanup and exit processes

Which is very easily translated to any HLL, using the provided for loops or other type of structure.

Now we have to change this code, to make it count down to zero, and display our message. So, first we have to change the inc, because we want it to decrease the number. Then we must change the cmp instruction, as we want it to compare with zero, not 200. Then, we have to change the jle (jump if less or equal) because we want it to jump if greater/above than 0 which is the instruction ja, not jae (jump if above or equal) because than it will go down to -1, and will jump to the failed message. So, lets get the offset of the first instruction we want to change (which is the following line)


:00401175 43 inc ebx

The offset on my compiled program is 00000775h, as said before yours may differ.

Now, lets get to hiew. Open your 2nd copy, the copy which is unmodified. Get to the decode place (F4 -> Decode) Goto our offset (F5, type in offset) and now lets change these instructions. Please note when I say the line looks like the example, I mean under the Asm (F2) dialog. You should be at a line which reads:


inc ebx

Using F2 (Asm) you should change this too:

dec ebx

Now, there should be no need to add any nops here or anything, as both inc and dec use 2 digits for opcode.

Now we have to change this line (do not change until I fully explain)


cmp ebx, 000000C8


test ebx, ebx

Now, to do this we must refer to my special note I had before. cmp ebx, 000000C8 opcode is 81FBC8000000

We spilt this into twos:
cmp ebx 200
81 FB C8 00 00 00

Now, test ebx, ebx opcode is (in groups of two)
test ebx and 0
85 DB

So we must replace the 00's and C8 with nops.

So go to asm dialog where the cmp instruction is, change it to test ebx, ebx. We must than change the remain 8 bits, which is grouped into 2. Which means 4 nops, so write nop, press enter, and repeat 3 more times. (You can change opcode directly, just don't press F2 while under edit, however it is harder to remember opcode than the asm instructions.

Did you notice how after changing these instructions, the jle statement, which had disappeared, is back. This is because once you start an invalid instruction, it will affect the whole program, nearly every statement following changes, if not all. That is why it is very important to count you bytes.

Now we must change the statement which reads:


jle 000000759


ja 000000759

(please note that yo do not have to use tabs, spaces are suffecient)

After doing this, you should now press F9 to update, and F10 to exit.

Now you can run the code in your DOS, and see if you completed it correcly or not, if you did, congradulations, if not, bad luck, do try again, or if having severe problems reply to this thread of PM me.


That concludes this tutorial. I hope you enjoy. Good Luck. God Speed. uhh I forget if there are any more expressions for "Good Luck" Well Just Enjoy.

Good Luck