Wednesday, November 21, 2012

Sophail: Tavis and Sophos

Tavis continues his damning analysis of Sophos AV.  The latest full disclosure post has a good summary, and includes links to sophail1 and sophail2 papers, and a very well-commented working exploit for Sophos on the Mac.  If you use Sophos you should seriously consider the benefits it is providing vs. the increased attack surface it brings.

Sophos' latest official response is quite different from the tone of previous interactions with Tavis.

Friday, November 16, 2012

Micosoft Windows testing VMs

Microsoft has recently provided a set of VMs for testing, which is great. The set includes images for XP, Vista, and 7. They are built for MS Virtual PC, but I'm told unpacking the .exe with 7zip and running them in Virtual Box works, but you'll need to deal with a shorter activation expiry (3 days) due to the 'hardware change'.

Monday, November 12, 2012

[SOLVED] dependency problems prevent configuration of libc6-dev

I recently descended into endlessly broken apt and dpkg hell. Usually this is enough to get out of the woods:
sudo dpkg --configure -a
sudo apt-get -f install
but not this time. I also tried cleaning out the cache and re-downloading the packages, but no dice. Until this is fixed you can't install or remove any other packages. Here's a few things I tried and the errors I was getting:
$ sudo dpkg --configure -a
dpkg: dependency problems prevent configuration of libc6-dev:
 libc6-dev depends on libc6 (= 2.15-0ubuntu10.2); however:
  Version of libc6 on system is 2.15-0ubuntu10.3.
 libc6-dev depends on libc-dev-bin (= 2.15-0ubuntu10.2); however:
  Version of libc-dev-bin on system is 2.15-0ubuntu10.3.
dpkg: error processing libc6-dev (--configure):
 dependency problems - leaving unconfigured
Errors were encountered while processing:
 libc6-dev
$ sudo dpkg -r libc6-dev
dpkg: dependency problems prevent removal of libc6-dev:
 libgnutls-dev depends on libc6-dev | libc-dev; however:
  Package libc6-dev is to be removed.
  Package libc-dev is not installed.
  Package libc6-dev which provides libc-dev is to be removed.

 [snip]

 libgcrypt11-dev depends on libc6-dev | libc-dev; however:
  Package libc6-dev is to be removed.
  Package libc-dev is not installed.
  Package libc6-dev which provides libc-dev is to be removed.
dpkg: error processing libc6-dev (--remove):
 dependency problems - not removing
Errors were encountered while processing:
 libc6-dev
$ sudo apt-get remove libc-dev
Reading package lists... Done
Building dependency tree       
Reading state information... Done
Note, selecting 'libc6-dev' instead of 'libc-dev'
You might want to run 'apt-get -f install' to correct these:
The following packages have unmet dependencies:
 libc6-dev : Depends: libc6 (= 2.15-0ubuntu10.2) but 2.15-0ubuntu10.3 is to be installed
             Depends: libc-dev-bin (= 2.15-0ubuntu10.2) but 2.15-0ubuntu10.3 is to be installed
E: Unmet dependencies. Try 'apt-get -f install' with no packages (or specify a solution).
$ sudo apt-get -f install
Reading package lists... Done
Building dependency tree       
Reading state information... Done
Correcting dependencies... Done
The following packages were automatically installed and are no longer required:
  libutouch-grail1 libutouch-evemu1 libutouch-frame1 libutouch-geis1
Use 'apt-get autoremove' to remove them.
The following extra packages will be installed:
  libc6-dev
Suggested packages:
  glibc-doc
The following packages will be upgraded:
  libc6-dev
1 upgraded, 0 newly installed, 0 to remove and 156 not upgraded.
1 not fully installed or removed.
Need to get 0 B/5,100 kB of archives.
After this operation, 2,048 B disk space will be freed.
Do you want to continue [Y/n]? 
dpkg: dependency problems prevent configuration of libc6-dev:
 libc6-dev depends on libc6 (= 2.15-0ubuntu10.2); however:
  Version of libc6 on system is 2.15-0ubuntu10.3.
 libc6-dev depends on libc-dev-bin (= 2.15-0ubuntu10.2); however:
  Version of libc-dev-bin on system is 2.15-0ubuntu10.3.
dpkg: error processing libc6-dev (--configure):
 dependency problems - leaving unconfigured
No apport report written because the error message indicates its a followup error from a previous failure.
                                                                                                          Errors were encountered while processing:
 libc6-dev
E: Sub-process /usr/bin/dpkg returned an error code (1)
The solution was to put the offending package on hold (run as root):
# echo "libc6-dev hold" | dpkg --set-selections
then run:
# apt-get -f install
which removed a bunch of packages, including the offending broken one. I could then apt-get update and upgrade as normal. Hooray!

Tuesday, November 6, 2012

List of browser cache directories on OS X

Quick and dirty list of browser cache directories on OS X, I didn't spend much time checking this was complete, but posting here for future reference:
  ~/Library/Application Support/Google/Chrome,
  ~/Library/Application Support/Google/Chrome\ Canary,
  ~/Library/Caches/Google/Chrome,
  ~/Library/Caches/Google/Chrome Canary/,
  ~/Library/Caches/Metadata/Safari/History/,
  ~/Library/Caches/Firefox,
  ~/Library/Application Support/Firefox,

Appending to an array in a plist

Handy commandline to append an item to an array in a plist:
/usr/libexec/PlistBuddy -c "Add :SomeArray: string 'newstring'" /Library/Preferences/com.something.plist
If you want to operate on a specific item, you can specify a 0-based array offset, this deletes the first element in the array:
/usr/libexec/PlistBuddy -c "Delete :SomeArray:0 string" /Library/Preferences/com.something.plist