The Misadventures of Quinxy truths, lies, and everything in between!

9Dec/112

Secure Anonymity with JonDo Live and VMware (or VMware Player)

If you're like me you're a decent law-abiding citizen who feels that privacy is a fundamental right, not merely something we enjoyed by default because technology had not yet found a way to eliminate it.  Fortuntely, technology brings us both problems and solutions.  One such solution is JonDo, a popular and somewhat proven anonymous proxy service.  This article will show you how to create a secure, anonymous browsing platform to ensure your right to free thought and inquiry preserved.

Create the Virtual Machine

First we need to take the ISO of the JonDo Live CD and turn it into a virtual machine.  I'll walk you through those steps.  It's important to note that we are not creating a persistent install here, that's beyond the scope of this article and with JonDo still being beta I'm not sure I'd recommend it.  The install we are building will let you make changes to the file system but those changes would be lost when the virtual machine is rebooted.  We're going to cheat a little and use VMware's snapshot feature to lock in any file system changes we want, and use VMware's host-guest shared folders to let us make some file system changes effectively persistent.  But all that is to come after we do the basics!

  1. Download the latest JonDo Live CD
  2. Verify the hash of the file you downloaded with the MD5 hash listed on the download page.  I recommend Hash Tab for Windows or Mac users.
  3. Create a new virtual machine in VMware.
    1. Choose Typical
    2. Set the "Installer disc image file (iso)" as the JonDo Live ISO file you downloaded. Click Next.
    3. Choose Linux as the guest operating system and Debian 5 as the version.  Click Next.
    4. Choose the name of your virtual machine (e.g., "JonDo Live")
    5. Choose the location where you want the files to be.  Click Next.
    6. Choose a small maximum disk size, I choose 1 GB.  With my current setup I don't even use it.  Click Next.
    7. Click "Customize Hardware".
      • I increased the memory to 1 GB
      • I added a second CD ROM drive, defined as an ISO pointing to the VMware Tools (e.g., C:\Program Files (x86)\VMware\VMware Workstation\linux.iso (if you do this you may need to set the drive as initially not connected otherwise VMware might try to boot off this cdrom device instead of the one with the live image, depending on how VMware orders the drives, you will then just need to connect the drive from the VMware lower toolbar once you've booted into the OS)
      • I removed the floppy drive
      • I set the Network Adapter as Bridged with replicate physical network connection state.
    8. After leaving the customize hardware screen, uncheck the power on after finishing option.
    9. (Optional) I now "Edit Virtual Machine Settings" and on the Options tab I go to "Shared Folders" and create a share which is "Always enabled"; I called my share "shared".  Reminder, this Live CD VM is not a persistent install, so this is where you can keep files/settings/etc. you don't want to risk losing.
  4. Power on this Virtual Machine
  5. When you get to the boot menu choose the "486" option (not failsafe, not 686, and not anything with PAE)
  6. When you boot it may say you have no network connection, click the network icon in the task bar and choose "Auto Ethernet".  You should now have a network connection.

Begin Using JonDo

Your JonDo Live VMware virtual machine is now ready to use!

If you've never used JonDo before the most basic thing you need to know is that you need to start up the JonDo proxy before you can start your web browsing.  To do that just click on the "JonDo" icon.  This will connect you to the JonDo servers.  If you don't have a premium account you'll be given free access, but be warned the free service is extremely slow, and anonymity protection is slightly reduced because your data travels through only two mix servers instead of three.  I strongly recommend you upgrade to premium, because otherwise you will become so frustrated waiting for pages to load that you will abandon anonymous browsing.  Once JonDo has successfully connected you can start Firefox.  The version of Firefox included here is configured with plugins that enhance your privacy by controlling the use of things like JavaScript, Java, Flash, Ads, and Cookies.  Many sites will not work without allowing features such as cookies and JavaScript for those sites, so be warned you may need to adjust these settings as you browse and discover things aren't working.  It is important to allow as little as possible!

Before you go and do a lot of anonymous browsing you really should install the VMware Tools, it will greatly enhance your overall experience of this virtual JonDo machine.

Install VMware Tools (optional)

You are perfectly free at this point to use your JonDo Live virtual machine, but the beauty of VMware is its ability to allow you to flit between host and guest operating systems, effortlessly moving your mouse, sharing your clipboard, exchanging files, and resizing the display.

These steps are a little annoying but a few hours of my working through the issues will hopefully make it easy enough for you.  The reason we can't just directly install the VMware Tools is because it has dependencies which are not fulfilled by the JonDo Live image as delivered.

  1. Go to a terminal window (click the terminal icon on the bottom task bar).
  2. Type "sudo bash" to get a root shell.
  3. Type "apt-get install make"
  4. Type "apt-get install gcc-4.1"
  5. Type "apt-get install linux-headers-`uname -r`".  If you get the error "can't find any package" then the linux headers for your kernel version may no longer be in the repository, you'll need to find a repository that has it and add that to the /etc/apt/sources.list.  If you got an error related to not finding something needed for the install then run "apt-get update" to update its list of packages and re-run the install of linux headers. (See below for more info if you are having trouble with finding the appropriate kernel header sources.)
  6. Type "apt-get install psmisc"
  7. On the Desktop right click the "VMware Tools" CD icon and select "Mount".  Its contents will now be located as "/media/VMware Tools"
  8. Type "cp /media/VMware Tools/VMwareTools-8.4.8-491717.tar.gz /tmp" to copy the tools archive to the /tmp directory (modify the file name as needed to accommodate future versions)
  9. Type "cd /tmp"
  10. Type "gunzip VMwareTools-8.4.8-491717.tar.gz"
  11. Type "tar xvf VMwareTools-8.4.8-491717.tar"
  12. Type "cd VMwareTools-8.4.8-491717"
  13. Type "./vmware-install.pl" to begin the installer
  14. Choose the defaults for everything they ask (just hit enter/return each time)
  15. When it is finished type "/usr/bin/vmware-user" to start up the VMware Tools

Congratulations!  You now have the VMware Tools installed.

Your shared folder is available inside the JonDo VM at "/mnt/hgfs/shared".

Additional Kernel Header Sources

On a recent update of my JonDo Live environment I found that the kernel headers were removed from the default repository and I couldn't seem to find it anywhere...  After some hours I figured out how to solve the problem.  You can manually find the Debian packages for linux headers and then manually install them.  The site which has these archived repositories http://snapshot.debian.org, which you can use to see into the past by specifying a date/time combination to navigate the archive.

The way I located the files I needed probably isn't the best, but here's what I did.  First, I navigate to the root of the dated repository.  For example,  http://snapshot.debian.org/archive/debian/20120806T041225Z/ shows the repository state on August 6th, 2012.  This date was soon after the release of the kernel version I had (found with uname -a).  There are two Debian packages for Linux headers, the "common" and then the architecture specific one.  You will need to manually download both of those files and then manually install them.

First I found the Packages.bz2 file which lists all the various packages.  You'll need to download, uncompress, and view this file.  My dated one was located here: http://snapshot.debian.org/archive/debian/20120806T041225Z/dists/wheezy/main/binary-i386/Packages.bz2.  Manually search that file for a package called linux-headers-3.2.0-3-486 (substitute your `uname -r` entry for the OS version I mention).  You will see a path there that corresponds to a location off the root (e.g., http://snapshot.debian.org/archive/debian/20120806T041225Z/).  That package has a dependency on the "common" header library, so we now need to find that one.  Looking again in Packages.bz2 I found the entry for "linux-headers-3.2.0-3-common" (modify for the version you have) and then download the package from the location indicated.  Once you have them downloaded you manually install them.  Install each by running the "dpkg -i PACKAGENAME.DEB" command, start with the "common" package.

Once you install both packages you can proceed to step 6 above!

 

Making your Environment Persistent (Optional)

After you've gotten everything configured, including importing your existing JonDo account info or creating your premium account, you want to save the configuration work you've done so you won't lose it if the virtual machine reboots.  All you need to do is use the "VM" menu, click the "Snapshot" menu item, then choose "Take Snapshot".  As you likely know, this allows you to return to this exact state of the machine at any future time, complete with the file system, memory, display, etc. exactly as it was at this moment.  Instead of booting or rebooting your JonDo VM you can just revert to this snapshot.  Any files you wish to be persistent and not see reverted or erased you should put in the shared folder you could have optionally created.  For example, I keep things like downloaded files, bookmarks, my JonDo exported credentials, etc. in this shared location (e.g., /mnt/hgfs/shared).

Securing your Data Locally (Optional)

To further ensure your privacy you can (and probably should) make sure your virtual machine files (the files VMware uses to store your VM data) are encrypted, either the files themselves (using Windows built-in encryption option) or, better still, by placing the entire directory inside an encrypted virtual drive, with such products as the free TrueCrypt. Be aware, however, that when you use your virtual machine its RAM will be held in your real, physical RAM and as such it can and will be stored in the host's Windows pagefile.sys, where it could potentially be recovered much later, having been written to disk.  The solution in this case is to encrypt your entire system disk with TrueCrypt, such that the swap file is also encrypted or to use an encryption product like Jetico's container encryption which includes swap file encryption as an option.

Conclusion

It is sad that it's come to this, that we honorable, law-abiding citizens must defend ourselves against the unreasonable invasion of our thoughts and study of our activities, but wishing it was not so accomplishes little.  Hopefully this little guide will have helped you take back some of your privacy.

^ Quinxy

12Mar/1145

Running Google Android 2.2 on Your PC with VMware in Less than 5 Minutes

If you're serious about playing around with Android I urge you to check out my article on how you can convert a $249 Barnes & Noble Nook Color e-reader into a full Android tablet!  I just did it and it's turning out to be one of the coolest gadgets I've had!

Tonight I wanted to play around with the Google Android OS for mobile devices, but having neither an Android tablet or phone I was forced to investigate how I could run it on my computer.  I found the answer I was looking for and succeeded in running it on my PC.  And here is my super quick guide on how you can do it, too.

Step 0.

You will need the virtual machine software VMware Player or VMware Workstation.  If you don't have either, you can download and install VMware Player for free.

Step 1.

Grab the Android Live ISO, the one to use is the Asus Eee PC version. (I tried the generic version and it wouldn't even boot under VMware.) You can navigate to the latest version here or just use this direct link for the 2.2 version.

Step 2.

Configure the VMware Player or VMware Workstation options for this VM. You want to choose:

  • CD/DVD pointed at the ISO file you just downloaded for Android
  • 512 MB memory
  • Any network setting should work (BUT, you will need to follow the instructions in step 3)
  • Sound card should be changed to "SB X-Fi Audio"
  • 2 GB IDE hard disk (optional)

Step 3.

With the VM powered off, modify the .vmx file that VMware created using a text editor.  You MUST change the existing line to now read:

ethernet0.virtualDev = "vlance"

If you don't make this change you will have no network access in Android!

Step 4.

Power on the Android VM and from the bootloader screen choose the first option and everything should work!

 

Making it Permanent

The above works great for getting a feel for Android, but because this is a "live" version of Android using a ram disk for temporary storage, all your changes will be lost when you shutdown or reboot.  To make your environment permanent it's actually very easy:

  • Reboot the virtual machine (Power > Reset in VMware)
  • Choose the "Install to hard disk" option from the bootloader
  • Create a single primary partition in the partition editor, using all available space.  Make the partition bootable.  Quit the partition editor.
  • Allow it to install the OS to the selected partition, using ext3.
  • Allow the installer to use Grub as your boot loader.
  • Do not attempt to create a virtual SD card (I didn't investigate how this works, so when I tried it it appeared to overwrite the OS I just wrote to disk.  So don't do this unless you know what you're doing.)
  • Choose to Run Android x86 when asked.

And now you've got a permanent Android x86 virtual machine!

Notes

Certain features are not supported by Android x86, primarily those applications which require devices missing from the virtual machine (e.g., the camera).  Other applications such as the YouTube application appear to work except that it does not seem to play videos; I suspect this may have to do with specific  hardware acceleration missing from the virtualization.  Also, see the many debugging and virtualization related options in the app list; you can do things like spoof geolocation.  While limited in some respects, this is an excellent tool for testing and debugging your web and mobile apps on Android.

Have fun playing around with it!

^ Quinxy