Northward Midget

Category: Hacking

  • Thunderturd! or: How I Learned To Stop Griping and Allow Remote Content

    I’m working from home, and our company’s outsourced webmail leaves much to be desired.  My desktop is Windows 7, since it offers the compatibility necessary in the corporate world, while most of my work is done through an xterm launched from my Linux box over CAT6.

    Rather than keeping up multiple webmail windows or collecting them all through one service (which usually leaves me with duplicate synchronizations across devices), I decided to choose an email client.  First, it was Windows Live Mail, and I liked it– for the most part.  Then, we were asked to standardize on a signature with images, and Live Mail didn’t seem to allow that.  It also didn’t have much flexibility in quoting replied messages.

    I tried Outlook 2007 for a while, but it began hanging on IMAP more frequently than my blood pressure would comfortably allow.  I’d given Mozilla’s Thunderbird a whirl, but something about it really pissed me off at the time.  I tried it again.

    Decent.  Open Source, so there are updates, and I could hack the goddamned code if I wanted to fix something real hard.  The most annoying quirk was the “Allow remote content?” pop-in panel.  It seemed to have an all-or-one idea of what should be allowed, where one could show all remote content, or approve single email addresses.  This was a nuisance with, for example, notifications from Google+, which are “From” a generated email address.  Thus, adding that address to your contents did nothing but bloat your contact list.

    A bit more digging found that Thunderbird had the same “about:config” back-door to its internal configuration properties as its brother-father-cousin Firefox and Mozilla and Netscape, and within there was a mail.trusteddomains setting.  One opens this menu through the “Tools” option in the menu-bar, under “Options…”, and then:

    thunderturdOptionsWindow

    According to the arcane documentation available, opening this dialog and setting this property to a comma-delimited list of domain names would instruct Thunderbird to automatically load content (n.b.) from those domains.  Each entry should be a single base domain name– not a subdomain.  That is, “google.com” rather than “plus.google.com”.

    Adding “google.com” didn’t work.  I searched some more, then this morning came across a question on a Thunderbird support site — posted almost a year ago and without a resolution.  So, I went to semi-angrily post my response, then realized– “Hey, me.  It surely isn’t just white-listing domains based on an email address.  If it were, anyone using a gmail account could just plop in an externally-hosted image in an HTML message and have it trusted.”  So, I viewed the source of this particular Google+ notification.

    Two images: one from googleusercontent.com and another from gstatic.com.

    Short answer?

    Set mail.trusteddomains to google.com,googleusercontent.com,gstatic.com 

    thunderturdAboutConfigWindow

    And now, they will load.  This won’t help much if images are loaded from a CDN, and it’s a bit of a nuisance to “View Source” on a message, search and record each “img” tag’s domain, then add them all to the property, but– it works.

    One final commentary which would be a sidebar if I knew how to do it in WordPress: Why not just allow all remote content?  At first, even though I’m a hacker and a cracker and I think I always will, I almost just said “fuck it, it’s just cookies!”  A second later, I realized that any image being loaded involves a hit to where that image is hosted, and while that URL might indicate it’s just plucking a .jpg, it could be doing anything.  It probably isn’t running a script on your mail client (I doubt Thunderbird would allow that), but it could certainly be recording that the message was read, and where it was read from, and all manner of other invasive maneuvers.  At its most innocuous, it could serve as a reasonably accurate “Read Receipt” for mail sent to anyone who trusts you– although they probably won’t trust you as much if/when they realize you’re doing that.

    Enjoy.

     

  • Stuffing Text Into All Screen Windows

    Various pagers have been giving me question marks in boxes and hexadecimal codes.  This is probably because I didn’t have the right font in the past and inserted various hacks into my ~/.bash tree to get around them, e.g. aliasing a LANG=C before every perldoc command.

    Well, now I’ve just about got everything right and proper in UTF-8 mode using a uxterm, but those little nigglers still pop up.  Today I did a man less and found the LESSCHARSET environment variable.  Awesome!  But if it’s not set, it’s supposed to use the locale, and my locale is already properly set up to en_US.utf-8.  Not a problem.  I just export -n LESSCHARSET to un-export the variable.

    But I’m in screen, with fourteen windows open.  How do I loop through all screen windows, stuffing a command into each?

    Luckily, a quick reading of the screen man page led me to this:

    at \# stuff "export -n LESSCHARSET\015source ~/.bash/aliases\015

    And BAM that gets stuffed into every window I have open.  Unfortunately, some of those are SQL prompts, log tails, and maybe an open vim session or two, but such are the pitfalls of impatiently trying out a new command, and no harm was done.

    The trick is to use the backslash-escaped octothorpe to specify all windows.  The rest is just a normal stuff, with that annoying octal \015 to specify a newline.

    Oh, and I added a second command to source my bash aliases, because I’d added new ones recently.

  • Mounting Windows Shares On Linux

    There must be a gazillion posts on this, so I’m just going to concentrate on what I did wrong.

    First I wanted to mount the target share as NFS, but the server doesn’t export to our desktop subnet at work. I saw it was running Samba, and remembered having had it working on Windows XP, so tried that. A friend at work had an /etc/fstab line that almost worked.

    Turns out smbfs is deprecated and cifs is the new smbfs, so there was a documentation detour of sorts. Anyway, I contacted infrastructure and they gave me a line that worked, but included the password. My coworker’s line used a credentials file, and I’d prefer that, because I’m old-school anal about including passwords in the clear and logging in as root and that kind of thing.

    So, I took the infrastructure guy’s fstab line, turned it into a mount command, ran it with three verbose flags, and saw it was trying to log me in as root, even though my credentials file included my own username.

    The fix turned out to be to explicitly add another username option to the line:

    //samba-server/dude /ext/dev/dude cifs rw,credentials=/home/dude/.ntcred/dev,username=dude,uid=dude,gid=dude,auto,user 0 0

    Replace “dude” with your username everywhere. Here’s my ~/.ntcred/dev file:

    username=dude
password=dude-password
domain=dev

    Replace everything with the appropriate values.  I’m not sure the domain even matters in this case, but it’s the NT domain/workgroup of the share.

    I think the root of the problem is the parsing of credentials files.  Apparently extraneous whitespace causes it to b0rk itself up.

    Oh, and the “user” option (to allow any user to mount it, as opposed to just root, or the conflicting “user” option to samba) won’t work unless you set the cifs commands suid root:

    chmod +s /sbin/*mount.cifs

    Your package manager will probably gripe and/or change that back whenever an upgrade comes up, and since we’re using “auto” it’s going to be mounted on boot, anyway, so you might as well just sudo the mount the first time and then rest easy.

    While I was at it, I tried mounting a few other shares on another domain.  One works fine.  When I try to enter any subdirectories of the other, everything goes to hell.   So, whatever.  I’m done.