Tag Archives: PC

Anatomy of an unsuccessful NVR attack

One of our NVRs was attacked recently using a known attack that would have compromised or destroyed an off the shelf DVR. The operating system was corrupted by the attack, but it effectively stopped the attack in its tracks. The damage was repaired in less than 45 minutes and only the software was affected.

We have learned quite a bit from the analysis of this NVR system. The attack was designed for Busybox – a version of Linux that runs many different types of embedded devices including security cameras and cheap DVR systems. The point was apparently to gain access to the system in order to use it in a distributed denial of service attack (DDoS).

We have been implementing new security rules on our NVR systems – with this system next on the list. We developed new security procedures after we posted this story from Ars Technica on our Gigastrand Facebook page. Changing default passwords is an easy and effective way to protect your system.

Many cameras also come with a proxy or Dynamic DNS service that allows easy access directly to the camera through a firewall. Gigastrand has been disabling these services on the cameras it sells. We recommend this for everyone using similar equipment.

We will soon be implementing changes that will make it easier for the end users to change default passwords on both the OS and NVR.

We tried a web traffic service – guess what we found.

About a month ago, we tried one of the many web traffic services from fiverr and analyzed the traffic. This is what we found:

  1. The traffic being driven to the site looked like a denial of service attack (DDoS). It was all bots, all Windows desktop PCs, and all highly suspect. While it was not a denial of service attack in the sense that it crashed the website, the traffic looked very much like a DDoS attack if it were done once every few seconds or so.
  2. The visitors were from different IPs. So it looked like unique visitors and sessions, but it was all bots.
  3. The product did not significantly impact bounce rate. It remained pretty much the same. Some bots would hang around and browse a couple of links at random to keep the bounce rate low. It was pretty easy to see what were bots and what were actual people as the browsing habits were different. Time per page was different.
  4. The product was advertised as “qualified” traffic. Not in the least. Bots from compromised Windows PCs do not count.
  5. The product was advertised as “unlimited” for 30 days. We got 700 to 800 sessions per day.
  6. The product was advertised as “1000+” visitors per day. We got 700 to 800 “visitors” per day.

The product as advertised is more or less a scam. It didn’t deliver what was promised and what it did deliver was on the backs of people with compromised machines (spyware/malware/virus) and that just isn’t right. If you have a low bounce rate, it will most likely drive the bounce rate up despite some of the countermeasures.

The most annoying thing it did was make it very difficult to properly analyze the qualified visitors. When we write an article and post it, the stats spike when people look at our post. It was very difficult to tell how big of a spike we had when we posted.

So, we are only out $6 in total but well worth the lesson. We won’t ask for our money back because we feel we got what we really were after out of it.

We are unable to review it on fiverr for some unknown reason.

Gigastrand’s 12 year old computer

In 2004, about the time Gigastrand was called LinspireNetwork, we built a computer. It was a secondary computer designed to run Linspire – a Linux OS we sold at the time. When Gigastrand was formed, it became the primary PC for Gigastrand in 2006.

pcdv0005

Since then, it has performed a number of tasks. In 2012, it was a development machine for Gigastrand OS and one of the first machines to be loaded with the new OS. It later became the Gigastrand internal server. I have written about it several times on the Mr. Gigabytes Blog and on LinspireNetwork (the predecessor of Gigastrand – long since defunct).

While this is the best documented PC, it is possibly not the oldest. From 2001 – 2004, Gigabytes Computer Store used a very specific type of computer case to build their PCs. We currently have one of those computers on our shelf.

cp1

When we found it, it was pretty much as you see it in the picture. Now it has been spray painted black and once served as a media center for my home. It has been recently restored as a media center in my home.

img00018

The story of longevity does not end there. From 1997 to 2006, I owned a Gateway 2000 PC that I kept running and functional. It served as the Gigabytes Computer Store’s point of sale and was eventually painted green and sold.

greenpos 1124_002greenpos

My home DVR has run since 2009 on all original hardware (sans main hard drive) and my original Gigastrand laptop ran for nearly 9 years before giving up the ghost in 2013.

2012-10-18-23-15-42

So, when it comes to choosing your next PC, are you going to choose one mass produced that might last a year or so? Or, will you choose one from a builder that knows how to make one that lasts?

Everyone is Linux and Gigastrand OS Ready

You know, we came out with that updated Gigastrand OS / linux readiness quiz and it got me thinking.

10+ years ago, we had to find the right fit for our customers to use a particular flavor of Linux. So, we developed a web app to help automate the process. For us and our purposes, Gigastrand OS has really made that process obsolete.

The reality is that many people use Linux already. It often takes the form of Android on their phone or tablet or Chrome OS on their Chromebooks. Many people use Android set-top boxes or smart TVs and may businesses host websites on Linux-based servers.

So, yes, Gigastrand OS is powerful enough to replace your computer’s operating system and robust enough to run full time. However, even if you do cannot switch over, standalone solutions like the Gigastrand NVR and the Gigastrand Media Center are ways you can run Gigastrand OS without converting over completely.

So, in reality, everyone can run Gigastrand OS in one form or another. This also means that we have done what we set out to do back in 2012: making a Linux for Everyone.

This month, the current concept of Gigastrand OS will be 4 years old. January 4th, 2017 marks 3 years since we released Gigastrand OS 1.0. We thank everyone for their support along the way.

 

Gigastrand OS: 10-Year Business Cost Analysis

The Gigastrand OS is software that has practical applications across many systems and is designed to completely replace the systems you currently use. This analysis is based on the real-world costs of purchasing and maintaining various environments. Below you will find our 10-year operational cost projection comparing 3 different environments.

With a Windows environment, the average expenditure to operate in this environment (including upgrades, downtime, and support) is approximately:

$844,233

With a Linux environment taking into account the same variables the cost of operating the same environment is approximately:

$653,000

That is a significant savings ($191,233 to be exact) but not really much of a secret. Many companies know about the savings of running Linux. A Mac OS environment operates slightly more at about $675,000.

Now, let’s shake things up a bit and assume that the PCs and Server are scalable and upgradeable Gigastrand Lifetime Warranty PCs running the Gigastrand Operating System. Operating this environment will cost approximately:

$366,735

That is a massive savings of $477,498 over a comparable Windows environment!

There are other benefits to running Gigastrand OS in your business that aren’t so easily measured. For example, when your technology runs better and more efficient, productivity goes up. Gigastrand OS was designed with business in mind. This analysis does a good job measuring the monetary benefits, but with the capability of Gigastrand OS and the reliability of Gigastrand PCs, money is not all you will save with Gigastrand.

User installed malware found on non-Windows machines.

In recent weeks, Gigastrand has seen 2 instances of browser extension malware installed by unwitting users on Safari in Mac OS and Chrome in Gigastrand OS v3.

This discovery makes a change in operating system ineffective when it comes to security. Malware seems to be targeting Internet browsers with the OS being a secondary consideration.

However, this is easily mitigated if users pay attention. These extensions generally require user permission to install – a fairly standard security precaution in browsers. Once installed, they can be easily removed from a browser by removing them in the extensions or plugins page for the browser. In extreme cases, the browser can be uninstalled and reinstalled.

One word of caution, browsers like Chrome will re-install an extension upon login. There is a narrow window of time between login and when the extension is reinstalled to be on the extension page.

A few pieces of advice to prevent this from happening.

  1. Don’t install plugins or browser extensions from outside sources.
  2. Read the prompts that popup on a website. Do not agree to install anything unless you know what it is.
  3. Watch the prompts for software carefully. Do not install programs that install 3rd party software as well.

Paying attention to what your computer tells you can prevent a lot of this from happening no matter what OS you use.

Video Security: 4 things to avoid and what to look for

In 2001, I got my first real-world experience with installing security equipment. It was an all-in-one gizmo that was supposed to provide some kind of alarm and video from a couple of cameras. The customer bought it off the shelf from a wholesaler. It was such a giant piece of junk that pieces started to fail as we installed them. That experience led us to avoid security for nearly 10 years.

Video security has not always been a major part of Gigastrand but we have seen how small companies and box stores are able to sell cheap, prepackaged CCTV systems at ridiculous markups. For us, that has never sat well.

Folks aren’t video security experts, however, and are not likely to become so just to purchase a system.

So, what do you look for and what do you avoid? We have compiled a list of some of the pitfalls customers have faced with other systems.

Look out for narrow lenses
This piece of advice only applies to the actual “eye” of the system: the camera. Regardless of the type of video system you are trying to install, as any photographer will tell you, the lenses are the most important part of any camera.

Most camera lenses are measured by focal length in millimeters (mm). The higher the number, the more “zoom” the lens has. This might sound good, but on a video security system you want as wide of a shot as you can get to get the most out of each camera.

Cameras with varifocal lenses (lenses that can zoom in and out) from 2.8 – 12mm are the best, but most low cost cameras come with a fixed focus lens. These are also less expensive – which is ok if you know what to look for.

For nearly all applications, you want a focal length of 3.6 or below. This will give you 80 – 90 degrees of view. Avoid lenses that have a fixed focus of 4mm or more, unless you want to shoot down a long hallway or over a field as they excel at a distant, level view.

Why is this so important? A 2.8mm lens can cover 2x the area of a 6mm lens in the types of shots customers want to see. This means a 2.8mm camera will be more valuable in an install and you could potentially use fewer cameras.

Can’t find the focal length? Avoid the camera and any system it comes with.

Thin wires
This applies mainly to analog CCTV systems. Off-the-shelf systems will very often come with a very thin coaxial (coax) and power wire in one. This wire is complete garbage. It breaks easily and when it does break, it can’t be repaired. Customers have often thrown away cameras because they think it is the problem. Professional installers use a thick version of this wire that doesn’t lend itself to breakage and can be repaired easily.

One way to tell what kind of wire is packaged with the system is the size and weight of the box. If the box is fairly small and light (or even the same general size and weight as all the rest of the systems on the shelf) it probably has this thin wire.

Avoid appliances
So, pretty much just leave the box store stuff alone and avoid installers trying to sell you stuff that kind of looks like it. On average, things start to fail on those small boxes after only a year. You might be lucky to get 3 years of use on an appliance type system.

Appliance (often called embedded or standalone) systems can’t be upgraded, and the software to view them is usually of poor quality or won’t keep up with your technology. In some cases, you never even know they have failed until it is too late. They continue to run despite a failed hard drive.

Specialty Analog
This tale starts with a story. A few years back traditional analog solutions started to be left behind in favor of IP/network systems. Companies who were used to selling and installing analog systems struggled with the network technology required to run the new, megapixel cameras.

So, the industry responded with something called High Definition Composite Video Interface (HDCVI). High resolution cameras that work over that work over existing analog lines.

Up until this point, this has been a critique of the technology itself. HDCVI is a fine technology that delivers what is says it does. However, it is a stop-gap technology and not an industry standard like analog or network based systems. If you need the resolution, go with a network video security solution like the Gigastrand NVR. If not, stick with standard analog and upgrade the DVR. It will often be less expensive and the right DVR will improve the look of your cameras.

Recommendations for HDCVI
While we do not strongly recommend it, if you do decide to go with this type of system, make sure that it is backwards-compatible with existing analog technology so you don’t spend a ton on replacing perfectly working equipment. This is often referred to as bi-mode or tri-mode. If you can, get a system that will also do a couple of IP cameras as well (tri-mode systems will often have this capability).

 

Hulu and Netflix working in Gigastrand OS

We are happy to report that Hulu and Netflix are working in Chrome in the Gigastrand OS 3.x.

As much as we would like to take credit, we only tested to see if it was working. We suspect changes to Chrome have made it possible.

We were hoping that Netflix and Hulu could be working before we released 4.0. We have been maintaining subscriptions with both in the hopes that this would be resolved. Looks like we can cross that one off the list.

In the meantime…

While we are waiting for an update to the stable codebase for 4.0, we are making great strides for the live view monitoring software for Gigastrand NVR.

We are calling it Advanced Live View for NVR – or ALVN (alvin) for short. It is designed to run locally on the system for a better live view experience. For now, it will be a separate system from the main software.

It can be accessed by a remote PC but it currently does not work on mobile devices. This will not be remedied immediately, but it will in future versions.

 

Gigastrand FAIL and what we know now

Failure at Gigastrand is always an option. To fail is acceptable as long as there is a lesson in it.

Many months ago, Gigastrand set out to do something impossible: piggyback a 64-bit architecture onto a 32 bit system. In Linux there was a slim possibility that this could work with multiarch support built into Debian. We postulated that by installing the architecture, as long as the hardware was there to support it, we could run 64 bit programs on a 32 bit system. We have done the reverse of this in Gigastrand OS 3.x (32 bit architecture on 64 bit system) with great success.

Why in the world would we want to do this? For a lot of reasons. 

  1. It would extend the viability of Gigastrand OS 2.x
  2. It would force compatibility with 64-bit software like Chrome with a 32 bit OS
  3. It will maintain compatibility with older hardware while allowing advancements to the OS

We came close – really close – to making it work. In the end, the one program we really wanted to work, Chrome, just would not even install.

We still believe that it is hypothetically possible, but beyond our capabilities.

So, we began going around to our customers and upgrading their systems to 3.0 so they can still use Chrome. We fixed the version of Chrome in place in version 2.4.

Then we come to fail number 2.

We were upgrading a machine from 2.2 to 3.2 when we noticed the system would boot very slow, error out with a “no microcode for this processor” then fail when trying to start X – the user interface (UI) for Linux. We tried all the usual troubleshooting (replacing discs, trying different drives, etc.) but all gave the same result. Without being able to boot into X, installing the OS will be nearly impossible.

So, we booted back into this customer’s original OS and checked to see if the microcode was installed. It wasn’t.

Then we opened a terminal window and did an lspci command (you can also look at Go>System>Kinfocenter for a graphical depiction and a few more tools). Via chipset, Via graphics, Via processor.

Our best guess is that the processor microcode that is installed in 3.x – specifically the Intel microcode – is mis-identifying the processor and activating. As there is nothing we can do about it once the install image is created, we simply went back to the original build and created a new image without any of the microcode.

If it works, we will release that image with the 3.4 update. If it doesn’t. We will let you know.

Update: Gigastrand OS 3.x is not compatible with Via processors because of differences in 64 bit architecture. If we had a 32 bit version it would work. We are giving this customer a new PC core under our Lifetime Upgrade Guarantee – which technically is for the computer hardware, not the software. However, we are making an exception in this case because the PC was purchased new with the Gigastrand OS.