Tag Archives: Google

cloud

Factory Reset (Powerwash) Chromebooks

If you ever loose track of the password on your Chromebook, find that the Chromebook is running oddly or want to sell a Chromebook, you can remove your Google account and readd it. The easiest way to do this is a feature called Powerwash. To pull it up, open Settings and then click on Advanced Settings. There, you’ll see the Powerwash button. Click it and then you will remove all of the user accounts installed on the device, basically performing a factory reset.

Powerwash can also be run by clicking Restart while holding down Control-Alt-Shift-R at the login screen. This brings up a Powerwash prompt where you simply need to click Powerwash to remove your data. The first time you login once the Powerwash process is complete, your apps and data start to sync back to the Chromebook.

iPhone

Change Your Default Search Engine Back on iOS

Recently, Safari on my iPhone started finding things I searched for using Yahoo! rather than the previously default Google search engine. Now, I’m not gonna’ hate on Yahoo! here. I actually left it for weeks so I could see the differences and nuances here and there. From the different way it displays movie times to image handling, I just didn’t exactly love Yahoo! (although it gets better all the time). So I decided to switch it back. If you decide to switch back, you do so by first opening the Settings App and then scrolling down to and tapping on Safari.

photo

 

From the list of available options, select Google, Yahoo! or Bing. Then close the Settings app and you should be good to go.

personal

Google Maps 8-bit Edition

Google Maps has now released the amazing 8-bit edition. It comes complete with pictures of the country in 8-bit and a Slime who draws near! While Tantegel Castle does not appear on the map and you don’t seem to be able to find any Internet connectivity arising from King Lorik’s toilet, it is possible to find cute propeller headed icons where Google offices are as well as a number of landmarks that have been converted into 8-bit highlights showing people why they should visit your area. In fact, the landmarks themselves have been converted to 8-bit in order for you to be able to fully enjoy the country as it would have appeared in an NES quest, so if you visit the landmarks you’ll see that they’ve been temporarily replaced with 8-bit renditions of themselves. The proof is in the street view of each location. This was most difficult with some of the larger monuments, such as the Grand Canyon. But that’s OK, Google had a pretty good year (shares are well over $600 a pop still).

One thing to look out for though, are the monsters, such as this little bugger, which was a wizard and then a dragon, kinda’ like the witch from Sleeping Beauty. Which was fine in a game. But Google spared no expense with this new product. There is an actual dragon sitting in the middle of the Atlantic Ocean. Granted, it’s 8-bit, and really, all you get when you conquer the Dragonlord is a ball of light, which you can get at any medical marijuana spot in California if you claim to have stress. But it’s kinda’ weird ’cause he’s started shooting flames up at flights, which I hear has stirred up some new union disputes with American Airlines.

There’s also an 8-bit Santorum that Romney has been edging for awhile…

As with every April 1st, Google has also released a video on how to use their amazing new invention:

http://www.youtube.com/googlemaps

Note: For those of us who remember blowing on game cartridges to make them work, this is a very welcome addition to the Google repertoire. No matter how fleeting an addition it may be…

Finally, let’s hope that Gwaelin isn’t 8-bit. Let me know if you manage to rescue her from the Swamp Cave…

cloud Mass Deployment Ubuntu Unix

Scripting in Google ChromeOS

I recently got my hands on one of those Google ChromeBooks (Cr-48). Interesting to have an operating system that is just a web browser. But, as anyone likely reading this article already knows, the graphical interface is the web browser and the operating system is still Linux. But what version? Well, let’s go on a journey together.

First, you need ChromeOS. If you’ve got a ChromeBook this is a pretty easy thing to get. If not, check http://getchrome.eu/download.php for a USB or optical download that can be run live (or even in a virtual machine). Or, if you know that you’re going to be using a virtual machine, consider a pre-built system from hexxeh at http://chromeos.hexxeh.net/vanilla.php. I have found the VMware builds to be a bit persnickety about the wireless on a Mac, whereas the VirtualBox builds ran perfectly. I split my time between the two anyway, so I’ve just (for now) been rocking VirtualBox for ChromeOS. When you load it for the first time it asks for a Google account. Provide that, select your network adapter, choose from one of the semi-lame account images ( for the record, I like the mad scientist one) and you’re off to the races.

Next, we need a shell. When you first log in, you see a web page that shows you all of the Chromium apps you have installed. By default, you’ll see File manager and Web Store. If you’ve used the OS X App Store then the Chrome Web Store is going to look pretty darn familiar. My favorite for now is Chrome Sniffer. But all of these kinda’ get away from where we’re trying to go: get a scripting environment for Chrome OS.

Chrome comes with 2 types of shell environments. The first is crosh. To bring up a crosh environment, use Control-Alt-t. This keystroke invokes the crosh shell. Here, type help to see a list of the commands available. Notice that cd, chmod, etc don’t work. Instead, there are a bunch of commands that a basic user environment might need for troubleshooting primarily network connections. “But this is Linux” you ask? Yup.

At the help output you’ll notice shell. Type shell and then hit enter. The prompt will change from crosh> to chronos@localhost. Now you can cd and perform other basic commands to your hearts delight. But you’re probably going to need to elevate privileges for the remainder of this exersize. So let’s type sudo bash and just get there for now. If you’re using a ChromeBook, the root password might be root, or if you’re using a downloaded vm from hexxeh then it might be facepunch (great password, btw).

Provided the password worked, the prompt should turn red. Now, if you’re using a hexxeh build then the file system is going to be read-only. You won’t be able to change the root password nor build scripts. But otherwise, you should be able to use passwd to change the password:

passwd chronos

Once you’ve got slightly more secure shell environment (by virtue of not using the default root password), it is time to do a little exploring. Notice that in /bin, you see sh, bash, rbash and the standard fare of Linux commands (chmod, chown, cp, attr, etc. Notice that you don’t see tcsh, csh or ksh. So bash commands from other platforms can come in, but YMMV with tcsh, etc. Running ps will give you some idea of what’s going on process-wise under the hood:

ps aux

From encrypts to crypto to the wpa supplicant, there’s plenty to get lost in exploring here, but as the title of the article suggests, we’re here to write a script. And where better to start than hello world. So let’s mkdir a /scripts directory:

mkdir /scripts

Then let’s touch a script in there called helloworld.sh:

touch /scripts/helloworld.sh

Then let’s give it the classic echo by opening it in a text editor (use vi as nano and pico aren’t there) and typing:

echo "Hello Cruel World"

Now close, save and then run it:

/scripts/helloworld.sh

And you’ve done it. Use the exit command twice to get back to crosh and another time to close the command line screen. You now have a script running on ChromeOS. Next up, it’s time to start looking at deployment. This starts with knowing what you’re looking at. To see the kernel version:

uname -r

Or better:

cat /proc/version

Google has been kind enough to build in similar sandboxing to that in Mac OS X, but the concept that you can’t run local applications is a bit mistaken. Sure, the user interface is a web browser, but under the hood you can still do much of what most deployment engineers will need to do.

If these devices are to be deployed en masse at companies and schools, scripts that setup users, bind to LDAP (GCC isn’t built-in, so it might be a bit of a pain to get there), join networks and the such will need to be forthcoming. These don’t often come from the vendor of an operating system, but from the community that ends up supporting and owning the support. While the LDAP functionality could come from Google Apps accounts that are integrated with LDAP, the ability to have a “One touch deploy” is a necessity for any OS at scale, and until I start digging around for a few specific commands/frameworks and doing some deployment scripts to use them, right now I’m at about a 6 touch deploy… But all in good time!

Business

Facebook Acquires FriendFeed

Let’s over-simplify this:

Twitter is a very popular site.  FriendFeed is kinda’ similar.  Facebook is a very popular social network site that happens to have the features of FriendFeed built in.  Now Facebook owns FriendFeed.  Some acquisitions are about technology, some about user base/customers and others about the talent that a company has.  I would assume that almost every person with an account on FriendFeed already had an account on Facebook.  Facebook can easily integrate the same technology that is present in FriendFeed (and already has for the most part).  So I’m gonna’ go out on a limb and say this one likely had more to do with the talent (mostly ex-Google rock stars) that FriendFeed had amassed…  But who knows, there are likely plenty of variables I am not privy to, so that’s conjecture.

Ubuntu Unix

Looking at Google Android's Internals

Google’s Android is a very small Linux distribution. Recently I needed to test some applications that were developed by a couple of friends of mine. Rather than run out to T-Mobile I figured I’d just install the new LiveAndroid disk and thought I would write up how to get setup using VMware Fusion and then go about doing some tasks with Android. To get started make sure you’re running the latest Fusion (or Parallels or Q or VirtualBox). Then download two ISO files from http://code.google.com/p/live-android/
liveandroidv0.2.iso.001 and liveandroidv0.2.iso.002.

Once you have downloaded the two ISO files we’re going to need to join them.  To do so

cat liveandroidv0.2.iso.001 liveandroidv0.2.iso.002 > liveandroidv0.2.iso

That will take a few seconds to complete.  When it’s done, open up VMware and then click on the New button in the lower left corner of the Virtual Machine Library screen.  At the New Virtual Machine Assistant, first click on Continue Without Disk and then choose the Use Operating System Installation Disk Image File: option, selecting the ISO file from the browse screen.  Once selected, click Choose in the Browse dialog box and then back at the New Virtual Machine Assistant Screen click on Continue.

At the Choose Operating System screen, leave the Operating System and Version fields set to Other and then click on Continue.  The Default memory and disk capacity should be fine (256MB of memory and 8GB of disk).  The default Shared networking (NAT) option will also have the Android instance able to boot with the network interfaces functional (unlike in my VirtualBox testing), so leave that as-is as well.  Click Finish and then the Android virtual machine will start.

Once started you’re going to get an error about the battery.  This is not a big deal, click on OK to suppress it.  If you can’t find your cursor then look for the faint grey arrow.  You can then click on the default home screen applications (Messaging, Dialer, Contacts or Browser) or on the slider to the right of the screen for the rest of the applications (such as the Gallery or the Camera).  If you use the space bar you’ll open the dialer (not that you can dial out or anything) and if you use the the Escape key you’ll back out of an application, back to the home screen.

To get to the command line you can use the fn-alt-F1 (the F1, when pressing the fn key is immediately to the right of the Escape key whereas the alt is the same as the option on Mac in that scenario).  The fn-alt-F7 combination will switch back from the command line to the home screen.

When you’re at the command line you’ll have a number of options. Because LiveAndroid .2 supports DHCP there’s usually no need for configuration of the network stack, although I did have to configure it manually in VirtualBox.  To do so I started with ifconfig, which works similarly in Mac OS X.

ifconfig eth0 192.168.210.30 netmask 255.255.255.0

Then I setup a gateway with the route command:

route add default gw 192.168.210.1 dev eth0

You can also use setprop to define your DNS servers.  For example, to set 4.2.2.2 as a DNS server you would use the following:

setprop net.eth0.dns1 4.2.2.2

I also use a proxy so I had to configure that in order to be browsing the old interweb.  After a bit of noodling around I realized that Android stores a number of settings in a sqlite database stored in /dat/data/com.android.providers.settings/databases/settings.db.  If you remember, I did an article on using sqlite3 with Address Book on Mac OS X awhile back – this is all very similar to that, as sqlite doesn’t really change much (if any) from platform to platform.  To open the database in sqlite3, use the following command:

sqlite3 /dat/data/com.android.providers.settings/databases/settings.db

Then type .tables and you should see one called system.  We’re going to insert the proxy data into it, in this case inserting proxy.krypted.com:8080 using the command:

insert into system values(99,’http_proxy’,'proxy.krypted.com:8080′);

At this point I’m off to the races with the web browser.  Next I have a couple of applications friends have developed that I’d like to install.  From the command line this is pretty easy.  They put them up on their websites and then I go to /system/app using the following command:

cd /system/app

Next, I use wget to pull down the app (which is in the form of an apk file), assuming that the name of the server is my.server.org and the name of the app is myapp.apk:

wget http://my.server.org/myapp.apk

Once I’ve downloaded the app I’m going to go ahead and create a shortcut key just for that application by adding a line to /etc/bookmarks.xml that reads as follows (which would use the z key to open the app):

<bookmark
package=”com.myapp”
class=com.myapp.class”
shortcut=”z” />

Next, I’m going to flip through all of the tables looking for any other settings back in the settings.db that I’d like to change.  To look at the options for each table use ‘select * from’ followed by the table name.  So if I wanted to look at the SYSTEM table I could use the following command from within the sqlite3 interactive mode for settings.db:

select * from SYSTEM

You can then find a value and edit it as we did earlier but with update instead of insert.

Many of the common commands and tasks that you might be used to are exposed in android.  For example, you can edit the /etc/hosts file to force address resolution.  Also, while I’m testing my friends applications I’m also monitoring statistics within my Android instance.  This is fairly straight forward in some cases as I can simply cat many of the files located in the /proc directory, such as cpuinfo and loadavg.

Looking at these files through VMware while launching an application exposes some of the underlying security framework.  Much like the iPhone, processing for a given application is halted when another application is launched.  In Android though, each application is written in Java and each runs both as its own Java virtual machine and with its own UID.  This isn’t to say that Android applications are sandboxed from one another as in the iPhone when the Activity (screen) is not in the foreground.  Instead, there is a framework for background processing with a service.  Many of the built in aspects of Android can run as services, although none of the third party applications I was looking at leveraged this component of the Binder (borrowed from BeOS).  Any information shared between different applications works via a Content Provider service.  If you look at the path for the sqlite3 database, it’s using providers in the path.  This isn’t meant to reference cell phone providers but instead the internal’s content providers.

Each application can be considered a risk to install.  Therefore, each application has a corresponding AndroidManifest.xml file which provides the rules that the application has to follow along, permissions and a listing of all of the components of the application (binaries, libraries, scripts, etc).  Each application can therefore have a component of itself exposed to other applications (typically used for example if you have a chain of applications with permissions between them), with an additional permission of having an application that publicly makes its data available to others.  I could see uses for something like this with photo sharing applications but overall it leaves exposure for the manifest to open communications between applications if compromised.  I have not been able to thoroughly test whether input validation is available  here, but it’s theoretically possible for an application to either obtain elevated privileges from another or to influence the data in another.  Granularity of these permissions is possible but must be configured by the developer.  I was able to use one of the applications I was testing to access the contacts on the machine, a bit of a concern, but common.  Overall, it’s hard to conceive installing any application without a prior thorough review of the manifest if I were working on a production device.

Android is just a trimmed down Linux.  I would expect a Chrome OS to be very similar.  I don’t even expect it to have much more or much less (although I would assume it will run gears and all of the dependencies of gears).  If you replace the Dialer application in Android with Google Voice and add support for an LDAP client then you would have much of what I might expect out of a NetBook OS.  If Android is to be tailored to be a NetBook OS I’d like to see Full Disk Encryption for Android as well, even if most data is stored in the cloud.  But then, I’d like to see that for all devices…  If Android does offer a snapshot into what Google Chrome will look like then it seems like applications written in Java, whether for Blackberry, Palm Pre or Android would likely fairly easily be ported into the platform and therefore be a sandbox worth pursuing assuming that is the case; because while people seem to love the idea of the cloud at the end of the day they seem to also be hooked on their fat clients.

sites

Boobies on Facebook

Today I found a game/app in my Facebook feed called Vrais ou faux seins ? The application has blatantly exposed breasts.  I can’t speak French so I can’t tell what it is about, but the pictures sure seem to tell a pretty compelling story.  I’m sure that the good people at Facebook will end up finding the application and removing it soon enough.  But it brings up, again, the changes that the increasing globalization that the Internet has brought about. And in my standard Facebook feed…

It’s not that I care.  I don’t.   It’s more just watching culture classes as they continue to emerge.  Much like Google’s Schmidt leveraging YouTube to speak out on Iran in a way… There are positive aspects of a more open world, but there are also aspects with regard to differing values that will have be reconciled in the culture clashes that continue to happen.  Such as the appearance of boobies in little Archie’s Facebook feed…

Business sites

Google Outage

When a large company loses email and other services the help desk is abuzz with calls.  But who do you call when an outsourced vendor goes down?  I’ve read a number of reports about the Google outage from a few days ago.  Having millions of users without service, or with deprecated service, is a lot of potential calls.  Just like tens of thousands in an enterprise is  lot when those users cannot access email.  In the reports I’ve read people were taking a very strong stance on the outage, not necessarily with Google directly, but identifying cloud support options across the board as having “no one to call.”  Really?  There’s no way to identify a known outage or call someone?

If you have an outage or a problem with Google Apps then you can get support following the steps outlined on this page. Additionally, if you want to check the Google availability for services (both in historical and current contexts) then you can check the google.com/appstatus site.  Google also went insofar as to publish a disruption/incident report on the severity and the issues that caused the outage.  I love transparency.

IT environments have outages. Google outages, and outages for any cloud-style environment are typically more rare than most organizations I see in production. There is a support line to call and there is also a status page to check, fairly in-line with what you would have for application support for most enterprise organizations. But what gets me is that many of the people writing columns voicing outrage about the outages with Google are the very ones who also write columns about the death of corporate IT and the emergence of the consumerized IT paradigm.

The cloud is not for everyone, but having the option of cloud-based services is a great thing. It’s not right for everyone. However, if you choose to go the route of initiating a large migration towards a cloud-based delivery model for applications then one aspect of keeping that cost at a minimum should be to educate the end users on who to call when it goes down (because at the end of the day, everything goes down every now and then). If it’s a Mac OS X environment maybe you build everyone a widget that displays the availability page or a mash-up of multiple availability pages from vendors on a per-application basis. This would save a lot of wasted time for the service desk (although some users will still call there first).

Overall, there is no substituting an internal solution with one that is cloud-based; this includes both the good and the bad aspects. Internal servers take more resources to manage, there’s always the potential for infighting with the administrator of the application stack that resides on a server and of course, you need to buy the gear that the solution lives on. However, when you outsource that server, which is at the end of the day what you are doing when you employ a SaaS solution, then you end up with diluted ownership, powerlessness when the solution is unavailable, increased bandwidth utilization, feature lock and other negative impacts. There are a lot of arguments to both ends that can be made with regards to moving into any outsourced solution. But complaining about not being able to call a service desk without bothering to check availability nor what the contact information would be for said service desk is ludicrous. If you don’t know how to contact the SaaS vendor then it is more than likely the fault of our organization for not doing the due diligence to document the support scheme ahead of time (or said another way, did you really think Google would never go down, ’cause saying something like that makes ya’ look like a n00b).

Active Directory Mac OS X Server Mac Security Unix

Integrating Google Apps with Open Directory

Randy Saeks has posted a paper on integrating Open Directory with Google Apps. It’s a nice read and takes a lot of the guessing game out of getting Google Apps to authenticate users based on Open Directory. Many of the steps can also be leveraged to use the GoogleAppsToolkit for LDAP running on other platforms as well.

personal

Fun with Google Maps

Open up Google Maps and search for 8 Sampsonia Way, Pittsburgh, PA. This is one of the funniest things I’ve seen on Google Maps. There was an old picture of the 318 offices, which showed me going over the fence one day when I locked my keys in the office that I thought was funny (because it was me mostly), but this is way better – and it got me to thinking about what else people have come across that Google has captured in action.

Another that my wife mentioned to me is Liam Gallagher, frontman from Oasis, outside his favorite pub (he denies this is him btw). There are also some scantily clad women in Paris, a woman flashing the camera (now taken down) and a guy with his bum hangin’ out of his pants. Then there’s the guy getting carted off to jail (imagine trying to get out of that one) and of course, a guy picking up someone who is reportedly a prostitute.

I guess the take away from all this is that you just shouldn’t do anything in public that you don’t want plastered onto Google Maps. While Street View is called, by some critics, an affront to privacy, I think it’s great. There are a multitude of pictures of men going into strip clubs, people getting into fights and even people taking a crap on the street. Would people behave as badly in public as they often do if they knew there was a very, very small chance that a Google car would happen to be driving by at that very moment and catch them in the act. Not that some of these things I mentioned are behaving badly according to some cultural norms (although I’m pretty sure that dropping a big duke in the street is pretty much globally frowned upon). Which brings up my final point – in an increasingly globalized world, there are just some things (like sun bathing nude – also caught by the cameras) that are perfectly kosher in other societies that, while they may offend, are not OK in other parts of the world. There’s nothing new about it, but every day it gets even closer to real time.