The University of Massachusetts Amherst
Categories
Linux

Quick Guide to Patching Linux Icon Packs

One of the nice advantages of using Linux is the wealth of customization options available. A key area of  that customization are app icons. For those unfamiliar, it is similar to how icons change across Android versions, even though the apps themselves are often the same.

Now I could go over how to install icons packs, however there are countless sites who already explain the process very well, such as Tips on Ubuntu. As for obtaining icon packs, a great site is OpenDesktop.org, which among other things hosts a wide variety of free to use icon packs.

So, now onto something less commonly covered, patching icon sets (no coding or art skills required). First a little background, if you use one of the more popular icon packs, you’ll likely have no issues. However many of the smaller icon packs either only support certain distros or lack icons for lesser known programs.

Take for example my all time favorite icon pack, Oranchelo, it is geared mainly towards Ubuntu. Lately I’ve been using Fedora 28 and while some icons work liked they’re supposed to, others, which work in Ubuntu, do not. So why is that?

Each program has an icon name, and while many programs keep a consistent icon name across distros, this is not always the case, such as with some of the default Gnome apps in Fedora vs Ubuntu. To fix this we need to either change the app’s icon name or create symbolic links to the current icon name, the latter generally being the better option.

First we need to find the current icon name, for all common (and probably for the uncommon ones as well) Linux desktop environments the way to do this is:

cd /usr/share/applications/

Here you will see (using the ls command) a bunch of .desktop files, these are config files that set how a program will be shown on the desktop, such as what will it be called under English or under Polish, as well as what the icon should be.

I’ve already patched Oranchelo for most of my applications but I’ve yet to do it for the IceCat browser (located towards the bottom on the screenshot), so I’ll use it as an example. Since we already have our terminal located in the right folder, lets just search for the right .desktop file:

ls | grep -i icecat

From that command we now know that full name of the file is “icecat.desktop”. Now that we see the file, we just need to find what it’s icon name is:

cat icecat.desktop | grep -i icon

Now that we know what the icon is called (“icecat”, icon names aren’t always this simple), we needed to open up our installed icon pack, if you’re not sure where that is, look back on the install instructions you used for your pack and just find where you placed said pack.

I generally prefer to look at the icons in a graphical file manager, so that I can make sure I pick the right one.

So now that we’re in the file, we want to go into apps, then scalable. Here we have all our icons, once we found one that we like, we need to create a symbolic link.

Since Oranchelo doesn’t currently have an Icecat logo, I will use the firefox nightly icon.

Now we need to open a terminal at this location and do the following command (depending on where you installed your icons, you may or may not need to use sudo)

ln -s icon.svg desiredApp.svg

Or in my case:

ln -s firefox-nightly-icon.svg icecat.svg

Now all we need to do is toggle the icons, simply switch to the system default icon set and then switch back and the correct icons will show.

As you can see, the desired icon is now set for Icecat

However this is not the only way to patch icon sets, some icon sets are designed to only replace a small amount of icons, such as folders. These often use inheritance to fill the void, however you may not always like the set from which they inherit the remainder, or you may simply prefer if it inherited from a different set.

One of my favorite Gnome themes, Canta, comes with its own icon pack that replaces folders but inherits the rest from Numix icon pack, but since I haven’t installed Numix, it defaults to the system default. However, I have the Flat Remix pack installed, I’ll make it instead inherit from that.

As before, we need to go into the icon pack folder. Once we’re in the canta icon pack, we need to open up the index.theme file with a text editor (as before, depending on where it is installed, you may or may not need sudo).

A few lines from the bottom you will see a “Inherits=”. For Canta it is:

"Inherits=Numix-Circle,Adwaita,gnome,hicolor"

So if we want it to inherit from flat remix (provided flat remix is installed correctly), all we need to do is add it in, changing the line to:

"Inherits=Flat-Remix,Numix-Circle,Adwaita,gnome,hicolor"

Once you save the file, all the missing icons should be automatically inherited from Flat Remix.

Best of luck with all your Linux customization.

Categories
Linux Security Software

Hiding in Plain Sight with Steganography

Steganography is the process of hiding one file inside another, most popularly, hiding a file within a picture. If you’re a fan of Mr. Robot you are likely already somewhat familiar with this.

Although hiding files inside pictures may seem hard, it is actually rather easy. All files at their core are just text, so to hide one file into another it is just a case of inserting the text value of one file into another.

Even though this possible on all platforms, it is easiest to accomplish on Linux (although the following commands will probably work on Mac OS as well).

There are many different ways to hide different types of files, however the easiest and most versatile method is to use zip archives.

Once you create your own zip archive we can then append it to the end of an image file, such as a png.

cat deathstarplans.zip >> r2d2.png

If you’re wondering what just happened, let me explain. Cat prints out a file as text (deathstarplans.zip in this instance). Instead of printing to the terminal, >> tells your terminal to appends the text to the end of the specified file -> r2d2.png.

We could have also just done > however that would replace the text of the specified file, specifically the metadata of r2d2.png in this instance. This does work and it would still allow you to view the image… BUT r2d2.png would be easily recognized as containing a zip file and defeat the entire purpose.

Getting the file(s) out is also easy, simply run unzip r2d2.png. Unzip will throw a warning that “x extra bytes” are before the zip file, which you can ignore, basically just restates that we hid the zip in the png file. And so they files pop out.

So why zip? Tar tends to be more popular on Linux… however tar has a problem with this method. Tar does not parse through the file and get to the actual start of the archive whereas zip does so automatically. That isn’t to say its impossible to get tar to work, it simply would require some extra work (aka scripting). However there is another, more adavanced way, steghide.

Unlike zip, steghide does not come preinstalled on most Linux Distos, but is in most default repositories, including for Arch and Ubuntu/Linux Mint.

sudo pacman -S steghide – Arch

sudo apt install steghide – Ubuntu/Linux Mint

Steghide does have its ups and downs. One upside is that it is a lot better at hiding and can easily hide any file type. It does so by using an advanced algorithm to hide it within the image (or audio) file without changing the look (or sound) of the file. This also means that without using steghide (or at least the same mathematical approach as steghide) it is very difficult to extract the hidden files from the image.

However there is big draw back: steghide only supports a limited amount of ‘cover’ files – JPEG, BMP, WAV, and AU. But since JPEG files are a common image type, it isn’t a large draw back and will not look out of place.

To hide the file the command would be steghide embed -cf clones.jpg -ef order66.pdf

At which point steghide will prompt you to enter a password. Keep in mind that if you lose the password you will likely never recover the embedded file.

To extract the file we can run steghide extract -sf clones.jpg, assuming we use the correct password, the hidden file is revealed.

All that being said, both methods leave the ‘secret’ file untouched and only hide a copy. Assuming the goal is to hide the file, the files in the open need to be securely removed. shred is a good command which overwrites the file multiple times to make it as difficult to recover as possible.

shred -z order66.pdf

or to delete it automatically

shred -zu order66.pdf

Categories
Mac OSX

Restoring a MacBook with an Erased Hard Drive


If you’re anything like me, you will (or already have) accidentally wiped your Macbook’s ssd. It may seem like you just bricked your MacBook, but luckily there is a remedy.

The way forward is to use the built-in “internet recovery” which, on startup, can be triggered via pressing “cmd + R”.

There is a bit of a catch: if you do this straight away, there is a good chance that the Mac will get stuck here and throw up an error – error -3001F in my personal experience. This tends to be because the Mac assumes it is already connected to Wi-Fi (when its not) and gives an error after it fails to connect to apple servers. If instead your MacBook lets you select a Wi-Fi network during this process, you’re in the clear and can skip the next paragraph.

Luckily there is another way to connect, via apple’s boot menu. To get there, power the computer on, hit the power button and very soon after, hold the option key. Eventually you will see a screen where you can pick a Wi-Fi network.

Unfortunately if you’re at UMass, eduroam (or UMASS) won’t work, however you can easily connect to any typical home Wi-Fi or a mobile hotspot (although you should make sure you have unlimited data first).

Once you’re connected, you want to hit “cmd + R” from that boot screen. Do not restart the computer. If you had been able to connect without the boot menu, you should be already be in internet recovery and do not need to press anything.

Now that the wifi is connected, you need to wait. Eventually you will see the Macbook’s recovery tools. First thing you need to do is to select disk utility, select your Macbook’s hard drive and hit erase – this may seem redundant but I’ll explain in a moment. Now go back into the main repair menu by closing the disk utility.

Unless you created a “time machine” backup, you’ll want to pick the reinstall Mac OS X option. After clicking through for a bit, you will see a page asking you to select a drive. If you properly erased the hard drive a few moments before, you will be able to select the hard drive and continue on. If you hadn’t erased the drive again, there is a good chance no drive will appear in the drive selection. To fix that, all you have to do is to erase the drive again with the disk utility mention earlier – the one catch is that you can only get back to the recovery tools if you restart the computer and start internet recovery again, which as you may have noticed, is a slow process.

Depending on the age of your Macbook, there is a solid chance that you will end up with an old version of Mac OS. If you have two step verification enabled, you may have issues updating the the latest Mac OS version.

Out of my own experience, OS X Mavericks will not allow you to login to the app store if you have two step verification – but I would recommend trying, your luck could be better than mine. The reason why we need to App Store is because it is required to upgrade to High Sierra/the present version of OS X.

If you were unable to login, there is a work around – that is to say, OS X Mavericks will let you make a new Apple ID, which luckily are free. Since you will be creating this account purely for the sake of updating the MacBook, I wouldn’t recommend using your primary email or adding any form of payment to the account.

Once you’re logged in, you should be free to update and after some more loading screens, you will have an fully up-to-date MacBook. The last thing remaining (if you had to create a new Apple ID) is to log out of the App Store and login to your personal Apple ID.

Categories
Linux Operating System Web

Arch Linux and Eduroam on a Raspberry Pi, No Ethernet Cable Required


Raspbian may be the most common OS on Raspberry Pi devices, but it is definitely not alone in the market. Arch Linux is one such competitor, offering a minimalist disk image that can be customized and specialized for any task, from the ground up – with the help of Arch Linux’s superb package manager, Pacman.

The office website for Arch Linux Arm contains all the necessary files and detailed instructions for the initial setup. After a reasonably straightforward process, plugging in the Raspberry Pi will great you with a command line interface, CLI, akin to old Microsoft DOS.

Luckily for those who enjoy a graphical interface, Arch Linux supports a wide variety in its official repository, but for that, we need the internet.  Plenty of tutorials detail how to connect to a typical home wifi, but Eduroam is a bit more challenging. To save everyone several hours of crawling through wikis and forums, the following shall focus on Eduroam.

To begin, we will need root privilege; by default this can be done with the following command:

su

After entering the password, we need to make the file:

nano /etc/wpa_supplicant/eduroam

Quick note: The file doesn’t need to be named eduroam.

Now that we’re in the nano text editor we need to write the configuration for eduroam. Everything except the indentity and password field needs to be copied exactly. For the propose of this Tutorial I’ll be John Smith, jsmith@umass.edu, with password Smith12345.

network={
			ssid=”eduroam”
			key_mgmt=WPA-EAP
			eap=TTLS
			phase2=”auth=PAP”
			identity=”jsmith@umass.edu”
			password=”Smith12345”
	}

Quick note: the quotation marks are required, this will not work without them.

Now that that’s set, we need to set the file permissions to root only, as its never good to have passwords in plain text, unsecured.

chmod og-r /etc/wpa_supplicant/eduroam

Now just to make sure that everything was set properly, we will run

ls -l /etc/wpa_supplicant | cut -d ' ' -f 1,3-4,9

The correct output should be the following

-rw------- root root eduroam

If you named the config file something other than eduroam, it will show up on the output as that name.

Now that that’s all set, we can finally connect to the internet.

wpa_supplicant -i wlan0 -c /etc/wpa_supplicant/eduroam &

Provided everything is set correctly, you will see “wlan0: link becomes ready” halfway through the last line of the page, hit enter and just one more command.

dhcpcd

Now, just to check we’re connected, we’ll ping google

ping google.com -c 5

If everything is set, you should see 5 packets transmitted, 5 packets received.
Now that we’re connected, its best to do a full update

pacman -Syyu

At this point, you are free to do what you’d like with Arch. For the sake of brevity I will leave off here, for extra help I highly recommend the official Arch Linux Wiki. For a graphical UI, I highly recommend setting up XFCE4, as well as a network (wifi) manager.

 

Example of a customized XFCE4 desktop by Erik Dubois

 

 

Disclaimer: UMass IT does not currently offer technical support for Raspberry Pi.