[1381493.960771] Buffer I/O error on device sda5, logical block 380731029
[1381493.960771] Buffer I/O error on device sda5, logical block 380731030

This means the bad LBA is 380731029. so, we need to determine the partition offset next. To do this, we do the following:

# sfdisk -luS /dev/sda

Disk /dev/sda: 1430807 cylinders, 64 heads, 32 sectors/track
Warning: extended partition does not start at a cylinder boundary.
DOS and Linux will interpret the contents differently.
Warning: The partition table looks like it was made
  for C/H/S=*/255/63 (instead of 1430807/64/32).
For this listing I'll assume that geometry.
Units = sectors of 512 bytes, counting from 0

   Device Boot    Start       End   #sectors  Id  System
/dev/sda1            63  19535039   19534977  83  Linux
/dev/sda2      19535040  21494969    1959930  82  Linux swap / Solaris
/dev/sda3      21494970 2930288129 2908793160   5  Extended
/dev/sda4             0         -          0   0  Empty
/dev/sda5      21495033 1475891549 1454396517  8e  Linux LVM
/dev/sda6     1475891613 2930288129 1454396517  8e  Linux LVM

We subtract 21495033 from 380731029 to yield 359235995.  Next, we determine the extent size in kilobytes:

# pvdisplay /dev/sda5
  --- Physical volume ---
  PV Name               /dev/sda5
  VG Name               aurora-1
  PV Size               693.51 GB / not usable 2.55 MB
  Allocatable           yes
  PE Size (KByte)       4096 <-- 4096KB.
  Total PE              177538
  Free PE               2114
  Allocated PE          175424
  PV UUID               mz2kUU-h19J-CpBc-Q0lX-Spq7-D3hg-qoexGa

A kilobyte is 1024 bytes.  An LBA block is 512 bytes.  So we multiply 4096 by 2 (8192), and divide 359235995 by 8192 giving us 43852, which is the extent number on the physical volume.  The next step is obvious, read through /etc/lvm/backup/vgname until you find a volume that extent 43852 falls between!  Then recover the data off of that volume and stop using it (or maybe try badblock recovery or something).

It should be noted that right now, libamz 0.1.0 does not really support the enhanced content so you should buy the normal MP3 albums unless the enhanced content album is cheaper for some reason.  But since I have purchased such a file, I will release a 0.2.0 release shortly which also downloads the other data.

You can edit the cookie with a Firefox extension called, ironically, “Edit Cookies“.  In Chrome, you can use the “Edit This Cookie” extension, but I don’t use Chrome very much so I haven’t tried it.

$ whois torrent-finder.com
[Querying whois.verisign-grs.com]
[Redirected to whois.godaddy.com]
[Querying whois.godaddy.com]
[whois.godaddy.com]
The data contained in GoDaddy.com, Inc.'s WhoIs database,
while believed by the company to be reliable, is provided "as is"
with no guarantee or warranties regarding its accuracy.  This
information is provided for the sole purpose of assisting you
in obtaining information about domain name registration records.
Any use of this data for any other purpose is expressly forbidden without the prior written
permission of GoDaddy.com, Inc.  By submitting an inquiry,
you agree to these terms of usage and limitations of warranty.  In particular,
you agree not to use this data to allow, enable, or otherwise make possible,
dissemination or collection of this data, in part or in its entirety, for any
purpose, such as the transmission of unsolicited advertising and
and solicitations of any kind, including spam.  You further agree
not to use this data to enable high volume, automated or robotic electronic
processes designed to collect or compile this data for any purpose,
including mining this data for your own personal or commercial purposes. 

Please note: the registrant of the domain name is specified
in the "registrant" field.  In most cases, GoDaddy.com, Inc.
is not the registrant of domain names listed in this database.

Registrant:
 Torrent Finder
 15 Alexandria St.
 N/A
 Alexandria,  55555
 Egypt

 Registered through: GoDaddy.com, Inc. (http://www.godaddy.com)
 Domain Name: TORRENT-FINDER.COM
 Created on: 30-Dec-05
 Expires on: 30-Dec-11
 Last Updated on: 04-Oct-10

 Administrative Contact:
 Gadelkareem, Waleed  kurtubba@gmail.com
 Torrent Finder
 N/A
 N/A
 Alexandria,  55555
 Egypt
 20121578967      Fax -- 2034411838

 Technical Contact:
 Gadelkareem, Waleed  kurtubba@gmail.com
 Torrent Finder
 N/A
 N/A
 Alexandria,  55555
 Egypt
 20121578967      Fax -- 2034411838

 Domain servers in listed order:
 NS51.DOMAINCONTROL.COM
 NS52.DOMAINCONTROL.COM
$

Alright, the WHOIS information looks as if the domain hasn’t been seized by GoDaddy.  So, we can write them off the list for this one (which is shocking, given the fact that GoDaddy has been more than happy to suspend domains in the past.)  Lets try a DNS trace using a public DNS server (in this case, 4.2.2.1 hosted by Level3):

$ dig torrent-finder.com +trace @4.2.2.1

; <<>> DiG 9.7.1-P2-RedHat-9.7.1-2.P2.fc13 <<>> torrent-finder.com +trace @4.2.2.1
;; global options: +cmd
.            33799    IN    NS    c.root-servers.net.
.            33799    IN    NS    j.root-servers.net.
.            33799    IN    NS    e.root-servers.net.
.            33799    IN    NS    b.root-servers.net.
.            33799    IN    NS    d.root-servers.net.
.            33799    IN    NS    a.root-servers.net.
.            33799    IN    NS    f.root-servers.net.
.            33799    IN    NS    g.root-servers.net.
.            33799    IN    NS    i.root-servers.net.
.            33799    IN    NS    h.root-servers.net.
.            33799    IN    NS    k.root-servers.net.
.            33799    IN    NS    m.root-servers.net.
.            33799    IN    NS    l.root-servers.net.
;; Received 228 bytes from 4.2.2.1#53(4.2.2.1) in 28 ms

4.2.2.1 is giving us exactly what we asked for here: the root-servers, which are maintained by IANA (part of ICANN), now lets query one of them:

com.            172800    IN    NS    l.gtld-servers.net.
com.            172800    IN    NS    e.gtld-servers.net.
com.            172800    IN    NS    i.gtld-servers.net.
com.            172800    IN    NS    k.gtld-servers.net.
com.            172800    IN    NS    f.gtld-servers.net.
com.            172800    IN    NS    h.gtld-servers.net.
com.            172800    IN    NS    m.gtld-servers.net.
com.            172800    IN    NS    c.gtld-servers.net.
com.            172800    IN    NS    g.gtld-servers.net.
com.            172800    IN    NS    j.gtld-servers.net.
com.            172800    IN    NS    d.gtld-servers.net.
com.            172800    IN    NS    a.gtld-servers.net.
com.            172800    IN    NS    b.gtld-servers.net.
;; Received 496 bytes from 128.8.10.90#53(d.root-servers.net) in 72 ms

When asked about a noncached response for ‘torrent-finder.com’, they redirected us to the gtld-servers, which are run by VeriSign, lets ask one of those servers now:

torrent-finder.com.    172800    IN    NS    ns1.seizedservers.com.
torrent-finder.com.    172800    IN    NS    ns2.seizedservers.com.
;; Received 118 bytes from 192.43.172.30#53(i.gtld-servers.net) in 167 ms

Hmm, the GTLD-SERVERS are not replying with NS51.DOMAINCONTROL.COM and NS52.DOMAINCONTROL.COM, instead we get NS1.SEIZEDSERVERS.COM and NS2.SEIZEDSERVERS.COM:

torrent-finder.com.    86400    IN    A    74.81.170.110
torrent-finder.com.    86400    IN    NS    ns1.torrent-finder.com.
torrent-finder.com.    86400    IN    NS    ns2.torrent-finder.com.
;; Received 120 bytes from 74.81.170.108#53(ns2.seizedservers.com) in 78 ms

$

Alright, it’s obviously not ICANN, but Verisign.  Lets see what they say when asked directly about this:

$ nc whois.verisign-grs.com nicname
torrent-finder.com

Whois Server Version 2.0

Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.

 Domain Name: TORRENT-FINDER.COM
 Registrar: GODADDY.COM, INC.
 Whois Server: whois.godaddy.com
 Referral URL: http://registrar.godaddy.com
 Name Server: NS1.SEIZEDSERVERS.COM
 Name Server: NS2.SEIZEDSERVERS.COM
 Status: clientDeleteProhibited
 Status: clientRenewProhibited
 Status: clientTransferProhibited
 Status: serverDeleteProhibited
 Status: serverTransferProhibited
 Status: serverUpdateProhibited
 Updated Date: 24-nov-2010
 Creation Date: 30-dec-2005
 Expiration Date: 30-dec-2011

>>> Last update of whois database: Sun, 28 Nov 2010 07:28:43 UTC <<<
$

Hmm, what does serverUpdateProhibited status mean? According to RFC2832bis:

SERVERUPDATEPROHIBITED: The registry sets the domain to this status.
Requests to update the domain name (except to remove this status)
MUST be rejected. The domain name can be transferred, renewed, or
deleted. The domain SHALL be included in the zone when in this
status if the domain has at least one delegated name server.

This means that the registry administrator (e.g. VeriSign) has locked the domain out.  If it were ICANN, it would be blocked at the root-servers, not at the registry level, that is, it wouldn’t be making it to VeriSign-GRS at all.

I wonder what other domains are serverUpdateProhibited now.

A prerelease of upse2, upse-1.90 will be made within the next few days.  I would like to give thanks to TMM and kode54 for contributing code and ideas to this release, as well as the people who generally test UPSE snapshots for accuracy and playback compatibility.

pr0ncollage is a side-project I started hacking on a couple of days ago.  It works by scraping images from Twitter and collaging them.  As the program continues to iterate, it blends it’s new image selections into the same canvases resulting in a crossfaded display between two constantly evolving images.

The interesting aspect of this project is that the images are displayed without context and disappear as quickly as they are added into the image.  Full details will be available on a project page on this site when I finish this program up.

In the meantime, you can clone the hg repository by doing:

$ hg clone http://hg.atheme.org/users/nenolod/pr0ncollage
$ sh autogen.sh
$ ./configure
$ make
$ sudo make install

You will need GNOME development headers (e.g. gtk+/cairo/libsoup/libxml2)  installed, these are available in almost every Linux/UNIX distribution.

Instead, to do this efficiently, we use the kernel routing table.  The reason why we use the kernel routing table is because, typically, it is a radix trie which uses IP masks as keys.  This is a lot faster than iterating through thousands of iptables rules and has the same effect – since an outbound route is blocked, replies can’t be received by the hostile IP, which means that connections can’t be set up, as they require a three-way handshake.

Linux defines RTN_BLACKHOLE as the flag used to define nullroutes.  This flag is supported by the IPv4, IPv6 and DECnet routing tables.

To add an outbound nullroute, simply do the same thing as you would an inbound nullroute on your firewalling box:

# ip route add blackhole 192.168.1.1/32

Deleting works like this:

# ip route del blackhole 192.168.1.1/32

If you use FreeBSD or NetBSD or MacOS, it’s something like that. On FreeBSD, it’s:

# route add -host 192.168.1.1 127.0.0.1 -blackhole
# route del -host 192.168.1.1 127.0.0.1 -blackhole

I don’t know what it is on NetBSD, but I would guess that it’s the same.

The cool thing about this is that if you can aggregate your banlists to network boundaries, you can actually set them as nullroutes in CIDR format and it makes things even faster.  Mind, ruleset aggregation also improves netfilter’s performance, but this is considerably more scalable than using netfilter.  Netfilter (iptables) should be used when you actually need to do filtering, the routing table should be used when you want to ban IPs outright – that’s why the networking stack has blackhole functionality.

there’s a lot to do still, mostly getting the IOP calls working and calling into the IOP modules from the CPU. the MAME-based CPU code used in HE and friends is rather buggy so we can’t really know if it’s right – it doesn’t seem to be. but we load, parse and start psf2.irx now! which is a pretty big deal if you ask me.

this means that upse2 might get released by the end of the year. i’m also working on trying to figure out a way to implement it as a codec in android as an opencore module, but i have no idea how long that will take yet.

To all users,

The admin voting session for a delink of iuturna.sorcery.net, called yesterday,  has closed. The verified results state that unfortunatly, Iuturna has to be delinked.
As iuturna is probably soon to removed from pools and the iuturna.sorcery.net address rerouted, users connecting directly to iuturna are advised
to change their connection settings to either the worldwide irc.sorcery.net or local server pools.

We would like to take this opportunity to thank Onno and the rest of his team for their years of devoted service to this network.

–Votemasters

What? I mean no offense here, but all of the other server admins have delinked from SorceryNet over politics before.  Onno on the other hand, has stuck with it.  Now he is being punished for being on holiday when it became time to upgrade the server software.  The worst part of this is that it was done behind his back, and more importantly, the users’ backs, which is not allowed by SorceryNet’s charter, created to, in part, protect users from DALnet-style corruption:

5.1 Applying Servers.

a) Linking or delinking a server permanently to the network requires a vote of the Admins, with the CFD held on the public mailing list.  Linking a server requires a 2/3 majority in favor of the application.

I’ve added some emphasis in bold.  There was no public CFV, just an announcement.  If you’re a SorceryNet user, this means that the administrative body has now wronged you, and it is likely that this is only the first step.

I suggest that you ask questions and vote with your feet, especially if you are a channel owner.  It is obvious that the administrative body cannot be trusted anymore because they are in the process of violating the charter.  If you’re running an RP channel, DarkMyst may be an appropriate replacement for your needs [disclosure: I do presently sponsor infrastructure for DarkMyst, but would not do so if I felt that the administrative process was acting in an unethical manner].  Technical channels may find a home on freenode or OFTC.  StaticBox is a spinoff of SorceryNet started due to previous ethical concerns and features many of the old SorceryNet operators [disclosure: I am an admin on StaticBox].

Even if you do not vote with your feet, you should be asking the administration why they do not follow their own charter.  SorceryNet is nothing without its’ users, so it owes its’ users a proper explanation for what happened here.

Also, apparently I was akilled in my absence because I had the gall to enforce charybdis’ trademarks.  Keep it classy, SorceryNet.

Note: This does not allow you to get MP3s for free.  It only allows you to download MP3s you have bought, as you have to have proof of purchase (e.g. the AMZ file that they give you).

I intend to write a GTK+ frontend soonish, but a usable commandline client was better than nothing.  You may download the code from my mercurial repository by doing:

$ hg clone http://hg.atheme.org/users/nenolod/libamz
$ cd libamz
$ sh autogen.sh
$ ./configure
$ make
$ sudo make install

You can then use amzdecrypt to view the raw underlying XSPF playlist, amzls to view a track listing and amzdl to download the music referenced by the AMZ file.

Have fun!

Here is what we have going on, it is pretty awesome:

nenolod@mimoki:~$ ./signedelf
Hello world!
nenolod@mimoki:~$ ./modifiedelf
bash: ./modifiedelf: Permission denied
nenolod@mimoki:~$ ./unsignedelf
bash: ./unsignedelf: Permission denied
nenolod@mimoki:~$ dmesg | grep elf
[ 3106.217384] signed-elf: Allowing execution of /home/nenolod/signedelf due to VALID_SIGNATURE.
[ 3113.944013] signed-elf: Disallowing execution of /home/nenolod/modifiedelf due to INVALID_SIGNATURE.
[ 3113.944013] signed-elf: Trusted key is in keyring; but calculated checksum of binary does not match.
[ 3120.027148] signed-elf: Disallowing execution of /home/nenolod/unsignedelf due to UNSIGNED.

The plan is to upstream this work in the 2.6.38 merge window.  Right now, the trust policy is controlled through a sysctl.  This is just a preview of what is to come.

No, seriously, getting paid to hack on Linux is pretty awesome.