Stop google-chrome from hijacking MIMEs

For some idiotic/evil reason Google Chrome is hijacking MIME associations in Linux (configuration that decided which applications opens a particular file type).

This happens every time Google Chrome is updated. It is absolutely idiotic for Firefox to have an image opened by Chrome, yet I have reset it numerous times to no avail (purged all mentions of chrome from /etc/mailcap and various copies of mimeapps.list).

I would not use Chrome, except I have to due to lazy Slack devs, and other corporate torture tools that only made for IE6 of `20.

My preferred solution would have been apt remove google-chrome, but alas I have to endure this piece of malware.

The “Fix” is to utilise Apparmor and prevent the chrome from ever messing with MIMEs (sorry for SELinux types, I can’t be bothered…). In my opinion if you are running chrome as a secondary browser, it should not be associated with anything, ever.

Assumptions: chrome is installed in /opt/google/chrome, The distro is running apparmor (not SELinux) and there is no existing profile already.

Create the apparmor profile:

/etc/apparmor.d/opt.google.chrome.chrome
abi <abi/3.0>,

include <tunables/global>

/opt/google/chrome/* {
  include <abstractions/base>
  #allow by default almost everything
  capability,
  file,
  network,
  dbus,
  unix,
  signal,
  ptrace,
  
  # stop behaving like malware and fucking up my MIMEs
  audit deny /**/mimeapps.list rw,
  audit deny /usr/share/applications/defaults.list rw,
  audit deny /**/xdg-mime x,

}

Note: If you have an existing profile already just add these lines:

  audit deny /**/mimeapps.list rw,
  audit deny /usr/share/applications/defaults.list rw,
  audit deny /**/xdg-mime x,

Enable the profile:

aa-enforce /etc/apparmor.d/opt.google.chrome.chrome

Restart chrome.

Warning: this apparmor profile is equivalent to almost no restrictions except for the mime related stuff, and thus cannot be used to “secure” chrome without extensive modifications.

To fix the MIMEs after google messed it up:

sudo sed -i '/google-chrome.desktop/d' /usr/share/applications/defaults.list
sudo sed -i '/google-chrome-stable/d' /etc/mailcap
sudo sed -i 's/google-chrome.desktop;//' /usr/share/applications/mimeinfo.cache 

Removing Annoying Secure Wifi from Samsung phones

If you made a mistake of buying a Samsung Android phone, I pity you. Nevertheless at least it is still an Android and the blatant greedy double dipping can be addresses via the ADB.
Specifically Samsung pushed non-removable Secure WiFi adware, that abuses notifications to display advertisements for their paid VPN service.

To remove such crapware you need the ADB.

Samsung pulled a sneaky one and named the package in an obscure way.
Here is the adb shell command:

pm uninstall -k --user 0 com.samsung.android.fast

Here is a how to install ADB.

A peculiar case of I/O errors with cheap SFF-8643 cables

This saga could also be named “Why my very expensive LSI 9305-24i drops disks?”.

I recently acquired (from ebay as I cannot justify giving $2000NZ to local scumbags) an LSI 9305-24i controller to drive a 24bay NAS.

The reason switching from LSI 9112-8i with RES2CV360 SAS2 expander is because the LSI 9112-8i is bottlenecked by the 8x PCIe 2.0, thus limiting the throughput of a 24 disk array to about ~100MB/s per disk.

The LSI 9305-24i made a significant boost in the performance, with ~200MB/s (maxing out Seagate Ironwolfs) per disk.

Continue reading A peculiar case of I/O errors with cheap SFF-8643 cables

Approximating SoC of a Lithium Ion battery using atan

I recently deep-dived into a topic of look up tables and interpolation simply because I wanted to have relatively simple representation of State of Charge for one of my projects. The difficulty I found is that the LiFePO4 batteries have a very flat discharge curve and are really hard to approximate.

Continue reading Approximating SoC of a Lithium Ion battery using atan

High Side Power Switch for a microcontroller

High Side Power Switch for a Microcontroller

Notes: The MOSFET is of a P-Channel type, can be pretty much any P-Channel as long as the On-Resistance is low and it can sustain sufficient current. The NPN transistor can also be pretty much anything with sufficient hfe (>50), and can tolerate >100mA collector current spikes.

Continue reading High Side Power Switch for a microcontroller

Interfacing PTC06 UART camera with micropython

For a while I was looking a simple camera that I could use with micropython and ESP32 board.

Initially I looked at Arducam 2MP camera, but that turned out to be a real pain to interface with, and it took up way to many IO pins for my liking. The micropython is barely fast enough to actually do handle the packets. Of course there weren’t off the shelf library to do what I wanted. In addition the image quality was not great, even though it was a 2MP camera.

I decided to try a low cost UART (serial) camera instead. Downside is the camera only 640×480, the upside is that the power consumption is around 30mA (half of what the Arducam is). Another upside that the camera is physically smaller (specifically the lens). Most importantly the UART protocol the camera uses is very simple, and it only needs two IO pins to operate.

Continue reading Interfacing PTC06 UART camera with micropython

Interfacing INA219 Board with micropython

I needed a solution to monitor both current and voltage for my battery powered microcontroller projects.

The gotcha was in the measured input being above the Vcc of the microcontroller.

I found INA219 based boards to be suitable. Except there was no library for micropython (which I use for quick prototyping and generally get things done).

Continue reading Interfacing INA219 Board with micropython

Predatory practices of Dash Cam manufacturers

Recently I was contacted regarding my dash cam GPS coordinate extraction script. The request was regarding wrong data being produced. I have addressed something similar in the past, so I decided to have a go at this one (I like a challenge).

Unfortunately I was presented with this:

00052eb0  00 20 00 00 63 6c 75 72  00 00 40 00 66 72 65 65  |. ..clur..@.free|
00052ec0  47 50 53 20 f0 03 00 00  59 6e 64 41 6b 61 73 6f  |GPS ....YndAkaso|
00052ed0  43 61 72 00 00 00 00 00  00 00 00 00 00 00 00 00  |Car.............|
00052ee0  00 00 00 00 00 00 00 00  16 00 00 00 16 00 00 00  |................|
00052ef0  39 00 00 00 e5 07 00 00  04 00 00 00 08 00 00 00  |9...............|
00052f00  41 4e 57 00 00 00 00 00  ad bb 79 aa 9f 20 c6 40  |ANW.......y.. .@|
00052f10  c9 fd 0e 45 91 98 c1 40  37 a6 75 41 33 33 a7 41  |...E...@7.uA33.A|
00052f20  33 58 5a 55 4e 4e 31 35  39 35 32 39 37 34 36 35  |3XZUNN1595297465|
00052f30  59 4e 44 53 01 00 00 00  00 00 00 00 00 00 00 00  |YNDS............|
00052f40  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|

Poking about I realised the data is not simply obfuscated…

Eventually I stumbled upon this:
https://exiftool.org/forum/index.php?topic=11320.0

According to exiftool forum the player uses an internet service to decode the data, which is a huge bummer.

I will try to decompile the player but at this stage I don’t believe I will have any success.

To add an insult to injury the dash cam manufacturer asked the dash cam owner not a small amount of money to decrypt these coordinates. Actually you could outfit a small fleet with new cameras from Viofo for the amount of money they asked.

So here are the brands so far to avoid (do not buy them):

AkasoCar
ANKEWAY

or any brand that requires their own player to playback the coordinates.

nvtk_mp42gpx.py revisited – now with TS support

It appears that not only my quick hack of a script is popular but also that the dashcam manufacturers keep changing things.

In this case the biggest change (beyond utterly stupid data obfuscation) is the switch to the TS format.

In retrospect TS format is an obvious choice for something like dashcam as it is very resilient to crashes (no pun intended).

TS format unlike the MP4/MOV format is very simple, it is pretty much made up of fixed 188 byte segments which have ASCII ‘G’ as a header. The actual payload lives in last 184 bytes while the first 4 bytes are reserved for header (of course this is all simplified).

The biggest difficulty of adding TS functionality is that Blueskysea B4K camera was engineered by sadists and they split the payload into two packets (arbitrary cutting off at the seconds 4 bytes). If you are the person at the BlueSkysea who made this obfuscation – fuck you.

In anyway this update is massive rewrite.
Just to make it easy here is the script: nvtk_mp42gpx.py

Remove Google’s Digital Wellbeing spyware from Android via ADB

Recently my phone has been updated to Android 10, with it I found the Digital Wellbeing spyware reinstalled and now fully baked in (no uninstall or disable option).

The prerequisite for this process: you need ADB (the installation of which will not be covered here). No root needed (yet).

Here is the ADB command you need to run:
adb shell pm uninstall -k --user 0 com.google.android.apps.wellbeing

This change is semi-permanent, if you want this nagware back, I can’t really help you (you might be able to reinstall it from the store).

I do not understand the reason one would use this app. If you think you spend too much time on your phone, you don’t need an app to tell you that. My phone is a tool, and having some lock-out and nagging (self-inflicted!) on your own device is absurd.

It is absurd to bake this app in, the only reason is to spy on its users more.

If you hate this app (and everything it stands for) as much as me give it one star on the google play store.