Announcing Pastee Droid

Pastee Droid IconPastee Droid is an Android client for “the secure pastebin” Pastee!
Supports Paste encryption. If encryption is selected pastes are encrypted (AES-256) with a password. A SHA-256 hash of the password is stored in the database, not the passphrase itself, which ensures that only those who know the password will be able to view the content of your paste. All traffic is sent over SSL

Supports over 100 languages. Languages are listed in order of common (C, Java , Text Only, etc) , other (ActionScript, Debian Source File, etc ) and combo (XML+Ruby , HTML+Django/jinja, etc) .

Supports pastes of up to 200,000 characters

Pastes are not listed. Pastee assures users that it will never list or index your pastes for any reason. Privacy and security are essential to Pastee.

Paste IDs are carefully chosen , this makes them less susceptible to crawling bots. Paste ID’s are short and easy to remember if you must.

Pastee Droid supports sharing of pastes via various apps such as twitter , text message , email etc.
Pastee Droid also supports URL-shortening .Just paste a URL and it will be shortened .
Pastes have reasonable expire times. An hour , a day , a week , a month and a year.

For more information on Pastee see https://pastee.org/about

“Pastee Droid” is copyrighted by Technologique Park
“Pastee” is copyrighted by Pastee
The Pastee Droid Logo is a modification based on work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution License. Original can be found at http://www.android.com/developers/branding.html

This slideshow requires JavaScript.

HashPass Desktop

In my previous post I introduced the android app HashPass which I made and briefly discussed that there was a command line version available for the desktop. This post is a follow up explaining the modes of operation of the command line version.

Basically it was made to supplement the android app. It has two modes of operation and they are as follows:

method 1: The text is specified inline

python hashPass.py algorithm text_to_be_hashed

tpa@tortoise:~$ python hashPass.py md5 test
098f6bcd4621d373cade4e832627b4f6
tpa@tortoise:~$

method 2: The text is specified at runtime

python hashPass.py algorithm

tpa@tortoise:~$ python hashPass.py md5
Enter the text to be hashed and press enter.
test
098f6bcd4621d373cade4e832627b4f6
tpa@tortoise:~$

The reason there are two methods is that if you normally use the first one listed above the text or password in this case would be saved in your shell history file so the second one is the recommended and safer method to use. The first method is there is case users wishes to hash any text but was mainly added so it can be run inside other scripts . Lets say you wish to hash a lot of passwords and you want to save the output to some file. Assuming pass is the password you wanted to hash, you would save the following to a file

#!/usr/bin/env bash

#sample script to demonstrate the first method of hashPass

printf “pass for site 1: ” ; python ~/bin/hashPass.py md5 pass
printf “pass for site 2: ” ; python ~/bin/hashPass.py sha1 pass
printf “pass for site 3: ” ; python ~/bin/hashPass.py sha256 pass
printf “pass for site 4: ” ; python ~/bin/hashPass.py sha512 pass

Then change the permissions of the file with chmod u+x filename.sh

The output produces

pass for site 1: 1a1dc91c907325c69271ddf0c944bc72
pass for site 2: 9d4e1e23bd5b727046a9e3b4b7db57bd8d6ee684
pass for site 3: d74ff0ee8da3b9806b18c877dbf29bbde50b5bd8e4dad7a3a725000feb82e8f1
pass for site 4: 5b722b307fce6c944905d132691d5e4a2214b7fe92b738920eb3fce3a90420a19511c3010a0e7712b
054daef5b57bad59ecbd93b3280f210578f547f4aed4d25

The algorithms are the same one available in the android application. MD5 , SHA1, SHA256 & SHA512.

Installation

Windows

Download and install python from http://www.python.org/download

I tested it with python 2.7 on windows xp

Once installed open up a command prompt.

You then add python to the PATH with

PATH C:\Python27;%PATH%

If you run into trouble in this step see http://docs.python.org/faq/windows#how-do-i-run-a-python-program-under-windows . This way only temporarily adds python to the path

To keep the path in memory right click my computer > properties > advanced > environment Variables and then add ;C:\Python27 on to the PATH variable
like so

MyComputer Properties

MyComputer Properties

Environment Variables

Environment Variables

Add Python to Path

Add Python to Path

Now you can navigate to the directory where the script is with cd. For this example we will assume it is on the desktop

example cd Desktop

Now to run the script we can use the same methods listed above, using the second method we get the same result

python hashPass.py md5
Enter the text to be hashed and press enter.
test
098f6bcd4621d373cade4e832627b4f6

— Linux/unix

Linux users should have python and hashlib installed if no they will be in your distro’s repository.

—  Mac OSX

Like linux python should be installed by default in mac. Instructions are the same to run it in mac as they are in linux.

Hope you find the Hash Pass mobile and desktop versions useful.

Announcing HashPass

HashPass Icon

HashPass Icon

HashPass allows a user to input a password or any text and generate a hash from it.

Generally a secure password is hard to remember so users tend to opt for easy to remember passwords. These passwords are also easy to crack. This app aims to address that by allowing the user to use hashes in place of their passwords on various sites.

Example: a user may have a password such as “computer” (a bad one) that would be easily cracked in a dictionary attack.

Where as the md5 hash generated from computer is
df53ca268240ca76670c8566ee54568a which is not easy to guess or dictionary attack.

There are currently four algorithms available in the app. MD5 , SHA1 , SHA256 & SHA512.

This allows the user to use the same password for four different sites and a different hash for each.

For your banking or email you could use the SHA512 hash of your chosen password . In the computer example the hash is

922d076069b1df893fc010b7a6d2aa55c7c4c5d194f163394a4c864de5754131c17bfa94ac166

7f56b5181cc7eca5dc3a09444caee6eecf16114926bb29f7e79

The hashes are automatically copied to the clipboard for convenience. This allows you to paste it into an app such as facebook or an email app.

This slideshow requires JavaScript.

If a database is compromised which is insecurely storing the passwords and your passwords (your generated hash) was obtained . The other three sites (with different hashing algorithms) would be safe.

Using hashes as passwords also makes an attack more computationally expensive as each string (sequence of characters) has to be hashed first before submitting it as the password. Also that factor is multiplied by 4 as the attacker does not know which algorithm you may have chosen.

You could also paste the output of the initial hash as the input with different functions for more options. Just remember the algorithms and the order you chose if you do.

I have also made an open sourced command line desktop version which is written in python and can be downloaded from https://minus.com/mBDxG4GLu/
This app respects users privacy and no data is recorded about the user. The Internet permission is required to serve the ads.

Announcing Bodha Converter

Bodha Converter

Bodha Converter default screen

Bodha Converter is an android app I made a while ago which I only got around to publishing recently. It allows users to convert between Binary, Octal, Decimal, Hex and Ascii with a zen like approach.

It supports general (Binary , Octal , Decimal and Hex ) conversions up to 2^63-1 in their respective formats. It also supports Ascii characters in the range of NUL to DEL (0 – 127)

A convenient table is also included for quick lookups also in the range of 0 – 127

This app collects no personal data. The internet permission is only required to serve advertisements. It can be obtained from the google play marketplace 

Hope you find it useful.

 

 

 

 

Upgraded to Cyanogen Mod 7

I recently upgraded my old HTC Hero from CM6 to 7 . The install process was pretty painless largely due to the fact I had the bulk of the work done from when I installed CM6 previously.

The upgrade and install process

I used rom manager to download and flash the rom and google tools but not before backing up my applications and data. I used the well known titanium backup for this . Once this was completed I chose to wipe the dalvik cache and system data and proceeded to install the rom via rom manager.

The install process completed fairly quickly and within no time I was back up and running . I had previously read a few reports of the rom behaving sluggishly and some people having problems, so I was anxious to ensure all the essentials worked.

Wifi , camera , gps , audio and the rest worked fine with no problems. I did notice the rom feeling a little sluggish though. To remedy this I went into the settings and overclocked the processor the 710Mhz . I tried to push it higher but it kept shutting down . Also another thing I did was to install launcher pro as the default dock instead of ADW that comes with the rom by default. I found these tweaks to greatly improve the speed and responsiveness of the rom.

So how does it compare to CM6 ?

Overall the rom seems to be more responsive , I had applied the same tweaks to CM 6 also so I’m not sure how much of a difference there really is in terms of speed or whether it is mainly the placebo effect.

In the previous version I had to install setCpu to overclock the processor while this rom had the option built into the settings. This made it very convenient and saves space too.

The UI looks a lot sleeker this time around and allows for greater theming options. Some examples  are the status bar , the dialer , the keyboard.

CM7 also has the ability to take screenshots by default which saves me having to connect it to ADB via USB to take them.

 

Conclusion

Overall I am very pleased with the performance and quality of the rom and I would like to take this time to thank the cyanogen mod community for the hard work they put into their releases and for keeping the older models alive.

 

My current setup

 

Fresh CM7 Setup