Speed up badblocks check

Having ordered an external hard drive from China… let me rephrase that; having ordered a really cheap hard drive from an unknown source at the farthest side of the world, getting it handled by the not so delicate hands of the Mexican post office, and getting it delivered to my door by bicycle, of course I had to check it thoroughly before putting any data in it.

I started with the well known way of checking for bad blocks on a storage device:

badblocks /dev/sdX

This command by default checks for bad blocks only by reading. If you want to also check writing non-destructively, the -n option must be provided.

badblocks -n /dev/sdX

This was what I originally tried, but after 2 hours it had only checked 3% of the entire drive, not acceptable! There has to be a way to improve the performance.

How to speed up badblocks read/write check

First, I recommend you get your hard drive’s block size, I’m not sure if this impacts performance but it’s more reliable:

lsblk -o NAME,PHY-SEC /dev/sdX
NAME PHY-SEC
sda 512

In case your hard drive is empty or you don’t mind losing its data, use the write mode option (-w). This mode is faster than the -n option but the entire drive contents will be overwritten.

Finally, choose a bigger number of blocks to test at a time using the -c option; the default is 64. By benchmarking I found that 128 was a bit faster but YMMV. The badblocks command accepts a [last block] option, this way you can benchmark different -c values:

time badblocks -b512 -c128 /dev/sdX 1000000

If you want badblocks to show the scan progress, provide the -s option. This is what the final command looks like:

badblocks -b512 -c128 -w -s /dev/sdX

BTW. The drive was 100% free of errors.

fsck’d a full partition

I run Kodi on my Raspberry Pi 3 mainly to watch live streams and the occasional YouTube video. Along with the media player I also run a pair of Go programs to scrape, store and analyze web data. On New Year’s Eve the root partition on a 32GB SD card got full, this rendered the whole system unresponsive. No big deal, I said. Without ssh access nor physical console, I pulled the power plug from the Pi, took the card out and mounted it on my workstation. Everything looked OK, I freed some space, unmount the partition, check the file system consistency… If by now you haven’t spotted what step I missed, keep reading, it could save you a lot of trouble.

So I mounted the SD card’s partition on my main PC, removed some temp files and old videos, 5 minutes after: 6GB left. Then I ran fsck.ext4 with auto-fix on that partition and… whoops, it reported an incredible amount of errors, the last one was about not being able to fix who-knows-what. “What the heck” I said, let’s run fsck.ext4 again on it. It still reported tons of errors, but this time it finished successfully. Big smile on my face, let’s see how looks.

Well, it didn’t look good, no good at all. The only directories left on the partition where /bin and /lost+found, inside where several files with strange ownership and permissions. That’s when I knew I had fsck’d up the partition. I spent the first hours of 2019 reinstalling Arch on a Raspberry Pi, how cool is that?

So I learned my lesson. If the root partition (or any other partition) gets full (as in 0 bytes left), and the system freezes or is unresponsive so that the last resort is to power it down, DO NOT RUN fsck ON IT UNLESS IT IS BACKED UP! Treat this partition as read only –for now– and back up whatever you can from it, then run the file system check on it. If it reports no errors, you’re golden, otherwise you should reformat it and put back whatever files you backed up.

This time instead of using good ol’ ext4 I’ll give Samsung’s f2fs a try. Hopefully it’ll make it through this 2019 without a hitch.

Luckily I had a week old backup so nothing of importance got lost, the Pi was up and running after 45 minutes, with the only trouble being Kodi not playing video, but it turned out to be just a matter of making my user a member of the video group. I’ll leave the error from the log here so it serves as reference for future me or some other poor sob.

ERROR: CMMALPool::GetBuffer - failed pool:0x5a9711c0 omvb:(nil) mmal:0x5a983248 timeout:500
ERROR: CDecoder::FFGetBuffer Failed to allocated buffer in time

So, that’s what my 2018 transition to 2019 went, very exiting indeed. I wish you all a whole year of trouble and the strength to overcome it.

Selfie Stick en película Sci-Fi de 1970

El clip es de una película Checa cómica de ciencia ficción titulada Zabil jsem Einsteina, panove (Maté a Einstein, caballeros) de 1970.

La trama suena como un verdadero petardo: debido a la radiación nuclear a las mujeres les creció barba y perdieron la habilidad de concebir. En las Naciones Unidas se debate la posibilidad de construir una máquina del tiempo para viajar al pasado, asesinar a Einstein, y así impedir que las bombas nucleares sean inventadas.

Para los valientes y aventurados cinéfilos que quieran verla, aquí se las dejo.

Vía: Reddit /r/RetroFuturism

Arte en el Siglo XXI

La idea preconcebida actual es pensar en una galería de arte cuando se habla de una exposición de pinturas, pero esto muy seguramente cambiará en los próximos años.

Bienvenidos al siglo XXI y el inevitable estado ubicuo de la Realidad Virtual.

Tilt Brush de Google es un software que permite al usuario/artista pintar en un mundo virtual utilizando un sistema de realidad virtual.

Las posibilidades son ilimitadas y su futuro muy prometedor, tomando en cuenta que es una tecnología emergente. Falta mucho por ver y será interesante seguir su evolución, tanto de la tecnología, como la de los artistas al adaptarse a este nuevo medio.

En lo personal se me hace fenomenal como la pintura obtiene una nueva dimensión, la posibilidad inédita de poderse “adentrar” en los trazos del artista y explorar desde perspectivas las formas y figuras.

Las “tintas” disponibles me parecen fantásticas, desde simples trazos de oleo hasta las extravagantes luces de neon y destellos, que sin temor a equivocarme puedo asegurar que son exclusivas a este medio. Aunque pensándolo bien la tinta ultravioleta y el glitter podrían ser su símil en el mundo real.

Para comenzar a crear este contenido se puede adquirir el sistema de realidad virtual HTC Vive, que ya está disponible para pre-ordenar a $800 dólares.

Para visualizar las pinturas es posible hacerlo desde tu Android con algo tan simple como el Google Cardboard y la aplicación Tilt Brush Gallery.

Vía Hacker News.

PHP trojan inside a PNG

During a recent security audit I found a PHP script obfuscated inside a filename called social.png, that was used via an include call from another PHP file. This script came inside a pirated version of a commercial plugin for WordPress. The file is identified as Trojan.PHP.Shell.W or PHP/Alter.A by some malware checking tools (ESET-NOD32, BitDefender).

Inside the script I decoded the following data: domain names, emails and a public key. They are being used for malicious purposes (spread malware) mostly on WordPress.

Once your server has been compromised it sends a message to ALL the email addresses informing the attacker(s) that they have shell access to your machine.

Luckily for my client his server is configured to send emails only by authenticated clients, so my client was never exposed.

Suggestions

  • Check your logs for any activity on these domains and addresses, or better yet, block them on your server’s firewall if possible.
  • Check you WordPress database inside the (wp)_options table for the field WP_CLIENT_KEY, remove it if it matches the malicious public key posted above or if you don’t use an external admin panel for your site.
  • Avoid installing plugins from untrustworthy sources (pirate sites, nulled scripts, et al.)