I have received a lot of attention on the Internet and in print about my Lost USB Drive project. One of the issues that I have discovered is that the USB drive itself is no longer a novelty. When I started blogging a number of years ago, a USB drive attracted attention. It was used as a type of geek bling that would attract attention.
But now, USB drives are everyone and are no longer a conversation piece among the geek set. In fact, one of the few ways you can get attention regarding a USB drive is if you do not have one! And if you are concerned about your USB drive getting returned if it is lost, then you want it to attract attention.
One of the things that I have been toying with is a company that makes personalized jump drives. This seems to work on a psychological level in several different ways:
If you spend a bit of extra money and buy a nice USB drive, you will probably take better care of the drive and reduce the chance that it will get lost.
If it is something that stands out, there is a greater chance that it will be noticed in the event that it is lost.
I’ve picked up a couple of custom USB drives over the past few months and spent the extra money for something unique and I am happy to report that I have not lost them yet, primarily because I never let them out of my site. I still keep a few of the cheaper flash drives floating around because I want to have a quick and simple way of giving files to friends, etc. without having to worry about them getting the drive back to me.
I’m starting to get more and more into building home media centers. Sure, you can buy a Windows Media Center version but what is the fun in that?
I’ve run across a cool media center software called GeeXboX. Here’s what their website says:
GeeXboX is a free embedded Linux distribution which aims at turning your computer into a so called HTPC (Home Theater PC) or Media Center. Being a standalone LiveCD-based distribution, it’s a ready to boot operating system than works on any Pentium-class x86 computer or PowerPC Macintosh, implying no software requirement. You can even use it on a diskless computer, the whole system being loaded in RAM.
Despite his tiny ISO image size, the distribution comes with a complete and automatic hardware detection, not requiring any driver to be added. It supports playback of nearly any kind of audio/video and image files and all known codecs and containers are shipped in, allowing playing them through various physical supports, either being CD, DVD, HDD, LAN or Internet.
GeeXboX also comes with a complete toolchain that allows developers adding easily extra packages and features but that might also be used to give birth to many dedicated embedded Linux systems.
One of the cool things about GeeXboX is that it is designed to be completely self sufficient. There is no need to upgrade your operating system or download the latest codecs in order for the system to work. All you need is to boot from a livecd and you are off and running.
Of course, what really caught my eye was the ability to put GeeXboX on a bootable USB drive and then dump my videos onto it. The whole process took me about 10 minutes with 9 minutes being the wait for the download to complete!
Here is how I did it.
Things to Get
First, you will need to get a few things:
Empty USB drive formatted FAT or FAT32. The bigger the better but I would say 1 GB would be a good start but the bigger the better because you can take more videos with you. GeeXboX takes up about 32 MB.
GeeXboX ISO. The current version as of the writing of this post is 1.2.1 and is available for x86 32-bit, x86 64-bit and PowerPC.
GeeXboX Win32 Installer. Version 0.22 available at the writing of this post.
Build the USB Media Player
Once you have downloaded everything and have your USB drive in your computer, start the Win32 Installer.
Click on Next>.
Click on I Agree.
Select Install to drive/partition dedicated to GeeXboX: and click Next>.
Click on Browse and select the ISO that you previously downloaded. Then click on Process. This will prepare the ISO for installation to your USB drive.
Once it has completed processing, the Next> button will become available. Click it.
Select the drive letter of the USB drive on which you want to install GeeXboX. Read the warning and then click Install.
Wait patiently which GeeXboX installs to your USB drive. It shouldn’t take more than a minute or two.
Click Finish and you’re GeeXboX bootable USB media center is ready to go!
Add Some Videos
Now that you’re system is ready, all you need to do is put some videos on the USB drive. Simply drag the video files from your computer to the root of your new USB media player. Once they are done copying, you’re ready to go!
Boot and Go!
Now, all you need to do is take your USB drive to a computer system, get it to boot from the USB drive (either by changing the BIOS to boot from the USB device first or by using a boot menu). It should boot into the initial splash screen:
Once it has completed the initial boot, you should get a menu looking something like this:
This gives you complete control over the entire system.
Here is what a typical movie would look like with the menu overlayed:
There are lots of other things that you can do with GeeXboX. I’d love to hear what you come up with!
By the way, here are some more links to GeeXboX that I have found to be useful:
Sometimes it takes the worst of situations to bring out the best in us. This is what happened to me the other day. A woman comes into the office that I work in, obviously quite distraught. We quickly discover that she is the widow of a popular local doctor whom recently passed away suddenly. She was carrying with her a laptop and was looking for some help.
It appears that when her husband passed away, he did not leave a record of the user names and passwords for his laptop and there was a lot of information on the system that she would be needing in the near future. She was hoping that we could help. Of course we could.
We Hate F8! We Hate F8!
Initially, I assumed that the users would not have changed the default administrative password from blank. So, all I needed to do was use F8 when booting, go into safe mode, then create a new account with administrative access.
Unfortunately, F8 was disabled on the system and the only way to enable it was to log into Windows. Time to look for something else.
Linux To The Rescue…NOT
My next reaction was to try one of the Linux based password recovery tools. There are a number of boot CDs out there that boot a small Linux kernel and then attempt to recover the password. After trying two different boot CDs, I quickly came to the realization that Linux was going to be of no help this time around.
It just so happens that this was no ordinary laptop. This laptop was a Dell XPS M1730. And, it came with dual hard drives running off a RAID array using the Intel Matrix Storage Manager. And, it had no Linux drivers.
Ask Bart
So, how was I going to proceed. It was obvious that there was no way to get access from a download and boot Linux CD. Then I thought of Bart. Since BartPE creates a self-contained bootable Windows CD, this might do the trick!
A copy of Windows XP Pro with Service Pack 1 (Sorry, you’re on your own for that one)
I installed the BartPE package to C:\pebuilder3110a on my hard drive. Then, I extracted the drivers that I got from the Dell website and placed them in the C:\pebuilder3110a\drivers\SCSIAdapter folder in a directory called iastor. The \drivers\SCSIAdapter folder is where you can put any number of non-standard drivers that will automatically load then you boot the BartPE CD. (For more information on the on adding drivers to a BartPE CD, see their Adding drivers page.) I then proceeded to create the BartPE image and burn it to CD.
Getting the Files
The next step was to get access to the laptop. I put my newly minted CD into the laptop and booted the machine from it. Everything worked like a charm and on first try, too! (That almost never happens for me!) I was able to access the files on the RAID array without any problem.
Now, I could probably have stopped here and copied the files that were needed to a USB drive or even burned them to a CD/DVD. But, I wanted to provide full access to the system so that they would not have to keep coming back to me for help whenever they wanted to get something off the computer. I would have to get the passwords for her.
All Your Passwords Are Belong To Us
To start the process of password recovery, I needed to get a few things:
I booted the laptop one again with the BartPE disk and made sure the USB flash drive was available to the system on boot up.
Next, I started to look through the system and I searched for two files:
C:\Windows\System32\config\SAM
C:\Windows\System32\config\SYSTEM
I copied these two files over to the flash drive, took out the flash drive and shut down the computer.
I then installed ophcrack on my other computer and installed the Vista tables.
Next, I used the Encrypted SAM option to load the files into ophcrack. It immediately recognized all of the accounts that were on the system. It also indicated that the Administrator account and the Guest account had blank passwords. That means that if F8 had been available, I could have gotten into the system in Safe Mode (stupid F8).
So, I started the password recovery process and DING! 29 seconds later I had all of the passwords for the three other accounts on the system. I tried all three and they all worked.
Looking back at the passwords now and the hints that were given in Windows for the passwords, I was on the right track to guessing them but this was a much quicker process.
Lessons Learned
Through all of this, I have learned some lessons about security, passwords, and computers:
Unless you encrypt your hard drive or use some other form of access other than a password (e,g, biometrics, smart card, etc.), it is relatively trivial for someone to get your passwords if they have physical access to your system
Someone does not have to have physical access to your system the entire time they are trying to hack your password. Simply grabbing a couple of files from your computer takes a couple of minutes and they can hack away at your system at their convenience
In the event of your untimely passing, would your loved ones know how to get access to your computer, e-mail, Internet accounts, etc.? If not, you may want to consider a way of getting that information to them
In my previous post, a user commented that it would be cool to be able to launch a web page from an autorun.inf file. So, I took it upon myself to do just that. I wrote a little program that will do just that!
Download WebLaunch and save it on the root of your USB drive. Then, create an autorun.inf file on the root of your drive with the following contents:
I recently received an e-mail from Sam J. with a question about flash drives:
Is their any way to record the user name of every person who has used your flash drive?
While there is no fool proof way of doing it, you could try a combination of autorun.inf files and batch file.
Create an autorun.inf file on the root of your flash drive with the following contents:
[autorun] open=getusers.bat action=Open folder to view files
Next, create a batch file called getusers.bat with the following contents:
@echo off echo %username%>>users.txt
When a user puts your flash drive into their computer, it pop up with an autoplay option indicating that they are to click on the icon to open the folder to view files. A small black box will pop up briefly and then disappear. If you go into the root of the drive, you will find a new file called users.txt. If you open this file, it wil contain the user names of all the users who have accessed your drive by clicking on the icon.
This is, of course, not a fool proof method as all someone has to do is bypass the autoplay feature and their name is not recorded or they can delete the users.txt file but this is at least a proof of concept.
I have received a lot of attention on the Internet and in print about my Lost USB Drive project. One of the issues that I have discovered is that the USB drive itself is no longer a novelty. When I started blogging a number of years ago, a USB drive attracted attention. It was used as a type of geek bling that would attract attention.
I’m starting to get more and more into building home media centers. Sure, you can buy a Windows Media Center version but what is the fun in that?
Sometimes it takes the worst of situations to bring out the best in us. This is what happened to me the other day. A woman comes into the office that I work in, obviously quite distraught. We quickly discover that she is the widow of a popular local doctor whom recently passed away suddenly. She was carrying with her a laptop and was looking for some help.![Reblog this post [with Zemanta]](http://img.zemanta.com/reblog_e.png?x-id=a7295472-0e24-412c-a4a8-df02fbb810a0)
In my previous post, a user 
I recently received an e-mail from Sam J. with a question about flash drives: