Posted on

kw905 : Life on a Chromebook.

We deep dive into the world of Chromebooks and find an answer to the question : Can you survive on a Chromebook. We walk you through the possibilities and limitations of the Chromebook. We enlighten you  on how to use it for work, connect back to your home network and how to use your Chromebook to entertain you. If thats not enough we go beyond the design specifications and sideload Linux on your Chromebook turning into a low budget sliders dream machine. All of that and more .. in Kw905 : Life on a Chromebook. Catch the live recording of this podcast in the Youtube video below and see if you can catch Sulu the dog as our Podcast assistant.

Shownotes.

  • The Acer C730
  • First impressions
  • Hardware – Software
  • Taking the Chromebook to work (Article)
  • Using the Chromebook to entertain you (Article)
  • Connecting back to your home network via a Socks5 proxy over SSH (Article)
  • Dual Booting your Chromebook with Linux (Distroshare.com)
  • Sideloading your Chromebook with Crouton (Youtube instruction video)
  • Epilogue

Related Posts

Posted on

Connect your Chromebook to your home network over SSH.

This week i’m testing out my new Acer A730 to see just what it can do and how far we can take it. One of the frustrations I bumped in earlier this week was that there were limited options when it came to “Phoning home”. Setting up encrypted tunnels to your home network over the internet using VPN or Proxy connections is something we should consider when using public Wifi hotspots.

With the Chromebook relying completely on some wifi connection on a (perhaps foreign) network I was disappointed to find that the only protocols that were supported were L2TP and OpenVpn. Not a bad set to choose from but not something that I had setup on my home network.

Previously I used an SSH server and the SSHuttle app to tunnel my internet, dns and even network traffic over a Socks5 proxy to my home network. I wondered if this would be possible with the Chromebook. Turns out it is ! Let’s start cooking.

To get this little piece of magic working you need 3 things. A : One SSH server (A linux machine) on your home network that has at least one port open to the internet. B : The Secure Shell app from the Chrome store. C : The Switchy-Sharp extension.

Setting it up is quite easy. Lets say we opened up port 8800 of our SSH server to the internet. Setup Secure Shell to connect to the your home SSH server with the additional option to create a port forwarding tunnel on lets say port 8800 with the option -D 8800

img_546b9a0a17c9d

Next we setup Switchy Sharp as to use the SSH connection (and port 8800) as a socks 5 proxy.
switchy

All you need to do next is Connect to your home SSH server and use the Switchy Sharp extention in your browser to use the connection. The Chromebook will tunnel all http and https requests AND the DNS queries through the tunnel. That way 95% of your Chromebooks traffic (we aren”t a 100 percent sure about what protocols any other apps you have might use) are piped through a secure tunnel. You don’t only get to connect to your home network (to open up any web-interface to any device or server you have) but also you get to do it all ‘in private’

Links.

Related Posts

Posted on

Can a Chromebook keep you entertained ?

So its day Three of the “Chromebook only” week. A week in which I promised myself ONLY to use my brand new Acer C730 to get things done. In a previous article we’ve talked about the first impressions of the device and what it feels like to take your Chromebook to work. That’s all nice but … what about downtime ? Can the Chromebook entertain us ? We’ll find out.

Before I start I want to make a confession : I’m a cable cutter ! Yes, we have ditched ‘traditional tv’ in favor of streaming content from the internet and from our personal library of backed up Dvd’s to our television. So demands for ‘conventional television’ aren’t very high in our households. However : With the holiday season coming up there is the need to catch the Doctor Who Christmass special on BBC2 … But I live in Belgium .. So what to do ?

Enter the HOLA extension. A little app that lives in your browser and allows you to “tunnel” through local proxies in the US, the UK and other countries to be able to watch ‘their’ content. ‘Hola’ works great for watching content like Bbc or watching the Extended Netflix catalog in the US. The Chromebook keeps you entertained for hours.

As for music : Plenty of services out their that want to stream their soundwaves your way. Some extensions even let you upload your music to your google Drive and stream it from there. If you don’t feel like doing that , how about Spotify, Stitcher, Grooveshark and plenty of other services ? The audio quality on the C730 is pretty good although it IS lacking a little bit in the lower part of the sound spectrum. No doctor Dre .. but no tinny radio either.

pixel-gaming-e1368126144829

As for games : They are (of course) web based. Some of the apps in the Chrome webstore are nothing more then glorified links to websites where you can play said games. But thanx to Java, Ajax, Ruby and other forms of webmaster-black magic you can play a decent game inside a browser these days. If you don’t mind the occasional apps for adult-daipers in the upper right corner .. you can find online (clones) of Command and Conquer .. or really go for it and dive into some classic arcade games that are a dime a dozen out there. And lets not forget the Internet archive with their Internet Arcade ! Play a ton of classics .. in your browser .. on your Chromebook.

Conclusion :
If the internet is a geeks daycare center where he can spend hours while his/her parental units go off to do other things in the real worls … the Chromebook is your hot babysitter ! It will keep you linked up to the world wild web (that ain’t no typo) and if you know where to look you can spend hours playing games, watching movies and listening to music WITHOUT spending a dime OR breaking the law. As long as you keep the Chromebook connected .. it will keep you entertained

Links.

Related Posts

Posted on

Privacy Week : Tunnel traffic through your home network with Sshuttle.

Today’s tip in our “Privacy week” is geared a little bit towards the more advanced geek .. (Who am I kidding, you are ALL advanced Geeks here). In our every lasting quest to ensure our privacy when surfing on “foreign networks” like the one at work, the one at your dorm or the free wifi hotspot at Starbucks , we try to find more ways to make sure all your web traffic is encrypted and your privacy is kept safe.

kirk-and-spock-with-the-galileo

Enter SSHuttle ( NOOO , not the STAR TREK Shuttle) , A brilliant little transparent proxy application that directs ALL or PART of the network traffic from your trusty Linux or Mac machine (the laptop you use on the road) through an SSH tunnel to an SSH server of your choice (perhaps your own server at home). That way your traffic is completely (or partially) obscured from whoever is trying to sniff your traffic on an untrusted network. An added bonus is however that it is a transparent proxy ! This means your computer will actually think it is directly connected to the network where the SSH server is running. It is like running a very very very long cable through the internet straight from your machine to the network where your SSH server is located. 

So let’s start cooking.

Ingredients.

How to install SSHuttle on your client machine.

  • Install SSHuttle on your Linux machine using the command :  sudo apt-get install sshuttle
  • Install SSHuttle on your Mac by first installing HOMEBREW APP. (Installation instructions) and then typing brew install sshuttle

Shuttle is simple but VERY powerful.  It will create an encrypted tunnel between your laptop and the SSH server you setup at home. Depending on what kind of traffic you want to shove through that tunnel you can do different things like :

  • Just tunnel your browser traffic through the tunnel,
  • Shove all of your web traffic through the tunnel (including dns requests),
  • Shove ALL of your traffic through the tunnel.
  • Set up a “site 2 site” VPN  between the network you are working on and your network at home.
  • … and more crazy stuff.

So how does it work ? 

Once installed using SSHuttle is pretty simple. SSHuttle works from the command line and depending on the “switches” it will do different things for you. So on your client laptop , fire up your terminal and start typing.

  • sshuttle --dns -r username@yourremoteserver.com:2222 0/0

Enter the command above to push ALL of your traffic through the SSH tunnel towards your server at home. This is the example of running a virtual network cable THROUGH the internet towards your switch at home. All of your traffic is sent through this encrypted tunnel. USERNAME = A user you have created on your SSH server at home. YOURREMOTESERVER.COM = The external ip address (or Dynamic DNS name) of your home router. 2222 = The port on which you have your SSH server running. In this example I took a non-default port.

  • sshuttle  -r username@yourremoteserver.com:2222 192.168.0.0/24

With this command you can create a site to site VPN. Instead of typing 0/0 is going to send ALL the traffic through the tunnel. Typing the network range of your home network (in this case 192.168.0.0) tells SShuttle to send all the traffic that needs to go to the 192.168.0.0 domain through the tunnel, while sending out the rest of your traffic through  whatever network gateway you are connected to.  The /24 is your subnet mask ( you know , the 255.255.255.0 subnet number of your network).

There are a lot of other switches that you can use , but if you use the two commands we mentioned above you will have a LOT of power at your fingertips. I love using the second command. It allows me to connect to the exchange server at work for my work stuff, but also lets me quickly open up the web interface of my home router (on the LAN SIDE) to do some tinkering. SSHuttle is a very very nice tool that keeps you connected .. and keeps your privacy .. private.

Find out more about SSHUTTLE in this HAK5 episode.

Related Posts

Posted on

Privacy week: Surf anonymously with the TOR Browser.

The TOR network, better known as “The Onion Router” network is mesh of “endpoints” all over the world, interconnected by a encrypted connections. Much like a network of Wormholes, traffic can go in on one end and leave the TOR network in a completely different (and random location) to “go on the internet.”   I know some of you might be wondering what this is for, so , imagine being in China and wanting to watch something on Youtube. The Chinese government does not only block a lot of “Western” websites, it also keeps track of the traffic its citizens generate. Enter the TOR network. Using this network our Chinese Youtube enthousiasts sends his traffic through the TOR network. The actual request “emerges” onto the internet in some random country (where Youtube is not blocked) AND its encrypted along the way. So he gets to watch his favourite catvideo AND the government does not have a clue what he is doing.

So how can this work for you ? Whenever you are on a public hotspot or on a network you do not trust, you can use the TOR browser. Your browsing behaviour will not only be completely opaque to whoever is trying to watch your movement on that network , it ALSO will circumvent URL and content restrictions.. because if they look at your traffic .. they will only see an encrypted tunnel between you and whatever TOR endpoint you are connected to. Nobody can sniff you, Nobody can block you.  Eat that Starbucks Script-kiddy !

Tor- Download Page

The TOR browser is a “mutated version of Firefox” that lets you  surf DIRECTLY on the TOR network. It is available for Windows, Linux and the Mac and is COMPLETELY PORTABLE (you don’t even have to install it). So carry it around with you on your USB stick and be absolutely sure that, next time you are logging in on that Wifi network in the Hotel Lobby .. nobody can “follow along”.

Download the TOR BROWSER BUNDLE here.

Related Posts

Posted on

Setting up your own SSH proxy on Windows.

Free wifi is great. It’s like finding an oasis in the middle of the desert that gives you the ability to quench your digital thirst before you wade into the offline sahara once again. But “Open and Free” wifi comes at a price. Being a shared network medium, it means that all traffic on the wireless network is visible to all users on that network , should they care to take a peak.

With networking tools like “Wireshark” it is fairly easy sniff traffic on an open wifi network and intercept all kinds of unencrypted traffic. That traffic can consist of what URL’s you surf to to what passwords you use (if you have an unsecured connection) .. They are all there for anyone to sniff, download and analyse.

To keep your browser traffic private all you need to do is encrypt it. One of the ways to do this is of course use https connections where you can, but if that is not possible there are alternatives. You can set up your own SSH proxy server. This means you will be creating an encrypted tunnel from your laptop, TROUGH the internet, to your home server. Once there (behind the security of your own firewall) your traffic heads for the internet. Its like surfing at home, but you are in fact ‘away from home’. 

The only thing you need are :

– Access over SSH to a linux server.  ( Check our our tutorial on how to set this up) 

– A copy of Firefox.

A copy of Putty.

putty-ssh-tunnel

Setting it up is quite easy , and we will probably do a screencast on the issue in season 8 of our podcast, but instead of boring you with a lot of text , we are going to point you to the excellent podcast episode Kurtis Adkins did for Hacker Public Radio on the topic. Take 20 minutes and listen carefully. When you are done (and have the ingredients above) you will be able to secure your webtraffic from anyone who wants to snoop around. (Hackers, scriptkiddies or nosy sysadmins) 

Link : Curtis Adkins on : Setting up and using SSH and SOCKS (Hacker public Radio ep 1422)

Related Posts