I can often tell when I’m pwned …

Even with this new to me system significantly longer to boot suggests remote debugging. It also explains why I’ve got significantly better internet access than I’m paying for …

[23/1/20 It’s more than simply delay. I’m using an OS that isn’t designed to hide the details from you. It’s like walking in treacle, that the machine is unresponsive often taking far longer than it should to perform tasks. Using a liveusb with a similar configuration – recent deb, same l/w desktop – is much quicker and more responsive (which suggests a misconfiguration actually). I’m getting a fw not recognised message to the b.blob (no network then && might try to jump that) and surprised that swap is used at less than half ram even with swappiness true. Will try to dig down. Could do with some advice how to identify a debugger running & which one or style is likely. On a slow network, slower than slow BB speed which suggests a remote lag.

24/1/20 Noticeably better now and metrics confirm e.g. less use of memory and swap. I hope that it’s not only because it’s Friday evening (spook off for the weekend).

28/1/20 Surprised at finding so many nasties from a little digging:

tracefs /sys/kernel/debug/tracing tracefs rw,relatime 0 0

cat /sys/kernel/debug/tracing/tracing_on 
1

cat /sys/kernel/debug/tracing/set_ftrace_filter 
#### all functions enabled ####

irqbypass              16384  1 kvm

mei                   118784  3 mei_wdt,mei_me    [NB 1 + 1 == 3]

tracing, mei & kvm??? kvm – sluggish because there’s a memory hogging os as vm? [ed: would explain swapping at less than half RAM use with swappiness ‘true’.] Need to learn some.]

all of a sudden like.

ed: Shields up Captain ;)

A simple puzzle for you ;) Ii got won random o ;)

12/2/20 Weirdness

It’s pointless me wiping and re-installing when I don’t know what the problem is – it will probably just happen again. I’m also close to the belief that there is no such thing as privacy / computer security any more and I don’t have anything interesting and only slightly illegal (BT filesharing, a few computer books and Alien videos) on this machine. I use long passwords. I used to write about the goal of full spectrum dominance and it would appear that it may have been achieved.

It’s an old T410, i5 with 4GB. 4GB is plenty to run Buster and 2 should do. I’ve not really investigated deeply because I’m otherwise busy.

Initially I was finding that memory wasn’t available so that swap was used near 2gig despite swappiness set to ‘true’. I suspected and still suspect a hostile guest OS, a big one since it’s using 2gig.

stress –cpu 8 –io 4 –vm 32 –vm-bytes 128M –timeout 30s

causes swap to be filled but then it stays full. swapoff causes swap to be emptied very slowly but it is then transferred to ram.

I appear to be using too much bandwidth so that may be something to watch.

14/2/20

RAM slot 0 must be populated and powered on for the firmware to run.

I’m glad that it’s all so automated and that they probably don’t know what they’re doing (or must simply follow orders). Love ;)

16/2/20 I don’t know what I’m doing either tbh – that’s why I’m learning. I’m finding it very difficult to nail down (secure) Buster. It seems far too complex and poorly-documented and would much prefer a secure desktop by default. [ed: I suppose I should say securer, of course].

This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply

Your email address will not be published.