Hacker for Hire

Alright, I’m sure this will be documented much more clearly elsewhere and in a hacker-ish manner, but here’s the basic steps to make the atv-bootloader in a Linux environment so you can install Boxee or XBMC. Make sure you install the HFS/HFS+ tools for your Linux distribution.

1. Open up the shell and roll up your sleeves
2. Get the latest from svn
   wyatt@hax0red:~/ svn co http://atvusb-creator.googlecode.com/svn/trunk/atvusb-creator
3. Change into the atv-usbcreator directory and launch the creator
   wyatt@hax0red:~/atvusb-creator$ sudo ./atvusb-creator.py
4. Plug in a partitioned USB drive and create the patch stick with Boxee/XBMC/whatever (which will do it wrong, but that’s ok!)
5. Now, write the real image to the device using dd like a good linux user
   wyatt@hax0red:~/atvusb-creator$ dd if=staging/atv_512MB.img of=/dev/sdb
6. Once that’s done, pop out the USB drive and plug it back in
7. You should now be prompted to automount 2 partitions on the drive, the second should be empty
8. Copy everything from payloads into this mounted directory
   wyatt@hax0red:~/atvusb-creator$ sudo cp -r payloads/patchstick/* /media/PATCHSTICK/.

Hope it works for you! And if not, give it a few, they’ll have a Windows and Linux version working shortly.

Every now and again, I get the chance to help someone out and I just thought I’d share this one for a couple of reasons. First, I like helping people. Second, it shows that there are solutions to common problems on the Internet that don’t require delving into the illegal and unethical side of things.

I received an email from Raili with the following:

Hi Wyatt

My name’s Raili and I’m in Thunder Bay, Ontario.

A new client of ours has a serious website conflict and I’m looking for advice. Several years ago a fly-by-night web guy bought them a domain, built them a terrible site and then, before even finishing it, left the country for parts unknown: no forwarding address. Since then the client’s bought a new domain and we’ve designed a nice site for them, but despite advertising efforts people are still stumbling across the old website which nobody can alter, take down, redirect or ANYTHING until 2010. We’ve got a massive fundraising effort underway for them and an important event about to be launched and I’m really worried that people are going to go to the old site and be baffled or turned off and we’ll miss our chance to collect their donations.

Client’s real site: [withheld]
Client’s unfixable site: [withheld]

Can you offer advice – we haven’t found anyone locally who can help us.

Warm regards,
Raili

My reply:

Raili,

I pulled the whois information on the unfixable domain and I found the
following:

[-- lots of whois information --]

While it seems like a lot of information, it does provide you with some important details. First, you domain registrar is InnerWise Inc. Since your organizational information matches the domain information, you should be able to contact them and tell them you’ve had an administrative change and that Ning Zhang is no longer your administrator and you need to resolve the issue that he has the passwords to this domain. It will take several phone calls and you sending in your information in paper form in more ways that will be pleasent; however, if you are persistent and can provide all the proof that you are your organization, you should be able to regain control of the domain since it has been registered to your organization.

I hope this helps and remember, be persistent. Talk to managers, talk to phone representatives, and re-enforce the fact that you are a non-profit organization and above all, do not give up. This process is painful for your protection (say someone tries to pretend to be you and steal the domain) but it is not impossible.

Good luck,

Wyatt

The success in the response:

Wyatt-
Thanks so much for your help. The WHOIS info got me to the registrar and they were very helpful. (nice tech support folx!) We had things sorted out by the afternoon. If by some weird twist you ever meet [name withheld] please take a few of his teeth out for me and tell him that was from [business name withheld].

I’ve read a couple of the postings on your site and have to tell you how impressed I am by your command and consistent defense of the English language. Hope your business is doing well – you deserve it.

Again – thanks, it was totally unexpected and gratifying to have your help.

Raili

I’m really glad I could help Raili out and actually see it happen for a change. Normally, I never get a response back from the first email. This also points out a few good points to keep in mind from a business / web-perspective.

1. If you’re a business owner, make sure your domain names are registered in your business’s name. Raili was able to get the domain information changed because he could provide business charter information and validate ownership of the business
2. Make sure you buy the all domain names (.org, .net, .com) when you start
3. Persistence pays off

Update: In retrospect of writing this, I think I’m going to start a new section in the blog called “Tips from a Hack” to hopefully educate people and try to prevent issues like this in the future. If anyone else has suggestion on tips or things they would like to know about, email me.

There are somethings I get asked to do quite frequently, most I won’t do because they are illegal or unethical or some combination of the two. Occasionally, I’ll have people ask me to recover password for them. Most times it’s easy and very doable; however, sometimes there isn’t much I can do due to the nature the request. The other day I got one from a lady that had fallen into a scam.

If you’re ever really bored sometime, find a software product you like and drop it into to Google. For example, Photoshop. You’ll notice one of the “sponsored” links is a site that offers you a download and all you have to do is complete several small, stupid tasks. We’ll after moving around from site to site, they provide you with a file to download, but you’ll need to provide a “password” found by going to another site and searching for some magic term. This is of course all done in an effort to get referrals and advertising and malarkey of that crap.

Most users would hope that after they finshed doing all of this, they would get their software … yea, right. Most times, these site provide corrupted files. Other times, they are password protected with passwords that would never appear on any site. So that’s where I came in. This lady had gone through probably 15 different sites and around $50 to get an update to Photoshop CS3 and just couldn’t seem to get anywhere.

Enter Hacker for Hire.

So I get the file she’s looking at and I can tell right away that things aren’t adding up. First off, I hear the story and I know that it’s just not going to end well. Second, when I get the file, it’s only 6mb. Now I’ve not used Photoshop recently, but I have downloaded other Adobe and it can only be described as bloatware. Don’t get me wrong, Photoshop is great and does and excellent job but it falls into that category where programmers have just given up on how bloated their code gets. Micro-rant asside, there is no way an update from CS2 to CS3 is going to be only 6mb.

So I start to crack the zip file (thank you fcrackzip!) and just let the crack run overnight. The result?

Some would think this is success, but I like to check again just to make sure …

Anyone else see the problem? It’s the right password for the first file in the zip, the directory, but not for the actual content, which is probably another password protected zip file. I thought about taking the time to patch fcrackzip to deal with this, but I already knew the truth. This was a sham, plain and simple.

So a lesson for everyone out there, think twice before you submit any information online. If it sounds to good to be true, it almost certainly is. Try to remember to buy from trusted sources, like Amazon.com or something like that instead of these scam artists.