Spybot Anti-Beacon – Turn Off Windows Tracking

Tracking / telemetry features in software is rather controversial.  Often split between two groups.

Group A will want the features that go along with the tracking, for example: having Google Now tell you when a package is scheduled to arrive just because you got an email about it.

Image from EFF

Image from EFF

Group B will be on the side of privacy for the sake of privacy.  They fear that all of these features are putting in place an infrastructure to be taken advantage of by bad actors, such as the implementers of the features themselves or even someone like the NSA.

I typically find myself in one camp for certain issues, and the other for well… others.

In Windows 10, I don’t use any of these features, such as Cortana.  So I’m perfectly happy to disable any kind of information sharing my computer and Microsoft are making use of.

Spybot Anti-Beacon

If you are like me and want to disable as much of the windows 10 tracking as you can, I recommend you check out Spybot Anti-Beacon.  It’s a tool that helps you disable the tracking features.

It also works for Windows versions going back to 7.

Description from their site:

Spybot Anti-Beacon is a standalone tool which was designed to block and stop the various tracking (telemetry) issues present in Windows 10. It has since been modified to block similar tracking functionality in Windows 7, Windows 8 and Windows 8.1 operating systems.

Check it out, it’s neat.

Virtualizing Physical Machines

overview

Preface

I’ve come across a couple laptops recently where I wanted to be able to quickly (and safely) experiment on them.  Experiments that had the possibility of seriously messing things up.

A more traditional approach to this would be to make an image of the machine, perform the experiments, and if it fails catastrophically, restore the image.

Virtual machines have significant advantages in this, because you can snapshot them and instantly restore to that snapshot.  But I was unable to set up a simple VM to do this as I needed one configured the exact same way.

So after some research, and playing around, I found that it’s actually quite simple to make a VM from a physical machine.

The steps I would take to accomplish this are:

  1. Image the physical machine to a file
  2. Convert the raw file to a virtual machine disk file (.vmdk)
  3. Create a new Virtual Machine and point it to the .vmdk file

Below are those steps in detail.

1. Image the Physical Machine to a File

imaging machineTo image the machine, my approach was to take a Linux live cd (on a usb stick) and use the command “dd” to make an image of the disk.  First, I would fire up gparted in order to determine the correct disk path that I wanted:

gparted

Note: or use something like

$ fdisk -l

Once you know the path of what you want to image – for example: /dev/sdb – you can bring up a console and begin.

I like to add two things to the dd command in order to get more out of it:

  1. Compress the output with gzip
  2. Pass the data through pv [pipe viewer] in order to see the operation’s speed
matthew@lubuntu-vm:temp$ sudo dd if=/dev/sda | pv | gzip -c > ./image.dd.gz

Now, make sure that your destination is large enough to hold the image.  An external drive or network share or somesuch.

2. Convert the Raw File to a Virtual Machine Disk File

First, if you sent your image through gzip to save some space like I did, extract it.

Next, using the VirtualBox commandline tool “VBoxManage”, convert the raw file to a VMDK file:

VBoxManage convertfromraw raw-image-name.dd vmdk-name.vmdk --format VMDK

Couple notes:

  • I’m sure other formats work too, but this is the only one I’ve tried
  • It takes a while

3.  Create a New Virtual Machine and Point it to the .vmdk File

This step is fairly straight forward.  Create a new virtual machine and when it asks you if you’d like to make a new virtual machine disk, choose to select your own and point it to the .vmdk file you made.

When you start the virtual machine, it’ll look as if you’ve started the physical machine.

Happy virtualizing!

Monitoring an Outlook Inbox with Python

I get a lot of email at work.  Mostly by robots that are triggering on some event or another.  But after a few years of more and more distribution lists having me on it, the amount of email I get in a day is actually unmanageable.  I’m talking thousands.  The vast majority can be safely ignored, such as “Job ABC completely successfully”.

So I’ve gotten pretty aggressive with Outlook rules in order to filter my incoming email into different folders.  But the rules have always felt limited to me.  For example, I cannot say “If the subject contains this or this, do that“.  I’m limited to a logical and.

Looking into whether or not you can use Python in your Outlook rules, I came across an example where you can actively monitor your Inbox and have access to the messages that come in, all from Python.

C:meDevelopmentpythonoutlook>outlook-monitor.py
Subj: Test Email
Body: Hey!

Test

-Matthew Urch | Programmer Extraordinaire
========

This opens up a whole world of email automation.

The basic script I made that achieves the above is this:

import win32com.client
import pythoncom

class Handler_Class(object):
    def OnNewMailEx(self, receivedItemsIDs):
        for ID in receivedItemsIDs.split(","):
            # Microsoft.Office.Interop.Outlook _MailItem properties:
            # https://msdn.microsoft.com/en-us/library/microsoft.office.interop.outlook._mailitem_properties.aspx
            mailItem = outlook.Session.GetItemFromID(ID)
            print "Subj: " + mailItem.Subject
            print "Body: " + mailItem.Body.encode( 'ascii', 'ignore' )
            print "========"
        
outlook = win32com.client.DispatchWithEvents("Outlook.Application", Handler_Class)
pythoncom.PumpMessages()

And then from here, you can do whatever you like with your email messages that are coming in.

Writing a Google Hangouts Bot

I’m a huge fan of programming just for fun.  But often times the fun itself is directly tied to what your program will be doing.  Well yesterday I had a great deal of fun writing a very simple bot for a group Hangout I’m in.

The idea for the bot came about because of a type of battle that was fought over changing the name of the Hangout.

title-battleParticularly from Mr. Jonathan there.  He is a frequent title hijacker.

So what I wanted, was that whenever Jonathan changed the title, it would immediately change to what I have it set to.  If others changed the title, that’s alright by me.  This was a battle between Jonathan and I.

My chosen technology for this bot, was good ol’ jQuery running from a Firebug console.  Since I then wouldn’t have to worry about authentication or any of that.  This bot would be run only when the chat was open.  I wanted it simple.

Right off the bat however, I discovered this would be a little trickier than I had hoped.  The chat windows are running inside iframes.  And those frames are coming from a different place.  So if I attempted to retrieve the document of the iframe, I would trip over the “Same Origin Policy”.  But this is easily worked around if you open the chat in its own window by clicking on the “pop out” button in the middle of the three buttons at the top.

Now I was in business and any Javascript I injected via Firebug would trivially work with the existing elements.  So now I was able to break down the task and code away.

Note: As a precondition to the script of this bot, jQuery needs to be injected.

Opening the Settings and Changing the Title

These parts are fairly trivial Javascript.  To open the settings of the Hangout, we simply want to click the gear at the top:

document.getElementsByClassName( "SU" )[0].click() ;

Which wrapped with a check to ensure we aren’t trying to go to the settings page when we’re already there, looks like this:

var saveButtonSelector = "button:contains('Save'):visible" ; 
function clickCog() {
   if( jQuery( saveButtonSelector ).length == 0 ) {
      document.getElementsByClassName( "SU" )[0].click() ;
   }
}

And to update the title:

document.getElementsByClassName( "editable" )[1].innerHTML = text + "<br />" ;
jQuery( saveButtonSelector )[0].click() ;

When Element Found, Call Function

To update the title, starting from outside the settings page is a little more interesting, since fundamentally we don’t know how long it’s going to take to get there.  So my solution was to monitor for the “Save” button that is on the settings page.  When that button is present and visible, then update the title.

To facilitate this, I needed something event based.  But there is no baked-in event for when an element is found that didn’t previously exist.  And I didn’t want to spend much time looking for a Javascript library that would work for me, so I rolled my own.

We can use the built-in setTimeout method in a loop that polls for the element, and when the element is found, trigger the event.

function whenElementFoundCallFunc( selector, func ) { 
  
  if( jQuery( selector ).length > 0 ) { 
    func() ;
  } else { 

    setTimeout( function() {  
      whenElementFoundCallFunc( selector, func ) ;
    }, 50 ) ; 
    
  }
  
}

Using the above method, and the clickCog() method which checks if you’re already in the settings page, updating the title becomes this:

function setTitleText( text ) { 
  
  clickCog() ; 
  
  whenElementFoundCallFunc( saveButtonSelector, function(){
    document.getElementsByClassName( "editable" )[1].innerHTML = text + "<br />" ;
    jQuery( saveButtonSelector )[0].click() ; 
  } ) ; 
  
}

Which will cause the script to forever poll for the Save button, and when it’s visible, it will set the title to what I want.

Monitoring for Title Changes

The core of this bot is it needs to act on its own when the title is changed.  That means we need something very similar to the above method “whenElementFoundCallFunc”.  We need to check the last title change, see if it was done by Jonathan, and if so, change the title to zyx.

function monitorForChangeByAndCall( person, func ) { 

  var lastTitleChange = jQuery( "span:contains('renamed the Hangout'):last" ).text() ;
  
  if( lastTitleChange.indexOf( person ) == 0 ) { 
    func() ;
  } else { 
    console.info( person + " did not last change title, checking again soon..." ) ; 
  }
    
  setTimeout( function() {  
    monitorForChangeByAndCall( person, func ) ;
  }, 500 ) ;
  
}

Which can be called simply enough:

monitorForChangeByAndCall( "jonathan", function() {
  setTitleText( "Poutine Nation" ) ;
} ) ; 

That’s it!

Surprisingly small, isn’t it?  But it works perfectly and has made it so Mr. Jonathan cannot change the title of the hangout.

bot-title-changingNote: I am not his dad

Entire Script I Run in Firebug

var script=document.createElement('script');
script.src = "https://code.jquery.com/jquery-latest.min.js" ; 
document.getElementsByTagName('head')[0].appendChild(script);

var saveButtonSelector = "button:contains('Save'):visible" ; 

function clickCog() { 
  if( jQuery( saveButtonSelector ).length == 0 ) { 
    document.getElementsByClassName( "SU" )[0].click() ;
  }
}

function setTitleText( text ) { 
  
  clickCog() ; 
  
  whenElementFoundCallFunc( saveButtonSelector, function(){
    document.getElementsByClassName( "editable" )[1].innerHTML = text + "<br />" ;
    jQuery( saveButtonSelector )[0].click() ; 
  } ) ; 
  
}

function whenElementFoundCallFunc( selector, func ) { 
  
  if( jQuery( selector ).length > 0 ) { 
    func() ;
  } else { 

    setTimeout( function() {  
      whenElementFoundCallFunc( selector, func ) ;
    }, 50 ) ; 
    
  }
  
}

function monitorForChangeByAndCall( person, func ) { 

  var lastTitleChange = jQuery( "span:contains('renamed the Hangout'):last" ).text() ;
  
  if( lastTitleChange.indexOf( person ) == 0 ) { 
    func() ;
  } else { 
    console.info( person + " did not last change title, checking again soon..." ) ; 
  }
    
  setTimeout( function() {  
    monitorForChangeByAndCall( person, func ) ;
  }, 500 ) ;
  
}

monitorForChangeByAndCall( "jonathan", function() {
  setTitleText( "Poutine Nation" ) ;
} ) ; 

Windows: Change Yourself From Admin to a Standard User

A practice that can help maintain security on your Windows machine is to not run as an Admin all the time.  It’s far more secure to run as a Standard User and when you need Admin privileges, you enter the credentials of a different user that is an Admin.

But what if you’ve already been running as an Admin for a while and have your account set up just how you like?

This was my thought process whenever I heard the advice of running as a Standard User instead of an Admin.

Next time I set up a machine for myself, I’ll set my main account as a Standard User…

But it turns out that was entirely misplaced hesitation because switching down to a standard user couldn’t be easier.

Simply create yourself an extra Admin account with a good password, and then in the Users section of the Control Panel, change the level of your own account down to Standard.  Done!