kapsobor

this is just a small test how easy the described procedure in this post can be achieved a second (and last) time..

presumably you received spam in your inbox and clicked on it. I did not send that spam, this page was not the original target for the spam page, either. it redirected to the first google hit when searching for rneskimo.com, vxpl, made and easy. read the other post for details.

update: this page actually is top hit now, so you probably have come here by clicking on a spam link in your email. this is not the site to which the spam was originally directed.. remember to NOT simply click on any link you received via email. see the other post for details, in case you're interested.

update2: wzf - g00gle has removed this page from its index! and while this might seem fine, they did NOT remove the originally targeted site! I wonder what will happen if I adjusted the link a bit..

I just received some spam containing a google search for V6J 5C6 888-9089 Vancouver along with an inurl request to decimalrain.com and an activated "im feeling lucky" option (&btnI). this option redirects directly to the first search result. so the spammer sent a google url - which suggests a rather big amount of trust to the user - although clicking the link will lead directly to the spammer's site.

So now, if you wanted to, you could redirect all those spam-victims to a safe-site (for example this one), and by doing so even grab some traffic very easy - just by placing your page to the top of the google results for that one exact query. The difficulty is that your page would need to be placed #1, of course, which is unlikely to be achieved by for example this page. Anyhoo, with some google magic it would very sure be feasible and an easy way to generate loads of real traffic to one's website. Achieving a higher rank than the one page listed as result should not be too hard. After all, the original one is a spamsite and Google definitely does try to list those below other pages..

If you read this and came here from your mailbox then this page was suprisingly listed in front of the original spamsite, let me emphasize: I've nothing to do with the spam you receveid, original target was decimalrain.com

update: haha, this page actually is top hit when searching for most of the terms, sadly, inurl: does not hit it, as it seems to only look for complete words - and their words are not disconnected by _

update 2: ok, this page is actually top hit now, so you might have come here by clicking on a spam link in your email. The site to which the spam was directed, however, has recently been removed from the google index, thus moving this page to the top. remeber to NOT simply click on any link you received via email.
(I did neither think of google removing the original spammer's-page so quickly nor nobody else writing a text including the keywords, so having scored #1 is kind of a surprise..)

I'll just write a quick how-to on using encrypted swap while still be able to suspend to disk under linux, in this case ubuntu/debian with encrypted swap via device-mapper.

Quick intro first: when linux suspends to disk it will actually write the current state in the active swap. That's why you run in trouble when it's encrypted. I've seen ppl deactiving swap encryption completely to work around that. That's of course not an option, as if you don't encrypt swap you don't need to encrypt anything in the first place.

So you could go ahead and just deactive swap-encryption right before suspending and thus be able to resume. This would be one option and can easily be achieved. Still, why bother with encryption at all when you put the memory unencrypted to disk.
So, swap needs to be encrypted right before suspending, but in a way that will be resumeable. Luckily, that's just what uswsusp supports.

1. install uswsusp

   sudo aptitude install uswsusp
   

   accept all default options on prompt
2. edit /etc/uswsusp.conf
   sudo $EDITOR /etc/uswsusp.conf and change the following variables:

   resume device = /dev/sda2
   compress = y
   early writeout = y
   RSA key file = /etc/uswsusp.key
   encrypt = y
   

   While leaving the other options as they are.
   Where in this case you'll need to replace /dev/sda2 with your actual swap device (you might for example find it by loogin at device-mapper config: sudo cat /etc/crypttab. You can replace some other things, but these options should be fine.
3. create uswsusp keyfile
   You'll need a keyfile for the encryption to work. this sould be saved in /etc/uswsusp.key (see above). when creating that, you should definately set a password which you'll have to enter on each resume from disk:

   sudo suspend-keygen
   

   You'll be asked some questions, default options should always be fine.
4. ensure correct read permissions
   (I don't remember if the script sets them already, just to be sure)

   sudo chmod 400 /etc/uswsusp.key
   

5. create wrapper script for s2disk
   Now the final and a bit more custom part: we'll place a wrapper to s2disk to disable swap right before suspending and enabling it with encryption after resume.
   This should work with all swap-encryption mechanisms around, in this case I used device-mapper:

   sudo mv /sbin/s2disk /sbin/s2disk-real
   sudo cat >/sbin/s2disk
   DEVMAPDEVICE=cswap
   SWAPDEVICE=/dev/sda2
   swapoff -a
   cryptsetup remove $DEVMAPDEVICE
   mkswap $SWAPDEVICE
   swapon $SWAPDEVICE
   /sbin/s2disk-real
   swapoff $SWAPDEVICE
   cryptsetup -d /dev/urandom -s 256 create $DEVMAPDEVICE $SWAPDEVICE
   mkswap /dev/mapper/$DEVMAPDEVICE
   swapon -a
   ^D
   sudo chmod 755 /sbin/s2disk
   

   you should replace cswap with the name of your devmapper device and /dev/sda2 with the name of the actual swapping device.

This should do it. When you now suspend to disk the encrypted swap will at first be deactivated and replaced with an unencrypted swap. With in that, uswsusp will create its encrypted image from which you'll be able to reboot. After resume, the unencrypted swap will be deactivated and replaced with an encrypted one. This procedure however, might not be 100% safe since as well on suspending to as on resuming from disk, the temporary created unencrypted swap might actually be used. I don't know enough about uswsusp to confirm that, though. Still it seems an acceptable risk.

Note: In case you are using a bootsplash (default in ubuntu linux), you might not be presented with the password prompt when resuming. Instead, the system will stand still. In this case, you'll have to switch to Password prompt via CTRL-ALT-F1. Then entering the password will render the system usable again, running with encrypted swap (and running encrypted home-dirs, for example).

to suspend (be sure to have read the previous paragraph before suspending..) simply enter:

sudo s2disk

There. Done.