After having encrypted my home partition as described here I encountered a strange problem. After each time I suspend to RAM all partitions on the MMC card are gone.

I'm running Gentoo sources 2.6.29-r5. I also tried Tuxonice sources 2.6.24-r9 but it has the same special effect. My MMC controller is the Ricoh Co Ltd R5C822 SD/SDIO/MMC/MS/MSPro Host Adapter. Perhaps suspend is just broken for it or something with my config is not right:(

So for now I'll just have to live without suspend to RAM and ensure that it doesn't do suspend to RAM as a powersaving measure.

When I returned home tuesday I happily discovered that while I'd been away in Africa the HTC Magic had landed here in Denmark. Only at the 3 operator for the first few days but soon followed by TDC, Callme and Telmore. So yesterday I ran to the local 3 shop when it opened and they still had some HTC Magic phones in stock so I bought one right away! The first batch sold by 3 are not branded and they are supposedly not SIM locked either.

The phone itself is nicely proportioned and the build quality seems far better than my old SE 960i. Everything in the kit including the charger and sleeve pouch is white. The sleeve pouch and the headphones seems to be of a bit lesser build quility than the phone itself. The volume control on the headphones is positioned very close to the cable split which for me means that it is almost right below my chin and it's nearly impossible to see it. Also it doesn't use a standard mini jack connector which would have been nice. Thirdly I like the SE style plastic earpieces better than the ones supplied with the HTC Magic. Well enough bickering about the HW itself. Let's get to the Android SW.

To start out with I just played around with some of the supplied apps. The basic Mail app worked fine with my IMAPS mail account, though it only watches the inbox and I use Sieve to sort my mails to one of many subfolders, so the mail notifier is not really that useful. I tried k9mail instead and it's folder support seems better, but it doesn't support IMAP subfolders and it could be useful to have notifications for other folders than the Inbox.

The Browser works as expected, the only thing I really miss is some adblocking options. I tried browser based streaming TV from the national TV provider DR, but that didn't quite work.

The Music app have almost all features I'd like to use. Though cover download and lyrics support like Amarok would be nice:)

The Youtube app is also nice, though the "watch in high quality" option is a bit too well hidden. Playback of HQ music videos worked like a charm.

The Maps app and GPS is working great. I did a field test with it today while riding the train and it worked like a charm. Though it's a bit odd to sit in the train staring at a small flashing blue dot moving on the screen, like you always see in the movies:) I also used the Maps app to navigate the last few houndred meters on foot after disembarking the train. It would be nice though if the map could rotate according to which direction you were heading, like the Sky Map app.

Speaking of the Sky Map app this really rocks! Unfortunately it's been overcast here the last few days so I haven't had a chance to really compare it to the real thing. But just holding up the phone over your head and see the pictured night sky rotate as you rotate the phone is just awesome!

But the best app of them all must actually be the Market app. Not the app itself but the possibility to download countless apps free of charge! I've always loved to play around with the barcode scanners in various supermarkets so I quickly downloaded Barcode Scanner to play around with. So I used some time like a ten year old scanning all barcodes I could find:)

Next up was the ConnectBot to do my first SSH login using the HTC Magic. That felt nice too!

Eventhough there is no official FB app for the Android I tried one of the unoffical ones and it's reasonly useful to update status and keep track of your wall. It seems like several alternatives are being developed, so the situation will hopefully get better. But for now you can at least pretend you have a life on FB with the HTC Magic.

Today I've been toying a little with KDEPIM integration with Google Calendar and Contacts. I've previously used Gcaldaemon for synchronizing Korganizer calendar and Google Calendar, but it's not really a nice solution with a running Java daemon that tends to eat up all memory on the server. Instead I've tried out the Googledata Akonadi plugins that is demoed on Youtube. So far I've only experienced limited success. Creation of events in Korganizer seems to not be properly uploaded, but new events are downloaded to Korganizer (at least after a restart). For Kaddressbook I've tried moving contacts from the traditional Kaddressbook storage to the Akonadi plugin, but they fail to pop up in Google Contacts. I hope the state of KDEPIM Google integration will soon improve.

I think I got carried away while writing and it all got a bit longer than initially planned, but let's just say that after a bit over 24 hours I'm more than happy with my HTC Magic phone! The Android interface is very snappy and application switching is blazingly fast compared to my previous SE 960i. The onscreen "Cupcake" keyboard takes a bit of time getting used to and I haven't even had the time to try out the Camera and Camcorder yet. The only really bad thing about Google Android so far is that it is yet another way for Big Brother Google to gather tons of personal data. And now back to playing with the HTC Magic and let's see how long it goes before I have too root it:)

In preparation for yet another cross continent travel plan I finally decided to encrypt my home partition on myX61s laptop. I had to mess a bit with the pam_mount configuration file to make it work so I thought I would share my notes. In the following I will briefly describe how I'm going to use a password protected key stored on an external media to encrypt my home partition. I'll use the same password used for Xorg login to protect the key. So when you get asked to type in a password in the following examples use your normal user password and we'll use pam_mount to pass the password to LUKS once you log in.

First start out by preparing a key:

KEY=`tr -cd [:graph:] < /dev/urandom | head -c 79`
echo $KEY | openssl aes-256-ecb > verysekrit.key

Then create an LVM volume for the home directory and subsitute home with what you like to name the logical volume:

lvcreate -L30G -nhome vg

Then we initialize the volume with our secret key and LUKS:

openssl aes-256-ecb -d -in verysekrit.key | cryptsetup -v --cipher aes-cbc-plain --key-size 256 luksFormat /dev/vg/home

Now lets test that we can open the encrypted volume and format it:

openssl aes-256-ecb -d -in verysekrit.key | cryptsetup luksOpen /dev/vg/home myh_crypt
mkfs.ext3 /dev/mapper/myh_crypt

You can not mount it and sync over your old home like this:

mount /dev/mapper/myh_crypt /mnt/gentoo
rsync -va /home/username/* /mnt/gentoo/

Once everything is synced over we'll close the LUKS volume again:

cryptsetup luksClose myh_crypt

Now unmask and emerge pam_mount:

echo "sys-auth/pam_mount" >> /etc/portage/package.keywords
emerge -v pam_mount

Now configure pam_mount to first mount the SD card (/dev/mmcblo0p1) and then use the key to unlock the home partition by editing /etc/security/pam_mount.conf.xml. Note that if you store your secret key somewhere else the first volume statement may be omitted.

<volume user="username"
path="/dev/mmcblk0p1"
mountpoint="/mnt/mmc"
fstype="auto" />

<volume user="username"
path="/dev/mapper/vg-username"
mountpoint="/home/username"
fstype="crypt"
options="data=journal,commit=15"
cipher="aes-cbc-plain"
fskeypath="/mnt/mmc/verysekrit.key"
fskeycipher="aes-256-ecb"
fskeyhash="md5" />

Then configure PAM to use pam_mount by editing /etc/pam.d/system-auth. Add pam_mount to the auth section like this:

auth required pam_env.so
auth optional pam_mount.so
auth required pam_unix.so try_first_pass likeauth nullok

And to the sessions section like this:

session required pam_limits.so
session required pam_env.so
session required pam_unix.so
session optional pam_permit.so
session optional pam_mount.so

References:

http://en.gentoo-wiki.com/wiki/Booting_encrypted_system_from_USB_stick
http://en.gentoo-wiki.com/wiki/DM-Crypt_with_LUKS
http://en.gentoo-wiki.com/wiki/Root_on_LVM_or_EVMS_over_dm-crypt/LUKS
http://blog.infion.de/archives/2007/05/15/Full-disk-encryption-with-LUKS-on-new-notebook/

Normally I only use open source software, but for some reason I'd like to try out Google Earth. However it refuses to start on my amd64 workstation with the generic error "Could not access graphics card" and when I click OK it crashes.

It's the same issue wether I use Google Earth 5.0.11337.1968_beta or the latest stable 4.2.205.5730.

I updated to latest masked emul-linux-x86-gtklibs-20081109 and got rid of some OpenGL warnings, but Google Earth still refuse to start. OpenGL and DRI (with vblank_mode 0) is working fine with KDE4 desktop effects. Glxgears yields around 500 FPS.

I'm using a Intel Corporation Mobile GM965/GL960 Integrated Graphics Controller with the following X versions:

x11-base/xorg-server-1.5.3-r5
x11-libs/libdrm-2.4.5
media-libs/mesa-7.3-r1
x11-drivers/xf86-video-intel-2.6.3-r1

Oh the joy of proprietary software:-/

Update: Actually it works with a 32 bit chroot as described in 32Bit Chroot Guide for Gentoo/AMD64, emerging mesa glib libXrandr, then Google Earth actually runs. To remove graphics artefacts I had to disable Desktop effects in KDE4. See comments for further details.

I finally retired my managed Linksys switch SRW2008. All in all I should never have spend a cent on this switch. Initially I bought it to play around with Vlans on a small managed switch. However it quickly turned out that the administration interface available via Telnet and SSH were very limited. Configuration of Vlans were only possible in the web based interface and only with some specific versions of IE. So I never got around to actually using the Vlans. Lately it's started to loose packets often 7-14% which makes the net almost unusable. I tried upgrading the firmware, but still the same and also countless powercycles didn't help a bit. I used one of my WRT54G boxes to replace it and it works like a charm:)