xBMachine - what can we expect?

Wow! That sounds so cool. I will definitely have to try and run it from my father's house. that would be fun. I am getting excited about trying it again. I really enjoyed playing with it before.

 

Thanks. That sure is a relief.

 

xB Machine 0.9 BETA is complete. It will be available for download in 2 hours.

- LiveCD or Bootable ISO on windows, linux and mac!
- CD-Rom / USB / HDD Bootable
- Internalized QEMU
- VMware detection and support
- KQEMU accelerator kernel module
- New OS feel & look
- No login required!
- Includes xB Browser
- Includes xB Mail (generic thunderbird atm)
- Torrent support via cTorrent
- Compatible with Tor and XB 1.0 and 2.0
- XB 1.0 automatic credentials downloader
- Self-Destruct

TODO before full release:
- XB 2.0 automatic credentials downloader
- WiFi support
- Sound support
- Installer for vmdisk/crypto drive
- installer for crypto usb
- Update UI for more icons/functions/skin

 

xB Machine 0.9.0.0 BETA is released.

DOWNLOAD HERE

To use this as a bootable CD, just burn the ISO to disc, otherwise run the xBMachine.exe executable.

This version goes zero to GUI in one minute thirty seconds.

 

I downloaded it to my USB stick but haven't installed it on mu computer yet. I hope it is easy to use. Thanks

 

Folks,

Preliminary testing.

ISO on old 600 mhz, 768mb ram, 440bx mobo. linksys LNE100TX 10/100 nic.

1: ISO, booted fine. Gentoo linux appears to be the linux version.All programs appear functional.
2: Could not log in with Transaction ID.(Yes,I have a pro accnt.), so could not test further.( Possible hardware issue)

xBMachine.exe, on XPhome SP2 fully patched.Dell 600m laptop.

1: Qemu loaded & xBMachine booted within perfect. Trans. ID accepted.( Great work xB folks)
2: All programs appear functional.( I did not test xBMail, Chat, or wireless connection yet.
3: Problem with screen resolution. Program icon's are hidden below XP taskbar, yes you can mouse over to popup and use. Could not change screen res. in xB settings.( Would not stick)

That's it for now, will post any further results.

P

 

Noted. Needs more investigation. Can you surf or otherwise connect anywhere? Could be a bad tor circuit.

Ctrl+Alt+F

 

XeroBank,

Managed to use Tor on xBMachine.exe in XP, really slow, so browser times out.

Ctrl+Alt+F works, full screen(my bad), but still can not change screen res..

ISO, still can not connect, pro or tor.
Let me know if there's any other settings to check.

P

ps. I'm posting from xBMachine right now.

 

Tor circuits are hit or miss, I could probably tune it though... heh.

So we've established you've got some sort of network problem with the LNE100TX 10/100. Does it give you any errors at boot?

How long is it taking you to boot up on the 600mhz machine via iso?

What kind of video card have you got on the XP?

 

Today we added a MAC Address randomizer, drastically increased robustness of KQEMU accelerator loading, changed some QEMU network configuration, noticed a KQEMU bug so we disabled it till it is sorted.

Code:

;Copyright (C) 2008 XeroBank
;All rights reserved by XeroBank
;This software is licensed under the latest Torrify Ethical Software License Agreement
;The TESLA License can be viewed at http://www.XeroBank.com/tesla.php
;This source code can not be used to create a commercial alternative.
;
;

!define NAME "xBMachine" ;launcher
!define VER "0.9.1.5"
!include "FileFunc.nsh"
  !insertmacro GetDrives
!include "LogicLib.nsh"
!include "Splash.nsh"

;Program Details
Name "${NAME}"
OutFile "${NAME}.exe"

;Runtime Switches
CRCCheck On
WindowIcon Off
AutoCloseWindow True
Icon "..\..\xbmisc\Icons\xB Machine.ico"


;Variables
VAR HASVMWARE
VAR KQEMUSTATE
VAR EXEDRIVE
VAR DRIVETYPE
VAR INSTALLPRIVS
VAR EXECSTRING
VAR MAC

;Splash settings
!define SPLASH_BITMAP "xBMachine.bmp" # can only be bitmap
!define SPLASH_TEXT_FONT "Arial"
!define SPLASH_TEXT_SIZE 8
!define SPLASH_TEXT_WEIGHT 100
!define SPLASH_TEXT_R 255
!define SPLASH_TEXT_G 255
!define SPLASH_TEXT_B 255
!define SPLASH_TEXT_X1 4
!define SPLASH_TEXT_Y1 185
!define SPLASH_TEXT_X2 500
!define SPLASH_TEXT_Y2 200

!define SPLASH_VER_R 255
!define SPLASH_VER_G 255
!define SPLASH_VER_B 255
!define SPLASH_VER_X1 290
!define SPLASH_VER_Y1 115
!define SPLASH_VER_X2 360
!define SPLASH_VER_Y2 135

Function .onGUIInit

	# initialize splash screen
	!insertmacro SplashInit "${NAME}.bmp"

	# hide window
	System::Call gdi32::CreateRectRgn(i0,i0,i0,i0)i.r0
	System::Call user32::SetWindowRgn(i$HWNDPARENT,ir0,i0)

FunctionEnd

    !define Random `!insertmacro RandomCall`
 
    !macro RandomCall _SEED _MIN _MAX
        ; save global registers
        Push $0
        Push $1
        Push $2
        Push $3
        Push $4
        Push $5
        Push $6
        Push $7
        Push $8
        Push $9		
        ; store parameter
        Push `${_SEED}`
        Push `${_MIN}`
        Push `${_MAX}`
        ; execute function
	Call Random
        ; restore global register
        Pop $9
        Pop $8
        Pop $7
        Pop $6
        Pop $5
        Pop $4
        Pop $3
        Pop $2
	Exch $1
        Exch
        Exch $0
    !macroend

!macro _IsProcessRunning _a _b _t _f
  FindProcDLL::FindProc "${_b}"
  !insertmacro _== $R0 1 `${_t}` `${_f}`
!macroend
!define IsProcessRunning `"" IsProcessRunning`

Section "Main"
	Sleep 1000
	!insertmacro SplashSetText "Reading native media..."
	Sleep 500
	Call FindEXEDRIVE
	${If} $DRIVETYPE == "CDROM" ;If drive is a CDROM
		!insertmacro SplashSetText "Configuring for CD-ROM..."
		Sleep 300
		StrCpy $EXEDRIVE $EXEDRIVE 2 ;Take off the slash 
		StrCpy $EXECSTRING `"$EXEDIR\win32\qemu.exe" -std-vga -L "$EXEDIR\win32\." -m 256 -boot d -cdrom $EXEDRIVE -soundhw all -localtime -usb -net nic,macaddr=$MAC -net user`
		Call LaunchQEMU
	${Else} ;If it isn't a CDROM, it must be a rewritable drive.
		!insertmacro SplashSetText "Configuring for rewritable media..."
		Sleep 300
		Call CheckForVMWare
		${If} $HASVMWARE == 1
			!insertmacro SplashSetText "Launching via VMware..."
			Sleep 500
			StrCpy $EXECSTRING `"$PROGRAMFILES\VMware\VMware Player\vmplayer.exe" "xB Machine.vmx"`
			Call LaunchVMWare
		${Else}
			!insertmacro SplashSetText "Launching via QEMU..."
			Sleep 500
			StrCpy $EXECSTRING `"$EXEDIR\win32\qemu.exe" -std-vga -L "$EXEDIR\win32\." -m 256 -hda "$EXEDIR\win32\storage.img" -boot d -cdrom "$EXEDIR\livecd.iso" -soundhw all -localtime -usb -net nic,macaddr=$MAC -net user`
			Call LaunchQEMU
		${EndIf}
	${EndIf}
SectionEnd

Function CheckForVMWare
	!insertmacro SplashSetText "Checking for VMware..."
	Sleep 300
	StrCpy $HASVMWARE 0
	${If} ${FileExists} "$PROGRAMFILES\VMware\VMware Player\vmplayer.exe"
		StrCpy $HASVMWARE 1
	${EndIf}
FunctionEnd

Function LaunchVMWare
	!insertmacro SplashSetText "Initializing virtual machine..."
	Exec $EXECSTRING
	Sleep 1000
	!insertmacro SplashDestroy
FunctionEnd

Function LaunchQEMU
	Call GenerateMacAddress
	Call CheckPrivileges
	${If} $INSTALLPRIVS == 1
		;Call LoadAccelerator
		!insertmacro SplashSetText "Initializing virtual machine..."
		Sleep 1000
		!insertmacro SplashDestroy
		Exec $EXECSTRING
		${Do} ;Wait for the process to end...
			${Unless} ${IsProcessRunning} "qemu.exe" ;If qemu isn't running, then leave the loop.
				${ExitDo}
			${Else} ;and if it is running, wait a second.
				Sleep 1000
			${EndIf}
		${Loop}
		;Call UnloadAccelerator
	${Else}
		Exec $EXECSTRING
	${EndIf}
FunctionEnd

Function LoadAccelerator
	!insertmacro SplashSetText "Looking for accelerator..."
	;Check to see if the service is already Installed
	SimpleSC::ExistsService "kqemu"
	Sleep 300
	Pop $0
	${If} $0 != 0 ;If isn't installed...
		!insertmacro SplashSetText "Installing accelerator..."
		StrCpy $KQEMUSTATE "FOREIGNER" 
		SimpleSC::InstallService "kqemu" "KQEMU virtualisation module for QEMU" "1" "3" "$EXEDIR\win32\kqemu.sys" "" "" "" ;install as a kernel module, manually activated.
		Sleep 300
		${Unless} ${FileExists} "$SYSDIR\drivers\kqemu.sys" ;Physically make sure it is installed.
			!insertmacro SplashSetText "Installing manually..."
			File /oname=$SYSDIR\drivers\kqemu.sys kqemu.sys
		${EndIf}
	${ElseIf} $0 == 0 ;And if it is...
		StrCpy $KQEMUSTATE "NATIVE"
		SimpleSC::ServiceIsRunning "kqemu"
		Pop $0
		Pop $1
		${If} $1 == 1
			!insertmacro SplashSetText "Accelerator already active..."
			Sleep 300
		${EndIf}
	${EndIf}
	
	;Check if the service is running.
	SimpleSC::ServiceIsRunning "kqemu"
	Pop $0
	Pop $1
	${If} $1 != 1 ;If it isn't loaded, start the service clean.
		!insertmacro SplashSetText "Starting accelerator..."
		SimpleSC::StartService "kqemu" "" ;start kqemu service
		Sleep 1000
	${EndIf}	
	SimpleSC::ServiceIsRunning "kqemu"
	Pop $0
	Pop $1
	${If} $1 != 1 ;If it failed to load, start the service dirty.
		!insertmacro SplashSetText "Manually starting accelerator..."
		Exec "net start kqemu"
		Sleep 5000
	${EndIf}
	
	;Final check
	SimpleSC::ServiceIsRunning "kqemu"
	Pop $0
	Pop $1
	${If} $1 == 1 
		!insertmacro SplashSetText "Accelerator loaded..."
		StrCpy $EXECSTRING `"$EXEDIR\win32\qemu.exe" -kernel-kqemu -std-vga -L "$EXEDIR\win32\." -m 256 -hda "$EXEDIR\win32\storage.img" -boot d -cdrom "$EXEDIR\livecd.iso" -soundhw all -localtime -usb -net nic,macaddr=$MAC -net user`
	${ElseIf} $0 != 0
		!insertmacro SplashSetText "Accelerator failed. Error code $0."
		Sleep 1000
	${EndIf}	
FunctionEnd

Function UnloadAccelerator
	${If} $KQEMUSTATE == "FOREIGNER" ;then uninstall it.
		SimpleSC::StopService "kqemu" ;stop kqemu service
		SimpleSC::RemoveService "kqemu"
		Delete "$SYSDIR\drivers\kqemu.sys"
	${EndIf}
FunctionEnd

Function FindEXEDRIVE
	StrCpy $EXEDRIVE "$EXEDIR" 3 ;Truncate path to drive
	StrCpy $R0 "$EXEDRIVE"      ;Drive letter
	StrCpy $R1 "invalid"
	${GetDrives} "ALL" "GetDriveEnumerator"	
	StrCpy $DRIVETYPE $R1
FunctionEnd
 
Function GetDriveEnumerator
	StrCmp $9 $R0 0 +3
	StrCpy $R1 $8
	StrCpy $0 StopGetDrives
 	Push $0
FunctionEnd

Function CheckPrivileges ;Check to see if the user running this program has privileges to add/remove device drivers.
	!insertmacro SplashSetText "Checking for privileges..."
	Sleep 300
	StrCpy $INSTALLPRIVS 0 ;Set Default... for win9x people, they will not get to load the kqemu accellerator.
	UserInfo::GetName ;Get the username (this will NOT work under win9x)
	Pop $8 ;Pop it from the stack
	UserMgr::AddPrivilege $8 SeLoadDriverPrivilege ;Now check to see if the user has privileges to load drivers
	Pop $9 ;Pop it from the stack
	${If} $9 == "OK" ;If the user does have privileges
		StrCpy $INSTALLPRIVS 1
	${EndIf}
FunctionEnd

Function GenerateMacAddress
	!insertmacro SplashSetText "Generating random MAC address..."
	StrCpy $1 9 ;Number for the seed
	${For} $R2 1 6
		${For} $R1 1 2
			Call GetARandom
			StrCpy $MAC "$MAC$2"
		${Next}
		StrCpy $MAC "$MAC:"
	${Next}
	StrCpy $MAC $MAC 17
	!insertmacro SplashSetText "Generating random MAC address... $MAC"
	Sleep 500
FunctionEnd

Function GetARandom
	; Transforms $2 to random  0 .. 9 .. F value
	${Random} $1 0 15
	Pop $1
    Pop $2
	${If} $2 >= 10
		IntOp $2 $2 - 10
		${Select} $2
			${Case} "0"
				StrCpy $2 "A"
			${Case} "1"
				StrCpy $2 "B"
			${Case} "2"
				StrCpy $2 "C"
			${Case} "3"
				StrCpy $2 "D"
			${Case} "4"
				StrCpy $2 "E"
			${Case} "5"
				StrCpy $2 "F"
		${EndSelect}
	${EndIf}
FunctionEnd


Function Random
; Linear Congruential Generator
; Park, S.K. and K.W. Miller, 1988; Random Number Generators: Good Ones are Hard to Find,
; Comm. of the ACM, V. 31. No. 10, pp 1192-1201

    Pop $2 ; _MAX
    Pop $1 ; _MIN
    Pop $0 ; _SEED
 
    ; n(k+1) = (a * n(k) + b) mod m
    System::Int64Op /NOUNLOAD 16807 * $0
    Pop $0
    System::Int64Op /NOUNLOAD $0 + 0
    Pop $0
    System::Int64Op /NOUNLOAD $0 % 0X7FFFFFFF
    Pop $0
 
    ; calculate value betwenn _MIN _MAX
    IntOp $3 $2 - $1
    IntOp $3 $3 + 1
    System::Int64Op /NOUNLOAD $0 * $3
    Pop $4
    System::Int64Op /NOUNLOAD $4 / 0X7FFFFFFF
    Pop $4
    IntOp $1 $4 + $1
 
FunctionEnd

Function .onGUIEnd

	!insertmacro SplashDestroy

FunctionEnd

 

XB,

"Tor circuits are hit or miss, I could probably tune it though... heh."

Yes, never played with tor much, to slow.

"So we've established you've got some sort of network problem with the LNE100TX 10/100. Does it give you any errors at boot?"

NO, linksys card works fine with ubuntu, and many of it's flavor's, opensuse, etc., and their live cd's. No errors that I've seen, and about 1.5 min. to boot

"What kind of video card have you got on the XP?"

Ati 9000 on xp lappie, Ati 9250 on the ol'e desktop, and yes Ati cards can be a pain in linux (cr*p drivers)but seem to work well for me.(I managed to get compiz-fusion working on the ol'e desktop)
Let us know when their are new beta's., and I'll checkout Gentoo to see if it plays nice with my hardware.

Edit 1: OK, Gentoo has problems with my hardware.Live cd 2008 b2, can not get on the internet, only error during load was Alsa drivers failed, I'll look into this further.
Edit 2: After further investigation Gentoo does not recognize my nic( no network device detected ) and load the correct driver: tulip.Tried to force install from live cd with no luck.Gentoo's auto detection of hardware is lacking compared to other linux distro's. Oh-well it was fun anyway.

 

So I was debating with Kyle the need for NoScript in the browser. My opinion was that we want the viewing experience unhindered, and since everything was protected that we really didn't need it. His counter argument was that most people would be using it for Tor, and if you visit websites that allow all sorts of flash content, then it takes absolutely forever to get that through a Tor pipe. I thought there might be more to it so we abstracted further about a security consequence. What about a man-in-the-browser attack? What happens then?

If some site somehow performed some exploit to load code into the browser, then what? It could read-access other files in the user's workspace. Currently that isn't an issue since there is no user workspace, but when we load up remote profiles and remote drive mounting and allow a user workspace to be saved/created, it will be. I thought more defense in depth would be the answer, and Kyle had that very solution:

In order to achieve lockdown of data, we should lock down each individual process and what it can access. The best way to do that is use the existing permissions system as is. The practical upshot is we can sandbox each program by running it as different users/userlevels, so they can't break out and talk to each other. We'll have to figure out a clean and small way to implement it, but this means the tiny attack landscape just shrunk again drastically.

 

Hey look at that!

I love the new machine, way better.

The problem with screen resolution also occurs here, only the largest setting works and that is too big. If i try to select the smaller setting it jumps back to big again.

What about PGP? I installed the firefox plugin firegpg but i need to point it to the main program, is it still in there somewhere?

The pass for super user could be handy as well.

I also miss the password on start up, but of course i can put the whole virtual machine on a encrypted drive, no pro bro.

Thanks for a grrrrreat job!

 

Well, it wants to run at 1024, so stick with it i guess. I'll think about it. Do you want to resize to another standard dimension or to something variable?

We'll be adding in FireGPG shortly.

As for super user, use sudo command instead.

No user workspace stored = no password needed. Once we have a place again where you save user data, if you so decide after you've logged in, you can save it to an encrypted container, even remotely, and mount it back again, encrypted.

I think we're also adding TrueCrypt support in the next version.

 

Screensize: Im trying to get the other smaller standard dimension.

No workspace is stored: Hups, I downloaded my emails into the email client, I guess they are gone now... Hmm

Some GPG and of course truecrypt would be usful for many users, looking forward to that. When will the next version be out? =)

Workspace would be useful as well...

 

Workspace will be brought back in May, and we were just discussing a new flavor of xB Machine: runs transparently, invisibly, and installs true applications to your real desktop, but everything inside them runs in the virtual machine. So you can use xB Machine's browser, email client, gpg, pidgin, etc. just like on your normal desktop, but xB M runs as a high-tech self-contained sandbox.

I think GPG is already installed, look at the path that Pidgin uses.