Loop-AES.. howto?

Similar Messages

• Loop-aes/mount with gpg-agent

  Hey,
  this is not really an Arch related problem, but as this is the only forum I'm using, I'll try it here. The system I'm testing on is Debian etch. loop-aes and gpg-agent alone work fine, when I decrypt data with gpg, pinentry is called and gpg-agent stores the passphrase. I can encrypt/decrypt partitions with loop-aes using a keyfile etc. Now the problem: to decrypt encrypted partitions I want to use a keyfile which is encrypted with gpg. The fstab entry is like this:
  /dev/hda10 /yyy ext3 defaults,loop=/dev/loop4,encryption=AES128,gpgkey=/root/key.asc 0 0
  When I now mount /yyy, the system asks for the passphrase, but not with pinentry. So gpg-agent doesn't store the passphrase. Any ideas?

  Hey,
  this is not really an Arch related problem, but as this is the only forum I'm using, I'll try it here. The system I'm testing on is Debian etch. loop-aes and gpg-agent alone work fine, when I decrypt data with gpg, pinentry is called and gpg-agent stores the passphrase. I can encrypt/decrypt partitions with loop-aes using a keyfile etc. Now the problem: to decrypt encrypted partitions I want to use a keyfile which is encrypted with gpg. The fstab entry is like this:
  /dev/hda10 /yyy ext3 defaults,loop=/dev/loop4,encryption=AES128,gpgkey=/root/key.asc 0 0
  When I now mount /yyy, the system asks for the passphrase, but not with pinentry. So gpg-agent doesn't store the passphrase. Any ideas?

• Loop-AES and Arch

  Hi,
  I was thinking on making a distro hop again, this time to Arch. I have used Arch once before but that didn't impress me as I din't even get my nVidia drivers installed
  Im currently running Debian Sid with encrypted LVM partitions using the dm-crypt.
  After browsing net a bit and making myself more familiar to encryption options I though to try the loop-AES as it seems to be more secure and faster option than the dm-crypt.
  Does loop-AES work with LVM or how?
  After I have sufficient info I think I try to install it on my laptop.
  Correct me if I'm wrong, you can install a Arch and then encrypt the existing installation without erasing the data on partition with loop-aes?
  I'm planning on using the Suspend2 also with the loop-aes. I'll follow this http://wiki.suspend2.net/EncryptedSwapAndRoot.

  Ranguvar, you probably want to use our archiso scripts http://projects.archlinux.org/?p=archiso.git;a=summary
  they even come with the config files we use for our official releases.
  Just look at the file with the package list and replace the packages you want.
  See also http://wiki.archlinux.org/index.php/Dev … o_building

• Modified Arch install CD with Zen kernel and loop-AES

  Hello,
  I'm looking to benchmark a bunch of filesystems and encryption setups in real-world scenarios. I'm trying to figure out the best (fastest) way to modify the Arch 2009.02-RC2 image with the Zen kernel, patched util-linux-ng and gnupg, and loop-AES module.
  I've looked around for info on doing this, but I can't find much. Building the Arch ISOs the traditional way I believe is tied to kernel26...

  Ranguvar, you probably want to use our archiso scripts http://projects.archlinux.org/?p=archiso.git;a=summary
  they even come with the config files we use for our official releases.
  Just look at the file with the package list and replace the packages you want.
  See also http://wiki.archlinux.org/index.php/Dev … o_building

• LOOP-AES kernel and util support

  Hey,
  I am a fan of loopaes the problem is updates, everytime a new kernel comes out I must d/l the kernel copy the .config
  than menually disable CONFIG_BLK_DEV_LOOP to N instead of Y or M
  recompile the kernel and recompile the loopaes and util-linux with a patch.
  My suggestion is that there will be an option to update automatically to kernel with disabled CONFIG_BLK_DEV_LOOP
  so atleast I wont have to recompile the kernel after every update which takes alot of time.
  (Of course it will help if u will have util-linux patched with loopaes and gpgnu but that the easy stuff)
  I noticed Debian and Centos both have modified kernels but i really like my arch so please see what u can do to help.
  Sincerely,
  Loyal arch user.

  Don't expect this any time soon. If you want less work for yourself, switch to dm-crypt.

• /boot partition on USB disc for encryption scheme

  Hello archers!
  i have recently embarked on a project to create a fully encrypted harddrive with the boot routine entirely on a USB pen, as described in this guide
  http://linuxreviews.org/howtos/security … ex.html.en
  Now, seeing as Loop-AES is not supported in arch, it would mean i'd have to rebuild util-linux amongst other things, and it would be a hassle to maintain. I have taken a look at the dm-crypt + LUKS approach on the wiki, and i was wondering if it was possible to move the /boot partition to the USB pen along with a keyfile and the nessecary routines to make it boot? And if i can, could anyone give me some pointers as to how?

  As I have done exactly that - yes.
  (well, with CF cards and not USB pen, but since the controller is USB it's technically the same)
  First, prepare the USB stick.
  - zero it: 'dd if=/dev/zero of=/dev/sdX (<- careful here!) bs=4M'
  - put a partition on it; I used cfdisk, normal Linux type 83, and marked it bootable (not really necessary, but hey ;)
  - put a filesystem on it; I used plain Ext2 minus all the fancy new stuff (no journal, no 256-byte inodes, no resize_inode, no dir_index, no reserved blocks...)
  - make it bootable; I used Grub and had a hard time until I finally got to the normal Grub menu, but I don't remember why ... sorry ^.^
  On the topic of Grub, you need a menu.lst:
  title Arch Linux
  root (hd0,0)
  kernel /vmlinuz26 cryptkey=/dev/disk/by-uuid/<UUID-of-Ext2fs-On-UsbPen>:ext2:cryptvg.key cryptdevice=/dev/disk/by-uuid/<UUID-of-Encrypted-RootDisk>:vg root=/dev/mapper/vg-root ro radeon.modeset=1 # okay, KMS is a bit off-topic... :p
  initrd /kernel26.img
  That's already full-featured, as my setup uses a keyfile instead of a passphrase, and it's an LVM-on-LUKS setup.
  Scrap the "cryptkey=..." if you want to input a passphrase on boot.
  You really want to use the UUID scheme and for that, 'blkid' is your friend.
  Next up is the initramfs, so edit /etc/mkinitcpio.conf.
  I tend to keep it minimal (my CF card is not exactly huge - 8 MB ;-) so only the really required modules and hooks:
  -> MODULES="intel-agp radeon ehci-hcd usb-storage ext2 sd_mod ahci jfs"
  The first two because I want early KMS, the next two to recognize the USB reader, ext2 to read the keyfile, sd_mod is mandatory and you'd have to modify the last two for your setup - type of IDE/SATA controller and root filesystem
  -> CRYPTO_MODULES="aes-i586 xts"
  Pretty straightforward - you can simply omit the line, the image will just get a bit larger
  -> HOOKS="base consolefont udev encrypt lvm2"
  Simple again - you always want "base+udev", it's LUKS encrypted and in there lies the LVM stuff; "consolefont" just in case, so you have the same keyboard layout as in /etc/rc.conf right from the start.
  -> COMPRESSION="lzma"
  8 MB CF card, remember?  >.<
  Now rebuild the image: 'mkinitcpio -p kernel26' (or specify its location directly with -g)
  Last but not least put the /boot stuff (minimum: System.map26, vmlinuz, kernel26.img and the grub/ dir) on the stick and have fun rebooting! :-p
  You also might want to read the relevant wiki article a few times more, just in case.
  And one final note: I didn't do this with a fresh install, but converted an existing Arch setup to LUKS+LVM after getting a new machine, so I can't say how this would work together with the current installer.
  Last edited by byte (2010-05-31 01:43:46)

• (Paranoid) physically locking down harddrives through the FS

  Basically what I have and want to do is lock down my fs including swap.  Basically I use my linux box for file sharing ect.  Some of my files on this box are lets say are not kosher.  Basically what I want are encrytpted hard drives (both are non-removable).  I really don't care if the startup of the system requires passwords to boot up and require physical apperance to enter them in.  My box has had times of 6 months of up time without reboot (gotta love linux).  I know I am looking into a bit of a performance decrease but i am willing to take the hit.  I read a little about loop aes from linuxquestions.org but nothing to relavent.  Right now my linux box is going through a Gutmann format and awaiting my new installation of Arch hopefully with cryto'ed drives.  I tried looking for packages and ect.. but no luck.  I was wondering if someone has done this before share with me how to do it that is also using Arch.  Before I get flamed that if any gov agency(or corps that like to act like gov agency, I won't say names....MPAA) want to break it they can...I know they have the resources to do it but the cost of doing this for the files I have will not be cost effective.  Any help would great...

  the best protection against getting caught breaking the law is to not break the law
  other than that...once you've broken the law, you can't really protect yourself - you can only try not to get caught.  i3839 is right, if they're confiscating your PC you're already pretty well screwed.  And believe me, it's not that hard to get past any encryption stuff you could possibly put on your drives.  It'd take them an hour at most - they already have all the tools.

• [Solved] PKGBUILD user error prevention vs intrusive sanity checks.

  I read over the AUR packaging standards and am pretty familiar with creating PKGBUILDs but I'm uncertain on how to proceed when I need to check a system file so the user doesn't accidently install a package that may or may not mess up their system. I don't know how I feel about checking a user's system files from within a PKGBUILD. To be more specific; I'm maintaining "util-linux-aes" which is the util-linux package with loop-AES support (via patch). As brought to my attention by 'gemon' on the AUR page: http://aur.archlinux.org/packages.php?ID=47060  I should probably check if user has a kernel with loop-AES (loop.[k]o) patched as it may cause harm to their system if they use util-linux-aes and don't have a patched kernel. I'm somewhat torn about how to address the situation. Should a simple echo message suffice, giving warning about installing or should I insert code (as shown below) to check for proper kernel config options?
  I thought about adding a kernel config check in a util-linux-aes.install file but if it returns or exits with 1 the package still installs. So I had to migrate the check to the PKGBUILD itself (which makes more sense I guess) and I'm not sure if this is considered an "intrusion" and/or unclean method of dealing with this. To make things more clear, here's my proposed PKGBUILD (current PKGBUILD doesn't have the config check):
  # Maintainer: milomouse <vincent[at]fea.st>
  # Contributor: judd <jvinet[at]zeroflux.org>
  _basename=util-linux
  pkgname=${_basename}-aes
  pkgver=2.19
  pkgrel=5
  pkgdesc="Miscellaneous system utilities for Linux, with loop-AES support"
  url="http://userweb.kernel.org/~kzak/util-linux-ng/"
  license=('GPL2')
  arch=('i686' 'x86_64')
  groups=('base')
  depends=('bash' 'ncurses>=5.7' 'zlib' 'filesystem')
  optdepends=('perl: for chkdupexe support')
  provides=('linux32' "util-linux=${pkgver}" "util-linux-ng=${pkgver}")
  conflicts=('linux32' 'util-linux' 'util-linux-ng' 'e2fsprogs<1.41.8-2')
  replaces=('linux32' 'util-linux' 'util-linux-ng')
  options=('!libtool')
  _loopaesdate=20110226
  _loopaesvers=v3.6b
  _loopaesdiff=${_basename}-${pkgver}.diff
  source=(http://www.kernel.org/pub/linux/utils/${_basename}/v${pkgver}/${_basename}-${pkgver}.tar.bz2
  http://downloads.sourceforge.net/project/loop-aes/loop-aes/${_loopaesvers}/loop-AES-${_loopaesvers}.tar.bz2)
  build() {
  cd "${srcdir}/${_basename}-${pkgver}"
  # check for compatability first
  warning "You must also have a loop-AES patched kernel (loop.ko) for this to work."
  warning "You may end up damaging your system otherwise. Checking now..."
  if [[ -f /proc/config.gz ]]; then
  if [[ $(zgrep CONFIG_BLK_DEV_LOOP= /proc/config.gz) == CONFIG_BLK_DEV_LOOP=[ym] && \
  $(zgrep CONFIG_BLK_DEV_LOOP_AES= /proc/config.gz) == CONFIG_BLK_DEV_LOOP_AES=y ]]; then
  msg "Everything looks OK."
  else
  error "CONFIG_BLK_DEV_LOOP / CONFIG_BLK_DEV_LOOP_AES are not correct, aborting!"
  return 1
  fi
  elif [[ -f /usr/src/linux-$(uname -r)/.config ]]; then
  if [[ $(zgrep CONFIG_BLK_DEV_LOOP= /usr/src/linux-$(uname -r)/.config) == CONFIG_BLK_DEV_LOOP=[ym] && \
  $(zgrep CONFIG_BLK_DEV_LOOP_AES= /usr/src/linux-$(uname -r)/.config) == CONFIG_BLK_DEV_LOOP_AES=y ]]; then
  msg "Everything looks OK."
  else
  error "CONFIG_BLK_DEV_LOOP / CONFIG_BLK_DEV_LOOP_AES are not correct, aborting!"
  return 1
  fi
  else
  error "Cannot find a kernel config to check options, aborting build!"
  error "If you're POSITIVE you have a patched kernel, edit PKGBUILD to remove this."
  return 1
  fi
  # if all went well; provide loop-aes support
  patch -Np1 -i "${srcdir}/loop-AES-${_loopaesvers}/${_loopaesdiff}"
  # hardware clock
  sed -e 's%etc/adjtime%var/lib/hwclock/adjtime%' -i hwclock/hwclock.c
  autoreconf
  automake
  ./configure --enable-arch --enable-write --enable-raw --disable-wall --enable-partx
  make
  package() {
  cd "${srcdir}/${_basename}-${pkgver}"
  mkdir -p "${pkgdir}/var/lib/hwclock"
  make DESTDIR="${pkgdir}" install
  md5sums=(
  '590ca71aad0b254e2631d84401f28255' # util-linux-2.19.tar.bz2
  '247e5a909877577bdcd246f8caada689') # loop-AES-v3.6b.tar.bz2
  sha384sums=(
  '05e8e3a2685ff47c57d56bf9d5bfc9cbe5c1fa85200f403c5ccc08676b9b713fc935b3b040d5d5dcd2c5aa14b631f1bd' # util-linux-2.19.tar.bz2
  '48ee55e996464f613d68e04bc661997a846989fef4d8a21fb0647c126c64e5ecdb218a37c75f6d3baccfebb2d89503ea') # loop-AES-v3.6b.tar.bz2
  Is it too much [attempting to help the user] by doing this sort of check, is it considered bad practice?
  Even if it's ok, I don't know if I'm going about checking this correctly, although in my mind it makes sense. Checking against the kernel config, I mean.
  Advice on any of these aspects is appreciated, as I'd hate to think I'd unwittingly let a user harm their computer somehow by not checking or at least warning. Again, my main concern is if this is considered bad practice and if it is what are my alternatives. (if this has been discussed before, I'm sorry, just point me in the right direction, thanks).
  Thanks for reading.
  Last edited by milomouse (2011-03-04 15:51:50)

  milomouse wrote:
  @ngoonee:
  My first instincts told me as such (also noted on AUR page comments), that a user should well know what this package is and what it does and need not be checked against their system, and those without the knowledge shouldn't be messing with it in the first place. But with another user of the package bringing the attention that some poor user might install this without full knowledge of it's implementation and/or thinking this package by itself may provide loop-AES (unknowing of kernel patch) they might fall prey to unbeknownst side-effects.
  I guess a warning message will suffice for sanity's sake [under pre_install(), I guess], as I don't think I should create depends on an AUR kernel with current loop-AES support that I don't maintain myself (otherwise I'd have to follow it's inclusion).
  Thanks for the support, though, albeit a bit rough. But for future reference; is checking a user's system files considered OK or should the same rules as this package apply (user knowledge)? I can't imagine every package installing OK without at least one of them checking against a user's current setup.
  In general I don't think checking the current system is 'okay'. PKGBUILDs are meant to create packages. There's no reason these need to be created on the same system as they will be installed on (perhaps a chroot would be used just for building, or a buildserver). Or maybe someone may have multiple machines which share packages or the cache.
  A depends would be the best option in this case, followed by the warning (the former does not mean the latter is not needed). Your check would fail in the cases I outline in the previous paragraph.

• Losetup and mount during boot

  I want to use losetup to map a disk image file to a loopback device (dev/loop0) during boot.
  I would also want to mount this device as my home partition.
  The disk image is not located on the root partition, but on another separate partition.
  I can do this manually by using following commands:
  losetup --find --show /mnt/data/home-flat.vmdk
  losetup -o 32256 /dev/loop1 /dev/loop0
  mount /dev/loop1 /home
  The reason I need this, is that I have a dualboot setup (windows,archlinux) but also want access to an arch system via a virtual machine from within windows.
  So I basically have two arch-installations, which share a home partition(the disk image above).
  I cannot just map a real partition for the vm, because my disk has a gpt partition map and vmware currently does not support that.
  I've looked at creating a custom hook for this, but I am at a loss, especially because the disk image is itself located on a (ntfs)partition,
  which itself needs to be mounted before executing the losetup commands.
  Any ideas?

  Sorry for the delayed response.  I've been away from the computer all weekend.
  hungerfish wrote:
  Thanks for the help.
  I'm still using the init scripts, but will be migrating soon, so now I know where to look come the time
  Your solution however doesn't quite work, as I had to add
  mount /dev/loop1 /home/
  to /etc/rc.local instead of /etc/fstab , because (I assume) losetup hadn't finished by the time fstab gets parsed.
  This isn't ideal, but it certainly works, so again thank you for your post!
  Hmmm.   The "sysinit_premount" parameter to add_hook should have made this happen before
  /etc/fstab is even parsed.
  Can you show your /etc/fstab entry?
  Ok, I found that hitting scroll-lock pauses during boot/shutdown, so I was able to read:
  loop: Write error at byte offset xxx, length 4096
  Buffer I/O error on device loop0
  Buffer I/O error on device loop1
  JBD2 Error -5 detected when updating journal superblock
  This pattern repeats a few times, always at different 'offsets'.
  Maybe since the file is on an NTFS partition (I assume ntfs-3g?)  Perhaps it killed off the
  fuse module that kept NTFS volume mounted before unmounting /home, or removing the
  loop devices. Just a guess on that one.
  I have used the technique I describe before to pre-setup loop devices for old loop-AES volumes, and it
  worked for me.
  EDIT3:
  So I just had a really bad crash (running as vm), after which I needed to manually fsck and repair the filesystem on the virtual disk. So I guess I'm missing something... sad
  Is it possible you suspended the VM rather than shutdown before mounting on linux?  That might cause this.

• Encryption (Filenames/metadata, what to encrypt, resizing)

  I've already decided to use an unencrypted root, either loop-aes or LUKS/dm-crypt to encrypt my swap (I will benchmark to decide), loop-aes/EncFS/LUKS to encrypt /tmp (or I will use tmpfs, since I have 6GB of RAM... any opinions?), and either LUKS, loop-aes, or TrueCrypt for my personal /home. /var/tmp will be an EncFS.
  First, as mentioned above, any advice from those with experience on making a separate /tmp to encrypt with traditional methods vs. using tmpfs for /tmp (6GB RAM)? What kinds of operations use /tmp the most (I know optical disc writing does) (this will help to benchmark with/without tmpfs), and to what extent? Same questions for /var/tmp? I know tmpfs will automatically move lesser-used stuff to swap instead of main RAM - does it do this well, and does it adjust how much it does that depending on how much free RAM there is?
  Second, I know TrueCrypt will encrypt filesystem metadata (the important thing being file names), and EncFS does since late last year. I'm pretty sure LUKS/dm-crypt and loop-aes also do, but I'm not 100% sure. Is anyone certain they do?
  Third, any comments on how I've decided to set up my system? Are there any places I'm missing to encrypt?
  And fourth, any info on resizing any of the above encryption setups (on block devices on LVM) would be very much appreciated.
  Thanks!!
  NOTE: I'm also considering just encrypting everything except probably /usr... it would be simpler, that's for sure. We'll have to see what the damage is in terms of speed.
  NOTE 2: I will definitely post my results so others can see when I'm done. I will be running the benchmarks on both a quad-core with 7,200rpm hard drives and an elderly ThinkPad with a Pentium M Banias and a 5,400rpm drive. I'll also do a few quick benches to see whether the differences between file system change when encryption is used.... this'll be "fun".
  I'm also asking these questions here, for any reading this that are also interested.

  If someone takes it, puts it into another computer, and looks at each sector.
  I know some encryption methods don't encrypt filesystem metadata, which means filenames, permissions, etc.. eCryptfs didn't until recently, for example. I know TrueCrypt does, but I'm not 100% sure that LUKS and Loop-AES work.
  And to you, I recommend you find a way to encrypt /var/tmp and /tmp... if you burn something to DVD, for example, that's on your encrypted partition, the temp files will be stored in /tmp. Now your encrypted stuff has been written unencrypted to your hard drive, and can be recovered at least partially without too much trouble. /tmp can be a tmpfs (swap and RAM are used), but /var/tmp needs to be persistent -  a separate encrypted partition, or eCryptfs (might be too slow).
  Last edited by Ranguvar (2009-02-17 20:12:56)

• FieldLoop within TabPanel: HowTo pass loop variable to form within a Tab

  Dear all,
  I have a Tabbed User Form which contains a FieldLoop that creates Tabs based on the FieldLoop loop-variable.
  Each created Tab should include the same form which differs only by the value of the loop-variable.
  So I have a list of all my SAP systems, and want to create per SAP system a SAP User form that handles
  the specific SAP resource.
  In general this works, but it seems that only the first element of my list of SAP systems is passed through
  the underlying form.
  Here's an extract of the code I've wrote:
  ===[ FILE : MY TABBED USER FORM . XML ]========================================================
  <!-- define list of managed SAP systems / START -->
  <Field name='MANAGED_SAP_LIST'>
  <Display class='Text'>
  <Property name='title' value='MANAGED_SAP_LIST'/>
  </Display>
  <Default>
  <List>
  <String>SAP_XXX-AAA</String>
  <String>SAP_XXX-BBB</String>
  </List>
  </Default>
  </Field>
  <!-- define list of managed SAP systems / END -->
  <!-- main tabs / START -->
  <Field name='MainTabs'>
       <Display class='TabPanel'/>
       <!-- loop through assigned SAP systems / START -->
       <FieldLoop for='currentSAP' in='MANAGED_SAP_LIST'>
            <!-- new TAB / START -->
            <Field name='$(currentSAP)'>          
            <Display class='EditForm'/>
            <FieldRef name='accountId'/>
                 <!-- invisibe field containing current loop value (i.e. SAP system name) / START -->
  <Field name='SAP_SYSTEM'>
  <Display class='Text'>
  <Property name='invisible' value='true' />
  <Property name='title' value='SAP_SYSTEM'/>
  </Display>
  <Default>
  <ref>currentSAP</ref>
  </Default>
  </Field>
                 <!-- invisibe field containing current loop value (i.e. SAP system name) / END -->
            <!-- include the SAP User Form / START -->
  <FormRef name='MY SAP User Form'/>
            <!-- include the SAP User Form / END -->
       </Field>
            <!-- new TAB / END -->
       </FieldLoop>
       <!-- loop through assigned SAP systems / END -->
  </Field>
  <!-- main tabs / END -->     
  ===============================================================================================
  ===[ FILE : MY SAP USER FORM . XML ]===========================================================
  <Field name="thisSAP">
  <Display>
  <Property name="title" value="Managed SAP SYSTEM" />
  <Property name="readOnly" value="true" />
  </Display>
  <Expansion>
  <ref>SAP_SYSTEM</ref>
  </Expansion>
  </Field>
  ===============================================================================================
  So currently I got 2 new tabs (as I defined 2 SAP systems) but the field "thisSAP" allways displays the first element of my list (i.e. SAP_XXX-AAA)
  Is there another way to pass a FieldLoop loop-variable to an underlying form ?
  many thanks in advance
  Best regards
  Joerg

  Sorry i figured it out.
  I had other session variables i was referencing in my sql query and had to add an:
  or :p11_other is null
  to my SQL query for each of them.

• Building a custom loop - howto?

  Hello all,
  I tried my best to find a tutorial about this on the web, but didn't found one...
  What I want to do is to build a JSF custom component that renders its child-elements for n times. A small snippet to clarify this:
  <mycuic:coolLoop beanToEvaluate="#{evalBean}">
  <h:outputText value="foo bar"/>
  </mycuic:coolLoop>
  How many times "foo bar" should be rendered depends on the "evalBean" (I have to read out one of its properties and than do some more arithmetic - no "standard" Component can help me with this).
  So how to start? I know that in "UIComponentBase" there is a method "getChildren()", which should give me the "outputText"-Component in form of a "UIComponent" with the example above, shouldn't it?
  What now? Call "encodeBegin(FacesContext facescontext)" for n times? I think this will not do the job done for me...
  Thanks a lot in advance for any hint, howto or tutorial!
  Best regards
  Stephan

  Take a look at the source code for the Tomahawk tag dataList.

• Recording Audio Track on iPhone - Loop Function off - howto?

  How can I record an ongoing Audio track without Garage Band overwriting my recording every 8 bars?
  Is surely simple - I just can't find the function.
  Thank you in advance.

  You need to change the length of the song sections and turn on "automatic" for your recording, see this Help page:  http://help.apple.com/garageband/ipad/2.0/index.html#chs3c3ef5dc
  Change the length of a section
  Open the song section controls and tap the section you want to change.
  Tap the up or down arrow next to Manual to lengthen or shorten the section incrementally by bars. You can swipe vertically to change it in larger values.
  If you want the section to match the length of your next recording (to the nearest bar), turn on Automatic before you record. This is especially useful when recording improvisations or longer parts. The Automatic option is available only for the last (rightmost) section in a song.
  Tap anywhere in Tracks view to close the song section controls.
  When you shorten a section, any regions extending past the end of the section are shortened. When you lengthen a section, all regions that extend from the beginning to the end of the section now loop to the new end of the section. A section can be any number of bars, and the overall song can be up to 320 bars long.

• How can I update cluster items from inside a while loop that does not contain the cluster?

  I have a VI that contains front panel clusters and two while loops. The main cluster contains items such as a doubles "distance" and "stepsize" and boolean "step" (a whole buch of this type stuff). The first loop contains an event structure to detect front panel changes and the second contains code and sub VIs to perform operations based on detected events.
  The operator can enter data into either double or click the boolean. If distance is changed the second loop does what is required to process the change. The same happens with stepsize. If step is clicked the ±stepsize value is added to distance and the result is processed. In each case the front panel should track the result of the input and subsequent processing.
  Because the clusters are outside the while loop, they are not updated unless I click 'highlight execution' which seems to allow updating each time the execution highlight is updated. There are other issues if I move the clusters into one of the loops.
  I've tried referencing the clusters and using local variables and nothing works. It looks like overkill to use shared variables for this.
  Any ideas would be greatly appreciated.
  Thanks,
  Frank    

  Hi Ben,
  Thank you for the response. I followed the link and tried reading everything you posted on AEs but I'm afraid that I didn't understand it all. It seems that each AE example had a single input and a single output (e.g. a double). Is this the case? 
  What I have is a couple of front panel clusters containing (approximately) 18 control doubles, 8 indicator doubles, 5 boolean radio button constructs and 26 boolean control discretes. I clusterized it to make it readable. In addition I'll eventually have a cluster of task references for hardware handles.
  All I want to do is update the front panel values like I would do in a C, VB or any other language. I've tried referencing the cluster and using the reference from inside the loops. I've tied using local variables. Neither works. I'm experimenting with globals but it seems that I have to construct the front panel in the gloabal and then I wouldn't know how to repoduce that on the front panel of the main VI.  Sometimes it seems that more time is spent getting around Labview constructs than benefitting from them.
  I hope the 'Add Attachment' function actuals puts a copy of the VI here and not a link to it.
  Thanks again for the suggestion,
  Frank 
  Attachments:
  Front Panel Reference.vi ‏33 KB

• Security comments, am I on track? Encryption using AES

  I have implemented a crypto, but I cant say that I fully understand every step and hence not how secure it is/isnt.
  One thing I noticed was if I generated keys with a length other than 128/192/256 I got Exception in thread "main" java.security.InvalidKeyException: Key length not 128/192/256 bits
  I also wonder about the ivBytes, should I generate them in some specific way?
  Any other comments are also very appreciated.
  I genereate a key like this    SecureRandom     random = new SecureRandom();
      javax.crypto.KeyGenerator generator = KeyGenerator.getInstance("AES", "BC");
      generator.init(256, random);
      Key encryptionKey = generator.generateKey();
  //Save to fileEncode like this
  byte[]        input = "SOME SECRET OF MINE".getBytes();
      //Read key from file
      byte[]          ivBytes = new byte[] {
        0x00, 0x00, 0x00, 0x01, 0x04, 0x05, 0x06, 0x07,
        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 };
      Cipher          cipher = Cipher.getInstance("AES/CTS/NoPadding", "BC");
         cipher.init(Cipher.ENCRYPT_MODE, encryptionKey,
        new IvParameterSpec(ivBytes));
      byte[] cipherText = new byte[cipher.getOutputSize(input.length)];
      int ctLength = cipher.update(input, 0, input.length, cipherText, 0);
      ctLength += cipher.doFinal(cipherText, ctLength);
  //Save ciphertext to fileDecode like this
  byte[]          ivBytes = new byte[] {
        0x00, 0x00, 0x00, 0x01, 0x04, 0x05, 0x06, 0x07,
        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 };
      //Read cipher from file
      //Read key from file
      Cipher          cipher = Cipher.getInstance("AES/CTS/NoPadding", "BC");
      cipher.init(Cipher.DECRYPT_MODE, decryptionKey,
        new IvParameterSpec(ivBytes));
      byte[] cipherBytes = Utils.fromHex(cipherText);
      byte[] plainText = new byte[cipher.getOutputSize(cipherBytes.length)];
      int ptLength = cipher.update(cipherBytes, 0, cipherBytes.length, plainText, 0);
      ptLength += cipher.doFinal(plainText, ptLength);
                                   System.out.println(ptLength);
      System.out.println("Hidden was:" + Utils.toString(plainText));

  No.
  I will repeat one of Tom Kytes' mantras here
  1 when you can do it in 1 SQL statement, you should do it in SQL
  2 When you can not do it in SQL, you should do it in PL/SQL
  3 When you can not do in in PL/SQL, you should do it in Java
  Which means: You should things non-procedurally as often as possible. Quite often people resort too early to 3GL strategies.
  update inside a loop raises a red flag, especially if there would have been a commit inside this loop. This means you are not only into slow-by-slow prtogramming, but also increases the possibility of ora-15555 errors.
  Sybrand Bakker
  Senior Oracle DBA