Sunday, June 21, 2015

Acer Chromebook 15 external drive encryption & other solved problems

I have two important things that I cannot do on ChromeOS so I have to install Ubuntu via Chrubuntu - openvpn and encryption. Chrubuntu isn't going to be supported since C720. Crouton is basically ChromeOS kernel allowing you to install Ubuntu software, so it didn't work just like Chromos. Now solutions to both are available and I can move on to the cloud.

The easier is encryption of external drive. Last time I tried ecryptfs on chromeos it didn't work. I have only seen questions and no body say they worked it out. Until I found that one guy did the same as I did but it worked. I don't know which model he used. So I did it and it worked. Of course you need to be in developer mode so you get the proper linux shell.

So it's the same as in Ubuntu or any linux I suppose:
#mount -t ecryptfs .encryptedfolder decryptedfolder
I like to separate the encrypted files and hide this folder. Use all the default parameters and it will be fine, or just remember what parameters you used when you encrypt. For the first time mount, ecryptfs will warn that you may be mistyping, and offer to save something so it can check next time. You have to say no to work. The directory to write to doesn't exist in ChromeOS or the permission isn't right. If you say yes it is an error and the mount will fail. That's it. I saw all my old encrypted files in the usb drive. If I get hold of my old developer mode C720 I will try it again.

Now for the VPN. You have to find a provider that supports the subset of openvpn that chromos demands. I settled for L2TP. It's could be as secure as openvpn, but somewhat slower. But the problem is, you have to login first and then start the vpn. So somebody monitoring you on your ISP knows your email address. Maybe the login credentials are encrypted, but Google have your clear IP anyway to connect to your email ID.

SSH on chromos works and you can use it as a proxy before you login Google. But I can't find ssh providers. My vpn provider once supports ssh but now they advise against it. So I ran openvpn on my dd-wrt router. Login to Google. Stop the router vpn. And start the L2TP. You don't want to run openvpn on the router because the processor is not as powerful and that all traffic is encrypted. Ideally one SSID should be the vpn channel while the others are clear. Nothing works from the net, or I don't understand a bit. Establishing a VPN with PrivateInternetAccess is already an achievement. It will be a story for another day.

I would have settled for hiding some less important files. With a simple option on the file manager, the hidden files can easily be seen. Windows does not honor the dot, neither does the TV. So I turned on the hidden flag of the usb drive partition. All OS works except for Chromos! It is Linux but ignores the hidden flag. So I create 10 hidden folders and with 10 hidden folders inside each, and so on. I just need a link to the folder where the real things are. In linux you just need a symbolic link inside your private directory pointing to the folder in the external drive. It's the same in Chromos except that the Files manager don't show links!!! I thought of using the Chrome browser with the file:/// protocol. It's perfect. But the browser only knows how to handle file types that it knows. For X265 vidoes, the video player doesn't do anything. You can use the x265 player from chrome store, but you have to type a deliberately difficult path name every time.

Though the vpn steps sound complicated, but being linux, you can script it. Chromeos even comes with the iconic vi editor! Without logging in or entering guest mode, you can ctrl-shift-right-arrow to get to shell. Then run the script:
#ssh root@192.168.1.1 'sh /tmp/openvpn/start'
The start script is my custom persistent script on dd-wrt. There is also a stop script.

I think the C740 at 11" doesn't sell. The same C720 with a maybe 20% faster CPU? I could have got a new C720 for $150 at black Friday last year. The new very cheap chromebooks aren't options. The C720 is one of a kind with super performance for that price. Newer chromebooks in the same class have worse processor, worse screen and non SSD storage. The reason to buy the chromebook 15 is the full 1080p and better IPS screen. The processor is somewhat faster just to be sure. Also 2GB memory and 16 GB never cause problem for me, but double that for about $100 is a no brainer, now that I'll be moving to the cloud and replacing my desktop.

The iCore option for C720 and others is expensive. I looked at bench marks in the past because I do video recoding from time to time. You can hire a fast machine at Amazon just to do that but it takes time and money to move the video back and forth. Now I don't do recoding anymore and myself is the benchmark. The C720 meets all my needs and I don't need anything faster. And I won't go for anything slower.

One thing that surprise me is H.265 codec. You can play mkv files on chromebook with that codec using the X265 app. But ... ! The app says the processor is not fast enough for real time! What? I just paid some $300! It seems fast enough but I can see "artifacts" clearly on the screen, like a patch of bad or blurred skin. It's only 720p ! Of course H.264 mp4 1080p videos are playing perfectly on all my chromebooks. So I don't expect that at all with a faster cpu. But the cpu should be able to handle that. Just that the app is not exactly native to chrome, not sufficiently optimized and the sound coding AC3 is the weaker link. Fortunately there's few x265 videos around.

The other video thing is that nothing on chromeos plays wmv. People suggested to run Android app on chrome. Some say it works but not anymore for me.

Have you noticed that Google is killing Linux & Firefox deliberately or otherwise. Chromebook is good because there is never a Linux portable at a reasonable price. It's a low volume custom business. Ubuntu One and Firefox sync can't compete with Google. Ubuntu One had to shut down. Firefox sync for me didn't work all of a sudden, only to find out a lot later that they are claiming to have redesigned it. I never bothered trying it.

Ubuuntu itself is breaking up. There have been constant updates for the same things over and over. I think they are struggling. But ibus still doesn't work for me. Basically I can't type if I am not using English. In a way you can regard the killer app for google is the google input if you need any language other than English and similar European languages. At the least, I am not aware of any spell checker that keeps your custom dictionary in the cloud. Google doesn't do that as such, but in the form of intelligent input.

The newer versions of Ubuntu and Firefox are grinding to a halt in my older desktop (with an excellent monitor). Before that using Chrome browser is a bit of a hassle. But not anymore. Chrome is actually faster and crash less in Ubuntu. Maybe I have too many extensions on Firefox but don't think it's the main cause. I think they are making the software fat with features to compete, bring down performance on older machines in the process.