Screen Hysteria after Suspend

Acer 5003WMLi 1.6 Ghz AMD 64 Turion 32 1gb RAM, Ubuntu 10.4.1 AMD 64 32-40

After returning from suspend (sleep), my screen goes crazy, flashing and scrolling fragments wildly.
It has done this a while- I edited siomething in the etc. folder that fixed it for a while but it’s back, and I HATE IT.
I can just barely see it well enough to do a shutoff- sometimes just have to do a hard shutoff. I love suspend and hate having to
load everything again.

Can someone suggest a good firewall for Ubuntu, and an AV that really works in Ubuntu (made for it) for my Windows partition (kill the germs while they sleep). Had some older version
of AVG installed but it was maxing out Backend at 100%.

If by “hard shutoff” you mean holding the power button … NEVER do this unless 100% necessary, it could cause file system corruption.

Remember this - REISUB

Easy way to remember is “Reboot Even If System Utterly B*llocksed”

To do this, hold Alt+SysRq and whilst holding them type r-e-i-s-u-b leaving a few seconds between each key stroke … the system will reboot.
(on some laptops, it may need to be AltGr+SysRq)

REISUO … on the other hand will turn the system OFF

Thanks to kirrus, here’s an explanation of what’s going on when you do that

R = Take control of the keyboard
E = tell all running programs except from the master control system to terminate
I = forceably kills any programs which didn’t shut down from the last command
S = force any unwritten, cached data to be written to the hard-drives. Some files, when they’re written to your hard-drive are cached in RAM, which is wiped when it looses power, in order to speed things up. This command makes sure they’re all written to the drive OK.
U = remount the drives read-only, makes sure nothing can write to your hard-drive(s)
B = restart the system
O = turn system off

It would be handy to know what you did in etc … any ideas ?


Can someone suggest a good firewall for Ubuntu, and an AV that really works in Ubuntu (made for it) for my Windows partition (kill the germs while they sleep). Had some older version of AVG installed but it was maxing out Backend at 100%.

If you are behind a NAT router (and you should be), you don’t need a firewall … and why do you want AV for Linux (unless of course the Linux box serves Windows clients) ?

As far as I can remember Ubuntu comes with ufw/gufw (firewall and GUI front end) installed by default … but you don’t need it as long as you’re behind a NAT router.

If this is a Linux Desktop PC and doesn’t act as something like an email server to Windows clients, and you are behind a NAT router … you DON’T need a firewall or AV … and don’t let anyone tell you differently … Linux is not Windows :slight_smile:

I know that the hard shutoff is very bad- didn’t know that in Ubuntu also. Thanks for REISUB trick, is that good for all computers, all OS’s?? Always wanted something like that- that works how much f the time?

I’m currently using open neighbor’s WIFI, since haven’t installed it yet, so I presume there is nothing I can do to keep them from readidng everything or stealing all passwords… but I’d like to stop
them infecting computer completely. Already the XP is compromised- getting a changed executable warning on almost everything w a decent Firewall. So I want extra protection against intrusion.

I want the AV to scan the XP partition from the Ubuntu on a dual boot system mostly, or occasionally to clean suspect or infected files in Ubuntu (that of course won’t bother Linux) before they get copied to the Windows.

Hell, I can’t find it- what file controls sleep? I found it in help somewhere, with the instructions to add 2-3 lines to a file, but couldn’t again. It worked for a few months, then maybe kernel update invalidated it.

I know that the hard shutoff is very bad- didn't know that in Ubuntu also. Thanks for REISUB trick, is that good for all computers, all OS's?? Always wanted something like that- that works how much f the time?

Nope, it applies to *nix OS’s including Linux but NOT Windows … and it will work every time except in a kernel panic situation.

If you really want a firewall with GUI … install gufw:

sudo apt-get install gufw

And for an AV application … chack out clamtk:

sudo apt-get install clamtk

OK, if I’m going to have to guess what you did in /etc

Can you send the contents of /etc/default/grub

gedit /etc/default/grub

and /etc/modules

gedit /etc/modules

Can you also send the output from:

sudo lshw -C display

If you suspect a kernel update, have you tried holding shift as you turn on your PC, then when presented with the GRUB menu selcting/booting an older kernel and seeing if suspend works ?


If you check out the pm-suspend man page:

man pm-suspend

Do any of the quirks listed ring any bells ?

I’m slightly confused at why he wants an AV for Linux? :o
Is the Windows partition infected?

Personally, if I were to use my neighbors’ internet, I’d bloody make sure my user folder was encrypted before doing anything. I’d also make sure on your Windows partition that you installed Avira & Malwarebytes, to keep out the nasties.

I personally think the issue with when you press sleep is to do with your ACPI settings.

Good luck to him gaining access to your Home directory if you haven’t shared anything … but I’m of the opinion that anyone that doesn’t know how to turn on wireless security in their router is highly unlikely to be any kind of threat.

@Mark - Not always necessarily. His neighbour could possibly be having issues with the encryption in WPA(2)/WEP. ; )

WPA2 maybe, but I’ve never seen an issue with WEP ? … and if he doesn’t know that…

Thanks for all ideas. I added file “parameters-suspend” with
ADD_PARAMETERS= --quirk-vbe-post to the etc/pm/config.d folder/file (not sure sometimes which something is) . It worked for a month or 2, then HYSTERIA returned
The flashing is really alarming- looks like it’ll burn something out within a minute, hence my urgency in shutting off. But it wasn’t always happening- 80%, sometimes it would resume normally.
Didn’t seem to be dependent on which or how many programs open- did it with nothing running. Hibernate works, but takes long time, and have minimal space on Ubuntu partition- nestled between others

ACPI settings sounds intriguing, but think my BIOS doesn’t give an option to change it.

I have CLAM and finally figured out how to update program itself. FRESHCLAM wasn’t working for long while- says “file is locked”. What is CLAMTK and how do I set it up with a clear GUI? At any time
Windows is likely infected with something- like I said PrivateFirewall7 is now giving me “changed” warnings on almost every executable; though CLAMSCAN found only one minor thing from Ubuntu.

Please explain how to encrypt USER folder- how much overhead does that add on programs, and can it prevent many things from running? Also if the weasels are looking
at my screen, wouldn’t anything be visible after decrypting.

No, they aren’t incompetent- they are criminals trolling for fools like me with an open site- this is the worst place in the world for computer criminals- maybe 1 out 3, every MacDonalds has punks
trolling with Firesheep- twice been booted off Wifi when some A-h was cloning my IP address. I have mobile phone Internet (40-80meg/day) but the phone crashes, and can’t do any audio video.

LAST THING- new topic, but am desperate to install (free 5 min phone calls to US phones) in Ubuntu, so don’t have to switch to WIndows. They have an online Java or Flash thing that doesn’t
require installation, but doesn’t work in Ubuntu. Their Linux/Ubuntu program file was . Wouldn’t open till I checked “make file executable”, installed OK, but it doesn’t run or open.
How do I make that program run? Google Voice doesn’t work from Ukraine. After that I chmod-ed the original file, and was considering uninstalling

  • reinstalling. But is there is simple solution???//

Have you tried manually entering suspend with the other quirks listed in:

man pm-suspend

to see if you can resume normally ?

clamtk is just the GUI front end for clam

I have no experience of PersonalFirewall 7 … but a quick “google” suggests it’s rubbish.

What makes you think they could penetrate Linux if you’re not sharing anything … or be “looking at your screen” ?

Easiest way to encrypt home, would be to add a new user account through “Users and Groups” … it should ask you if you want the home folder encrypting whilst setting up the account.

Most importantly … IF YOU SUSPECT they are leaving their network unsecured so they can attempt to attack people that try accessing their internet connection … WHY THE HELL ARE YOU CONNECTING ???

have you tried starting icall from the command line … if so what is returned ?

Amen. :o

Give me a break- I’m desperate for Internet. This is FSU - they take weeks to install things, they won’t do it for a foreigner, they want to see registration papers for aptmt, which no landlord will
do cause they’d have to pay taxes. This is rated 157 out of 170 countries in corruption. Is there a NAT USB device to insulate one from public Wifi attacks? As far as I know routers require live
Internet inputs, not WIFI inputs, but maybe I’m thinking of the woodworking or plumbing tools. I have the same problem using any public Wifi
(+ it is the great security question- if it’s possible to use any Wifi- or is it too dangerous- apparently anything, inc. WPA2 AES can be cracked). First day I was here, scanned for Wifi in aptmt without Internet, nothing open, but forgot to shutoff Wifi while edited
pics of Venice. A couple hours later, realized my mistake, and found a new network: VENICE, and had 10 new viruses. If you use someone’s network I presume they can see anything you do- it’s going through their network, after all.

It did this flashing across multiple kernels- thought that some update would fix it.

You mean do command line suspends? Or just keep adding things to that file like the kitchen sink. No other instructions seemed pertinent- concerning video problems. You got any suggestions?
I will read debugging file. Was gonna try, well cant even see it cause had total mouse/screen freeze, and REISUB didn’t do nottin. Let me try more things tomorrow.

YES do command line suspends until you find a quirk that works … the quirks are listed in:

man pm-suspend

so try:

sudo pm-suspend --quirk-dpms-on

then resume and see if it works … if not, try:

sudo pm-suspend --quirk-dpms-suspend

etc. … till you find one that works.

I think you are misunderstanding how networking and security work.

Yes ALL wireless security is crackable, but WPA2 with a good length passphrase will take them forever … not that that help you whilst accessing their network, as it’s an unsecured network in the first place.

You are also right that ANY wireless access (including secured wireless in the home) is a security risk, so from there on it’s all about risk management.

First, forget Windows for internet across someone elses untrusted network … it’s just too easy to penetrate.

If you use Linux, and have a reasonably good account password they are NOT going to be able to change anything on your system without that password.

If you don’t share any directories, they won’t be able to access them.

They will NOT be able to “see” your screen.

They WILL (if they have the skill) be able to packet sniff whatever you send across the network, so NEVER send or receive anything that you don’t want them to see … such as passwords, unencrypted email etc.

Their router WILL give them a list of URL’s/IP’s you have visited/accessed.

Ideally you’d use a LiveCD whenever you use their network, as a LiveCD isn’t writeable.

If using Linux from your HDD, create an account that doesn’t have administrative privileges and use that account whilst using a public network … then unless they have your primary account password, they CANNOT change anything system wide.

If you want to go nuts … firewall off all incoming connections.

But most importantly … just don’t send anything across their network you wouldn’t want them to have access to.

Is there a NAT USB device to insulate one from public Wifi attacks?

NOPE … again you are misunderstanding what NAT (network Address Translation) does … (in this case) it is a function of the router you are connecting to.

There is NO USB device AT ALL that can protect you from wifi attack … OK, maybe a broken USB wireless card :wink:

I remember reading somewhere that it would take a cracker, 72 years on average to crack a WPA(2) WIFI key. Yes 72 years, because it such a complex system. I.E. You need to have a 4-way handshake, and all the packets are encrypted. Then theres the key itself which is 16 characters long and with so many characters that the computer reads, there’s so many combinations that the cracker has to try.

WEP on the otherhand, well that’s just a joke for encryption if I’m honest. I’ve cracked it myself, and was very surprised. Even though I’m not a pro at it, I understood how networks work, and having that little bit of knowledge helped me.

Like Mark says, if you want really want security on Public WIFI networks, use a LiveCD as they are not writable and don’t send passwords over the network either.

Well try to do anything on Internet without sending your password. Once I get ISP I’ll change everything.

Created a new user, but all privileges look necessary, just uncheck “administer the system” to make changes hard? How about advanced setting: Main group is “adm”, but others don’t look
like appropriate categories. I actually hate running with reduced priviledges- it makes everything I want to do impossible.

How do you escape a manual- I can’t figure it out and have to close window?

The REISUB worked the second time - I tried alt-Gr first time when it didnt work, but bad this thing is locking up so often- now my Synaptic says software index is broken though that’s without an internet.

Only one that looks appropriate is -s3-bios & -s-3-mode, though it wwarns one can “break resume”. Does a manual shutoff still include that vbe-post quirk in ETC? Hmm, restore fm suspend worked w S3-bios but without extra programs running, but said “–quirk-vbe-post: not found”… maybe that was changed somehow or because its a manual shutoff or what? We’ll see if it works with 10 things running, and then if so, stick it in that ETC file

entering iCall in command line doesn’t do anything, tried the shell ext (.sh)- both said “command not found”

Bedtime for Bonzo

In Ubuntu members of admin can run programs with root privileges (sudo), members of adm are allowed to view some logfiles in /var/log (which historically used to be called /var/adm). It has no relation to sudo or root.

just make sure you’re not in the admin group.

As far as sending your passwords for online stuff across their network … that’s up to you, but there is no 100% safe way of doing it by wireless … as I said it’s all a case of risk “management” … you just need to ask yourself if you think it’s worth the risk :-\

Nobody else can decide that for you.

iCall … did you enter it into the terminal with a capital C ? … try it all lower case.

or send a link to where you got iCall … and I’ll take a look at it. its all there ( was the file, I think) No I’ll try it lower case but think I did.

Was that manual suspend still including the vbe-post in file, meaning I should leave it with the bios quirk command before or after
… or should I remove it from the file. Desperate to get this working, cause Windows is obviously all compromised, and wanna set up CC, but need to call phones, they block Google Voice from here…

Installed that firewall-whats the difference between deny + block (not correct but have 2 similar negative terms, I’m on netbook) incoming connections. Will that prevent getting email or loading pages or Skype talking?

I doubt if a manual suspend was including what was in your /etc/pm/config.d/parameters-suspend file.

so either edit that file from:
ADD_PARAMETERS= --quirk-vbe-post
ADD_PARAMETERS= --quirk-s3-bios
ADD_PARAMETERS= --quirk-s3-mode

and test it.

Or add one of those, and just comment out the
ADD_PARAMETERS= --quirk-vbe-post
line … as in:-

ADD_PARAMETERS= --quirk-vbe-post

ADD_PARAMETERS= --quirk-s3-bios


ADD_PARAMETERS= --quirk-vbe-post

ADD_PARAMETERS= --quirk-s3-mode

There’s also a slight chance that an update fixed things and that you don’'t need a quirk at all any more … so you could try commenting out everything in that file, and testing.

With s3-bios alone, worked OK with fn-F4 (acer sleep command), but flashed when I did it with Ubuntu sleep. Reslept it with Fn-F4 and came back OK. As far as I remember,
the acer F4 command didn’t work before, so maybe it involves some conflict how this comp executes it. But don’t know if its consistent- sleep would work fine sometimes and flash others.

This Firewall already exists and is enabled by default- how come it didn’t show enabled after installation. I set it REJECT incoming (secretly,rather than DENY)- programs seem to work, though dont know how
aren’t incoming mail or new pages, or Skype incoming? Or are responses to MY requests not considered incoming. Any extra paranoid settings to make it more secure???

ICALL??? Or any free calls to US phone systems on Ubuntu.

Reject “incoming” connections means just that … reject connections that are INITIATED from outside, it DOESN’T mean reject incoming data that was REQUESTED by an outgoing connection.

Or are responses to MY requests not considered incoming

Exactly … they are not an incoming CONNECTION … it’s data coming back on an OUTBOUND connection :slight_smile:

The sleep thing … you’ll have to explain that a little better … how are you initiating the suspend ? and what are the results ? … did you remove the original “fix” you applied ?

iCall … I’ll get round to testing that in a VM at some point, but a bit busy ATM, and I don’t want to install a .run binary on my main PC’s