Thursday, 8 October 2015

Want to Know the Answers to Security Questions? Make a Facebook "Fun" Quiz.

Being a sysadmin, I constantly think about risk assessment and security.  A tricky task is to think of ways to inspire and imprint better behaviours in others, and do it in an engaging and non-intimidating way.  The goal is to get people to understand, themselves, so they know it's important enough to care about.  Unfortunately, it's even harder to get people to pause before they do what they usually do with their assumptions.

"What's your rock star name" and "what's your superhero name" - type quizzes  have been around for ages in magazines, but there seem to be even more of them recently on Facebook (sometimes posted from a third-party site).  Some of the suggestions/questions are harmless, but I've noticed there are a few floating around like: "for your rock star first name, use the name of your first pet", or "your mother's maiden name".

As in, on this public forum under your full name, please post what you use as an answer for security questions for your bank, email, etc.

Even if the 3rd-party site isn't involved, you can bet someone else is scraping that data.

I'll be having a word with my family and friends.

Sunday, 1 December 2013

Google Does Evil, Again

If it wasn't bad enough that Google started forcing Youtube and Google accounts to be amalgamated a year ago, and continually bugs you to use your real name when you log in (I already told you I'm not using my real name!), now it does an automatic opt-in to post your Youtube comment onto Google+.

Google is clearly hell-bent on linking all your Google-owned and acquired services and forcing you to do it in the forefront without any regard for what YOU want displayed to others.

We already know that when you sign up for club cards and accounts on the internet there is all sorts of tracking they do behind the scenes.  Maybe we're ok with that, maybe we're not. 

What's really not cool is when you have several distinct accounts with different logins you don't purposefully connect, and Google takes it into their own hands to do it for you, publicly, auto-opt in.  Go to hell, Google.

Need to start looking up openCloud and my own domain.  I need to jack myself out of this screwed-up Matrix.

(Yet they know that takes time and effort many people don't have.  Goddammit, Google.)

Add the hilarity that people who say it's a good thing post those comments with usernames that are nothing like real names.  Hypocrites.  Shills?

Possible help:

Hack to take care of of the "Youtube keeps bugging me to use my real name"

How to disable Google+ auto-posting to Youtube:

Go to Google+
Home (on left)
scroll down on the main page until you see this (near the bottom):

Show your Google+ communities posts on the Posts tab of your Google+ profile. Learn more.
Show these profile tabs to visitors (they're always visible to you) Learn more:
  • Photos
  • YouTube / Videos
  • +1
  • Reviews
Uncheck the Youtube / Videos box.

Thursday, 7 November 2013

Why I Don't Buy Apple Devices (and Why I Do Support Linux and Open Software) - Reason 1.

Buy a movie on itunes for your iPad.
Hook up iPad with video dongle to a display such as a projector.
Can't play the content because "the display is not a supported device". 
It would have been fine if it were an Apple TV, though.

Welcome to the oppressive, religious cult of Apple.

Sunday, 11 August 2013

Converting .ape files in Linux

I came across some .ape files the other day.  Apparently, they're a lossless format like flac.  And the name?  MonkeyAudio.  Get it?  Because the extension is .ape.

Licensing apparently isn't full-on open-source kosher, but there are a couple of utilities you can use if you need to convert the for an audio play that doesn't handle .ape.

Option 1: via the command line, install this package

sudo apt-get install flac libjmac-java lame mp3splt

run like this:

lossless2mp3 START_DIRECTORY

(The author intends to add more options in the future.  View the helpfile for lossless2mp3 to see what they currently are.)

Option 2: use SoundConverter.  Download and install via your package manager software.

Currently more than a couple hundred people have posted good reviews on it.

Friday, 17 August 2012

Choosing a new file backup "system"

"Hey you're a computer person.  How you backup your stuff?"

"I hate to admit it, but less often and in different ways than I should."
Yep, it's time to get going with rsync, or a package that uses it.  (This is a Linux blog, but Windows and Mac users will find the following useful as well).

In the past, I've duplicated important data to a secondary hard drive on occasion.  At some point, I've burned some of it to cd.  There are problems with this.

For those of you who aren't well-versed in data storage and backup theory:


  • backups should be done regularly
  • backups must be verifiable (a backup that isn't working is useless)
  • backups should probably be done automatically (or else we forget to to them and and cry in our pillows later)
  • backups should be done on a reliable medium (CDs/DVDs may not suffice, neither will the USB stick if you let your cat use it as his toy)
  • backups that save new stuff since the last backup are ok (aka differential backup), but occasionally should save the whole thing too
  • for the paranoid, back up on two different mediums in different locations (if you copy stuff from your hard drive to another hard drive, CD and USB stick and then house catches fire, you're still screwed)
For home use, you may want to consider tradeoffs for some circumstances.  You may accept some risk for the sake of convenience.  For example,
  • If you don't have much that's important, then maybe it's not worth effort of backing up off-site.  Acknowledge that the risk of the hard drive or CD dying is much higher than the computer and disc catching fire.
  • Using CDs for backup can be risky.  CDs/DVDs burned at home have a limited shelf life. Some authorities on the matter estimate 5-10 years before it disintegrates or data loss happens, but a crappy lesser-known branded disc will likely be even more susceptible to failure.  Sometimes you'll get lucky and it will last a long time, but you never know until you need to use it a few years down the road.  If you burn to disc, caveat emptor.
Don't worry, pressed discs from a manufacturer are different, they last a lot longer.  They're not made via the same methods you use at home.

Cloud/Internet storage raises other concerns a lot of people don't realize.  Whether you send something in email to yourself, save something in skydrive, google documents, or elsewhere, or use dropbox, beware the fine print and risk.

- you're trusting another entity to "keep it safe" for you
- some items are illegal to store (movies, music, etc.)
- some items you really shouldn't store (really private info)
- storage can cross international boundaries, which may be subject to other laws.  As a Canadian, I have to give this more consideration as much of my online presence resides on servers in the United States. 

Even if it doesn't cross boundaries, there may be other circumstances you don't expect (ie. a Slashdot user noted that Dropbox will unencrypt your data and hand it over to the law, possibly without a warrant.)

Even some cloud storage claims they encrypt (privatize) the contents so no one can see them, however, consider these places also scan the content to check for illegal content.  Think about that for a minute.  That means the data is private to the general public, but not to thousands that work at that company.  And if you picked a poor password, or if the company that has a security flaw that leaves them open to hacking, your stuff REALLY isn't private at all.  If you're considering internet/cloud, beware the risk (and make sure you pick a good password).

My recommendations for the average schmo:
  • copy exceptionally important information to a trusted family member, or to media you keep in a safe deposit box (A friend of mine uses Quickbooks, as does his Dad.  They swap backup files to each others' computers via USB stick on occasion.)
  • use tape media when possible (tape is the gold standard for industry - it's slow but resilient).  Remember still that tape is susceptible to magnetic fields, so keep it safe from anything that generates a field.
  • use hard drives over CDs.  If buying a hard drive, do your research first, some models for certain years are notorious for kicking the bucket way too early.  If buying CDs, buy brand-name, not some weird crap at the dollar store.  Actually, stay away from the dollar store for media unless you don't mind it being potentially temporary.  Ask yourself how the dollar store got it so cheap in the first place... that's right, either the factory doesn't have high standards, or the some batches frm a better-known company don't meet quality standards.
  •  use USB sticks if you're not a schmuck who always looses stuff.  Buy one that you keep attached to something, like your keys.  Buy one that has an integrated cap that you can't lose (protect the plug end when possible).  And for the Love of God, NEVER wiggle a USB stick when inserting it or pulling it out.  Usually the side that's labelled with a light or the USB log is mean to be up when you insert the thing.  If you break the plastic around the four metal prongs, you can easily end up bending the prongs and  shorting your computer.
The USB sticks that have "U3", "protection" or some advertised variant on them technically do protect the average person from finding your lost stick and accessing the contents.  However, they're hackable to anyone who knows what they're doing, and very annoying otherwise (unnecessary software installed on every computer it touches).  Some are so annoying they actually don't work on a machine you don't have administrative privileges to (i.e. your work computer).  So it's up to you, but I think they're crap.   Then again, I don't ever put anything too personal on my USB drive.  Nah, they're still crap.

  • Store less important stuff in the cloud.  I use Google Docs for some stuff, but it's for stuff I might need to work on elsewhere, but isn't too personal.  The most personal thing I had on there is a documentation about an apartment I used to have (I had to initiate terminating the rental contract.)  Since I was in the middle of moving, I decided creating that document on Google Docs was probably more secure than moving my computer to a new place and having it dropped, etc.  I needed the document accessible because I needed it quickly available in case of a dispute.  If it's moderate importance, store a copy on your computer back home every now and then.
  • I've only known one person to have one of the newer all-in-one hands-off backup systems.  It's basically a box you plug into you computer, and comes with some software.  She used it to back up her karaoke files, but then it seemed to die.  I'm not sure if she doesn't know how to use it, of if it actually died.  This system may be an option, but as I am unfamiliar with them and don't even know what brand/model she had, I have no opinion on their usefulness.

With any backup system, realize that it's not infallible.  Maybe we'll happen to pick a bad hard drive or bad DVD despite our research.  What you have to decide is how much effort you're going to put in to migitate any risks of the medium or methods you choose.

New Methods

I need to get serious about my methods, but I'm still a Canadian with a cheap Ukrainian background, so I won't be running out to buy a tape backup system.   Up to now, I'm been using what I call the PUP method (procrastinate until panic).

Current methods:
  • burned some music a few years ago to DVD
  • burned some old coursework I like to think I should keep to DVD (but haven't touched since then)
  • manually copied a personal 700+ entry LibreOfflice/OpenOffice database to my secondary hard drive a few months ago
  • some things I like to keep readily accessible are in the cloud.  None of it is too personal.
Incidentally, the database is what really precipitated this blog post.   I went to use it the other day and go the message 
"The connection to the data source "" could not be established. The driver class " could not be loaded".
SQL Status: HY000
The connection to the external data source could not be established. No SDBC driver was found for the given URL. 

It turned out the .odb database was corrupt; I had to use a tool to extract my table from the corrupt file.  I had to rebuild my SQL queries and forms, but at least I had an old backup for that.  If the tool hadn't worked, I would have lost 1/4 of my data table.

New methods:
  • move and organize files to one hard drive with a good file folder and tagging system
  • set up rsync or a rsync-based program to use my secondary hard drive to automatically back up those files
  • generate occasional reports that are emailed to me automatically so I know it's working well.
  • maybe burn some stuff on DVD and store it off-site somewhere for a duplicate backup
Next post will be on delving into rsync and possibly ready-to-go programs such as GAdmin-Rync, Grsync, luckyBackup, Unison, Back-In-Time, File Backup Manager, Deja Dup, Nepomuk etc.

Sunday, 29 April 2012

Firefox makes strange sound when loading a new page or tab

A couple of weeks ago, when I'd open a new page in Firefox, there was a loud sound on my speakers.  It sounded a lot like the sound you get when you would press rewind and play on a cassette tape.

Turns out an update to NoScript must have done it.  There is option to play a sound when something is blocked.  I looked in Tools -> Add-Ons -> NoScript -> Preferences -> Notifications, and sure enough, the notification sound was turned on, and playing the sample gave me the same sound as what I was hearing.

Friday, 14 October 2011

Partition Setup

I got a new (terabyte) hard drive and wanted to plan out a secondary partition to host /home. Unfortunately, I couldn't remember how much space I needed for swap, and how much Ubuntu itself may need. I was ok with Ubuntu having a fair bit more space than I needed as I could always store stuff on there if I really had to - I just didn't want to be caught with a hard drive that is too small two months down the road.

I read through my old Linux course notes, but that didn't help me much. The Wikipedia page on disk partitioning isn't too bad on refreshing you on how primary & secondary partitions work.

I found a site which makes it pretty clear, with screenshots of examples (though it's not an exact example because they've got a Windows install on there, and they're talking about dual-booting). In the end, I ended up choosing:
Primary, 5000 bytes (=500MB), for boot partition, mount point "/boot"
Logical, 5000 bytes (=500MB), for swap area, no mount point (none will happen)
Primary, 300000 bytes (=30GB), ext4, mount point "/" (this will host Linux)
Primary, 8000000-ish bytes (~800GB, remainder of the drive), ext4, mount point "/home" (to house our users' files)
The numbers you get picked will get fudged slightly because of sizes that disk blocks require, etc.

To view a simple list of disks, usages, and mount points after it's all installed, use

df -h

in a terminal (command line).

Thursday, 10 March 2011

Upgrade to Ubuntu 10.10 leaves some pictures in Firefox with a strange green hue

Version of Firefox is 3.6.15. After an upgrade, some, but not all, pictures have a greenish color to them. We're talking things like jpg, not flash or anything like that.


In the Firefox address bar, type:

Yeah, yeah, you'll be careful. Set:

to 0 (zero, if you can't decide whether that's "oh" or "zero"). My setting that had not been working was 2.

Wednesday, 9 June 2010

Sysadmin: an exercise in being functionally lazy.

I'm sitting on my couch, working really hard on my laptop. Everything is perfectly arranged around me while I study.

The linux box sitting 15 feet away from me has an internet radio station playing on amarok. The next song comes on, and it's louder than the other songs.

I really don't want to get up.

Surely some linux user has had this grave problem before. I was about to do a google search for an app on my Windows 7 laptop that would do it, then i realized I already had Putty set up to connect to my pc. All I need is the command for the command line.

To reduce your volume 15%
aumix -v-15
Too much? Increase 5%
aumix -v+15
(You may need to install the aumix package to use the commands above)
apt-get install aumix

I'm sure there's many other ways to pull this off (it is Linux, after all). Feel free to share if you have one!

Monday, 1 March 2010

How to Mount an ISO file

One of the things I love about Linux is many solutions are already made. Sometimes you need a little skill to piece together ready-made solutions, but many times they're already there.

For example, you have an .iso file, but don't want to burn it yet. You just want to see its contents.

Create a directory where you will view the iso:
mkdir /media/myiso
Then mount it:
mount -t iso9660 -o loop image.iso /media/myiso
The iso I used had spaces in the filename, so I just used
mount -t iso9660 -o loop "my image.iso" /media/myiso
(which works.)