Security and Privacy for IM
Below is a video of Ian Goldberg discussing privacy and encryption methods for IM and other forms of online communication.
"Instant messaging (IM) is an increasingly popular mode of communication on the Internet. Although it is used for personal and private conversations, it is not at all a private medium. Not only are all of the messages unencrypted and unauthenticated, but they are all routedthrough a central server, forming a convenient interception point for an attacker. Users would benefit from being able to have truly private conversations over IM, combining the features of encryption, authentication, deniability, and forward secrecy, while working within their existing IM infrastructure.
In this talk, I will discuss "Off-the-Record Messaging" (OTR), a widely used software tool for secure and private instant messaging. I will outline the properties of Useful Security and Privacy Technologies that motivated OTR's design, compare it to other IM security mechanisms, and talk about its ongoing development directions."
Mac OSX 10.5 Leopard Guided Tour Video
Leopard is the new OSX 10.5 operating system for Mac. Recently released, although much delayed due to the iPhone launch, and now distributed with all new Macs. I don't own a Mac but would be interested in testing Leopard out for video editing.
Here is a video tour of the new Leopard operating system:
CentOS 5 Single CD Install
When installing CentOS 5 it may prompt you that all five CDs are required to complete the install. To avoid this, for a server install, simply make sure that you select the "Customize Now" on the software packages selection page and uncheck all of the items under each menu.
Once you have installed the basic OS run "yum update" and then you can then use yum to install your needed applications such as VIM, WGET, etc.
To install Apache (httpd), PHP, MySQL (server and client), and the component that allows php to talk to mysql run the following command:
yum -y install httpd php mysql mysql-server php-mysql
Firefox cache location
Firefox cache is the same thing as Internet Explorer's "temporary internet files", it keeps copies of webpages that you visit on your harddrive so that the page may load quicker the next time you visit it.
Even if you delete the cache each time firefox quits (tools, options, privacy tab) an expert may still be able to recover your cache data from your hard drive. You may wish to change the firefox cache location to an encrypted drive. Assuming you have setup your encrypted drive, or just want to change the location of the cache, simply do the following:
- type about:config into the firefox navigation bar and hit enter
- find the browser.cache.disk.parent_directory, if it doesn't exist right click anywhere and select NEW, then STRING. Enter browser.cache.disk.parent_directory in the first popup box and then the location in the 2nd popup box e.g. k:\tempintfiles. If the entry already existed simply right click on it and select MODIFY and enter your new directory path.
Now your firefox cache location has been changed! This was tested on firefox version 2.0.0.8.
Bittorrent command line launch many curses
With the python Bittorrent client you can seed or download multiple torrents at a time and set max parameters for the group of torrents. For example with the command below I have limited uploads to 2,000 KB/sec (~16mbit/sec).
launchmany-curses --torrent_dir /home2/torrentdirectory --save_in /home2/whereiwantthetorrentdownloads --max_upload_rate 2000 --max_uploads 1500
If you have a dedicated server with a monthly bandwidth allowance why not download some legal torrents and help seed with your excess bandwidth. This is a great way to give back to the open source community, and it doesn't cost you anything.
Below you can see me seeding the various linux distros that I have used:
Divx Connected
The Divx Connected, a streaming media player which can be used to play videos etc on your TV from your computer, is due to be released sometime this November.
There are already quite a few similar devices on the market like the Apple Tv, the Netgear DV8000, and of course the XBOX 360. I've not used the Apple TV nor the Netgear solution, but I do have the Xbox 360 and was disappointed when I found out that it only plays WMV and a few other file types but not Divx files.
The Divx Connected also offers access to Stage6, Divx's recently launched video sharing website which is packed full of pirated movies. All in all this promises to be a great device for the home theatre.
"Why should your media be chained to your PC? DivX Connected™ is the easiest way to deliver your movies, music, photos and online services straight from your PC and the Internet to your TV.
Simply add a DivX Connected device to your home network and experience your digital media in an entirely new way: high-quality, wireless streaming directly to your living room. "
Bittorrent for linux
If your ISP, like mine, throttles p2p traffic and you have access to a server it may well be quicker to download the torrent on your server and then download it via http or ftp to your computer.
I have just installed the official Bittorrent client on Centos. Installation was as easy as "yum install bittorrent". Be sure to open up port 6881-6889 on your firewall, and if you're running APF firewall remove those port numbers from the BLK_P2P_PORTS setting in conf.apf.
Once installed I was able to download the latest CentOS distro in a matter of minutes and then download it via my home connection at 400KB/sec (much better than the throttled p2p home speed of 10KB/sec).
Usage of the bittorrent via the command line was like so:
bittorrent-curses --max_upload_rate 3000 --max_uploads 500 CentOS-5.0-i386-bin-DVD.torrent
As you can see I limited my upload speed to 3MB/sec (24mbit/sec) . You should make sure to limit your upload speed in accordance with how much bandwidth your server is allowed to use, especially if you are going to leave it running over night.
An ideal solution might be to have your torrents download on your server and use a cron job to automatically rsync your torrent download folder to your home network daily or hourly as desired. Infrant NAS units have rsync on them by default which means you don't even need to setup rsync or a linux server on your home network.
ClusterSSH
I just found ClusterSSH, and I wish I had found it earlier. ClusterSSH allows you to send the same commands to multiple SSH connections / servers at the same time. This would of been really useful in the past when I have previously installed firewalls and security updates to 20 odd servers separately.
Usage: host:/# cssh one two three
This will provide you with one console to enter commands to the three connected SSH hosts.
Wordpress Thumbnail Fails
Apparently wordpress thought that it would be a good idea to limit thumbnail generation to pictures less than 3 megapixels in size. Having worked with GD a lot I can not think why anyone would need to impose such a limit.
How to fix it:
Open admin-functions.php in the /wp-admin folder.
Search for an occurance of wp_thumbnail_creation_size_limit, it will return something like "$max = apply_filters( ‘wp_thumbnail_creation_size_limit’, 3 * 1024 * 1024, $attachment_id, $file );"
Simply replace the 3 (megapixels) with any number you like, e.g. "$max = apply_filters( ‘wp_thumbnail_creation_size_limit’, 13 * 1024 * 1024, $attachment_id, $file );"
Infrant Netgear ReadyNAS
Infrant, recently purchased by netgear, make some great NAS units. I use them in both a datacenter and home environment. All of the units have been running for several months under heavy usage without any downtime or other issues.
The Readynas 1100 is a 1u rackmount unit. On, most racks you can actually get two of these NAS units per U by racking them back to back. Each unit takes up to 4 drives and has RAID 1, RAID 5, and X-RAID. The units support rsync, ftp, http, NFS, and many more protocols.
The Netgear ReadyNas NV+ is a free standing unit, ideal for home or office use. I have one of these setup in RAID5 for home use.
Highly recommended.
