How-to: Improve your online privacy – level 1 – Tor

[easyreview title=”Complexity rating” icon=”geek” cat1title=”Level of experience required, to follow this how-to.” cat1detail=”Your granny could do it. :-)” cat1rating=”1″ overall=”false”]

Introduction to Tor

It seems that not a day goes by now without reading some news about this or that government’s ability to scrutinise your internet activity. Our very own Dummy blogged about PRISM not so long ago. He concluded that at some level, we probably already suspected our every online move was being tracked. It’s just that we’re now sure of it. The worst that’s happened is we’ve sacrificed the illusion of privacy for the illusion of security, right?

The thing that’s making me distinctly uncomfortable though is that my data seems to be available to foreign powers. I am not a citizen of the U.S., but with vast quantities of my email sat on Google or Microsoft’s servers, it seems that for U.S. intelligence agencies, it’s open season on Geek’s mailbox. Now I can probably wrap my head around that, but what about other governments – governments with poor track records when it comes to human rights and civil liberties? If the U.S. can see my data, why not them too? It’s worrying because I have absolutely no doubt that some of my views would be viewed as offensive and immoral by those states. No names no pack drill, but the feeling is mutual.

So is there anything we can do to reclaim some of our privacy? Turns out that there is. There are a few options in fact. Today I’m going to look at just one such option: boosting your online privacy through the anonymising network, Tor.

Say what now?

Tor used to stand for “The Onion Ring [network]”. Like an onion, Tor provides layers between you and the web sites you’re visiting. Within those layers, your activity is scrambled, redirected and encrypted.

To explain this in simple terms: your web browser sits within the Tor network. All communication within the network is secured. When you browse to a web site, your web traffic is sent to an exit point from the Tor network – any one of several thousand relays – which talks to the internet on your behalf.

Think of it like a middleman who never reveals who he’s working for, but hands messages to and fro. That’s oversimplified, because what actually happens is more like several middlemen between you and the final web site, none of whom know quite who the original “client” is, nor what the message is that the middleman is relaying on behalf of the client. It’s these layers of security and encryption that led to the onion metaphor.

Tor Quick Start

By far the easiest way to get going with Tor is to download the “Browser Bundle”. This includes a specially configured web browser that will send all traffic via the Tor network. Yes, that’s right: Tor cannot magically make all your internet activity private. You have to use tools that know how to make use of the network. The Tor Browser is a version of Firefox that has been configured to use the Tor network. I’m going to assume that you’re using Windows, for the purposes of this tutorial, but there are bundles available for Mac and Linux too.

Download and run the Tor Browser Bundle. Tor isn’t installed as such – you won’t find a link in your Start Menu after this. It extracts all its files wherever you direct and you run it from there. This means that you can put the files (less than 100MB) on a USB thumb drive and take it with you from computer to computer.

Within the “Tor Browser” folder, you’ll find a program called “Start Tor Browser”. When you run that, your system will be initialised to run Tor:

Once you’re connected, the Tor Browser will load:

After that, you can browse the web almost as normal. Web browsing will inevitably be slower than you’re used to; privacy in this case comes with a price. Traversing all those layers of encryption and randomisation takes time, but while you’re waiting for your page to load during that brief delay enjoy the warm sense of anonymised well-being.

Note: web sites will not always function as they do outside the Tor network. This is a by-product of anonymity and safety. See the FAQ to understand some of the issues you may encounter.

Caveats

You need to be aware that Tor is not a panacea. If you wish to prioritise privacy, you may need to change some of your browsing habits. From the Tor’s download page:

Want Tor to really work?

Use the Tor Browser
Tor does not protect all of your computer’s Internet traffic when you run it. Tor only protects your applications that are properly configured to send their Internet traffic through Tor. To avoid problems with Tor configuration, we strongly recommend you use the Tor Browser Bundle. It is pre-configured to protect your privacy and anonymity on the web as long as you’re browsing with the Tor Browser itself. Almost any other web browser configuration is likely to be unsafe to use with Tor.

Don’t enable or install browser plugins
The Tor Browser will block browser plugins such as Flash, RealPlayer, Quicktime, and others: they can be manipulated into revealing your IP address. Similarly, we do not recommend installing additional addons or plugins into the Tor Browser, as these may bypass Tor or otherwise harm your anonymity and privacy. The lack of plugins means that Youtube videos are blocked by default, but Youtube does provide an experimental opt-in feature (enable it here) that works for some videos.

Use HTTPS versions of websites
Tor will encrypt your traffic to and within the Tor network, but the encryption of your traffic to the final destination website depends upon on that website. To help ensure private encryption to websites, the Tor Browser Bundle includes HTTPS Everywhere to force the use of HTTPS encryption with major websites that support it. However, you should still watch the browser URL bar to ensure that websites you provide sensitive information to display a blue or green URL bar button, include https:// in the URL, and display the proper expected name for the website.

Don’t open documents downloaded through Tor while online
The Tor Browser will warn you before automatically opening documents that are handled by external applications. DO NOT IGNORE THIS WARNING. You should be very careful when downloading documents via Tor (especially DOC and PDF files) as these documents can contain Internet resources that will be downloaded outside of Tor by the application that opens them. This will reveal your non-Tor IP address. If you must work with DOC and/or PDF files, we strongly recommend either using a disconnected computer, downloading the free VirtualBox and using it with a virtual machine image with networking disabled, or using Tails. Under no circumstances is it safe to use BitTorrent and Tor together, however.

Use bridges and/or find company
Tor tries to prevent attackers from learning what destination websites you connect to. However, by default, it does not prevent somebody watching your Internet traffic from learning that you’re using Tor. If this matters to you, you can reduce this risk by configuring Tor to use a Tor bridge relay rather than connecting directly to the public Tor network. Ultimately the best protection is a social approach: the more Tor users there are near you and the more diverse their interests, the less dangerous it will be that you are one of them. Convince other people to use Tor, too!

Additional point: there’s some anecdotal evidence that using Tor can cause issues for PayPal and eBay.

Bonus: Use Tor with mobile devices

That’s all well and good for desktops and laptops, but what about my phone and my tablet? Good news: you can also use Tor on Android and iOS. For Android, you have the free Orbot, which you can couple with the browser Orweb (also free). You do not need to have rooted your phone to use these, though there are some advantages if you do.

For iOS folks, there’s Onion Browser, which is cheap, but not free.

At the moment, I’m not aware of any Tor packages for BlackBerry or Windows Phone.

Safe browsing

Please remember that no amount of encryption or obfuscation can guarantee your privacy or safety. Nor does it absolve you of moral accountability. Stay safe and keep your nose clean.

24 June 2013

How-to: Laravel 4 tutorial; part 1 – installation

[easyreview title=”Complexity rating” icon=”geek” cat1title=”Level of experience required, to follow this how-to.” cat1detail=”A good level of familiarity with web hosting will come in handy here, especially if your hosting environment is different from mine. It will also help if you’re comfortable at the command line.” cat1rating=”4″ overall=”false”]

Laravel Tutorials

Introduction

If, like me, you spend much time coding for the web – for pleasure or profit – sooner or later you’re going to find that you benefit from using a development framework. A framework is a collection of scripts that help you create an application much more quickly. Frameworks typically include a lot of the “nuts and bolts” components – scripts that assist with database connections for example, plus components that impose some structure on your programming.

For a long time, my framework of choice was CodeIgniter. CodeIgniter has stagnated of late and concerns have arisen over licensing. Partly as a consequence, many PHP developers like me have searched for an alternative. In the search, I came across a framework that many programmers are turning to: Laravel. My early experiences with Laravel have been extremely positive and I have found many things I prefer about it. In this series of tutorials, I’ll show you how to get up and running with Laravel and begin creating an application. The application will involve some web-scraping, so you may wish to stay tuned for that reason alone.

Before we dive in though, one word of caution: Laravel is a young open source project. Like many such projects, its documentation is less complete than you might wish, particularly when compared to CodeIgniter. In fact CodeIgniter’s great documentation was one of the reasons why I initially chose it as a development framework. Documentation is a core commitment of the Laravel team, but at the time of writing, with the recent release of Laravel 4, I’m finding the documentation is not quite up to scratch. Possibly you’ve found that too, which is why you’ve made it here to this tutorial. In fact one of the worst parts of the documentation at the time of writing is the installation procedure! With that caveat in place, let’s move on – it’s still well worthwhile.

Prerequisites

All my web coding is done within a Linux environment, usually CentOS or Ubuntu Server. For the easiest experience following these tutorials, you may wish to create a similar environment. (I’ve written about that elsewhere.) Alternatively, you should be able to follow the tutorials with some tweaking – but you’re on your own there. At the very least, I recommend you have in place:

Apache web server
Shell access to the server (preferably SSH)
Root access to install Composer globally (not essential)
Git must be installed in your environment.

Installing Composer

With the latest release (4) Laravel has taken a leap forward in several areas. One such area is the management of third party libraries and packages. Laravel previously made use of an external project called “Composer“, to install dependent packages. With Laravel 4, you now use Composer to install Laravel itself. To install Composer, from a root login shell, do the following:

cd /usr/local/bin curl -sS https://getcomposer.org/installer | php mv composer.phar composer

Provided /usr/local/bin is in your $PATH environment variable, you will now be able to call Composer with “composer [options] command [arguments]“.

Installing Laravel

The beauty of Composer is the simplicity it brings to library/application installation. There is an overwhelming range of tutorials on how to install Laravel with Composer. Please bear in mind that many of these were written while Laravel 4 was in beta or even alpha. Now it has been released, the installation is quite straightforward. Having prepared a new environment for a web site (a virtual host or whatever), navigate to the directory above the default web root directory. Then install using Composer. Eg:

cd /home/geek/domains/test.geekanddummy.com/ composer create-project laravel/laravel

You should see a fair bit of output indicating that Composer is creating a directory “laravel” and pulling in all the dependencies for a basic installation. The laravel directory contains a folder entitled “public“, intended to be your web root. Your easiest way to complete the configuration is to point your web site at that directory. For example, using Virtualmin, you would go to Server Configuration –> Website Options and change “Website documents sub-directory” from “public_html” to “laravel/public”.

Having done that, when I browse to my test web site, I see:

Installing other frameworks

Now would be a good time put to put Twitter’s Bootstrap and jQuery in place, if you’re planning to use them. Naturally, we’ll use Composer for this. You might use other frameworks in your web applications – check out Packagist to see if anyone has made a Composer package available.

Composer demands a tutorial all of its own, but I’ll keep it simple here. I’m going to make my new Laravel application depend on the latest compatible branches of Bootstrap and jQuery. This will potentially allow us to upgrade these two frameworks with a simple Composer command at a later date.

In the root of your Laravel application you’ll find the main Composer configuration file, composer.json. You don’t need to get your hands dirty editing the file, just from a shell in that root directory, issue the following commands:

composer require "components/jquery":"*" composer require "twitter/bootstrap":"*"

This updates the composer.json file to include these dependencies and goes ahead and downloads them. It can take a while – be patient.

You’ll end up with jQuery files under ./components/jquery and Bootstrap files under ./vendor/twitter/bootstrap. These are locations not visible to your web server (the root is at ./public, you’ll recall). This is a particular problem in the case of Bootstrap. For now, here’s a quick-and-dirty way of accessing these files. I’m on the lookout for a more elegant solution, but this will get you up and running rapidly. Navigate to the “public” folder in a login shell and issue the following commands:

mkdir -p assets/css mkdir assets/img mkdir assets/js ln -s ../../../vendor/twitter/bootstrap/img/glyphicons-halflings.png ./assets/img ln -s ../../../vendor/twitter/bootstrap/docs/assets/css/bootstrap.css ./assets/css ln -s ../../../vendor/twitter/bootstrap/docs/assets/css/bootstrap-responsive.css ./assets/css ln -s ../../../components/jquery/jquery.min.js ./assets/js

And so on, for whichever bits you’ll use. This will only work if your web server allows following symbolic links. The .htaccess directive “Options +SymLinksIfOwnerMatch” may help here, but that’s outside the scope of this tutorial.

Configure your development environment

I use NetBeans for development. If you don’t already have a preferred IDE (integrated development environment), I recommend you check it out. Another favourite is Eclipse. You could use an ordinary text editor, but then you’d be missing out on a lot of things that can make your coding more comfortable and efficient.

Having installed Laravel and the other frameworks on my web server, next I use NetBeans to pull the code across to my development environment. In the NetBeans “New Project” wizard, select the option “PHP Application from Remote Server”. In the remote configuration, ensure that you choose as your “upload directory”, the laravel. From there, you’ll want to download the app and public directories.

Conclusion

That’s it for today’s tutorial. Next time, we’ll look at orientating ourself within the framework (“what goes where?”).

7 June 2013

How-to: Reinstate the delete button in Android Gmail app

Google’s development philosophy is a process called “evergreening”. Make sure your business profile is always new, always interesting. This is one reason why Google Doodles are actually a big deal for the company. It is also a reason why ultra conservative companies struggle to integrate Google Apps into their I.T. infrastructure. Constant change is unsettling, especially when you need to support end users who are not particularly tech-savvy.

So, Google has done it again. The latest update to the Android Gmail app changes a few things and, most irritatingly, moves the delete button off to a menu. Now, when you select an email, you have three buttons – archive, mark unread and move to folder:

You can delete, but you need to tap the menu, then select “Delete”. Who has time for that?!

Fortunately, there’s a solution; the delete button can be reinstated through a configurable setting. Go to Settings then “General Settings”:

Choose “Archive & delete actions”:

Select “Show archive & delete”:

Breathe a contented sigh of relief:

Note to Google: Please think before you release gratuitous changes in future. This busy Geek doesn’t have time to be undoing all your mistakes!

30 May 2013

How-to: Administer Active Directory/Windows Server remotely using a privileged account

[easyreview title=”Complexity rating” icon=”geek” cat1title=”Level of experience required, to follow this how-to.” cat1detail=”Though this wasn’t easy to work out, hopefully the how-to is easy-peasy to follow. You may need to do a little research if your platform differs much from mine (Windows 7/Server 2008).” cat1rating=”1.5″ overall=”false”]Oh my, how hard did Microsoft make this?

The scenario: like all good domain administrators, I have a day-to-day non-privileged account, for normal access and a domain account for use as and when I need it.

The objective: use an MMC (Microsoft Management Console) to administer the domain from my normal workstation, with my domain admin account.

This should be easy, right? Fire up the MMC, type in your domain administrator credentials and you’re away? Wrong. What you actually need to do is something like this. This is to administer AD running on Windows Server 2008 from a Windows 7 workstation:

Step 1: Install Remote Server Administration Tools

Install the Administration Tools Pack for the server[s] you intend to administer. For Windows 7, this pack is amongst the features you can install for the o/s. There are however some caveats and you would do well to read the comments on this Technet article, if you get stuck.

Step 2: Configure WinRM

If you want to manage a server such as Windows Server 2008 remotely (not just Active Directory), you’ll need to configure WinRM (Windows Remote Management) on the remote server. Until you do, your attempts to connect may result in error messages like “Server Manager cannot connect to Server1. Click Retry to try to connect again”. Certainly, this is what happened for me:

On the remote server, in an elevated command prompt:

C:\Users\rob.admin>winrm quickconfig WinRM already is set up to receive requests on this machine. WinRM is not set up to allow remote access to this machine for management. The following changes must be made:

Create a WinRM listener on HTTP://* to accept WS-Man requests to any IP on this machine. Enable the WinRM firewall exception.

Make these changes [y/n]? y

WinRM has been updated for remote management.

Created a WinRM listener on HTTP://* to accept WS-Man requests to any IP on this machine. WinRM firewall exception enabled.

That alone, might not be enough. The next hurdle I encountered was similar, but this time the issue concerned the WS-Management catalog (whatever that is):

For Windows Server 2008, you also need to install a feature called “WinRM IIS Extension”. In Server Manager –> Add Features:

This feature installation takes forever (well, quarter of an hour, for me). Why? Who knows.

You still might not be able to connect to a Server 2008 box after this. Try installing version 3 of the Windows Management Framework. You can download that here. Note: this depends on Service Pack 2 of Windows Server 2008, the previous version of Windows Management Framework (which gives you PowerShell 2.0) and .NET 4.

If you still can’t connect, shrug your shoulders and just accept the fact that Remote Management is one of the things that Microsoft improved dramatically in R2 of Server 2008. You will still be able to use many MMC snap-ins, but some (like the “Server Manager” snap-in, ironically) will just fail.

Step 3: Create your MMC

I’ll just use a simple example here. First: Start –> Run –> mmc.

Within the console, Add/Remove Snap-in:

Choose your desired snap-in (e.g. AD Users and Computers):

Click “Add >”. The snap-in will appear on the right. Continue for all the snap-ins you’ll want to use, then click “OK”.

Save your custom MMC. I would recommend putting it somewhere where you’re not going to be hit by UAC problems – i.e. not in the root of your C: drive, not under C:\Windows, etc.

Step 4: Create a shortcut to your MMC

You can’t directly run the MMC. Don’t try. Create a shortcut. You can put this shortcut on your Desktop, or wherever you like. So, for example, right-click the Desktop and click New –> Shortcut.

You need to specify the shortcut as C:\Windows\System32\runas.exe /netonly /user:your-domain-admin-user@your-domain "mmc C:\Path\To\MMC\DomainAdmin.msc":

Having created your shortcut, set it always to run as Administrator. Right-click –> Properties –> Advanced:

Step 5: Run the shortcut

When you run the shortcut, you should now see a UAC prompt and after that a command prompt, asking you for your domain admin password:

For me, it’s not instant, but eventually, the MMC loads and runs as intended:

Happy days. No more RDP. 🙂

25 May 2013

How-to: Merge multiple RTF files into a single PDF

[easyreview title=”Complexity rating” icon=”geek” cat1title=”Level of experience required, to follow this how-to.” cat1detail=”Linux only. And newbies may find this tricky.” cat1rating=”3.5″ overall=”false”]

I recently needed to generate a large quantity of forms automatically (around 2,500 of them) and printing them. I was using PHP as the generator – it’s great at processing and transforming text. And my base (template) file was originally created as a Word document, converted to RTF for ease of processing.

There is no easy and free way of printing out 2,500 RTF files from Windows, not that I’ve been able to find. It didn’t make sense to pay for a £200 application for something that I do so infrequently. So here is my (free) approach.

Make Linux do the hard work

I’m using an Ubuntu virtual machine for this how-to, but you can use almost any distribution, with a little modification of the steps below. When it comes to command line or scripted activities (which this tutorial lends itself to), Linux/Unix is simply more mature than Windows. This means that someone, somewhere has probably already created a tool for whatever activity you’re thinking of and moreover, made that tool free.

Converting to PDF: Ted

Ted is a fairly full-featured text processor for Linux. We’ll just be using some of Ted’s command line wizardry today.

Installing Ted

You can download a Ted package here. I’m installing this on an Ubuntu 12.04.1 machine so I chose this package: ubuntu12041:ted-2.23-amd64.deb.

I keep all third party packages I install in a directory, /root/installed-packages, for future reference. So this is what I did, from a command line (SSH connection). First, I know that Ted has some dependencies, so I dealt with those:

apt-get update apt-get install libxpm4 libtiff4 libgtk2.0-0 libpaper1 apt-get -f install

Then downloaded and install Ted:

wget http://ftp.nluug.nl/pub/editors/ted/ubuntu12041:ted-2.23-amd64.deb dpkg -i ubuntu12041\:ted-2.23-amd64.deb

Combining files: pdfmerge

Abiding by the principle of “do one thing well”, guess what pdfmerge does?

Installing pdfmerge

If you’re using a RedHat-derived distribution, you’re in luck, there’s a pre-built package. If you’re using Ubuntu though, here goes. Download the source [iwrtooltip title=”a compressed archive of files”]tarball[/iwrtooltip] from here. Again, I’m starting in my directory /root/installed-packages.

wget http://dmaphy.github.com/pdfmerge/pdfmerge-1.0.4.tar.bz2 tar jxf pdfmerge-1.0.4.tar.bz2 cp pdfmerge-1.0.4/pdfmerge /usr/local/bin rm -rf pdfmerge-1.0.4

Put it all together

Now the utilities are installed, you can run the following simple bash script to convert your individual RTF files into PDFs, then merge them all into a single PDF. I put the RTF files in one directory, then the PDF into the directory above it in the directory tree. We use a script that is bundled with Ted – you may need to check the precise location.

for filename in ./*.rtf do /usr/share/Ted/examples/rtf2pdf.sh $filename done; pdfmerge *.pdf ../all.pdf

Acknowledgements

Thanks to Mark de Does for Ted and to Dominic Hopf for pdfmerge.

24 May 2013

Review: SoundWave SW100 Portable Bluetooth Speaker

As for many other people, my phone has become my go-to device for all my mobile entertainment needs. I currently have a Samsung Galaxy Note 2 (yeah, the one with the ludicrously large screen), so it’s great for anything from internet browsing to watching films in HD quality. I also use it as an MP3 player and for listening to podcasts and audiobooks.

I recently started looking around for a portable speaker that I could take on my occasional travels and, not to put too fine a point on it, use in the bathroom. Surely I’m not the only one that likes to listen to audio books while I shower?

The Note 2 isn’t, er, noted for its high quality speakers. Very few smartphone manufacturers have been able to complete with Apple on this front. But even the mighty built-in speakers of an iPhone struggle to compete with the noise of my geyser-like shower or electric shaver.

As Dummy will tell you, I’m a bit of a tightwad when it comes to my technology purchases, so I was looking for a device that could combine the impossible requirements of sound quality, power and cheapness. I wanted the convenience of connecting by Bluetooth, with the option of a 3.5mm socket for greater flexibility.

Having considered many products and read a lot of reviews, the device I settled for was this, the SoundWave SW100:

Here are some vital statistics:

Small – about three inches tall
Reasonably light – I haven’t put it on the scales, but it feels about the same weight as my Note 2 + case
Loud – I can’t find any official information on wattage, but when I turned it up to max in my small kitchen, it was louder than I could tolerate; at that point, there was some mild distortion
Built-in microphone – theoretically you can therefore use this device for conference calls; I have not tried this, but for the sound alone it can only be better than putting your phone into speaker mode
A claimed 10 hours music/talk time
A claimed 800 hours standby time – I’m not sure what use this figure is though; I’ll either be using it or charging it

Out of the box, the speaker was fully charged in less than an hour. It comes with a microUSB cable for this purpose. For my first trial, I took it into my company’s noisy server room. About 80% volume was sufficient to hear music clearly and without distortion, over the cacophony of fans and aircon.

It paired over Bluetooth without fuss. I have noticed the occasional blip when playing through Bluetooth, but I think this is more likely to be down to the phone (of which I demand a lot!) than to the speaker. In any event, you can use a 3.5mm audio cable (supplied) if you prefer.

The speaker has a non-slip base, great for most surfaces. The manufacturers have thoughtfully included an additional non-slip mat, making the speaker very unlikely to budge during normal usage. The non-slip mat also slightly neutralises the effect of resonance transmitted through the surface on which you place the speaker. Unless you’re an audiophile (I confess I’m not), this probably won’t mean a lot, but for some, it will be important.

For the size of the speaker, I was impressed by the bass response. In fact this was one of the reasons I bought the speaker – to improve bass experience, without having to lug around a sub woofer and without having to spend thousands on a high-end miniaturised speaker system.

Build quality is good. The case is mainly brushed aluminium, and not unattractive. It passed the spouse test; no exclamations of,”Oh how hideous! What horrendous technological monstrosity is that?!”

There are two controls. First, there’s a button labelled with a phone symbol, for answering calls and setting up the initial pairing. Secondly there’s an on-off switch. There’s an LED to indicate connection status and charging status and there’s a microphone port along with the USB charging port and 3.5mm audio socket.

I paid £20 for the speaker. Although at one time it was available for less, it is still a bargain at this price. It receives favourable reviews (wherever you look) and I can only confirm what other reviewers are saying. Well worth the money, especially when you consider you can pay four times the price for a product that may have a pretty label but is otherwise no better.

Entirely up to you, but you can pick one up from Amazon here, or from eBay,
[easyreview title=”Geek rating” icon=”geek” cat1title=”Ease of use” cat1detail=”BlueTooth synced very easily. There’s an off/off switch. Simples.” cat1rating=”5″ cat2title=”Features” cat2detail=”It has no on-board track control buttons and lacks the ability to daisy-chain other speakers. Higher-quality speakers may handle bass better, but that’s being very nitpicking.” cat2rating=”3.5″ cat3title=”Value for money” cat3detail=”It competes well with speakers three times its price.” cat3rating=”4.5″ cat4title=”Build Quality” cat4detail=”Very solid. Has survived several downward lunges!” cat4rating=”4.5″ summary=”If you want a portable speaker, on the go, don’t mind that the output is mono, and don’t expect the sound to fill a concert hall, this is the device for you. Highly recommended.”]

14 May 2013

How-to: Rooting the Nook Simple Touch

UPDATE: If you’re looking for a super-cheap, colour, Android tablet, you might like to know that Amazon has recently slashed the price of the 7″ Kindle Fire to £99. Find out more here.

[easyreview title=”Complexity rating” icon=”geek” cat1title=”Level of experience required, to follow this how-to.” cat1detail=”The latest rooting process is fairly straightforward, if you’re patient and pay attention to all the details.” cat1rating=”1″ overall=”false”]At the time of writing, the Nook Simple Touch is still on offer with Barnes & Noble, but out of stock. Which is to say, it’s dirt cheap, but ner ner ne ner nerrr, you can’t have one…

If you were one of the lucky ones to pick up the reduced-price tablet before stocks ran out, or if you already had one of these, you might be interested to know that you can unleash some of its secret powers through a process called “rooting”. The tablet is based on the well-known operating system Android and has hidden talents that Barnes & Noble would rather you didn’t find out about (like loading a Kindle app onto the tablet for example – gasp)!

When my Nook arrived, it was running firmware version 1.2.0. The Nook has since been silently upgraded by Barnes & Noble to 1.2.1. I mention this because manufacturers tend not to like having their devices’ security bypassed (I’m looking at you, Apple). It’s entirely possible that one day B&N will release an upgrade that makes it significantly harder to root the device. Thankfully, with all versions up to 1.2.1, it’s still possible.

Before you proceed any further, there are a few points to highlight. I apologise for the extreme emphasis, but they’re such important points, I didn’t want you to overlook them.

Rooting your Nook will almost certainly void your warranty. Don’t rely on the possibility that you may be able to reverse the rooting process. By the time you need to call on the warranty, your device may be in such a state that you’re not able to “unroot”. Only root your device if you’re satisfied you can afford to lose the money you just spent on the Nook.
Rooting your Nook may “brick” it, that is, render it inoperable. It’s rare, but it can happen. Once this has happened, you can still use it as a rectangular frisbee, if you wish.
You must, repeat must go through the Barnes & Noble registration process before you attempt to root the NST. Follow the wizards and make sure your Barnes & Noble store is working. Don’t skip this step.
Nook Devs is a great site to visit if you want to know a lot more about this process.

Pre-requisites

You’ll need:

A Class 6 (or greater) MicroSD card. The Nook Simple Touch can accept MicroSD and MicroSDHC cards up to 32GB.
A MicroSD card reader. You can’t simply read/write to the card “through” the Nook‘s USB connection.
A computer. I have very few Macs in my I.T. estate, so I’m using a Windows PC for this.
Win32DiskImager for writing the necessary image to the SD card.
NookManager, the program that roots the Nook.

Rooting

This process wipes the MicroSD card you’ll be using. I had already copied some files to my card, so I copied them back to my laptop for now. You may wish to do the same, or you can use a dedicated card for the rooting process.
Download and unzip NookManager. This will leave you with a single file, NookManager.img.
Download and unzip Win32DiskImager.
Insert your MicroSD card and ensure it’s mounted (visible in Explorer).
Run Win32DiskImager.exe. It will probably request elevated permissions. The interface might take a while to appear. Be patient. You’ll eventually see something like this:
Use the folder icon to browse to the location of NookManager.img. Make sure the “Device” selection is pointing to your mounted MicroSD card.
Make triply sure you’re writing to the correct device and click the “Write” button. Heed the warning and if you’re ready to proceed, click “Yes”. In a little less than 10 seconds, the writing process should be complete.
Unmount the MicroSD card from your computer, but don’t install it in the Nook yet.
Unlock your Nook, then power it down, by holding in the power button for three seconds, then tapping the “Power off” option.
Insert the MicroSD into the Nook, and power it up.
You should see the NookManager loading screen:
For this procedure, it really makes little difference whether or not you start with wireless capability. It’s quicker if you don’t:
When you arrive at the Main Menu, click the button next to “Root->”:
Next, click the button next to “Root my device->”:
If you’re an Olympic swimmer, you can hold your breath during the next bit:
There’s no progress bar. After a while, you should see the following (note the word “Success!” at the bottom):
Click “Back” then “Exit”:
Eject your MicroSD card when prompted:
You can and should use NookManager to take a backup during this process. I didn’t, because I didn’t have a spare MicroSD card to dedicate to backups. I possibly need to research this area more. Backups are good. I, obviously, am a Bad Boy. I tried taking a backup (the process took about 15 minutes), but then I wiped the card for other use. Go me.
When first unlocking, post-root, you’ll be presented with a slightly cryptic message: “Complete action using Home/ReLaunch”:

The checkbox, when selected, means “Always” do this. Just choose whichever you want at the time and leave the checkbox unticked. “Home” takes you to the Barnes & Noble interface. “ReLaunch” takes you to an Android interface designed for the Nook. You’ll see these this choices again, whenever you press the Nook button, followed by the “home” icon.
Hang onto your NookManager MicroSD card for now. You’ll need it for installing Google apps (next section).

If your first attempt at rooting didn’t work, don’t panic. You can safely repeat this process as many times as you like.

Installing Google Apps

If you still have your NookManager-prepared MicroSD card, you may wish to install some Google apps. This gives you Google Market (the earlier version of the Play Store), Gmail, Calendar and a few other bits and bobs.

Download NGTAppsAttack. The version number you download should be the same as the version of NookManager you’re using.
There are quite a few “gotchas” with this process. I strongly recommend you follow the instructions at the start of this thread at XDA Developers. In particular, note the comment, “Once your Nook has booted you need to follow the next steps without delay. You don’t need to rush but you need to move through them without interruption.”

Despite what I’ve read elsewhere about needing to use a Google account ending in “@gmail.com”. this worked fine with my Google Apps Domain account (which I use for my Android phones). You can now start installing apps using the Google Play web interface (from your computer), but bear in mind that many apps won’t be compatible with the Nook‘s old version of Android.

At this stage, I completely wiped the SD card, removing all existing partitions, using Parted Magic.

Apps to install

Since the Nook is running Android 2.1 that’s a significant limitation. All apps to be installed must support 2.1. Also, the Nook has limited memory, so RAM-hungry apps won’t run at all.

I’d recommend the following apps:

The current version of Opera Mobile seems to be about the best web browser for the Nook (better than Opera Mini). But remember that web browsing with an e-ink display is never going to be slick.
For reading comics and certain magazines, Perfect Viewer is great. The last version to support Android 2.1 was 1.9.2.2. You can download that direct to your Nook, by using Opera to browse here. In case you’re hand-typing URLs, here’s a shortened URL for your convenience: http://is.gd/m6eSSk
If you install the Perfect Viewer PDF Plugin, you can also read PDFs, with full zoom control. The current version of the plugin (1.1.2) is compatible with the Nook, so you can install it via the web.
Version 2.1.0 of Aldiko Standard is compatible with the Nook and enables you to read ebooks in many formats other than epub. Download the APK here. Shortcode: http://is.gd/O4j6Wz
To give you access to Amazon’s catalogue, install the Android Kindle app. You can install the current version via the. Oh, and yes: ha ha ha.
Dropbox seems to me to be of slightly limited usefulness, except maybe for conveniently transferring the odd file to the device, but you can install the current version via the web if you’re so inclined.
The current version of Fora Dictionary works well. You’ll probably want to install one of the dictionary packages too.

Conclusion

There you have it. At no extra cost (except a bit of time), you’ve flung wide open the capabilities of your eReader. As long as you continue to bear in mind the limitations (and advantages) of e-ink technology, you can’t fail to be impressed by this fantastic device.

29 April 201317 July 2017

Free, unlimited Dropbox alternative: BitTorrent Sync

BitTorrent Sync Unless you’ve been living in a cave for the last five years, you’ll have heard of cloud sync poster child Dropbox. Dropbox has many flaws, but its great strength is how simple it is to use (my most inept users can manage it).

When you read elsewhere about the weaknesses of Dropbox, privacy seems to be the big one. Your files are stored “in the cloud”. This doesn’t particularly trouble me. Yes, Dropbox has my stuff, but the chances are that Dropbox’s security measures are better than my own. Between my laptop being hacked/stolen and Dropbox being hacked(/stolen?!), my money’s on my laptop. (I use TrueCrypt to encrypt my laptop’s hard drive, as you should by the way, but that’s a different story.) Anyway, any squeamishness we have about cloud storage is likely to die away in the near future, when it’s no longer quite so new and scary.

Of course there are lots of companies on the cloud storage bandwagon, big names and small. There are Google Drive, Microsoft SkyDrive, CrashPlan, Mozy and so on. Typical features include:

Mobile apps
Entry-level free option
File version revision/undelete

This is different. From the company that brings you the controversial peer-to-peer file sharing system and the popular BitTorrent client, µTorrent, comes a new “cloud-less” file sync technology, BitTorrent Sync. The principle of BitTorrent sync is that you use the efficient BitTorrent protocol to distribute your own files privately amongst approved devices.

This year, BT Sync has been in private “alpha” (software in heavy testing, likely to contain bugs, which may be serious). Last week, the public alpha was released. It’s currently available for Windows, Mac and Linux.

The Windows interface is pretty minimal at the moment:

The web interface for the Linux version is more polished:

During the private alpha stage, I tried syncing between a Windows 7 laptop and a Linux server. Shortly after this, the server suffered a catastrophic disk failure. Coincidence? Not entirely, I suspect. There may be some low-level disk calls that overtaxed drives that were already heading towards the end of their life. Nevertheless, it’s a reminder: this is alpha (experimental) software; be careful.

BT Sync has quite a few limitations:

It’s still in alpha state, which means it is liable to eat your data, your hard drive and your children’s pet rabbit.
There are no mobile applications yet.
No progress indicators within Windows, just an irritating balloon tip.
Since there is no central cloud, the devices must be online simultaneously, to perform sync.
For the same reason, you can’t download files via the web.
Other than creating a folder specifically for the purpose, there’s no option to “share” a single file.
No versioning – no backup or undelete facility outside any provided by your operating system.

Despite all this, there are some pretty compelling reasons for using it:

There are absolutely no limits. Unlimited file size, unlimited storage, unlimited bandwidth, etc. Of course you will still be limited by other factors – the size of your hard drive and the amount of monthly bandwidth you’re allocated by your ISP.
Efficiency. This is not the place to discuss BitTorrent generally, but the more people sharing the files, the better. All connected devices, while online, can participate in the synchronisation process.
Privacy. No third party holds your data. Central systems facilitate the peer-to-peer connection, but do not take their own copies of files.
Security. The data is encrypted before transmission and only accessible using a “shared secret”.

BitTorrent Sync has an ace up its sleeve. It can be installed on several different NAS boxes, from the likes of Synology, QNAP, Iomega, etc. This is where I can see BT Sync excelling. Want an entirely private, shared data store for remote office workers, but don’t want to invest in high-end storage systems? Give them all a NAS box with BT Sync installed. Want to set up off-site backup for your files at home? Enter into a reciprocal arrangement with a friend, using NAS boxes, where you host each other’s backup files. Want to set up a sprawling hydra-like network of anarchic file storage for your clandestine underground organisation? You get the idea…

Download

So, having read all my caveats above, you still want to give this a whirl? Go ahead, don your crash helmet and download the sucker.

29 April 2013

News: Free, unlimited Dropbox alternative: BitTorrent Sync

UPDATE: if the process below seems like a bit too much hassle, we would currently recommend Tresorit. It is similar to DropBox, with the added advantage that your data is encrypted on Tresorit’s servers. In other words, unlike with DropBox, if their servers are compromised, any data recovered would still have to be decrypted before an attacker could access it. They’re so confident no one can get your data that they’ve offered a bounty to anyone who can break into their systems.

Unless you’ve been living in a cave for the last five years, you’ll have heard of cloud sync poster child Dropbox. Dropbox has many flaws, but its great strength is how simple it is to use (my most inept users can manage it).

Of course there are lots of companies on the cloud storage bandwagon, big names and small. There are Google Drive, Microsoft SkyDrive, Cubby (from LogMeIn), Mozy and so on. Typical features include:

Mobile apps
Entry-level free option
File version revision/undelete

The Windows interface is pretty minimal at the moment:

The web interface for the Linux version is more polished:

BT Sync has quite a few limitations:

It’s still in alpha state, which means it is liable to eat your data, your hard drive and your children’s pet rabbit.
There are no mobile applications yet.
No progress indicators within Windows, just an irritating balloon tip.
Since there is no central cloud, the devices must be online simultaneously, to perform sync.
For the same reason, you can’t download files via the web.
Other than creating a folder specifically for the purpose, there’s no option to “share” a single file.
No versioning – no backup or undelete facility outside any provided by your operating system.

Despite all this, there are some pretty compelling reasons for using it:

There are absolutely no limits. Unlimited file size, unlimited storage, unlimited bandwidth, etc. Of course you will still be limited by other factors – the size of your hard drive and the amount of monthly bandwidth you’re allocated by your ISP.
Efficiency. This is not the place to discuss BitTorrent generally, but the more people sharing the files, the better. All connected devices, while online, can participate in the synchronisation process.
Privacy. No third party holds your data. Central systems facilitate the peer-to-peer connection, but do not take their own copies of files.
Security. The data is encrypted before transmission and only accessible using a “shared secret”.

Conclusion

I shared this write-up with Dummy and he gave me a vacant look. “What is it?” he said. Fair comment; it’s a very clever bit of software. But in a nutshell, it gives you a completely private “Dropbox”. You share your folder with your friends and they all automatically get a copy of everything in that folder. You can configure it so that any changes they make are distributed throughout all copies. You can use it as a “set it and forget it” off-site backup – say with a home PC and a work PC. It’s usefulness is limited only by your imagination.

So, having read all my caveats above, you still want to give this a whirl? Go ahead, don your crash helmet and download the sucker.

22 April 201317 July 2017

Easy Password-less SSH logins on Linux

ssh-copy-id I’m storing this as an aide memoire, really, but it may help you too.

Let’s say we have two systems, System_From and System_To. And two users, User_From and User_To. The objective is: log on to System_To as User_To, from System_From as User_From.

The steps

1. One-time key generation for User_From

On System_From, while logged on as User_From, proceed as follows:

User_From@System_From:~$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/User_From/.ssh/id_rsa):[hit enter]
Enter passphrase (empty for no passphrase):[hit enter]
Enter same passphrase again:[hit enter]
Your identification has been saved in /home/User_From/.ssh/id_rsa.
Your public key has been saved in /home/User_From/.ssh/id_rsa.pub.
The key fingerprint is:
be:e8:98:4a:26:1e:9b:ed:78:a7:e7:fe:d8:9d:3c:6d User_From@System_From
The key's randomart image is:
+--[ RSA 2048]----+
|                 |
|  E              |
|                 |
|               Q |
|        S        |
|       .         |
|oo      o     o  |
|+.Bo8ooo.E       |
| BOB++o++        |
+-----------------+

Note: if you use anything other than an empty passphrase, you will need to enter the passphrase each time you log on, which sort of defeats the object of this exercise!

This creates two files: id_rsa and id_rsa.pub. The private key, id_rsa, must always be kept secret. Your system should have marked it read/write for the owner only. The public key, id_rsa.pub is safe to copy to destination systems (see next section).

2. Copy the public key to System_To

OpenSSH comes with a handy script for copying the public key to the remote host (System_To, in this instance): ssh-copy-id. Use it like this, at the system you’re connecting from:

User_From@System_from:~$ ssh-copy-id -i ~/.ssh/id_rsa.pub User_To@System_To
User_To@System_To's password:[type User_To's password and hit enter]
Now try logging into the machine, with "ssh 'User_To@System_To'", and check in:

  ~/.ssh/authorized_keys

to make sure we haven't added extra keys that you weren't expecting.

If you’re connecting to SSH on a custom port, the command is thus:

ssh-copy-id -i ~/.ssh/id_rsa.pub "User_To@System_To -p custom#"

Repeat this step for all remote hosts to which you intend to connect.

3. Log in to System_To

Now, when you issue the command ssh System_To, you will be logged in straight away, with no password prompt.

Introduction to Tor

Tor Quick Start

Caveats

Want Tor to really work?

Bonus: Use Tor with mobile devices

Safe browsing

Share this:

Laravel Tutorials

Introduction

Prerequisites

Installing Composer

Installing Laravel

Installing other frameworks

Configure your development environment

Conclusion

Share this:

Share this:

Step 1: Install Remote Server Administration Tools

Step 2: Configure WinRM

Step 3: Create your MMC

Step 4: Create a shortcut to your MMC

Step 5: Run the shortcut

Share this:

Make Linux do the hard work

Converting to PDF: Ted

Installing Ted

Combining files: pdfmerge

Installing pdfmerge

Put it all together

Acknowledgements

Share this:

Share this:

Pre-requisites

Rooting

Installing Google Apps

Apps to install

Conclusion

Share this:

Download

Share this:

Conclusion

Share this:

The steps

1. One-time key generation for User_From

2. Copy the public key to System_To

3. Log in to System_To

Share this: