Saturday, September 01, 2018

Brave Web Browser

The Brave web browser is built to be private and secure. It is available on desktop and smartphone.  Brave is fast, you can read the open source code, and there is a community support forum. The "private browsing" is better than any other web browser.

Give Brave a try by downloading here.

Friday, July 27, 2018

Android Smartphone Custom Email Apps

Email providers such as Gmail and Hotmail would like you to download their custom email app, in order to better track you and target advertising. As a person with multiple email accounts on multiple services, I do not want many individual apps for reading email. One centralized email "Hub" would be useful.

Microsoft is pushing their Outlook app for Hotmail. Using smartphone web browser to access Microsoft's Hotmail results in the following intercept and encouragement to use Microsoft's app:


Then log in to Hotmail (or live.com or outlook.com) and Microsoft has created an email which again encourages the user to download the Microsoft app:

My favorite integrated email reader from BlackBerry and is named "Hub". Link to download BlackBerry Hub.  Hub integrates email, text (SMS) and social media such as Twitter in to one interface in which you can prioritize messaging.

Saturday, June 23, 2018

OneDrive Automatic Update and Autoruns Application

In Microsoft Windows 10 task manager, I noticed the OneDriveStandaloneUpdater task running, and was curious about it. This led me to the excellent Autoruns application by Sysinternals. Autoruns shows everything that is set to start in any way possible.

Download Autoruns. Using File Explorer, uncompress the folder. In the uncompressed folder, run "Autoruns" application.


In the Autoruns filter box, type: one

Uncheck the box on the appropriate line.

You may additionally uninstall the program (command prompt, then: %systemroot%\System32\OneDriveSetup.exe /uninstall), or rename the program at C:\Users\_username_\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe

Wednesday, April 25, 2018

Security Software on Microsoft Windows 10

These instructions should also work on Microsoft Windows 7 and 8.1.

For home use, I run the following free security products on Microsoft Windows 10:
Microsoft's Enhanced Mitigation Experience Toolkit (EMET) does not work on Windows 10. Users are directed to Microsoft's Windows Defender Exploit Guard.

Saturday, April 21, 2018

Dynamic DNS For Your Changing IP Address

Anyone hosting a web service on a consumer-grade internet connections knows what happens without a static IP address... the IP address eventually changes and your web service can no longer be accessed. Many of the home-monitoring devices such as video cameras and thermostats avoid the problem of changing IP addresses by having the device connect to a centralized "phone home" service to register and provide a consistent point of access to the device.

Anyone wanting to host a service from their own machines or PCs will typically use a static IP (often with a monthly cost from the internet provider) or use a service which provides a generic, consistent means of accessing the changing IP address. These services, some free, are called "dynamic DNS". Typically, a subdomain is registered with the "dyn DNS" service, and software is installed on a device within the home network to regularly update the dyn DNS information. Thus a user will be able to go to theirExampleSubdomainName.exampleDynamicDNSservice.com, which will redirect to the actual IP address.


These instructions describe how to set up dynamic DNS using DuckDNS and updating the DuckDNS with Ubuntu 17.10.

If you have a Google account, use a web browser to log in to your gmail/google account. Otherwise, use one of the other authentication methods.

Use a web browser to go to DuckDNS.org, and authenticate the log on.

At DuckDNS, create a subdomain. Write down the name of your <subdomain>.duckdns.org.

Install software on one of your network devices to regularly update the DuckDNS configuration with your current IP. The website has extensive instructions for many operating systems.

On Ubuntu 17.10, create the directory to hold the duckdns script:
$ cd /var/opt
$ sudo mkdir duckdns
$ sudo chown install:install duckdns ## Use whatever user/group you desire.
$ chmod 750 duckdns

Place the script in the directory with the proper permissions.
$ cd duckdns

To install the updating software on Ubuntu 17.10, log in as a user and check that cron and curl are available:
install:~$ ps -ef|grep -i cron
root       650     1  0 Apr08 ?        00:00:00 /usr/sbin/cron -f
install  18295 18270  0 09:45 pts/3    00:00:00 grep --color=auto -i cron
install:~$ crontab -l
no crontab for install
install:~$ curl
curl: try 'curl --help' or 'curl --manual' for more information
install:/var/opt/duckdns$ which curl
/usr/bin/curl

If cron and curl are installed, follow the instructions at DuckDNS.org to create the file (specific to your subdomain!), install the crontab entry, and test a run of ./duck.sh.

If testing ./duck.sh fails, ensure the path to curl is pointed to the proper location for your machine. Also ensure the line in duck.sh with the curl command is actually on one line and not two or three lines.

Monitor the cron entry is running correctly:
install:~$ tail /var/log/syslog

You can now access your web service by using domain <subdomain>.duckdns.org and it will continue to resolve correctly when your ISP changes your IP address.

------------------------------------------------

The prior instructions (above) for Ubuntu 17 ran okay after the system was upgraded to Ubuntu 18. The following are changes to increase readability and debugging on Ubuntu 18.


In /var/opt/duckdns/duck.sh the file contents are the following. Please use your correct domain and token.
#!/bin/sh
DOMAINFQ="YOUR_FULLYQUALIFIEDDOMAIN_HERE.duckdns.org"
curl_out=$(echo url="https://www.duckdns.org/update?domains=YOUR_DOMAIN_HERE&token=YOUR_TOKEN_HERE" | /usr/bin/curl --insecure --silent --config - )

# Whatever is running this script (cron?) may want to direct output to a file in /tmp.
/bin/echo
/bin/date
/bin/echo duckdns updated $curl_out
/bin/echo 'dig output:'
/usr/bin/dig $DOMAINFQ | /bin/grep ^$DOMAINFQ

if [ $curl_out = "OK" ]; then
    /usr/bin/logger -p daemon.info "duckdns update ok. rc=" $curl_out
else
    /usr/bin/logger -p daemon.err "duckdns update failed. rc=" $curl_out
fi


Schedule the recurring job with crontab.
$ crontab -e
*/5 * * * * /var/opt/duckdns/duck.sh >>/tmp/duckdns.log 2>&1


Monitor the output in /tmp/duckdns.log and /var/log/syslog.

Thursday, April 05, 2018

Short Guide To Configure Linux X On Microsoft Windows

This post contains minimal instructions to run X programs on Microsoft Windows from a Ubuntu Linux machine.


On Windows, install PuTTY from https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html

On Windows, install Xming from https://sourceforge.net/projects/xming/?source=directory
or http://www.straightrunning.com/XmingNotes



















On Windows, run XLaunch (was installed by Xming) and go through prompts:
Display Settings "Multiple Windows"
Session Type "Start no client"
Additional Parameters "Check Clipboard box"

On Windows run PuTTY.
Load a session profile or create a session profile for a Linux machine.
In left panel, go to Connection, SSH, X11.
Click "Enable X11 Forwarding"
X display location "localhost:0.0"
Save that connection profile in PuTTY, so the X11 configuration will be there tomorrow.























On Windows, run Xming. It will run in the background without a Windows display.
On Windows, open the configured PuTTY connection that was previously configured for X11. This should open a command-window on the Linux machine. Enter the following in the command window:
$ echo $TERM
xterm
$ echo $DISPLAY
localhost:10.0


Test X by typing "xclock". A GUI clock from the Linux machine should display on the Windows machine.
Typing "xclock&" will allow you to continue to type in the command window while the xclock GUI also runs.

Saturday, March 17, 2018

Enable Punycode Long URL In Firefox To Protect From Domain Phishing

A recent phishing technique is to register domain names with international Unicode characters that look like English characters. The URL will visually look correct, but it will be a different website which often contains malicious content. Puny code is a representation of Unicode with the limited ASCII character subset used for Internet host names.

The Firefox web browser does not provide an indication that a domain name is using look-alike Unicode characters.

These instructions will enable showing long names when the domain names have Unicode characters.

Open a new tab in Firefox and enter this in the address bar, then press the button to proceed:
about:config
























Search for punycode:
























Right-click on the IDN_show_punycode:
























Toggle the setting to true:
























Friday, March 16, 2018

Create PDF With Embedded Fonts

Some websites require uploaded PDF files to self-contain their fonts. You may see an error similar to:
"The attached PDF file references a non-embedded font: *Helvetica-2509-Identity-H. Please remove file, embed the font and reattach."

This post describes how to create PDF files with non-embedded fonts using Microsoft Word.

In Microsoft Word press File, Export. This will show the "Info" screen.



















Press "Create PDF/XPS"



















Choose output directory and file name, then press "Options".




















In the dialog box, choose "PDF/A compliant". Press OK.
























Press "Publish". The PDF file will be created with all fonts embedded in the PDF document.

Sunday, February 25, 2018

Blocks Ads With Windows 10 Hosts File

Some web pages, such as Microsoft's Hotmail, often bring in ads from other domains which slow down use of the online email service. To speed up web browsing, either block the domains with your router, with a custom DNS, or on your PC. If using Microsoft Windows 10, add the domains to the hosts file.

Press Start button and type "notepad":

Right-click to run Notepad as administrator:


In the Notepad application, open the file C:\Windows\System32\drivers\etc\hosts (or %WINDIR%\System32\drivers\etc)
At the bottom of the hosts file, enter lines to avoid the problem domains. Note the typical convention of the first identation is a "tab", and the spaces between the number and the domain name are spaces. The hash "#" indicates a comment.
#    127.0.0.1       localhost
    127.0.0.1       cdn-ssl.vidible.tv
    127.0.0.1       acds.prod.vidible.tv
    127.0.0.1       trk.vidible.tv
    127.0.0.1       dtm.advertising.com
    127.0.0.1       ad.lkqd.net
    127.0.0.1       t.lkqd.net
    127.0.0.1       p.vj-vid.com
    127.0.0.1       to.vj-vid.com
    127.0.0.1       px.moatads.com
    127.0.0.1       z.moatads.com
    127.0.0.1       vpaid.springserve.com
    127.0.0.1       tracker.departapp.com
    127.0.0.1       a.imprvdosrv.com
    127.0.0.1       s59.imprvdosrv.com
    127.0.0.1       cdn.altitude-arena.com
    127.0.0.1       static.shoofle.tv

In the Notepad application, click File -> Save

Unfortunately, the Microsoft Windows hosts file does not support wildcards. You are required to add entries for subdomains. Alternatively, you can run your own DNS service and use dnsmasq, or use a subscription DNS service which provides wildcards.

Monday, January 22, 2018

CDK Global Disallows Passwords With Numbers Greater Than Nine

CDK Global provides software solutions to the vehicle service industry. One of their cloud-based software solutions forces password changes on a short time frame (weeks). It apparently stores prior passwords to prevent password reuse. It also disallows passwords with numbers greater than 9. For example, password2 is ok while password28 is not allowed.


Saturday, January 20, 2018

Inside Wiring For DSL

These pictures are of inside wiring for DSL internet service using VDSL. The blue / white pairs from the outside telephone cable connect to the red / green pair of the inside wiring.