Despite supposedly having no data caps, the other day my provider interrupted my surfing with a message stating that I’d downloaded an “excessive amount” and should contact them to upgrade my plan. Interestingly, their website also doesn’t show any data caps or, for that matter, any plans for me to upgrade to.
I’m not real worried about it, but at the same time since I work full time remote I really need my intertoobs to work all the time. Then I remembered that the vacation rental we manage next door to me has internet that rarely gets used. Time to slap a wireless NIC on the server and push internet traffic through that router!
Doing so was easy. I had a halfway decent USB wireless laying around. I slapped it in, joined the next door wireless network, and then ran a route print:
The highlighted bit is the new NIC. Above it is the wired NIC connecting the server to my local network. You want the Metric on the NIC you want internet traffic flowing through to be the lowest. Luckily mine defaulted to that. If yours doesn’t do that you can manually set the Metric by navigating to the Advanced properties of the Network Adapters:
After that I simply removed the Gateway address from the properties of my wired LAN access NIC and voila – all my intertoobs were coming from next door while my LAN still had full access to my server. In order to double check I logged into my router and disabled internet traffic for the server IP address.
For reasons I won’t get into here, the EFF has decided for now not to support Pale Moon, which is my current browser of choice (sideplug: Like Firefox but tired of it gobbling all your resources and crashing? Pale Moon my friend). The inability to install HTTPS Everywhere nearly had me leaving Pale Moon until I discovered that there’s a fork of it out there that works! So use Pale Moon, and install Encrypted Web (and uBlock Origin).
I’ve read some pro-capitalist (anti-socialist?) rants lately, some penned by people roughly half my age, that have disappointed me in their shortsightedness. I’ve also read some writings by people like Stephen Hawking – who recently said we should not fear artificial intelligence, but rather capitalism – and a raft of economists, technologists and anthropologists – who are predicting a near future of technologically driven job scarcity – that lend credence to my disappointment. You don’t have to like it, but you’d be a fool to ignore it: we’re on the precipice of a future with a very different economic landscape, and more likely than not – especially if you’re young – you’re going to be in big fucking trouble if your value system doesn’t change, and fast.
Trust me. I know. Because, on a very small scale, I’m one of those people making you obsolete. Continue reading →
Surely you’ve already read that Windows 10 includes some pretty disappointing user tracking baked into it. Microsoft is also pushing this tracking down to its Windows 7 and 8 operating systems.
Aside: I get the Win 10 thing. It’s free. Do what you want with your free operating system. But quietly inserting anti-privacy shit into operating systems that people have already paid for? Ludicrous. Offensive. Ridiculous. It’s prompted me to finally get off my ass and move all the machines I can off of Windows and onto Linux, for good.
Anyway, yeah, MS is pushing this stuff into your operating system without really giving you any indication. The current list of updates that should trouble you are as follows:
In fact, you can save the above to a .bat file and run it. This takes them off, but unfortunately doesn’t prevent them from presenting themselves for install in the future. To fix that you’ll have to head to Windows Update, let it scan what you’re missing, and then go through that list hunting for each of these. When you come across one, right click it and choose to hide it.
This is the list for now… I sincerely doubt this is where it will end, however. Have you tried Linux lately?
My Sickbeard doesn’t like it, and doesn’t find it when it’s out there. Turns out the problem is how it’s being named out there in usenet land, and Sickie can’t figure it out. It also turns out Sickie has an exceptions database just for handling these sorts of situations. Problem is, this database doesn’t get updated very often. Good news is, you can update it yourself!
The database is cache.db, found in the program directory for Sickbeard. To add to this file you need to use a SQLite shell interface. You can see basic information on obtaining and using the shell interface on a previous post here.
Once you’re ready to go, fire up your interface from a command line:
Open the database (Pay attention to pathing. In this example I’m already working from within the directory containing cache.db) :
And use the following to insert “Stephen Colbert” as a general search term:
Breaking down this line a bit: 9999 is the exception ID you’re assigning to this exception. We’re just looking to get past all the existing exceptions without conflict. As of this writing my scene_exceptions table has 777 legit autofilled exceptions defined in it. 289574 is the TVDB.com ID for the Late Show, the next field is a the search term to be used for the show name (Stephen Colbert), and the final field is the provider, which is the tvdb.
That’s the error that seemingly randomly popped up on my screen.
The cache has no package named “wine1.7-i386”
I’m using Wine because there are some Windows specific things I need to be able to run. It seems that the updater may just not like Wine too much, because when I manually ran updates with a simple sudo apt-get update it upgraded without a problem and the error disappeared.
Microsoft is slipping into Windows 7 and 8 the same data mining and privacy violating tracking that has made news for being a part of Windows 10. I’m in the midst of absorbing it all, but for now further info, including updates to block, can be found here.
Also, instructions on how to opt-out of their CEIP (Customer Experience Improvement Program) which if you’ve installed Office you’ve surely inadvertently joined, can be found here.
First, an apology for anyone who recently visited this site and found themselves bombarded with pop up ads or alarmist claims that they’d contracted viruses. I’m incredibly sorry. A plugin that I use(d), SweetCAPTCHA, is now injecting pop ups in what appears to be an attempt to monetize their plugin.
Now, whether SweetCAPTCHA’s been compromised (I don’t think so) or has turned to nefarious means to try to fill their coffers (ding ding!), the ease at which this happened should set off alarm bells for CMS users everywhere (after all, SweetCAPTCHA’s not WordPress specific). I’ve been absolutely guilty of thoughtlessly hitting the “upgrade” link on plugins, especially on sites of my own. I’m a bit more cautious with client sites after having been bit more than once by an upgrade that rendered inoperable an important plugin, but I’d be lying if I didn’t admit that sometimes I don’t do sufficient research before and adequate QA after some upgrades. And that leads to a night like tonight, logging into all my personal and client sites in a panic to see who had SweetCAPTCHA installed and activated (thankfully no clients – only this site and one other personal site).
Plugins are third party. They’re dangerous. We’re trusting them to do what they say they do and nothing more. And we placing that trust in them again and again each time we agree to an upgrade. We need to be careful.
So again, I sincerely apologize. This site doesn’t get a whole lot of traffic, but the traffic it does get are mostly people looking for help. Every time I receive an email or comment from someone telling me this little site of mine has helped them it makes me a bit warm inside. That SweetCAPTCHA hijacked my little warmth generating site to take advantage of its visitors pisses me right the fuck off.
Read more about SweetCAPTCHA’s shitty new business model here and here.
Once upon a time, long ago, I had an Unreal Tournament problem. The problem was that I was playing too much Unreal Tournament. So I gave it up and, since then, haven’t played games much at all. Recently, however, I found myself pet sitting a puppy that needed to be kept in a confined space, eg: my office, and needed company, eg: me, so I grabbed a game I’d read about: Guacamelee. And I had some Nintendo style knockoff controllers laying around from having built a Raspberry PI MAME machine for fun. I installed the game, plugged in the controllers, confirmed Windows saw them, and fired up the game. It couldn’t see the controller at all.
I did two things to fix this problem. First, I installed DirectX. Secondly, I downloaded x360ce, unpacked it into the root directory of the game, renamed the xinput1_3.dll to xinput9_1_0.dll (which is already done for you in the download above), fired up x360ce.exe to confirm it could see the controller, killed it, and fired up the game. Voila – controller.
Phase 2 is done. Read it here. The findings summary is basically:
During the engagement, CS [Cryptography Services] identified four (4) issues, and none led to a complete bypass of confidentiality in common usage scenarios. The standard workflow of creating a volume and making use of it was reviewed, and no significant flaws were found that would impact it.
The most severe finding relates to the use of the Windows API to generate random numbers for master encryption key material among other things. While CS believes these calls will succeed in all normal scenarios, at least one unusual scenario would cause the calls to fail and rely on poor sources of entropy; it is unclear in what additional situations they may fail.
Additionally, CS identified that volume header decryption relies on improper integrity checks to detect tampering, and that the method of mixing the entropy of keyfiles was not cryptographically sound. Finally, CS identified several included AES implementations that may be vulnerable to cache-timing attacks. The most straightforward way to exploit this would be using native code, potentially delivered through NaCl in Chrome; however, the simplest method of exploitation through that attack vector was recently closed off.
So basically, unless you’re concerned about the Windows API generation of the encryption key, the last version of TC prior to the developer bailout remains an effective encryption solution. And TCNext is out there, though they’ve got no new version as yet (7.1 is available there).