RSS Feed

RSS

Comments RSS

Good Privacy Resource Information

Summary of trusted privacy tools and information:
1) General file encryption: miniLock, Chrome App, https://minilock.io
2) Steganography: steghide, application, http://steghide.sourceforge.net/index.php
3) Full Disk Encryption: VeraCrypt, application, https://veracrypt.codeplex.com/
4) Secure OS: TAILS, TOR enabled Linux Distro (live CD/USB), http://tails.boum.org/
5) Crypto Programming Library: libsodium, cross-platform,
https://www.gitbook.com/book/jedisct1/libsodium/details
6) Secure mobile Texting & Voice, Signal, Android & IOS, http://whispersystems.org/
7) Public Key Crypto: GNU Privacy Gaurd, cross-platform, https://www.gnupg.org/
7) Learning About Cryptography: Ciphers by Ritter, website, http://ciphersbyritter.com/LEARNING.HTM
8) The definitive book on cryptography: The Codebreakers; The Comprehensive History of Secret Communication from Ancient Times to the Internet, by David Kahn,
http://www.amazon.com/exec/obidos/ISBN=0684831309/rittersoftwareenA/
9) Ongoing security information and teaching:  Security Now!, website/podcast, https://www.grc.com/securitynow.htm

quote: “Arguing that you don’t care about the right to privacy because you have nothing to hide is no different than saying you don’t care about free speech because you have nothing to say.”,
Edward Snowden, Reddit, May 21, 2015
https://www.reddit.com/r/IAmA/comments/36ru89/just_days_left_to_kill_mass_surveillance_under/crglgh2

The Watch Folder

For the programmers and systems administrators among us.  Consider the following, and all too common, programming task. Events from one process need to trigger actions by another.  Now, the impulse may be to try to impliment a direct method of communications between the two process via networking sockets, low level OS signals, etc.  While this may be good to consider or even use at times, there may be a far more simple and less problematic method that is almost always worth considering – the Watch Folder.    If both processes can have access to a common directory, via network share or direct filesystem mount for instance, then all one has to do is have the first process drop a small file to the locaton and have the other process be watching for it, act in response and then clear it out and wait again for the next time the file appears in order to act again.   The second process can watch for it directly or have some other task be the watcher that then calls the final process, perhaps through a periodic call from a task scheduler such a cron.   There are lots of realitively simple ways of implementing such an arrangement without resorting to more complex networking or OS signaling programming schemes.   The Watch Folder methodology works well in any language but is particularly easy to implement in simple scripting languages that are available as part of the command shell of most any OS, such as BASH in Linux, Bourne or Korn Shell in Unix, or DOS Batch or Powershell script in Windows.

The Commandline Bible program is released!

My previous post concerned a little program I wrote one evening to process a bible text file and produce a database from it using Python.   That evening project took on a life of its own, so I have removed the archive download from that blog post as it is now very obsolete.   I now introduce and release to the public my Commandline Bible program.  It is a capable bible search and study program designed for use from the Linux or Windows commandline.  Both are writen in Python and require the installation of the Python 2x (currently 2.7.3) interpreter.   The program should work fine for any Python 2.5 or later 2x installation.  In both versions, extract the archive to folder.   For Linux, run python kjv_cmdline.py at the commandline.   For Windows, run the bible.bat batch file which ensures that the needed ANSI character support is loaded and then runs the Python interpreter and the program.   Many thanks to my good friend Larry D. Barr for many suggestions and beta testing support.  This is version 1.0.  Enjoy!

Features:

  • high quality KJV Pure Cambridge Edition (PCE) text is used
  • case sensitive single word or words found in series search
  • search can be for whole bible or limitied to Old Testament, New Testmant, or single Book of the Bible
  • verse display by reference
  • display of the Treasury of Scriptural Knowledge (TSK) references for verses
  • a simple ANSI color text interactive command line program not requiring any graphical interface at all
  • SQLite3 database and other associated datafiles made freely available
  • all software distributed via the free MIT lincese and other applicable free licneses
  • very low system resource usage and very fast

http://dl.dropbox.com/u/28301815/kjv_cmdline.zip

http://dl.dropbox.com/u/28301815/kjv_cmdline.md5

http://dl.dropbox.com/u/28301815/kjv_cmdline-win.zip

http://dl.dropbox.com/u/28301815/kjv_cmdline-win.md5

 

Using Python to create a Bible database program

The programming bug bit me this evening and I did something I have wanted to do for a really long time, write my own code to create a useable bible database.   So, I took an indexed bible text available in the public domain, wrote the code to parse it properly and then package the parsed bible into a Sqlite3 database file that can then be querried.  Basically, the heart of any bible search program.  I cannot believe how fast it runs!  That is a whole lot of text, but Python excells in the text processing domain.   The link is to an archive containing the bible text file that gets processed and the Python program.   When run, the database is created from scratch.

The code is Python 2.x style.   You may use this code in anyway you wish. NOTE: the following code is obsolete and has been removed.  Please see this blog post for the fully featured program!   http://wa5pb.freeshell.org/motd/?p=854


http://dl.dropbox.com/u/28301815/kjvbible.tar.gz

The code has good examples of:
1)reading a text file, line by line
2)text parsing and regular expressions
3)error handling
4)Sqlite3 database handling

Slackware vs. Arch Linux

I recently found an excellent article comparing Slackware and Arch Linux.

http://beej.us/blog/2009/12/arch-vs-slackware/

bye bye Ubuntu

I think I am going to scrub my Ubuntu 10.04 system (the one I am typing on is Linux Mint Debian), and do another Arch Linux install.   At that point Ubuntu will have been totally jettisoned.  For an Ubuntu done better than Ubuntu, I have Linux Mint.   LM is great for an easy productive installed Linux.  However, it is so easy that it does not do much for my need for a Linux “geek” fix.  So, that is what Arch is for.  Not an easy install.  I have to actually think, read, and learn to do stuff properly on it which is why I fell in love with Linux in the first place.

Don’t get me wrong, I am not an Ubuntu hater.  The Ubuntu team did some really great things and set some really high bars that I think had a great influence on the entire Linux world.  However, I think they have taken a wrong turn with their emphasis on the Unity desktop and have dumbed down the system far too much.  I do appreciate their reasoning for doing this in that they want to get as many newbies and hopeless end users onto Linux and expand the user base.  I really do applaud that and wish them all the best.  However, it is just not for me.  I am a hardcore geek.  I write code.  I do geek for a living and for pleasure.  I just need something more chanenging and interesting.  Fot me comptuing is not just a means to and end, it an end unto itself.   So, of to greener pastures.  I have done Arch before, and really like it.  Even when I got stumped a few times on how to do something, I really liked it.  Linux Mint for my everyday utilitarian computing and Arch for my geek needs.  That’s where I am at now, but given time all this too will change.  I love the ever changing Linux landscape.

–Bill

GRUB2 – editing the boot menu

When it comes to Linux bootloaders, I cut my teeth on LILO.   Learned that, got good at it!   But, time moves on and pretty much all the Linux distros went to GRUB.  So, learned that, got good at it, LIKED IT!   But, time moved on again.  Now most of the major distros have switched to GRUB2.  Granted, it did fix some problems found in GRUB, but we lost the easy-to-edit menu.lst file which was a one stop shop for configuring the boot menu in GRUB.   Typically, you would either want to manually added entries to the boot menu or to remove unneeded entries.  This much more complex in GRUB2, but not impossible.   With a little guidance, you can get back to having a boot menu done the way you want.   After some searching, I found these two articles that provide the best HOWTO info that I know of, particularly without being overly complex.  Both of these authors have done a very good job at making this understandable, and doable.  Check them out.

Understand the structure of GRUB2 and how to add entries:

http://maketecheasier.com/mastering-grub-2-the-easy-way/2009/11/19

Clean up your boot menu in GRUB2 and remove unneeded entries:

http://www.howtogeek.com/howto/17787/clean-up-the-new-ubuntu-grub2-boot-menu/

A Private Internet

I have taken a great interest in personal privacy on the Internet.
I have found some things to help accomplish that.  Please comment
if you know of additional resources or techniques.

1) Private email via PGP encryption:  Seems to be most easily
accomplished using the Thunderbird email client with the Enigmail PGP
add-on.  Note, you will need to have PGP or GPG also, installed.  This
is usually true by default on Linux systems, but on Windows you need
to install GPG4Win. http://www.gpg4win.org/
To obtain the Thunderbird mail client program:
https://www.mozilla.org/en-US/thunderbird/
To obtain the Enigmail add-on:
http://enigmail.mozdev.org/home/index.php.html
Another option is the Claws Mail client which incorporates PGP support
http://www.claws-mail.org/
A good article introducing the use of the Thunderbird email client with
the Enigmail add-on.
http://howto.cnet.com/8301-11310_39-10434684-285/want-really-secure-gmail-try-gpg-encryption/

My public key for  wa5pb19 <at> gmail <dot> com  is:
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x7A4F5D66B10B68A3

2) Private surfing using the TOR browser, which is a specialized cut of
Firefox which incorporates the use of internet relays to help keep your
own internet surfing presence anonymous.
https://www.torproject.org/

3) Private internet searching via the DuckDuckGo search engine.  Which
can also be added as a search provider for the Firefox search bar.
https://www.duckduckgo.com

4) Encryption of files using GPG.
http://www.linuxjournal.com/content/tech-tip-encrypt-files-gpg
A good, brief intro to GPG.
http://www.madboa.com/geek/gpg-quickstart/
The official GPG documentation.
http://www.gnupg.org/documentation/

WHY?
Some people might ask, "Why? Do you have something to hide?".  To
which I respond, "No. But, why not?  Do we not have a right to privacy?".
However, it must be remembered that if we desire a right to privacy,
we much put effort into keeping our own information private.  If we
release information about ourselves, intentionally or not, it is no
longer private and we arguably lose the reasonable expectation of
privacy afforded by the 4th Amendment of the U.S. Constitution. The
problem arises when we unwittingly reveal information about ourselves
via the internet and other computing activities.  These resources may
help a person to avoid doing that.

From: https://en.wikipedia.org/wiki/Fourth_Amendment_to_the_United_States_Constitution#Computers_and_privacy

On March 11, 2010, the United States Court of Appeals for the Eleventh Circuit ruled, in Rehberg v. Paulk, 598 F.3d 1268, that a person does not have a reasonable expectation of privacy in an e-mail once any copy of the communication is delivered to a third party.[80]

On December 14, 2010, in United States v. Warshak, the United States Court of Appeals for the Sixth Circuit ruled that a person has a reasonable expectation of privacy in his emails and that the government violated Warshak’s Fourth Amendment rights by compelling his internet service provider to turn over his emails without first obtaining a warrant based upon probable cause.[81]

I use Linux Mint

I have just realized that I have not done an Ubuntu install in … well … a long time.   And it seems that the last time there was this crazy user interface called Unity that completely, utterly, turned me off to that distribution.   With all the very many things I do like about Ubuntu, the simple fact is that if I hate the interface I simply won’t use it or recommend it to others.   So, what to do?   I did do something.   I switched to Linux Mint.  Being basically build on top of the Ubuntu repositories, but with many improvements and the with the basic understanding that the application centric interface systems (like you see on the iPhone) are NOT suitable for use as a desktop environment.   All I really want is a normal desktop environment.   I did not need or WANT a new computer interface paradigm forced upon me.   I am convinced that most Linux users feel the same way.  Not only that, but I am very certain that Unity is also not the way to introduce new users to Linux.   Linux Mint has everything in it that I wanted and liked about Ubuntu, but without the terrible monstrosity of a non-dekstop called Unity and without the arrogance of thinking they know what is best for all us.  The Linux Mint developers have been committed to the needs and sensibilities of the users and that has won my loyalty.   I now tell folks that I use Linux Mint,  and I recommend it to others.

Linux Mint

Linux Mint, 2 thumbs up!

more about Unity badness…

 

Steve Jobs passes away

Steve Jobs, the Thomas Edison of our day, has passed away.  He dreamed of bringing computing to the masses, and he succeeded.  But he did much, much more than that.  He brought to us a revolution.  From the Apple computer, to the Mac, to the IPod, and then the IPhone and IPad all the other the great gadgets he and his company created,  our lives have been more fun and more productive.   He founded the company, Apple, in a garage then stepped aside for a time to pursue other technical interests, such as the NeXT systems and OS.  But then he returned to Apple to rescue and revive a company that has lost its way.  Oh, but he did much more that just revive Apple.  He had the vision to embrace other technologies and put his unique touch to them.  He spearheaded the creation of wonderful personal entertainment and communications devices and then married those to computing technologies, advanced operating systems and Internet content delivery; which turned Apple into a computing, communications and internet Juggernaut.  Steve Jobs was an inventor, businessman and visionary.  Most of all, he was a great man who gave his all, and even the last of his health, in pursuit of his dreams which have enriched all our lives.

Steve Jobs, RIP

February 24, 1955 – October 5, 2011.     

http://en.wikipedia.org/wiki/Steve_jobs

Python, watermark a PDF

This blog entry shows how to use Python and two third party modules (pyPdf and ReportLab) to watermark a PDF.

#This sample uses two third part modules for Python, 
#pyPdf & ReportLab to achieve creating and placing 
#watermark text at angle on an existing PDF file. 
#This example was produced with Python 2.7 
#See http://pybrary.net/pyPdf for more informaton about pyPdf. 
#See http://www.reportlab.com for more information about ReportLab. 

#Import the needed external modules and functions from pyPdf and reportlab.
from pyPdf import PdfFileWriter, PdfFileReader 
from reportlab.pdfgen import canvas

#Use reportlab to create a PDF that will be used 
#as a watermark on another PDF.
c= canvas.Canvas("watermark.pdf") 
c.setFont("Courier", 60)
#This next setting with make the text of our 
#watermark gray, nice touch for a watermark.
c.setFillGray(0.5,0.5)
#Set up our watermark document. Our watermark 
#will be rotated 45 degrees from the direction 
#of our underlying document.
c.saveState() 
c.translate(500,100) 
c.rotate(45) 
c.drawCentredString(0, 0, "A WATERMARK!") 
c.drawCentredString(0, 300, "A WATERMARK!") 
c.drawCentredString(0, 600, "A WATERMARK!") 
c.restoreState() 
c.save() 

#Read in the PDF that will have the PDF applied to it.
output = PdfFileWriter() 
input1 = PdfFileReader(file("original_pdf.pdf", "rb")) 

#Just to demo this function from pyPdf. 
#If the PDF has a title, this will print it out.
print "title = %s" % (input1.getDocumentInfo().title)

#Open up the orgininal PDF.
page1 = input1.getPage(0)

#Read in the file created above by ReportLab for our watermark.
watermark = PdfFileReader(file("watermark.pdf", "rb"))
#Apply the watermark by merging the two PDF files.
page1.mergePage(watermark.getPage(0))
#Send the resultant PDF to the output stream.
output.addPage(page1)

#Just to demo this function from pyPdf. 
#Return the number of pages in the watermarked PDF.
print "watermarked_pdf.pdf has %s pages." % input1.getNumPages()

#write the output of our new, watermarked PDF.
outputStream = file("watermarked_pdf.pdf", "wb") 
output.write(outputStream) 
outputStream.close()

Python & SQLite3, demonstrating parameters

Python affords a great opportunity for one to learn basic SQL commands and operations by having SQLite3 built into its standard library.   To learn more, here are some links for Python’s implementation of the API and also the SQLite3 website.

http://docs.python.org/library/sqlite3.html

http://www.sqlite.org/index.html

Here is a brief example of  creating a simple SQLite3 database in Python, performing a query against it with parameters.  The use of parameters is demonstrated in 3 ways.

>>> import sqlite3
>>> conn = sqlite3.connect(‘c:\sqlite3\example’)
>>> c = conn.cursor()
>>> c.execute(“””create table contacts(client_id integer primary key, first_name text, last_name text, email text)”””)
>>> c.execute(“””insert into contacts values(NULL, ‘Bob’, ‘Dole’, ‘bob.dole@gmail.com’)”””)
>>> conn.commit()
>>> c.execute(“””insert into contacts values(NULL, ‘Tom’, ‘Cruz’, ‘tom.cruz@xenu.com’)”””)
>>> conn.commit()

First parameters are passed using the ? placeholder.  The values are supplied by a collection, a list in this example.  A tuple could also be used.

>>>params = [‘Tom’,’Bob’]

>>> c.execute(“””select client_id, first_name, last_name, email from contacts where first_name in (?,?)”””, params)
>>> for i in c:
print(i)

Second, a mapping object (dictionary) is used to supply the parameters via its keys.   This allows the parameters to be named.

names = {“name1”: ‘Bob’, “name2”:’Tom’}

>>> c.execute(“””select client_id, first_name, last_name, email from contacts where first_name in (name1,name2)”””, names)
>>> for i in c:
print(i)

Third, we use the built in mapping that stores information about local program variables to supply the parameters.  The locals() function is used to return the mapping information.  This allows the parameters to be simple variables, rather than members of a collection or keys in a mapping.

name1 = ‘Bob’; name2 = ‘Tom’

>>> c.execute(“””select client_id, first_name, last_name, email from contacts where first_name in (name1,name2)”””, locals())
>>> for i in c:
print(i)

All three methods produce the very same result of the query on the database:

(1, ‘Bob’, ‘Dole’, ‘bob.dole@gmail.com’)
(2, ‘Tom’, ‘Cruz’, ‘tom.cruz@xenu.com’)
>>> c.close()

Additionally, remember the parameter needs to be passed to the execute() function by a collection or mapping type variable.   So, if you would like to loop through the database, say by the indices, and are using a simple integer variable in the loop, you can take that and convert it to a list variable on the fly (a list containing one element) and use that.    Like this:

out_list = []
for x in range(1,4):
    y = [x]        #here we take the integer x and use it to create the single element list y for use in c.execute()
    c.execute("""select client_id, first_name, last_name, email from contacts where client_id = :y""", y)
    for i in c:
        out_list.append(i)
print(out_list)

LFS 6.8 not ready for prime time!

I was in an experimenting mood today and decided to give LFS (Linux From Scratch) 6.8 a try.  It is intended to be a from the ground up Linux build system that is primarily aimed at being an educational tool.   The goal is excellent!  Sadly, LFS 6.8 is not.  I did not get very far into the book before I began finding evidence that this version, suposedly the “stable” version, needs serious sanity checking.   More than once I found that the directions left me in the wrong directory.   Worse yet, the heart of the build, the GCC compiler build, fails outrageously.   I tried correcting the instructions but found that even with the paths to the files, etc. corrected it still fails.   I have sent note to the developers with what I have found and hope for some good help and feedback.   It is not beyond possibility that I made some bad mistake along the way, but I believe I was following the directions very, very carefully.   I hope the LSF effort continues and a corrected or updated version is released as it would be a wonderful teaching tool.   However, a teaching tool needs to work flawlessly if it is going to succeed in educating rather than confusing or frustrating the student.

ArchLinux, install file compression packages

With a base install of ArchLinux completed, you may find you still do not have all the file compression utilities installed to handle most commpression types.  Run the following to install the most common file compression packages.   Some may already be installed.   This is ok, they will just be refreshed.

pacman -S tar gzip bzip2 zip unzip unrar p7zip arj lha lzma-utils lzop

Xfce 4.8 missing trashcan

If you install Xfce 4.8, you may find the desktop trashcan icon is missing, even though it is selected in the desktop properties visible icons selection.   To get the trashcan icon back, install the gvfs package.

ArchLinux Reviewed

The Linux Action Show guys review ArchLinux. The ArchLinux review is about 30 minutes into the show.

An ArchLinux DVD tweak

This is just a quick tweak for ArchLinux. Many apps, such as VLC Player, that need to read the DVD device default to a setting of /dev/dvd. I found that ArchLinux does not have the DVD device listed in the /dev directory as such. Instead they are using /dev/sr0. You have a couple of choices. Once you know this fact, you can adjust the configuration of every app you use that needs to read the DVD drive to look to /dev/sr0. In my opinion, it is more straight forward to adjust the ArchLinux system to accomodate the use of /dev/dvd by creating an entry for it. Put the following in your /etc/rc.local system startup script and everytime you start the system the /dev/dvd device entry will be created for you automatically.

cp -l /dev/sr0 /dev/dvd

Intro to Linux

Distro Review: ArchLinux

ArchLinux, when old becomes new again

There is an old saying about old things becoming new again.   That is what I thought about as I did an ArchLinux install for the first time this weekend.   The process took me way, way back into the ’90s when I first became involved with Linux.   Back then, it was Slackware and a pre version 1 kernel.   The process was boot from the disk and very carefully follow the directions.   No GUI install back then and you configured your system as you went.   When the install finished, you were were presented with a shell login prompt to logon as root.   Very much the same thing when doing an ArchLinux install today.   I chose to use the net install CD, which is only about 160MB in size, the rest of the distribution is pulled down from mirror sites on the Internet.   The main appeal, to me, was that it was a return to a more technical DIY type of install with every little detail under my control, as opposed to a GUI install that lets you choose the language, time zone and keyboard and all the rest is done for you.   Now, I am not at all complaining about the modern, easy, GUI Linux installs.   These are in fact WONDERFUL!   Without easy installs like these that very nearly garantee a successful install, Linux would have very little chance to spread and be as widely adopted as it is becoming.    However, sometimes us geeks need more.   We need to satisfy that urge to take a look under the hood and tinker.   Sometimes we just need to geek out and do it ‘the hard way’.   So, I jumped in and did an ArchLinux install to satisfy this need.   One thing that I found is that while is very much a lower level install, it is also a very structured and GOOD install process.   You encounter much more detail along the way, but the process is very tightly controlled.  It is also what I would consider a very educational install with the internals exposed to view.   However, one thing it is not is undocumented.   Back in the old days, the install was sparsely documented and you really had to hunt and search to find out what you need to know to get everything right and running.  The documentation on the ArchLinux site, and also provided on the install CD itself, is supperb!   For instance, after I got the base install done, I wanted to do two more things – Get XWindows up so I could have some GUI if and when I wanted it, and get my wireless card going.   Both of these processes were extreemly well documented and I got both accomplished with just the documentation on the ArchLinux site.   I highly recommend ArchLinux to anyone wanting to dig in deeper and learn more of what makes Linux tick by getting back to the basics and doing a more basic install and then building your system, the way you want it, from there.   ArchLinux——– A review of ArchLinux