• Content count

  • Joined

  • Last visited

  • Days Won


Everything posted by BINREV SPYD3R

  1. One of the key tools in GIMP is Layer Masks, which allow you to make selected parts of a layer transparent, so that lower layers can come through. This is a way to get the same kinds of effects you would get with physical transparency sheets or animation gels. Links:,1,342 View the full article
  2. NEW 'Off The Hook' ONLINE Posted 08 Apr, 2021 1:56:37 UTC The new edition of Off The Hook from 04/07/2021 has been archived and is now available online. "Off The Hook" - 04/07/2021 Download the torrent here View the full article
  3. In this episode, our two heroes explore the realm of the great uncertainties also known as probabilistic data structures. For this adventures they managed to retain one of the experts in this field from the open source realm. Check out the episode to get in on this secret and its details! Links: Probabilistic data structures (PDS): Hash functions: Bloom / cuckoo filters: Scalable Bloom filter: redis module: HyperLogLog: PDS Foundation: View the full article
  4. NEW 'Off The Wall' ONLINE Posted 07 Apr, 2021 0:52:48 UTC The new edition of Off The Wall from 04/06/2021 has been archived and is now available online. "Off The Wall" - 04/06/2021 Download the torrent here View the full article
  5. Thunder bird, the wonderful email client. I share how I use and enjoy the Thunderbird email client. use `hpr391` as the subject for all emails. If not, junk filter. View the full article
  6. Create a new worktree $ git branch | tee * dev trunk $ git worktree add -b hotfix ~/demo/penguin.tree trunk Preparing ../penguin.tree (identifier penguin.tree) HEAD is now at 62a2daf commit List existing worktrees $ git worktree list /home/tux/demo/penguin.git 15fca84 [dev] /home/tux/demo/penguin.tree 09e585d [trunk] Move a worktree $ git worktree move penguin.tree ~/Temp Remove a worktree $ git worktree remove penguin.tree View the full article
  7. New hosts Welcome to our new host: timttmy. Last Month's Shows Id Day Date Title Host 3281 Mon 2021-03-01 HPR Community News for February 2021 HPR Volunteers 3282 Tue 2021-03-02 HP Laptop with AMD Ryzen 3 Mobile with Radeon Graphics Some Guy On The Internet 3283 Wed 2021-03-03 HPR RPG Club reviews Dead Earth klaatu 3284 Thu 2021-03-04 Introduction to gdb klaatu 3285 Fri 2021-03-05 Upgrading Lubuntu on my Samsung N150 Plus netbook MrX 3286 Mon 2021-03-08 Wireguard How To timttmy 3287 Tue 2021-03-09 Quick tip Archer72 3288 Wed 2021-03-10 Linux Inlaws S01E25: The Grumpy Old Coders monochromec 3289 Thu 2021-03-11 NextCloud the hard way Ken Fallon 3290 Fri 2021-03-12 GIMP: More on Layer Tools and Techniques Ahuka 3291 Mon 2021-03-15 The New Audacity and Batch Processing Macros Ahuka 3292 Tue 2021-03-16 Squirrel FSF blog Zen_Floater2 3293 Wed 2021-03-17 HPR RPG Club reviews Dungeon Raiders klaatu 3294 Thu 2021-03-18 Update to MakeMKV to back up media Archer72 3295 Fri 2021-03-19 Renewing a Let's Encrypt cert for Home Network use Ken Fallon 3296 Mon 2021-03-22 Spam Bot Honey Pot Rho`n 3297 Tue 2021-03-23 Nextcloud Application Updating ToeJet 3298 Wed 2021-03-24 Poisoning The Well Some Guy On The Internet 3299 Thu 2021-03-25 Linux Inlaws S01E26: Make your Linux harder monochromec 3300 Fri 2021-03-26 YouTube Channels for Learning Spanish, Part 1 Ahuka 3301 Mon 2021-03-29 K S P Kerbal Space Program! (Game) operat0r 3302 Tue 2021-03-30 Input Methods on Ubuntu clacke 3303 Wed 2021-03-31 Slackware on RaspberryPi Brian in Ohio Comments this month These are comments which have been made during the past month, either to shows released during the month or to past shows. There are 15 comments in total. Past shows There are 3 comments on 3 previous shows: hpr3153 (2020-09-02) "Fixing eBooks with Calibre and pdfcrop" by Ken Fallon. Comment 2: Ken Fallon on 2021-03-03: "Thanks Again." hpr3241 (2021-01-04) "HPR Community News for December 2020" by HPR Volunteers. Comment 4: clacke on 2021-03-03: "OpenLDAP on BDB?" hpr3262 (2021-02-02) "My thoughts on diversity in Linux and open source" by swift110. Comment 6: bjhend on 2021-03-08: "Get rid of bad terms in IT" This month's shows There are 12 comments on 7 of this month's shows: hpr3282 (2021-03-02) "HP Laptop with AMD Ryzen 3 Mobile with Radeon Graphics" by Some Guy On The Internet. Comment 1: frank on 2021-03-18: "Using your OEM Windows key in a VM" hpr3289 (2021-03-11) "NextCloud the hard way" by Ken Fallon. Comment 1: monochromec on 2021-01-29: "apachectl restart vs. systemctl restart apache2.service" hpr3291 (2021-03-15) "The New Audacity and Batch Processing Macros" by Ahuka. Comment 1: RmccurdyDOTcom on 2021-03-15: "audio" Comment 2: Gumnos on 2021-03-26: "Which hardware podcast player did you move to?" Comment 3: Kevin O'Brien on 2021-03-27: "Your answer" hpr3292 (2021-03-16) "Squirrel FSF blog" by Zen_Floater2. Comment 1: Ken Fallon on 2021-03-09: "Good Question" Comment 2: A listener on 2021-03-16: "Enjoyed the podcast, but..." Comment 3: Kevin O'Brien on 2021-03-18: "Thank you" Comment 4: Thaj on 2021-03-27: "Well..." hpr3296 (2021-03-22) "Spam Bot Honey Pot" by Rho`n. Comment 1: Kevin O'Brien on 2021-03-25: "Great show!" hpr3298 (2021-03-24) "Poisoning The Well" by Some Guy On The Internet. Comment 1: Windigo on 2021-03-25: "Agreed" hpr3299 (2021-03-25) "Linux Inlaws S01E26: Make your Linux harder" by monochromec. Comment 1: nobody on 2021-03-25: "Other MAC implementations" Mailing List discussions Policy decisions surrounding HPR are taken by the community as a whole. This discussion takes place on the Mail List which is open to all HPR listeners and contributors. The discussions are open and available on the HPR server under Mailman. The threaded discussions this month can be found here: Events Calendar With the kind permission of we are linking to The Community Calendar. Quoting the site: This is the community event calendar, where we track events of interest to people using and developing Linux and free software. Clicking on individual events will take you to the appropriate web page. Any other business Tags and Summaries Thanks to the following contributor for sending in updates in the past month: Dave Morriss Over the period tags and/or summaries have been added to 10 shows which were without them. There are now 404 shows which need a summary and/or tags. If you would like to contribute to the tag/summary project visit the summary page at and follow the instructions there. View the full article
  8. I did not get any feed back on my first nagios episode, so I can only assume that I perfectly explained what nagios is. And my installation instructions were so good, that no one had any questions. So I will move on to some additional nagios topics. Why use nagios One thing I meant to talk about but forgot in the intro is why you may want to run nagios as a hobbyist. Education, learning a new technology for fun Network Monitoring is a valuable skill and benefit your career if you work in IT Early warning for failing hardware Monitoring self hosted applications Notification for home security devices IP cameras Most of the benefits of nagios are not specific to nagios. There are plenty of other options for monitoring, and all of them are worth exploring. Notification Options Email I had planned on discussing how to set up postfix to send emails. But, that is such a big topic I will have to skip it. I will instead talk about what I do to send email. And Maybe you can do something similar. Spammers have ruined the ability to directly send email. Most residential ISPs block port 25 outbound to prevent malware from sending email. Some Virtual hosting providers may not block sending mail, but many mail servers will not accept mail from VPS IP ranges. There are a few ways to get around this problem. I use the email delivery service Sendgrid. They do all the work of staying off the list of spammers, and most email providers trust mail send via Sendgrid. I wont go into the instructions for configuring postfix to relay outgoing mail via Sendgrid, but their documentation is easy to follow. There are plenty of services like sendgrid. And most have a free tier. So unless you are blasting out alerts you probably will not have to pay. If you want to send alerts from nagios via email, I recommend finding a email sending service that works for you. Push alerts There are a few options (besides email) for getting alerts on your phone. aNag The easiest way to get alerts is probably the aNag Android app. aNag connects to the nagios UI to get status updates. It can be configured to check in periodically and there generate notifications for failed checks. One downside to aNag is the phone has to be able to connect to the nagios server. So, if nagios is on a private network, you will need a VPN when you are not on the same network. If you decide to put nagios on a public network, be sure to configure apache to only use HTTPS. certbot makes this really easy. Pushover Another option is to us a Push Notification service that can send notifications that are triggered by API calls. I like to use the You pay $5 when you download the pushover app from the app store, and then notifications are sent for free. They offer a 30 day trial if you want to evaluate the service. To use pushover, we will add a new contact to nagios. The command for the pushover contact is a script that calls the pushover API via curl. Remember from the previous episode, nagios has a conf.d directory and will load any files in that directory. So we will create a new file /etc/nagios4/conf.d/pushover.cfg and restart nagios. The contents of the pushover file will be in the show notes. To use pushover for specific checks, and the contact to that check. See the example in the show notes. Or if you want to use pushover for everything Modify the definitions for the host and service templates to use pushover as a contact The script that calls the Pushover API is at Save a copy of the script in the nagios plugins directory. pushover.cfg # 'notify-host-pushover' command definition define command{ command_name notify-host-pushover command_line $USER1$/ -u $CONTACTADDRESS1$ -a $CONTACTADDRESS2$ -c 'persistent' -w 'siren' -t "Nagios" -m "$NOTIFICATIONTYPE$ Host $HOSTNAME$ $HOSTSTATE$" } # 'notify-service-pushover' command definition define command{ command_name notify-service-pushover command_line $USER1$/ -u $CONTACTADDRESS1$ -a $CONTACTADDRESS2$ -c 'persistent' -w 'siren' -t "Nagios" -m "$HOSTNAME$ $SERVICEDESC$ : $SERVICESTATE$ Additional info: $SERVICEOUTPUT$" } define contact{ name generic-pushover host_notifications_enabled 1 service_notifications_enabled 1 host_notification_period 24x7 service_notification_period 24x7 service_notification_options w,c,r host_notification_options d,r host_notification_commands notify-host-pushover service_notification_commands notify-service-pushover can_submit_commands 1 retain_status_information 1 retain_nonstatus_information 1 contact_name Pushover address1 {{ pushover_user_key }} address2 {{ pushover_app_key }} } writing custom checks One of the big advantages of nagios is the ability to write custom checks. In the previous episode, I mentioned that the status of the nagios checks are based on exit code. Exit Code status 0 OK/UP 1 WARNING 2 CRITICAL So, to write a custom check, we need a script that will perform a check, and exit with an exit code based on the results of the check. Verify recent log entry I have a server where occasionally the syslog daemon stop running, Instead of trying to figure out why syslog keeps crashing, I wrote a script to check the log file is being updated. The script looks for the expected log file and tests that it has been modified in the last few minutes. The script will: exit 0 if the syslog file is less than 1 minute old exit 1 if the syslog file is less than 10 minutes old exit 2 if the syslog file is more that than 10 minutes old or does not exist Since the server with the crashy syslog is not the same server running nagios, I need a way for nagios to execute the script on the remote server. Nagios has a few ways to run check commands on remote servers. I prefer to use ssh, but there are some disadvantages to using ssh. Specifically the resources required to establish the ssh connection can be heavier than some of the other remote execution methods. The check_by_ssh plugin can be used to execute check commands on another system. Typically ssh-key authentication is set up so the user that is running the nagios daemon can log in to the remote system without a password You can try the command to make sure it is working. cd /usr/lib/nagios/plugins ./check_by_ssh -H RemoteHost -u RemoteUser \ -C /path/to/remote/script/ The new command can be added to a file in the nagios conf.d directory define command { command_name check_syslog_age command_line $USER1$/check_by_ssh -u RemoteUser -C /remote/path/ } After adding the command definition, check_syslog_age can be added as a service check. The Log Check script: #!/usr/bin/bash TODAY=$(date +%Y%m%d) LOGPATH="/syslog" TODAYSLOG="$TODAY.log" if test `find "$LOGPATH/$TODAYSLOG" -mmin -1` then echo OK exit 0 elif test `find "$LOGPATH/$TODAYSLOG" -mmin -10` then echo WARNING exit 1 else echo CRITICAL exit 2 fi Using snmp to monitor load average and disk usage SNMP can get complicated and I have mixed feelings about using it. I am not going to go into the SNMP versions or the different authentication options for SNMP. But I will show a minimal setup that allows some performance data to be checked by nagios The SNMP authentication that I am demonstrating is only appropriate for isolated networks. If you plan to use snmp over a public network, I recommend looking into more secure versions of SNMP or tunnelling the check traffic via ssh or a VPN. If you want to learn more about SNMP, I recommend "SNMP Mastery" by Michael W Lucas. SNMP setup First we need to configure the client to respond to SNMP request. On Ubuntu, apt install snmpd By default, snmpd listens on localhost. Replace the existing snmpd.conf with this example to set a read only community string and listen on all IP addresses. And don't forget, I do not recommend this for a Public Network. Restart snmpd and open port 161 if there is a firewall enabled. agentAddress udp:161,udp6:[::1]:161 rocommunity NEW_SECURE_PASSWORD disk / SNMP nagios checks The nagios plugin package installs several pre-defined snmp checks in /etc/nagios-plugins/config/snmp.cfg Look through the file to get an idea of the checks that can be performed via SNMP. Below is an example of a client configuration that uses SNMP. If you look at how the command definitions, most of them have an option to accept arguments to modify how the check is done The argument placeholders re represented by $ARG1$ In most cases, the arguments are optional. This particular SNMP check for disk space requires an argument to complete the disk ID being checked. When the service check is defined, the arguments are separated by ! You can also see in the example how you can add additional contacts Change the check attempts - number or retires before sending an alert Frequency of checks, the default is every 5 minutes define host { host_name ServerIP use linux-server } define service { use generic-service host_name ServerIP contacts Pushover max_check_attempts 1 check_interval 1 service_description DISK check_command snmp_disk!NEW_SECURE_PASSWORD!1!1 # first arg is disk number # command in /etc/nagios-plugins/config/snmp.cfg } define service { use generic-service host_name ServerIP contacts Pushover service_description LOAD check_command snmp_load!NEW_SECURE_PASSWORD # command in /etc/nagios-plugins/config/snmp.cfg } define service { use generic-service host_name ServerIP service_description Memory check_command snmp_mem!NEW_SECURE_PASSWORD # command in /etc/nagios-plugins/config/snmp.cfg } define service { use generic-service host_name ServerIP service_description Swap check_command snmp_swap!NEW_SECURE_PASSWORD # command in /etc/nagios-plugins/config/snmp.cfg } Check servers for updates Nagios has plugins that can check if there are system updates required. Number of updates Check will be CRITICAL if any of the updates are security related. Is a reboot required to load the latest kernel. The check plugin is installed on the remote server. The plugin for Debian based systems is nagios-plugins-contrib or nagios-plugins-check-updates for Red Hat based systems. The command definitions are below. Since the plugins take longer to run, you will probably need to modify the nagios plugin timeout. define command { command_name check_yum command_line $USER1$/check_by_ssh -H $HOSTADDRESS$ -t 120 -u root -C "/usr/lib64/nagios/plugins/check_updates -t120" } define command { command_name check_apt command_line $USER1$/check_by_ssh -H $HOSTADDRESS$ -t 120 -u nagios-ssh -C "/usr/lib/nagios/plugins/check_apt -t60" } That's probably all the nagios I can handle for now. Leave a comment if there are nagios topics you would like to hear about. Thanks for listening and I will see you next time. View the full article
  9. Introduction After many years of confusion it has been decided to produce a common standard for dates and times between Europe and the United States of America. When encountering a USA date such as 03/14/2021 (known as Pi Day in the USA) there has been ambiguity over which part of the date is the day and which the month. There can also be confusion as to the year if the two-digit form is used. Standardisation is a way in which these sorts of ambiguities can be resolved. Having a common method of representation avoids confusion. Therefore, starting in 2021, in the spirit of clarity and prevention of misunderstanding, the EU has decided to standardise on compatible formats wherever possible. Dates Henceforward dates will be represented in one of the following forms: MM/DD/YY month/day of month/two-digit year YY/DD/MM two-digit year/day of month/month Thus, 21/14/03 or 03/14/21 will be universally recognised as Pi Day. Times The break from the previous tyranny of large|medium|small or small|medium|large formats has been extended to 24-hour time representations. Henceforward 24-hour times will be represented in one of the following forms: SS:HH:MM seconds:hours:minutes MM:HH:SS minutes:hours:seconds Support Bash already introduced support last year. You will need to update to Ubuntu Falex to get the latest version. Future plans The Standardisation Working Group will be planning other measures. Forthcoming rationalisations will be: Weights and Measures: Discrepancies such as the US pint (16 fluid ounces) versus the British pint (20 fluid ounces) Temperature: Fahrenheit versus Centigrade, replaced by the new Eurotemp which straddles both ranges. The choice might be the Rankine scale (°R), but this has yet to be decided. View the full article
  10. NEW 'Off The Wall' ONLINE Posted 31 Mar, 2021 0:24:36 UTC The new edition of Off The Wall from 03/30/2021 has been archived and is now available online. "Off The Wall" - 03/30/2021 Download the torrent here View the full article
  11. a little history slackware on arm started by stuart winter in 2002 became an official port of slackware in 2009 lots of info at the video podcast on youtube why choose slackware can do minimal installs easy education stable and secure who should avoid slackware unwilling or unable to read and follow directions if you think your leet when you use apt instead of apt-get if you think commands like dd are 'scary' howto there is no official port of slackware arm to raspberrypi i think this is because of raspberrypi has a non standard way of booting compared to most arm devices community has stepped in on the slackware documentation project website there are 'manual' install projects took a while, had to download firmware from the raspberrypi project itself quite a bit of cleanup this is the guide if you want slackware on a pi-zero link to the sarpi project guy named phil project lead, started in 2012 the sarpi project is also a manual process even if you don't do this you should look at the website content, this is the way to do a tutorial after you download the sources this install is exactly like any other slackware install when you get to the package selection its easy to customize after install you have a complete development environment be prepared to up your search foo many packages can be built from slackbuilds The only mistakes you can't learn from are, your own fatal mistakes Links View the full article
  12. First I go to the Language Support window. Either search (press Super/Windows, then type) for "Language Support" and go there directly, or search for "Region & Language", go there, then click "Manage Installed Languages". There I click Install / Remove Languages ..., check the Chinese I want, then click Apply. Then I add the packages for the input methods I want, either using the command line (apt install) or the Ubuntu Software application: Chinese Quick: ibus-table-quick-classic Chinese Pinyin: ibus-libpinyin Chinese (Cantonese) Jyutping: ibus-table-jyutping Bonus input method: Unicode emoji: ibus-typing-booster Now for each user that wants an input method, I search for and go to Region & Language. At the bottom of the Input Sources section I click the plus button. The different input methods are found by clicking down into different sublists. Click the right choice, then Add: Chinese Quick: Chinese -> Chinese (QuickClassic) Chinese Pinyin: ⋮ -> Other -> Chinese (Intelligent Pinyin) Chinese (Cantonese) Jyutping: Chinese -> Chinese (Jyutping) Unicode emoji: ⋮ -> Other -> Other (Typing Booster) EurKEY: English (United States) -> EurKEY (US based layout with European letters) The EurKEY layout is part of the standard English language support in Ubuntu. Finally, to enable unicode color emoji as completion suggestions, switch to the Typing Booster mode by pressing Super/Windows+Space repeatedly until you see the rocket in your notification area. Click the rocket -> Unicode symbols and emoji predictions -> On. I owe you a followup episode once I figure out how to make this work for Guix applications running inside Ubuntu. This episode was based on a Fediverse thread: References for your further study: IBus is an input method protocol for the GNU/Linux desktop. Other protocols supported are XIM, SCIM, fcitx and uim. You have to choose one of these to use for all your input methods, but the most common input methods exist at least for IBus and the first three of the rest, so this is not as much a limitation as it sounds like. Quick is a simplification of the Cangjie input method. Cangjie assigns radicals, character components, to 24 keys on the alphabetic keyboard, and you combine these into a character. In Quick you combine two and then choose a completion from a list. Pinyin is a romanization, a Latin alphabetic spelling, for Standard Chinese (Mandarin). Jyutping is one of many romanizations for Cantonese. Guix is a GNU/Linux OS and also a package manager that can be installed and coexist with the GNU/Linux OS you already have, allowing you to mix and match programs from both sources. See also hpr2198 and hpr2308. View the full article
  13. dont ever use return to launch pad or anything always use quick save and load etc .. quick save before launch etc... stay away from missions that are high altitudes/ and low speed etc ... for now. stick with ones that are ALT or SPEED only .. do both only if you are sure you can do it. use F12 to keep an eye on physics to EVA in space you need upgrade astronaut complex first ... hit the rest button in the build menu to reset all the stage to .. logical order My rules of thumb for parachutes: Mk1s are good for a ton each. Radials and drogues are good for 1.5t each. Mk2s are good for 2t each. build a plane to do "conduct survey" missions ... missing SAS buttons ? upgrade at tracking and mission control then level up your Pilot to 3 or use tech tree to unlock mod with SAS try to just focuses on missions you can complete easily when you finish a mission keep an eye on the recovery mod or % at the end it will tell you in the report how much money you lost .... sub assembly ( unlock tech tree ) A good rule of thumb is to simply keep the ship between 200-300 m/s until you are above 12k meters so you aren't burning extra fuel to get through the lower atmosphere where you're going to experience the most drag. different rockets work better in vacuum of Space for large payloads: Fuel Flow & Asparagus Staging | KSP Beginner's Guide NERV Rocket : 223 hrs and just now getting to build/mechjeb OK... COM ranges sat build! : AE-F33 shell (faring) TR-V2 decopuler dawn engine 2 x pb-x150 xeono small inline reaction wheel z-200 battery ra-15 sat OK-T02 probe (remote control ) communion 16 (for kerbal coms) 2x gigantor solar array toggle debeis and clean up ! @KSpaceAcademy @KSA_MissionCtrl #KSP #KSP2 @SquadDevs @KerbalSpaceP View the full article
  14. As I have been learning Spanish I have been making use of a variety of tools and aids. One of the best is YouTube, where there is a wealth of free stuff. Of course, Spanish is not the only language with good resources here, but it is the one I am studying right now. But if you are interested in learning another language, or improving your knowledge of one, you should take a look. Links: View the full article
  15. NEW 'Off The Hook' ONLINE Posted 25 Mar, 2021 1:35:03 UTC The new edition of Off The Hook from 03/24/2021 has been archived and is now available online. Emmanuel receives a legal notice from Facebook, Rob and Gila get their second vaccine dose, listener emails, Extra Hope scheduled for August may not happen, getting banned from Twitter, Amex gets a little too nosey, Sam Lavigne joins the panel to discuss his creation - Zoom Escaper. "Off The Hook" - 03/24/2021 Download the torrent here View the full article
  16. In this episode our two aging heroes discuss the proper temperature to drink beer at (spoiler: it's not 20 degrees as CAMRA would make you believe) and the ins and outs of basic and enhanced security on our beloved operating system. If you ever wanted to know more about Linux Security Modules, AppArmor and SELinux and how dames of negotiable affections relate to these concepts, this show is for you. Shownotes: Campaign for Real Ale: Linux Security Modules: SELinux: SELinux on Android: AppArmor: RBAC with AppArmor: Plan 9: Plan 9 from Outer Space: Man down: The Midnight Gospel: View the full article
  17. NEW 'Off The Wall' ONLINE Posted 24 Mar, 2021 1:17:59 UTC The new edition of Off The Wall from 03/23/2021 has been archived and is now available online. "Off The Wall" - 03/23/2021 Download the torrent here View the full article
  18. Hot, off the cuff. You can leave feedback at; "hpr04" for the subject line. Emails are seen as plain text and are filtered. Maybe I'll do a show on email; oops now I owe a show. View the full article
  19. Simple method to autoupdate nextcloud apps. An email is sent as summary of actions. Scheduled for 5 AM Sunday - Cron Entry 0 5 * * 0 /usr/bin/php /var/www/nextcloud/occ app:update --all 2>&1 # * * * * * command to be executed # - - - - - # | | | | | # | | | | +----- day of week (0 - 6) (Sunday=0) # | | | +------- month (1 - 12) # | | +--------- day of month (1 - 31) # | +----------- hour (0 - 23) # +------------- min (0 - 59) View the full article
  20. In this episode of Hacker Public Radio, I will describe the method I chose to combat spam bots filling out my company's contact form. About 99% of the submissions we receive are spam, which makes filtering for valid messages painful. After some research into different methods, I decided to go with the honey pot method. The honey pot method uses an extra text input field to lure the spam bot into filling it out. There are different suggestions for how to hide this extra field from valid users by using either javascript or CSS. With javascript, the honey pot section of the form is removed from the DOM when the page loads, hiding it from your users. The argument for this method is most bots don't implement javascript, so the honey pot field will not be hidden from them. I think that is a valid argument but I didn't want to include extra javascript in my page--so I went with the CSS method. There are references at the end of the show notes to a couple of the articles I read on implementing the honey pot with either javascript or CSS. My take away was, one, don't use the CSS display property set to the value of none to take the input out of the DOM. Sufficiently smart enough bots may know to scan for this, especially if applied directly to the element. Also don't name your classes something obvious to your intent like "anti-spam-filter". My guess is the majority of the bots out there aren't that sophisticated, but I figured it couldn't hurt to follow those suggestions. I was already using Bootstrap CSS for our site, so I decided to use Bootstrap's "sr-only" class. This class is used for elements that you only want visible to screen readers. It takes the element and uses a combination of absolute positioning, setting the size and width to 1 pixel, setting a negative left margin, and hiding content overflow to prevent the honey pot showing up visually. I figured if the bot was scanning CSS for classes or properties, this wouldn't trigger any warnings. It does bring up the issue of how to prevent impacting the experience of people using screen readers. I applied the aria-hidden attribute with a value of true to the label element surrounding the honey pot input field. "[this] removes that element and all of its children from the accessibility tree." So we now have the field hidden both visually in the browser and from assistive technologies. Given the short end of the stick accessibility usually gets, I doubt there are any spam bots scanning for that ARIA attribute. For the minority of users who might be viewing with the classic lynx browser, I put 'For office use' as the label text before the honey pot, hoping this would get the message across without tipping off the bot to the intended purpose of the related input field. The other main issue with this method is the value of the name attribute used for the input field. Some argue to use obfuscated values like "mmxxName" instead of "name", or "sxysPhone" for "phone". Apparently some bots will skip fields they don't recognize. By using more standard names for multiple honey pot fields, it easier to determine if it is a bot. The counter argument to this naming scheme is about the user experience, by obfuscating the name, then browsers won't auto-fill the valid fields of the form. This also brings up the matter of not auto-filling the spam fields by the browser of your users. This is done by setting any of your honey pot input elements' "autocomplete" attributes to "off". So far this spam filtering method is working nicely. I currently send any messages flagged as spam to a different email address with the subject prepended with the words "[Spam review]". Once I am confident there are not that many false positives, I will just skip sending flagged messages. The one issue I have experienced with this method is when using the tab key to move through the form. Since the input field is only visually hidden, it still receives focus as you tab through. If you happen to hit another key while still in the hidden field, it will get captured by the honey pot and then the submission will be flagged as spam. I have created a sample form on my personal site. Please visit URL: to try it out. It is a simple PHP page using the GET method when submitting the form. Once you press the submit button you will see the form fields and their values, along with the result messages. I chose to use "URL" as the name for my honey pot input field. I use it on my example form, and I use it for my work form. For my work form, a URL is not something we ask to be submitted, and being a common field in forms, makes it very tempting for bots. In my example code, the CSS for hiding the honey pot section is from the websites. Their "visibility-hidden" class is very similar to Bootstrap's "sr-only" class. I would be interested to hear if others have implemented something similar. I would also love to hear from someone who uses a screen reader. Does it prevent the honey pot section from being read? References Better Honeypot Implementation (Form Anti-Spam) Honeypot Technique: Fast, Easy Spam Prevention Using the aria-hidden attribute mini.css Spam Bot Honey Pot example View the full article
  21. Back in hpr3289 :: NextCloud the hard way, I showed you how to install a Let's Encrypt SSL cert for use on your home network. One of the problems was the fact that the automatic renew tools won't work. Today I got a reminder email from Let's Encrypt and I used the exact same command to renew it as I did to create it in the first place. The tool is smart enough to know this is a renewal process. One thing I forgot to do last time was to remove the TXT record from DNS after I was done. So I had to delete the record and wait a while for the Time To Live (TTL) to expire. I set about doing a check list so the next time the process can be even faster. Run the command certbot certonly --manual --preferred-challenges dns Deploy a DNS TXT record under the name Finish the challenge. When successful, remove the DNS TXT record as it's not needed for another two months. View the full article
  22. This is an update on my previous episode hpr3179 :: MakeMKV to back up media. In the past month, has been updated to include Raspberry Pi support. Sources: MakeMKV on Linux post MakeMKV on ARM release It was a very uneventful "It's here" MakeMV on Raspberry Pi (ARM) Click the thumbnail to see the full-sized image wget wget Unpack both packages and starting from source package and do the following steps: For makemkv-oss package: ./configure make sudo make install For makemkv-bin package: make sudo make install Install ccextractor and necessary packages sudo apt install libtesseract-dev autoconf sysconftool git clone cd ccextractor/linux/ ./build nnn: command line file browser with vim-like keybindings Script to rip TV episodes #!/bin/bash #echo "Series?" series=Battlestar echo "Series: $series" echo "What Season is this?" read season echo "Season: $season" echo "Which disc # is this?" read disknum echo "This is disk #$disknum" echo "Starting with which episode?" read episode eject -x20 mkdir ""disc."$disknum" makemkvcon mkv --progress=-same --minlength=2100 disc:0 all ""disc."$disknum" cd ""disc."$disknum" #episode=1 episode=$episode for track in *.mkv do mv $track $series"_S"$season"_D"$disknum"_E"$episode.mkv episode=$((episode+1)) done cd .. Script to convert multiple episodes #!/bin/bash mkdir encoded for i in *.mkv do HandBrakeCLI --first-subtitle --subtitle-default=none -i $i -o "encoded"/"`basename -s .mkv $i`.mkv" done Before and after the rename loop Before rename After rename View the full article
  23. Our final issue of 2020 is hitting the stands at last! The Winter issue is now out, right in time for the start of spring. As you know, it was just about a year ago when things started to really hit the fan. We were faced with a very bleak future after losing virtually all of our retail sales outlets, but our readers stepped up and saved the day. While we're still a couple of months behind our normal schedule, we're steadily catching up with every new issue. If you don't want to head to a store, having 2600 come to your mailbox through a subscription is a great option. Or you can get the Winter issue sent to you individually. Our downloadable PDF continues to be a popular option. It's completely DRM-free! There's also the Kindle (U.S. and U.K. subscriptions, individual issues elsewhere), and the Nook. For all of our many digital options for this and other issues, click here. Finally, here is a list of stores that carry us. Sadly, a number of them have gone out of business, so be sure to check before making a trip. Let's all hope 2021 is a good one for all of us. Please protect your health and get the COVID-19 vaccine! View the full article
  24. NEW 'Off The Hook' ONLINE Posted 11 Mar, 2021 2:44:42 UTC The new edition of Off The Hook from 03/10/2021 has been archived and is now available online. "Off The Hook" - 03/10/2021 View the full article
  25. NEW 'Off The Wall' ONLINE Posted 20 May, 2020 0:05:26 UTC The new edition of Off The Wall from 05/19/2020 has been archived and is now available online. "Off The Wall" - 05/19/2020 Download the torrent here View the full article