De-google-ify Internet

Found this site on https://lobste.rs. Has so great, open alternatives to proprietary services: FramasoftDe-google-ify Internet.

The Framasoft web site also seems to have some great information on this topic as well.

A network dedicated to globally promoting “free” and particularly free software.
Many services and innovative projects freely put at the disposal of the general public.
A community of volunteers supported by a public interest association.
An invitation to build together a world of sharing and cooperation.

Setting Up Media Drive Sync

I have two external hard drives for my media, one to hold all of my downloads, & the second attached to an Nvidia Shield TV which I use as a Plex server. Since getting Plex setup there, I’ve been looking for a way to keep both drives up-to-date so that I don’t have to manually copy files to each drive when I download. I’ve been trying to get rsync running on the Shield, but then remembered Syncthing. Because of the amount of data, the initial check is going to take a few days, but I’m hoping this will be a good way to keep the drives updated.

I’ll have a follow up post to discuss how I actually got it setup (assuming it works) once the initial check is done.

Another 15 hours to go…

Rebuilding Laptop OS

So I made the mistake of attempting to get 2FA setup to login to my Ubuntu MATE laptop (i.e.: Linux.com: How to Set Up 2-Factor Authentication for Login and sudo). Well, that didn’t go well. I’m pretty sure I had the same problem this time around as the last time — since my Home directory is encrypted, login couldn’t read the Google Authenticator config from my ~/.config/. Ended up locking myself out of my system, couldn’t access my encrypted home drive & ended up blowing my system away. Fortunately, I don’t usually save oo much to my local drive (for reasons like this) but I did lose some simple image work I was doing, so that kind of sucks…

Regardless: learned my lesson & will not be messing with 2FA on login for the foreseeable future =]

S Symbol: White: Cyan Glow
Recreating some of the icons I was working on before the wipe.

FINALLY: A Good Password Management Article

DreamHost recently posted an article on their site about password management: DreamHost: How to Create Strong Passwords to Keep Your Website Safe. Just the list of points is much better than what I’m used to seeing:

  1. Make your password long.
  2. Don’t use a common phrase.
  3. Test your password.
  4. Don’t reuse your password.
  5. Use a password manager.
  6. Don’t store passwords in your browser.
  7. Follow the rules every time.
  8. Use two-factor authentication.
  9. Consider the Passphrase/Diceware Method.
  10. Use security questions wisely.
  11. Keep an eye on your smartphone.

I still have to actually read the specifics for each, but that list alone is a great guide on modern password management.

iOS’ USB Restricted Mode “Loophole”

Everyone seems to be trying to point out this “loophole” as a huge deal, getting in the way of the new feature in iOS 11.4.1 that disables the USB port for anything but charging if the device has been locked for more than an hour (or S.O.S. mode is activated on the device).

The “loophole” that people are calling a flaw is that if certain Lightning-connecting accessories are connected within the one-hour window, the timer is stopped. This does not apply to all lightning accessories, as the Lightning-to-3.5mm jack accessory does not reset the count. Apple’s Lightning-to-USB 3 Camera Adapter, however, is one of the accessories that stop the countdown. This makes perfect sense, as it allows the user to connect an accessory without the need to unlock first. If the device is in a pocket, then said accessory can just be connected. It would be one thing if Lightning accessories were trusted the same way as computers are, but that is not the case here. There is no cryptographic key exchange when connecting accessories so the device doesn’t know one accessory from another, without manufacturers making changes to their products.

This is a great step forward, making it much more difficult for attackers & warrant-skipping authorities from having virtually unlimited time to try & crack a device. Here I’m specifically thinking of the GrayKey device & any other services offered by shady companies for unlocking iOS devices.

Screenshot showing the new USB Restriction setting.

Magisk on Project Treble ROMs

So it looks like LineageOS 15.1 for the Xiaomi Mi MIX 2 is now Treble supported, which is apparently leading to Magisk issues, at least for me…:

Archive: /sdcard/Magisk-v16.6.zip
inflating: META-INF/com/google/android/update-binary
inflating: META-INF/com/google/android/updater-script
inflating: arm/magiskboot
inflating: arm/magiskinit
inflating: chromeos/futility
inflating: chromeos/kernel.keyblock
inflating: chromeos/kernel_data_key.vbprivk
inflating: common/addon.d.sh
inflating: common/boot_patch.sh
inflating: common/magisk.apk
inflating: common/util_functions.sh
inflating: x86/magiskboot
inflating: x86/magiskinit
inflating: META-INF/MANIFEST.MF
inflating: META-INF/CERT.SF
inflating: META-INF/CERT.RSA
************************
* Magisk v16.6 Installer
************************
- Mounting /system, /vendor
mount: can't find /vendor in /etc/fstab
! Cannot mount /vendor
- Unmounting partitions
Updater process ended with ERROR: 1
I:Install took 4 second(s).
Error installing zip file '/sdcard/Magisk-v16.6.zip'

Hopefully there is a simple fix for this, but for right now, it looks like I’m stuck with root-less. XDA appears to be having issues as well, so I can’t look for my answer there. I guess that’s what I get for not reading changelogs before flashing 😉

EDIT: 20180710-0900: So of course it was a simple fix… Just needed to update TWRP to the latest version, for me that’s: v.3.2.2-1.
I got some help from Jerry981028 on GitHub, who let me know what line supported recoveries need to have for Treble support: Android-Jerry/android_device_xiaomi_mido-twrp/twrp.fstab

Instagram Feed

I’m trying to use the Instagram account I created for the site more, so I’ve added a feed to the Social Media page of the site. An example is also below: