10 November 2015

Facebook & privacy

Facebook & privacy: something that comes up in the new often. Anyone who knows a little about how Facebook "makes" money, would say that these words are a perfect example of antonyms!
BBC reporting on another challenge Facebook is facing in Belgium due to its practices related to how they use cookies for users (even users who are not logged in to Facebook). A quote from the full article:

They conducted a series of tests including one where they did a Google search for the term facebook data policy. It led them to the Facebook data policy page which placed the datr cookie on their browser.

They then visited a Belgian website related to prostate cancer treatment which includes a Facebook like button and found that the datr cookie was sent to Facebook.

There was no formal notice regarding any cookie being stored.

Even without using cookies, a user's browsing habits can be tracked as web browsers can be identified by various ways to render each user's browser (and hence browsing trail) to be unique. To read more about this read Panopticlick.

To keep such sites from harnessing your data, here are some options:
  1. Use Tor Browser when possible
  2. Use Firefox with plugins*: Adblock Edge, Privacy Badger, HTTPS Everywhere, and NoScript.
  3. Use Firefox with above plugins in a Linux VM

* - the list of plugins is not at all exhaustive, you are advised to do your research and choose which ones are required for your case

14 October 2015

CloudATclost.com VM 60% off

Ordered a "one-time" billing VM from cloudatcost.com today. It was their Developer 2 setup. Currently the site shows 50% off i.e. $35 instead of $70. I just happened to view their member page and saw a post about 60% off using code CAC606060 valid for only 9 Oct 2015.

I tried it and the Dev 2 setup one-time fee came out to $28. Enjoy the extra 10% off while it works.

Enabling HTTPS for blog

Just noticed that https was available for blogger.com blogs. It has been enabled. Use url: https://ksvichaar.blogspot.com as there is no automatic redirect from http:// (yet).

Note: there might still be mixed content on the blog, it will be updated as time permits.

8 April 2015

Firefox 37.0.1 - Is insecure content blocking new?

I got the upgrade notification for Firefox yesterday and as normal, I clicked on "Restart" to upgrade Firefox to 37.0.1. After the upgrade, I noticed a change: some CSS content was not showing on normal sites and hence had a lot of portions of the page (mainly background) as white!

I thought it could be something to do with my browser after upgrade, so I restarted it again. No change. After checking for new features, nothing was to be found. Then I noticed the "shield" icon on the left of the address bar and clicking it explained it all (see image below). The content was being blocked by Firefox as it was not using https:// on that secure page.

Is this is a new feature in Firefox? Ideally it would be more secure if every secure page had just securely linked components but this can be quite annoying to users if there is no clear warning to the user. Even though I'm familiar with a fair bit of Firefox technical details to be able to troubleshoot my issues, regular users will be stumped!

24 March 2015

Intel 530 Series SSD trumps Kingston V300

I have two SSDs in my Debian GNU/Linux box. One is an Intel 530 series SSD and second is the Kingston V300 SSD (both are 240GB). The experience with Intel 530 series has been great while Kingston V300 has been flaky at best.

On the Intel, I have been able to update the firmware without any issues as they provide a bootable ISO file for all operating systems [
Intel SSD Solid-State Firmware update tool page]. While Kingston is only provides an .exe file for upgrades. On reading their upgrade instructions, the details include supported operating systems as Windows 8.1, Windows 7/Vista, Windows XP only! Does Kingston think that users only use Windows operating system or are they targeting their SSDs to only Windows users?

Even though my drive came with the 520 firmware version as opposed to 506/521, I will neither buy a Kingston SSD or recommend anyone to purchase it either. It does not matter if they are switching between synchronous and asynchronous NAND, not supporting non-Windows users is just not acceptable in the times of Android/Chrome OS.

PS: I have the Kingston V300 240GB SSD was only because it was purchased for someone else (Windows user) and he didn't want it in the end.

23 March 2015

Logitech K380 HTPC keyboard

I recently got a Logitech K830 HTPC keyboard. Have not got a lot of time to play with it but here are some quick observations:

+ just WORKS with Linux (Kodibuntu = Lubuntu 14.04)*
+ Illuminated keyboard **
+ mouse pad on the keyboard
+ mouse pad recognises multi-finger gestures on Linux
+ well made: sturdy, and slim
+ unifying remote
- no indicator for Num/Caps lock
- non-replaceable battery

Has anyone tried to open it up and see what kind of battery it uses? From experience of using other mouse with unifying remotes, I expect it to last a long time between charges.

One thing that I can't understand is the illumination of multi-function buttons. One the product page, Logitech show the red/orange text illumniated (see image below) but mine does not. Is it a software function?

PS: this keyboard is a huge improvement in quality over the k360 graffiti family.

* - official specs on Logitech site do not list Linux as a supported operating system. Custom keys might not work, but the rest functions perfectly.

16 March 2015

Updating Flasplayer in Debian GNU/Linux

Check for latest version
user@localhost $> sudo update-flashplugin-nonfree --status
Flash Player version installed on this system  :
Flash Player version available on upstream site:
flash-mozilla.so - auto mode
  link currently points to /usr/lib/flashplugin-nonfree/libflashplayer.so
/usr/lib/flashplugin-nonfree/libflashplayer.so - priority 50
/usr/lib/gnash/libgnashplugin.so - priority 10
Current 'best' version is '/usr/lib/flashplugin-nonfree/libflashplayer.so'.
So a new version is available. To upgrade, use following command:
user@localhost $> sudo update-flashplugin-nonfree --install
--2015-03-16 00:21:59--  https://fpdownload.macromedia.com/get/flashplayer/pdc/
Resolving fpdownload.macromedia.com (fpdownload.macromedia.com)...
Connecting to fpdownload.macromedia.com (fpdownload.macromedia.com)||:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 7244055 (6.9M) [application/x-gzip]
Saving to: ‘/tmp/flashplugin-nonfree.tsRdJVFLnj/install_flash_player_11_linux.x86_64.tar.gz’

     0K .......... .......... .......... .......... ..........  0%  674K 10s
    50K .......... .......... .......... .......... ..........  1%  561K 11s
   100K .......... .......... .......... .......... ..........  2%  687K 11s
   150K ..........

    ........ ........ snip ....... ........
   7000K .......... .......... .......... .......... .......... 99%  548K 0s
   7050K .......... .......... ....                            100%  917K=12s

2015-03-16 00:22:11 (613 KB/s) - ‘/tmp/flashplugin-nonfree.tsRdJVFLnj/install_flash_player_11_linux.x86_64.tar.gz’ saved [7244055/7244055]

Check version again:
user@localhost $> sudo update-flashplugin-nonfree --status
Flash Player version installed on this system  :
Flash Player version available on upstream site:
flash-mozilla.so - auto mode
  link currently points to /usr/lib/flashplugin-nonfree/libflashplayer.so
/usr/lib/flashplugin-nonfree/libflashplayer.so - priority 50
/usr/lib/gnash/libgnashplugin.so - priority 10
Current 'best' version is '/usr/lib/flashplugin-nonfree/libflashplayer.so'.

Latest version installed.

In Mozilla Firefox, to check if it is using the latest version, open page about:plugins. If it is not the latest version, close Firefox completely and restart.

Reference & details see: FlashPlayer [wiki.debian.org]

11 August 2014

TorBrowser 3.6.3 no browser window behaviour

Since upgrading to TorBrowser 3.6.3, I have noticed that after the first session when I tried to restart TorBrowser, Tor would show that connection was made but no browser window would come up! Both tor.exe and firefox.exe *32 processes show in task manager though.

One option is to go back to 3.6.2 as the Tor version hasn't changed as suggested by some users on the announcement blog post (see comments). However, as 3.6.3 contains several security fixes for Firefox, I wouldn't suggest downgrading.

The second option: delete the lock files in "Tor Browser/Data/Tor" and "Tor Browser/Data/Browser/profile.default/". After this the TorBrowser brings up the browser window as it should.