The Dangers of Open Spots
01 Feb

The Dangers of Open Spots

All over the web you will see people telling you the internet is an unsafe place to be, but the biggest danger doesn’t come from some one sitting at home intercepting your connection to your bank or Facebook. It comes from someone sitting in the same coffee shop as you getting between you and the internet, what’s known as a ‘man-in-the-middle-attack’.

This illustration shows what a normal Internet connection should look like:

Standard Internet Connection

As you can see the green and red lines represent unchanged traffic between you and the internet.

But in a man in the middle attack it would look more like this:

Man-In-The-Middle Connection

In this case you are sending traffic to a third party, connected to the same router as you, and they are sending that on to the internet. They receive a response back and forward that on to you. This allows them to rewrite any web page or email before you see it and they can see any passwords you are sending.

Having an HTTPS connection can go along way to protect yourself from this kind of attack but it’s not perfect. If a man in the middle can intercept all your traffic they can intercept your connection request offer you a secure connection with them and create a secure connection to the remote host.

SSL Certificate Shield This is part of the reason we use Certificate Authorities. While the man in the middle can offer you a secure connect to their fake site, they can’t fake the signature. So if everything is working correctly your browser will throw up an error an encourage you to click away, but as users we’re trained to push past these without ever reading them or paying attention.

Another way this fails is when a certificate authority, whom your browser trusts, looses control of their keys. In effect a hacker can now create fraudulent certificates for any site they like and your browser will accept it quite happily. At least until everyone updates their browser.

There are a number of solutions to this each with its ups and downs. The one the industry is favouring is EV certs. These are special certificates that in most cases turn your browsers address bar green.

It’s important to understand what this EV certs actually does. It is cryptographically no more secure than a self signed certificate but it has better authenticity. Before any certificate authority can issue you with an EV certificate they have to perform far more checks on who you are, and that’s what you pay for.

A regular certificate lasting one year will separate you from between £9.99 and £175.00 of you hard earned cash but an EV certificate for the same twelve months would set you up back £249.99 and £1000.00.

While EV certificates are a solution, and a good one, they still rely on the website you’re visiting doing the hard work, and paying the fee. So we need to look at more practical solutions a user can do.

One of the best, and easiest, is only accessing the internet from a trusted router. So you can stop using any public wifi, easy. A slightly less extreme way would be if we could access the internet from our home router all the time, from where ever we are.

Raspberry Pi So how do we access the Internet from home when we’re in a coffee shop on the other side of the city? Like everything there are lots of solutions but the main one would be a VPN, like OpenVPN. Like all servers you have to be running it on your home machine at all times, just in case you want to connect to it. Not cost effective and a waste of electricity, but we can use a cheaper form of computer like a Raspberry Pi, I’ve already posted about the running costs of a Pi but it’s usually in the region of £4.60 to £10.52 per year.

This is the solution I’ve decided to go for since its open source and supports all versions of Linux, Windows and even had an Android app.

In the next article I’ll start by talking you through the initial setup of the Raspberry Pi then we’ll move on to installing OpenVPN and finally getting your laptop and Android connected.

07 Dec

MyFitnessPal – Record Water

I’m in the mood for something a little different. So will I’m walking here on the treadmill this afternoon I thougnt I’d share what I’ve been working on. We all know I am a huge fan of MyFitnessPall but a little disapointed there isnt a public API I can write too. So I’ve written a couple of bash scripts I now run on from my Android, these mimic key inputs. Once again, my life is automated!

The first script records water drank, simple pass it a number and it’ll record that number of glasses of water – really simple

The second one completes the days diary. Two very simple scripts, but there are catches. You must have a rooted phone, and you have to be using the Nexus 4. If your not on the Nexus 4 you can edit the first section and update all the X Y codes.

Quick simple and easy. I hope you enjoy!

Record X glasses of water

Complete the days diary

24 Nov

Sunday – Week 3 Day 7

Well its Sunday again Its been another 7 days and according to my records I weigh slightly more than last week, but only by 0.2kg’s so not much. Thankfully yesterdays 80kg looks like it was only a blip.

Having taken yesterday to ‘state my intentions’ for the week I thought tonight could be something different. Its often come up why I keep this blog and why its so important to me to post each day.

This site is may not be the most exciting blog recently but there will be more technology related content soon, but for now my focus has been here, my own weight loss and building a healthier self.

This goal has lead to allot of changes in the site. First of all I have put allot of time and effort into my Drupal Fitbit module, which is responsible for pulling all my records directly from Fitbit and displaying the information I want. Second is the fact I can now post content from email. All I do now is email the site and Drupal will post to my blog, including any images I attach.

While these are good side affects they are not the reason I started this project. I have been trying to lose weight since June and as you can see from TrendWeight the first few months were easy. My weight plummeted from 83kg’s to 76kg. An amazing change, but it wasn’t sustainable as the graph shows. Since August I had all but stalled. For three months there is very little change. Then, October 14th it all went wrong.

My weight started creeping up again. As far as I could tell I wasn’t doing anything different, but I was. I had gotten complacent. My exercise had stopped and I was eating junk again because its there. So I needed a change and blogging was the way I’ve taken it.

My intention with this blog is to add a level of accountability to my self if no one else. I aim to post each night and probably spend more time on my own health page than all my other visitors combined. I’ve also made use of the power in my Android phone to combine Tasker and Zooper to give me a live progress bar through the day. You can see in the screenshot I’ve attached from my home screen, just to the left “November” are three red lines. There is actually four and the goal is for each line to have disappeared by the end of the each day. It doesn’t always work but seeing it each time I look at my phone has provided a surprising level of motivation and I use all this information to summaries my achievements and short comings each day. I never want a change in the trend to catch me unaware like before.

I don’t know if anyone else follows along with me, but I hope if you are

15 Nov

Android 4.4 KitKat is here

It feels like I’ve been waiting on this arriving for ever, but its only been 8 months. KitKat is finally been release to the previous Nexus devices and so far I’m happy with my experience.

I’m yet to decided if I like using Hangout as my primary SMS app but it could grow on me. Other than that i have nothing but good things to say about my KitKat so far.

06 Nov

Wednesday – Day 3

Another day gone by, hump day in fact. Half way through my first week and there have been no bad days as yet and today was the first day there was no snacking which as you can imagine is a big step and one I’m very proud of.

Tomorrow is the LUG meeting so I’m taking the day off, which means the only things that get logged in MyFitnessPal will be what is reported by my Fitbit and my water drunk.

In unrelated news I’ve been playing with a new Android home screen. GoLauncher is, so far, really fast and responsive but I’m yet to scratch the surface so might report back more – under a more appropriate category – tomorrow.

25 Oct

A Hacker’s Diet

Its a strange thing, that first morning, when you look in the mirror and ask yourself “What happened?”. For me this was back in March 2012 but denial was a large part of the problem at the time. Still I made the decided it was time for a change, but where do you start?

While on a skiing trip I decided the first step was exercise, the mantra “Move more, eat less” was my starting point. To that end I got a treadmill. Now when you set out to make large life changing decisions the problem is follow thru, remember I’ve had almost thirty years to get to build up my bad habits and the idea it would stop over night was a short lived illusion. For the most part the treadmill sat unused for the majority of the next few months, until I built a desk for it. Now I was able to work on my laptop from the treadmill and during the summer of 2012 I was on it most mornings before work, I’ve always been an early riser but now my alarms went off at 5am.

So far so good. Now we have the problem of feedback. Despite a regular workout schedule and eating a lot better I had no way of tracking my progress and by the winter the 5am wake up calls were growing tedious and my schedules became more relaxed until by the start of 2013 the treadmill was once again unused.

So here I was another year and back to where I had started. Once again sitting in a chalet in France after five days skiing I decided I’d had enough and would try harder. I knew where the problems lay and searched for a way to get better feedback for my efforts, since I am a huge android user and never leave my phone unattended this was the route I took.

Since May 6th 2013 I have been tracking my progress thru my Android using the applications listed below:
1. Fitbit – For tracking my daily “calorie deficit” and BMI. I have a Fitbit One and a set of Aria smart scales that I now use daily. I also make full use of the Fitbit developers API to build integration directly into this site.
2. MyFitnessPal – To manually enter all food eaten and water drank. Weight loss and exercise is pulled from Fitbit automatically.
3. Runtastic – Manually enter workouts, everything except walking. Again information from here is automatically push to Fitbit where it is sent to MyFitnessPal.

With this post I hope to start a new trend of reporting and accountability to toward anyone who shares my goal and follows along, if not then to myself. This section of my site, NxFifteen after all encompasses everything I do – not just fitness related, will be made include my progress and hurdles I find along the way.

Since May I have lost 10kg’s, my goal is to lose another twenty two bringing me down into my BMI of 57kegs. However I do not want to do this ‘on the quiet’ and MyFitnessPal, Fitbit and Runtastic are all community sites, please feel free to add my on either site or leave a comment bellow. I will keep this site updated along my journey.

31 Aug

No Tasker Sunday

No Tasker Sunday But there is good things coming

This has been a busy week for me. At the end of last week I asked the Tasker Google+ community for some ideas of what they would like to see, and the first lesson I took away from that was – I should have asked sooner than Thursday!

The community have some fantastic ideas just waiting for Tasker, but there is no way I can do them any justice by “Tasker Sunday” so instead I offer you this post as my mitigation.

Over the next few weeks I intend to push out the first of these ideas +J Pearson gave me. Like many self employed contractors he wanted a way to get Tasker to record and track his work using voice inputs, something like:

Then at the end of the month/week be able to pull out a report of who you need to bill and for how much.

When I mentioned this idea to a few other it has definitely struck a cord so I’m going to make this my first task, although it will probably turn into a project with multiple tasks and actions.

The Futures Bright The Futures Tasker

The next thing on my ‘agenda’ is a new idea I came up with yesterday. Since Android 4.3 came out I’ve seen allot of people use the input command to mimic screen touches and swipes, this is perfect for working with applications that have no Tasker interface or public APIs you can get a hold of. The problem is any input command used is specific to the screen its been recorded on, something I do on my Nexus 4 has no hope of working on the Nexus 7 or HTC Sensation without rewriting the co-ordinates.

My idea is to create some kind of query database that will return the correct location. For example, and these are only examples off the top of my head mind you, to click the send button in the Gmail add you would ask for the location by passing “deviceid, app, button name” this would return “123,456” for the Nexus 4 and “789,012” on the Nexus 7. As this obviously a new idea there are allot of problems still to workout, like: some form of local caching, a unified naming scheme for buttons and a way for the community to input new devices and new locations. Lets just say, this will be a long process – if you have any ideas about it please drop me a line.

Before you go I wouldn’t want to leave you without

Now, seeing as I’m not posting any Tasker projects today I don’t want to leave you without. +Tasker by Ryoen has posted a fantastic and easy to follow example of using +João Dias’s AutoVoice and the new AutoApp, still in beta, to open any app just by saying its name. Hope you enjoy this

The Three Strike Rule
20 Aug

The Three Strike Rule

Three Strike Rule means if you need to talk to me, keep calling. If not text

This is just an information page. If you’ve come here from a text I sent after you tried calling me I hope this page will give you a little of the background to why, and show you how to get around it.

Some time ago I realised that simply putting my phone on silent at night was limiting and could cause more problems than it was solving if for any reason some had to get in touch with me. Being of a programming mentality and a heavy Tasker user I created a system so that while my phone is still on silent some calls can get threw.

I call it the Three Strike rule because, as the name suggests, you simple have to call me three times and on the third call the phone will ring.

The project its self has it’s own page, Inbound Call Filter, so I don’t want to go into allot more detail here. In a nut shell, if you need to talk to me keep calling and you will get threw. If you’d prefer just text.

Inbound Call Filter – Version 2.0
20 Aug

Inbound Call Filter – Version 2.0

Thanks to some feed back from +Mike Lombardi over on the Tasker Google+ page I’ve updated my project a little.

Instead of using a text file on the SD card to keep track of incoming calls I now use two arrays, one for the phone number and another to record the number of calls. I am still using the SD card to store the ‘canned’ response texts, I have thought about making this variable based as well but I’m not sure about the performance implications.

The situations when a text will be sent are very small, first it realise on someone calling while the profile is active and second they have to be calling from a recognised mobile. My understanding of Tasker would require a global variable like this it exist in memory all the time, this may not seem like allot but it doesn’t feel necessary. Plus with the current set-up to increase the calls required will only need to add a new file and update the counter in Tasker so you could make people call 10 or 12 times. Having that many responses in memory would become cumbersome.

You can get the updated details over on the project page

Inbound Call Filter
18 Aug

Inbound Call Filter

Updated 2013-08-20

Thanks to some feed back from +Mike Lombardi over on the Tasker Google+ page I’ve updated my project a little.Instead of using a text file on the SD card to keep track of incoming calls I now use two arrays, one for the phone number and another to record the number of calls. I am still using the SD card to store the ‘canned’ response texts, I have thought about making this variable based as well but I’m not sure about the performance implications.The situations when a text will be sent are very small, first it realise on someone calling while the profile is active and second they have to be calling from a recognised mobile. My understanding of Tasker would require a global variable like this it exist in memory all the time, this may not seem like allot but it doesn’t feel necessary. Plus with the current set-up to increase the calls required will only need to add a new file and update the counter in Tasker so you could make people call 10 or 12 times. Having that many responses in memory would become cumbersome.

Inbound Call Filter

This is an idea, like most, that came to me at 2am during a restless night. Like most Tasker creations it started with a simple problem. When I put my phone to sleep it goes silent till 5am, so what do you do if someone needs to reach you? What put the idea in my head was a text from my flat mate saying he’d left his keys at home and needed me to leave the door unlocked. In his case it was luck I was up late and got the text.

My first approach was a simple white list but this has limitations because in affect you are only white listing a phone number and not the person. So they could have a dead battery or taking this situation to its worst case, like most 2am thoughts tend to end up, a hospital or EMS team are now trying to phone you these are not numbers you are going to add to any white list so the first you’ll know is 5am when you check and see missed calls.

So I wanted a new solution. It struck me to use the same approach as in some firewalls and creating a kind of grey list where people can gain access to the white list by performing an action. At first I thought text but again that relies on the caller being on a mobile, so I went with calling.

My new Tasker profile will allow anyone to activate the ringer by calling me three times. On the third call the phone starts to ring, at full volume. The extension to this idea is to allow the phone to continue ringing when the same person calls again. I also wanted to let people know what’s going on by text but seeing as there’s no point in texting a land line we only text mobiles, in the UK that means any number starting 07.

This profile triggers on incoming calls and checks a folder on the SD card for a text file with the same name as the incoming number, we’ll call this the call counter. If there is no file the call is ended and a new file is created and the number 1 is written to it. We then read a text file called call.1.txt and text the caller back. If they call again we continue the process.

During the second, which we know is the second call because of the text file we created before, we again end the call and text back the contents of call.2.txt and increment the call counter file.

Now like all good processes we reach the third call. At this point the call counter file has the value 2 in it so the phone rings, at full volume. The process is the same for the 4th call and so on until you delete the file and the cycle continues. Personally I delete them every morning, but it’s a personal choice thing.

Download the project file below and import it into Tasker then just activate the the profile when you want to limit your callers. Let me know if you find any problem or can think of any improvements I can include

Rooting the Google Nexus7, in Linux
20 Mar

Rooting the Google Nexus7, in Linux

In a previous post I talked about installing CyanogenMod 7.1 Alpha 3 on my HP TouchPad, but since Santa was very nice to me this year I now have a Nexu7, and of course I want to root it. Most of the toolkits and instructions I found talked about doing this thru Windows, but I’m a Linux guy and don’t want to install Windows for what will take less than an hour. So further Googling came up with a way of doing it thru Linux.


Like every site before me, be warned. Follow this guide at your own risk. Rooting, unlocking and installing new ROMs does invalidate your warranty and risk causing damage to your data and/or device. While nothing bad has happened to me followed these instructions, you can’t discount the idea entirely. So BACK UP YOUR DATA – If you don’t Murphy’s Law says you will need it

The Toolkit

There are alot of ways to ‘manually’ unlock your device, but all the ones I was able to find involved downloading the Android SDK. This is a good way to do things if you ether know what your doing, or want a better understanding of the steps involved. However I wanted it done quick, and at the time I was on my netbook and seen no need to install the entire SDK. So I chose to use a toolkit.

The next problem was finding one. The vast majority of kits run under Windows, as previously stated I’m a penguin at heart and needed to find a Linux kit. tatelucas, member of the XDA-Developers forum – if you’ve never checked it out you really should – was there with the solution: Universal Nexus Linux Toolkit, formerly named galaxy-nexus-linux-toolkit. At the time of writing his toolkit supports the

  • Nexus 4 mako
  • Nexus 10 manta
  • Nexus 7 (WiFi) grouper
  • Galaxy Nexus (GSM) maguro
  • Galaxy Nexus (Verizon) toro
  • Galaxy Nexus (Sprint) toroplus
  • Nexus S (worldwide version, i9020t and i9023) crespo
  • Nexus S (850MHz version, i9020a) crespo
  • Nexus S (Korea version, m200) crespo
  • Nexus S 4G (d720) crespo4g

however I have only tested it on the device I have, the Nexus 7 grouper. This toolkit allows you to unlock and re-lock the bootloader, get root access, install ClockworkMod recovery both touch or standard version and, if you feel the need, reinstall the Google stock rom.

Requirements So what do you need?

  • Android Debugging Enabled
  • Universal Nexus Linux Toolkit – The best method for this is using git, but you could also browse the repository down manually download the files, I will be using git

Downloading from git Just in-case you don’t know how

Getting Root

Now that we have a copy of the files, in my case stored in “~/RootNexus7/galaxy-nexus-linux-toolkit”, change to the stable source, the folder called “stable”, and we can start the install.

From this point on the installation is straight forward. Tatelucas has made the interface really easy to use and the on-screen instructions detail each option and tell you want you need to be doing on the table.

Now you have root

If everthing worked as expected you should now have root access to your Nexus. The first thing I would recommend you do now is install a proper/full backup package. My app of choice is Titanium Backup ★ root. After that… do a little Googling, the platform is now your oyster – enjoy

If you like this toolkit, why not buy the developer a coffee?

Donate to tatelucas with PayPal

Installing CyanogenMod 7.1 Alpha 3 on my HP TouchPad
24 Feb

Installing CyanogenMod 7.1 Alpha 3 on my HP TouchPad

I have just finished installing CyanogenMod 7.1 Alpha 3 on my HP TouchPad. Its gorgeous. I cant say I ever become a fan of WebOS, unlike some I’ve talked to it never grew on me and the rare times when I did want to make use of it the App Market was far too over priced and in my experience limited, but now with Android the device ‘sings’

The install was a breeze in the end, all the same here are the steps I went threw. I never needed to do any disaster recovery so I don’t list any. How ever I would highly recommend anyone interested in doing this to read the FAQ at before going any further it contains all the disclaimers and alpha-software warnings you would expect as well as an in-depth list of disaster recovery options.

The Install Instructions for a fresh install

  1. Prepare your PC for the installation by downloading the Palm SDK from the HP website. The site has full easy to follow instructions for Linux, Windows and OS X users so replicating them her seems redundant. Once you have installed the the SDK you can continue with the steps listed bellow.
  2. You now need to download the required software. At the end of it you will end up with the four files:
    • – RootzWiki Forumi
    • – RootzWiki Forumi
    • – RootzWiki Forumi
    • – Moboot Projecti
  3. If you wish to have access to the extra Google apps, like Gmail, YouTube or the Android Market you will have to download the latest gApps installer from the CyanogenMod wiki site
  4. Unzip the file. On Linux systems you can leave it where you downloaded it too, but in Windows at least it will make like a little
    easier if you move the unzipped file to the same directory you installed the Palm Novacom SDK to. On my VirtualBox machine it is C:\Program Files (x86)\Palm, Inc but I’m running a 64bit system, in 32bit the directory will probably be C:\Program Files\Palm, Inc
  5. Now connect your TouchPad using its USB cable to your PC. The TouchPad will notifiy you that its detected a new USB connection. Tap the symbol to mount the tables SD card on your computer.
  6. Open your file manager and on the root level of the SD card create a new folder called cminstall. Into this new folder copy the zip files you
    downloaded before, do not unzip them and don’t copy file, just leave this file on the PC for now. Once your done the contents
    of your new “cminstall” folder should be:

    • – *You only need this if you’re planning to install the extra Google Apps
      7.You now need to reboot the TouchPad. Make sure you eject the TouchPads SD card correctly from your PC, some systems delay writes to external USB devices to speed things up.
      Once the TouchPad has been removed follow these steps to reboot it, while the USB cable is still connected:
    • Press the Home Button
    • Bring up the Applications List
    • Select the Settings Tab
    • Open Device Info
    • Press the red Reset Options button at the bottom of the screen
    • Press the grey Restart button at the top of the screen
  7. As the TouchPad reboots the screen will turn off, as soon as this happens press and hold the Volume-Up button. Keep holding it until a USB icon fills the display. After a few second your computer will recognize the TouchPad.
    • Under Linux, open a terminal and change directory to the where you unzipped the file
    • Under Windows, open a command prompt and change directory to where you installed the Palm SDK:
    • Open the start Menu
    • Type cmd (no quotes) hit enter
    • A black and white terminal window should have opened
    • To change directory, type cd c:\PATH for me the path is C:\Program Files (x86)\Palm, Inc so I typed: cd C:\Program Files (x86)\Palm, Inc


  8. On both systems enter this command novacom boot mem:// < ACMEInstaller
  9. Make a cup of tea. That’s really all there is to the install. It will take a few minutes but once its done the TouchPad will reboot into Android