Advertisements
Work started on a new PHP Fitbit library
16 Feb

Work started on a new PHP Fitbit library

Last year I spent a few months building my own Drupal module for Fitbit. All in the middle did everything I wanted from it, pulling all my stats into a database and producing the reports and stats I wanted most.

Problem is, I am not using Drupal anymore. As I’ve talked about before this site is pure HTML built using Node.js. So the site only needs rebuilt when I add or remove content but since information from Fitbit is as close to real time as makes no difference I’ve struggled to think of a way to reinstate the functionality I’d come to rely on – without rebuilding the site every couple of minutes.

I’m comes JavaScript. I’m in the process of rewriting the original Drupal module in a standalone PHP application. At present I’m goal is simply to reinstate the previous code. I already know there are new features available and Fitbit have improved some of their others APIs with more features and data sets, not to mention a host of coding bugs and better ways to do things but it’s best to work on one thing at a time.

Once the hard work has been done I’ll work on getting the information out of the database and to display it here again, then I’ll look at the arm long list of issues I’m sticking in GitLab.

As before I’m planning to realise the full source code on github.com, but I’d like to get the code at least functional first, if you cant wait of course drop me a note in the comments below and ill give you access to the code now.

A Linux Security Checklist
16 Dec

A Linux Security Checklist

I recently came across this article about securing yourself on a Linux machine – Security Checklist for Linux System.

It’s equally true about Windows users as well:

  1. Keep the system updated with latest security patches
  2. Keep yourself updated with latest vulnerabilities through mailing lists, forums etc.
  3. Stop and disable unwanted services
  4. Use SUDO to limit ROOT Access
  5. SSH security settings
  6. Tunnel all of your XWindow sessions through SSH
  7. Create only a required number of users
  8. Maintain a good firewall policy
  9. Scan for viruses and other malware!
  10. Configure SSL/TLS if you are using FTP
  11. Secure your communication with GPG
  12. Check file permissions across filesystems
  13. Bootloader and BIOS security
  14. Enable remote Logging
  15. Keep a good password policy
TrueCrypt
29 Nov

TrueCrypt

TrueCrypt is dead, long live TrueCrypt. In a move that shocked everyone on the internet TrueCrypt was taken down on May 28th 2014 and the official TrueCrypt website, truecrypt.org, began redirecting users to a page warning the software contained unfixed security issues.

This announcement caused a great amount of panic and speculation about one of the most popular cross platform encryption tools available. As the dust settled it’s become clear there are no known security problems with TrueCrypt but all development by the original authors has ceased and it is their opinion that to use unmaintained software would pose a security risk.

Don’t Panic

In part they might be right. If down the line a flaw in TrueCrypt is found they will not be fixing it, but as yet there is no such flaw and a full security audit is under-way. The audit is being carried out by iSECpartners and crowed funded by TrueCrypt users. While still in its infancy it has already completed work on the TrueCrypt boot loader and found nothing of concern. For those who don’t want to read the full report Steve Gibson of GRC.com did a fantastic breakdown for Security Now Episode 458.

Verifying the TrueCrypt v7.1a Files

Across this site I have used my OpenGPG key to digitally sign my downloads as a way of authenticating them. In this case I didnt want to sign the work of someone else and it would only have verified that the download was the one I intended for you to get.

Since paranoia is nothing to be ashamed of I’ve taken a leaf out of GRC’s book and provided SHA256, SHA1 and MD5 hashes for all my downloads which I have then digitally signed to prevent tampering.

Now, since I do not have another site I can host an independant copy of these hashes on I can only point you to the same place as GRC does. Taylor Hornby (aka FireXware) of Defuse Security is hosting a copy of the same files offered by GRC at https://defuse.ca/truecrypt-7.1a-hashes.htm. The best validation I can offer is the hashes of my files match exactly what is offered by GRC and serveral other independent archives.

TrueCrypt 7.1a Archive Repository

File Name Operating System
truecrypt-7.1a-linux-x64.tar.gz Linux/Unix [Download not found]
truecrypt-7.1a-linux-x86.tar.gz Linux/Unix [Download not found]
TrueCrypt 7.1a Mac OS X.dmg Mac OS X [Download not found]
TrueCrypt Setup 7.1a.exe Microsoft Windows [Download not found]
TrueCrypt User Guide.pdf N/A [Download not found]
truecrypt-7.1a-linux-console-x64.tar.gz Linux/Unix [Download not found]
truecrypt-7.1a-linux-console-x86.tar.gz Linux/Unix [Download not found]
TrueCrypt 7.1a Source.tar.gz N/A [Download not found]
TrueCrypt 7.1a Source.zip N/A [Download not found]

OpenPGP Signed Download Hashes

Install Oracle Java JDK or JRE 8u11
18 Jul

Install Oracle Java JDK or JRE 8u11

I do not format my desktop PC very often, I reinstall my laptop three or four times a month but not my primary machine. With almost every clean installation I have to lookup how to install Oracle’s Java instead of using the pre installed version OpenJDK.

Since I search for it so often I thought it was well past time I wrote a guide of my own.

What’s New in JDK 8

Java 8 is a major feature release on version 7. The updates are too many to go into great detail here, but Oracle have a full feature change log on their own site

Scope

This guide will tell you how to install Sun/Oracle Java JDK and/or JRE 8u11 on Fedora 20, 19, 18, 17, 16, 15, 14, 13 and 12 – I haven’t tested on all these version of Fedora, only 20 & 19, but Fedora haven’t change the process so much that this wouldn’t work on older versions. If you do find any problems, please let me know in the comments section and I will get the guide updated.

Install Sun/Oracle Java JDK/JRE 8u11

Download 32bit of 64bit RPM packages

Download the RPM files from Oracle’s download page. Depending on your system, 32 or 64bit, download:
* 32-bit JDK download jdk-8u11-linux-i586.rpm
* 64-bit JDK download jdk-8u11-linux-x64.rpm
* 32-bit JRE download jre-8u11-linux-i586.rpm
* 64-bit JRE download jre-8u11-linux-x64.rpm

Install the RPM packages

Next just install the RPM package you’ve just downloaded using one of these commands

Set the newly installed Java as the system default

Now that your Java 8u11 is installed you need to tell Fedora to use it by default. The alternatives simply created links from the system default paths to the new java installation directory

Install Browser plugin for Firefox

Most people do not need to do this, I never do. If you dont know you need java inside your browser skip this step – you can always come back to it later if you find you need to run java from within in Firefox.

Set up Java Development Kit

You only need this if you installed the JDK. These two commands, javac and jar, are just used to complie java code and package the result files for distribution.

If you need to run multiple versions set 8u11 to the default

In the steps above you have replace the already installed version of Java with 8u11, but you havent removed it. If in future you install 8u12, but still want 8u11 to be your default you can specifiy the version of java to pass to alternatives instead of using latest.

JRE Users

JDK Users

Make sure its all worked

Just a quick check to see its all work as you expect

Post Install

You now have Java installed, the last thing to you need to do is make sure you have the JAVA_HOME environment variable set on your system.

You can do this per user by adding the above to $HOME/.bash_profile or make it a system wide setting by adding it to /etc/profile

Switching JRE

Now you have installed Oracle Java, and used alternatives to set it as the system default, you may come across occasions when you need to switch the system back to OpenJDK. You can use the alternatives command with the –config argument to set things up the way you want.

java

javaws

libjavaplugin.so (32-bit)

libjavaplugin.so.x86_64 (64-bit)

javac

Let’s celebrate
29 Oct

Let’s celebrate

The biggest problem I’ve had with this new blog idea was posting. Unlike WordPress Drupal doesn’t support mobile content creation naively and not a lot of people are working to add support.

Mostly this is because Drupal 8 will already have support built in. I have however been working to support it myself. I can now post directly from email.

To celibate this I wanted to share this screenshot. My weight trend has finally stopped increasing, now I just have to get it going down.