Content-Security-Policy: block-all-mixed-content

If you are running a secure website, it’s a good idea to prevent non-secure assets from being included on your page. This can often happen through the use of content management system, or even through website vulnerabilities. A simple change in HTTP headers will help browsers to defend against them.


Content-Security-Policy: block-all-mixed-content

Most modern browsers, except MSIE, currently support this approach.
– Firefox 48+

REFERENCES

Ashley Madison data dump

This topic has been in the media ALOT lately, for the less technical individuals here’s a simple way to get at the information.

For (mostly) anonymous access to the ‘dark internet’…. it’s not as ominous and illegal as you might think, you can download a browser here:

https://www.torproject.org/download/download

If you don’t mind being (possibly) tracked by your IP Address, you can just download a Torrent client such as Transmission or µTorrent.

The torrent file can then be accessed here:
https://thepiratebay.mn/torrent/12237184/The_Complete_Ashley_Madison_Dump_from_the_Impact_Team

REFERENCES:

TV MAXE installation for Ubuntu

TV-MAXE is an application which provides the ability to watch TV stations and listen radio via different streams, like SopCast. Your ability to view certain streams may be limited by your current country, then again, you can always proxy through a country that will permit it.


sudo add-apt-repository ppa:venerix/pkg
sudo apt-get update
sudo apt-get install tv-maxe

REFERENCES:

Install Netflix on Ubuntu via Wine

UPDATE: (Sept. 2014) – Netflix will soon natively support Ubuntu, there are only a few small hurdles remaining, likely to be resolved by the NSS update expected in Ubuntu 14.10 (Utopic). A workaround is available for the impatient… http://www.omgubuntu.co.uk/2014/08/netflix-linux-html5-support-plugins.

For various reasons primarily related to DRM, there is not a native Ubuntu/Linux viewer for Netflix… this is one of the cases where WINE can help you out by providing (not emulating) a Windows environment.

These commands are for the Ubuntu setup, similar steps for other Linux distributions are available in the references.

I’ve found that it is better to pre-install the Wine Gecko and Wine Mono packages on Ubuntu.


sudo apt-get install wine-gecko
sudo apt-get install wine-mono

Then…

sudo apt-add-repository ppa:ehoover/compholio
sudo apt-get update
sudo apt-get install netflix-desktop

If you’ve never used WINE before within your Ubuntu/Linux environment, you’ll likely need to let it download the extensions for Windows, I believe that it will request to download and install the Gecko and Mono packages described above, click "Yes" if asked and all should go well!

REFERENCES:

Comcast Business Class gateway forwarding port 22 for SSH

For as long as I’ve had Comcast, and other providers for that matter, I’ve been able to configure my internet gateway/router to allow port 22 (SSH) access to an internal machine. It came as a surprise to me earlier this week that I was blocked when I tried to use their web admin console to change the internal forwarding to a newer machine. As usual, Technical Support was less that helpful and said that it was not possible to do so, and never should have been as Comcast uses that port to administer the gateway. To make matters more disturbing, I was told that I could not have similar SSH access to the gateway, and that replacing their hardware, while permitted, would prevent my use of a static IP.

Back to the solution, as I know that I had only setup this forwarding about a year ago, and it was working only minutes before I tried to change it, I knew that the configuration was possible if I could figure out how it was being blocked. The message in the web console was a javascript alert(); and gave me a starting point. I opened up Firefox and used Firebug to look for the message. Here are a few interesting findings from:

http://HOSTNAME/user/feat-firewall-port-forward-edit.asp

var RemoteManagementPortsCgiBase = “8080,8080,1\|8181,8181,1\|2323,2323,1\|22,22,1\|”;

msg += “Public Port Range conflict with Remote Management Ports.\n”;

if (msg.length > 1)
{
alert(msg);
return false;
}
return true;
}

If you even a little bit of javascript (or simple computer programming for that matter), the solution is clear…. if the ‘msg’ value is empty you will not see the alert or be prevented from making the change you desire.

Lesson to be learned by the Comcast developers (or most likely = subcontractors), always validate submitted form data in your application code, NEVER rely upon javascript alone to verify user entered data!

I also find it interesting that they are also preventing 8080, 8081 and 2323… perhaps that’s their other back doors in these gateways for their access. The same approach should work for those ports if you need it!

Ubuntu fixing screen backlight brightness toggle

For quite some time, my primary Ubuntu laptop has had a problem with the keyboard keys used to adjust the screen brightness. This had been an annoyance on some of my travels where I’d wanted to extend battery life, as well as when I prefer to work in a darker space. I knew that it had to be a software driver issue of some sort, as it worked in my sometimes used dual boot Windows environment, but I’d never been bothered enough to look for a solution.

Truth is, it only took a minute or two to fix this!

  1. Modify the grub boot loader.
    sudo vi /etc/default/grub
  2. Change the line from:
    GRUB_CMDLINE_LINUX=""
    to
    GRUB_CMDLINE_LINUX="quiet splash acpi_osi=Linux acpi_backlight=vendor"
  3. Update the loader:
    sudo update-grub
  4. Reboot and you should be good to go!

REFERENCES:

Install Plex Media Server on Ubuntu

You can find the latest release listed here and either download the file to your server directly or use the path to update the wget in the commands listed below…
https://plexapp.zendesk.com/hc/en-us/articles/201181647-Plex-Media-Server-Linux-nix-

Pre-requisite, you need to have avahi installed first or the script will later prompt you to do so…
sudo apt-get install avahi-daemon

i386 install:
wget -c downloads.plexapp.com/plex-media-server/0.9.8.18.290-11b7fdd/plexmediaserver_0.9.8.18.290-11b7fdd_i386.deb
sudo dpkg -i plexmediaserver_0.9.8.18.290-11b7fdd_i386.deb

amd64 install:
wget -c downloads.plexapp.com/plex-media-server/0.9.8.18.290-11b7fdd/plexmediaserver_0.9.8.18.290-11b7fdd_amd64.deb
sudo dpkg -i plexmediaserver_0.9.8.18.290-11b7fdd_amd64.deb

Then a series of commands, they should all be relatively straight forward. As the installer creates and runs the software under a user named ‘plex’, I create the user folders and change the default password in these steps… do what you are comfortable with!

sudo apt-get -f install
sudo mkdir /home/plex
sudo mkdir /home/plex/Music
sudo mkdir /home/plex/Videos
cd /home/plex
sudo chown plex * -R
sudo chmod 777 * -R
sudo passwd plex

Now you should be able to access the app with your browser, change the IP if you are not on localhost.
http://{ip}:32400/manage/index.html

WARNING: An installation using these steps could leave your server open to the general public, you
will want to password protect your server to secure any sensitive content, I’ll leave that for a separate topic.

REFERENCES:

Enable Sharing of Printers via Apple AirPrint

This is relevant only after you have updated to Apple IOS 4.2.x on your iPhone, iPod Touch or iPad device. With this release, the ability to print has been added, but it takes a bit of configuration to setup the printer sharing itself as it relies on the Apple Bonjour service/protocol!

I assume that this is all trivial if you are using a networked printer, particularly if it’s wireless…. but if you have a printer that is shared by another computer on the network, you’ll have to do the following.

  1. Install iTunes 10.1 (or newer) on the PC
  2. Install IOS 4.2.1 (or newer) on the mobile device
  3. Download AirPrint.zip (airprint.exe, libairprint.dll, XpdfPrint.dll)
  4. Unzip it.
  5. Make a folder, “C:\Program Files (x86)\AirPrint\” (NOTE: without the x86 for 32bit)
  6. Copy the files to “C:\Program Files (x86)\AirPrint\” (NOTE: without the x86 for 32bit)
  7. Run “cmd.exe” as administrator
  8. Run the following commands (There should be a space between ‘=’ and ‘”‘)
    • Windows 64bits:
      sc.exe create AirPrint binPath= "C:\Program Files (x86)\AirPrint\airprint.exe -s" depend= "Bonjour Service" start= auto
      sc.exe start AirPrint
    • Windows 32bits:
      sc.exe create AirPrint binPath= "C:\Program Files\AirPrint\airprint.exe -s" depend= "Bonjour Service" start= auto
      sc.exe start AirPrint
  9. Let Windows Firewall allow AirPrint to communicate on the networks (Double click on the airprint.exe)
  10. Now, open Safari or any other printing application on your device and try to Print, the first time will have to select the printer, and you may need to give user credentials for the printer.

REFERENCES:

Cheers!

Viewing Hidden Files and Folders on Apple OS/X

Most operating systems make this rather trivial to expose, Apple seems to have made it just a tiny bit more difficult… as such, I provide the simple steps here for my own memory as well as your benefit.

Open Terminal…

  • Launch Terminal, located at /Applications/Utilities/.
  • Type or copy/paste the following commands. Press the return key after you enter each line.
    defaults write com.apple.finder AppleShowAllFiles TRUE
    killall Finder

WARNING: Be particularly careful about the files you modify or delete, you could impact your system in very critical ways… there is a reason they are ‘hidden’, most often it is to keep less-technical users from breaking things 🙂

Return hidden files to their usual state.

Open Terminal…

  • Launch Terminal, located at /Applications/Utilities/.
  • Type or copy/paste the following commands. Press the return key after you enter each line.
    defaults write com.apple.finder AppleShowAllFiles FALSE
    killall Finder

Cheers