Feb 26th, 2010
by Ninjax.
I just recently learned that ssh has an option, ProxyCommand, that allows you to specify a machine (machine B) to be used as a stepping stone when connecting to another machine (machine C). So if you normally establish a connection from your machine (machine A) to B and then establish another connection from B to C, this could save you some time and hassle. Here’s how to do it:
1) Add the following to your ~/.ssh/config:
Host C_hostname
ServerAliveInterval 60
User C_username
ProxyCommand ssh B_username@B_hostname netcat -w 180 %h %p
-Line 1: Specifies the ultimate host we are connecting to (C)
-Line 2: How often, in seconds, ssh will send a keepalive request to C.
-Line 3: Specifies the username to be used when logging in to the ultimate host (C).
-Line 4: Specifies B as the stepping stone to connect to and netcat as the command to run on the stepping stone once connected in order to make the ssh port on C available to your local machine (A). Note, on some machines netcat is named nc. The -w option specifies the timeout in seconds for netcat. `%h’ will be substituted with the hostname specified in line 1 (C_hostname) and `%p’ with the default ssh port (22).
Posted in: linux.
Dec 30th, 2009
by Ninjax.
Check out Erin’s new Etsy store where she sells jewelry and other crafts that she makes.
Posted in: Uncategorized.
So there are a couple of things that I hope happen in the world of gadgets before the end of the year. Both of these items are potential enhancements to my entertainment center.
First of all, I’ve been waiting for a Playstation 3 price drop for quite some time now. I would like to enter the world of Blu-ray, have been thinking of adding a DLNA client to my media setup, and would probably buy a game or two. However, I just can’t stomach the $400 hit for a PS3. As soon as the price hits $300, I’d be all over it. From what I’ve read on forums, a lot of other folks are waiting for the price drop as well. According to this Examiner article, the price to produce a PS3 has dropped 70% to about $240. Therefore, the $300 price point would not require Sony to sell PS3s at a loss. Unfortunately, the article also notes that Sony is likely to keep the price at $400 to recoup the money that was lost when the PS3 was sold for a loss. I’m not a financial analyst, but I would not be surprised if the increase in sales spurred by a price cut to $300 exceeded the revenue that Sony would make by continuing at the $400 price point even with the lower margin.
The other item I desire is a version of Adobe Flash that is optimized for the Ion platform. Nettops utilizing Ion are attractive because of their low power consumption, small form faction and HD capabilities. However, as several articles have noted, they strugggle when it comes to Flash performance, particularly full-screen 720p Flash video. This is of particular importance to many individuals contemplating incorporating an Ion nettop into their home theater in hopes of being able to watch Hulu on their HDTVs. I’ve found one lonely mention of an Adobe/Nvidia collaboration to enhance Flash to take advantage of Nvidia GPUs, but the estimated release date is not until 2010. Before I add a nettop to my entertainment center, it will have to be able to decode HD Flash video without hiccups.
Posted in: home theater.
Tagged: flash · hulu · playstation 3
Jun 26th, 2009
by Ninjax.
Up until recently, Dell did not ship OS discs with their computers. However, if you request the discs, they will send them to you even if your warranty has expired. Finding the link to request the ‘Backup Discs’ can be a bit tricky, so I’ll post it here.
Posted in: Uncategorized.
Tagged: Dell · install discs
Mar 17th, 2009
by Ninjax.
So I had FiOS installed a couple of weeks ago, and so far the experience has been mostly positive. The only major issue I had was an HDMI incompatibility bug between the Motorola QIP 7216 1 set-top box that Verizon issued me and my Onkyo TX-SR606 receiver. I wanted to use HDMI to connect the STB to my Onkyo and then use HDMI to connect the Onkyo to my Samsung HDTV. This pass-through mode is fairly common, and it’s how I had my old Cox Scientific Atlantic STB hooked up. Unfortunately, with the 7216, this configuration results in a ‘green screen of death’ after a few seconds of viewing. I noted this problem during installation and asked the technician if he had another box on the truck that I could try. He had me plug the Motorola box directly into the Samsung, and of course the GSOD did not occur. The tech told me that if the box worked with the TV, then there was nothing he could do. As soon as the tech left, I did some quick googling and learned that I’m not the only with this problem. I decided to try using component video cables and a coaxial audio connection to connect the STB to my Onkyo and see if I could live with it.
Continue reading →
Posted in: home theater.
Tagged: home theater
I wrote some quick and dirty Javascript that will calculate your reduced contribution limit when your income is in the ‘phase out’ range.
Posted in: projects.
Tagged: tax
Presentations and whitepapers can be found here.
New Tricks for Defeating SSL in Practice – Moxie Marlinspike (Mike Benham)
This talk started off with an explanation of a vulnerability that Benham exposed in 2002. Basically, some CAs did not explicity set the basicConstraints field in leaf node certificates (site certs) and web browsers were not verifying the basicConstrainsts fields. So, anyone with a valid leaf node certificate could create a valid certificate for a site of their choosing that would chain back to the root CA. Benham wrote a tool called sslsniff to leverage this vulnerability and perform a man-in-the-middle attack.
The new vulnerability that Benham discussed is actually a problem with the way that sites utilize https. Many sites that require user authentication have homepages served over http with a login form where users put their login and password information. When the user clicks submit, an HTTPS POST is performed so that the credentials are secure while in transit to the server. However, if an attacker can intercept the initial page while it is being served to the user and rewrite the POST https url to an http url that he controls, the attacker can steal the credentials. Benham wrote a tool called sslstrip that performs this attack and goes a step further and also proxies the https POST so that the victim has no indication that he was attacked.
To test sslstrip, he set it up on a Tor exit router for a period of 24 hours. Out of hundreds of sessions that were attacked, everyone entered their credentials once the login page came up.
Continue reading →
Posted in: Uncategorized.
I recently flew on Southwest airlines for the first time, and while the experience on a whole was pleasant, there are a few ‘gotchas’ to be aware of.
First of all, Southwest does not allow you to choose your seat when you book your flight. You are assigned a group and a number when you check-in that dictate when you can get on the plane. Once on the plane, any seat is fair game. So to avoid getting the middle seat and to ensure that you can stow your carry-on, it is imperative that you check-in as early as possible (typically 24 hours before departure time). Fortunately, Southwest has a webpage designed for mobile devices, so you can check in even if you’re away from a computer. However, if you have the misfortune of being on the terror watch list, you might be screwed.
Next, when boarding, the seats in Row 1 look attractive because of all the legroom. Unfortunately, these seats do not have tray tables for some reason. If you get a drink, you’ll have to hold it until you’re done with it. Every other plane I have ever been on has tables that fold out of the armrest for the first row seats. I can’t see this being a cost-saving issue, so I don’t know why Southwest omitted these tables.
Finally, Southwest’s planes do not have closets at the front of the plane to store garment bags in, so you have to stow them in carry-on bins. Again, I’ve never seen this before on other airlines. I can see how removing the closet frees up some extra room, but it’s a pain having to try and layer a garment bag on top of a bunch of irregularly shaped carry-ons that barely fit in the bin to begin with.
Posted in: travel.
Tagged: southwest · travel
Mar 26th, 2008
by Ninjax.
This guide assumes a decent working knowledge of Linux, compiling source, virtualization, and networking. For my purposes, it was easier to just blow away OSX and install a Linux distribution on the MacBook Pro. Supposedly, someone has been able to compile Xen on OSX, so you may want to check out the xen-users mailing list. Also, if you don’t intend on modifying any of the xen source, it’s probably easier to just install from modules using apt-get, yum, etc.
Picking a Distro:
The first step is to pick a Linux distribution that comes with GRUB 0.97 or greater so that the hybrid GPT/MBR that MacBooks come with will be supported. I chose RHEL 5.1 (Ubuntu 7.10 Workstation will also install on the MacBook, but I did not try to install Xen on it). It might be possible to install a distro with an earlier version of GRUB like RHEL4.5 and then use rescue mode to upgrade GRUB, but I did not try it.
Partitioning:
In previous RHEL/Xen installations, I followed the partitioning instructions found here. However, when I attempted to replicate the partitioning scheme with RHEL5.1 on a MacBook, the partitioner would crash. I even tried creating the LVM volumes manually with Knoppix and then running the RHEL installer, but the partitioner would still crash. I ended up just accepting the default RHEL partition scheme that only creates one LVG. This means that I am going to have to use QEMU files for VMs.
Continue reading →
Posted in: linux, mac, xen.
Tagged: linux · mac · xen
Mar 21st, 2008
by Ninjax.
So, I recently realized that a couple of ‘factoids’ I’ve been telling people are actually not true.
First, shorts cups at Starbucks. I had never seen these before I visited Seattle in August of 2006, so I assumed they were a Seattle-only item. However, I talked to a Barrista today at the West Springfield Starbucks, and he told me that back in the day (like 5-6 years ago), short was the small size and tall was the medium. Then, they added the venti (which just means 20 in eyetalian, because it’s 20 oz) and made the tall the smallest menu size. Apparently, all locations still have the short cups, but they’re normally hidden away and not listed on the menu. I didn’t really start drinking Starbucks drinks until I started working after grad school (2003), so it would make sense that I missed the changeover from small.
Next, we have the Mad Hatter from Alice in Wonderland. Some teacher in my youth told me that the character was ‘mad’ (crazy), because of mercury poisoning from the mercury he used to treat hats. However, Wikipedia tells me that the character is probably based on a real life person. Also, real symptoms of mercury poisoning are “timidity and a desire to remain unobserved” which was not how the Mad Hatter behaved.
Posted in: myths.
Tagged: myths
