Hacker Public Radio

Introduction Hosts: MrX Dave Morriss We had some issues with getting Mumble to work, for reasons we couldn’t quite fathom. Both ends needed to be restarted several times until all worked properly. We recorded this on Sunday March 7th 2021. The last time we set up a chat like this was back in August 2020, surprisingly! Note on the title: the term the doldrums refers to a belt around the equator where sailing ships used to be becalmed due to the lack of wind. It also means a state of inactivity or stagnation, or a dull, listless, depressed mood; low spirits. Topics discussed Pandemic (1): Planning for pandemics Years ago parents used to let children catch chickenpox when it was known somebody had it (pox party). Did COVID-catching parties really happen? Wikipedia page on alleged COVID parties. Christmas/New Year: Dave: Cooked a fancy vegetarian meal twice! On Boxing Day and New Years Day. Second time was a joint effort. Getting everything coordinated is easier when there are several contributors! MrX: Had long break because like many I hadn’t taken many holidays Spent first part of holiday upgrading devices around the house I had a nice relaxing break and spent Christmas with my mother, she lives on her own. Visit to the dentist was interesting, wondering how they were going to cope with aerosol spray from the drill. The answer was they didn’t. Rough edge smoothed, they told me they will contact me when things settle down and said I was right to get it checked. If any pain or further break then will be moved into a different category where they do use drill with full PPE. Pandemic (2): Dave: Vaccination received on 2020-02-02 (Oxford/AstraZeneca) Probably getting second in late April or early May; not heard yet Still avoiding going out for the moment The deleterious effects of the lock down; trying to walk on a regular basis to counteract these and get exercise Meeting up with the rest of the family several times per week for dinner, etc. MrX: Horizon things we now know about COVID Don’t know how long the vaccine protects against virus spreading but likely to protect against serious illness for a good long time. 12 weeks between jabs: 2nd jab does not provoke a stronger response; it’s that the 1st jab produces good responses and poor responses but by waiting 12 weeks for the 2nd jab it only provokes the good responses. Think the UK has among the worst death rate in Europe Like Dave continuing to avoid the virus as before. Seems to be getting more difficult coping with lock down Haven’t been into work since last November, working from home Home working, clutter, stress, not taking enough breaks Glad I didn’t need to drive during all the bad weather Think I heard on a podcast recently that Linux use had dropped by 50%, could this be linked to people working from home. I would say this is true for myself Except for me all immediate family have been vaccinated Way to stay positive tip from something Mrs X read Three things at the end of each day that were a highlight or something that we are grateful f

This show has a counter point show hpr3316 :: FSF and RMS on election of Richard Stallman Warning This show contains information that may not be suitable for all. Listener discretion is advised. Recently Richard M. Stallman, announced that he has rejoined the Free Software Foundation’s board of directors. An open letter on github called for him to be removed again, and for the FSF’s entire board to resign. When he resigned in 2019, Bradley M. Kuhn (from the Free as in Freedom podcast) wrote an article titled "On Recent Controversial Events" about the issue. I am submitting that article here under the terms of the Creative Commons Attribution-Share Alike 3.0 United States License. The post contains many links and is available in the shownotes for this show. Some examples are included at the end of the blog post, and listener discretion is advised. On Recent Controversial Events Tuesday 15 October 2019 by Bradley M. Kuhn The last 33 days have been unprecedentedly difficult for the software freedom community and for me personally. Folks have been emailing, phoning, texting, tagging me on social media (— the last of which has been funny, because all my social media accounts are placeholder accounts). But, just about everyone has urged me to comment on the serious issues that the software freedom community now faces. Until now, I have stayed silent regarding all these current topics: from Richard M. Stallman (RMS)’s public statements, to his resignation from the Free Software Foundation (FSF), to the Epstein scandal and its connection to MIT. I’ve also avoided generally commenting on software freedom organizational governance during this period. I did this for good reason, which is explained below. However, in this blog post, I now share my primary comments on the matters that seem to currently be of the utmost attention of the Open Source and Free Software communities. I have been silent the last month because, until two days ago, I was an at-large member of FSF’s Board of Directors, and a Voting Member of the FSF. As a member of FSF’s two leadership bodies, I was abiding by a reasonable request from the FSF management and my duty to the organization. Specifically, the FSF asked that all communication during the crisis come directly from FSF officers and not from at-large directors and/or Voting Members. Furthermore, the FSF management asked all Directors and Voting Members to remain silent on this entire matter — even on issues only tangentially related to the current situation, and even when speaking in our own capacity (e.g., on our own blogs like this one). The FSF is an important organization, and I take any request from the FSF seriously — so I abided fully with their request. The situation was further complicated because folks at my employer, Software Freedom Conservancy (where I also serve on the Board of Directors) had strong opinions about this matter as well. Fortunately, the FSF and Conservancy both had already created clear protocols for what I should do if ever there was a disagreement or divergence of views between Conservancy and FSF. I therefore was recused fully from the planning, drafting, and timing of Conservancy’s statement on this matter. I thank my colleagues at the Conservancy for working so caref

I did not get any feed back on my first nagios episode, so I can only assume that I perfectly explained what nagios is. And my installation instructions were so good, that no one had any questions. So I will move on to some additional nagios topics. Why use nagios One thing I meant to talk about but forgot in the intro is why you may want to run nagios as a hobbyist. Education, learning a new technology for fun Network Monitoring is a valuable skill and benefit your career if you work in IT Early warning for failing hardware Monitoring self hosted applications Notification for home security devices IP cameras Most of the benefits of nagios are not specific to nagios. There are plenty of other options for monitoring, and all of them are worth exploring. Notification Options Email I had planned on discussing how to set up postfix to send emails. But, that is such a big topic I will have to skip it. I will instead talk about what I do to send email. And Maybe you can do something similar. Spammers have ruined the ability to directly send email. Most residential ISPs block port 25 outbound to prevent malware from sending email. Some Virtual hosting providers may not block sending mail, but many mail servers will not accept mail from VPS IP ranges. There are a few ways to get around this problem. I use the email delivery service Sendgrid. They do all the work of staying off the list of spammers, and most email providers trust mail send via Sendgrid. I wont go into the instructions for configuring postfix to relay outgoing mail via Sendgrid, but their documentation is easy to follow. There are plenty of services like sendgrid. And most have a free tier. So unless you are blasting out alerts you probably will not have to pay. If you want to send alerts from nagios via email, I recommend finding a email sending service that works for you. Push alerts There are a few options (besides email) for getting alerts on your phone. aNag The easiest way to get alerts is probably the aNag Android app. aNag connects to the nagios UI to get status updates. It can be configured to check in periodically and there generate notifications for failed checks. One downside to aNag is the phone has to be able to connect to the nagios server. So, if nagios is on a private network, you will need a VPN when you are not on the same network. If you decide to put nagios on a public network, be sure to configure apache to only use HTTPS. certbot makes this really easy. Pushover Another option is to us a Push Notification service that can send notifications that are triggered by API calls. I like to use the pushover.net You pay $5 when you download the pushover app from the app store, and then notifications are sent for free. They offer a 30 day trial if you want to evaluate the service. To use pushover, we will add a new contact to nagios. The command for the pushover contact is a script that calls the pushover API via curl. Remember from the previous episode, nagios has a conf.d directory and will load any files in that directory. So we will create a new file /etc/nagios4/conf.d/pushover.cfg and restart nagios. The contents of the pushover file will be in the show notes. To use pushover for specific checks, and the contact to that check. See the example in the show notes. Or if you want to use pushover for everything Modify the definitions for the host and service templates to use pushover as a contact The script that calls the Pushover API is at https://github.com/jedda/OSX-Monitoring-Tools/blob/master/notify_by_pushover.sh Save a

Introduction After many years of confusion it has been decided to produce a common standard for dates and times between Europe and the United States of America. When encountering a USA date such as 03/14/2021 (known as Pi Day in the USA) there has been ambiguity over which part of the date is the day and which the month. There can also be confusion as to the year if the two-digit form is used. Standardisation is a way in which these sorts of ambiguities can be resolved. Having a common method of representation avoids confusion. Therefore, starting in 2021, in the spirit of clarity and prevention of misunderstanding, the EU has decided to standardise on compatible formats wherever possible. Dates Henceforward dates will be represented in one of the following forms: MM/DD/YY month/day of month/two-digit year YY/DD/MM two-digit year/day of month/month Thus, 21/14/03 or 03/14/21 will be universally recognised as Pi Day. Times The break from the previous tyranny of large|medium|small or small|medium|large formats has been extended to 24-hour time representations. Henceforward 24-hour times will be represented in one of the following forms: SS:HH:MM seconds:hours:minutes MM:HH:SS minutes:hours:seconds Support Bash already introduced support last year. You will need to update to Ubuntu Falex to get the latest version. Future plans The Standardisation Working Group will be planning other measures. Forthcoming rationalisations will be: Weights and Measures: Discrepancies such as the US pint (16 fluid ounces) versus the British pint (20 fluid ounces) Temperature: Fahrenheit versus Centigrade, replaced by the new Eurotemp which straddles both ranges. The choice might be the Rankine scale (°R), but this has yet to be decided.

a little history slackware on arm started by stuart winter in 2002 became an official port of slackware in 2009 lots of info at the video podcast on youtube why choose slackware can do minimal installs easy education stable and secure who should avoid slackware unwilling or unable to read and follow directions if you think your leet when you use apt instead of apt-get if you think commands like dd are 'scary' howto there is no official port of slackware arm to raspberrypi i think this is because of raspberrypi has a non standard way of booting compared to most arm devices community has stepped in on the slackware documentation project website there are 'manual' install projects took a while, had to download firmware from the raspberrypi project itself quite a bit of cleanup this is the guide if you want slackware on a pi-zero link to the sarpi project guy named phil project lead, started in 2012 the sarpi project is also a manual process even if you don't do this you should look at the website content, this is the way to do a tutorial after you download the sources this install is exactly like any other slackware install when you get to the package selection its easy to customize after install you have a complete development environment be prepared to up your search foo many packages can be built from slackbuilds The only mistakes you can't learn from are, your own fatal mistakes Links http://arm.slackware.com/ https://sarpi.fatdog.eu/ https://www.youtube.com/channel/UCabC1NZDGA3FZXf2hQ-6uyA/featured http://docs.slackware.com/howtos:hardware:arm:start https://slackbuilds.org

First I go to the Language Support window. Either search (press Super/Windows, then type) for "Language Support" and go there directly, or search for "Region & Language", go there, then click "Manage Installed Languages". There I click Install / Remove Languages ..., check the Chinese I want, then click Apply. Then I add the packages for the input methods I want, either using the command line (apt install) or the Ubuntu Software application: Chinese Quick: ibus-table-quick-classic Chinese Pinyin: ibus-libpinyin Chinese (Cantonese) Jyutping: ibus-table-jyutping Bonus input method: Unicode emoji: ibus-typing-booster Now for each user that wants an input method, I search for and go to Region & Language. At the bottom of the Input Sources section I click the plus button. The different input methods are found by clicking down into different sublists. Click the right choice, then Add: Chinese Quick: Chinese -> Chinese (QuickClassic) Chinese Pinyin: ⋮ -> Other -> Chinese (Intelligent Pinyin) Chinese (Cantonese) Jyutping: Chinese -> Chinese (Jyutping) Unicode emoji: ⋮ -> Other -> Other (Typing Booster) EurKEY: English (United States) -> EurKEY (US based layout with European letters) The EurKEY layout is part of the standard English language support in Ubuntu. Finally, to enable unicode color emoji as completion suggestions, switch to the Typing Booster mode by pressing Super/Windows+Space repeatedly until you see the rocket in your notification area. Click the rocket -> Unicode symbols and emoji predictions -> On. I owe you a followup episode once I figure out how to make this work for Guix applications running inside Ubuntu. This episode was based on a Fediverse thread:https://libranet.de/display/0b6b25a8-6760-517c-52c9-654926232346 References for your further study: IBus is an input method protocol for the GNU/Linux desktop. Other protocols supported are XIM, SCIM, fcitx and uim. You have to choose one of these to use for all your input methods, but the most common input methods exist at least for IBus and the first three of the rest, so this is not as much a limitation as it sounds like. Quick is a simplification of the Cangjie input method. Cangjie assigns radicals, character components, to 24 keys on the alphabetic keyboard, and you combine these into a character. In Quick you combine two and then choose a completion from a list. Pinyin is a romanization, a Latin alphabetic spelling, for Standard Chinese (Mandarin). Jyutping is one of many romanizations for Cantonese.

dont ever use return to launch pad or anything always use quick save and load etc .. quick save before launch etc... stay away from missions that are high altitudes/ and low speed etc ... for now. stick with ones that are ALT or SPEED only .. do both only if you are sure you can do it. use F12 to keep an eye on physics to EVA in space you need upgrade astronaut complex first ... hit the rest button in the build menu to reset all the stage to .. logical order My rules of thumb for parachutes: Mk1s are good for a ton each. Radials and drogues are good for 1.5t each. Mk2s are good for 2t each. https://www.youtube.com/watch?v=nprOvWBgsEM&t=1574 build a plane to do "conduct survey" missions ... missing SAS buttons ? upgrade at tracking and mission control then level up your Pilot to 3 or use tech tree to unlock mod with SAS https://forum.kerbalspaceprogram.com/index.php?/topic/186853-most-efficient-way-to-level-up-pilots/ try to just focuses on missions you can complete easily when you finish a mission keep an eye on the recovery mod or % at the end it will tell you in the report how much money you lost .... sub assembly https://www.youtube.com/watch?v=ZdUyKH4NC1M https://www.youtube.com/watch?v=RXKjt11vjps https://www.youtube.com/watch?v=mqWppFJGbY8 ( unlock tech tree ) A good rule of thumb is to simply keep the ship between 200-300 m/s until you are above 12k meters so you aren't burning extra fuel to get through the lower atmosphere where you're going to experience the most drag. https://m.youtube.com/playlist?list=PL-7ICWbZUDjlBrsHIS8mEEj3xIMUQwlp5 different rockets work better in vacuum of Space for large payloads: Fuel Flow & Asparagus Staging | KSP Beginner's Guide NERV Rocket : https://www.youtube.com/watch?v=s90tSM0oowo 223 hrs and just now getting to build/mechjeb OK... COM ranges https://wiki.kerbalspaceprogram.com/wiki/CommNet sat build! https://www.youtube.com/watch?v=OYCk_pYx_kE : AE-F33 shell (faring) TR-V2 decopuler dawn engine 2 x pb-x150 xeono small inline reaction wheel z-200 battery ra-15 sat OK-T02 probe (remote control ) communion 16 (for kerbal coms) 2x gigantor solar array toggle debeis and clean up ! @KSpaceAcademy @KSA_MissionCtrl #KSP #KSP2 @SquadDevs @KerbalSpaceP

As I have been learning Spanish I have been making use of a variety of tools and aids. One of the best is YouTube, where there is a wealth of free stuff. Of course, Spanish is not the only language with good resources here, but it is the one I am studying right now. But if you are interested in learning another language, or improving your knowledge of one, you should take a look. Links: https://www.youtube.com/channel/UC_GFwrcNlXh92xA8iKFT2WA http://thelanguagetutor.co/ https://www.youtube.com/watch?v=hyLl_0d0EBw&list=PLTpetkN815Qyuc2RbC1kxxMQvxjQ3RnYG https://www.youtube.com/watch?v=I8hFdZEPqdM https://en.wikipedia.org/wiki/Common_European_Framework_of_Reference_for_Languages https://www.youtube.com/c/Professorjason/featured https://www.youtube.com/channel/UC67BDv__7er_ZaYKqhOSOFQ https://www.youtube.com/user/culturealley https://www.youtube.com/channel/UC9yudInUYzMh9H4gJs4DrHg https://www.youtube.com/channel/UCozZrWPuoNRLl5ArOyJ57sQ https://www.palain.com/spanish/youtube-channels-for-learning-spanish/

In this episode our two aging heroes discuss the proper temperature to drink beer at (spoiler: it's not 20 degrees as CAMRA would make you believe) and the ins and outs of basic and enhanced security on our beloved operating system. If you ever wanted to know more about Linux Security Modules, AppArmor and SELinux and how dames of negotiable affections relate to these concepts, this show is for you. Shownotes: Campaign for Real Ale: https://camra.org.uk/ Linux Security Modules: https://en.wikipedia.org/wiki/Linux_Security_Modules SELinux: https://selinuxproject.org/page/Main_Page SELinux on Android: https://source.android.com/security/selinux AppArmor: https://gitlab.com/apparmor/apparmor/-/wikis/Documentation RBAC with AppArmor: https://gitlab.com/apparmor/apparmor/-/wikis/AppArmorRBAC Plan 9: https://9p.io/plan9 Plan 9 from Outer Space: https://www.imdb.com/title/tt0052077 Man down: https://www.imdb.com/title/tt2461520/?ref_=fn_tt_tt_2 The Midnight Gospel: https://www.netflix.com/de-en/title/80987903

Hot, off the cuff. You can leave feedback at Lyunpaw@gmail.com; "hpr04" for the subject line. Emails are seen as plain text and are filtered. Maybe I'll do a show on email; oops now I owe a show.

Simple method to autoupdate nextcloud apps. An email is sent as summary of actions. Scheduled for 5 AM Sunday - Cron Entry MAILTO=MYEMAILADDRES@MYDOMAIN.com 0 5 * * 0 /usr/bin/php /var/www/nextcloud/occ app:update --all 2>&1 # * * * * * command to be executed # - - - - - # | | | | | # | | | | +----- day of week (0 - 6) (Sunday=0) # | | | +------- month (1 - 12) # | | +--------- day of month (1 - 31) # | +----------- hour (0 - 23) # +------------- min (0 - 59)

In this episode of Hacker Public Radio, I will describe the method I chose to combat spam bots filling out my company's contact form. About 99% of the submissions we receive are spam, which makes filtering for valid messages painful. After some research into different methods, I decided to go with the honey pot method. The honey pot method uses an extra text input field to lure the spam bot into filling it out. There are different suggestions for how to hide this extra field from valid users by using either javascript or CSS. With javascript, the honey pot section of the form is removed from the DOM when the page loads, hiding it from your users. The argument for this method is most bots don't implement javascript, so the honey pot field will not be hidden from them. I think that is a valid argument but I didn't want to include extra javascript in my page--so I went with the CSS method. There are references at the end of the show notes to a couple of the articles I read on implementing the honey pot with either javascript or CSS. My take away was, one, don't use the CSS display property set to the value of none to take the input out of the DOM. Sufficiently smart enough bots may know to scan for this, especially if applied directly to the element. Also don't name your classes something obvious to your intent like "anti-spam-filter". My guess is the majority of the bots out there aren't that sophisticated, but I figured it couldn't hurt to follow those suggestions. I was already using Bootstrap CSS for our site, so I decided to use Bootstrap's "sr-only" class. This class is used for elements that you only want visible to screen readers. It takes the element and uses a combination of absolute positioning, setting the size and width to 1 pixel, setting a negative left margin, and hiding content overflow to prevent the honey pot showing up visually. I figured if the bot was scanning CSS for classes or properties, this wouldn't trigger any warnings. It does bring up the issue of how to prevent impacting the experience of people using screen readers. I applied the aria-hidden attribute with a value of true to the label element surrounding the honey pot input field. "[this] removes that element and all of its children from the accessibility tree." So we now have the field hidden both visually in the browser and from assistive technologies. Given the short end of the stick accessibility usually gets, I doubt there are any spam bots scanning for that ARIA attribute. For the minority of users who might be viewing with the classic lynx browser, I put 'For office use' as the label text before the honey pot, hoping this would get the message across without tipping off the bot to the intended purpose of the related input field. The other main issue with this method is the value of the name attribute used for the input field. Some argue to use obfuscated values like "mmxxName" instead of "name", or "sxysPhone" for "phone". Apparently some bots will skip fields they don't recognize. By using more standard names for multiple honey pot fields, it easier to determine if it is a bot. The counter argument to this naming scheme is about the user experience, by obfuscating the name, then browsers won't auto-fill the valid fields of the form. This also brings up the matter of not auto-filling the spam fields by the browser of your users. This is done by setting any of your honey pot input elements' "autocomplete" attributes to "off". So far this spam filtering method is working nicely. I currently send any messages flagged as spam to a different email address with the subject prepended with the words "[Spam review]". Once I am confident there are not that many false positives, I will just skip sending flagged messages. The one issue I have experienced with this method is when using the tab key to move through the form. Since the input field is only visually hidden, it still receives focus as you tab through.

Back in hpr3289 :: NextCloud the hard way, I showed you how to install a Let's Encrypt SSL cert for use on your home network. One of the problems was the fact that the automatic renew tools won't work. Today I got a reminder email from Let's Encrypt and I used the exact same command to renew it as I did to create it in the first place. The tool is smart enough to know this is a renewal process. One thing I forgot to do last time was to remove the TXT record from DNS after I was done. So I had to delete the record and wait a while for the Time To Live (TTL) to expire. I set about doing a check list so the next time the process can be even faster. Run the command certbot certonly --manual --preferred-challenges dns Deploy a DNS TXT record under the name _acme-challenge.nextcloud.example.com Finish the challenge. When successful, remove the DNS TXT record as it's not needed for another two months.

This is an update on my previous episode hpr3179 :: MakeMKV to back up media. In the past month, MakeMKV.com has been updated to include Raspberry Pi support. Sources: MakeMKV on Linux post https://forum.makemkv.com/forum/viewtopic.php?f=3&t=224 MakeMKV on ARM release https://forum.makemkv.com/forum/viewtopic.php?p=105912#p105912 It was a very uneventful "It's here" MakeMV on Raspberry Pi (ARM) Click the thumbnail to see the full-sized image wget http://www.makemkv.com/download/makemkv-bin-1.16.1.tar.gz wget http://www.makemkv.com/download/makemkv-oss-1.16.1.tar.gz Unpack both packages and starting from source package and do the following steps: For makemkv-oss package: ./configure make sudo make install For makemkv-bin package: make sudo make install Install ccextractor and necessary packages sudo apt install libtesseract-dev autoconf sysconftool git clone https://github.com/CCExtractor/ccextractor.git cd ccextractor/linux/ ./build nnn: command line file browser with vim-like keybindings https://github.com/jarun/nnn Script to rip TV episodes makemkv.tv.sh #!/bin/bash #echo "Series?" series=Battlestar echo "Series: $series" echo "What Season is this?" read season echo "Season: $season" echo "Which disc # is this?" read disknum echo "This is disk #$disknum" echo "Starting with which episode?" read episode eject -x20 mkdir ""disc."$disknum" makemkvcon mkv --progress=-same --minlength=2100 disc:0 all ""disc."$disknum" cd ""disc."$disknum" #episode=1 episode=$episode for track in *.mkv do mv $track $series"_S"$season"_D"$disknum"_E"$episode.mkv episode=$((episode+1)) done cd .. Script to convert multiple episodes mkv2mkv_mult.sh #!/bin/bash mkdir encoded for i in *.mkv do HandBrakeCLI --first-subtitle --subtitle-default=none -i $i -o "encoded"/"`basename -s .mkv $i`.mkv" done Before and after the rename loop Before rename After rename

Dungeon Raiders is a D&D "retroclone", designed to mimic old school gaming. It's a simple system, but is it too simple? Find out in today's episode! You can download Dungeon Raiders for free from Drivethrurpg.com You can play games with the RPG club. Subscribe to the HPR mailing list to learn about our schedule, or email Klaatu at this domain.