Google+ Followers

Saturday, November 15, 2014

Ripping CD to .opus with Audex on Debian

The Opus codec is basically the one codec to rule them all. It is an open standard (RFC 6716) and it outperforms almost all other codecs, open and proprietary, over a huge range of bitrates. It also has a very low latency which is important for internet applications involving real-time communications and it is already supported by modern browsers like Firefox, Chrome, and Opera. But if you want to start storing your music in the best available format, you might have difficulty finding convenient tools that support it. Well, here is one that worked for me, so I’ll share it. It was pretty simple, although not entirely obvious.

Audex is a graphical CD ripper for KDE. It does not support ripping to Opus out-of-box, but it does have a feature to add a new encoder. For this, we will just use the command-line encoder found in opus-tools, so install the packages audex and opus-tools. Now, when you run Audex, go to “Settings” > “Configure Audex...”, select the “Profiles” section, and then “Add...”. Name the new profile “Opus”. Under the “Encoder” tab, select “Custom” from the first drop down. Under “Command pattern:”, put in “opusenc $i $o”, and under “Suffix:” put in “opus”. You can look at some of the other options if you wish (I set mine to replace spaces with underscores), but that is all that is necessary to get it working. Save your new profile, select the profile from the main window, and begin ripping your favorite discs.


If you also want to capture metadata, you will need a newer version of opus-tools than what is in Wheezy. You can download the source, and build it yourself. You will need to have the wheezy-backports repository enabled to get some of the dependencies:

sudo aptitude -t wheezy-backports install libogg-dev libflac-dev libopus-dev

Once the dependencies are met, you should be able to configure and install opus-tools:

cd opus-tools-src-dir
./configure
make
sudo make install



Now, you can change the “Command pattern:” in Audex to “opusenc --title "$ttitle" --artist "$tartist" --album "$title" --date "date" --genre "$genre" $i $o”. This will capture metadata and embed it in your new Opus files.

Thursday, November 13, 2014

Setting up root SSH login on CyanogenMod

I did this with the latest CyanogenMod 11 snapshots on a Nexus 4 and a Nexus 5. I recommend buying a device with an unlockable bootloader, like the Google Nexus devices, because it makes rooting and installing custom ROMs, etc, much more straightforward. Besides, if you buy a device you ought to own it, so why give your money to a company that tries to lock you out of your own devices, as if they still own it even after you have bought and paid for it? If you already have a device that is locked down, you may have to search the web to find a hack to get access to it (Good luck!), but I won’t be covering that here. What I found to be difficult to find and poorly documented elsewhere was how to configure your device for root login via ssh, after installing CyanogenMod. This can be useful for a variety of reasons, for instance, you can easily make a full back up of the phone securely over your wireless network. But as always, exercise caution when using root!

Before you begin, make sure you have a few options set on the Android device. Under “Developer options” make sure that “Android debugging” is enabled, “Root access” is set to “Apps and ADB”, and while you are here, set “Device hostname” to something memorable. (You should have learned to access the hidden “Developer options” menu while install CyanogenMod.) Now, with phone connected by USB, login from your computer with:

adb shell

then start setting up ssh by copying over the template configuration file:

cp /system/etc/ssh/sshd_config /data/ssh
vim /data/ssh/sshd_config

and add the line:

PermitRootLogin without-password

This does not do what it sounds like. It will not allow you to login without authenticating, rather, it disables authentication with a password and requires you to use public key authentication which we will set up in a minute. Next:

mkdir /data/local/userinit.d
cd /data/local/userinit.d
cp /system/bin/start-ssh 90sshd
vim 90sshd


and change:

   # don't daemonize - otherwise we can't stop the sshd service
   /system/bin/sshd -f /system/etc/ssh/sshd_config -D


to:

   # don't daemonize - otherwise we can't stop the sshd service
   ## Actually, yes, do daemonize (remove -D option)
   /system/bin/sshd -f /system/etc/ssh/sshd_config


Now, if you don’t already have one, you will need to generate an RSA key for ssh. On your computer (not the adb shell that is already logged into your Android device) run:

ssh-keygen

and with the default options you will get a ~/.ssh containing id_rsa and id_rsa.pub. You will need to copy id_rsa.pub to your Android device in order to be able to login. Still working from your computer:

adb push ~/.ssh/id_rsa.pub /sdcard/

Now, on the Android device:

cd /data/.ssh
touch authorized_keys
cat /sdcard/id_rsa.pub >> authorized_keys
chmod 600 authorized_keys


Note that the authorized keys file must not be readable by anyone else or ssh will refuse to use it and authentication will fail. Now, you should be able to reboot and login to your Android device:

ssh root@AndroidHostname

If you set a password for the RSA key you generated for ssh, it will prompt you for that password, but it will not prompt for a password for root on the Android device (because it is using the key instead). If you want to login from other devices, make sure you have an authorized key on that device as well. To add more authorized keys, simply concatenate them onto the authorized_keys file, the same way we did the first one. Now you can remotely access your Android device via ssh.

Saturday, September 13, 2014

Watch the NFL Sunday Ticket on Linux

If you subscribe to the DirecTV NFL Sunday Ticket, you can watch all of your Sunday football games on Linux. But it only works with certain browsers because it requires Flash Player 14 which is only available on Linux as a Pepper plugin. Only the Chromium family of browsers supports this API, and the NPAPI version that is used by other browsers is no longer developed on Linux by Adobe (version 11.2 is still receiving security updates). The easiest way to get this is to install Google Chrome. It is also possible to use it with the Chromium packages provided by various Linux distributions; packages are available to install it for both Debian and Ubuntu. For Debian it is in the contrib repository and for Ubuntu it is in Multiverse. It may also be possible to use it with the developer version of Opera, which is now Chromium-based as well, but I haven’t tested this.

Of course, this doesn’t mean that you must or even should swap browsers. You can use a Chromium-based browser with Flash for the NFL Sunday Ticket and still choose another browser, like Mozilla Firefox which seemed to come out ahead in our recent benchmarks, for other things. Ultimately, we would all really like to see web applications, including video streaming, developed with HTML5 and web standards. Mozilla is probably one of the biggest forces pushing for this. Some people even refuse to use the proprietary Flash plugin at all in order to help promote this lofty goal. But if you want to watch your NFL games on Linux this year, now you know how.

Sunday, August 17, 2014

Protip #3: You do want your OpenPGP key to expire

You think you don’t, but you really do.You are probably thinking you don’t want to have to transition to a new key on some arbitrary date. But you can always extend the expiration later. And if you lose your key and don’t have a revocation certificate, the expiration date serves as a kind of “dead man’s switch”. If you don’t prevent it from being triggered by extending the date, your key will be automatically invalidated. This way, if you lose your key (and you don’t have a revocation certificate or have lost that, too), your key will not remain valid forever.

If you use Thunderbird with the Enigmail extension, per my previous tutorial, it is pretty easy to change your key’s expiration date from the Key Management interface. Right-click your key and select Change Expiration Date. Then you can select how many years, weeks, or days it should be until your key expires.




Of course, you will need to re-upload your public key so that your friends can get the extended expiration from the key server. Of course, you can also do the same with GnuPG from the command line, but I’ll leave that as an exercise to the reader.

And now you have no reason to have no expiration date on your keys!

Friday, July 18, 2014

Create your Own Word Searches on Debian, Ubuntu, Mac OS X, or Windows

Creating your own word search is really simple. They can be easily generated by software, given a simple word list, and I’m going to share just such an application with you today. Word Search Creator is a desktop word search generator licensed under the GPLv2 (so it is free as in freedom, as well as price). The downloads page has packages specifically for Ubuntu, Windows, or Mac OS X. These are pretty straight-forward to install. Ironically, there is no package for Debian (the parent distro from which Ubuntu is derived), and the Ubuntu package is not installable on Debian stable. But no worries, this is open source software! So for Debian we will just install from source.

Installing from source on Debian

Before we can install Word Search Creator, we need to install the Qt4 developer tools:

aptitude install qt4-dev-tools

Now, download the source, unpack it and cd to the unpacked source directory. To build the application, just:

qmake
make


In order to install it system wide, as root:

make install

If you are running KDE, run kbuildsycoca4 to rebuild your application menus.

Create a Word Search

When you first open Word Search Creator, there is a control box on the right side that you use to create the word search. Here you can type in a word list and set the size of the grid (or set it to automatically enlarge based on the words you give it). Type in a title and hit Create/Shuffle to generate your word search (hitting it again will, as the name suggests, shuffle your word search).


The menus give you a number of other options you can set. By default, words are only hidden left to right or top to bottom, but you can choose which directions are allowed. You can also choose how the word list is ordered, and edit the formatting. Perhaps one of the coolest features is the ability to change the shape of the puzzle by excluding squares from the grid.


Having fun with it

You can work the puzzle right there on screen, highlighting the words as you find them, and they will automatically get struck off the list.


You can also save it as a word search file, export it to pdf or svg, or copy it to the clipboard as an image (Ctrl + C). Working with it as an image, you can also use an image editor to decorate your word search. Here, I have simply filled in the empty squares and given it a yellow background color to highlight the smiley face.

And here is a full page puzzle.


Try it out yourself, and have fun!

Wednesday, June 25, 2014

Windows Browser Benchmarks

Ok, so this a bit off topic for this blog as it isn’t really a how-to, but I thought it might be interesting to my audience nonetheless. I ran the major browsers through four different benchmarks: Google’s Octane 2.0, Mozilla’s Kraken 1.1, and Apple’s new JetStream and Speedometer (the latter focuses on measuring the responsiveness of web apps by simulating user interactions). For graphing purposes, I normalized the scores on the various benchmarks so that the fastest browser was always 100 (this also means inverting scores for Kraken, which measures time rather than some unit of speed).

To make things interesting, I decided to include some less common variants, as well as the major browsers. I have been hearing about optimized Firefox-derivatives like Pale Moon and Waterfox and wanted to see how they stack up. Here is what I found:



The official Mozilla build was generally faster, although Waterfox was a bit ahead on the Kraken. Pale Moon was consistently last. Both Waterfox and Pale Moon are based on older versions of Firefox. Apparently, the optimizations don’t make up for the improvements in newer versions of Mozilla Firefox, at least not at this time.

And here is how Mozilla Firefox stacks up against other major browsers:


Firefox was the leader except on Octane, where it was pretty close behind Chrome and Opera (which is now based on Chrome, hence the very similar scores). Internet Explorer was consistently near the bottom, losing on both Octane and the Kraken by a wide margin. Although it wasn’t last on Speedometer and JetStream, even coming in second on Speedometer, it was still nearer the bottom than it was to catching Firefox in the lead.

And here I put them all on one chart for a more complete overview:


Finally, I decided to do a combined comparison by looking at how far behind the lead each browser was on each benchmark. This graph is like a target with the bullseye in the center. A browser that was fastest on all benchmarks would be dead center, and the one losing by the widest combined margin would be furthest from the center:

Here we can see that Firefox was the clear winner. Waterfox still outperformed Chrome and Opera, while Pale Moon fell behind them. Internet Explorer was clearly last. Note, however, that the benchmarks are not really meant to be combined in this way and you could probably easily shift these rankings by choosing different benchmarks. Nevertheless, I think the results are interesting.

And for anyone who is particularly interested, here are the original numbers:


Octane Kraken Speedometer JetStream
Firefox 30 9169 3709.8 25.57 65.589
Pale Moon 24 7005 4413.8 19.15 57.805
WaterFox 28 8483 3405.5 21.5 62.103
Chrome 35 9698 3824.3 16.1 55.168
Opera 22 9551 3853.7 15.7 46.022
Internet Explorer 11 6416 6286.4 18.14 50.282

Wednesday, May 7, 2014

Generating and learning strong passwords, Python version

Just for fun, I rewrote my password shell scripts in Python. These scripts work essentially the same way and are compatible with the scripts from the previous post. The real purpose of this exercise is to give you the chance to compare some of the syntax and features of the languages.

This is my first post using Python, but I’m not going to explain all of the basics of Python syntax here. If you aren’t familiar with Python, you may want to read a tutorial or introduction to the language first.

Here is what genpw.py looks like:

#!/usr/bin/python3

import random
import sys

chars = ['0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z', '!', '"', '#', '$', '%', '&', '\'', '(', ')', '*', '+', ',', '-', '.', '/', ':', ';', '<', '=', '>', '?', '@', '[', '\\', ']', '^', '_', '`', '{', '|', '}', '~' ]
length = 13
pw = ""

for i in range(1, len(sys.argv)):
    if sys.argv[i] == "--alnum":
        chars = chars[0:62]
    elif sys.argv[i] == "--length":
        length = int(sys.argv[i+1])
    elif sys.argv[i] == "--forbidden":
        forbiddenchars = sys.argv[i+1]
        for ch in forbiddenchars:
            chars.remove(ch)

end = len(chars) - 1

for i in range(0, length):
    index =  random.randint(0, end)
    ch = chars[index]
    pw += ch

print(pw)


First, we start with a list of printable ascii characters. Since it has been sorted into numbers, letters, and symbols; we can get the alphanumeric subset with a simple slice operation. And we can remove any forbidden characters by simply calling the remove() method of the list of characters. Then, we find how many characters are in the resulting list and generate a random number within that range for each character in the final password. We simply use that number as the index to choose one of the characters from our list and then print the completed password string.

The approach here is slightly different from the one that I used in the Bash script. There, we generated a stream of random numbers and filtered out only the desired characters until we had the desired length. Here, we create a list of desired characters and select the desired number of characters randomly.

And here is what setpw.py looks like:

#!/usr/bin/python3

import sys
import os
import hashlib

if len(sys.argv) > 1:
    name = sys.argv[1]
else:
    name = "default"

pw = input().encode('ascii')
pwhash = hashlib.sha512(pw).hexdigest()
hashfile = os.path.expanduser("~/." + name + "pwhash")

print("\033[1A\033[0K", end="")
with open(hashfile, 'w') as f:
    f.write(pwhash)


This one is even more similar to the Bash version, it’s approach does not substantially differ.

Finally, here is what ppw.py looks like:

#!/usr/bin/python3

import sys
import os
import hashlib
import getpass

if len(sys.argv) > 1:
    name = sys.argv[1]
else:
    name = "default"

pw = getpass.getpass("").encode('ascii')
pwhash = hashlib.sha512(pw).hexdigest()
hashfile = os.path.expanduser("~/." + name + "pwhash")

with open(hashfile, 'r') as f:
    storedhash = f.read()

if pwhash == storedhash:
    print("Correct")
else:
    print("Wrong\a")


Again, the approach here is essentially the same as the Bash version. You may notice that instead of input(), I used getpass.getpass(""). This prevents it from echoing the characters to the terminal. By default, getpass() uses the prompt Password:, so to make it more consistent with the Bash version I passed it an empty string instead.

Hopefully you found this little exercise entertaining and educational.