Messages

351

General Software Discussion / Re: Chrome Extensions: Your favorite or most useful

« on: February 24, 2015, 01:26 AM »

Hopefully this topic/thread is still of some use to some of us

Started using Chrome recently and what I've collected so far that doesn't appear to be listed include:

• Android Resource Navigator
• Android SDK Samples Search
• Android SDK Search
• PDF Viewer
• React Developer Tools
• The QR Code Extension
• Vanilla Cookie Manager

Of note is 'The QR Code Extension' - it works offline (so what you want a QR code for doesn't get sent somewhere over the network) and it doesn't require additional permissions like some other QR extensions.

352

Living Room / Re: Preloaded spyware, courtesy Lenovo

« on: February 24, 2015, 12:48 AM »

I think the most irritating thing here is that these are 'trusted' vendors

Comodo seems to be a well regarded security vendor which is doubly disturbing (though i suppose not altogether surprising, it's not like it's the first time something like this has happened)

-Target (February 23, 2015, 11:57 PM)

So where's our "anti-virus / security vendor" scanner

353

Living Room / Re: Preloaded spyware, courtesy Lenovo

« on: February 24, 2015, 12:46 AM »

So when will legitimate security vendors (whoever they might be) start reporting when there are fishy root certs installed?  Because I don't know about you, but when I look at the collection of root certs installed on my machine (run the certmgr.msc management console plug-in program), there's no way I could say which (if any) didn't belong. 

There are 100 or so certificates (including 27 "Untrusted certificates") installed on my system - and I think that my anti-malware should tell me if they're OK or not.

-mwb1100 (February 23, 2015, 11:50 PM)

I agree about it being impractical to tell -- didn't have that many here, but there were a few completely unfamiliar ones.

Something to help assess what should and shouldn't be there does sound like it could be useful....not sure how practical and effective it would end up being, though perhaps much better than nothing.

Wouldn't really trust what one specific vendor had to say about a specific cert (cf. the value of VirusTotal, Jotti, etc.), but with a collective assessment, may be some suspicious things could be detected.

Spoiler

It's not like the whole root cert idea is foolproof, but that would be a different type of discussion I guess

354

Living Room / Re: Preloaded spyware, courtesy Lenovo

« on: February 23, 2015, 11:18 PM »

Thanks for sharing...tip of the iceberg, anyone?

Nice to have instructions for removal (near the end of the article).

On a side note, I found it particularly irksome that for the GUI-ishly inclined that one has to "Add/Remove Snap-in".  Grrr!  On a positive note, the Ghacks article described a language-independent way of accessing the UI window that's relevant for this process, and that is much appreciated.  Some other articles describe steps that use searching which don't work on (at least some) non-English-based Windows machines (at least they didn't work for me).

Screenshots would be a plus for some of the steps to help guide (though of course that probably wouldn't help in the case where searching is part of the instructions...).

Spoiler

The last 2 paragraphs in the article...

355

Living Room / Re: Preloaded spyware, courtesy Lenovo

« on: February 21, 2015, 07:47 PM »

I think I stand by this. I am making my own problems with upgrade woes but my current comp is custom built that we did as a project and when it's your buddy building it you know generally there's no weird stuff (initially!) on there.

-TaoPhoenix (February 21, 2015, 07:32 PM)

I haven't found a practical way to assemble appropriate notebook PCs, but for desktop / server, have almost always gone with custom.

356

Living Room / Re: Preloaded spyware, courtesy Lenovo

« on: February 21, 2015, 07:46 PM »

Are you saying that you overwrite their OS with the installation media that comes with the hardware?  

-Steven Avery (February 21, 2015, 09:02 AM)

In my case, I have purchased separate installation media -- can get a bit expensive, but then these days there are some places that offer the purchase of PCs without a bundled OS.

Didn't mention this earlier, but up through this post I've had notebook PCs in mind.

357

Living Room / Re: Preloaded spyware, courtesy Lenovo

« on: February 21, 2015, 07:12 AM »

I overwrite too.  Definitely takes time to set up from installation media first time (e.g. today from W7 SP1, literally had over 130 updates total), but apart from avoiding the questionable content that is preloaded there are a few additional benefits IMHO:

bloat reduction
a somewhat more up-to-date image to restore from and possibly customized more to one's taste
a bit more flexibility regarding use of HDD -- e.g. can use the space reserved for restoration (i.e. onekey) for other purposes

May be others have additional / different reasons for doing likewise?

358

Living Room / Re: Preloaded spyware, courtesy Lenovo

« on: February 20, 2015, 01:48 AM »

Thanks for sharing this.

The article contained some nice links:

• Lenovo installs adware on customer laptops and compromises ALL SSL. -> Has sections "HOW TO CHECK IF YOU ARE AFFECTED" and "WHAT TO DO IF YOU ARE AFFECTED" near the end of the article (before the comments section)
• Errata Security: Some notes on SuperFish -> Had clear timing info: "It's been going on since at least June 2014"
• What You Need to Know About Superfish, The Man-in-the-Middle Adware Installed on Lenovo PCs

359

Living Room / Re: Happy New Year! 恭禧發財! 새해 복 많이 받으세요!

« on: February 19, 2015, 05:57 PM »

Happy (Old-Style?) New Year!

May much luck come to us all

360

Living Room / Re: Interesting "stuff"

« on: February 17, 2015, 05:52 PM »

That was quick work!

Thanks

...and the second link even mentioned:

  http://www.phrenopol...pective/solarsystem/

361

Living Room / Re: Interesting "stuff"

« on: February 17, 2015, 07:08 AM »

Ever wonder why you never see any maps of the solar system drawn to scale?

-Renegade (February 16, 2015, 04:31 AM)

Nice.

How about something similar for atoms and molecules with their electron clouds?

362

Mini-Reviews by Members / Re: Atom - A new editor is born

« on: February 04, 2015, 09:39 PM »

Thanks for the post!  Some items from the FAQ that might be of interest.

...

Why does Atom send usage data to Google Analytics?

In the same way that aggregate usage information is important when developing a web application, we've found that it's just as important for desktop applications, especially during the beta program. By knowing which Atom features are being used the most, and how the editor is performing, we can focus our development efforts in the right place. For details on what data Atom is sending or to learn how to disable metrics gathering, visit https://github.com/atom/metrics.

-wraith808 (March 03, 2014, 07:46 AM)

The current claim appears to be that among other things a hash of the MAC address of one of the network interfaces is collected:

  https://github.com/a...ntent-collected-data

It's unclear whether one gets a chance to opt-out of the initial transmission.

363

Living Room / Re: Internet of Things thread (IoT)

« on: February 04, 2015, 07:37 AM »

All your dirts are belong to us.

364

Living Room / Re: Raspberry Pi's $35 Linux PC

« on: February 04, 2015, 07:26 AM »

The article says it will be able to use a version of Windows 10 from Microsoft. Would this ruin it?

-Arizona Hot (February 02, 2015, 07:06 PM)

Not sure why that would ruin it.

Sounds somewhat similar to being able to use Mathematica on the Pi.

Also, AFAICT, it's not just that you will be able to use a version of Windows 10:

The Raspberry Pi 2-compatible version of Windows 10 will be available free of charge to makers.

365

Non-Windows Software / Re: ALERT! How to test for GHOST security hole now affecting major distros

« on: January 31, 2015, 09:25 AM »

Thanks for the heads up.


It appears I got lucky this time -- apparently recent versions of NixOS are unaffected (14.04, 14.12), though 13.10 may be vulnerable.

366

N.A.N.Y. 2015 / Re: NANY 2015 Release: WhenLast (Android app)

« on: January 24, 2015, 09:47 PM »

So, no notion of a DUE date, just always telling you how long it's been, and the ability to ask for a reminder after a certain amount of time.

-mouser (January 24, 2015, 04:15 AM)

I like this idea.

-Deozaan (January 24, 2015, 03:26 PM)

What he said.

367

Living Room / Re: issues with uefi, more than 6 drives, ahci, windows 8.

« on: January 20, 2015, 02:17 AM »

UEFI is a replacement for the system BIOS, not a drive partition manager. You only need UEFI if your system drive is >2TB because a BIOS cannot boot from a GPT partition table.

-xtabber (January 19, 2015, 01:14 PM)

Sorry for making confusing remarks regarding UEFI / GPT.  I had them fused inappropriately

368

Living Room / Re: issues with uefi, more than 6 drives, ahci, windows 8.

« on: January 20, 2015, 02:10 AM »

I think someone here explained that with uefi or something, there is boot information that is stored and distributed on all the connected drives, so if one is disconnected it won't boot anymore because info is missing.

-superboyac (January 19, 2015, 10:04 PM)

I don't know about the info being stored in a distributed manner -- may be that happens -- in the local case I believe what I wasn't terribly happy about was that some critical info is stored in the PC's nvram that is required for appropriately using the disk (specifically regarding booting).  Having to manage that was something I didn't feel like doing -- at least not at that time

369

Living Room / Re: issues with uefi, more than 6 drives, ahci, windows 8.

« on: January 19, 2015, 12:49 AM »

What you said at least about large drives is one of the "draws" of UEFI, IIRC -- perhaps number of drives too, not sure. I happen to not have drives that exceed 1 TB, nor simultaneously connect that many so have "escaped"...What I was lured by was the support for a large number of the same type of "first-class" partition -- i.e. MBR only supported up to 4 primary partitions and with UEFI you get many more of the "standard" partition.

It turned out though that there is an additional headache taking a drive from one machine to another if using UEFI -- I found the drive wasn't enough (at least for what I tried), it was also necessary to modify something that is stored in the PC.  With MBR / legacy setups, I could take a drive from one machine and use it on another without any other "state" that needed to be transferred -- with some caveats regarding hardware.  This additional complication was enough of a turn-off for me that I now look for motherboards that support MBR / legacy mode.  I don't know how much longer this approach will be viable though...

370

Non-Windows Software / Re: *NIX: Commands / software to verify partition backups / clones?

« on: January 18, 2015, 10:33 PM »

Thanks

371

Non-Windows Software / Re: *NIX - Problem with Steam shellscript may delete user files

« on: January 18, 2015, 06:30 PM »

Woa.

372

Living Room / Re: issues with uefi, more than 6 drives, ahci, windows 8.

« on: January 18, 2015, 06:30 PM »

Not helpful for your situation, but I have not had good luck with UEFI (too many glitches and at least one additional administrative burden that seems to arise from its use) and these days I avoid it.  IIUC, the quality of UEFI implementations varies considerably.  At least the glitches might get ironed out eventually...may be?

373

Non-Windows Software / Re: *NIX: Commands / software to verify partition backups / clones?

« on: January 17, 2015, 05:09 PM »

Thanks for the replies.

My recent tool of choice has been Clonezilla for some time but that ties up a machine (and the process of setting up the backup is not a process I enjoy physically as well as ncursesly) so I'm experimenting with a dock that doesn't require a PC.

The dock is a dual drive dock -- one nice feature is that it's clear which slot is the source and which is the target.  There is a progress indicator so one can get a rough sense of how much to wait.

After looking around some more I see that there are docks that can perform verification of some sort, but have not found one in a price range that seems acceptable -- plus I just got one...

May be it'll be worth writing a small verification script...attaching the dock to a PC after finishing the clone and running a comparison in the background seems better than doing the backup via a dock / PC combination but perhaps that's not actually a very useful illusion

374

Non-Windows Software / *NIX: Commands / software to verify partition backups / clones?

« on: January 16, 2015, 10:47 PM »

Am trying out a cloning dock -- one of those things that let's one clone a drive to another without the use of a PC.

Would like to verify the results though -- perhaps not every time.

I'm currently doing something like:

md5sum /dev/sda1
...
md5sum /dev/sdaN

for N partitions and comparing with analogous results from the other drive.

I'm not that concerned about MBR / GPT metadata at the moment.  (Thought of just doing the whole drive (e.g. /dev/sda) but then realized that drive sizes differ some times )

Also tried the cksum command as perhaps that's good enough to detect errors.  I/O is probably so much more of a bottleneck that may be there won't be a detectable difference...

Any favorites or recommendations for this sort of procedure?


Some numbers and additional details:

Cloning a c. 320 GB drive has taken around 80 min (have done this a couple of times now).

Verifying (i.e. using the md5sum program above on 4 partitions) I didn't track very closely, but it may have exceeded an hour total.

Three of the partitions contained ext4 filesystems and the fourth was swap -- yes, working with the swap partition was probably pointless

375

N.A.N.Y. 2015 / Re: NANY 2015 Release - Splat (Simple Program Launching and Termination)

« on: January 13, 2015, 05:40 PM »

    + Added support for environment variables.  (Thanks, lujomu)

-skwire (January 13, 2015, 12:58 AM)

Hurray!