JDPFu.com 2025

Here’s a guy who accidentally cause over $1000 in charges on his cloud server by telling a google service about it. Google decided to download the data – all of the data – every hour with hundreds of crawlers. Nice.

Be careful out there. Some google services and many generic web crawlers do not honor the robots.txt.

It is no secret that I use rdiff-backup here, extensively. I’m a shell sort of person and like to automate things in shell scripts.

GUI Tools

Not everyone loves CLI/shell computing like I do. A few people won’t look at a solution that doesn’t include a GUI. Good news, JBackpack is a GUI for rdiff-backup. I haven’t tried it myself, but will at some point.

More Ways to Leverage rdiff-backup

For me, rdiff-backup is the right mix of capabilities and simplicity, so I’m excited that this brings another way to get more people to check it out.

Negatives

To me, there is a negative side to this tool – it is written in Java. That is enough that I’ll never install it on my machines, but I will on other peoples computers. Personally, I avoid Java programs and try to avoid having java runtimes installed on my systems over security concerns.

Enjoy.

• UbuntuGeek Article
• Other GUI interfaces

When you lose a smartphone, all sorts of personal and proprietary data may become available to the finder/thief. Recently, a friend had a smartphone that I’d given to him stolen, so some of my personal and proprietary data may have been on that device still. Below I’ll attempt to outline what we should have done. This is very much a work in progress, but my quick searches for best practices smartphone loss returned nothing current or useful to an average person.

There was lots of best practice information for corporate devices on the internet. Buy this add-on for policy management, password complexity mandates, whole device encryption. None of this will help a soccer mom or a small business traveler overseas. We’ll try to work through what normal people can do to protect their devices, their data and make a lost or stolen device nearly useless to a thief.

A smartphone today is more powerful than a desktop computer from 10 years ago. This means these are extremely well-connected and valuable devices for you, me and thieves.

Let’s get started. I can’t ensure that any of these features or techniques will be available on your device or in the operating system that you phone runs. I’m only familiar with GSM phones, not what Verizon or Sprint use. Apple devices are a complete mystery to me. Do your own research for your device’s capabilities.

There are many different types of passwords. Some are for a financial institution and others are for blog comment websites and others are for your email accounts. Not all of these need to be 100% secure, but it would be easier if they were. If someone gets into a blog or forum account, so what, provided you have different passwords for each login. Good password management works. OTOH, if they get into your primary email account, that will provide access to almost every other account, including financial ones, with just a little effort. It would be best if there aren’t any breaches for these sensitive accounts – either through password cracking or other back-end cracks that we hear about weekly. That’s the ideal world. Reality is a little different.

The problem isn’t just about cracking your passwords today. The smarter cracker will retain your encrypted data/packets so they might be decrypted/cracked in the future. Yes, we need to protect our sensitive data not just for today, but for the next 20-40 years when 256-bit encryption will be trivial to crack. Perhaps protecting it for our lifetime is the best practice?

So, what can we do to minimize the future risks?

Password Managers

I love KeePassX and the cross-platform versions of this password manager, so I try to always use a long, complex, random, generated password for most of my needs. Sometimes a website limits the complexity to only 20 characters or just letters and numbers, significantly reducing the strength of the crypto alphabet. To counter act those limitations, I’ll try to use a nonsensical userid too. There are lots of other uses for a password manager that might be useful.

All this is stored inside a KeePassX database and automatically replicated to 4-10 different systems daily. The actual number changes since not all of them are always available. It is also backed up on many of these systems daily with 30 or 90 or 365 day versions available. The DB will not be lost. I would be sad if it became corrupted on my main system that I consider read-write, but any of the read-only versions are good enough too, if something bad happens.

High Value Targets

With all this data stored inside a file, that means my cracking just that 1 file, everything important to me can be known. It is a very high-value target. Lots of people do this with their password databases too. They trust the strength of the encryption as the only protection.

Future Cracking

That is a false sense of security. Here’s why. Just because some encryption cannot be cracked today, that doesn’t mean it can’t be cracked in 5 or 10 or 15 or 30 years. Anyone with a copy of the old file can crack it years later and gain access to sensitive data or passwords. It has been reported that the NSA has been recording SSL data packets on the internet for years – not because they can crack the crypto today, but for when they can crack it, then all that traffic will become available.

Keeping It Safe

There is no way to keep the data safe once it gets out, even if encrypted. At some point in the future, our 4096 AES encrypted data will be as easy to crack as anything encrypted with ROT13 is today. The point is that any current encryption will be trivial to crack in the future. Count on that. Here are a few steps to limit your exposure. You’ve probably heard most of them before:

• Use the strongest encryption possible.
• Use the longest keys/passwords possible, everywhere, not just for important data.
• Change your high-value passwords periodically, annually is probably often enough, unless there is a breach.
• Follow good password creation practices – which has been written about everywhere recently. There is no substitute for length.
• Try to prevent leaks of your passwords and password manager DB – don’t tempt fate.
• Other Techniques for Secure Passwords

About Future Cracking

Any encrypted packet, file, whatever-data, is only as secure as the crypto, passphrase, AND lack of access to the raw data can make it for your lifetime. In the future, we must assume that all our current state-of-the-art encryption will be cracked and the currently protected content will be available.

I use to offer my KeePass-database to anyone to show how confident I was in the crypto. That was stupid. Fortunately, nobody ever took a copy … unless it was on a USB flash drive I was sharing and they grabbed it without my knowledge. I can’t think of any of those people who are likely to spend more than a few hours on the file before deleting it. I could be wrong.

The file was also stored on a smart phone that was brazenly stolen during a recent trip overseas. It is out there now and forever. The smart phone had been reset to factory settings the day before the theft, SIM removed and the external SDHC memory was removed, my google account was not connected to the phone, but doing all that doesn’t remove all the data stored on the internal SDHC media. Some data is left behind, including my KeePassX database and a few photos. Of course, I had a strong passphrase on the DB, the phone was locked, but still, the general data on the device, not encrypted, could be recovered. I am not panicked about this, but I will be changing all the passwords over the next few months just to be certain. Obviously, the passphrase for KeePass has been changed too.

Sorry for the non-tech diversion today, but my local area has set a new pollen count record of 9,369 particles/m². This is more than 1/3rd higher than the prior record. Read more here.

Antihistamines are flying off the store shelves.

Before I moved here, I thought pollen counts of 200-400 were high, though I never followed the data much.

I’m pretty lucky, no respiratory issues, but with pollen counts this high, I think everyone is impacted. So if you find yourself working with someone miserable in the Southeastern USA, please understand they probably have trouble breathing due to the pollen. It will get worse before it gets better, since this is just the first wave of fairly large pollen. When the smaller pollens get release, then people with allergies will really be impacted.

There is good news. Rain is forecast for the next few days which should help wash it all away. The streets will be running with lime-green fluid.

Unfortunately, I have to do a little yard work today.

Many thanks to gorgy76 on the xda-dev forums.

A little old, but perhaps you missed it too?

We’re all busy, so if you didn’t read the EUL from your Apple device(s) or software, the End User License , Richard Dreyfus has been kind enough to read it aloud for us.

I like this 4th Effective Until part as read with a German-English accent to make things clear.

Until Terminated without notice!

For desktop, I use Ubuntu Server 10.04 x32 LTS with LXDE loaded – I’m lazy. No GPU accel is enabled.

For limited desktop, I use TinyCore.

For Server I’m mostly running Ubuntu Server x64 8.04 LTS, but have a few Ubuntu 10.04 x64 LTS and Debian and CentOS and lots of specialized distros for specific requirements or due to hardware limitations. Come May, I’ll load up Ubuntu Server 12.04 and begin migrating apps from the 8.04 LTS instances over. That will also switch from Xen to LXC or KVM virtualization.

Lately much has been made about the capabilities of the new $25-$60 computer called the RaspberryPi. It is an impressive little machine with 2 different models, but these machines are limited no matter how you look at them. Understanding those limitations before you purchase one or 3 is a good thing.

Before someone says that my pricing is wrong, it appears that $20 in shipping fees are required to the USA.

What it Has

It is a small form factor ARM CPU-based PC. That means no current version of MS-Windows desktop or server runs on it. I’ve read that it runs either Android or a Linux OS based on Debian. I love Debian.

The ARM CPU is 700Mhz – so it is suitable for most desktop productivity apps like word processing, normal spreadsheets, web surfing and listening to music.

If you want the list of components, Google is your friend. I’m not going to list them all here.

The CPU is not Intel x86 compatible, so programs built for those processors will not work, regardless of the OS. If you have a cross-platform program, it may be ported to the specific ARM CPU and OS that this little device runs, however, Firefox compiled for x86 computers will not work, as an example.

In theory, most java programs should work, assuming they fit into the limited-for-today amount of 512MB.

It has an external power brick, probably like a netbook uses. Besides helping with cooling it means that use in different countries is easily handled through a different external power supply.

It has HDMI out, not VGA. Most of us have HDMI capable TVs and monitors, so this isn’t a big deal. The GPU is from ATI and supports hardware decoding of h.264/1080p video. That appears to be the end of video decoding support in hardware.

The different versions have or don’t have USB2 and 10/100 network ports. I guess they needed to cut costs somewhere.

Disk storage for the expensive model is via SDHC memory. There is not SATA or IDE interface. That means you will either use a fairly cheap SDHC or connect USB2 storage if you don’t use it as a purely network device.

Limited gaming.

What it is Missing

• No clock with a battery. This means some sort of network time server is needed. Not too big an issue, since NTP works well.
• No SATA/IDE mass storage support. USB2 or SDHC only.
• No video decoding in hardware
• A 700Mhz ARM CPU will probably struggle to decode HiDef video using software decoders. I have a 450Mhz ARM tablet and a 1GHz ARM tablet. The 1GHz ARM has problems with decoding in software any video over 600p. I believe that h.264 video decoding for any resolution up to 1080p will work, but 80% of my recorded TV is not in h.264, it is Divx or XVID or even MPEG2. I also have a few other formats from the early days of experimentation. Some are hardware based and usually do not playback on other devices without transcoding, I’m sorry to say.
• Transcoding, while it may be possible, will be 20x slower than a desktop x86 CPU handles. For example, while on travel last year, I accidentally brought a 1080i MPEG2 TV recording with me. The dual core Netbook I brought was not able to playback that resolution, so I kicked off a job to transcode it to 480p (DVD resolution). At home, that would be finished in about 50% the runtime of the program on a limited desktop. It ran for over 12 hours and was only 30% complete. On-device transcoding is not an option.
• 5.1 Audio is not listed as supported. That means no DTS or Dolby Digital audio. This is not a movie playback device without the great sound we’ve come to expect.
• RAM is fairly limited for a system today. The wikipedia article says 128MB and 256MB. For a desktop PC, this is fairly tight. It is below the recommended minimum for most Linux OSes like Ubuntu. I remember seeing that the RAM provided in both models would be doubled, so 256MB and 512MB would be expected for production models.
• No upgrades. The RAM, CPU, networking, USB, GPU are all soldered to the board. No upgrades. Expected for a device like this.
• No video DRM support, i.e. no Netflix. Since it runs Linux, no software DRM support is currently available either. With the future of Flash on Linux uncertain, it appears that HTML5 video is the only hope.

What Can We Do With It?

So with that stuff above known, what does this machine do well?

The best uses I see are:

• School deployments
  • $50 for PC instead of $1200 for a laptop from Apple – seems like a win to me.
• Office productivity workstation with a network connection.
  • LibreOffice will run slowly – 1 app at a time
  • Network storage will be desired
  • Normal web programs will probably run, except, maybe Flash
  • PDF Readers already exist
• Satellite workstations for home use
  • Guest bedroom PC
  • Kids limited-access PC
  • Kitchen or Den PC for quick information lookups
• Low end video playback device
  • It will handle h.264 content nicely
  • It may handle 480p or lower quality video using software decoders. Down converted audio will likely be necessary.
  • XBMC porting is underway
• Hobby PC for home automation
  • Smarthouse control for lights, doors, thermostats, etc.
  • Slow NAS device – limited by 10/100 network and USB2 storage
  • Dedicated Network security device (VPN, remote desktop, router, firewall) for the home.
  • Home or business PBX for VoIP. Perhaps Asterisk or FreeSwitch have been ported to ARM? PBXes rock.

A Gizmodo article on uses.

But Everyone Says It Will Make a Great Media Center PC!

Perhaps, but probably not.

• It is not x86 compatible, so only Linux-based media center software will even be possible.
• No recording should be expected. I’ve never seen any ARM-based TV recording software or USB drivers.
• Playback for h.264 recorded content should work, but much of our content is not h.264 yet.
• No 5.1 Audio – no DTS, no Dolby Digital audio
• No DRM – no netflix, no hulu
• The future of Adobe Flash is unknown for Linux. Adobe announced it would end Flash on Linux support last week.
• With a 700Mhz ARM CPU, it is more like a 2 yr old smartphone in performance

Folks are being extremely optimistic with the capabilities of this device. The work to port XBMC has just started. My only concern is for playback of video where software decoding is necessary. Based on experience with Linux on ARM, software video decoders and Atom-based XBMC deployments, I’d say SD resolution video should playback fine using software decoders. That would be 480p or lower resolutions.

My home is already overflowing with computers, as you might imagine. Do we really need another cheap device? The nerd says YES!

Summary

The Raspberry PC computer is not a general purpose, do anything PC, however, for specific needs where low processing power and low RAM is needed and being inexpensive matters most, it will fit into many homes, schools, and offices nicely.

Adobe Announces Plans To Abandon Flash On Linux

The Good

• No more Flash-based attacks to Linux
• No more Flash-based Ad Networks
• HTML5 will be required for Linux users
• One less Adobe software on our Linux systems

The Bad

• HTML5 will be required for Linux users
• Flash games are done

Now if we can only get Adobe to stop making Acrobat for Linux. We can still hope for next quarter.