Sunday Reads: Securing Servers and NSA-proof Email

For someone who’s primarily a developer/support person, I spend a lot of time setting up and configuring – or fixing – servers. I guess this came from an eagerness to learn and I got tarred with the “Linux/Server” Guy brushes at some point!

My interest in Operations has had an uptick again recently, so I’ve been doing a bit of reading of late. This morning, while waiting on news about some work-related activities I’ve come across a couple of interesting articles:

My First 5 Minutes On A Server; Or, Essential Security for Linux Servers by Brian Kennedy is a fantastic little quick-start for securing a Linux server. It’s not everything you need to do, but as noted in the article, it sets the foundations for a secure server which is easy to keep secure. Do these steps first, then go about securing any additional services you need to run.

One thing I’ve been wondering about, is setting up my own email system, rather than run on Google Apps. As convenient as the Google platform is, I do sometimes think I’m trusting them with a bit too much of my information. Recent revelations about the NSA/GCHQ, PRISM, and whatever-comes-next, from Edward Snowden haven’t done much to allay those worries.

But Google Apps is convenient. It wraps my mail, calander, contacts, and many other things into a nice package that is available everywhere and syncs across platform, with Push notifications, search, and other modern conveniences… but never the less, I’ve been thinking about how I could move away from the “Do-No-Evil” Empire, which is why Drew Crawford’s excellent, in-depth article “NSA-proof your e-mail in 2 hours” was a great find. I might spin up an instance on my dormant Joyent account and give it a try on one of my spare domains, so I can evaluate the process and benefits before deciding on moving my primary mail domain.

Other topics which have crossed my path this weekend are system configuration, maintenance, and automation using tools such as Chef and Puppet. The idea of taking a known-good environment and replicating it with just a few commands is definitely appealing – particularly when it comes to tasks such as setting up development/test environments! I haven’t gone too far into these topics yet, but I’m hoping to find the time in the next few weeks to go through some of the articles I’ve found.

About these ads

Run Coder for Raspberry Pi on Your Linux PC

That cool little “Coder for Raspberry Pi” project from Google which I linked to earlier doesn’t just run on Raspberry Pi. You can run it on any old Linux PC (Mac works too, but the instructions are slightly different).

I set it up in less than 2 minutes using these commands (note that I’m running Debian Sid):

    sudo useradd -M pi
    sudo apt-get install redis-server
    cd ~/projects
    git clone
    cd coder/coder-base
    npm install
    npm start

Node.js is also a requirement, so if you don’t have that, you’ll need to install that at step 2 as well.

Once everything is up and running, point your browser at https://localhost:8081/. You’ll need to specify a password the first time you run Coder, after which you’ll be able to try the environment out. It’s pretty neat, and the sample clone of Asteroids is quite addictive!

Move from Playlists from Spotify to Google Music with Portify

When Google announced Google Play Music: All Access (yes, it’s a terrible product name. From here on, it’s just Google Music) at I/O 2013 I knew it was pretty much what I’d been looking for in a music service: the flexibility of using my existing library combined with an “all you can eat” streaming service.

I’d grown a bit disenchanted with Spotify; their library is getting bigger and better, but I have thousands upon thousands of existing tracks, some quite rare, and utilising those with Spotify is pretty cumbersome on mobile. On top of that I had many issues with the mobile app itself – constant logouts, wiping the offline tracks, and more than a few other niggles.

So when Google Music was available in the UK it was a no-brainer: Spotify got ditched and I signed up to the All Access subscription (bonus points for being a couple of quid cheaper!).

By this point, however, I’d amassed more than a few playlists in Spotify that had many songs not in my personal collection, or were otherwise sentimental and I wanted to keep. But I’m lazy, so manually searching for tracks and recreating the playlists was never going to happen!

By a stroke of luck I heard about Portify very soon afterwards on Hacker News.

Portify uses some API calls to read playlist information from Spotify, then search for tracks in Google Music, adding those it finds to a recreation of the playlist on Google Music.

The app itself is written in JavaScript, for Node.JS. A packaged version is available, but I couldn’t get it to work on my Linux station, and it appears to be an older version, so the rest of this entry details how I got it up and running with the latest code.

**NOTE:** As mentioned, Portify is a Node.JS application. I am **not** going to run through the steps for installing Node, ‘cos a) this entry is long enough already, and b) chances are any instructions won’t directly transfer over from my Linux install. You’ll also need to have git installed.

1. Get the Portify Repository:

Nothing fancy:

    cd ~/tmp
    git clone
    cd portify/data

2. Install Node Packages:

    npm install

This took a few minutes on my PC, and seemed to give some warnings, but it all worked in the end.

3. Run Portify:

    node app.js

At this point, you should be able to open a web browser to http://localhost:3132/ and get the welcome screen.

4. Import Playlists:

The process from here on is pretty straightforward – give Portify the credentials to both your Google Music and Spotify accounts, select the playlists you want to import, then start the process.

I found a couple of caveats when I ran Portify:

  • If you have 2-factor authentication on your Google account (and you should!) then you will have to create/use an application specific password rather than your normal account password.
  • Portify can sometimes choke on large playlists. My Starred Tracks list was a few hundred long, and Portify gave up about 2/3rds of the way through. Conversely, a slightly longer playlist transferred fine this evening.

Forget Deleting: Even Deactivating Your Facebook Account Can Be Difficult

My Deactivated Facebook Profile

On Thursday night I deactivated my Facebook account. It’s something I’d been considering for a while, as I’ve found using Facebook lately to be less a useful “checking up on friends and family” thing, and more something slightly depressingly monotonous which I continue to do out of sheer force of habit. It just so happened on Thursday there was a trigger which finally led me to push the button.

I admit, for a moment, I did consider deleting the account full-stop. Deleting you Facebook account is notoriously difficult to achieve. It seems to have gotten better and easier over the last couple of years, even before you consider services such as the new

For better or worse I decided that in all likelihood I would return to using Facebook one day… that this was just a temporary hiatus to give me space to clear my head. So, as the title of the post indicates, here came the hard part.

The process of deactivating your account in itself is “reasonably” straight-forward: Go to Account Settings > Security, then click the small link under the main list of options. Facebook will first try to emotionally twist your arm into staying, by showing big profile pictures of some of your friends. It’ll ask you why you’re leaving, then ask for your password, and then, just to be sure you really, really, really do want to deactivate, present you with a CAPTCHA image for verification. So far so simple. The difficulty comes in staying deactivated.

Deactivation only lasts so long as you stay logged out of your Facebook account. Log back in for whatever reason and it’s instantly reactivated again. Fine, just stay logged out then? OK, consider how many sites, services, even apps on your phone connect with Facebook, or even use it as their user login mechanism (the “Facebook Platform”). My iPad is logged in and connected to Facebook at the OS level, never mind using an app. Now factor in how many other computers you might be logged into Facebook using – often this could be 2 or more (say, home plus work). In my case I had to unlink iOS on my iPad from Facebook; uninstall the Facebook app from both the iPad and my phone; uninstall the Facebook Messenger app from my phone; logout from Facebook on my work laptop and some browser sessions on my iPad; change my OpenID settings on StackOverflow; and log out/change settings on a few other sites and apps… All so I could be as sure as possible my account wouldn’t spontaneously reactivate itself. There’s probably some that I’ve missed, so chances are I’ll need to deactivate again at some point.

I’m not (entirely) blaming Facebook for this though. Facebook has had to grow, and has done so by spreading itself across the web, to be more than just a profile and social stream. By wanting to opt-out of a profile for a while, I can no longer “like” an interesting blog article; I can’t try out that buzz-worthy new service or app that relies on logging in using Facebook; I can’t click that link to the apparently-hilarious cat meme my workmate just posted… OK, I’m not really going to be bothered by that last one, but you get the idea… there are now certain things – increasingly common things – I can’t do on the web any more, just by wanting out of Facebook for a while.

Wireless Charging: Awesome Concept, Crappy Reality

Wireless charging is one of those things I really, really want to succeed. I hate plugging stuff in; I hate having wires trailing all over the place, and I hate having to fiddle with connectors. Eight times out of ten I will try to plug in a micro-USB any cable upside down on the first attempt.

Over the last few years more and more wireless charging has appeared, and it’s starting to become more common in mobile phones. The Palm Pre was the first I was aware of, but recently Nokia has been on board, and of course, my Nexus 4 has the capability. Aftermarket accessories are available for most major phones.

It’s a shame it just doesn’t work well in my experience.

I have two different wireless chargers at home – a Nokia, and a generic charger bought on eBay. I’ve given up on both of them. I’d try the official “orb” charger for the Nexus, but it’s not available in the UK without paying an extortionate amount for it on eBay.

Problems I’ve had include:

  • the “charging spot” is small, and you have to place the phone in a very precise manner to get it charging. Sometimes even the angle of the phone on the face of the charger can have an effect. (Imagine the charger surface like a clock face – 12 o’clock: no charge; 2 o’clock: charging works)
  • if you do get the phone in just the right spot, it’ll charge for a few minutes then mysteriously stop charging… then randomly start charging again… and so on. When your phone insists on making a noise whenever it is plugged in or unplugged from power, this gets annoying fast.
  • All the chargers I’ve seen or tried have a smooth, glossy plastic surface. The back of my Nexus is smooth and glossy (glass). Unless you have the charger perfectly level, eventually the phone is going to slide off, either completely, or just enough to stop charging. The Nokia has a slightly raised ring in the centre, which seems to exacerbate this problem.

On the generic charger I tried to mitigate some of these issues using thin rubber bands near the edges to provide some grip for the phone to stay in place. When stretched over the charger they were maybe 1/2 mm thick. Sadly this was thick enough to prevent the phone charging at all – presumably for not being close enough to the charging circuit.

What I’d really like to see – and it’s something I think would solve a lot of the “fiddliness” I’ve encountered so far – is a QI-compatible wireless charger similar to an old mouse-mat (the soft fabric + foam/rubber type). The surface texture would stop the phone sliding around, and if you embed one big (or many small) charging spots it should maintain a constant charge even if it does move around. It seems obvious to me, so I can only presume there’s some sort of technical/manufacturing limitation which prevents something like this being made.

If I get some free time over summer I’ll try hacking this idea together (hopefully it doesn’t cause a fire!). In the meantime, here’s a really well done video of someone combining the Nokia charger with an Ikea nightstand. It would be wonderful if this was the reality of wireless charging.

Flickr (finally) gets an Overhaul

It looks great, and succeeds in putting photos first. 1TB of storage is insane, and monthly upload limits are gone. Yahoo needed to shoot for the moon on this and to me it looks like they flew past the moon, did a couple of laps of the solar-system for fun, then came back to land on target.

A Long, Rambling, Post on Switching My Smartphone

TLDR; I’ve switched from an iPhone 5 to a Google Nexus 4.

OK, so I’m behind on the times a bit. The Google Nexus 4 has been out for several months, and I’d paid it no heed. I’ve been chugging along with my bought-at-launch iPhone 5 in that time, and barely paid the Nexus any thought. I read the reviews, and concluded it was a great Android phone, but I had no wish to rush out and buy one.

Then something strange happened.

I’m not sure why, but I got disenchanted with my iPhone. I never had that with my 4S, or 3G/3GS, despite the 5 being – in every way – better than all of them. Once that feeling settled in all the little niggles started to grate1. The easily chipped and scratched aluminium casing (as gorgeous as it is to look at); the way the sharper edges of the back felt in my hand; the random network-stack drop-outs; the hoops you sometimes need to jump through to share files/data from one app to the next; the keyboard that seemed to miss random presses, and still took me longer to type on than I could on my 4S (where I could at times type whole messages without looking at the screen).

I caught myself checking out other phones in the stores. Clearly it was time for the iPhone and I to “take a break”.

I looked at Windows Phones, but decided there wasn’t enough there to make it last. Blackberry? Err, no. That left Android.

I have a history with Android. I bought the HTC Desire HD on pre-order, as it had been loudly proclaimed “King of the Hill” at the time. Before it was even in my hands its crown usurped by (I think) the Galaxy S. We had some fun times, but I could never get along with the Sense UI. I rooted and flashed the phone, trying ROM after ROM. The experience was akin to installing Linux on an early Centrino laptop (anyone who tried it, back in c.2002-2003 will know what I mean) – where a feature worked, it worked very well… but only if you could live with the unsupported stuff. In the end, as much as I enjoyed parts of Android, I ended back in the warm embrace of iPhone.

Anyway, as I was saying, Android seemed the obvious choice, but which phone? I immediately gave up any notion of trying to get a phone that would be top of the specs pile for more than a few weeks2. I also ruled out those ridiculous “Phablets” like the Galaxy Note 2. The recent HTC phones look brilliant, but they’re still packing Sense. Sony’s Xperia line look distinct, but seemed to come with another GUI skin and a load of unneeded apps. Samsung… well I’ve never had a good experience with Samsung’s phone build quality, and they have the TouchWiz skin3… lets just say I ruled them out quickly. There’s the also-rans, but I was keen to get a phone that would get at least a few regular OS updates in its time.

I think I’d initially dismissed the Nexus because there was nowhere locally I could find one to try it out. Eventually I found somewhere with a display model, but I still couldn’t test it because the security system used by the store blocked most of the screen. In the end (after a couple of weeks mulling it over) I went ahead and ordered one through the Play store anyway4. A little over 24h later and the phone arrived.

First impressions were good. The unboxing experience was nice, and the first switch-on and setup was very fast. Within a few minutes my phone was syncing all of my Google services. If you use Google apps, then the experience is very, very smooth – everything “just works”. Contacts, Calendars, GMail, Google+, Picassa, YouTube, Music… all setup with just one login during start-up. I had some data issues with contacts and calendars, due to the way I had my iPhone setup, but that’s the subject of another post.

Of all the apps I regularly used on my iPhone (a decreasing amount recently), the only one I haven’t don’t have is Everpix, but I can keep using that one on my iPad Mini. Everything else either had an Android version – even my banking apps5 – or a suitably good equivalent (Falcon Pro instead of Tweetbot, for example).

Android itself has come a long, long way since I last used it. Jelly Bean is amazingly well polished, and the experience is very smooth. Coming from an iPhone, things do take a while to adjust to. I’ve found myself missing notifications on the lock screen, and application badges as indicators of which app just beeped at me. This is something I’ll get used to I guess.

If I can get round to it I’ll post a more comprehensive look at the Nexus 4, but for now I’ve not had it long enough to form more than first impressions. What I will definitely write-up is some of the experiences of moving my data from iOS/iCloud into Android/Google.

  1. These are all anecdotal, and in no way intended to imply they are common issues, or even that they’re not “all in my head”
  2. I think by now, in the age of quad-core CPUs and multi-GB RAM that Smartphone specs are good enough for most tasks they need to do.
  3. What is it with Android OEMs and custom GUI skins?
  4. I recommend going this route. Despite the £10 delivery charge, it’s at least £150 cheaper than buying at a retail store.
  5. I wasn’t too impressed by one of them insisting I needed to install anti-virus on my mobile…