No Comments

How to check the Signing Certificate on an Android app / apk.

{}
January 3rd, 2019

If you own a Android Phone, and you want to use Signal instead of Whatsapp or Telegram for privacy matters, and, for the same privacy matters, you don’t have a Google Account on your phone, or you don’t use Google Play but the free F-Droid, their is a solution. You can download the Signal APK from their website: https://signal.org/android/apk/

They give a warning:

Advanced users with special needs can download the Signal APK directly. Most users should not do this under normal circumstances.

What a normal circumstances these days? You can’t trust Facebook anymore, maybe you can trust Google, but you don’t wanna trust Google, because trusting Google is telling Google where you are, what you do, what you say, what and who you see and who your friends are.

It’s not a matter of trust, it’s a matter of privacy and decency that you don’t do that.

So downloading the Signal APK is probably what you should do these days. But how to be sure you download the real one?

The websites tells you to verify the signing certificate on the APK matches this SHA256 fingerprint. Unfortunately they don’t tell you how to do that.

Verify the signing certificate on the Signal APK.

This one-liner will show you the SHA256 Fingerprint that has to be checked:

unzip -p Signal-website-release-4.31.6.apk META-INF/SIGNAL_S.RSA > /tmp/tmp.cert ; keytool -printcert -file /tmp/tmp.cert

You get this output:

Owner: CN=Whisper Systems, OU=Research and Development, O=Whisper Systems, L=Pittsburgh, ST=PA, C=US
Issuer: CN=Whisper Systems, OU=Research and Development, O=Whisper Systems, L=Pittsburgh, ST=PA, C=US
Serial number: 4bfbebba
Valid from: Tue May 25 17:24:42 CEST 2010 until: Tue May 16 17:24:42 CEST 2045
Certificate fingerprints:
SHA1: 45:98:9D:C9:AD:87:28:C2:AA:9A:82:FA:55:50:3E:34:A8:87:93:74
SHA256: 29:F3:4E:5F:27:F2:11:B4:24:BC:5B:F9:D6:71:62:C0:EA:FB:A2:DA:35:AF:35:C1:64:16:FC:44:62:76:BA:26
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: RSA (1024)
Version: 3

As you can see the SHA256 is the same fingerprint as on the Signal download page.

It’s verified. The Signal apk is safe to use now.

No Comments

Keeping the old TinyMCE editor while upgrading to WordPress 5.0

{}
December 30th, 2018

WordPress 5 introduces a new block editor. Playing with the layout is easier this way, but on the other hand, writing a new post should not take more time than typing the text. Layout is in the theme.

I guess competition from other website-hosting companies like wix.com, yola.com, weebly.com and jimdo.com is the culprit here. They all offer drop and drag editors for layout. No need for any knowledge of HTMl and CSS, or PHP. A noob should do the job apparently. And now WordPress if following. WordPress has better performance with less plugins.

If you’re used to the old, and why not, it’s working fine, just add this to your function file:

 

add_filter('use_block_editor_for_post_type', 'atys_disable_block_editor');
function atys_disable_block_editor($use_block_editor) {
return false;
}

The new block editor is another example that progress is not necessarily an improvement for all. Some will be scared by all the changes, Speaking for myself; I think I will switch to a markdown editor sooner or later. Less is more. For now the old editor is OK.

No Comments

Fixing the network after upgrading to Ubuntu 18.04 LTS from 16.04 LTS

December 18th, 2018

Just updated 16.04LTS to 18.04LTS, went easier and smoother than expected.

Under the hood there are major changes in Ubuntu, I decided to stick to Unity rather then the new Gnome 3, it’s much smoother on older hardware. You only change the setting at login once and you done.

The only nasty thing: DNS (Pi-Hole) was not working. I could fix that by manually setting the DNS server in /etc/resolv.conf from `nameserver 127.0.0.53` to the DNS of my router, but that would not persist a restart.

To get info about your network and DNS:


systemd-resolve --status

Link 1 (eth0)
      Current Scopes: none
       LLMNR setting: yes
MulticastDNS setting: no

Current scopes is none, but it should be DNS

Seems there was something wrong with the NetworkManager. Somehow in the past I’ve manually edited `/etc/NetworkManager/NetworkManager.conf` file. Can’t remember when I did that, could be years ago, Ubuntu 10.04 or something ;).

I had to comment out the line that explicitly set `no-auto-default`, meaning don’t let the NetworkManager create a default wired connection for my ethernet card. 

[main]
...
#no-auto-default=<mac-adress>
...
[ifupdown]
managed=false

After commenting it out, NetworkManager could create a default connection and after restart (the daemon), everything was OK. DNS was working.

systemd-resolve --status
Link 1 (eth0)
Current Scopes: DNS
LLMNR setting: yes
MulticastDNS setting: no

As you can see DNS is now working

Maybe this can help you, if you experience the same troubles.

No Comments

How to find your IPv4 and IPv6 ip-addresses?

December 7th, 2018

How to check your IPv4 and IPv6 ip-adresses on the command line

Sure you can start up your browser and use Google to find a suitable website, but why not keep it simple and use the command line for this trivial task. Fire up a terminal and type:

> my_ip
> 2001:db8:85a3::8a2e:370:7334
> 172.16.254.1

Above IP-addresses are bogus, but you got my drift. To do this simply create the following bash script:

#!/bin/bash
# bin/my_ip

curl -6 v6.ifconfig.co
curl -4 v6.ifconfig.co

It will first output your IPv6 address.  If you don’t have one, it it will tell you:

> curl: (7) Couldn't connect to server
> xx.xx.xx.xxx

The script uses the great curl application with the simple -6 and -4 flags, to connect with IPv6 and IPv4.

Of course you could extend the script a bit to include geographical information:
#!/bin/bash
# bin/my_ip

curl -6 v6.ifconfig.co
curl -6 v6.ifconfig.co/city
curl -6 v6.ifconfig.co/country
curl -4 v6.ifconfig.co
curl -4 v6.ifconfig.co/city
curl -4 v6.ifconfig.co/country

Now you will get info about your city and country as well.
No Comments

How to Make the Music Player Daemon (MPD) Autoplay on a Raspberry Pi

{}
November 13th, 2018

Music Player Daemon (MPD) is a terrific open source music player and maintains a good organized library of your music in an efficient database. MPD is a server so you need a client. That can be your laptop, to your phone, your browser, your whatever, or you can run a client on your Rpi locally (mpc). Or all together.

It does run fine on the cheapest raspberry pi, so your ready to go for 5 euro. The Pi only has a high quality HDMI output, for older Hifi systems with analogue connections  you need something like the HifiBerry.

MPD uses much less CPU then running Kodi, 4% instead of 40% on the original Raspberry Pi.

Furthermore you can put your music on an external USB stick or  NAS with Linux NFS or the slightly inferior Microsoft Windows Samba shares.

If you haven’t installed MPC yet, do that first:

sudo apt install mpc

Normally MPD will resume play after shutting down, but to make MPD auto-play always simply add this to your systemd.service  file:

ExecStartPost=/usr/bin/mpc play

How to do that? Just edit the file:

sudo vi  /etc/systemd/system/multi-user.target.wants/mpd.service

And add it under the line starting with `ExecStart`

...
[Service]
EnvironmentFile=/etc/default/mpd
ExecStart=/usr/bin/mpd --no-daemon $MPDCONF
ExecStartPost=/usr/bin/mpc play
....

Save it, stop MPD, and reboot your pi. And the music will play 😉

1 Comment

Using Krusader with Ubuntu 18.04

June 7th, 2018

Krusader is a very fine two pane file-manager that comes with many powerful inbuild features, while Nautilus or the Mate fork (Caja) lack many of those important features: two panes, open folder in terminal (with keyboard shortcut), a useful bookmark manager, password manager (for remote sites like (S)FTP, configurable user-actions, and its highly configurable (with a lot of keyboard shortcuts).

Once you’ve experienced Krusader from the keyboard, Caja or Nautilus is simply inferior in daily usage. It seems that Gnome’s choice to embrace touch screen devices comes with a cost for heavy keyboard desktop users.

This doesn’t mean I don’t use Nautilus, I do! I simply use both file managers. Remember, everything is a file in the Unix philosophy. So the file-manager, next to the editor, is the most important tool in Linux.

Browsing two panes in Krusader is easy, searching, copying, moving files, or synchronizing panes, browsing archives, it’s all supported, with nice keyboard support.

Some of Krusader’s powerful features:

  • remote mounts (SFTP/SSH/FTP)
  • compare by content
  • batch multi rename
  • synchronize panes
  • split/ combine files
  • verify files checksum
  • visual tool to show folder usage/size
  • user-actions to easily setup  cli based actions for selected files, like resizing images, converting media-files etc, all with keyboard shortcut support.
  • mirror mode, traversing trees

Krusader does need some additional tools to show real power, like krename, kate (for internal viewer), and the some icons are missing with a default install in Ubuntu 18.04. We will fix that.

Start with installing Krusader:

sudo apt install krusader

# and some tools
# krename powerfull batch rename tool)
# kate (editor)
# bookmark manager
sudo apt install keditbookmarks
# saving passwords
sudo apt install kwalletmanager
# PGP encryption for kwallet
sudo apt install kpgp
# support for (s)ftp mounts
sudo apt install kio-extras
# kde terminal, not needed if you tweak the Krusader settings to use gnome-terminal or mate-terminal
sudo apt install konsole
# for visual diff and merge tool
sudo apt install kompare
sudo apt install meld

Now you could start-up Krusader, it will ask you about some path for tools for packing and unpacking, you can install them later if you need them (rar/unrar etc).

Now you will probably notice, Krusader looks weird, it’s missing icons. By default Krusader is using breeze-icons. Unfortunately installing the breeze deb package will not do the trick. It’s a long story how to fix that, but the easiest method I came along was this:

Extract the binary icon-theme from the icon-package (breeze-icon-theme-rcc_5.46.0-1_all.deb), rename it  and place it in the Krusader config folder.

Download the deb, and open the deb with your archive manager and extra this file /usr/share/icons/breeze/breeze-icons.rcc.

Rename and copy it to the Krusader config map:

~/.local/share/krusader/icontheme.rcc

Restart Krusader, and icons are in place.

If you want  Krusader to  save passwords: Setup a new wallet with kwalletmanager, and Krusader will use that default wallet. Probably you will need a logout/reboot.