Archive for the ‘Webtechnology’ Category

« Older Entries
Newer Entries »
1 Comment

Wi-Fi WPA2 Krack Attacks already fixed in Ubuntu 16.04 LTS

Monday, October 16th, 2017

This day had some shocking news in the morning. All Wi-Fi devices were unsafe! A serious weaknesses in WPA2, a protocol that secures all modern protected Wi-Fi networks was discovered by a Belgian security researcher.

In particular Linux and Android devices were vulnerable.

Bad news. But Ubuntu rolled out a patch and fixed the vulnerability already today.

So running this commands will make your device safe again:

sudo apt update
sudo apt upgrade

Before the update:

wpasupplicant/xenial,now 2.4-0ubuntu6 amd64 [installed]
 client support for WPA and WPA2 (IEEE 802.11i)

After the update of today:

wpasupplicant/xenial-security,now 2.4-0ubuntu6.2 amd64 [installed]
 client support for WPA and WPA2 (IEEE 802.11i)

Changelog for the update

 wpa (2.4-0ubuntu6.2) xenial-security; urgency=medium
 * SECURITY UPDATE: Multiple issues in WPA protocol
 - debian/patches/2017-1/*.patch: Add patches from Debian stretch
 - CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080,
 CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087,
 CVE-2017-13088
 * SECURITY UPDATE: Denial of service issues
 - debian/patches/2016-1/*.patch: Add patches from Debian stretch
 - CVE-2016-4476
 - CVE-2016-4477
 * This package does _not_ contain the changes from 2.4-0ubuntu6.1 in
 xenial-proposed.

So, it’s safe to say, software including open source software is not without faults, but at least open source software can be fixed fast, and patches can be rolled out to all devices the same day.

Happily running Ubuntu!

I would love to run Linux on my Phone.

Posted in Webtechnology | 1 Comment »

No Comments

How to run Firefox headless and make a screenshot

Sunday, October 8th, 2017

Coincidence or not since version 57 Firefox supports a headless mode. Chromium also introduced this feature at version 57.

firefox --headless --screenshot shot.png https://dev.webonomic.nl

Will run  without GUI and put a screenshot in your working directory called shot.png. If you omit to specify the a filename, the default is screenshot.png.

Since Firefox stable is now at version 56, you’ll need Firefox-developer for now to get this working.

Another nice thing is the format of the screenshot that is created. For width it will take the device-width, the resolution of your desktop, but it will render a full website, 100% height, sot it will output the layout-viewport, not just the visual viewport.

To get the visual-output you need to set the window size option:

firefox-developer --headless --window-size 360,640 --screenshot https://dev.webonomic.nl

This will create a responsive layout (mobile phone Galaxy S5 dimensions) for this website.

For the moment only the  png format seems to be supported. If you try saving to a screenshot.jpg file you’ll end up with a png file called screenshot.jpg

User-agent Firefox –headless

Mozilla/5.0 (X11; Linux x86_64; rv:57.0) Gecko/20100101 Firefox/57.0

this is actually the same User-Agent as manually running Firefox as a browser. I take that as a plus; if we want the Internet of Things (IoT), it should be a democratic Internet of Things.

 

 

Tags:
Posted in Webtechnology | No Comments »

11 Comments

Connecting to a Raspberry Pi Zero with just an USB cable (II)

Monday, October 2nd, 2017

This tutorial assumes you’re using Raspbian Strectch, and a Linux (16.04LTS) laptop, but it should also work on Raspbian Jesse for the Zero and any Linux Laptop. So it’s for everybody. Nearly every laptop can run Linux freely, (that’s not the case with Windows (Microsoft) or MacOS/OSX (Apple) that’s paid and not free software). You can always run Linux in a virtual machine, if you’re afraid to dump proprietary stuff or install Linux side a side.

In part 1 we explained how you can connect to a Raspberry Zero computer with an ordinary USB cable to power, connect (SSH) and provide internet access for the Pi with higher speeds than most WIFI connections.

That’s all been made possible with the smart USB OTG functionality that enables the Pi Zero to switch USB host/device mode and mimic an ethernet device (or webcam, or keyboard).

We showed you how to connect from a Linux laptop to the Pi by setting the connection type to Link-Local only. (more…)

Tags:
Posted in raspberrypi, Webtechnology | 11 Comments »

No Comments

Running browsers headless

Wednesday, April 26th, 2017

A headless computer is a computer running without a monitor or a display server, much like an internet server.

Running browsers headless means extra options to automate testing of websites and web apps. Chromium (on which Google Chrome is based) on Linux is able to run headless since version 57, but Ubuntu now already offers version 58.

How to run Chromium headless

chromium-browser --headless https://dev.webonomic.nl

At the moment `–headless` mode uses a different user-agent then normal mode.

user-agent headless mode chromium

"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/58.0.3029.81 HeadlessChrome/58.0.3029.81 Safari/537.36"

user-agent normal mode chromium

"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/58.0.3029.81 Chrome/58.0.3029.81 Safari/537.36"

Run Chromium with different user-agent

chromium-browser --user-agent "Mozilla/5.0 (Windows NT 6.1; rv:45.0) Gecko/20100101 Firefox/45.0" --headless https://dev.webonomic.nl

This should work but it doesn’t (anymore). This cli switch must have been removed. Poorly documented.

Apparently Google doesn’t want to give you the opportunity to imitate a normal chrome with a headless chrome.

What about Firefox

As it seems, headless isn’t yet supported for Firefox, but developers are working on it.

Posted in Webtechnology | No Comments »

4 Comments

Install Android browsers without Google Play

Monday, March 13th, 2017

Android is the most used operating system for phones. Unfortunately software updates for android phones are not always available nowadays, so the only way to keep your phone secure and up-to-date, is to use a community driven version of Android.

Well, Android is open source, so you can always build something like LineageOS to get a recent version of Android for your device.

I certainly can recommend that. Even older phones are running quite nice, especially when all the proprietary (Samsung/Google) stuff is not installed. Don’t flash GAPPS and your phone feels like new.

Of course that means you don’t have something like Google Maps, but safety has a price, and to be honest, OsmAnd Maps is an excellent replacement.

Software for Android phones outside Google Play store

So now you have a recent LineageOS Android version on your phone, now you need software. You can use the F-Droid repository full of FOSS (Free and Open Source Software).

F-Droid

Opera Browser for Android outside the Google Play Store

You can find the Opera Browser, both the Mini, Mobile and the Opera Android version here:

https://www.opera.com/mobile/download/versions/

Firefox Browser for Android outside the Google Play Store

Firefox for Android is the only mobile browsers that has support for extensions. I can really recommend it.

You can find the Firefox browser, the apk package  here:

https://www.mozilla.org/en-US/firefox/android/all/

If you want to try out a beta version of Firefox for Android, you can find it here:

https://www.mozilla.org/en-US/firefox/android/beta/all/

And Firefox Aurora, the nightly builds:

https://www.mozilla.org/en-US/firefox/android/aurora/all/

When you use Android AOSP, you can have a hard time finding the right browser for your device. Don’t ask me why, but all those links are more or less unfindable, because they are hidden from search-engines.

<meta name="robots" content="noindex">

Hope we can help.

Android AOSP is a great operating system for phones, and more or less the only way to use an Android Phone safe and secure for more then two years.

UPDATE

Firefox seems to change/hide direct download links for their Android browser. I guess Google is making the rules, and forbids public downloads.

Google is getting a pain in the ass here, why are they discouraging people to run 100% transparent open source software: Google that behavior is doing evil!.

There is always the FDroid Firefox version, I can recommend that.
https://f-droid.org/packages/org.mozilla.fennec_fdroid/

And of course there is the public development on Github, which offers releases as well:

https://github.com/mozilla-mobile/fenix/releases

Tags: , ,
Posted in browser, Webtechnology | 4 Comments »

1 Comment

Breaking the bad, pushing a worse internet (part II)

Sunday, June 21st, 2015

In an earlier post we lamented the behavior of multinationals by dropping noble classic Internet principles like Graceful degradation and progressive enhancement to strengthen their business model at a high security and privacy cost for users.

Go to a site with JS disabled and you see Nada. Zilch. On Google, on Twitter, Facebook tells us it can do much without JS. Nonsense, that is their policy, it’s not your fault.

(more…)

Posted in browser, CSS3, HTML5, Javascript, Webtechnology | 1 Comment »

« Older Entries
Newer Entries »