Tuesday, 24 September 2013

Chromecast dongle works as advertised

I've had my Chromecast dongle in operation for a few days, and it's all been most undramatic. First, i was a bit unnerved because the Chromecast Android app is locked by geography -- you can only install it on your mobile device if you're where-ever Google demands geographically correct. USA only, i'm guessing. But that was not the case for the Chromecast OSX app needed to get the plug running.

Setup in three painless steps:

Step one: plug the dongle into a free HDMI port and connect the USB power.
Step two: Turn the telly to the correct HDMI source (this may be the last time you're going to do this operation -- bear with me!)
Step three: Go to the URL displayed on your telly, download the Chromecast app. The dongle will invent a passcode which you only need to visually inspect that it's the right one (no entering passwords -- yay!) and you have the chance to rename your dongle to something you like.
Your telly has now become a wireless Youtube- and Netflix- catcher. Run Netflix on your Android device and you'll see a box-with-arcs icon. Click it, and the dongle takes over. If you have a HDMI-CEC compliant television, the teevee will most probably automagically switch to the correct input. Awesome. No plugin or mobile app required. It Just Works&TM;
You can also download a plugin to the Chrome browser, to send browser tabs to your television. Or to the display/projector in the meeting room (which is something we'll probably look at at work some day soon). Sans wires. Nice. The browser plugin is not geographically closed, thank heavens.

The future so bright

There are two things i'm hoping to see next. First, a way to send pictures, from my computer, from my G+ collection or from a "third party" operation like Flickr or my Lightroom. And second, to have Chromecast to act as a display adapter for fairly static and latency-tolerant material. The closest thing we now have is a casting a browser tab, but casting to an external screen would be nice, even if it really is a little outside what i believe to be the Chromecast idea.
Well, three really. I hope that Google scraps that stupid restriction by geography. It's a round world, and it's all one. Borders don't really apply to communication.

Sunday, 18 August 2013

Silencing Pebble notifications for the night with Llama (this might work)

I finally got my Pebble watch yesterday, after waiting for a nearly a year and a half (watching my colleagues wear their black Pebbles, which arrived this spring...). It is rather nifty, and a piece of wearable computing i might find myself walk around with daily. The white colour makes me think of iPods back in the time when they were white and plasticky. I just hope this one doesn't scratch as easily.

As i went to bed, i was greeted (and annoyed) with another notification, so i shut down the Pebble application. This had the unfortunate side effect that i need to manually restart the app. Hardly very "smart".

I use a fantastic app called Llama on my phone to keep it quiet at night (and i'm home and the phone is in the charger) and normal when i'm at work (and normal again when i'm leaving work in case i forgot it on quiet when i was at work, and so on). So next i'm going to try whether switching off Bluetooth with Llama during quiet night time will do the job. Other possible outcomes are that the Pebble app will crash, or that it will re-enable Bluetooth. Or that the Pebble app won't reconnect automagically once Bluetooth is re-enabled in the morning.

But hey, it's worth a try. And if you are using an Android phone, you should be using Llama :)

Wednesday, 19 June 2013

Two-step verification on Google (and Twitter and Facebook)

After hearing enough stories of "identity theft can't happen to me" and then getting a mail from Google whether i'd like to connect my new mail account to this one, i decided to ramp up my Google account security a bit. Didn't want my mail snitched. This mail is my life.

There's an easier way than using v€rY-c0M₱£æ⨉-Ƥάßw0r𝑑Ƶ, and it's Two-step Verification. That's securitech lingo and basically means that you log in to a site using something you know and something you have, eg a secret handshake and a funky looking hat. Or your signature and a hot wax seal. Or, as is more convenient in the on line world, your password and your cell phone.

Setting up Two-step verification will probably take less time for you than reading this post.

Setting up two-step verification is fairly painless on Google. Go to the Google Two-step landing page and watch a video to get comfortable. Click the big blue Get Started-button. Enter your password (which should be fairly non-guessable by a computer and at least nominally different from the password you're using on Facebook, Twitter, Reddit, Hotmail, your bank account and all those p0rn sites).

If you have an Android/iPhone/Blackberry phone, you can now download the Google Authenticator app. Or if you're lazy, don't want more apps on your phone, or have some other technology installed, you can use SMS authentication. This is what i used first. Click the appropriate buttons and you're go.

What now will happen is this: When you log on to a service using your Google account, you use the password you know and you'll get an additional step (hey, it's called two-step for a reason). Goog will ask for a secret code, which you'll either get from the Authenticator app or as a text message. From the phone that you have. Enter this and you're in.

Next time you access the same application with the same computer, you will not be bothered by the second step. Unless you really want to :)

Now: devise and implement a backup plan. It'll take you two minutes and save you when the situation hits the fan. Add a backup phone number or two into the system for when your phone falls into water or gets trampled by a moose. Print out some backup codes on actual paper, cut off the bits that identify them as Google codes, and save them far from your phone. And the moose. And water of any kind.

Google of course is bigger than GMail. You can authenticate to a bunch of sites using your Google account. There are apps that don't know about the two-step dance. My Apple TV thingy can play Youtube videos but don't know wits about no two-steps. For instances like these, you can create passwords for those apps, called application-specific passwords. From the two step management page you set the verification settings in the first place, click the appropriate link, enter a name for your password (eg "Apple TV") and press Generate password. Then copy-paste this into the application. The password is split into bits by spaces, which you don't need to fill in.

Twitter has also implemented two-step verification. They do, however, not yet have the provision for extra phone numbers, so if you lose your phone to a moose or the gods of salt water, you are basically spinning around with that fan and the situation. IWS has the details.

Facebook also has a two-step verification in place, called login approval, which uses your phone to ask for logins from new devices. While you can't add more phones to your arsenal, you can manage login sessions from a browser that's already approved. To enable, go to your Facebook page, click the little padlock icon which currently lives on the top right of the page, next to your name and face, and the Home link and the cogwheel. From the dropdown, click See more settings, click Security → Login notifications and check Mail and/or Text message. You'll need to register your phone number with Facebook if you want the second option to work.

And that's it. You are now a lot safer than you were.

Sunday, 16 June 2013

I command you to nap

I finally found out how to properly ask my Mac to take a nap. First unmount (tech talk for "disconnect") the backup disk that i always have connected into the USB hub. I naïvely assume it will always be identified as /dev/disk1 because because i'm lazy and i haven't given it a label. I suppose that would be the better way. Then, uh, tell Finder to sleep. Whoa.

And after waking up, try to mount the backup disk again.

So save this as ~/bin/nap and make it executable by casting the spell chmod u+x ~/bin/nap from the terminal.


diskutil unmountDisk /dev/disk1
osascript -e 'tell application "Finder" to sleep'

diskutil mountDisk /dev/disk1

Didn't think it would be so simple. I guess i'm just bad at googling :)

[quick highlighter]

Thursday, 30 May 2013

Use etckeeper to version-control your config files

etckeeper is a utility which keeps copies of your Linux (etc.) box's configuration files in a version control system. It ties into apt-get so each time you update/upgrade your system, your files in /etc are backed up. Which is nice. And of course you can request a snapshot of your /etc-files manually, before you start experimenting. Which is nice. Especially after you've munged your etc-file and stuff doesn't seem to work anymore. Been there, done that. xorg.conf i remember thee with pain.

As we use etckeeper here at work, i decided to install it on my home box. It was remarkably painless with a little help from a post from Evil Routers. I see no reason to repeat what's written there, so just follow the link. It's a five minute exercise and you'll be safe(r).

Now if i need to pick up the habit of always doing a cd /etc && sudo etckeeper commit before i touch an /etc-file -- or to find some mechanism that does it for me automagically :)

Wednesday, 29 May 2013

Re-installing a Mac with an older OSX

TL;DR To re-install an older OSX on a newer one, you'll first need a newer OSX install media to wipe the disk.

The workflow for paving a Mac with an older version of OSX than it's currently running is this:

  • From an external medium, run an OSX installation that is at least as new as the OSX currently running. An older installation won't start.
  • Start Disk Tools and erase the Mac's hard disk. Use the Journalling file system.
  • Boot with the older OSX installation media inserted and the Alt key pressed.
  • Install the older OSX.

 Frustrating when software doesn't let me Do Dangerous Stuff :)

Next time i'll just use dban. Let's see how that goes.

Monday, 20 May 2013

You'll need a tray

I needed (ok, i wanted) to print a few configuration files from the command line (Linux/OSX). While Unix may provide us the command lpr, the path i wanted to follow was nc (ie netcat). This turned out, shall i say, into a Learning Experience&tm;.

Gear involved: a Mac, a Linux server, a HP printer, patience and google.

The problems i encountered were:

  • Line endings. My files ended in a \n newline, whereas the printer wanted \r\n carriage return + newlines.
  • The printer wanting me to press the green checkmark button that i indeed wanted to print the file
  • nc which seemed to hang (but didn't)

Transforming one kind of line endings to another seems like a trivial thing. That's why we have the unix2dos and dos2unix utilities. Except they weren't installed on my Mac or on the Linux server i was going to print from. But hey, that's why you have sed. Except that sed seems to care for lines, not for files, so i ended up transforming the files with perl, thusly:

for F in *.conf; do perl -p -e 's/\n/\n\r/g' $F > $F.lpr ; done

This created seemingly identical files from the original ones, but with linefeeds changed to cr+lf. To validate, i ran my new favourite spell: od -a filename.conf.lpr, which dumps out all characters, including the "invisible" ones, in a geekly manner.

I then tried to print a file, by chanting cat somefile.conf.lpr | nc printer 9100. Three things did not happen. Netcat seemed to hang, the printer didn't print, and ... well, the printer didn't print. It felt like three things anyway. The printer didn't print because a) it didn't know which tray to print from, b) it was probably confused of the paper size, and c) when i tried sending the printer all the files, it threw away all but the first. Or last. The result was that to print the files, i had to netcat them one at a time, then run to the printer, press the green button twice, get my hardcopy, walk back to my terminal, press ^C and netcat the next one. Which was neither convenient nor elegant.

To remedy, i tried adding a form feed to each document:

for F in *.lpr; do echo -e '\f' >> $F ; done

Not sure it did anything though, because the above problem remained.

Problem one: the paper must automagically come from the right tray. Problem two: netcat must do its thing in a netcatly manner, ie deliver the payload and quit.

In my search for an answer to problem two, i came upon the answer to problem one. When one talks with the printer (in a Jetdirect manner, so to speak), the printer waits for more data until we politely tell it that that'll be all thank you very much and close the door. Which is nice and all, but not very productive.

The solution is to tell netcat to deliver the stuff, wait a second, and then hang up. Thusly:

cat somefile.lpr | nc -q 1 printer 9100

This restored normality in one second flat. Nice.

The final trick was the hardest, and it involved PJL. To prepare a spell to switch to tray four, speak thusly:

echo -e "\033echo -e "\033%-12345X@PJL
" > select-tray4.pjl

To have the page print, cast the following:

(cat select-tray4.pjl & cat somefile.lpr ) | nc -q 1 printer 9100

As always, there is probably a More Elegant way to do this, but hey, it works on my machine :)

works on my machine, starburst

Migration pains

Much to my dismay and displeasure, my favorite blogging platform Posterous was unplugged by their new overlords, which means i will need to move my old tech blog (not that it ever was overly techy, but at least it was more techy than my regular one) to another platform. I was never very close with Blogger, but having read about how Blogger now integrates some bits and pieces with Google+, i thought i'd give it a try. So here. First post. I hope i can get my earlier ones imported to happen before this. Or something. Time continuum is tricky. Great success - the move is compleated. The operation was non-trivial and Documented Elsewhere&tm; (here and in a few other places). The steps involved were:
  1. From Posterous (RIP), export your blog. This is a two step operation, where you first ask the UI to prepare your blog for separation, then come back later (you should be emailed but probably won't) to download a zip file with everything.
  2. Import a file to Wordpress. This included registering for a Wordpress.com blog (free plan). The option is well hidden in your WP Admin, under Tools / Export. The file in question is named wordpress_export_1.xml and lives inside the zip you downloaded above.
  3. Export (yup) the blog from Wordpress. Clues above.
  4. Transform your Wordpress file into Blogger format, online if you dare.
  5. Import your transformed file into Blogger (admin dashboard - Settings - Other - Import).
  6. Wait for your blog to rebuild. Wait some more. Refresh. And your blog should be moved.

Monday, 18 February 2013

My first Mac-hack: rename my username

Whee! I've done my first bit of system administration, namely on myself (or rather, on my laptop). There was a typo in my username.

To remedy, you can't simply go and rename yourself. But it wasn't a lot harder than that, since my account has admin rights.

  • Apple menu -> System Preferences -> Users and groups
  • Unlock
  • Create a new user by clicking the +
  • Give the user admin rights
  • Log off
  • Log in as your newly created admin user
  • Open a Terminal (F4 -> type "term")
  • cd ..
  • mv wrongname username
  • As above, open open and unlock Users and groups
  • Rename your old account's full name
  • Create a new user with your name and the right username 
  • Delete your old account
  • Log off and log in as yourself
  • Delete the temporary admin account


Thursday, 14 February 2013

Focus follows mouse

As there will be very few Windows boxes at my new job, i'm assuming that the focus of this blog will move towards the idiosyncracies of administering Linux and OSX machines. As i've not got an altogether solid take on the Mac (yet), you might see some pretty nubular posts here so have mercy.

But then, there must be other nubular Mac admins out there, so maybe we can support each other!

And of course there will be Linux as well.

(blog title explanation)

Friday, 18 January 2013

Nog läst

Jisses. Nu har jag läst slut alla de blogginlägg jag hade från folk jag följer. Ja, utom ett handfull "tuppinlägg" som jag skickar till min platta för avläsning i rummet utan telefon. Eller vad den kallas numera.

Om ett par veckor har jag nåt spännande att skriva om.

NB: This posting appeared on the wrong blog. Sorry 'bout that. Next posting will have more technical content.


Monday, 14 January 2013

Adding an AD user into the SBS console

Window Small Business Server wants you to add users through the SBS Console. And that's not entirely bad, because adding a user through the SBS Console does a few magic bits behind the scenes that we'd otherwise would have to do manually.

And once you know this, it's okay for the Console to do it for us. It's called Good Laziness.

But sometimes, you'll have a user created through the Active Directory Users and Computers thingy (ADUC), ie the way you add users with the Windows Server "Proper" (except that i usually always add the user through the Exchange interface, but that's another story). Such users do not show up in the SBS Console. But there's a way to get them there.

  • In ADUC, move the user into the My BusinessMy SBS Users OU
  • In the SBS Console, go to Users and Groups / Users. In the right margin, click the User Tasks item "Change user role for user accounts"
  • Select the proper role and tick Add user permissions or settings. If you haven't created custom roles for your SBS organization, you'll probably want to select Standard User. Click Next.
  • Check the Display all user accounts in the Active Directory box and add the users you want. If you order them by User role, you can easily spot the users you're missing ("This user role no longer exists"). Click Change user role

And that's it!

If you don't know about SBS User Roles, you might want to learn about these as well!

[Source: Rob Williams]