These days you really need a strong, unique password for almost everything you do online. To make matters even worse for the average user, security nuts will tell you that you actually need a different password for essentially every account you hold. Why? Consider the following scenario:

Little Timmy signs up for Facebook using his super secret password @wesomeS@auce3!. This password is so strong and good that even he can hardly remember it. Then he wants a Twitter account so he goes and signs up there using the same password. Some time passes and Timmy’s Twitter account is hacked. Using his associated e-mail address they try the same e-mail and password on Facebook (because it is a popular website that most people belong to) and lo and behold they have access. Little Timmy’s virtual life falls apart around him.

Think I’m being paranoid? Take a look at these examples and adjust your tin foil hat accordingly.

What to do?

So what can you do about it? Well for one don’t use the password above because now it is all over the internet. For two use strong unique passwords for each website you care about. What do I mean by that? Well in the above example Timmy clearly cared about both Facebook and Twitter so he should have used different passwords for each. That way when his hypothetical Twitter account became hacked the attackers couldn’t use the same password to gain access to his Facebook account. That said it is always good to have a throw away password or two to use on those one-off websites that you will either never visit again or don’t care if they get compromised. Third either remember all of these unique passwords in your super genius conehead sized brain or use a password safe to make it easy on yourself.

Password Safes

A password safe is essentially a program that allows you to maintain a number of different passwords while only having to remember one. Essentially you enter a master password into the program and this acts as your key to unlock all of your others passwords. That way you (technically) only have to remember one password at a time (the master password) and you only have one password to change on a regular basis (although you should obviously refresh your other passwords every so often as well). A number of these programs exists (such as LastPass, etc.) but personally I prefer KeePass.

KeePass

KeePass comes in two flavours: version 1.x (which is technically now legacy) and version 2.x (which is current). Beyond feature set the biggest difference is that version 2.x requires the .NET Framework (or Mono) and version 1.x doesn’t. For the purposes of this post I’ll be focusing on version 2.x.

KeePass has a number of great features that make it indispensable in my day-to-day computing life. While the full feature list is actually quite long I’ll just list the most useful or important ones here:

• Open source which means that the source code has been looked at and checked over for any sort of backdoor or other nonsense that a potentially evil author would code into it. This is very important when you’re considering placing all of your password eggs in one proverbial basket.
• When you create a new password entry you can store any sort of arbitrary information along with it:
  

  New Password Entry

• All of your passwords are stored completely encrypted including all comments, website URLs and user names. This is incredibly convenient because it allows you to safely do things like create an entry containing you credit card information. Never again will you have to hunt down your wallet to make that spur of the moment online purchase!
• It is portable – you can run it straight off of a USB stick, no installation required!
• Rule based, strong password generator. Having a long, strong, password is very important but remembering one is very hard. Instead why not have KeePass generate a per-website, completely random, strong  password for you? Using a website that for some reason doesn’t like special characters or only allows up to a 12 character password? No problem just change the rule set you use when you generate that particular password.
  

  Password Generator

  Here are some examples of random passwords I just generated now:

  

  Lots of random passwords!

• Cross-platform – KeePass has implementations on almost every platform. Version 1.x runs on Windows, Mac and Linux (via KeePassX). Version 2.x runs on Windows, Mac and Linux (using Microsoft’s .NET or the open source Mono). There are even versions of it for Android, iPhone and others.
• Auto-type – this is by far the best feature. Even if you, for some reason, didn’t want to use any other feature that KeePass has to offer, its Auto-type functionality alone is worth the install. Essentially you tell KeePass what window to look for (for instance Firefox browsing my bank’s website) and how it should type things for you (usually user name, tab, password, enter). Then you set up some key combination you want to use (like Ctrl + Alt + A) and KeePass does all of the typing for you. Now when I want to enter one of those crazy strong and super random passwords I don’t have to type it out or even copy and paste. I simply click my mouse in the user name field and press Ctrl + Alt + A. The genius of this is that it can work for all accounts on your computer not just website ones – for instance I use it at work to keep track of my passwords for our internal programs.

WHO IS PAYING YOU?

All of this praise may make it seem like I’m getting paid to write this article but that isn’t the case (not that I would turn the money down mind you *hint hint*…). KeePass is just one of those programs I use daily that does so many things right I can’t help but like it. So in conclusion give it, or a similar password store, a try and make your online presence more resilient to password hacking. Let me know which password safes you think are awesome.

Saw this somewhere and figured I would post it before I lost it. Here is a very easy and simply way to move a file in Java without using the new-ish nio APIs.

File srcFile = new File(…some file to move…);
File destFile = new File(…where to move the file…);

srcFile.renameTo(destFile);

That’s it. Pretty simple. In fact it is actually shorter than the nio way of doing things

 FileChannel in = new FileInputStream(source).getChannel();
FileChannel out = new FileOutputStream(target).getChannel();

in.transferTo(0, in.size(), out);

out.close();
in.close();

// Delete source file

Although I haven’t benchmarked them to see if there are any performance differences.

Update: I should have mentioned it when I wrote the original post but, as pointed out by Partha in the comments, there are a few gotchas with this method. As always check the documentation and test to make sure that it will work for your individual needs.

If you’re like me, and you probably are, you do a terrible job of backing up your digital files life on a regular basis. Thankfully some smart people out there have made it awfully convenient to set up a backup system once and then more or less forget about it. My personal tool for the job is Areca Backup – while it is not without its flaws I find it easy to be an use, feature rich, and cross-platform (essentially anything that runs Java) backup solution.

So why do you have to fix it?

Remember when I said it was not without its flaws? Areca, while written in Java, makes use of SWT for it’s graphical interface in order to get a good solid native feel. This is normally not an issue except that more and more people are running 64-bit Windows operating systems and more and more people are installing the 64-bit version of the Java Runtime Environment (JRE) instead of the 32-bit version. Why does this matter? Well SWT uses native libraries, in this case Win32 libraries, to create the application interface and Areca only ships a 32-bit version. This means that when you try and run the application on a 64-bit version of Windows running 64-bit Java it will simply not start. The reason is technical but essentially 64-bit Java is not compatible with loading 32-bit native libraries.

So how do you fix it?

The fix is actually very easy. While Areca doesn’t ship a 64-bit version of their application, all you really need to do is get a 64-bit version of the SWT libraries. Here are the steps to get this to work:

1. Go to http://www.eclipse.org/swt/ and under the Releases section click the more…link (under Stable).
   

   Click the “more…” link

2. Download the SWT Binary zip file for Windows (x86_64) (version 4.2.1 as of this writing).
3. Open the zip file and extract the swt.jar file (in the root of the zip) to the lib folder of your Areca Backup installation directory replacing the swt.jar library that was there. Usually this means you extract swt.jar to C:\Program Files (x86)\Areca\lib
4. Start Areca normally – you are now using 64-bit native libraries with your 64-bit JRE on your 64-bit Windows operating system.

Hopefully this helps you out and, more importantly, allows you to backup your precious digital files.

Ever wanted your computer to be on when you need it but automatically put itself to sleep (suspended) when you don’t? Or maybe you just wanted to create a really elaborate alarm clock?

I stumbled across this very useful command a while back but only recently created a script that I now run to control when my computer is suspended and when it is awake.

#!/bin/sh
t=`date –date “17:00″ +%s`
sudo /bin/true
sudo rtcwake -u -t $t -m on &
sleep 2
sudo pm-suspend

This creates a variable, t above, with an assigned time and then runs the command rtcwake to tell the computer to automatically wake itself up at that time. In the above example I’m telling the computer that it should wake itself up automatically at 17:00 (5pm). It then sleeps for 2 seconds (just to let the rtcwake command finish what it is doing) and runs pm-suspend which actually puts the computer to sleep. When run the computer will put itself right to sleep and then wake up at whatever time you specify.

For the final piece of the puzzle, I’ve scheduled this script to run daily (when I want the PC to actually go to sleep) and the rest is taken care of for me. As an example, say you use your PC from 5pm to midnight but the rest of the time you are sleeping or at work. Simply schedule the above script to run at midnight and when you get home from work it will be already up and running and waiting for you.

I should note that your computer must have compatible hardware to make advanced power management features like suspend and wake work so, as with everything, your mileage may vary.

It is a pretty common practice to use the command dd to make backup images of drives and partitions. It’s as simple as the command:

dd if=[input] of=[output]

A while back I did just that and made a dd backup of not just a partition but of an entire hard drive. This was very simple (I just used if=/dev/sda instead of something like if=/dev/sda2). The problem came when I tried to mount this image. With a partition image you can just use the mount command like normal, i.e. something like this:

sudo mount -o loop -t [filesystem] [path to image file] [path to mount point]

Unfortunately this doesn’t make any sense when mounting an image of an entire hard drive. What if the drive had multiple partitions? What exactly would it be mounting to the mount point? After some searching I found a series of forum posts that dealt with just this scenario. Here are the steps required to mount your whole drive image:

1) Use the fdisk command to list the drive image’s partition table:

fdisk -ul [path to image file]

This should print out a lot of useful information. For example you’ll get something like this:

foo@bar:~$ fdisk -ul imagefile.img
You must set cylinders.
You can do this from the extra functions menu.

Disk imagefile.img: 0 MB, 0 bytes
32 heads, 63 sectors/track, 0 cylinders, total 0 sectors
Units = sectors of 1 * 512 = 512 bytes
Disk identifier: 0x07443446

        Device Boot      Start         End      Blocks   Id  System
imagefile.img1   *          63      499967      249952+  83  Linux
imagefile.img2          499968      997919      248976   83  Linux

2) Take a look in what that command prints out for the sector size (512 bytes in the above example) and the start # for the partition you want to mount (let’s say 63 in the above example).

3) Use a slightly modified version of the mount command (with an offset) to mount your partition.

mount -o loop, offset=[offset value] [path to image file] [path to mount point]

Using the example above I would set my offset value to be sector size * offset, so 512*63 = 32256. The command would look something like this:

mount -o loop, offset=32256 image.dd /mnt/point

That’s it. You should now have that partition from the dd backup image mounted to the mount point.

I recently re-built an older PC from a laundry list of Frankenstein parts. However before installing anything to the hard drive I found I wanted to check it for physical errors and problems as I couldn’t remember why I wasn’t using this particular drive in any of my other systems.

From an Ubuntu 12.04 live CD I used GParted to to delete the old partition on the drive. This let me start from a clean slate. After the drive had absolutely nothing on it I went searching for an easy way to test the drive for errors. I stumbled across this excellent article and began using badblocks to scan the drive. Basically what this program does is write to every spot on the drive and then read it back to ensure that it still holds the data that was just written.

Here is the command I used. NOTE: This command is destructive and will damage the data on the hard drive. DO NOT use this if you want to keep the data that is already on the drive. Please see the above linked article for more information.

badblocks -b 4096 -p 4 -c 16384 -w -s /dev/sda

What does it all mean?

• -b sets the block size to use. Most drives these days use 4096 byte blocks.
• -p sets the number of passes to use on the drive. When I used the option -p 4 above it means that it will write/read from each block on the drive 4 times looking for errors. If it makes it through 4 passes without finding new errors then it will consider the process done.
• -c sets the number of blocks to test at a time. This can help to speed up the process but will also use more RAM.
• -w turns on write mode. This tells badblocks to do a write test as well.
• -s turns on progress showing. This lets you know how far the program has gotten testing the drive.
• /dev/sda is just the path to the drive I’m scanning. Your path may be different.

The process to marshal or serialize an object to XML can differ greatly from language to language and implementation to implementation. Even within a single language, like Java, there are multiple ways to go about it. I happened to stumble upon this one the other day and thought it was pretty straight forward.

This example contains two classes XMLExample.java and Example.java. We will use the functions in XMLExample.java to convert Example.java to and from XML.

Note: the source files are available for download below.

// File Example.java

import java.util.HashMap;
import java.util.Map;
import javax.xml.bind.annotation.XmlElement;
import javax.xml.bind.annotation.XmlRootElement;

@XmlRootElement
public class Example {

    @XmlElement
    private int someInternalValue = 0;

    private int anotherInternalValue = 123;

    private int _age = 0;

    public Map<Integer, String> myMap = new HashMap<Integer, String>();

    public void setInternalValue(int value)
    {
        someInternalValue = value;
    }

    public int getAge()
    {
        return _age;
    }

    public void setAge(int age)
    {
        _age = age;
    }
}

As you can see Example.java just contains a couple of random getter and setters as well as some internal variables and a public Map.

// File XMLExample.java

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.xml.bind.JAXBContext;
import javax.xml.bind.JAXBException;
import javax.xml.bind.Marshaller;
import javax.xml.bind.Unmarshaller;

public class XMLExample
{
    public static void main(String[] args)
    {
        try
        {
            Example exmp = new Example();
            exmp.setInternalValue(4);
            exmp.setAge(10);
            exmp.myMap.put(5, "The value for key 5");

            String xml = marshallToXML(exmp);
            System.out.println(xml);

            // Null the variable so we can actualy see if we unmarshalled it correctly
            exmp = null;

            exmp = (Example)unmarshallFromXML(Example.class, xml);
            System.out.println("Age = " + exmp.getAge());
            System.out.println("Map value for key '5' = '" + exmp.myMap.get(5) + "'");

        }
        catch (JAXBException ex)
        {
            Logger.getLogger(XMLExample.class.getName()).log(Level.SEVERE, null, ex);
        }
    }

    /**
     * Converts an object to its XML representation
     * @param fromObject the object to create the XML based on
     * @return the XML string
     * @throws JAXBException
     */
    public static String marshallToXML(Object fromObject) throws JAXBException
    {
        JAXBContext context = JAXBContext.newInstance(fromObject.getClass());
        Marshaller marshaller = context.createMarshaller();

        ByteArrayOutputStream baos = new ByteArrayOutputStream();
        marshaller.marshal(fromObject, baos);

        return baos.toString();
    }

    /**
     * Converts XML representation to an object
     * @param toClass the class to create from the XML
     * @param XML the XML containing the object data
     * @return the object
     * @throws JAXBException
     */
    public static Object unmarshallFromXML(Class toClass, String XML) throws JAXBException
    {
        JAXBContext context = JAXBContext.newInstance(toClass);
        Unmarshaller unmarshaller = context.createUnmarshaller();

        ByteArrayInputStream bais = new ByteArrayInputStream(XML.getBytes());

        return unmarshaller.unmarshal(bais);
    }
}

The magic happens in the two functions marshallToXML and unmarshallFromXML. These take annotated variables and functions as well as anything conforming to Java bean conventions (get/set and public) and convert them to XML. So what is the output of the above program?

<?xml version="1.0" encoding="UTF-8" standalone="yes"?><example><someInternalValue>4</someInternalValue><myMap><entry><key>5</key><value>The value for key 5</value></entry></myMap><age>10</age></example>
Age = 10
Map value for key '5' = 'The value for key 5'

You’ll notice that it skipped the private variable anotherInternalValue. It did this because it is private in scope and because we did not annotate it.

For a full explanation of how to use this I would highly recommend the excellent JAXB Users Guide over at Java.net. You can download the above source files here.

Say you are travelling, or are at a neighbourhood coffee shop, using whatever unsecured WiFi network they make available. You could either:

1. trust that no one is sniffing your web traffic, capturing passwords, e-mails, IMs, etc.
2. trust that no one is using more sophisticated methods to trick you into thinking that you are secure (i.e. man in the middle attack)
3. route your Internet traffic through a secure tunnel to your home PC before going out onto the web, protecting you from everyone at your current location

which would you choose?

VPNs and SSH tunnels are actually a relatively easy means for you to be more secure while browsing the Internet from potentially dangerous locations. There are many, many different ways for you to do this but I find using a Linux PC that is running on your home network to be the easiest.

1. Configure your home Linux PC. Install ssh (and sshd if it is separate). If you are using Ubuntu this is as easy as running the following command: sudo apt-get install ssh
2. Sign up for a free DNS service like DynDNS so that you know of a web address that always points to your home Internet connection. To do this follow the instructions at the service you choose.
3. On your laptop (that you have taken with you to the hotel or coffee shop) connect to your home PC’s ssh server. If you are on Windows you will need to get a program like PuTTY. See their documentation on how to forward ports. On Linux you can simply use the ssh command. The goal is to forward a dynamic port to the remote ssh server. For instance if you are using a Linux laptop and ssh then the command would look something like: ssh -D [dynamic port] [user]@[home server] -p [external port number - if not 22]. An example of one would be ssh -D 4096 user@example.com -p 4000
   
4. In your browser open the networking options window. This will allow you to tell the browser to forward all of its traffic to a proxy, which in this case, will be our dynamic port that we set up in step 3. Here is an example of my configuration for the example above.
5. Browse normally.

You are now browsing the Internet by routing all of your traffic (in Firefox) securely through your home PC. Note that this doesn’t actually make web browsing any more secure beyond protecting you from people in your immediate vicinity (i.e. connected to the same insecure WiFi network).

I logged onto my desktop the other day, for the first time in a couple of weeks – I’ve been away travelling, and was surprised to notice that my PGP key was set to expire. Long story short I have generated a brand new key.

OpenPGP Key

Name: Tyler Burton
Key ID: 0x1CD3E3D8
Key Fingerprint: 96ED 6B13 10B1 69C1 8299 693C 2921 6D80 1CD3 E3D8
Keyserver: pgp.mit.edu
Key Algorithm: RSA
Preferred Cipher: AES256
Preferred Digest: SHA512
Direct Download: Download Here

There has been quite a bit of activity on The Linux Experiment over the past little while. Check out the site here or quickly jump to the post that I wrote below.

Big distributions, little RAM 3

How do the ‘big time’ distributions handle on constrained hardware? Take a look.

How to install sun-java6-jdk and Netbeans in Ubuntu 11.10

A simple process to install the official SunOracle Java JDK and Netbeans IDE in the latest Ubuntu.

Ubuntu 11.10′s WiFi crashes my router

The new Ubuntu release is pretty good. Unfortunately it also causes my router to crash.

Gentoo (A.K.A. “Compiling!”)

My first post for the second Linux Experiment where I speak about my Gentoo first impressions.

How to enable reboot/shutdown in KDE on Gentoo

Closed source AMD/ATI drivers, wireless networking and Flash in Gentoo

How to update your (whole) Gentoo system

A trio of small posts that walk new Gentoo users through setting up and doing some basic things in their new desktop.

How to play Red Alert 2 on Linux

I managed to get this classic game to run great on Linux. It even includes a bit of a hack that allows you to play LAN games. I don’t think you can even do that on Windows any more.

Oh Gentoo

My final post of the second Linux Experiment. Includes my conclusions on running Gentoo as a day-to-day desktop system.