Category: software

bash: Last Day, The People Who Lived As Many Days as You

~ cafebedouin

Definitions

  • bash: This is the command line, where you can run relatively simple scripted programs, available on all three major computing platforms.
  • SPARQL: On the Internet, there are repositories of information. Some of these repositories are in a format called RDF, or Resource Description Framework. Users of these repositories typically need a subset of the information contained in them. In order to get the desired information, they need a way to query these repositories in a structured way to get the information they want. SPARQL is that querying language.
  • Wikidata is an RDF repository. It is hosted by the same organization as Wikipedia, but it is subject to different rules. I do not think Notability and some of the cultural problems of Wikipedia extend to Wikidata. I’d be happy to hear if anyone is aware of problems in the dataset, since this is one of the few times I’ve worked with it.

Inspiration

Most mornings, my wife and I read The New York Times The Morning Briefing. Typically, this will include an obituary of a celebrity. If the person is less than 80 years old, my wife will say something like, “They died young.” She thinks everyone should live to be a hundred years of age.

I tend to think more relativistically. Someone died young, if they were younger than me. It got me thinking, “Is it possible to write a script to find out who lived exactly the same number of days I have lived today?”

It turns out to be fairly easy to do using bash, a SPARQL query link and Wikidata.

bash script

#!/bin/bash
# variables
BIRTHDAY=$(date -d '2000-01-01' +%s) # enter birthday in YYYY-MM-DD format
TODAYS_DATE=$(date +%s)
DAYS_ALIVE=$(((TODAYS_DATE - BIRTHDAY) / 86400)) # converts seconds to days

# Test output
# echo "birthday: ${BIRTHDAY} | today's date: ${TODAYS_DATE} | days_alive: ${DAYS_ALIVE}"

#url for sparql query of wikidata can be obtained: https://query.wikidata.org/, click link to it below
firefox 'https://query.wikidata.org/embed.html#SELECT%20DISTINCT%20%3Fperson%20%3FpersonLabel%20%3FpersonDescription%20WHERE%20%7B%0A%20%20SERVICE%20wikibase%3Alabel%20%7B%20bd%3AserviceParam%20wikibase%3Alanguage%20%22%5BAUTO_LANGUAGE%5D%22.%20%7D%0A%20%20%7B%0A%20%20%20%20SELECT%20DISTINCT%20%3Fperson%20%3FpersonLabel%20%3FpersonDescription%20%7B%0A%20%20%20%20%20%20%3Fperson%20wdt%3AP31%20wd%3AQ5%3B%20%20%20%20%20%20%20%20%20%20%20%20%20%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20wdt%3AP569%20%3Fborn%3B%20%20%20%20%20%20%20%20%20%20%20%20%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20wdt%3AP570%20%3Fdied%3B%20%20%20%20%20%20%20%20%20%20%20%20%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20wdt%3AP27%20wd%3AQ30%20%20%20%20%20%20%20%20%20%20%20%20%20%0A%20%20%20%20%20%20BIND(%3Fdied%20-%20%3Fborn%20AS%20%3FageInDays).%20%0A%20%20%20%20%20%20FILTER(%3FageInDays%20%3D%20'"$DAYS_ALIVE"').%20%20%0A%20%20%20%20%7D%0A%20%20%20%20LIMIT%2025%0A%20%20%7D%0A%7D%0A'

bash script output

SPARQL query

You can input the following into the Wikidata SPARQL query interface and change the perimeters. Specifically, the bash variable $DAYS_ALIVE needs to be changed to an integer to work in the query interface, e.g., FILTER(?ageInDays = 11000). You can also do ranges using multiplication, e.g., FILTER(?ageInDays < (31*365) && ?ageInDays > (30*365)), if you want people between the ages of 30 to 31. 

SELECT DISTINCT ?person ?personLabel ?personDescription WHERE {
  SERVICE wikibase:label { bd:serviceParam wikibase:language "[AUTO_LANGUAGE]". }
  {
    SELECT DISTINCT ?person ?personLabel ?personDescription {
      ?person wdt:P31 wd:Q5;             # any person
              wdt:P569 ?born;            # that has a birth date
              wdt:P570 ?died;            # and a death date
              wdt:P27 wd:Q30             # that was a citizen of the United States
      BIND(?died - ?born AS ?ageInDays). # calculate days they lived
      FILTER(?ageInDays = $DAYS_ALIVE).  # match the number of days to your current number of days alive
    }
    LIMIT 25
  }
}

Accessing a Locked Android Phone Not Displaying A Keyboard

~ cafebedouin

I use AnySoftKeyboard as my keyboard of choice on Android. It’s great, except when my SD Card becomes corrupted. When that happens, AnySoftKeyboard no longer works. If my device is locked at the time, there doesn’t appear to be a way to type in my password to unlock the device.

There is a solution to this problem, if you have enabled Developer options and USB debugging on the device. Boot into recovery (Volume Up, Home & Power, all at the same time). Start adb on the device. Connect it to your computer with adb and reboot. Then from a command prompt on the computer, type in the following:

$ adb shell input text password && adb shell input keyevent 66

This will basically work just like the displayed keyboard on your device. keyevent 66 is the equivalent of Enter. Then, you can reformat your SDCard in Settings. Then, reboot the device and you will be good to go.

Mining the Ergo Cryptocurrency in the ergo.getblok.io Pool

~ cafebedouin

Mining Ergo as part of the ergo.getblok.io mining pool is easy, particularly on Windows. If you already have a Ergo wallet, it can be set-up on a computer with a GPU video card compatible with mining Ergo in less than 5 minutes.

For Ergo, you need a card with a minimum of 4GB of RAM, ideally more. Create a Ergo wallet using Yoroi, if you don’t have one already. Download mining software compatible with your card, i.e., T-Rex (NVidia) or RedTeamMiner (AMD), Extract the mining software file in your Download directory. Open a text editor, and type in (or copy & paste) the following, assuming in this example you are on Windows:

setx GPU_FORCE_64BIT_PTR 0
setx GPU_MAX_HEAP_SIZE 100
setx GPU_USE_SYNC_OBJECTS 1
setx GPU_MAX_ALLOC_PERCENT 100
setx GPU_SINGLE_ALLOC_PERCENT 100

C:\Users\your_username\path\to\mining\file\t-rex.exe -a autolykos2 -o stratum+ssl://ergo.getblok.io:4056 <YourErgoAddress>.<AnyNameYouWantToIdentifyTheComputer>

For clarity, <YourErgoAddress>.<AnyNameYouWantToIdentifyTheComputer> should look something like:

C:\Users\cafebedouin\Downloads\t-rex-0.24.7-win\t-rex.exe -a autolykos2 -o stratum+ssl://ergo.getblok.io:4056 9g1p6UU8XoAeU4yGPLpbTHYiG8aBHwfCFzQqJZrfzuLnmF3zb7P.covertmixeraddress

You can find your address by going to the Receive tab in Yoroi, you can then go to the getblok.io website and put in the information this page asks for and it will provide the information above for you. Save the file as ERGO_mining.bat. To start mining, simply click on the file.

Note: If you have a virus protection program like McAfee, you’ll need to restore the t-rex.exe file after extraction and exclude it from Real-Time Scanning in order to run it.

If you want the mining software to start when you reboot your computer, then, save ERGO_mining.bat in C:\Users\Username\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup. If you have trouble finding it, you can always save it somewhere, type the Windows key + R to get the shell prompt, then type: 

shell:startup

This will bring up the Startup folder, and you can drag and drop the file into it..

Linux

This is harder for me to comment on since I am using a AMD card on my Linux machine, which can be a bit of a PITA to configure correctly. These instructions will get you in the ballpark with an AMD card, but be prepared to do some troubleshooting.

Let’s assume that you somehow managed to get your graphics card working on Linux. Then, the process is very similar to Windows above. Open a text editor and type the following:

#!/bin/bash

export GPU_MAX_ALLOC_PERCENT=100
export GPU_SINGLE_ALLOC_PERCENT=100
export GPU_MAX_HEAP_SIZE=100
export GPU_USE_SYNC_OBJECTS=1

/home/cafebedouin/Downloads/teamredminer-v0.8.6.3-linux/teamredminer -a autolykos2 -o stratum+ssl://ergo.getblok.io:4056  9g1p6UU8XoAeU4yGPLpbTHYiG8aBHwfCFzQqJZrfzuLnmF3zb7P.covertmixeraddress

Then, save the file as ergo_miner.sh. At the command prompt: chmod 744 ergominer.sh and then just run it as usual, by typing: ./ergo_miner.sh at the prompt. If you want it to automatically run whenever you restart your machine, this image from linuxconfig.org tells you everything you need to do to set it as a systemd service.

Why is Plaintext Better than HTML for Email?

~ cafebedouin

“In short, HTML emails are a security nightmare, are mostly used for advertising to you and tracking you, are less accessible for many users, and don’t offer anything especially great for it.”

https://useplaintext.email/

He buried the lede. I went ahead and put it at the top. For more detail, read the below. Another in my ongoing series advocating for plain text: A Text Only World, OpenBSD & the Command Line, The Plain Person’s Guide to Plain Text Social Sciences, The Plain Text Accounting Program, etc.

Why is plaintext better than HTML?

HTML emails are mainly used for marketing – that is, emails you probably don’t want to see in the first place. The few advantages they offer for end-users, such as links, inline images, and bold or italic text, aren’t worth the trade-off.

HTML as a vector for phishing

HTML emails allow you to make links which hide the URL behind some user-friendly text. However, this is an extremely common vector for phishing attacks, where a malicious sender makes a misleading link which takes you to a different website than you expect. Often these websites are modeled after the login page of a service you use, and will trick you into entering your account password. In plaintext emails, the URL is always visible, and you can more easily make an informed choice to click it.

Privacy invasion and tracking

Virtually all HTML emails sent by marketers include identifiers in links and inline images which are designed to extract information about you and send it back to the sender. Examine the URLs closely – the strange numbers and letters are unique to you and used to identify you. This information is used to hack your brain, attempting to find advertisements which are more likely to influence your buying habits. HTML emails are good for marketers and bad for you.

Mail client vulnerabilities

HTML is an extremely large and complicated set of specifications designed without emails in mind. It’s designed for browsing the world wide web, on which a huge variety of documents, applications, and more are available. Implementing even a reasonable subset of these standards represents hundreds of thousands of hours of work, or even millions. A large subset (perhaps the majority) of these features are not desirable for emails, and if included can be leveraged to leak information about you, your contacts, your calendar, other emails in your inbox, and so on. However, because of the herculean effort necessary to implement an HTML renderer, no one has built one specialized for emails which is guaranteed to be safe. Instead, general purpose web browsers, with many of their features disabled, are employed in most email clients. This is the number one source of vulnerabilities in email clients which result in information disclosure and even the execution of arbitrary malicious code.

This is a list of 421 remote code execution vulnerabilities in Thunderbird. If you’re bored, try finding one that doesn’t exploit web tech.

HTML emails are less accessible

Browsing the web is a big challenge for users who require a screenreader or other assistive tools to use their computer. The same problems apply to email, only more so – making an accessible HTML email is even more difficult than making an accessible website due to the limitations imposed on HTML emails by most mail clients (which they have no choice but to impose – for the security reasons stated above). Plain text emails are a breeze in comparison for screenreaders to recite, especially for users with specialized email clients designed for this purpose. How do you speak bold text aloud? How about your inline image?

Some clients can’t display HTML emails at all

Some email clients don’t support HTML emails at all. Many email clients are designed to run in text-only environments, like a terminal emulator, where they’re useful to people who spend a lot of time working in these environments. In a text-only interface it’s not possible to render an HTML email, and instead the reader will just see a mess of raw HTML text. A lot of people simply send HTML emails directly to spam for this reason.

Rich text isn’t that great, anyway

Rich text features desirable for end users include things like inline images, bold or italicized text, and so on. However, the tradeoff isn’t worth it. Images can simply be attached to your email, and you can employ things like *asterisks*, /slashes/, _underscores_, or UPPERCASE for emphasis. You can still communicate your point effectively without bringing along all of the bad things HTML emails come with.

-ibid

Installing Citrix Workplace on Ubuntu Linux

~ cafebedouin

Installation

$ cd Downloads
$ sudo dpkg -i Citrix-Workspace.deb

Installing a CA Certificate

The pre-installed certificates might work for you. If you get errors when trying to use Citrix, then you’ll likely need to install a CA certificate.

  • Go to the VPN website you use Citrix for.
  • Click on the lock in front of the url
  • Click on certificate (Chrome) or Connection Secure (Firefox)
  • Note the authority under Issued By (Chrome) or Verified By (Firefox)
  • For example, the certification authority might be: DigiCert TLS RSA SHA256 2020 CA1
  • Search for DigiCert TLS RSA SHA256 2020 CA1 in your favorite search engine.
  • Select the official site that allows you to download the relevant certificates.
  • Download both the PEM and the CRT files.
  • Do the following: 
$ sudo cp ~/Downloads/DigiCertTLSRSASHA2562020CA1-1.pem /opt/Citrix/ICAClient/keystore/cacerts
$ sudo chmod 644 /opt/Citrix/ICAClient/keystore/cacerts/DigiCertTLSRSASHA2562020CA1-1.pem
$ sudo /opt/Citrix/ICAClient/util/ctx_rehash

Note: The instructions on the Citrix website seem to be incorrect. It tells you to cp the pem file with a crt extention, even though every other file in the directory is a PEM file. The above copies to the default Citrix directory on Ubuntu, changes the file permissions to -rw-r–r–, and rehashes the new certificate so Citrix can use it.

X.509 Certificate for Chrome or Firefox Browsers

I’m not sure if this is strictly necessary, but it might also be helpful to import the X.509 certificate into Chrome or Firefox. For Chrome (Firefox is similar), do the following:

  • Go to the three dots (hamburger)
  • Select Chrome settings
  • Search for: certificate
  • Click on Security
  • Click on Manage Certificates
  • Click on Authorities
  • Click on Import
  • Select ~/Downloads/DigiCertTLSRSASHA2562020CA1-1.crt
  • Select all three options.

Borogove.io

~ cafebedouin

This is a free hosting service for Interactive Fiction games. You can upload games and share them with others by giving out a link to play online.

Games must be either parser system story files or HTML files. Currently supported file formats:

* HTML (including Twine and Texture)

* Z-Machine (Inform, Dialog, ZIL)

* Glulx (Inform)

.* gam, .t3 (TADS)

* HEX (Hugo)

* Å-Machine (Dialog)

* Ink JSON files

Game uploads can be public or private. Public uploads can be found in the gallery on the front page. Private uploads aren’t listed anywhere and can only be accessed through the direct link.

https://borogove.io/

bash: TOTP From the Terminal With oathtool

~ cafebedouin

TOTP is Time-based One Time Password. Most people use applications on their phone for TOTP, such as andOTP, Google Authenticator, and related apps. But, as we move from using a phone as a second factor for what we are doing on a computer to a phone being the primary way we interact with the Internet, it makes sense to make the computer the second factor. This is the idea behind this script. It is based on analyth’s script, except I stripped out the I/O. 

#!/bin/bash

# Assign variables
google=$(oathtool --base32 --totp "YOUR SECRET KEY" -d 6)
wordpress=$(oathtool --base32 --totp "YOUR SECRET KEY" -d 6)
amazon=$(oathtool --base32 --totp "YOUR SECRET KEY" -d 6)

# Print variables
echo "google: ${google} | wordpress: ${wordpress} | amazon: ${amazon}"

This will print:

google: 123456 | wordpress: 123456 | amazon: 123456

However, I didn’t like the idea of my one time password codes only being protected by normal file protections on a Linux system. I thought it should be encrypted with gpg. So, I saved it to a file in my scripts directory, totp, and encrypted it with my public key. If you don’t have a gpg key pair, instructions are available online.

$ gpg -r your@email.com -e ~/pathto/totp

Then, to run the shell script, do:

$ gpg -d ~/pathto/totp.gpg 2>/dev/null | bash

This will prompt you for your gpg password and then run this script. You likely won’t want to remember this string of commands, so you could make your life easier by adding it as an alias under .bash_aliases

alias totp='gpg -d ~/pathto/totp.gpg 2>/dev/null | bash'