Archive for the ‘IT’ Category

iPad Mini Vs. New iPad (iPad 3): brief comparison

Tuesday, October 23rd, 2012

At my advice the iPad Mini is a shrieked version of the New iPad (aka iPad 3), with a very few differences, some borrowed from the iPad 2.

  1. Mostly significant, and brand new:
    1.  THINNER borders design.
    2. mounts Micro-SIM
    3. uses the ‘Lightning’ connector
  2. The weight is almost the half of the New iPad, 308g against 601g.
  3. The screen is NOT retina
    1. same resolution as the iPad 2: 1024 x 768
    2. 168dpi vs 132dpi of iPad 2 vs 264dpi as New iPad
  4.  the process is the Dual-Core A5 (same as iPad 2) vs the Dual-Core CPU/Quad-Core GPU A5X (New iPad)
  5. ..and of course, the dimension is… MINI

all the other features are the same as the New iPad (iPad 3).

 

Where To Download Workgroup Manager 10.8 for Mac OS X Server 10.8 Mountain Lion

Friday, October 12th, 2012

Workgoup Manager is NO MORE included in OS X Server since the release of Mountain Lion 10.8.

If you want to manager OS X Server Open Directory in the ‘old way’ you will need to download Workgroup Manager 10.8 from this link:

http://support.apple.com/kb/DL1567

Download: (History of) Free Software Foundation In A Nutshell

Tuesday, October 9th, 2012

Here there are the PDF, MP3, M4B (audiobook) and iBooks versions of ‘Free Software Foundation In A Nutshell’

mp3: Free Software Foundation In A Nutshell

m4b: Free Software Foundation In A Nutshell

pdf: Free Software Foundation In A Nutshell

ibooks: Free Software Foundation In A Nutshell

Download and Share, please.

 

How-To Fix Cadaver Showing “WARNING: Untrusted server certificate presented” on Mac OS X

Tuesday, October 2nd, 2012

Here is explained how to compile Cadaver to support root CA certificates with ‘homebrew’ or Mac OS X.

Cadaver is a command line webdav client tool. It’s available on Mac through the ‘homebrew‘ subsystem for OS X.
It has the capability to connect you to webdav services via both http and https protocols, with the same ease you would use a ftp client.

While using ‘cadaver’ to connect to a webdav repository via https (SSL encrypted http), you may experience the odd request from the tool to accept the SSL certificate offered by the site you are connecting to because it is recognised as ‘Untrusted’, although the same certificate is not expired yet and is recognised as trusted by any other tool webdav client you may use (i.e. browsers or graphical tools like Cyberduck). This is the message that will be thrown “WARNING: Untrusted server certificate presented”.

This annoying behaviour prevents you to use ‘cadaver’ in system scripting because it will require a human interaction at any execution.

The reason behind this obvious error, are apparently connected to the fact that ‘cadaver’ relies on the ‘libneon’ libraries to handle the SSL encrypted connections and such libraries, in the instance of OS X, are not able to interact with Certificate Authorities Certificates installed in the system, therefore there are not able to verify the ‘trusted’ status of any certificate they come across.

On a GNU/Linux system showing the same warning,  it’s probably enough to install the ‘ca-certificates’ packager otherwise another possible solution is to recompile the ‘libneon’ libraries making sure to specify the right path to the ‘root CA certificates’ during the configuration.

On a Mac OS X the ‘libneon’ libraries are not available via ‘homebrew’, then installed version of cadaver is using it’s own copy of them. That means we will have to force ‘homebrew’ to recompile an reinstall ‘cadaver’ including a copy of the ‘root CA certificates‘. To do so we will use ‘curl’ sources and modify cadaver’s homebrew formula formula.

You may skip the stage 1 and 2 in case you have already a curl’s certificate bundle installed at/usr/share/curl/curl-ca-bundle.crt

  1. Download and unarchive the Curl sources:
    $ wget http://curl.haxx.se/download/curl-7.22.0.tar.bz2
    $ tar xvjf curl-7.22.0.tar.bz2
  2. Retrive the ‘root CA certificates’ using a script included in curl’s sources directory:
    $ cd curl-7.22.0/lib/ 
    $  ./mk-ca-bundle.pl
  3. Install the ‘root CA certificates’ :
    $ sudo mkdir -p /usr/share/curl/
    $ sudo cp ca-bundle.crt /usr/share/curl/curl-ca-bundle.crt
  4. modify cadaver’s homebrew formula to include the ‘root CA certificates’ during the compilation:
    $ brew edit cadaver

    add this  string  – “–with-ca-bundle=/usr/share/curl/curl-ca-bundle.crt”, – to the ‘def install’ section of the formula (including the double-quotes and the comma), as follow:

    def install

    system “./configure”, “–prefix=#{prefix}”,

    “–with-included-neon”,

    “–with-ca-bundle=/usr/share/curl/curl-ca-bundle.crt”,

    “–with-ssl”

     

  5. Remove the current installation of ‘cadaver’:
    $ brew remove cadaver
  6. Re-Install ‘cadaver’ that will be recompiled with a link to the ‘root CA certificates’:
    $ brew install cadaver

    Mind that the ‘root CA certificates’ will not be hard-coded in ‘cadaver’, only their path will be hardcoded, so DO NOT move the ‘curl-ca-bundle.crt’ from it’s location otherwise you will experience again the ‘WARNING: Untrusted server certificate presented’ issue.

At this point you should be able to use cadaver with https webdav repositories without been requested to accept every single SSL certificate.

 

How-To Configure Wireless LAN on RaspberryPi With Raspbian Kernel 3.2.27+ And Solwise RTL8188CUS WiFi dongle

Friday, September 28th, 2012


RaspberryPi and Solwise WiFi dongle RTL8188CUS chipsetThe configuration of WLAN with a RTL8188CUS dongle on RaspberryPi is quite trivial now. It doesn’t’ rely on esoteric scripts, of manual installation of third-party kernel modules anymore.

I’ve been digging the solution for days before, it came alone at the beginning of September with a release of new ‘firmware’ for the RPi (see ‘A little of Story’ at the end of the post).

The procedure to install and configure a wireless network interface with Raspbian requires as little as a system upgrade and minimal understanding of the ‘wpa_supplicant’ utility.

Prerequisites

  1. The RaspberryPi must be powered with a 2A output USB charger because the WiFi dongle is very energy-thirsty, especially when it’s scanning the network for available SSIDs or when it’s creating the connection with the assigned SSID.
  2. The RaspberryPi must be installed with Raspbian version 2012-08-16-wheezy-raspbian or greater.
  3. The RaspberryPi must be connected to the internet via the ethernet card.
  4. It’s advisable to have the ‘avahi-daemon’ package installed (and running)
  5. The WiFi Dongle must not be plugged to the RaspberryPi until specified in the following procedure.
  6. It’s better to use a USB extension lead to connect the WiFi dongle to avoid the RaspberryPi to self-restart if the dongle is hot-plugged (or hot-unplugged).

Notes

I did notice that when the WiFi dongle is installed and active, sometimes it interferes with the usb keyboard (with both normal and wireless keyboards).

System Preparation

If your RPi is running a Raspbian version greater than 2012-08-16-wheezy-raspbian you can skip the System Preparation.

  1. launch a repository update:
    $ sudo apt-get update
  2. run a system upgrade:
    $ sudo apt-get upgrade
  3. make sure that the latest RaspberryPi firmware version is installed
    $ sudo apt-get install raspberrypi-bootloader
    The recent RPi firmwares include the Linux kernel version 3.2.27+ or greater.
    On Raspbian the RPi firmware is packaged as ‘raspberrypi-bootloader
     
  4. Install the wpa_supplicant utility:
    $ apt-get install wpasupplicant

WLAN configuration and wpa_supplicant set-up

We suppose that the WiFi dongle will be recognised as the wlan0 device.

Under some circumstances it may be recognised as wlan1 (..or wlan2 on so on), in such case modify the configuration accordingly.

Otherwise if you want your system to forcibly recognise the dongle as wlan0 you will have to play with the /etc/udev/ configuration files.

  1. Generate a PSK version of your WLAN password with wpa_passphrase utility
    $  wpa_passphrase My_WiFi_SSID mypassword

    the output will be similar to

    network={
        ssid="My_WiFi_SSID"
        #psk="mypassword"
        psk=b2abb0fcd2f4527e11817de0823a57bb19ba4622f4595062c94ec4dd1370b5fe
    }
    This output is meat to be an entry for a network configuration blocks of a wpa_supplicant.conf file.
    By the way we e will use it differently.

  2. Copy the ‘psk’ value of the wpa_passphrase output
    i.e. b2abb0fcd2f4527e11817de0823a57bb19ba4622f4595062c94ec4dd1370b5fe
  3. edit the /etc/network/interfacesand add the wlan0 configurations as follow:
    ...
    
    auto wlan0
    allow-hotplug wlan0
    iface wlan0 inet dhcp
      wpa-ssid "My_WiFi_SSID"
      wpa-psk b2abb0fcd2f4527e11817de0823a57bb19ba4622f4595062c94ec4dd1370b5fe
    alternatively you can use the clear-text version of the password
      wpa-psk "mypassword"
  4. Shutdown the RPi.
  5. Unplug the ethernet cable.
  6. Plug the WiFi dongle in the RPi’s USB port.
  7. Restart the RPi and wait that it connects to the Wireless LAN.

If the dongle will lighten up and you can ping or ssh into the Raspbian, congratulations, you’ve done it!

A little of story:

The Linux kernel 3.x comes with the module rtl8192cu.ko that is not able to properly recognised the WiFi dongle with the RTL8188CUS chipset, and when plugging the device, the RPi will hang on device detection of may even freeze.

The most recent versions on the RPi firmware (Sep 2012) have removed the buggy kernel module, and substituted it with a ‘manually’ compiled module called 8192cu.ko probably sources from the source code available at Realtek home page.

 

How-To Downgrade From OS X Mountain Lion 10.8.2 To The Previous Minor Release 10.8.1

Thursday, September 20th, 2012

Long Story Short:
1 – Re-install the base system of OS X Mountain Lion 10.8[.0] over the current System Drive, from a USB stick or NetInstall image.
2 – Apply the 10.8.1 update downloading it from Apple Support page.
or keep reading for more details

[if you like this post, LIKE my page on Facebook and you will receive updates on my future posts.]
Long Story:

To revert to a previous minor release of OS X you MUST first re-install the base major release of the specific OS X version (in our case OS X 10.8) over the current installed system volume. After that you will apply your favourite minor release. You can dowload the dmg archives of any minor release on Apple Support page:

i.e. OS X Mountain Lion Update v10.8.1 http://support.apple.com/kb/DL1571 

Re-installing a previous release (of the same OS X version) on an existing system will overwrite the most recent system updates that you may have applied so far. Without wiping the the current installed system.

It’s NOT considered a dangerous operation, it is even recommended by Apple as a troubleshooting technique.

Mind that it will restore Apple default permissions on OS X system files, overwriting any customised permission that you may have set for other subsitems like homebrew, ruby, MacPorts etc.

To be able to install the base version of the system you have to:

  1. download from the App Store the OS X base installer application:
    for Mountain Lion or Lion do not download the official image from the Mac App Store because it will already include the updates that you probably want to avoid.
    [have you ever heard about Torrent files?]If you are running Lion, you can purchase an official Mac OS X Lion Thumb key.
    If your system is Snow Leopard or any previous version you can use the official CD/DVD discs.
  1. Create a USB Thumb from the installer (10.8[.0])archive following these detailed instructions on iClarified.com:
    http://iclarified.com/entry/index.php?enid=23486Alternatively using the installer archive you can create a NetInstall image for your NetBoot service running on your local OS X Server, as described at Apple Support Page:
    http://support.apple.com/kb/HT4178
    .
    do not user the Mac Recovery pertition, because it would source the installation file from the MacApp Store and it will install the latest version of OS X (10.8.2)
    .
  2. Restart your Mac a boot from the USB drive or from the DVD, and when the installation wizard will ask you to choose where to install OS X you will choose your current system volume (without need to wipe it from it’s content), and start the installation process.

On a Mac the downgrade process of OS X from a minor release to a previous release of the system is the same for every system version.

You can downgrade OS X 10.8.2 to 10.8.1 or 10.8, or you can revert from 10.7.6 to 10.7.5 or 10.7.4 down to 10.7.. and so on for the older releases.

What you can NOT do is to downgrade from a major release to a previous major release of OS X, for instance you can NOT downgrade from any release OS X 10.8.x to any release of OS X 10.7.x and so on for the other previous versions.

 

How-To Remove The Password From a SSL Certificate Key File

Tuesday, September 11th, 2012

In case you find yourself with a SSL Certificate for your your domain and need to use it in systems where automatic processed will restart the web server (i.e. Apache 2), I guess you have discovered that a serious problem arise: the web server will not restart properly until you provide the password for the certificate.

As far as you consider secure the system from theft of the certificate, a workaround to this problem is to generate a copy of the SSL Certificate Key stripped of the password, you can achieve that executing this following command:

~$ sudo openssl rsa -in my_domain_certificate_with_password.com.key -out my_domain_certificate_without_password.com.key

At this point you just need to update the virtualhost configuration on your webserver to use the new key file (or remove the key file protected by password overwriting it with the key file NOT protected by password).

This information has been sourced from:
http://chrisschuld.com/2008/08/removing-the-password-on-an-apache-ssl-certificate/

Any comment and advise is welcome as always

How-To Fix: “regenerate_ssh_host_keys …failed” on Raspbian for RaspberryPi

Tuesday, September 11th, 2012
Listen to me!
Audio MP3

download mp3
During your RPi boot it may happen that you get an error message like, “regenerate_ssh_host_keys …failed”, such error is generally sign that you SSH service won’t start.

That issue showed to me during the second boot of Raspbian on my new RsberryPi Revision B, due to the fact that during the previous session I did forcibly quit the raspi-config configuration tool exactly after issuing the command to enable the SSH server.

That caused the configuration process not to run the one-time operation of generating the ssh host keys necessary to run the sshd daemon. If fact, at the second reboot of Raspbian the script /etc/init.d/regenerate_ssh_host_keys (sim-linked by /etc/rc2.d/S01regenerate_ssh+host_keys), was  deleted as scheduled, but failed to start the SSH server because there were not the ssh keys supposed to be generated at the previous session.

The solution to the problem consists in manually generate the SSH keys and start the SSH server, executing the following commands:

~$ sudo ssh-keygen -t 'rsa' -f /etc/ssh/ssh_host_rsa_key
~$ sudo ssh-keygen -t 'dsa' -f /etc/ssh/ssh_host_dsa_key
~$ sudo ssh-keygen -t 'ecdsa' -f /etc/ssh/ssh_host_ecdsa_key

If requested for a password during the generation of these keys it’s advisable to leave it blank (empty) as they are ‘host’ keys and not personal keys.
Also confirm that you want to overwrite possible pre-existing keys that could be a partial leftover of the previously aborted generation process.

Please feel free to leave any comment and amend.

It is not possible to install OS X Mountain Lion 10.8 on an Asus Eee PC 1005HA

Monday, September 3rd, 2012

The reason why it is not possible to install OS X Mountain Lion 10.8 on an Asus EeePC 1005HA is because it uses the Intel Atom N270 processor that is 32bit only while OS X Mountain Lion  is a full 64 bit operating system only.

In fact it’s possible to find an ‘hackintosh’ version of the OS X Mountain Lion 10.8.1 kernel for Atom support on the OSx86.net project:
http://www.osx86.net/view/3160-mach_kernel_atom_1081.zip.html

but that would be compatible only with the 64bit versions of the Atom processors:
http://en.wikipedia.org/wiki/Intel_atom#64_Bit_Support

Instead, you can follow these instructions to Install Mac OS X Snow Leopard 10.6.7 on the Asus Eee PC 1005HA.

It’s time to change passwords after LinkedIn and Last.fm have been hacked

Thursday, June 14th, 2012
Listen to me!
Audio MP3

download mp3
A few days ago LinkedIn service has been hacked and many users passwords have been compromised.

Here there is an article of the Guardian about that: http://www.guardian.co.uk/money/work-blog/2012/jun/07/linkedin-hacking-internet-security

This is a link to a tool from LastPass.com to check if your LinkedIn password is among the ones that have been disclosed by the crackers: https://lastpass.com/linkedin/ 

It is advisable to check if your LinkedIn Password is among the published ones.
It’s possible that your password has not been compromised BUT it’s not sure if crackers are holding it for future uses, then I advise to change it anyway.

ADDITIONALLY in the unfortunate case that your LinkedIn password is the same for other of your services, it is important that you change the password on each of such services.

It is easy for a cracker that old one of your passwords to guess on which services you have been probably using it: i.e. Facebook, Flickr, Instagram, Hotmail, Gmail etc…