Monday, December 7, 2015

Let's Encrypt, tomcat7 and Java 6 issues

Yay, let's encrypt is live!

A few issues I came across to get an A-score on the ssllabs test
  • Here's a link to turn your shiny new certificate into a keystore to get it working with Tomcat, the parent post works also, but then you end up with an Incomplete Chain issue. That post fixes it.
  • Java 6 and below don't let you provide a) Strong DH parameters and, b) TLSv1.2 which is needed for HSTS. Overdue on upgrading to Java 7? Now's the time to get those Let's Encrypt goodies :)

Wednesday, February 18, 2015

Dutch subtitles for Citizenfour

Like the title says it all.
Dutch/Nederlands subtitles for the leaked Citizenfour screener.
Here is the link.

Sunday, March 30, 2014

Brightness settings for the Thunderbolt Display

It happened a few times that the brightness slider for my thunderbolt display was gone. I tried unplugging it, I tried rebooting, I tried resetting pram and nvram, I tried a lot. Nothing worked.

Then, instead of unplugging the display from the wall, I kept it plugged in, but I disconnected the power cable from the display. The screen was also disconnected from my macbook. Then I reconnected the power cable to the display and plugged the screen back in. This method has worked reliably for me a couple of times so far. I hope it does for you, if so, leave a comment.

Saturday, March 15, 2014

HeidiSQL - SQL Error (2003) in statement #0: Can't connect to MySQL server on 'xx.xxx.xxx.xx' (10061)

Frustrating error. One thing you may want to try is to open a command prompt and try the plink command manually

    • plink.exe -ssh user@host.com -L 3307:host.com:3306
It seems that when your host changes, or some other issue that requires a confirmation in plink to accept the key and the finger print, HeidiSQL cannot yet report on that issue and returns that generic error from the title. It's worthwhile to test this as 80% of the cases where HeidiSQL would not connect was due to this.

Thursday, February 27, 2014

Youtube: An error occured, please try again later

I use a number of plugins to increase security, NoScript, Adblock plus, https-everywhere, and enable-rc4. I suspected all of them to be the culprit of my youtube error that I could not seem to resolve, except for enable rc4.

It seems Google prefers a stream cipher for its huge content, makes sense too, but it took me way too long to figure out. So disable that add-on on youtube pages and you should be fine. Hope this helps you.

Friday, August 30, 2013

Adblocking and the free web

Recently I was made aware of HeidiSQL, and besides being an awesome program, it had an even awesomer way to tackle adblockers. With your adblocker off, you see ads, with your adblocker on, it displays a message explaining how free things are powered by ads. I loved it, and asked the creator to tell me how, here's my version of his code.

  1. Find the DOM id of your ad, for me, that was 'aswift_0'
  2. insert a div before the ad
       <div id = "senseReplace" style="width:728px;" top="50%"> </div>  
  3. I also put a div around the ad that I resize to make space for the replacement message.
  4. Ad the following javascript (to your head):
     <script type="text/javascript">  
     <!--  
       function sensePage() {  
         if (!document.getElementById('aswift_0')) {  
           s = '<center><p class="senseText" style="border: 1px solid red; background: #cf9; padding: 1em; margin: 0; text-align:left; font-style:italic;">'+  
           'Adblocker activated? No problem. But please note that <b>pente.org</b> balances its '+  
           'expenses with ads. Perhaps you can consider making an exception for this site <b>or</b> <a href="/gameServer/donations">donate</a> instead?'+ '</p>'+ '</center>';   
           document.getElementById('senseReplace').innerHTML = s;  
           document.getElementById('bannerAd').setAttribute("style","width:1px; height:1px;");  
           document.getElementById('senseReplace').setAttribute("style","width:728px;");  
         } else {  
           document.getElementById('senseReplace').setAttribute("style","width:1px; height:1px;");  
           document.getElementById('bannerAd').setAttribute("style","width:728px; height:90px;");  
         }  
       }  
     //-->  
     </script>  
  5. I call my javascript function after the ad placement, but was told to call it with the  "window.onload" or "body.onload" event
Happy coding!

Tuesday, June 4, 2013

LTE on Orange Switzerland

Orange announced it flipped the LTE switch to "on" in 10 Swiss cities, but sadly, iPhone 5 owners have to wait until apple releases a carrier update that enables our iPhone 5 to connect to it.
I didn't want to wait that long and here are the instructions I followed.
  1. patch the commcenter on your phone (to accept unsigned ipcc files).
  2. Enable iTunes to process ipcc files of your choice.
  3. Then follow instructions here to alter your orange ipcc file, I used the swisscom ipcc to alter mine. Or, download the file I cooked together here, and apply that. Reboot shouldn't be necessary but an Airplane mode on-off should do the trick.
  4. If you don't see a LTE icon on your phone, that probably means you are not in a LTE- covered area.
  5. Enjoy.