Sunday, July 30, 2017

Typhoon And Monsoon In July


satellite image from NASA typhoon gorio (local name)

This typhoon enhanced the monsoon rains over the Philippines. It has been raining everyday since monday and the week is almost finished. The ground is taking the extra precipitation but there are low lying areas already flooded. After mid-week most cities around Metro Manila have had to declare no schools and government services closed except for emergency services. 

Mina has the flu maybe due to the weather. It always happens to her every time she comes home. It's either the cold, the flu or tummy ache. Get well sister. The welcome news is that Mother is fine and up cooking her favorite breakfast. 

The way I put the title to this post seems to make the occurence rare or even bizarre. It is the monsoon season in Southeast Asia. It is the start of the typhoon season, although if you go back to weather records you can find at least one typhoon visiting us in any month of the year. The previous 5 years are dry years, the dry season had been longer than the usual. You can also say that the wet seasons had been bringing record setting levels of precipitation.

Saturday, July 29, 2017

Update For Libreoffice 5.3 --> 5.4

The Libreoffice blog says there's an update available today for Libreoffice suite. The productivity suite is now ready with version 5.4. It comes with a new standard color palette and solid support for OpenPGP keys signing of documents.

Updated Linux Kernel linux 4.11 --> 4.12.3-1

The linux kernel was upgraded from 4.11 to 4.12.3-1 today. This update
includes the linux firmware. Also openssl updated to 1.1.0.f-2.

Friday, July 28, 2017

goa-daemon Using More RAM Over Time

I've been wondering why my RAM usage is increasing over a span of 3 days
now. I suspect gnome-shell but a little sleuthing showed me something else.

[donato@archdesktop ~]$ ps -A --sort -rss -o comm,pmem | head -n 6
COMMAND %MEM
goa-daemon 49.5
gnome-shell 7.9
thunderbird 3.4
chrome 3.2
tracker-extract 2.5

goa-daemon is gnome-online-accounts. I believe gnome is trying to reach
my online accounts and a bad Internet connection is making it hard for
it to successfully connect. My darn ISP is the culprit.

[donato@archdesktop ~]$ killall goa-daemon

I have to stop the process. But do I need to restart it manually??

Users or administrators should never need to start this daemon as it
will be automatically started by dbus-daemon(1) whenever an application
sends a D-Bus message to the org.gnome.OnlineAccounts name on the
session bus.
From manpage goa-daemon

[donato@archdesktop ~]$ ps -A --sort -rss -o comm,pmem | head -n 6
COMMAND %MEM
gnome-shell 7.9
thunderbird 3.4
chrome 3.2
tracker-extract 2.5
chrome 2.2
[donato@archdesktop ~]$

It should okay to stop goa-daemon and just let an application restart it
if it's needed.

Thursday, July 27, 2017

Update For Google-Chrome 59 --> 60

I got the news from ghacks technology news a few hours ago. I went to
check AUR at archlinux.org and it was so. It updated on the 26th, that
around 15 hours ago.

Google says version 60 is a security and under-the-hood update. It is
recommended that you update to the stable version as soon as possible.

Wednesday, July 26, 2017

A Nine Year Old Remembers

The essays they first urged us to write in school was suppose to awaken
our interest in writing. I remember writing about summer activities and
in the Philippines it's all about the town fiesta or the religious
festivals. Sure, fifty year old teachers are suppose to know what
interest nine year olds. So we learned to write the topic sentence and
the introductory paragraph. They also wanted to see at least 100 words
in your two page yellow sheets. Once in a while the school won the
sports intramurals and this event boosts essay writing in the classes
where most of the time we talked about subject- verb structures.

I believe in writing one's personal experience. Nothing was more honest,
or more compelling. But then I am a bookworm when I was a kid of nine
in the 3rd grade. I got invited to audition in the school choir one
afternoon. I said sure. Little did I know, the school choir would win
the province wide contest for Rizal Province at the Kapitolyo. We placed
third place but we sure were famous enough to sing all over town. We had
two teachers advicer whose favorite materials came from Rogers and
Hammerstein's broadway productions.

I have a lunch habit of visiting the big school library. It has a four
feet aquarium full of live creatures I see only in the encyclopedia. The
librarian rewarded my interests by giving me the responsibility of
cleaning it and feeding the fishes. The library had a giant mural of our
national hero Jose Rizal on the west wall. My favorite corner was the
reference books section which contains all the magazines I can lay my
hands on. My friends' favorite reading materials were displayed out of
school in the sari-sari store. We follow our literary heroes in the
komiks. These are illustrated fiction, we rented for less than a peso an
hour but we pass it on to the next boy if Ate isn't looking closely.

In the late afternoon, we play tag or volleyball at the back of the
school. It's the only space left for sports activities. It's also where
we hold our social activities and our graduation ceremony. There's a
concrete stage facing east by the west side. During my time there were
single level school buildings on both sides of this square. I would
imagine they have constructed a roof over it now.

Sunday, July 23, 2017

Rkhunter Warnings Received and Investigated

I received my rkhunter warning email moments ago. Two in fact, namely, a
suspicious shared memory file and and suspicious hidden file. After
googling the subjects I'm convinced they are false positives. With a
name like /usr/lib/thunderbird/thunderbird it should be obvious that my
email program is sharing memory files with other processes for more
efficient use of memory. The other one is named /dev/shm/mono.xxxxx: data.

The two files I have to check out are /var/log/rkhunter.log, of course,
and /etc/rkhunter.conf.

In /etc/rkhunter.conf which I opened in vim, I added a line such as:
ALLOWIPCPROC=/usr/lib/thunderbird/thunderbird

and

ALLOWHIDDENFILE=/dev/shm/mono.*

This is to whitelist these file and process. I hope rkhunter won't freak
out if it encounters these anymore.

Tuesday, July 18, 2017

Reflections On My Blogging: Keeping It Honest

When you're facing a white, blank screen trying to decide what to write,
it seemed hopeless and hopeful at the same time. It's like watching a
boat with its sails unfurled but there's no wind, yet you wait and then
see the tide turning. You have to stop the distractions. Shut the door.
Wait until your breathing is regular and your mind relaxed, like your
wrists on the table infront of you.

I imagine me looking sideways but not hearing anything. The sounds come
much later. I see the big mass of color first, the greens. Just the
vegetation, moving, not even individual trees, not leaves, just the big
green. Then behind it the blue sky, unfocused and floating. Do not
concern your brain with the details. Forget the words and the
punctuations. But be mindful of the flow, trace the outlines, hear the
motions. Sometime these things don't have a name, give it a name.

How do you give something a name and still be honest? How do you keep
your writing honest?

I had to stand up and pace the room but when I do this I'm immediately
woken up from sleep. Sometimes I forget the names and what it is I'm
writing about. I have to start with a blank page again. This made me a
good typist. Soon I am writing again. I have their names again. But the
weather is turning sour on me. I start to think about the words and the
punctuations. It smells I know. I can hear the sounds this time and
tried to ignore the beating wings of the birds on the trees. It's should
be raining but I don't trust the words anymore.

What's the secret to keeping your writing honest?

I turned around to see me standing before a mirror. I don't know if the
mirror is make believe but I know I see me. I was looking into my eyes
looking into my eyes. What was preventing me from saying exactly what I
wanted to say? I moved the chair and the table away. I took the pen and
paper but laid them down somewhere else. I shook my shoulders. I sat
down and used my words.

Saturday, July 15, 2017

Security Breach At 8track, Dropbox And Tumblr

It's not yet clear how but there is data breach in 8track, Dropbox and Tumblr. 8track sent out a security notification to its users regarding this. They recommend password change and security settings review. They promise to inform users of any more findings in the coming hours. 

Use pacutils, paccheck: Verify Package Integrity In Arch

Downloads and upgrades can go wrong. Files can be corrupted. Your own hard drives can be the culprit. So once in a while it doesn't hurt to check file integrity especially your downloaded packages.

#paccheck --sha256 (returns with list of packages and result)

If there is a mismatch, you can reinstall the package.

edit: You can also use an alternative.
#paccheck --list-broken       (returns with a list of packages with mismatches)

#pacman -S package1,package2...

Recheck with:

#paccheck --sha256 package

tag: pacman,arch,linux,pacutils,paccheck

Friday, July 14, 2017

How To Verify iso Image After Download In Linux

I assume that you have downloaded the image / iso file in a folder. Navigate to the folder where the iso is. You have to get the public gpg key for fedora downloads.

[donato@archdesktop Downloads]$ ls
builds  debian-live--9.0.0-amd64-gnome  Fedora-Workstation-Live-x86_64-25  Fedora-Workstation-Live-x86_64-26
[donato@archdesktop Downloads]$ cd Fedora-Workstation-Live-x86_64-26
[donato@archdesktop Fedora-Workstation-Live-x86_64-26]$ ls
Fedora-Workstation-26-1.5-x86_64-CHECKSUM  Fedora-Workstation-Live-x86_64-26-1.5.iso
[donato@archdesktop Fedora-Workstation-Live-x86_64-26]$ gpg --verify Fedora-Workstation-Live-x86_64-26-1.5.iso
gpg: no valid OpenPGP data found.
gpg: the signature could not be verified.
Please remember that the signature file (.sig or .asc)
should be the first file given on the command line.
[donato@archdesktop Fedora-Workstation-Live-x86_64-26]$ ls
Fedora-Workstation-26-1.5-x86_64-CHECKSUM  Fedora-Workstation-Live-x86_64-26-1.5.iso
[donato@archdesktop Fedora-Workstation-Live-x86_64-26]$ curl https://getfedora.org/static/fedora.gpg | gpg --import
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100 18521  100 18521    0     0  11190      0  0:00:01  0:00:01 --:--:-- 11190
gpg: key 73BDE98381B46521: public key "Fedora (24) <fedora-24-primary@fedoraproject.org>" imported
gpg: key B8635EEB030D5AED: public key "Fedora Secondary (24) <fedora-24-secondary@fedoraproject.org>" imported
gpg: key 4089D8F2FDB19C98: public key "Fedora 25 Primary (25) <fedora-25-primary@fedoraproject.org>" imported
gpg: key 1A185CDDE372E838: public key "Fedora 25 Secondary (25) <fedora-25-secondary@fedoraproject.org>" imported
gpg: key 812A6B4B64DAB85D: public key "Fedora 26 Primary (26) <fedora-26-primary@fedoraproject.org>" imported
gpg: key 4560FD4D3B921D09: public key "Fedora 26 Secondary (26) <fedora-26-secondary@fedoraproject.org>" imported
gpg: key F55E7430F5282EE4: public key "Fedora 27 (27) <fedora-27@fedoraproject.org>" imported
gpg: key 3B49DF2A0608B895: public key "EPEL (6) <epel@fedoraproject.org>" imported
gpg: key 6A2FAEA2352C64E5: public key "Fedora EPEL (7) <epel@fedoraproject.org>" imported
gpg: Total number processed: 9
gpg:               imported: 9
[donato@archdesktop Fedora-Workstation-Live-x86_64-26]$ gpg --verify-files *-CHECKSUM
gpg: Signature made Fri 07 Jul 2017 11:13:31 PM +08
gpg:                using RSA key 812A6B4B64DAB85D
gpg: Good signature from "Fedora 26 Primary (26) <fedora-26-primary@fedoraproject.org>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: E641 850B 77DF 4353 78D1  D7E2 812A 6B4B 64DA B85D
[donato@archdesktop Fedora-Workstation-Live-x86_64-26]$ sha256sum -c *-CHECKSUM
sha256sum: Fedora-Workstation-netinst-x86_64-26-1.5.iso: No such file or directory
Fedora-Workstation-netinst-x86_64-26-1.5.iso: FAILED open or read
Fedora-Workstation-Live-x86_64-26-1.5.iso: OK
sha256sum: Fedora-Workstation-ostree-x86_64-26-1.5.iso: No such file or directory
Fedora-Workstation-ostree-x86_64-26-1.5.iso: FAILED open or read
sha256sum: WARNING: 19 lines are improperly formatted
sha256sum: WARNING: 2 listed files could not be read
[donato@archdesktop Fedora-Workstation-Live-x86_64-26]$

So this is for fedora distribution. If you're trying to verify another distribution then importing its gpg keys should the same. I downloaded the live workstation iso from their torrent page so it's the only iso i want to verify. Nothing else. I ignored the rest of the fail messages here.
 

tag: fedora,gpg,checksum,iso

Thursday, July 13, 2017

Upgrade From Fedora 25 To Fedora 26



Good to hear. My own experience is very close to this. Ever since Fedora 20, my upgrades have been pain free.

A Record For An Iceberg Off Antarctica



This is a record for its size. This iceberg is going to be floating out there for years.

Tuesday, July 11, 2017

Fedora 26 Final Release

The Fedora / Red Hat developers made Fedora 26 available for download for all flavors of this operating system.

Download page for the torrents.

Wireless Connection Wifi On My PC

I bought a wireless pcie or wifi card from Lazada the other week. It's an Ralink pcie card shown below.

My general notion in networking is that this card should work in my Arch linux GNOME setup. Well, yes and no. I installed the pcie card to my motherboard. My computer recognized the new hardware. I checked if the proper drivers are installed.

$ lspci -k
03:00.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller (rev 11)
    Subsystem: ASUSTeK Computer Inc. Device 859e
    Kernel driver in use: r8169
    Kernel modules: r8169
04:00.0 PCI bridge: ASMedia Technology Inc. ASM1083/1085 PCIe to PCI Bridge (rev 04)
system: Ralink corp. RT3062 Wireless 802.11n 2T/2R
    Kernel driver05:00.0 Network controller: Ralink corp. RT3062 Wireless 802.11n 2T/2R
    Sub in use: rt2800pci
    Kernel modules: rt2800pci


And they are being used, rt2800pci as shown.

But, when I tried activating the connection, it threw me a lot of error message. It went through the motion of trying to connect, and authenticating but it fails. I tried googling the problem. Oh and I also installed dnsmasq in the process of troubleshooting it. I don't have any idea why dnsmasq is needed here.

I was fiddling with netctl commands to no avail. I am running out of ideas.

After a day or two of leaving it to simmer for a while this greeted me today.


[donato@archdesktop ~]$ ip link
1: lo: mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: enp3s0: mtu 1500 qdisc fq_codel state UP mode DEFAULT group default qlen 1000
    link/ether 78:24:af:36:61:21 brd ff:ff:ff:ff:ff:ff
3: wlp5s0: BROADCAST,MULTICAST,UP,LOWER_UP  mtu 1500 qdisc mq state UP mode DORMANT group default qlen 1000
    link/ether 28:f3:66:20:7a:1e brd ff:ff:ff:ff:ff:ff


# iw dev wlp5s0 scan | less
BSS b2:46:fc:95:f0:48(on wlp5s0) -- associated
        TSF: 205505554535 usec (2d, 09:05:05)
        freq: 2412
        beacon interval: 100 TUs
        capability: ESS Privacy ShortSlotTime APSD (0x0c11)
        signal: -21.00 dBm
        last seen: 166 ms ago
        Information elements from Probe Response frame:
        SSID: PLDTHome_Roque
        Supported rates: 1.0* 2.0* 5.5* 11.0* 9.0 18.0 36.0 54.0
        DS Parameter set: channel 1
        ERP: Barker_Preamble_Mode
        Extended supported rates: 6.0 12.0 24.0 48.0
        WPA:     * Version: 1
                 * Group cipher: TKIP
                 * Pairwise ciphers: TKIP
                 * Authentication suites: PSK

        WMM:     * Parameter version 1
                 * u-APSD
                 * BE: CW 15-1023, AIFSN 3
                 * BK: CW 15-1023, AIFSN 7
                 * VI: CW 7-15, AIFSN 2, TXOP 3008 usec
                 * VO: CW 3-7, AIFSN 2, TXOP 1504 usec
        BSS Load:
                 * station count: 4
                 * channel utilisation: 10/255
                 * available admission capacity: 31250 [*32us]
        Country: US     Environment: Indoor/Outdoor
                Channels [1 - 11] @ 16 dBm
        WPS:     * Version: 1.0
                 * Wi-Fi Protected Setup State: 2 (Configured)
                 * Response Type: 3 (AP)
                 * UUID: bc329e00-1dd8-11b2-8601-b246fc95f048
                 * Manufacturer: HW
                 * Model: B2268S
                 * Model Number: RT2860
                 * Serial Number: S140Y52094899
                 * Primary Device Type: 6-0050f204-1
                 * Device name: B2268S
                 * Config methods: Label, PBC
                 * RF Bands: 0x0

Success! I am now connected to the home wifi network.

Sunday, July 9, 2017

Today Is International Day Against DRM

Digital Restriction Management DRM is the piece of code stuck to your
digital media and various computerized devices put there by major media
corporations to stop you from sharing your files. The music that you
bought have it so you can't copy it and play it in your car's music
player. The movie DVD that you bought have it so you can't copy it for
your mother watching her tv upstairs. But DRM is more than a terrible
inconvenience, it is power held by corporations and media companies over
our cars, phones, computers and more of our daily lives intersect with
DRM if we don't stand up for our rights in the digital world.

Support Free Software. Digital devices have software called firmware or
drivers. It's a good idea to use free software in our devices to
liberate our devices from corporate controls.

Saturday, July 8, 2017

Linux Kernel Update

The linux kernel just got updated from 4.11.7 to 4.11.9 in my Arch
system. systemd also was updated a few days ago to 233.75-3.

Thursday, July 6, 2017

My Favorite Add-ons For Firefox

I started using Mozilla's Firefox when I was in Windows XP. I hate Internet Explorer 6. I discovered Firefox and it made using Windows XP workable but not for long. I installed Ubuntu 6.10 and it has Firefox as default browser. I've been using Firefox with differing add-ons and plugins. Now my plugins only consist of OpenH264 video codec. Yes I've no use for flash now. My add-ons today are:


1. NoScript
        On its default settings it blocks all scripts from running automatically. You can allow the scripts you want in the web page. The more you use it the less work there is to do and eventually it disappears in the background. Scripts are the single most dangerous things on a web page and once you click on a link, noscript is there first to disable them.

2. HTTPS Everywhere
        Half the sites in the Internet offer HTTPS in 2017. Major sites have encrypted their communications in the web. Largely from the effort of the Electronic Frontier Foundation and the TOR Project, this add-on requests websites for their https connection. Unfortunately third party contents in these https sites are still not encrypted, so if you click on them they will transfer your connection to an unsecure, unencrypted communication.

3. Privacy Badger
        Advertisers track your Internet activities as you go from one site to another. They want to know what products you clicked, or searched. This add-on prevents advertisers from seeing what you're doing. There are other add-ons that do this but Privacy Badger does not require user configuration. Just make sure it's enabled.

4. Certificate Patrol
        Expired or suspicious certificates tell you if a web site is who they tell you they are. Certificates tell you if the web site is actually the site you're trying to reach. This is especially important when you're logging in with your password or doing bank transactions.

5. GNOME shell integration
        I use Arch and GNOME desktop environment. This incorporates Firefox in GNOME.    

6. Torrent Finder Toolbar
        Helps me find torrent files for downloading stuff from the Internet.

Wednesday, July 5, 2017

North Korea Claims Successful ICBM Launch

What is the big deal if North Korea successfully launched an ICBM?


North Korean ICBM

An Inter-Continental Ballistic missile ICBM, is different from any other missiles because of the range. They reach 5,600 km. If a state have one, they can hit targets far beyond its borders. Furthermore, ICBMs are mostly used to lift nuclear warheads. Once they reach space they launch multiple nuclear warheads which are impossible to counter. The US Air Force has been developing a technology to track and hit ICBMs post launch. If it is true that North Korea successfully launch an ICBM today, then we are entering a new phase in how the world deals with the rogue nation. Only the United States, Russia and China possess ICBMs.

Edit: The New York Times reports Pentagon confirms successful launch of North Korean ICBM.

Tuesday, July 4, 2017

Mina Is Home

Mina arrived from Houston, Texas around 5 pm in the house. Mom has a
fever. I insisted she take tylenol (acetaminophen). By the time Mina
arrived she is feeling a lot better. Mom prepared sinigang and lechong
kawali. She asked Imee to cook it. Jojo and driver fetched her from NAIA.

Current Year Financial Report July 2016 to June 2017

Income Expense Profit Chart July 2016 To June 2017 12 Month snapshot from Gnucash


Sunday, July 2, 2017

A Marawi Siege Update

After a month of fighting, the Marawi siege continue to its second month with casualties piling up and civilian misery unabated. Marawi is an 87 square kilometer of 200,000+ inhabitants, not as big as Iligan nor as prosperous, but it is home to the Mindanao State University, primary muslim college in the Philippines and the picturesque Lake Lanao.
Lake Lanao in Marawi City

Local governments report a total of 180,000+ civilians now evacuated out of the city and are facing bleak conditions in Iligan city and other local points in Mindanao and Visayas. 82 government soldiers are killed in action, while 317 members of the Maute group are dead. 122 civilians are dead, including 60 who died in evacuation centers of disease. Isnilon Hapilon the commander of the Maute group remains at large and appeared prepared to negotiate exchange of captives for his family's safety.


Saturday, July 1, 2017

Linux Kernel Update For Arch

Linux kernel 4.11.6 just updated to linux kernel 4.11.7 in Arch linux.

Bugfixes. On the other hand, a new attack on computers worldwide is
still ongoing.

Update Chromium From 61 -->> 62

Browser updates are very important to web security. Don't miss it. If there's a piece of software that you really have to get right,...