Move over Black Hat & Def Con

0 comments

Every year during the joint Black Hat and Def Con security conferences, a host of black-, white-, and gray-hat security professionals and enthusiasts collide to expose a plethora of technology vulnerabilities that generally leaves me paranoid for a few weeks until I slip back into my comfort zone of everything-will-be-okay-and-the-world-moves-on. The other day, though, I stumbled onto a new security conference: ToorCon. Although a variety of security conferences exist throughout the world, this one garners a rather elite group. For example, here's a few topics from the San Diego conference that just ended:


  • Apple Rootkit: Think your iPod, iPad, or iPhone is safe? How about "a wormable process for installing malicious rootkits on every iOS device that Apple makes"? And don't you Symbian/Android smartphone users get too comfortable - there are rootkits for you too.

  • Beyond BIOS Rootkits: I've mentioned hardware rootkits before and the problem isn't going away -- this time embedded controllers are the platform of choice (p.s. you can't eliminate it with a BIOS refresh, hard drive wipe, or OS reinstall).

  • SCADA hacking is serious stuff: Most hacking involves user machines and devices (like laptops, smartphones, computers, etc). While this is lucrative (identity theft) and powerful (botnets), governments and cyber-terrorists are starting to target SCADA systems and that's scary since SCADA manages our power grid, nuclear facilities, oil refineries, pharmaceutical production, food distribution....the list is endless.

  • Is your bank account lying?: A new round of computer trojans that directly target your bank account have sophisticated algorithms and countermeasures, such as URLZone "which can transfer money out of an account and manipulates the browser to keep showing the user the original balance."

  • Dangerous Facebook links: 9% of Facebook comment links are malicious or spam.

Shadow and Blur effects using Dojox.gfx

0 comments

If anyone needs an easy way to create shadow and blur effects using Dojox.gfx (SVG, Silverlight, Canvas, or VML), I've created a couple free plugins: http://github.com/mrbluecoat/Dojox.gfx-Plugins/


Debugging Dojo on IE

0 comments

This took me a few days to figure out so I thought I'd share it...

I had written some code and everything worked fine in Firefox but in IE7 and IE8 I got a JavaScript error:

loader.js: "Could not load 'dojox.gfx'; last tried '../dojox/gfx.js'"

Like a good debugger, I had set isDebug:true in my djConfig but unfortunately neither the IE JavaScript error message nor the IE Developer Tools (Shift+F12 in IE8) told me much. I Google'd the problem and discovered this was a generic error that could be the result of a lot of different problems. Great...just what I needed...

I spent days debugging loader.js using JSLint, changing baseUrl, altering IE security settings, troubleshooting my Apache configuration, altering my VirtualBox settings...you get the idea. Finally, I stumbled across bug fix #5398 that mentioned debugAtAllCosts. Hmmm...that's interesting. I wonder what that does? I replaced isDebug:true with debugAtAllCosts:true and voila!, the IE JavaScript error now magically pointed to vml.js, not loader.js, allowing me to track down the problem: a missing semi-colon in my code! (arrrgghhhh....)

So, bottom line, use debugAtAllCosts in djConfig instead of isDebug!

P.S. Another issue that catches me every now and then is page caching. In IE, make sure to go to Tools > Internet Options > General (tab) > Browsing History (section) > Settings (button) and select the Every time I visit the webpage radio button.

Driver issues when installing VirtualBox on Ubuntu 10.04

0 comments

Installing VirtualBox, I got this error: Kernel driver not installed '/etc/init.d/vboxdrv setup'

Fix:

1. Run command: sudo apt-get install linux-headers-$(uname -r)-preempt
2. Run command: sudo apt-get install dkms
3. Run command: sudo apt-get install virtualbox-ose
4. Run command: sudo /etc/init.d/vboxdrv setup


P.S. If you'd like the VM OS to access the Internet and also computers on the local network (such as a web server running on the Host) use "Bridged Adapter" for the Network type:

Install Cheesecake Photoblog on Ubuntu 10.04

0 comments

Cheesecake Photoblog is a nice photo gallery for CakePHP. To install on Ubuntu, follow these steps:

1. Install LAMP

2. Install FireBug

3. Install FirePHP (Note: 1.0 release will be called FireConsole)

4. Download Cheesecake Photoblog 2.0

5. Download CakePHP 1.2.7 (Note: As of this writing, Cheesecake Photoblog is not compatible with CakePHP 1.3)

6. Run command: sudo chown -R your_Ubuntu_username /var/www

7. Open cheesecake_cake.tar.gz and extract the index.php and .htaccess files as well as the app and vendors folders into /var/www

8. Open the CakePHP 1.2.7 zip file and extract the cake folder into /var/www

9. Run command: sudo chmod -R 777 /var/www/app/tmp

10. Run command: sudo chmod 777 /var/www/app/config

11. Run command: sudo chmod 777 /var/www/app/webroot/img/photos

12. Install GD: sudo apt-get install php5-gd

13. Enable Apache mod_rewrite: sudo a2enmod rewrite

14. Run command: sudo gedit /var/www/app/config/core.php

15. In that document, find the Security.salt entry on line 153 and change the strrev value to a random alphanumeric string that's at least as long as the default one. Once you change the value, save and close the file.

16. Run command: sudo gedit /etc/apache2/sites-enabled/000-default

17. In that document, change the DocumentRoot /var/www line to be DocumentRoot /var/www/app/webroot

18. Change

Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
to
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all

19. Save and close the 000-default file

20. Run command: sudo service apache2 restart

21. Create the Cheesecake Photoblog MySQL database: mysql -u root -p -e "create database cheesecake2; grant all on cheesecake2.* to 'your_desired_username' identified by 'your_desired_password';"

22. Open Firefox and go to: http://localhost/admin/install

23. Follow instructions to configure Cheesecake Photoblog

24. When prompted to change permissions of the config directory, run command: sudo chmod 755 /var/www/app/config

25. When you click the Continue button you should see the Home page of Cheesecake Photoblog!

Note: You will also see the SQL query of each page request shown at the bottom of each page. To turn this off, open /var/www/app/config/core.php and change debug level to 0 or 1 (default level is 2).

Annoying Dojo 1.5 syntax error

0 comments

When running Dojo 1.5 locally on a brand new project, bootstrap.js threw 11 errors in Firebug:

SyntaxError: syntax error
(601 out of range 505)

It turns out some Dojo components are looking for internationalization js files in folders called en and en-us instead of the root of their nls folders (where the files exist).

To fix these errors, you need to create the en and/or en-us folder and copy the referenced js file from the parent folder into them. For example, in the screenshot above I had to create a folder called en-us in my DOJO_ROOT/dijit/form/nls folder and copy the DOJO_ROOT/dijit/form/nls/validate.js file into it: DOJO_ROOT/dijit/form/nls/en-us/validate.js

I had to repeat the process for all 11 missing js folders/files. Annoying, but I hope the workaround helps someone else having the same issue.

Installing MongoDB 1.6 on Ubuntu 10.04 and PHP 5

4 comments

These steps should help you quickly install the latest stable version of MongoDB on Ubuntu and PHP:

* Note: this guide assumes you already have LAMP installed and functional.

1. Run command: sudo gedit /etc/apt/sources.list

2. Paste this at bottom of file: deb http://downloads.mongodb.org/distros/ubuntu 10.4 10gen

3. Run command: sudo apt-key adv --keyserver keyserver.ubuntu.com --recv 7F0CEB10

4. Run command: sudo mkdir -p /data/db/

5. Run command: sudo chown `id -u` /data/db
* Note: that's a ` (keyboard key to left of the 1 key) not a ' (keyboard key to left of Enter key)

6. Run command: sudo apt-get update
* Note: for some reason the first update didn't work so I had to run the command a second time

7. Run command: sudo apt-get install mongodb-stable

8. Wait for the installation to finish. To test installation was successful, run command: mongo

You should now be connected to test (if not, run command: sudo service mongodb restart)

Type help for a list of options

Run command: db.myTestCollection.save({test:1});

Now we have a new collection named myTestCollection. It has one document in it called test, which is expressed as an object with one attribute (1):
{
test: 1
}

Run command: db.myTestCollection.save({test:2});

Now our test document has two attributes:
{
test: 1
test: 2
}

You can see these values by running this command: db.myTestCollection.find();   This will return all documents within the myTestCollection collection:
{ "_id" : ObjectId("4c5b8ebd13ba33c8ab9d0052"), "test" : 1 }
{ "_id" : ObjectId("4c5b8f7a13ba33c8ab9d0053"), "test" : 2 }

* Note: Mongo requires an unique ObjectId '_id' value for each attribute and will auto-create it for you if not provided (easiest and recommended).

If you want a specific attribute, you can identify it in the query. For example: db.myTestCollection.find({test:1});
{ "_id" : ObjectId("4c5b8ebd13ba33c8ab9d0052"), "test" : 1 }

I know... I know... The query syntax is a little weird at first because it's JavaScript-based and will probably seem foreign to traditional relational database admins. A nice comparison between familiar SQL and Mongo commands can be found here. Perhaps someone will eventually create a JavaScript library to convert traditional SQL queries into Mongo-style queries.

Type exit to quit the mongo console.

Now that MongoDB is functional, you need to configure PHP to use it:

9. Run command: sudo apt-get install php-pear

10. Run command: sudo apt-get install php5-dev

11. Run command: sudo pecl install mongo

12. Run command: sudo gedit /etc/php.ini

13. At bottom of the php.ini file (or first line if file is empty), add this line: extension=mongo.so

14. Restart your web server for the change to take effect (e.g. sudo service apache2 restart)

15. You can now start using MongoDB with PHP!

P.S. An important security discussion can be found here.

Install Apache, PHP, MySQL, and CakePHP on Ubuntu 10.04 (newbie install)

0 comments

If you want to install Apache, PHP, and MySQL on Ubuntu 10.04, do the following:

1. Run command: sudo tasksel install lamp-server

2. Follow prompts to install Apache, MySQL, and PHP (this is often referred to as 'LAMP' where L stands for Linux)

Congratulations, you've successfully set up LAMP!

Komodo Edit issue adding Live Folders

0 comments

I'm trying out Komodo Edit and I noticed one issue right away that I thought I'd share.

If you create a Komodo project file (*.kpf) in a folder with existing folders and files (e.g. /var/www) then Komodo Edit will automatically detect all those folders and files and add them to the project (sweet!). However, if you create the Komodo project file in an empty directory, you will not be able to add a "Live Folder" due to Bug 81507. As a workaround, either create all *.kpf files in folders with existing content or, if creating the *.kpf in an empty folder, create a dummy text file in the desired project folder prior to creating the *.kpf file.

Identity clarification

0 comments

I don't use Twitter often, but in case you care: https://twitter.com/mr_blue_coat

HTML 5 Multimedia

1 comments

A lot of HTML 5 buzz surrounds the topic of multimedia: video, audio, images, and animation.

With HTML 5, video can be added to a web page with a single line of code and it's just as easy to add audio.

That said, the more exciting discussion occurs when we talk about images and animation.

Images fall into two categories: raster and vector. Raster is just a fancy name for the image types you're most familiar with: jpeg, png, and gif. For example, your family vacation photos are in raster format. Vector images are more common in icons, logos, and fonts. Vector images can change size without getting fuzzy or lose image quality. Also, vector image file sizes are usually smaller than a raster version of the same image.

While there are thousands of programs that work with raster images, there are far fewer font programs and only a handful of vector image programs, including Adobe Illustrator and Inkscape. Although very professional images can be created in vector format, one major limitation is that they cannot be displayed in Internet Explorer and therefore the majority of web users cannot view them. This has significantly hampered widespread adoption of this image format and has been at the top of the IE wish list...until now. The HTML 5 standard (which IE9 will support) includes two vector-based components: the <canvas> element and SVG. In addition to the benefits of vector graphics, these components also support animation and are therefore expected to be a major alternative to proprietary animation plug-ins such as Adobe Flash and Microsoft Silverlight (is it obvious now why Microsoft has been dragging its heels for so long...?!)

Now that I've gotten you all excited about HTML 5 and the promise of a better tomorrow, I have some bad news: the HTML 5 standard isn't expected to be finalized until 2022.

So what now? Well, even if HTML 5 was magically available today and all browsers were magically using it, we'd still have issues. Namely, IE9 will not be available to Windows XP or older OS versions. This means the majority of web users will still be using IE8 or lower and will still not be able to view vector-based graphics/animation. Hmmm...so do we just give up now? Not quite -- enter: JavaScript.

JavaScript seems an unlikely hero in this story, but it's uniquely suited to harness the only native vector-based support available in IE: VML. VML is the vector render engine for IE and was originally proposed as a standard but rejected and SVG was created in its stead. Although not as feature rich or standardized as SVG, it does provide much of the same functionality. In addition, since Adobe Flash is available on the majority of computers, an alternate approach is to use Flash (or Silverlight) to display vector graphics on non-SVG/canvas compliant browsers.

Here's a current synopsis of all the major JavaScript libraries that deal with vector graphics:

Name: Ample SDK
URL: http://www.amplesdk.com/
Size (minified): 107k (runtime) + 89k (svg) = 196k
Supported Formats: SVG and VML
Disadvantages: relatively large library filesize, no SVG Filter Effects support, SVG support is in development
Examples:
- http://www.amplesdk.com/examples/

Name: canvg
URL: http://code.google.com/p/canvg/
Size (minified): 66k (core) + 9k (rgb color) = 75k
Supported Formats: SVG and Canvas
Disadvantages: IE users require Flash, no SVG Filter Effects support, no interactivity support, single developer
Examples:
- http://canvg.googlecode.com/svn/trunk/examples/index.htm

Name: dojox.gfx
URL: http://www.dojotoolkit.org/api/dojox/gfx.html
Size (minified): 88k (dojo 1.5 core) + 85k (dojox.gfx 1.5, 23 files) = 173k
Supported Formats: SVG, VML, Canvas, Silverlight, and experimental support of SVG Web
Disadvantages: I personally find the API and syntax to be confusing, no SVG Filter Effects support (not part of the VML or Canvas specifications)
Examples:
- http://archive.dojotoolkit.org/nightly/dojotoolkit/dojox/gfx/demos/

Name: ExplorerCanvas (ExCanvas)
URL: http://code.google.com/p/explorercanvas/
Size (minified): 11k
Supported Formats: Canvas and VML
Disadvantages: no SVG support, slow rendering and response time
Examples:
- http://bodytag.org/excanvas1/
- http://momche.net/projects/canvas/examples/example_clock.html
- http://excanvas.freehostia.com/callout-speech-bubble-excanvas-example.html

Name: jQuery SVG
URL: http://plugins.jquery.com/project/svg
Size (minified): 70k (jQuery 1.4.2 core) + 76k (svg plugin 1.4.3, 6 files) = 146k
Supported Formats: SVG and Canvas
Disadvantages: IE users need IE9 (requires Vista or higher OS), single developer
Examples:
- http://keith-wood.name/svg.html#examples
- http://keith-wood.name/svgBasics.html

Name: MooTools ART
URL: http://github.com/kamicane/art
Size (minified): 65k (MooTools 1.2.4 core) + 19k (ART 0.87, 7 files) = 84k
Supported Formats: SVG, Canvas and VML
Disadvantages: experimental, limited documentation
Examples:
- http://clientcide.com/temp/art/Tests/
- http://jsfiddle.net/oskar/guuCx/60/

Name: Processing.js
URL: http://processingjs.org/
Size (minified): 247k
Supported Formats: Canvas
Disadvantages: IE users need IE9 (requires Vista or higher OS), large filesize
Examples:
- http://processingjs.org/exhibition

Name: Raphaël (RaphaelJS)
URL: http://raphaeljs.com/
Size (minified): 61k (Raphaël 1.5 core) | 31k (gRaphaël 0.4.1)
Supported Formats: SVG and VML
Disadvantages: single developer, no Silverlight support, no matrix transformation support
Examples:
- http://raphaeljs.com/
- http://g.raphaeljs.com/

Name: SVG Web
URL: http://code.google.com/p/svgweb/
Size (minified): 120k (svg.js) + 44k (svg.swf) + 5k (svg.htc) = 169k
Supported Formats: SVG
Disadvantages: IE users require Flash, experimental, large filesize
Examples:
- http://codinginparadise.org/projects/svgweb/samples/demo.html


As you can see, the playing field is still very much in flux for a dominant player to bridge the gap between the IE limitation of today and the critical mass of future browsers that support HTML 5.

Folding@Home on Ubuntu 10.04

0 comments

Folding@Home (a.k.a. FAH or F@H) is one of the coolest distributed computing projects available. It intelligently maximizes the output of your computer for beneficial medical research (like cancer and Alzheimer's disease). If you're a new Ubuntu Linux user like me and want to participate in this great cause, here are a few steps to get up and running:

1. Download the finstall script for FAH to your home directory (right-click link and choose 'Save Link As...')

2. If you have a 64-bit machine, open the finstall script with a text editor and change the following lines:

On line 750, change Fclient_linuxB=FAH6.02-Linux.tgz to be Fclient_linuxB=FAH6.29-Linux.tgz

On line 754, change Fclient_linuxA_SMP=FAH6.02-Linux.tgz to be Fclient_linuxA_SMP=FAH6.29-Linux.tgz

3. Open a command prompt and change the script to be executable: sudo chmod +x finstall

4. Determine if your computer meets the SMP requirements.

5. Run the appropriate command prompt for your computer:

SMP computer command: ./finstall smp
Non-SMP computer command: ./finstall

6. The script will begin installing Folding@Home. When prompted, compare the MD5 hash to verify the downloaded client is correct and valid.

7. When prompted, I recommend you install the 3rd party utilities from Dick Howell.

8. When prompted for a username, think of something original and verify it hasn't been taken.

9. When prompted for a team number use 45104 (Ubuntu Folding Team!)

10. When prompted for a passkey, use this form to request one be emailed to you (Note: 'Donorname' is the username you selected in step 8). By using a passkey, you can more accurately track your participation points.

11. I used the default settings for the remainder of the install prompts (just keep hitting 'Enter' on your keyboard at each prompt to accept the default setting).

12. Once it finishes installing, copy the folding shell script to your services directory: sudo cp ~/foldingathome/folding /etc/init.d

13. Convert the shell script to a service to run automatically at startup: sudo update-rc.d folding defaults (note: to later remove the service so it doesn't run automatically at startup you can run this command: sudo update-rc.d -f folding remove)

14. Verify the service works: service folding start (note: you can stop Folding@Home at any time by running this command: service folding stop)

15. Within a minute, your CPU usage should max out at 100% and you can view the status by running: ~/foldingathome/folding status

16. You can view your data processing by navigating to your CPU folder (e.g. cd ~/foldingathome/CPU1) and running: ./qd

17. Depending on your hardware, you can also double-click the fpd executable file in the foldingathome folder to see a GUI display of your processing data.

18. After a few days of processing, you should start seeing your accumulated points. Note: you will likely need to run your computer non-stop for 3-6 days to accumulate a single work unit (WU) before your username appears in the Folding@Home stats.

Happy folding!

Areca Backup and AES-256 encryption

2 comments

Areca Backup is a cool open source backup software application that runs on Windows and Linux. I did find one issue that I finally found a fix for but it wasn't obvious so I thought I'd post it here.

When you first run Areca Backup, click on the "Log" tab. You may see these entries highlighted in orange:

WARNING - AES256_HASH (AES 256 - Password) encryption configuration is not supported by your system (Illegal key size or default parameters). It will be removed from the available encryption configurations.

WARNING - AES256_RAW (AES 256 - Original) encryption configuration is not supported by your system (Illegal key size or default parameters). It will be removed from the available encryption configurations.

If you see those warnings, do the following (your file paths may be slightly different depending on your installation and OS):

1. Close Areca Backup
2. Rename "C:\Program Files\Java\jre6\lib\security\local_policy.jar" to "local_policy.jar.bak"
3. Copy "C:\Program Files\Areca\lib\local_policy.jar" into "C:\Program Files\Java\jre6\lib\security\"
4. Start Areca Backup

You should now be able to use AES-256 encryption with Areca Backup.

Trying out Ubuntu Studio 10.04

0 comments

So I switched over from Linux Mint to Ubuntu Studio the other day and I must say I'm really liking it. Although it doesn't provide a LiveCD and its installer won't win any beauty pageant awards, the final product is very professional, fast, and lightweight.

Here are a few tweaks I made right away:

1. Changed keyboard shortcut for Desktop to {Windows Key} + D. You can do this by going to System > Preferences > Keyboard Shortcuts and then in the Window Management section click on Hide all windows and focus desktop. Once selected, you just click the {Windows Key} + D combination to set the new shortcut.

2. I set the title bar action to maximize on double-click (standard Windows behavior). You change this by going to System > Preferences > Windows and then in the "Titlebar Action" dropdown change it to "Maximize"

3. I like how the desktop and menu bar are so clean and empty. I did, however, add the audio controls and Desktop shortcut to the menu bar for easy access (especially considering Ubuntu Studio defaults audio to 'mute' which is a pain to troubleshoot if you don't know this ahead of time). To add buttons to your menu bar (along the top of the screen), right click the menu bar, select 'Add to Panel...' and then choose the items you want. 'Show Desktop' and 'Lock Screen' are options in the list. Use 'Application Launcher...' to choose System > Preferences > Sound for adding the sound control and Accessories > Terminal because Linux will inevitably require you to run a command line every now and then.

4. Open Firefox and install Adblock Plus, Flash-Aid, Flashblock, Firebug, Clear Cache, Firecookie, Dojo Firebug Extension, NetExport, Page Speed, YSlow, Rainbow Color Tools, and NoScript.

5. Tried to add my Canon i550 printer (System > Administration > Printing) because it showed up in the list when I clicked the 'Add...' button, but it couldn't find a driver for my printer so I had to select an alternate driver as discussed here. Note: the CUPS and Gutenprint software are pre-loaded on Ubuntu Studio so you don't have to install them separately (like you did in Linux Mint).

6. Install and configure ClamTK (on-demand anti-virus). Note: Many Linux enthusiasts insist you don't need antivirus, but I still feel more comfortable having an on-demand AV scanner available.

7. Install unrar (sudo apt-get install unrar)

8. Install K3b (Brasero didn't recognize one of my DVD burners and I don't really like its user interface anyways).

9. Install restricted formats (make sure to run the "sudo /usr/share/doc/libdvdread4/install-css.sh" command as well)

10. Install FBReader (for reading *.epub documents)

11. Install sysinfo (sudo apt-get install sysinfo)

12. Install Pinta (sudo apt-get install pinta)

...I'm sure I'll find plenty more to tweak in the weeks ahead...

Linux Audio/Video Apps

0 comments

Update: Many of the applications listed below have undesirable limitations (such as MPlayer's inability to load multiple selected audio files automatically into a playlist, Sweep and Audacity have crash issues, Jokosher's lack of granular controls, gnormalize's lack of a Debian package, etc) and therefore I'll be trying out Ubuntu Studio

Here's a list of some of my top picks for Linux audio/video apps:

Gnome MPlayer: for playing audio and video

Avidemux: for video editing

Sweep: for audio editing

Jokosher: for audio mixing

gnormalize: for audio normalizing (replay gain)

Another noteworthy mention includes HandBrake

Gift ideas for a security geek

0 comments

So what do you get your favorite hacker for Valentine's Day? Here's a couple books for the armchair hacker and a couple hardware toys for the serious enthusiast:



Stealing the Network: The Complete Series Collector's Edition

A fictional thread of stories based on factual penetration methods, this series is a favorite among hackers of all levels. Bottom line reviews say if you're new to the series, it's a must-have.




Schneier on Security
A well respected security professional, Bruce Schneier is a good read for those who are serious about better protection and why it's failing today.




USB hardware keylogger with wireless retrieval
Unless you're in the regular habit of checking the back of your computer tower, hardware keyloggers are virtually undetectable (yes, even by antivirus). Unfortunately, unless you have convenient access to the machine, it can be a bit challenging and risky to first install it and then retrieve it. Wireless USB keyloggers are unique in that they allow remote access to the keylog data...one less trip and the risk of detection.




Mini audio/video camera
Spy cameras are always popular among amateur hackers. If small, relatively good video, and audio capture are requirements, this model might fit your needs.

When fast isn't fast enough...

0 comments

For all the computer hardware geeks out there:

Chocolate Pallete

0 comments



I'm a big fan of dark chocolate so I was extremely pleased when my wife bought me Trader Joe's Chocolate Pallete - a collection of single-source dark chocolate samples from around the world. Although some chocolate artisans have turned down their noses and some regular shoppers have balked at the $10 dollar price tag (nothing compared to the $45 Pralus Pyramid), I for one want to come to come to its defence and say I enjoyed the experience. The flavors were distinct and comparing them to the #1 rated limited-edition Amedei Chuao (which is fantastic and also received for Christmas), I thought the Papua New Guinea bar compared favourably.

Bottom line: if you're a devoted fan of dark chocolate (70% content or higher) and you don't drive a Lamborghini, this product is worth the experience.

Update: After trying the last four bars, I've decided that the overall quality is actually sub-par and I wouldn't recommend the set for general dark chocolate fans.

Well, it's finished

0 comments

I deleted my Windows partition yesterday afternoon. For better or worse, I've officially joined the ranks of Linux aficionados.

The new 'Titan' by Valley Games is awesome!

0 comments

Titan, a classic out-of-print board game by Avalon Hill, was re-released by Valley Games awhile ago. Having a copy of both versions, I was very impressed (surprised, actually) with the quality and improvements of the new release. The main board is larger, the playing pieces are thicker, the battle lands are boards instead of paper, the rules are full-color, the box contains a built-in storage area for the creatures (alphabetically sorted with a plastic cover to avoid displacement when packed), the creatures are detailed and multi-colored, the list could go on...



Buy it now!

Linux and printing

0 comments

A lot of printer manufacturers totally ignore the Linux market and therefore fail to create quality printer drivers for Linux (not to mention an easy installation process). Fortunately, the open source community has come to the rescue once again:

1. Go to OpenPrinting and search for your printer (click the "Show" button next to your printer manufacturer)

2. My Canon i550 came up as: http://www.openprinting.org/show_printer.cgi?recnum=Canon-i550

3. Make a note of the recommended printer driver (for my Canon i550 it was CUPS BJC8200)

4. Scroll to the bottom of the page and select the appropriate package for Gutenprint (a set of high-quality printer drivers for Linux). Note: Linux Mint is based on Ubuntu which is based on Debian so Linux Mint users should select a DEB package (for example, I selected x86 32 bit (DEB for LSB 3.2))

5. Open the package with a package installer and install (for some reason, the package has a Postfix dependency which I simply disabled by setting to "Not Configured" when prompted)

6. Once Gutenprint is installed, open your printer manager (Administration > Printing) and create a new printer. It should automatically detect a printer if it's powered and connected to your machine. Select it and click Forward.

7. Select your printer manufacturer and click Forward.

8. Use the driver for the recommended printer found in step 3 above (in my case, BJC-8200).

9. Select the Gutenprint printer driver (in my case, Canon BJC-8200 - CUPS+Gutenprint (OpenPrinting LSB 3.2) v5.2.4 [en])

10. Click Forward, give the printer a meaningful name, and you're finished! Print a test page to verify the new printer driver works.

Restore Google Search in Linux Mint 8 Firefox

0 comments

I agree with others that the Linux Mint branding of the Google Search feature in Firefox (top-right corner search) is a bit annoying. To disable this branding:

1. Create a text file called google.xml and paste the following:



2. Then use root privileges to replace the existing google.xml files in the following locations with the one you just created:

  • /usr/lib/firefox-addons/searchplugins/google.xml
  • /usr/lib/firefox-addons/searchplugins/en-US/google.xml
  • /usr/share/linuxmint/common/artwork/firefox/google.xml