Leaving the privacy issues aside for the moment, relying on snooping to fight terrorrism is a very dangerous game. Once it stops working, society has no good way of defending itself. It is better to go down the route of physical security.

Amendment 2017-04-05: This goes also for using the financial system as leverage: When you are not callling the shots anymore, and your enemies are routing around your financial system, what are you gonna do?

The UK government is considering to outlaw all communication that cannot be eavesdropped.

Being able to eavesdrop on all communication is a very cheap way to fight terrorism. It creates leverage. But leverage can also be dangerous, when it suddenly does not work anymore, such as if the government loses its ability to eavesdrop due to a new piece of software, algorithm or usage pattern. Much more focus should be given to hardening the physical defenses of critical infrastructure and better policing. These methods will not fail catastrophically, while snooping may and probably will do so in the future.

It is unfortunate that we may need to expend a lot more money on physical security and travelling encumbrances, but as we get more freedom in cyberspace, other freedoms in the physical world will change.

Talking about this issue earlier this year, David Cameron questioned that if in their country, they should allow a means of communication between people which they cannot read, reported the Daily Star. Answering his question with a no, Cameron had said that being the Prime Minister he will make sure it is a comprehensive piece of legislation that makes sure that they didn't allow terrorist safe spaces to communicate with each other.

Read more: Link - UK to ban WhatsApp under 'snoopers charter' law | Business Standard News

WD My cloud 3 TB network attached storage. Slick web interface.

Lots of connectivity to apps and punching through firewalls, and I have disabled all that. Runs a fairly standard Debian Linux, but with a different page size, and that means you cannot enable the normal Debian repositories. You should be able to hack and downgrade the device to its version 3.x which has a normal page size, but I never got that downgrade to bite.

It has gigabit ethernet, but saturating with a 100Mb transfers with rsync seems to make it veeery sluggish, so not sure if the Gb/s speed is actually attainable.

it has USB 3, but only for connecting to hard disks and similar, not to a computer. It wants to be the USB host. Kind of strange choice, that.

I just wanted a cheap usable NAS server under €200 (2000 SEK, $220).

Ethernet, USB 3.0. Pick one.

I couldn't find one that had both. Or I actually got a WD My Cloud 3TB. And it has USB 3, but only for connecting to hard disks and similar. It wants to be the USB host. It cost me SEK 1500 (€150, including 25% sales tax). Didn't notice that it only had USB host mode until after I bought it.

In the same price range there was a Seagate, but it only had USB 2. In hindsight that would have been better than no USB connectivity to the computer. However I decided to keep the WD device since it has more documentation on care and feeding of the Linux it runs, than what I could find for the Seagate. However it turned out that WD has modified the page size in such a way that you cannot install normal Debian packages. And the workarounds I have found have not worked so far. Ah, well.

OpenSSL has been around for a very long time, but many believe it is too convoluted and ambitious/unfocused to be secure. The OpenBSD people have forked to LibreSSL and Google has forked to BoringSSL.

• LibreSSL is a version of the TLS/crypto stack forked from OpenSSL in 2014, with goals of modernizing the codebase, improving security, and applying best practice development processes.
• boringssl Git repositories - Git at Google

The unveiling of BoringSSL, as the Google fork has been dubbed, means there will be three separate versions of OpenSSL, which is best known for implementing the secure socket layer and transport layer security protocols on an estimated 500,000 websites. Developers of the OpenBSD operating system took the wraps off LibreSSL a few weeks after the surfacing of Heartbleed

Read more: Link - Google unveils independent “fork” of OpenSSL called “BoringSSL” | Ars Technica

CentOS 5.11 32-bit: glibc version 2.5

Ubuntu 10.04 LTS 32-bit: glibc version 2.10

Debian 6 32-bit: glibc version 2.11

CentOS 6.6 32-bit: glibc version 2.12

Debian 7 32-bit: glibc version 2.13

Ubuntu 14.04 LTS 32-bit: glibc version 2.19

Starting with Python 2.7.9, it is included by default with the Python binary installers.

But if you install it is not there in the bin directory! Drama and confusion! Or at least confusion. It can be installed without accessing the network like this (with your built python):

python -m ensurepip

So it is there. And shows up in the bin directory. It just needs to be summoned.

Read more: Link - Installing Python Modules — Python 2.7.10 documentation

One way is to build from source, after having installed prerequisites. Tested by me right now, worked like a charm! If you are going for 32-bit change "x86_64"

in:

yum install gcc gcc-c++.x86_64 compat-gcc-34-c++.x86_64 openssl-devel.x86_64 zlib*.x86_64

to "i386".
 

Read more: Link - centos5 - How should I upgrade Python on CentOS 5.5 (64-bit) - Server Fault

1. Check what is actually sent over the network and what is actually stored on file/in a database

This is your data. Everything else is just crunching that data.

Check so that there isn't something wrong here, because if there is you fall victim to the GIGO (Garbage In, Garbage Out) principle, and it does not matter how well the code itself is written. I once had a problem with Internet Explorer (IE7 I think) not displaying stuff the same way as the other browsers. Turned out after quite some debugging, that it was sent a subtly different version of the web page.

2. If you're looking at something for more than 40 minutes, you're looking in the wrong place

3. There is no such thing as rollback - switch back instead

When rolling back an upgrade: Replace with previous binary structure instead.

Back when I installed and upgraded Plone based systems, there was of course the version control system, but also the ZODB appending database, hundreds of python eggs, some files and the operating system libraries. All changes in these can be rolled back, but did you miss anything? Is something somewhere not pinned properly? If so, how long would it take you to find it? If you just make a binary copy of the old system (to the extent that you can), you can just switch back to that system.

4: Testing must be done as close to the user as possible

It does not matter how good the system is under the hood, unless the last mile to the user is also in perfect shape.

• Default & start from scratch
• Reform society to be agile and economically efficient
• Build trust between people
• Never take loans again

Here's a longer how & why for each one of these:

Default & start from scratch

Being saddled with huge debts is a very bad situation, whether for an individual or family, or for a nation. Over a certain threshold it just becomes impossible. There are examples of countries paying back debts. However a simpler option is to just default. This will also teach creditors to be more careful lending out money in the future.

Reform society to be agile and economically efficient

A society where people can quickly organize and reorganize themselves and their production resources, will have a much smoother ride through times of change. This means low taxes on work, promoting work and division of labor. High taxes kill division of labor since with high taxes it is cheaper to DIY stuff than to outsource it to specialists: For every new person in the chain the tax on wages will take a cut, so with e.g. 50% tax on wages the third person in the chain would receive 25% of what the first person had to earn to pay him. With 30% tax it gets around 50%. So you see how high taxes effectively puts a stop to chains of cooperation.

It must be easy to hire and fire people and to start and scuttle companies. There must be an efficient conflict resolution system. But what if hire and fire creates alienation in society?

Build trust between people

Trust is needed between people to make for a good society. If trust breaks down you will either have anarchy & chaos or a strong leader who oppresses and solves things inefficiently. There are some rather good books about how to start building trust in society by Gene Sharp. Negative income tax or just a guaranteed sum to live from are also interesting ideas. Simple systems are less vulnerable to capriciousness and corruption.

Never take loans again

Loans are probably a bad idea, and should be abolished. This is one of those times when several religions actually got it right. Instead sell equity. With equity in bad times somebody may own what you built but they will not own you. Big difference.

I used tmuxinator and byobu for this. Tmuxinator allows you to start one or more sessions of tmux or byobu (programs that gives you virtual terminals) and for example tile them.

It was hard to predefine setup commands in tmux or byobu directly, but with tmuxinator you can do it in a YAML file. I believe it uses sendkeys instead of relying on tmux' command parameter.

Manage complex tmux sessions easily

(for any nitpicker reading this, I mean what is referred to as panes in tmux and byobu when I write sessions.)

• It should be open source
• No code should be loaded from a server, all code should be local when running
• You should be able to store your passwords on your storage of choice
• Storage should be encrypted safely
• You should be able to update the database from different devices
• Browser integration should be stellar, including generating passwords for you

It seems to me that this can be split in two areas: back-end and front-end. Many projects seem to be good at the back-end stuff, and not so many at the front-end stuff. I wonder, would it be possible to split the work so that one open source project only does the front-end work, i.e. the browser integration, and then make that pluggable?

Something I find quite hard in English is remembering which words end in -ous and which end in -uous.

Especially the latter ones. Here are some examples:

• ambiguous
• arduous
• assiduous
• conspicuous
• contemptuous
• contiguous
• continuous
• disingenuous
• impetuous
• incongruous
• ingenuous
• innocuous
• promiscuous
• sensuous
• strenuous
• superfluous
• tenuous
• tortuous
• vacuous
• virtuous
• voluptuous

Found this list:

The following table lists in alphabetical order the most commonly cited programming fonts.

Font Survey: 42 of the Best Monospaced Programming Fonts - CodeProject

My favourites from looking at the images are:

• Proggy Clean with Slashed Zero
• Terminus
• Liberation Mono

Summary

To merge in changes from "other_branch", do this:

git pull --all
git merge origin/other_branch

Longer story

I continuously need to merge in changes from a branch that I have branched off of. Sometimes I do it by switching over to that branch locally, do a pull, and then switch back to mine and do a

git merge other_branch

That works fine. But sometimes I have tried to remain on my branch and do a

git pull --all

followed by a a

git merge other_branch

But that won't work! Why?

"git pull --all" does indeed fetch all tracked remotes and updates them, but only merges new updates locally on your current branch. So even if other branches are updated locally, HEAD hasn't moved in them and from merge's point of view the updates aren't there.

This ought to solve the problem:

git merge origin/other_branch

currently untested by me.

Update: Now tested by me. It doesn't work.... unless you pull first! So this is the way it should look:

git pull --all
git merge origin/other_branch

Use $@ . This is magical and will work. Not sure how it is magical, but it is. Put double quotes around it.

 

For passing the arguments to the inner command "$@" -- with the double-quotes, $@ preserves the original word breaks, meaning that the inner command receives exactly the same argument list that your script did.

Read more: Link - linux - Preserve Quotes in bash arguments - Stack Overflow

Start server with the debug sub command. "app" is root of the Zope server. In my case my plone site is called "site". So I assigned app.site to the variable "site". The pages are in Archetypes, with a UID method for each.

>>> res = site.portal_catalog(portal_type='Document')
>>> res.actual_result_count
2513
>>> res[0]
<Products.ZCatalog.Catalog.mybrains object at 0xb31020c>
>>> res[0]['Title']
'Some databases'
>>> res[0].getObject().SearchableText()
'Link---Better-MongoDB-Performance---Tokutek  Some databases   \r\n\tNotes to self. \r\n \r\n\tTokutek \r\n \r\n\t \r\n\tTokutek is MongoDB but allegedly with better performance for indexing and some other stuff \r\n \r\n\tThe direct benefits include high-performance indexing, strong compression, and performance stability \xe2\x80\x93 in other words, the performance stays high, even when data is larger than RAM \r\n \r\n\t\xc2\xa0 \r\n \r\n\tRead more:  Link - Better MongoDB Performance | Tokutek  \r\n \r\n\tHyperleveldb - a faster version of leveldb \r\n \r\n\t Inside HyperLevelDB :: Hacking, Distributed  \r\n \r\n\tArdb \r\n \r\n\tArdb, uses Redis protocol for accessing some fast databases, mostly leveldb. \r\n \r\n\t Ardb is a BSD licensed, redis-protocol compatible persistent storage server, it support different storage engines. Currently LevelDB/KyotoCabinet/LMDB are supported, but only LevelDB engine is well tested.  \r\n\t\xc2\xa0 \r\n \r\n\tKDr2/redis \r\n \r\n\tAnother one that does the same for leveldb only: \r\n \r\n\t KDr2/redis-leveldb \xc2\xb7 GitHub  \r\n \r\n\t\xc2\xa0 \r\n '
>>> res[0].getObject().UID
<bound method ATDocument.UID of <ATDocument at /site/index_html/Link---Better-MongoDB-Performance---Tokutek>>
>>> res[0].getObject().UID()
'0b933c2f07cb4e81a36b410429fe4e50'
>>> docs = [(doc.getObject().UID(), doc.getObject().SearchableText()) for doc in res]

SparkleShare - Self hosted, instant, secure file sync

Seafile - Open Source Cloud Storage for your teams and organizations

Code42 CrashPlan - Endpoint Backup + Restore

Obnam

If you use a good master password. Google Chrome and Internet Explorer were worse at it on Windows, according to the below linked article:

 

However, it would be unfair to end the post saying that browsers are completely unreliable at storing passwords. For example, in the case of Firefox, if a strong Master Password is chosen, account details are very unlikely to be harvested.

Read more: Link - RaiderSec: How Browsers Store Your Passwords (and Why You Shouldn't Let Them)

You can ask the threading package about that:

threading.active_count()

Not sure why I got 7 though.

You are probably looking for a solenoid. If one searches for linear actuators on the other hand, things are going to be expensive.

Solenoid - 5v (small) - ROB-11015 - SparkFun Electronics