Choosing the fastest DNS by benchmarking

Today I used Google's public DNS servers with a WiFi hotspot, never used it so I read about it and came acrooss https://code.google.com/p/namebench/
I tried it with the ISPs DNS servers and got the following result (suggestions for improving) http://namebench.appspot.com/id/71560011 for 100 queries and http://namebench.appspot.com/id/73540001 for 200 queries.


Kali Linux install fail

I tried to install Kali in VBox with 4GB and for the second time on 8GB which wasn't enough, according to /var/log/syslog

So I checked the install docs and there was the answer how much should I use. So it's good to go throught the install docs before installing at http://docs.kali.org/installation/kali-linux-hard-disk-install and check the requirements.

After installing the system takes 9.7GB


Filesystem Hierarchy Standard

I just came across of Filesystem Hierarchy Standard (FHS). It is a standard that consists of a set of requirements and guidelines for file and directory placement under UNIX-like operating systems.
The guidelines are intended to support interoperability of applications, system administration tools, development tools, and scripts as well as greater uniformity of documentation for these systems.

The following directories, or symbolic links to directories, are required in /.

Directory Description
/bin Essential command binaries
/boot Static files of the boot loader
/dev Device files
/etc Host-specific system configuration
/lib Essential shared libraries and kernel modules
/media Mount point for removeable media
/mnt Mount point for mounting a filesystem temporarily
/opt Add-on application software packages
/sbin Essential system binaries
/srv Data for services provided by this system
/tmp Temporary files
/usr Secondary hierarchy
/var Variable data

Official site http://www.pathname.com/fhs/

REPLACE instead of SELECT and then INSERT or UPDATE

It's nice that MySQL has the replace query so instead SELECTing to check if the data exists in the DB and than INSERTing or UPDATEing I just need to write one query.

So instead this:
$q = "SELECT id FROM table WHERE name = 'value' AND name2 = 'value2' LIMIT 1;";
$id = $database->get_one($q);
if ($id > 0) {
    $q = "UPDATE table SET name = 'value', name2 = 'value2' WHERE id = $id LIMIT 1;";
else {
    $q = "INSERT INTO table (name, name2) VALUES ('value', 'value2');";

I just query once
$q = "REPLACE INTO table (name, name2) VALUES ('value', 'value2');";

More info at

Great description and examples of Linux commands

Found a great description of some Linux commands at http://www.linfo.org/command_index.html which I definitely recommend for newbies. Some of my favourits:
mike@jarvis:/media/sdb1/www$ find . -type d -exec sudo chmod 0775 {} \;
mike@jarvis:/media/sdb1/www$ find . -type f -exec sudo chmod 0664 {} \;

mike@mikembp:~$ tail -f /var/log/apache2/error_log
PHP Warning:  PHP Startup: Unable to load dynamic library '/usr/lib/php/extensions/no-debug-non-zts-20090626/imagick.so' - dlopen(/usr/lib/php/extensions/no-debug-non-zts-20090626/imagick.so, 9): Library not loaded: /opt/local/lib/libpng15.15.dylib\n  Referenced from: /usr/lib/php/extensions/no-debug-non-zts-20090626/imagick.so\n  Reason: image not found in Unknown on line 0
[Fri Feb 21 05:03:12 2014] [notice] Digest: generating secret for digest authentication ...
[Fri Feb 21 05:03:12 2014] [notice] Digest: done
[Fri Feb 21 05:03:12 2014] [info] Init: Seeding PRNG with 144 bytes of entropy
[Fri Feb 21 05:03:12 2014] [info] Init: Generating temporary RSA private keys (512/1024 bits)
[Fri Feb 21 05:03:13 2014] [info] Init: Generating temporary DH parameters (512/1024 bits)
[Fri Feb 21 05:03:13 2014] [info] Init: Initializing (virtual) servers for SSL
[Fri Feb 21 05:03:13 2014] [info] mod_ssl/2.2.24 compiled against Server: Apache/2.2.24, Library: OpenSSL/0.9.8y
[Fri Feb 21 05:03:13 2014] [notice] Apache/2.2.24 (Unix) DAV/2 PHP/5.3.26 mod_ssl/2.2.24 OpenSSL/0.9.8y configured -- resuming normal operations
[Fri Feb 21 05:03:13 2014] [info] Server built: Jul  7 2013 18:05:17

mike@mikembp:~$ id
uid=501(mike) gid=20(staff) groups=20(staff),401(com.apple.access_screensharing),503(access_bpf),0(wheel),12(everyone),33(_appstore),61(localaccounts),79(_appserverusr),80(admin),81(_appserveradm),98(_lpadmin),100(_lpoperator),204(_developer)

mike@mikembp:~$ du -sh /Users/mike/Movies/movie/
 29G    /Users/mike/Movies/movie/

mike@mikembp:~$ ps -ef |grep -i little
    0   112     1   0  5:03AM ??         0:20.64 /Library/Little Snitch/Little Snitch Daemon.bundle/Contents/MacOS/Little Snitch Daemon
  501   675   662   0  5:03AM ??         2:22.88 /Library/Little Snitch/Little Snitch Agent.app/Contents/MacOS/Little Snitch Agent
  501   686   662   0  5:03AM ??         0:54.07 /Library/Little Snitch/Little Snitch Network Monitor.app/Contents/MacOS/Little Snitch Network Monitor -psn_0_49164
  501 17552   782   0  7:59AM ttys004    0:00.00 grep --colour=auto --exclude-dir=.svn -i little

mike@mikembp:~/Sites$ sudo chown -R mike:_www *

mike@mikembp:~$ rsync -zva --progress Dropbox/bookmarks-firefox.json mike@jarvis:.
building file list ...
1 file to consider
      156268 100%   14.72MB/s    0:00:00 (xfer#1, to-check=0/1)

sent 36818 bytes  received 42 bytes  4336.47 bytes/sec
total size is 156268  speedup is 4.24

Learning about inodes

Yesterday I watched again Antitrust, but now in HD 720p to better see the commands he used :) He was playing with inodes to restore removed data and I became curious, because I heard and saw inodes, but never knew what are they.
For me useful info was at http://www.linfo.org/inode.html and http://www.cyberciti.biz/tips/understanding-unixlinux-filesystem-inodes.html I didn't know about the command stat:
mike@mikembp:~$ stat -x /etc/php.ini
  File: "/etc/php.ini"
  Size: 70183        FileType: Regular File
  Mode: (0644/-rw-r--r--)         Uid: (    0/    root)  Gid: (    0/   wheel)
Device: 1,2   Inode: 26362462    Links: 1
Access: Mon Feb  3 14:44:46 2014
Modify: Mon Feb  3 14:44:46 2014
Change: Mon Feb  3 14:44:46 2014

mike@mikembp:~$ stat -x /Users/mike/
  File: "/Users/mike/"
  Size: 2958         FileType: Directory
  Mode: (0755/drwxr-xr-x)         Uid: (  501/    mike)  Gid: (   20/   staff)
Device: 1,2   Inode: 326834    Links: 87
Access: Sat May 18 08:22:51 2013
Modify: Fri Feb 21 07:40:46 2014
Change: Fri Feb 21 07:40:46 2014


Network and bandwidth monitoring with darkstat

I was searching for a networking monitor solution and found http://hints.macworld.com/article.php?story=20020521011343792

Darkstat's source code is available at http://unix4lyfe.org/darkstat/ After starting it runs as a daemon in the background.
mike@mikembp:~$ sudo darkstat -i en0
It binds itself to the TCP port 667 which can be changed and also other things:
mike@mikembp:~$ darkstat --help
darkstat 3.0.718 (using libpcap version 1.1.1)

usage: darkstat [ -i interface ]
                [ -f filter ]
                [ -r capfile ]
                [ -p port ]
                [ -b bindaddr ]
                [ -l network/netmask ]
                [ --base path ]
                [ --local-only ]
                [ --snaplen bytes ]
                [ --pppoe ]
                [ --syslog ]
                [ --verbose ]
                [ --no-daemon ]
                [ --no-promisc ]
                [ --no-dns ]
                [ --no-macs ]
                [ --no-lastseen ]
                [ --chroot dir ]
                [ --user username ]
                [ --daylog filename ]
                [ --import filename ]
                [ --export filename ]
                [ --pidfile filename ]
                [ --hosts-max count ]
                [ --hosts-keep count ]
                [ --ports-max count ]
                [ --ports-keep count ]
                [ --highest-port port ]
                [ --wait secs ]
                [ --hexdump ]
                [ --version ]
                [ --help ]

Additional resources, info:
https://thejimmahknows.com/network-monitoring-ntop-vs-darkstat/ http://slackblogs.blogspot.com/2011/06/monitor-traffic-usage-using-darkstat.html

Disk SMART capability

I came across http://unix4lyfe.org/trim/ and became curious about my disk info so I installed smartmontools
mike@mikembp:~/Sites/atechcomp$ sudo port install smartmontools
--->  Fetching archive for smartmontools
--->  Attempting to fetch smartmontools-6.2_0+attributelog+savestates.darwin_12.x86_64.tbz2 from http://packages.macports.org/smartmontools
--->  Attempting to fetch smartmontools-6.2_0+attributelog+savestates.darwin_12.x86_64.tbz2.rmd160 from http://packages.macports.org/smartmontools
--->  Installing smartmontools @6.2_0+attributelog+savestates
--->  Activating smartmontools @6.2_0+attributelog+savestates
--->  Cleaning smartmontools
--->  Updating database of binaries: 100.0%
--->  Scanning binaries for linking errors: 100.0%
--->  No broken files found.

My Intel SSD info
mike@mikembp:~/Sites/atechcomp$ smartctl -i /dev/disk0
smartctl 6.2 2013-07-26 r3841 [x86_64-apple-darwin12.3.0] (local build)
Copyright (C) 2002-13, Bruce Allen, Christian Franke, www.smartmontools.org

Model Family:     Intel 520 Series SSDs
Device Model:     INTEL SSDSC2BW120A3
Serial Number:    CVCV313309P4120BGN
LU WWN Device Id: 5 5cd2e4 000079310
Firmware Version: 400i
User Capacity:    120,034,123,776 bytes [120 GB]
Sector Size:      512 bytes logical/physical
Rotation Rate:    Solid State Device
Device is:        In smartctl database [for details use: -P show]
ATA Version is:   ACS-2 T13/2015-D revision 3
SATA Version is:  SATA 3.0, 6.0 Gb/s (current: 6.0 Gb/s)
Local Time is:    Thu Feb 20 08:22:02 2014 CET
SMART support is: Available - device has SMART capability.
SMART support is: Enabled

Info for the stock Apple HDD in MBP 2011
mike@mikembp:~/Sites/atechcomp$ smartctl -i /dev/disk1
smartctl 6.2 2013-07-26 r3841 [x86_64-apple-darwin12.3.0] (local build)
Copyright (C) 2002-13, Bruce Allen, Christian Franke, www.smartmontools.org

Device Model:     Hitachi HTS545032B9A302
Serial Number:    110216PBSC00PYJ5TSES
LU WWN Device Id: 5 000cca 673ded1cb
Firmware Version: PB3AC60Y
User Capacity:    320,072,933,376 bytes [320 GB]
Sector Size:      512 bytes logical/physical
Rotation Rate:    5400 rpm
Device is:        Not in smartctl database [for details use: -P showall]
ATA Version is:   ATA8-ACS T13/1699-D revision 6
SATA Version is:  SATA 2.6, 3.0 Gb/s
Local Time is:    Thu Feb 20 08:22:06 2014 CET
SMART support is: Available - device has SMART capability.
SMART support is: Enabled


Facebook group posts on own webpage in PHP

A friend needed his FB groups posts embedded on his webpage so here are some snippets that I don't forget :D
  1. At https://developers.facebook.com create a new APP, after creating you get the required ID and SECRET.
  2. From https://github.com/facebook/facebook-php-sdk download the PHP SDK

require_once(WB_PATH."/include/facebook/src/facebook.php"); // Get from https://github.com/facebook/facebook-php-sdk


$config = array(
    'appId' => $APP_ID,
    'secret' => $APP_SECRET,
    'fileUpload' => false,
    'allowSignedRequest' => false,

$facebook = new Facebook($config);

$posts = '';
foreach ($data as $d) {
    if (!empty($d['message'])) {
        $posts .= '
  • '.date('d.m.Y H:i', strtotime($d['created_time'])).'


  • '; } }

    During googling I found http://pastebin.com/LPnzUQSF, but I didn't try.


    Firefox or other browser not parsing CSS or JS file

    Today thanks to mozilla #css IRC channel I learned and experienced why isn't Firefox loading some CSS and JS files for a particular page.


    Catch dtruss output into a file

    After some googling and not finding the solution I tried from the previous googled sites the following:
    sudo dtruss -ap 38961 2> /tmp/ff.log
    And it worked ! :)

    How to clean up of a 600GB backup

    Here are some thoughts about cleaning up data after a backup, recovery or restoration.

    Rsync stats from one USB harddrive to another, it took over 17 hours during which I was away from home :)

    My bigger problem was that I needed to manualy scan the images, due some partition recovery incident. The directory contained 103541 JPGs that was 12 GB of data. For moving just the wider photos (width over 800px) to a separate dir I used the following command:
    for f in *.jpg;do if [ `identify "$f" | cut -f3 -d ' ' | cut -f1 -d x` -gt 800 ] ; then mv "$f" big/;fi;done

    Listing with specified first character was very handy, which also worked for moving or removing:
    localhost:/tmp/backup$ ls [a]*.jpg
    localhost:/tmp/backup$ ls [b,B]*.jpg
    Some digital cameras start naming the photo files with IMG, DSC, P, ..., so I moved them to reduce some searching:
    localhost:/tmp/backup: mv IMG* ../jpg
    localhost:/tmp/backup: mv DSC* ../jpg
    localhost:/tmp/backup: mv P* ../jpg

    Next I moved the files containing year numbers
    localhost:/tmp/backup: mv *2013* ../jpg/2013
    localhost:/tmp/backup: mv *2012* ../jpg/2012
    Moving files according to their file types is also handy:
    localhost:/tmp/backup$ mv `find . -name "*sql"` ../sql/
    localhost:/tmp/backup$ mv `find . -name "*zip"` ../zip/

    If you getting error /bin/rm: Argument list too long., then try:
    find . -name '*.php' -print0 | xargs -0 rm

    Find empty directories and remove them:
    find . -type d -empty -exec rm -r {} \;

    Some PHP security goodness, how-to

    Some of my best practites for PHP

    1. Check the syntax of all of the php files:
    localhost:~ $ find $(pwd) -name \*.php -exec php -l '{}' \;

    2. Set php.ini for development:

    3. Watch out for proper type handling:
    $clean_int = (int)$dangerous_int;
    4. Watch apache/error_log for errors while running a link checker on the site (try also for authenticated user):
    tail -f /var/log/apache2/error_log
    More resources:
    http://blackhatlibrary.net/PHP http://www.phptherightway.com/

    Linux special case listing options, tricks

    To list only files beginning with the specified character:

    mike@jarvis:/media/sdb1/jpg$ ls -1 [A]*.jpg
    mike@jarvis:/media/sdb1/jpg$ ls -1 [a]*.jpg
    Finding PNG images greater than 800 pixels:
    for f in *.png;do if [ `file $f | cut -f5 -d\ ` -gt 800 ] ; then echo $f;fi;done
    Finding JPG images greater than 800 pixels (requires installed imagemagick, to have identify command):
    for f in *.jpg;do if [ `identify "$f" | cut -f3 -d ' ' | cut -f1 -d x` -gt 800 ] ; then echo "$f";fi;done

    Resources that can also help:
    http://www.codecoffee.com/tipsforlinux/articles/26-1.html http://www.thegeekstuff.com/2009/07/linux-ls-command-examples/ http://www.cyberciti.biz/faq/linux-list-just-directories-or-directory-names/


    Trying WD SmartWare for My Passport USB HDD

    During my data restoration struggles I tried Western Digitals SmartWare from http://support.wdc.com/product/download.asp?groupid=208
    After attaching to my Mac the following log entries appear:
    2/13/14 5:41:43.000 PM kernel[0]: USBMSC Identifier (non-unique): 57584A314143303737343937 0x1058 0x730 0x1012, 2
    2/13/14 5:41:51.000 PM kernel[0]: NTFS driver 3.10 [Flags: R/W].
    2/13/14 5:41:51.000 PM kernel[0]: NTFS volume name data1, version 3.1.
    I'm using OSX 10.8.5 (Mountain Lion) and it's kernel supports NTFS, good to know.
    After downloading SmartWare and launching the following entries appear in the Console.app
    2/13/14 5:44:20.676 PM WD SmartWare Installer[69704]: Install Point: installSmartWareByFramework
    2/13/14 5:44:20.677 PM WD SmartWare Installer[69704]: Install Point: uninstallSmartWareAndDriveManagerByFramework
    2/13/14 5:44:23.038 PM coreservicesd[41]: Application App:'WD SmartWare Installer' [ 0x0/0x45c45c]  @ 0x0x7ffe39c56be0 tried to be brought forward, but isn't in fPermittedFrontASNs ( ( ASN:0x0-0x45d45d:) ), so denying.
    2/13/14 5:44:23.038 PM WindowServer[182]: [cps/setfront] Failed setting the front application to WD SmartWare Installer, psn 0x0-0x45c45c, securitySessionID=0x186a5, err=-13066
    2/13/14 5:44:23.049 PM authexec[69725]: executing /Volumes/data/Downloads/WD SmartWare Installer.app/Contents/MacOS/installerTool
    2/13/14 5:44:25.750 PM SmartwareDriveService[69753]: SmartwareDriveService version V1.1.2.1 starting...
    2/13/14 5:44:25.751 PM SmartwareDriveService[69753]: WDDevSvcServer::StartServer
    2/13/14 5:44:25.751 PM SmartwareDriveService[69753]: Error while trying to delete /var/tmp/com.WD.SmartwareDriveService/Socket error = No such file or directory.
    2/13/14 5:44:25.751 PM SmartwareDriveService[69753]: WDDeviceManager::DeletStatusMenuFile
    2/13/14 5:44:25.754 PM SmartwareDriveService[69753]: WDDeviceManager::AddDevice
    2/13/14 5:44:25.862 PM Dock[680]: no information back from LS about running process
    2/13/14 5:44:26.095 PM WD SmartWare[69757]: I'm going to FrontParlor
    2/13/14 5:44:26.000 PM kernel[0]: fsevents: watcher SmartwareService (pid: 69755) - Using /dev/fsevents directly is unsupported.  Migrate to FSEventsFramework
    2/13/14 5:44:26.758 PM SmartwareDriveService[69753]: 00306d70: 1a 08 21 00 10 00                               ................
    2/13/14 5:44:26.759 PM SmartwareDriveService[69753]: SCSI Command Status = 0 SCSI Status = 0 SCSI Sense Key = 0 ASC = 0 ASCQ = 0
    2/13/14 5:44:26.759 PM SmartwareDriveService[69753]: 00306d70: 15 11 00 00 10 00                               ................
    2/13/14 5:44:27.419 PM SmartwareDriveService[69753]: SCSI Command Status = 0 SCSI Status = 0 SCSI Sense Key = 0 ASC = 0 ASCQ = 0
    2/13/14 5:44:27.421 PM SmartwareDriveService[69753]: WDDeviceManager::RebuildStatusMenuFile
    2/13/14 5:44:27.421 PM SmartwareDriveService[69753]: 00306ef0: c0 45 00 00 00 00 00 00 20 00                   .E..............
    2/13/14 5:44:27.422 PM SmartwareDriveService[69753]: SCSI Command Status = 0 SCSI Status = 0 SCSI Sense Key = 0 ASC = 0 ASCQ = 0
    2/13/14 5:44:27.433 PM SmartwareDriveService[69753]: WDDevSvcServer::GetData


    SSHFS mounting without password with SSH keys

    First we need to generate public and private keys on our host.
    When prompted for passphrase just hit enter to go without it

    nevillegroup@shell:~$ ssh-keygen
    Generating public/private rsa key pair.
    Enter file in which to save the key (/home/nevillegroup/.ssh/id_rsa):
    Enter passphrase (empty for no passphrase):
    Enter same passphrase again:
    Your identification has been saved in /home/nevillegroup/.ssh/id_rsa.
    Your public key has been saved in /home/nevillegroup/.ssh/id_rsa.pub.

    We need to add our public key into authorized_keys file and upload it to the remote host into the .ssh directory.
    nevillegroup@shell:~$ cat .ssh/id_rsa.pub > authorized_keys

    Now we can create a bash script for mounting the remote directory
    # create dir if it doesn't exists
    if [ ! -d "$MOUNT_DIR" ]; then
        umount $MOUNT_DIR &> /dev/null
        mkdir $MOUNT_DIR
    # to check your uid use command `id`
    sshfs -C -o uid=$USERID,ssh_command='ssh -i ~/.ssh/id_rsa',workaround=rename $USER@$HOST:. $MOUNT_DIR

    Add executable flag to the file and you ready to mount with the script
    nevillegroup@shell:~$ chmod +x bin/sshfs_examplecom
    nevillegroup@shell:~$ ./bin/sshfs_examplecom
    nevillegroup@shell:~$ ls /home/example/examplecom_sshfs
    dev/  git/  logs/  sub/  web/

    Backup with RSYNC and SSH authorized key

    Finally I wrote my rsync backup script v. 0.1
    # ~/bin/backup.sh
    # Some help from
    # http://www.sakana.fr/blog/2008/05/07/securing-automated-rsync-over-ssh/
    # https://wiki.archlinux.org/index.php/Rsync#Automated_backup_with_SSH
    # https://wiki.archlinux.org/index.php/Full_System_Backup_with_rsync
    # https://www.linux.com/news/enterprise/storage/8200-back-up-like-an-expert-with-rsync
    # Thanks
    # man rsync
    # -v be verbose
    # -h human readable bytes
    # -a, --archive archive mode; same as -rlptgoD (no -H) -H hard-links
    # -z compress data during transfer
    # --progress show file transfer progress
    # -e remote shell to use
    time rsync -vhaz --progress -e "ssh -i .ssh/id_rsa" \
        --exclude ".DS_Store" \
        --exclude "._.DS_Store" \
        --exclude "Thumbs.db" \
        --exclude "thumbs.db" \
        --exclude "desktop.ini" \
        --exclude ".svn" \
        --exclude ".git" \
        /Volumes/data/Dropbox/ \
        # >> backup.log # log output
        # &> /dev/null
    # needs FTP password
    # time rsync -vhaz --progress -e ssh \
    #     --exclude ".DS_Store" \
    #     --exclude "._.DS_Store" \
    #     --exclude "Thumbs.db" \
    #     --exclude "thumbs.db" \
    #     --exclude "desktop.ini" \
    #     --exclude ".svn" \
    #     --exclude ".git" \
    #     /Volumes/data/Dropbox/ \
    #     optimalizaciaseo.sk@optimalizaciaseo.sk:/backup/Dropbox/
    #     # >> backup.log # log output
    #     # &> /dev/null

    Testing adblockedge (ABE)

    "Adblock Edge is a fork of the Adblock Plus(R) version 2.1.2 extension for blocking advertisements on the web." - from https://bitbucket.org/adstomper/adblockedge/overview

    I downloaded it from the Downloads section

    Checked the SHA256 hash of the .xpi
    mike@mikembp:~/Downloads$ shasum -a 256 adblockedge-2.0.9.xpi ; cat adblockedge-2.0.9.xpi.sha256 5b5b90306cbe675456323fb75d97ac3474315525999e7f7594ce18a7c4a72cd2 adblockedge-2.0.9.xpi 5b5b90306cbe675456323fb75d97ac3474315525999e7f7594ce18a7c4a72cd2 *adblockedge-2.0.9.xpi
    Finally opening and installing in Firefox.
    Install Firefox adblock edge


    Android full backup with adb

    To download Anroid SDK go to https://developer.android.com/sdk/index.html

    The backup command
    mike@mikembp:~/Downloads/android/sdk/platform-tools$ ./adb backup -all
    Now unlock your device and confirm the backup operation.

    Default backup file name is backup.ab
    mike@mikembp:~/Downloads/android/sdk/platform-tools$ ls -la backup.ab
    -rw-r-----  1 mike  wheel    60M Feb  9 07:39 backup.ab

    Get some log stuff to examine phone stat data
    mike@mikembp:~/Downloads/android/sdk/platform-tools$ ./adb logcat -b radio -d > radio.logcat
    mike@mikembp:~/Downloads/android/sdk/platform-tools$ ./adb logcat -d > adb.logcat

    Rooting an Android Samsung Galaxy Advance S GT-I9070

    Today I googled my Androids firmware build code I9070XXLQG and read http://www.ibtimes.co.uk/galaxy-s-advance-root-i9070xxlqg-android412-jellybean-485079.

    I have Android 4.1.2 Jelly Bean official update on my smartphone, which I updated with Samsung's Kies over USB cable.

    From curiosity I downloaded the rooting package http://d-h.st/ook and looked at root/META-INF/com/google/android/updater-script
    In a nutshell, rooting is adding su (SuperUser) binary into /system/bin.

    ui_print("Rooting with SuperSU 0.95 & Busybox 1.20.2");
    show_progress(1.000000, 0);
    ui_print("Installing temporary busybox");
    package_extract_file("system/xbin/busybox", "/tmp/busybox");
    set_perm(0, 0, 0777, "/tmp/busybox");
    ui_print("Mounting system...");
    run_program("/tmp/busybox", "mount", "/system");
    ui_print("Removing old superuser");
    ui_print("Installing Superuser & Busybox...");
    package_extract_dir("system", "/system");
    ui_print("Setting Permission...");
    set_perm(0, 0, 06755, "/system/xbin/su");
    set_perm(0, 0, 0644, "/system/app/superuser.apk");
    set_perm(0, 0, 04755, "/system/xbin/busybox");
    ui_print("Installing Busybox...");
    run_program("/system/xbin/busybox", "--install", "-s", "/system/xbin");
    symlink("/system/xbin/su", "/system/bin/su");
    ui_print("Unmounting system...");
    run_program("/tmp/busybox", "umount", "/system");
    ui_print("Deleting temporary busybox");
    show_progress(1.000000, 0);
    ui_print("Root complete!");
    ui_print("SuperSU 0.95 & Busybox 1.20.2");

    After reading and playing around with adb I decided that I go for it
    For strengthening my decision a checked if the MD5 matches and it matched
    mike@mikembp:~/Downloads/android$ md5 root.zip
    MD5 (root.zip) = 3d5cc207f625a032e7ff4fe92e3e6efa

    Trying su after restart
    shell@android:/ $ ll data/
    opendir failed, Permission denied
    1|shell@android:/ $ su
    shell@android:/ # ll data/
    -rw------- system   system       4096 2014-02-09 09:45 NVM0
    -rw------- system   system      16384 2014-02-08 23:08 NVM1
    -rw------- system   system       2832 2014-02-09 09:45 NVM13
    -rw------- system   system          0 2013-11-14 06:33 NVM2
    -rw------- system   system      83724 2014-02-08 22:46 NVM3
    -rw------- system   system        112 2014-02-08 23:10 NVM5
    -rw------- system   system          0 2013-11-14 06:33 NVM6
    -rw-rw-rw- root     system   15032320 2014-02-08 20:35 adm.sqlite
    -rw-rw-rw- root     system          0 2013-11-14 06:31 adm.sqlite-copy-datestamp-JB
    drwxrwxr-x system   system            2014-02-03 13:53 anr
    drwxrwx--x system   system            2014-02-09 07:43 app
    drwx------ root     root              2014-02-07 12:27 app-asec
    drwxrwx--x system   system            2014-02-07 12:26 app-private
    drwx------ system   system            2014-02-09 09:45 backup
    -rw------- system   system       2777 2014-02-09 09:55 cal.bin
    drwxrwxr-x system   system            2014-02-09 07:37 clipboard
    -rw-rw-rw- nobody   nobody      95613 2014-02-09 09:45 cops.log
    drwxrwx--x system   system            2014-02-09 09:45 dalvik-cache
    drwxrwx--x system   system            2014-02-09 09:44 data
    drwxr-x--- root     log               2013-11-14 06:31 dontpanic
    drwxrwx--- drm      drm               2013-11-14 06:31 drm
    -rwxr--r-- system   system          8 2014-02-09 09:55 hidden_volume.txt
    drwxr-x--x root     root              2013-11-14 06:31 local
    drwxrwxr-x system   log               2014-02-09 09:55 log
    drwxrwx--- root     root              1970-01-01 01:00 lost+found
    drwxrwxr-x media_rw media_rw          2013-11-14 06:31 media
    drwxrwx--t system   misc              2013-12-27 09:46 misc
    drwxrwxrwx media    system            2013-11-20 14:27 mmdsp-SIA_2013-11-20_14-27-31_1384954051
    drwx------ root     root              2014-02-09 09:45 property
    drwxrwx--x system   system            2013-11-14 06:31 resource-cache
    drwxr-x--- root     shell             2013-11-14 06:31 ssh
    drwxrwxr-x system   system            2014-01-30 19:31 ste-debug
    drwxrwxr-x system   system            2014-02-09 09:55 system
    drwxr-xr-x system   system            2013-12-24 16:12 tombstones
    drwx--x--x system   system            2013-11-14 06:31 user


    'Backup plan' with rsync

    After todays partition failure, thank you Win7 for no safe unmount on my USB harddisk I decided to rsync some important data onto my shared hosting.

    # ~/bin/backup.sh
    # https://wiki.archlinux.org/index.php/Rsync#Automated_backup_with_SSH
    # https://wiki.archlinux.org/index.php/Full_System_Backup_with_rsync
    # http://www.sakana.fr/blog/2008/05/07/securing-automated-rsync-over-ssh/
    # https://www.linux.com/news/enterprise/storage/8200-back-up-like-an-expert-with-rsync
    time rsync -vhaz --stats --progress -e ssh \
        --exclude ".DS_Store" \
        --exclude "._.DS_Store" \
        --exclude "Thumbs.db" \
        --exclude "thumbs.db" \
        --exclude "desktop.ini" \
        --exclude ".svn" \
        /Volumes/data/Dropbox \
        # >> backup.log # log output
        # &> /dev/null # no output at all
    # TODO
    # if sshfs mounted
    # time rsync -vhaz --stats --progress -e "ssh -i .ssh/id_rsa USER@example.com" \
    #     --exclude ".DS_Store" \
    #     --exclude "._.DS_Store" \
    #     --exclude "Thumbs.db" \
    #     --exclude "thumbs.db" \
    #     --exclude "desktop.ini" \
    #     --exclude ".svn" \
    #     /Volumes/data/Dropbox \
    #     /home/USER/backup/Dropbox
    #     # &> /dev/null

    Couldn't find cacert.pem & irssi SSL struggling

    I was setting up irssi to connect via SSL so I needed a CA (Certificate Authority) bundle.
    I couldn't find it in /etc/ssl/certs (it was empty), in tutorials this path was mentioned, maybe Linux convention :)

    I was reading http://ilia.ws/files/sunshinephp_application_security.pdf and found enlightment :)
    wget http://curl.haxx.se/ca/cacert.pem so I downloaded it and watched into it.

    On the 2nd row there was the following
    # ca-bundle.crt -- Bundle of CA Root Certificates

    From curiosity I tried locate ca-bundle and the following output came:
    From experience /opt/local is the standard macports install (--prefix) path directory so I checked
    mike@mikembp:~$ ls -l /opt/local/etc/openssl/
    total 32
    lrwxr-xr-x  1 root  admin    40B Feb  2 01:21 cert.pem@ -> /opt/local/share/curl/curl-ca-bundle.crt
    drwxr-xr-x  9 root  admin   306B Jan 11 12:55 misc/
    -rw-r--r--  1 root  admin    11K Jan  7 08:34 openssl.cnf
    After some playing around to get some insight I found the trust command
    mike@mikembp:~$ trust
    usage: trust command ...
    Common trust commands are:
      list             List trust or certificates
      extract          Extract certificates and trust
      extract-compat   Extract trust compatibility bundles
      anchor           Add, remove, change trust anchors
    See 'trust  --help' for more information
    So without internet connection I can still have outdated CA bundle with the following command
    mike@mikembp:~$ trust extract --format=openssl-bundle --comment -f cacert.pem
    irssi was screaming SSL warning on me without CA bundle
    = 08.084055 [freenode] |-INFO > Irssi: Connection lost to irc.freenode.net
    = 08.084055 |-INFO > Irssi: warning Could not verify SSL servers certificate: unable to get local issuer certificate
    = 08.084055 |-INFO > Irssi: warning   Subject : /serialNumber=A7/cAN-TICcVTifiF1F5wuRPLpK75-AJ/C=US/ST=California/L=Mountain View/O=Mozilla Corporation/CN=irc.mozilla.org
    = 08.084055 |-INFO > Irssi: warning   Issuer  : /C=US/O=GeoTrust, Inc./CN=GeoTrust SSL CA
    = 08.084055 |-INFO > Irssi: warning   MD5 Fingerprint : FC:A1:52:CF:D9:97:2B:3D:55:F5:4A:2F:7C:10:99:69
    Or connecting to port 7000
    = 08.085921 |-INFO > Irssi: warning Could not load CA list for verifying SSL server certificate
    = 08.085921 |-INFO > Irssi: Unable to connect server irc.freenode.net port 7000 [Operation now in progress]
    mike@mikembp:/etc/ssl/certs$ sudo wget http://crt.gandi.net/GandiStandardSSLCA.crt
    --2014-02-08 08:51:51--  http://crt.gandi.net/GandiStandardSSLCA.crt
    Resolving crt.gandi.net (crt.gandi.net)..., 2a02:1788:2fd::b2ff:5302
    Connecting to crt.gandi.net (crt.gandi.net)||:80... connected.
    HTTP request sent, awaiting response... 200 OK
    Length: 1191 (1.2K) [application/x-x509-ca-cert]
    Saving to: ‘GandiStandardSSLCA.crt’
    mike@mikembp:/etc/ssl/certs$ sudo wget http://www.instantssl.com/ssl-certificate-support/cert_installation/UTN-USERFirst-Hardware.crt
    --2014-02-08 08:53:41--  http://www.instantssl.com/ssl-certificate-support/cert_installation/UTN-USERFirst-Hardware.crt
    Resolving www.instantssl.com (www.instantssl.com)..., 2a02:1788:4fd:ce::c742:cee0
    Connecting to www.instantssl.com (www.instantssl.com)||:80... connected.
    HTTP request sent, awaiting response... 200 OK
    Length: 1630 (1.6K) [application/x-x509-ca-cert]
    Saving to: ‘UTN-USERFirst-Hardware.crt’
    Converting CRT to PEM as mentioned at https://pthree.org/2010/01/31/freenode-ssl-and-sasl-authentication-with-irssi/ didn't help
    mike@mikembp:~$ openssl x509 -inform der -outform pem < /etc/ssl/certs/GandiStandardSSLCA.crt > GandiStandardSSLCA.pem
    mike@mikembp:~$ sudo mv GandiStandardSSLCA.pem /etc/ssl/certs/
    I tried downloading the certificates with Firefox

    Output of SSL connection
    mike@mikembp:~$ openssl s_client -CApath /etc/ssl/certs/ -connect irc.freenode.net:6697
    depth=1 /C=FR/O=GANDI SAS/CN=Gandi Standard SSL CA
    verify error:num=20:unable to get local issuer certificate
    verify return:0
    Certificate chain
     0 s:/OU=Domain Control Validated/OU=Gandi Standard Wildcard SSL/CN=*.freenode.net
       i:/C=FR/O=GANDI SAS/CN=Gandi Standard SSL CA
     1 s:/C=FR/O=GANDI SAS/CN=Gandi Standard SSL CA
       i:/C=US/ST=UT/L=Salt Lake City/O=The USERTRUST Network/OU=http://www.usertrust.com/CN=UTN-USERFirst-Hardware
    Server certificate
    -----END CERTIFICATE-----
    subject=/OU=Domain Control Validated/OU=Gandi Standard Wildcard SSL/CN=*.freenode.net
    issuer=/C=FR/O=GANDI SAS/CN=Gandi Standard SSL CA
    No client certificate CA names sent
    SSL handshake has read 3162 bytes and written 340 bytes
    New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
    Server public key is 2048 bit
    Secure Renegotiation IS supported
    Compression: NONE
    Expansion: NONE
        Protocol  : TLSv1
        Cipher    : DHE-RSA-AES256-SHA
        Session-ID: 79702A9A129FAEEBFE1C78DCBB8692D7E3235C61197C06157CF3679E628C1153
        Master-Key: 8AF72A2403FD491437296F3FD2F33F7B352F89A59D5078D6B5A8F4ACECA887B1F55A9894D7F9B8540C7EE15C697502AF
        Key-Arg   : None
        Start Time: 1391853886
        Timeout   : 300 (sec)
        Verify return code: 0 (ok)
    :sendak.freenode.net NOTICE * :*** Looking up your hostname...
    :sendak.freenode.net NOTICE * :*** Checking Ident
    :sendak.freenode.net NOTICE * :*** Your forward and reverse DNS do not match, ignoring hostname
    :sendak.freenode.net NOTICE * :*** No Ident response


    Finally working bash_completion in GNU screen

    I was struggling without bash_completion in GNU screen and the solution was adding the following to .screenrc:

    defshell -bash

    Some more info at:


    My .screenrc https://raw.github.com/mikaelz/dotfiles/master/.screenrc

    # ~/.screenrc
    # Thanks to:
    # https://www.gnu.org/software/screen/manual/screen.html#Command-Summary
    # http://www.debian-administration.org/articles/560
    # http://www.alexandrulazar.com/junk/articles/.screenrc
    startup_message off
    defshell -bash # dash makes it a login shell
    vbell on # no annoying audible bell
    vbell_msg "  !! Something interesting has happened !!  "
    activity "%c activity -> %n%f %t"
    bell "%c bell -> %n%f %t^G"
    autodetach on  # autodetach session on hangup instead of terminating screen completely
    altscreen on
    defscrollback 5000
    defutf8 on
    defnonblock on
    msgwait 1 # message timeout 1 second
    shelltitle "$ |bash"
    defmonitor on # turn monitoring on
    activity "%"  # tell me when stuff happens!
    # allow bold colors - necessary for some reason
    attrcolor b ".I"
    # http://www4.cs.fau.de/~jnweiger/screen-faq.html
    # https://stackoverflow.com/a/4833946
    # http://pjkh.com/articles/osx-iterm-screen-vim-256-colors/
    term screen-256color
    termcapinfo screen* 'Co#256:AB=\E[48;5;%dm:AF=\E[38;5;%dm'
    termcapinfo screen* ti@:te@ # make scrollbar work
    defbce on # erase background with current bg color
    bind R eval "source $HOME/.screenrc" "echo '.screenrc reloaded!'"
    bind % screen -t htop htop
    screen -t netlog 0 watch -n 2 -d lsof -iTCP -P
    screen 1 mc
    screen 2
    screen 3
    screen 4
    backtick 0 0 0 whoami # set "%0`" to equal the output of `whoami`
    hardstatus alwayslastline "%{.bW} %-w%{.rW}%n %t%{-}%+w %=%{..} %l | %0`@%H | %D %c:%s %d.%m.%Y"

    My Mac OSX workspace february 2014

    From left to right:
    Console.app or Filezilla.app
    Firefox.app with Firebug vertical split
    VIM in GNU screen in iTerm2.app terminal


    How to set up irssi advanced window list

    I just finally made advanced window list to work. I was getting the following in the statusbar 'AWL: Run adv_windowlist from the shell or switch to sbar mode' and didn't know until I asked for help on freenode irssi channel.

    The solution was /set awl_viewer off

    Additional changes to AWL layout
    /format awl_display_key = $Q%K|$N%n $H$C$S
    /format awl_display_key_active = $Q%K|$N%n $H%U$C%n$S
    /format awl_display_nokey = [$N]$H$C$S

    Info from adv_windowlist.pl 
    # /format awl_display_(no)key(_active|_visible) 
    # * string : Format String for one window. The following $'s are expanded:
    #     $C : Name
    #     $N : Number of the Window
    #     $Q : meta-Keymap
    #     $H : Start highlighting
    #     $S : Stop highlighting
    Full script https://raw.github.com/mikaelz/dotfiles/master/.irssi/scripts/adv_windowlist.pl

    More info for setting up:


    Nezabúdajme na našich vytrvalcov

    Myšlienky, ktoré jednoducho musím zo seba vydať :-)

    Nedávno som sa začal lepšie zaujímať o ľudí okolo mňa a tak zistil, že čo u nás v Kolárove vzniklo a ako sa necení :(
    Písal sa rok 1998, keď Andrea Hajdú začala krasojazdu (http://www.cyklistikaszc.sk/sk/salova-cyklistika) s malou skupinou detí.

    Čo mi, ale nedá pokoj je, že si ich neceníme dostatočne. Je pravda, že každí z nás je jedinečný, ale už menej z nás to sebe a ostatným dokáže. Netvrdím, že by sme im mali postaviť sochy, ale taká návšteva napríklad na majstrovstvách SR by nezaškodilo. Človek myslí v prvom rade len na seba, čo máme geneticky dané, ale druhí nás môžu inšpirovať a motivovať, aby sme zapracovali na sebe. Veľa ľudí chce viac v živote, ale navštevuje prostredie, kde nie sú motivovaní ľudia, ktorí chcú v živote niečo dosiahnúť, tak takto sa bude mať ťažko dobre.

    Majstrovstvá sveta 2011 (Kagoshima, Japonsko) - 3. miesto

    Aquabella. Nič proti futbalu. Kde celý problém viazne? No predsa v marketingu a čo je dôležitejšie v medziľudských vzťahoch, že sa takmer nepoznáme. Vopred sa ospravedlňujem všetkým ostatným, ktorých som nespomenul.

    Mac OS X firewall software

    I was searching for a firewall app for my Mountain Lion, because I'm not really satisfied with the default OSX firewall option in System Preferences. For me it lacks customization. On a security presentation I asked the presenter and introduced me to a paid firewall app 'Little Snitch' which is very nice and full of cool features. I continued to search if some free app exists and found IceFloor which is a frontend interface for the OSX built in firewall, PF - Packet Filter. For older OSX than 10.8 there is WaterRoof