CategoryUncategorized

[Solved] Lenovo lagging while browsing

I came across with frustrating problem when I deployed my new Lenovo ThinkPad T570 laptop. Screen keeps freezing and lagging all the time. Things getting worse during I browsing with Chrome, laptop was totally useless. I had up-to-date Windows 10 operating system and also I had updated my all drivers including BIOS. Luckily for I seen as soon that I wasn’t only one who has got this problem.

The problem occurs only when laptop’s AC is plugged off. It depends on battery usages, when computer used on battery it turns on battery save mode which turns “System cooling policy” from Active to Passive, and low down computer’s power for getting longer battery usage.

My college have also same laptop as me, and he has experienced the same problem. Fortunately I finally found the solution which helps both of us and seems that it has really works. The solution is change your computer’s Power Plan’s Cooling policy to Active mode:

  1. Go to “Control Panel” -> “Hardware and Sound” -> “Power Options” -> “Edit Plan Settings” -> “Change advanced power settings”.
  2. Expand “Processor power management” -> “System cooling policy” -> Change “On battery” from Passive to Active.

This solution is tested with two Lenovo T570 laptops, and I expect it works too with Lenovo Yoga models.

I really appreciate if everyone who will test this method could also leaves comment on this post does it works.

Post which related on this problem:
https://forums.lenovo.com/t5/Lenovo-Yoga-Series-Notebooks/Lenovo-Yoga-910-keeps-freezing-lagging-whilst-browsing/td-p/3527874/page/2

How to generate GPG keys and encrypt files

GNU Privacy Guard or better known as GPG is public key cryptography implementation and it is free software replacement for the Symantec’s PGP cryptographic.
In this post I will show you how to generate new GPG key pairs and encrypt or/and signature files.

Generate new GPG key pair

At beginning we have to generate public and private key pair using gpg --gen-key. This introductions follow way how I did my GPG keys, but if you would like to know more about every step I recommend go to look at https://fedoraproject.org/wiki/Creating_GPG_Keys.

$ gpg --gen-key
gpg (GnuPG) 1.4.16; Copyright (C) 2013 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Please select what kind of key you want:
   (1) RSA and RSA (default)
   (2) DSA and Elgamal
   (3) DSA (sign only)
   (4) RSA (sign only)
Your selection?

Select 1 (default) and press Enter.

RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048)

Default 2048 bits long key enough for me, so I press Enter.

Please specify how long the key should be valid.
         0 = key does not expire
      <n>  = key expires in n days
      <n>w = key expires in n weeks
      <n>m = key expires in n months
      <n>y = key expires in n years
Key is valid for? (0)

I use default value 0 (key does not expire).

Key does not expire at all
Is this correct? (y/N)

If you also choose no expire, then press y and Enter.

You need a user ID to identify your key; the software constructs the user ID
from the Real Name, Comment and Email Address in this form:
    "Heinrich Heine (Der Dichter) <[email protected]>"

Real name: Niko Kiuru
Email address: [email protected]
Comment:You selected this USER-ID:
    "Niko Kiuru <[email protected]>"

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit?

Give your real name, email address and comment section is optional, I left it empty. And when your identify information is inputted, press O.
Now new key pair located in ~/.gnupg/ -directory.

List of keys

When we are created one key in keyring, we can list all our keys to terminal.

$ gpg --list-keys
/home/niko/.gnupg/pubring.gpg
-----------------------------
pub   2048R/AAAAXXXX 2015-10-04
uid                  Niko Kiuru <[email protected]>
sub   2048R/BBBBXXXX 2015-10-04

Pub section tell us my master key User ID, which are in my option AAAAXXXX.

Encrypt file

We are generate new key pair and we are looking for how it looks like from terminal. Now we will encrypt one file.
First write some text file which we would like to encrypt later.

$ echo "Hello GPG! I would like to encrypt this messages" > hello
$ cat hello
Hello GPG! I would like to encrypt this messages

Okay, now we have a file, and we are wrote some message from there. Next I would like to encrypt and signature that file by my GPG private key. When I encrypt file, I have to specify which is my master key’s User ID. Command gpg --list-keys show all my keys and I selected my key.

$ gpg -r AAAAXXXX -e hello

Encrypted file is named by hello.gpg which are binary format encrypted file. There is only one way to open this file, and it is decrypt file by your private key. Next we decrypt this file.

$ gpg hello.gpg

You need a passphrase to unlock the secret key for
user: "Niko Kiuru <[email protected]>"
2048-bit RSA key, ID BBBBXXXX, created 2015-10-04 (main key ID AAAAXXXX)

gpg: encrypted with 2048-bit RSA key, ID BBBBXXXX, created 2015-10-04
      "Niko Kiuru <[email protected]>"
Hello GPG! I would like to encrypt this messages

Print tells that I am signature file by myself, and at the end of print is my encrypted message.

Simple passphrase protected file

If you would like to protect some file in simple, you can also use symmetric protection which are protected via passphrase.
Write some file and encrypt it.

$ echo "Hello GPG! This file will be passphrase protected." > hello
$ gpg -c hello

Now you have to give some passphrase, and then file hello.gpg is the same file but encrypted. In default gpg use CAST5 cipher algorithm for encrypt symmetric files. You can decrypt hello.gpg by command gpg hello.gpg.

$ gpg hello.gpg
gpg: CAST5 encrypted data
gpg: encrypted with 1 passphrase
gpg: WARNING: message was not integrity protected

Source

https://fedoraproject.org/wiki/Creating_GPG_Keys
https://stackoverflow.com/questions/5587513/how-to-export-private-secret-asc-key-to-decrypt-gpg-files-in-windows

Nordea tunnusluvut-sovellus ja rootattu puhelin

Käyn kirjoituksessa läpi kuinka saat käyttöönotettua Nordea tunnusluvut-sovelluksen rootatulla Android puhelimella. Esittämäni tapa on vain yksi keino muiden joukossa ja sivun kommenteista löydätte paljon muita neuvoja.

Johdanto

Nordea julkaisi mennellä viikolla uuden tunnusluvut-sovelluksen, joka poistaa kokonaan tarpeen käyttää vanhaa paperista tunnuslukukorttia. Isolle osalle Android-puhelimen omistajista jäi kuitenkin karvas maku suuhun, kun Nordea oli tietoturvauhkaan vedoten estänyt sovelluksen käytön rootatussa Android-puhelimessa. Väitteen tietoturvauhasta tekee hauskaksi se, että tunnetusti Android-puhelinvalmistajat eivät ole ahkerasti päivittäneet vanhoja puhelinmallejaan, vaan he keskittyvät lähinnä uusimpiin puhelinmalleihin ja niiden päivityksiin. Monet ovatkin tästä johtuen joutuneet turvautumaan kolmannen osapuolen kustomoituihin ROMeihin (ei virallinen käyttöjärjestelmä), jotka ovat tuoneet puhelimeen päivittyneemmän Android version, ja näin ollen nimenomaan parantaneet omaa tietoturvaansa. Tunnetuimpana näistä toimii CyanogenMod. Kustomoidun ROMin asennus vaatii puhelimen roottauksen, eli toisin sanoen se antaa käyttäjällensä valtuuden kirjoittaa uuden ROMin vanhan päälle. Korjattu: ROMin ei tarvitse olla rootattu, mutta kyseessä on myös periaate – eikö minulla saisi olla omistamaani puhelimeen kaikkia oikeuksia?

Tunnusluvut-sovellus ilmoittaa seuraavasti rootatun puhelimen
“Laitteesi käyttöjärjestelmä näyttää olevan murrettu. Sovelluksen käyttö ei ole sallittua murretulla käyttöjärjestelmällä tietoturvasyistä.”.

Sama englanninkielisellä käyttöliittymällä:
“Your phone seems to be rooted/jailbroken. Application usage is not allowed with such a device for security reasons.”.

Kuinka kiertää rajoitus?

Xposed Framework

Tällä hetkellä helpoin tapa kiertää rajoitus on käyttää Xposed Frameworkin päälla rakennettua Nordea RootBypasser -moduulia. Ikävänä puolena on se, että Xposed Framework ei toimi uusimmissa Android versiossa, joka rajaa paljon sen käyttöä.

Patch APK

Toinen tapa on noudattaa Razerin julkaisemaa ohjetta, jossa muokataan pois tarkistus itse apk:sta. Ohjeet löydät seuraavan linkin takaa: https://github.com/Razer2015/NordeaTunnusluvut_Patched/wiki/Tunnusluvut-1.5.1-Patch-Instructions.

Kuinka rajoituksen sai kierrettyä vanhoissa versioissa?

Tämä kappale on vanhentunut. Suosittelen ensisijaisesti kokeilemaan edellä mainittuja tapoja.

Android-puhelimessa ei ole mitään suoranaista tapaa tarkistaa onko puhelin rootattu tai ei, joka on hyvä meidän kannalta, jotka haluamme saada Nordean tunnusluvut-sovelluksen toimimaan rootatussa Android-puhelimessa. Alla on ohjeet, kuinka voit kiertää Nordean tunnusluvut-sovelluksen tekemän tarkistuksen rootatussa Android-puhelimesta.

Nordean tunnusluvut-sovellus yrittää etsiä su-binääritiedostoa /system/bin ja /system/xbin hakemistoista, joka kertoo sen onko puhelin rootattu. Yksinkertainen ratkaisu on siis nimetä uudelleen su-tiedoston nimi toiseksi kuin sen oletus on. Ohjeissani se on nimetty subackup nimiseksi.

Testattu:
– CyanogenMod 10.2.0-i9300

Pikaohjeet

Aja seuraavat komennot puhelimen Terminalissa tai adb shellissä, ja nauti Nordea tunnusluvut-sovelluksesta

$ su
$ mount -o remount,rw /system /system
$ cd /system/bin
$ mv su subackup
$ cd /system/xbin
$ mv su subackup
$ mount -o remount,ro /system /system
$ exit

Ohjeet vaiheittain selitettynä

Asenna Terminal Emulator.

Nosta Terminal Emulatorissa käyttöoikeutesi super-käyttäjän tasolle

$ su

Meidän pitää uudelleen nimetä /system-hakemiston alla olevaa tiedostoa. Oletuksena /system on mountattu vain lukuoikeuksilla, joten ensimmäiseksi meidän on lisättävä siihen mukaan myös kirjoitusoikeudet.

$ mount -o remount,rw /system /system

Siirrytään /system/bin-hakemistoon ja muutetaan su tiedoston nimeksi subackup. Sama tehdään myös /system/xbin-hakemiston alle.

$ cd /system/bin
$ mv su subackup
$ cd /system/xbin
$ mv su subackup

Muutetaan /system-hakemistoon takaisin vain lukuoikeudet ja poistutaan hallitusti super-käyttäjän oikeuksista

$ mount -o remount,ro /system /system
$ exit

Tämän jälkeen Nordean tunnusluvut-sovellus ei enää herjaa rootatusta puhelimesta.

Päivitetty: 02.07.2017

Hide Apache server signature

In default Apache write server signatures to HTTP-responses. In production server this is not recommended action, because it gives more attacking area to criminals. Web servers would like to advice themselves and that is the reason why they add their signatures in default to HTTP-responses.

In this post I will show you how to hide unnecessary Apache server signature.

Tested on Ubuntu 14.04 and Ubuntu 12.04.

At beginning

you can watch how your server HTTP-response looks like now. Do HTTP-request e.g. with curl:

$ curl -I http://yourdomain.com

There is your HTTP-header and now you see exactly what all informations Apache gives to client. We still want to limit information of our server from outside.

Hide Apache signatures

At first open Apache configuration file apache2.conf

$ sudoedit /etc/apache2/apache2.conf

Add two lines on below to apache2.conf

ServerTokens Prod
ServerSignature Off

Save file and reload Apache daemon

$ sudo service apache2 reload

Hide also information of PHP

If you are using PHP HTTP-header also contain some information of PHP. Here is the way how to hide it.

Open php.ini

$ sudoedit /etc/php5/apache2/php.ini

In default expose_php is set to On, but now you take it Off

; Decides whether PHP may expose the fact that it is installed on the server
; (e.g. by adding its signature to the Web server header).  It is no security
; threat in any way, but it makes it possible to determine whether you use PHP
; on your server or not.
; http://php.net/expose-php
expose_php = Off

After changes you have to reload Apache

$ sudo service apache2 reload

Now you’re a little further safe.

WordPress quickly upgrade from command line

WordPress has their own guide to upgrade wordpress, but in this post I will show you how I upgrade my all wordpress sites.

I using Ubuntu 14.04 server and I update wordpress from command line.

Backups

Before upgrade we backup our database and wordpress directory.

$ mkdir -p ~/backup
$ mysqldump -u user -p <database name> | gzip -9 > ~/backup/$(date +"%Y%m%d")_wordpress.sql.gz
$ tar -zcvf ~/backup/$(date +"%Y%m%d")_wordpress-dir.tar.gz /home/niko/public_html/

Download wordpress

$ cd /tmp/
$ wget https://wordpress.org/latest.zip
$ unzip latest.zip

Overwrite all new files

Remember change current directory to where wordpress located in your server.

$ cd ~/public_html/
$ cp -avr /tmp/wordpress/* .
$ rm -rf /tmp/wordpress /tmp/latest.zip

Open http://your_domain.com/wp-admin/upgrade.php in a browser and run that script. It makes all needed database conversions. If something fails, you still have your backups in ~/backup/ directory.

Source

http://www.cyberciti.biz/tips/howto-upgrade-wordpress-from-linux-unix-shell-prompt.html

© 2017 Niko Kiuru

Theme by Anders NorenUp ↑