urn:uuid:f6d9e764-f597-5370-94e1-c01aa3928860 Ctrl blog Daniel Aleksandersen https://www.daniel.priv.no/ Copyright © 2021 Daniel Aleksandersen. https://www.ctrl.blog/assets/favicon/favicon.svg 2021-05-14T10:11:00Z daily 4 urn:uuid:30538782-c9dd-44a6-9818-157aeeefcea4 2021-05-14T10:11:00Z 2021-05-14T10:11:00Z Your clipboard is only as secure as your device A review/critique of the complexity, security, and unpredictable user experience of modern feature-laden copy–paste clipboards in today’s operating systems. <p>The system clipboard is part of every modern operating system. It lets us copy and paste text, images, files, and data between different applications. Like everything else these days, it’s increasingly getting tied up with other people’s servers (“the cloud.”) So, what does that mean for your clipboard privacy?</p> <p><a href="https://www.ctrl.blog/entry/clipboard-security.html#src=feed">Read more …</a></p> urn:uuid:5d4122a2-9abe-4cbc-bd83-d4313b64947c 2021-04-24T18:08:00Z 2021-04-24T18:08:00Z EdgeDeflector 1.2 addresses installation woes The new EdgeDeflector version 1.2 introduces a new installation flow to accommodate Windows 10 further locking down user file and protocol association settings. <p>I’ve just released EdgeDeflector version 1.2. EdgeDeflector is a small utility program that prevents Windows 10 from force-opening links in Microsoft Edge instead of your default web browser. The new version address installation challenges and behavior that causes misclassification by anti-virus programs.</p> <p><a href="https://www.ctrl.blog/entry/edgedeflector-12update.html#src=feed">Read more …</a></p> urn:uuid:65ac1d6f-f3e1-43fb-b317-b8a1c42dfddc 2021-04-23T07:58:00Z 2021-04-23T07:58:00Z WSLg simplifies running Linux desktop apps on Windows Microsoft has added support for running graphical Linux programs with Wayland on your Windows 10 desktop environment to the Windows Subsystem for Linux (WSL). <p>The latest Windows 10 Insider build (21354.1) introduced support for Windows Subsystem for Linux GUI Apps (WSLg). Microsoft Windows can now run Linux desktop apps natively. Let that sink in for a bit.</p> <p><a href="https://www.ctrl.blog/entry/wslg-desktop-apps.html#src=feed">Read more …</a></p> urn:uuid:8b5d6a2e-74b8-4c41-b2a6-a0e4f4b1e9ee 2021-04-22T01:55:00Z 2021-04-24T00:59:00Z Superfeedr sends logins in plain-text (a HSTS case study) Superfeedr sends logins in plain-text (a <abbr title="HTTP Strict Transport Security">HSTS</abbr> case study) Superfeedr tried securing its website with HTTPS and HSTS, but failed to apply it correctly. User emails and credentials are sent in plain-text on the first login. <p>I recently signed up for an account with Superfeedr (a WebSub Hub provider.) I noticed a security issue in the sign-up process, and thought it would make an excellent case study for HTTP Strict Transport Security (HSTS). Here’s what Superfeedr did wrong, why they probably didn’t realize it, and how you can avoid making the same mistake in the future.</p> <p><a href="https://www.ctrl.blog/entry/superfeedr-hsts-oopsie.html#src=feed">Read more …</a></p> urn:uuid:0b298cef-ed4a-44f9-b0a8-4b8c3c75044e 2021-04-19T08:55:00Z 2021-04-19T08:55:00Z FeedBurner stirs in its slumber to announce more feature deprecations Google FeedBurner (the RSS enhancer and analytics suite) hasn’t received much attention in the last decade. Google now deprecates feed-to-email and more features. <p>Last week, Google announced that they’re making changes to FeedBurner. Like everyone else who received the email from Google, I expected this to be the time when the service passed on to the Google Graveyard. However, they merely announced the deprecation of yet more features.</p> <p><a href="https://www.ctrl.blog/entry/feedburner-2021.html#src=feed">Read more …</a></p> urn:uuid:f3cdd67e-f893-4e4f-8892-80095b6f2836 2021-04-15T19:06:00Z 2021-04-15T19:06:00Z The thing about The Thing About Harry A cute and positive LGBT romance movie is a rare treat! Unfortunately, The Thing About Harry isn’t available to international audiences outside the U.S. <p>The Thing About Harry may seem like your average romance flick, and it is, and that’s also what makes it noteworthy. In The Thing About Harry, boy meets boy, and it happens without the typical tragic backstory, emotional scarring, violence, death and disease, or personal; familiar; and societal disapproval and alienation that usually feature so prominently in gay-interest movies. Instead, the movie’s conflict comes from the main characters’ own insecurities and immaturity. — you know, like in your typical straight romance movie.</p> <p><a href="https://www.ctrl.blog/entry/thing-about-harry-availability.html#src=feed">Read more …</a></p> urn:uuid:77615e33-a00c-418f-95b0-f74ba152ae3e 2021-04-13T15:40:00Z 2021-04-13T15:40:00Z Lower the paywalls to keep the bullshit at bay It doesn’t matter if great information exists if no one can access it. “The Truth is Paywalled; but the Lies are Free.” Can micro-payments save news and the web? <p>A piece in Current Affairs resonated strongly with me: The Truth is Paywalled; but the Lies are Free. The premise of the piece is simple: access to journalistic institutions and academic journals is restricted by paywalls; but hogwash, regurgitated rubbish, and conspiracy theories are available for free. The <em>institutions of truth</em> seem to be too busy erecting paywalls to notice that they’re loosing the market to those that manage to operate without direct payments.</p> <p><a href="https://www.ctrl.blog/entry/lower-the-paywalls.html#src=feed">Read more …</a></p> urn:uuid:262eb278-0510-4375-a02c-98140c4afcb8 2021-04-08T05:07:00Z 2021-04-08T05:07:00Z What is the best file format for web shortcuts You can store links on your file system in .URL, .LNK, .WebLoc, .Desktop, and .HTML files. But which is the best format fr your bookmark files? <p>Links primarily exist on the web, but they can also exist as files in your local file system. There are several formats for storing links as files that open in your web browser. Here’s a quick comparison of the available formats, and a recommendation for which to use for your link files.</p> <p><a href="https://www.ctrl.blog/entry/internet-shortcut-files.html#src=feed">Read more …</a></p> urn:uuid:03952762-1ce5-416c-a9a9-32654cbbf5b6 2021-04-07T19:21:00Z 2021-04-07T19:21:00Z Third-party extension not enough to address Coil’s transparency issues PayTracker keeps a record of Web Monetization micro-payments made through Coil, but the extension alone isn’t enough to fix Coil’s transaction transparency issue. <p>Coil is a one-stop subscription service to support online creators. Coil customers must either install the Coil extension in their web browsers, or use a compatible browser like the Puma Browser. The service will reward participating websites and creators based on how much time Coil customers spend on their content.</p> <p><a href="https://www.ctrl.blog/entry/coil-transparency.html#src=feed">Read more …</a></p> urn:uuid:7138a7fa-7087-4144-a077-5da2b7902c4a 2021-04-03T15:07:00Z 2021-04-09T23:49:00Z GNU Parallel can do anything, but scripting may be the better option GNU Parallel is a powerful Linux parallelization tool for local and remote jobs. Its unique command syntax and complex requirements makes it difficult to use. <p>GNU Parallel is a utility that lets you run command jobs in parallel; on local and on remote hosts over the network. It’s incredibly powerful when you need something more flexible than <code>xargs</code>, and it’s especially useful with small computer clusters.</p> <p><a href="https://www.ctrl.blog/entry/not-gnu-parallel.html#src=feed">Read more …</a></p> urn:uuid:2e3c6189-b7e4-4119-bf0a-3918388584f2 2021-04-03T03:06:00Z 2021-04-11T04:23:00Z Set Store apps as the default for arbitrary file types in Windows 10 Here’s how to make Windows File Explorer open arbitrary files types in apps installed from the Microsoft Store. Includes common troubleshooting steps. <p>Windows won’t let you open arbitrary files with apps installed from the Microsoft Store unless it knows the app can handle the file type. App developers provide information about supported file extensions and protocols when they submit the app to the store. Windows 10 doesn’t make it easy for power users to override this list. Here’s the least painful way to do it.</p> <p><a href="https://www.ctrl.blog/entry/win10-store-default-apps.html#src=feed">Read more …</a></p> urn:uuid:c98cf16a-e10b-4cfc-ae0c-2e2c58a47ef4 2021-03-24T03:08:00Z 2021-03-24T03:08:00Z Kitty Letter word-scrambled my brain Who knew an enchanted letter vortex could cause you trouble falling asleep? How a mobile game engraved a repeating pattern into my brain. <p>Kitty Letter is a free mobile game from the creator of The Oatmeal webcomic. It’s a simple word game that quickly engraved an obsessive repeating pattern into my brain. Here’s my cautionary tale about the game.</p> <p><a href="https://www.ctrl.blog/entry/kitty-letter-scrambler.html#src=feed">Read more …</a></p> urn:uuid:e49aa33d-785f-4d65-afb6-1a0cebe895c8 2021-03-22T19:39:00Z 2021-03-22T19:39:00Z Get Meltdown Alert notifications for PlanetSide 2 Receive browser notifications at the beginning of Meltdown Alert events on your server in PlanetSide 2! Join the fight on Auraxis! <p>I’ve made a small webapp that sends you a notification at the beginning of Meltdown Alert events in PlanetSide 2!</p> <p><a href="https://www.ctrl.blog/entry/planetside2-meltdown-notifications.html#src=feed">Read more …</a></p> urn:uuid:c3b95eae-b275-45dd-a13c-6314016017f1 2021-03-10T18:08:00Z 2021-03-10T18:08:00Z Jellyfin and metadata privacy The Jellyfin media server can enrich your media collection with metadata from online sources. The price may be free, but the cost is metadata for metadata. <p>I recently migrated my home media server to Jellyfin. One of the advantages of using it is that it can supplement your (mainstream) media collection with poster graphics and rich metadata pulled in from sources like The Movie Database (TMDb) and TheTVDB. As with everything that talks to someone else’s servers, this feature comes at a cost to privacy.</p> <p><a href="https://www.ctrl.blog/entry/jellyfin-metadata-proxy.html#src=feed">Read more …</a></p> urn:uuid:532d0e7f-727e-462a-871a-8d8a154010f6 2021-03-03T17:42:00Z 2021-03-21T21:04:00Z From Plex to Jellyfin Media Server Why I uninstalled Plex Media Server after over a decade and migrated my movie and TV show collection to Jellyfin instead of Emby. <p>I’ve used the Plex Media Server for over a decade. It’s been my primary way to catalog and watch my movie and TV show collection. Plex can neatly organize media, fetch metadata and movie posters, and keeps track of what and how far you’ve watched your media files. It can also transcode and stream media in multiple multimedia codecs to ensure compatibility with all types of devices and screen sizes.</p> <p><a href="https://www.ctrl.blog/entry/jellyfin-vs-plex.html#src=feed">Read more …</a></p> urn:uuid:9a53d927-a9c7-49f4-a79a-6b6e6f14a798 2021-02-23T19:42:00Z 2021-02-23T19:42:00Z Be wary of file sync conflicts with KeePass apps on Android An investigation and comparison into how KeePass-compatible password manager apps for Android handle external changes to an unlocked password vault database. <p>KeePass is a tried and tested open-source encrypted password manager available for Windows. You can also use one of the many forks for Android, iOS, Linux, macOS, and other operating systems. KeePass has created the defacto standard for encrypted password vault/database files (<code>.kdbx</code>). Syncing the vault files between your computers and Android can cause problems with some KeePass apps, however.</p> <p><a href="https://www.ctrl.blog/entry/keepass-file-conflicts-android.html#src=feed">Read more …</a></p> urn:uuid:9af4f6da-1d43-46c4-9b29-bc3aee8023ca 2021-02-20T15:25:00Z 2021-02-20T15:25:00Z Please don’t make me choose a username Forcing the user to choosing a username is a terrible user experience. No one wants to use an online service that forces a name you don’t like. <p>I hate username fields in registration forms. The usernames I want are, of course, already taken. Many services won’t let you change your username later, so you might get stuck with it. Who wants to settle for a name they don’t like? Just <em>please don’t make me choose a username.</em></p> <p><a href="https://www.ctrl.blog/entry/usernames.html#src=feed">Read more …</a></p> urn:uuid:e05b5664-4197-4bf8-bc85-27aa8426ef92 2021-02-15T10:22:00Z 2021-02-15T10:22:00Z Don’t be shady, deploy your JavaScript source maps Source code minification is beneficial, but the resulting obfuscation reduces trust and transparency. Source maps can help restore these and let people learn. <p>JavaScript source code minification is a beneficial tool for reducing download file sizes. However, the resulting obfuscation makes the code difficult to read, and reduces trust and transparency. Public source maps will help restore code readability and transparency. As a bonus, it enables others to learn from your code.</p> <p><a href="https://www.ctrl.blog/entry/deploy-javascript-source-maps.html#src=feed">Read more …</a></p> urn:uuid:9fa1cdcb-2e66-46ec-a316-a8bd52da75d2 2021-02-14T18:15:00Z 2021-02-14T18:15:00Z The built-in Windows 10 web browser you’ve never heard about Windows 10 has a built-in program called Internet Browser (not to be confused with Internet Explorer) that helps you open link files in your preferred web browser. <p>I double-clicked on a <code>shortcut.url</code> file and Windows asked me to choose a program. The dialog listed an unfamiliar program called Internet Browser, not to be confused with Internet Explorer. I’d never seen or heard of this program before.</p> <p><a href="https://www.ctrl.blog/entry/windows-internet-browser.html#src=feed">Read more …</a></p> urn:uuid:bbf047a2-7c3a-49af-b794-db70a04d186e 2021-02-12T20:02:00Z 2021-02-12T20:02:00Z systemd application firewalls by example <code translate=no>systemd</code> application firewalls by example Restrict Linux services’ network traffic with per-service systemd firewall rules. <p>An application firewall, unlike a gateway (router) or system level firewall, is meant to limit the networking of a single application. It can be used to prevent a compromised service from seeing into the local network, prevent programs from calling home, plug metadata leaks, or more tightly control a program’s network access.</p> <p><a href="https://www.ctrl.blog/entry/systemd-application-firewall.html#src=feed">Read more …</a></p> urn:uuid:2254757c-fd79-4119-b6a2-3e9036431bc7 2021-02-10T13:15:00Z 2021-02-10T13:15:00Z Don’t use RouterOS DHCP lease scripts to manage DNS MikroTik’s DHCP lease scripts don’t execute on DHCP renewals, causing issues with DNS registrations when devices suspend and rejoin the network later. <p>The RouterOS DHCP Server (MRDS) from MikroTik doesn’t natively support registering hostnames from DHCP leases to its DNS server. Instead, it supports executing a “DHCP lease script” when new leases are issued, released, or expires. You can use a lease script to manage DNS entries for DHCP leases. However, this isn’t the best solution for managing static DNS registrations for your network hosts.</p> <p><a href="https://www.ctrl.blog/entry/routeros-dhcp-lease-script.html#src=feed">Read more …</a></p>