Monday, November 23, 2015

Run Pip Against Your Local Pypi Server

A couple of weeks ago I posted about creating your own pypi mirror.  Being the anal type and wanting a complete mirror (in case I needed a slightly older version of any module), I gave a quick tutorial on how to do this using the bandersnatch module.

Hopefully you have had time to download everything and have sitting nicely in a directory.  I say hopefully as it was 180gb when I downloaded it and I know that not everyone has a fast connection.

As a note, anything done from this point is done inside of a virtual environment.  If you haven't used virtual environments and are not familiar with them, I highly suggest you read about them as they have worthy benefits.

Now that you have your mirror created you need to put it to good use.  To do this there are a couple of things you need to do:
  • install a module for running a pypi server
  • edit the appropriate config file(s) to point to the new repo
  • start the pypi server
  • install a module while configured to point to your new repo
 For the first piece, you will need to install a module that provides you a pypi server.  There are a few such modules out there, so feel free to research them and find one that works for you.  For our basic purposes (as I don't currently need much beyond serving the mirror) I am using the 'pypiserver' module.  You can install that with:

    $ pip install pypiserver

Once the server is installed, you will want to start it with the following command:

    $ pypi-server -p 7777 ~/pypi/packages

That will start the server on:  http://localhost:7777/

You now need to make some config changes.  At a minimum you need to change  ~/.pip/pip.conf
You will want to mofify 'index-url' in the 'global' section of the config file to point to 'http://localhost:7777/'.   (I do suggest you remember where your config file was pointing to before you change it.  Its always a good idea to make a backup copy of the config file before you make your edits).

Now that you have that configured things and have the server running, its time to turn off your internet connection and do a 'pip install' of a module and see if it works.  



Friday, November 20, 2015

Creating A Rubygems Mirror On Ubuntu 14.10

So I guess it is apparent that I am on a bit of a kick creating mirrors.  This is because they are creating mirrors internally at work and I want to have a better understanding of how things work (and what is needed to puppetize things). 

Before we can get down to the nitty-gritty of creating the mirror, we have to do a bit of prerequisite work first.   To start with, I will tell you that I am working on a fresh installation of Ubuntu 14.10.  That disclosed, ruby comes installed by default.  Please know that I will be only referencing the

The first thing that we need to get installed is the ruby-dev package.  You can install that with the following command:
$ sudo apt-get install ruby-dev
After you install that, make sure that your system is up to date:
$ sudo apt-get update
$ sudo apt-get upgrade
Now, we need to get a couple of gems installed:
$ sudo gem install net-http-persistent
Next we need to install a whole slew of things (inluding git):
sudo apt-get install git-core curl zlib1g-dev build-essential libssl-dev libreadline-dev libyaml-dev libsqlite3-dev sqlite3 libxml2-dev libxslt1-dev libcurl4-openssl-dev python-software-properties libffi-dev
Now it is time to install rbenv.  This tool will provide you the ability to install different versions of ruby (other than the default).  Its handy, so I am including it here for giggles.   Here are the steps to install rbenv (these should be done as you, not sudo/root):
$ git clone git://github.com/sstephenson/rbenv.git ~/.rbenv
- Add $HOME/.rbenv/bin to your PATH variable
- Add eval "$(rbenv init -)" to your .bashrc file
 Now you need to install the rubygems-mirror gem.  This is what is used to create the mirror:
$ sudo gem install rubygems-mirror
After that finishes, you will need to create the the '.mirrorrc' file:
$ vi ~/.gem/.mirrorrc
 In this file, you are going to specify where to grab the gems from and where to put them on your system:
---
- from: http://rubygems.org
  to: ~/path/to/put/the/files
You will need to make sure that you create the directory you specify in the "to:" portion.
After you save the .mirrorrc file and create the directory, you are ready to start mirroring:
$ gem mirror
This is going to take a while.  I ran it and it took several hours to download (and I have a fiber internet connection with 30Mb down).  So, once you start the download, you might as well go do something (watch a movie, read a book, hack on a Raspberry Pi, whatever you feel like.  Just monitor it once in a while to ensure it keeps going successfully.

Warning:  The download is many gigabytes and you are going to need some space for it.

That's it, you now have a mirror of Rubygems that you can reference in offline situations.  Stay tuned and I will put up a post on how to run a server that points to this mirror so that you can put it to good use.
 



Tuesday, November 10, 2015

Creating A Pypi Mirror

One of the things I have read a lot of people like to do, is to create a local pypi mirror.  That way, when the real pypi is on the fritz or you don't have internet access, you can still install modules and work on your pet projects.

I worked through a bunch of different modules for creating a pypi mirror, and most of them seemed to make a mirror of the most recent versions of modules.  Which would be fine, except I am anal and wanted as complete of a mirror as I could get. 

So, after playing around with a number of different modules I discovered Bandersnatch.  At first it looked promising (claiming that the mirror would be about 120 Gb).  Considering that the module documentation was probably written (and not necessarily updated) a couple of years ago, I could only imagine what that number is now. 

I followed the installation from the above link and installed the module (in a virtual environment) and got it running and let it run until completion (which was about 3-4 hours later).  I did a df of the directory and BLAM!, a little over 180Gb of moudules.  Just WOW!!  Now that is the mirror I was looking for. 

I still want to play with some of the other methods (as having a mirror of the most recent set of modules is also handy), but this is definitely what I was looking for.  Hopefully this information allows others to create their own Pypi mirror as well.  I would say quickly, but that will depend on the internet connection you are using.

Monday, November 09, 2015

I Have A New Domain!!!!

At long last, I have set up a new domain name.  The previous domain (www.parsed.co) ended up being too expensive to renew.  I now have a new domain name for the blog, something that goes better with the blogs name:   www.parsedcontent.com

I hope that all the readers that I had previously will return.  I will put this out there asap so that people are aware of the new domain name.  Thank you to all for your patience during this arduous transition.

Thursday, September 03, 2015

raspi-config Missing On Kali Linux 2.0

A couple of months ago I purchased one of the shiny new RaspberryPi2's (you know, the one with the 900 Mhz quad core chip and the 1Gb of on-board ram) and have been playing with it.   Within the last couple of weeks, Kali Linux 2.0 was released.  Seeing as how I have this sweet RaspberryPi laying around, I figured, why not get Kali 2.0 running on it. 

So, for my birthday, my awesome wife got me a Class 10, 32Gb MicroSD card.  So I promptly loaded it with the freshly downloaded Kali Linux 2.0 image and booted it.  After logging in to the machine I did a 'df -h' and discovered that instead of the 32 Gb I expected to see (ok, so it would be 30Gb after reserve), I was only seeing around 7Gb of space.   I hadn't run into this quandry before as I had only had an 8gb card before. 

So, I did some googling and found that you can finagle the partition table with fdisk (which isn't installed by default, btw.  You will need to install the 'afflib-tools' package in order to get fdisk installed) and then reboot and resize the root partition.  Or, as a friend pointed out, you can simply run raspi-config and it will quickly (and quietly) do it for you. 

So I searched around and what do you know..... no raspi-config.  Apparently they don't see a need for this extremely useful utility on Kali, so you will need to install it yourself, which, after doing it, wasn't that awful.

First, download the latest version of raspi-config from  'http://archive.raspberrypi.org/debian/pool/main/r/raspi-config'.  Just search in there and either click to download it, or, if you are like me, copy the link and wget it. Note: Remember to download the .deb file as this is a debian distribution.

Next, you need to install the two prerequisites for raspi-config:

  # apt-get install triggerhappy lua5.1

After you have installed those two, you can simply change directories to wherever you downloaded raspi-config and issue the following command:

  # dpkg -i .deb

After that, you should be able to run raspi-config.  The first option is to resize the partition to reclaim space on the card.  That is what you want.  It will tell you to reboot.  Once you do, voila!, space reclaimed and your 'df -h' should show a ton more space (relatively that is).

Tuesday, September 01, 2015

parsed.co notice

It was nice to have the parsed.co domain name attached to my block, but unfortunately the domain is a bit pricier to renew than what I initially paid for it.  That said, please know that I have not renewed it and you will have to access my blog though blogger itself, until I can get a new domain attached.

My sincere apologies for this change.   Hopefully I will have a new URL on here in the near future.


Thursday, August 20, 2015

Running Puppet For A Single Module

For the last 2 1/2 years I have been working with Puppet.  Sure, there is a lot of debate about puppet versus chef, but where I work we use puppet, so the debate is moot. 

I was recenlty adding a user account for someone that needed access to a couple of our legacy systems.  These systems are on a version of puppet code that we have not maintained for almost 2 years (ever since we re-worked our network and re-wrote our puppet code to be cleaner and more efficient).

Erring on the side of caution I checked and found that puppet hadn't been run on one of the servers for almost 2 years (which is scary).  But, I needed to get the person's account propogated out to the machines in question (as we only use puppet for account management.  We DO NOT manually create accounts).

So, I decided to run puppet JUST for the module in question.  This has the benefit of only applying the changes of the module you want and nothing else in the puppet ecosystem.

First thing to do was to run the command, but with the added '--noop'.  This will allow us to see what changes were going to be made, without actually applying them:

# puppet agent -vt --noop --tags=module
The '--tags=module' portion of that line allows you to specify which module you want to apply to the system during the puppet run.  The '--noop' tells puppet to run in what is essentially known as 'just kidding' mode.  This means it will run, but it won't apply anything.  Instead, it will tell you what it would have done.  This way, you can see what changes would be made, just in case there were some you didn't expect.  This is an excellent feature that can help you avoid any unexpected changes that can really cause things to go awry.

After that runs and you confirm that all is ok with what it would have done, simply run the command again, but without the --noop, and it will apply the changes.



Sunday, August 16, 2015

sudo Vulnerability On OSx

I was perusing HackerNews and found an article mentioning that there is a vulnerability in sudo as Apple ships it.  The vulnerability is active because Apple ships its os with tty_tickets disabled.  What this means is that your logins to a machine (or terminal sessions as it were) are not treated as separate, but instead as linked. 

To demonstrate this, open two terminal windows and sudo to root.  You will be prompted for your password once, but not the second time.  To fix this, simply run 'visudo' (as root) and add the following line to the file.  ( I added a comment above it to say that it was a vulnerability fix:

# To turn off apple's giant privilege escalation vulnerability
Defaults tty_tickets
After you apply the fix, log out of your terminal sessions and open two new ones.  You should now have to provide your password on both of them.  

Friday, May 22, 2015

The Zen Of......

I was perusing around a couple of different new sites that I frequent and saw a post titled "The Zen Of DevOps".  Being in a DevOps position I decided to take a look.  What I read was pretty accurate with regards to the way one should be thinking with regards to DevOps.

Here is what the article said with regards to the Zen of DevOps:
Automated is better than manual.
 
Reusable is better than repeatable.
 
Multiple is better than single.
 
Single is better than unstable.
 
Continuous is better than planned.
 
Now is better than never.
 
Although never is often better than *right* now.
 
Special cases aren't special enough to be manual.
 
Collaboration rules over the rules.
 
In the face of ambiguity, refuse the temptation to guess.
 
There should be one-- and preferably only one --obvious way to automate.
 
If the automation is complex, it's a bad idea.
 
If the automation is simple, it may be a good idea.
 
Infrastructure as code is one honking great idea -- let's do more!
When planning out details during research for a project, these are certainly rules to design by. 
While we are on the topic of Zen, here is the popular "Zen of Python":
    Beautiful is better than ugly.
    Explicit is better than implicit.
    Simple is better than complex.
    Complex is better than complicated.
    Flat is better than nested.
    Sparse is better than dense.
    Readability counts.
    Special cases aren't special enough to break the rules.
    Although practicality beats purity.
    Errors should never pass silently.
    Unless explicitly silenced.
    In the face of ambiguity, refuse the temptation to guess.
    There should be one-- and preferably only one --obvious way to do it.
    Although that way may not be obvious at first unless you're Dutch.
    Now is better than never.
    Although never is often better than *right* now.
    If the implementation is hard to explain, it's a bad idea.
    If the implementation is easy to explain, it may be a good idea.
    Namespaces are one honking great idea -- let's do more of those!
I just thought I would share these.  Nothing technical, but certainly relevant to (at least) my every day.




Friday, April 24, 2015

Security should be concern #1 on the internet

I was recently reading hackernews when I came across a link to something called EveryoneAPI.  Supposedly a service that converts phone numbers into business intelligence.  So, out of curiosity I tried to visit the link, only to be presented with a blank page.  Odd.

So I went back to the hacker news page for it and visited the comments section.  On there were a bunch of people complaining about the same thing.  I almost laughed out loud when someone (apparently, supposedly someone that has something to do with EveryoneAPI) said that it had to be ad blocking software that people were using as an extension to their web browser and that they should "simply disable it" so that we could access their site.

One of the most important things to remember about online security is that if something was installed (by you or others) to keep you safe, the last thing you want to do is to disable it.  As we all know, there are some really nasty things out on the internet (virus', trojans, and even worse, ransomware).  The last thing you want is take advice such as this, which puts you in a position of being vulnerable to such things.  It is better to just take your mouse and close the window.

Your security on the internet is paramount.  This not only applies to you, but your computer as well.  Here are some guidelines that you really should follow:

1.  Make sure that you have a router between your computers and the internet.  The last thing you want to do is put your computer directly onto the internet for others to be able to get directly to.
2.  Make sure that you have the appropriate security setup on the router when installing it:
  • Change the default administrator password
  • Make sure that if is a wireless router, and you are using the wireless portion, that you turn on encryption at the strongest level (WPA2).
  • When setting up the encryption, be sure to choose a very strong, unguessable password.  If you are like me and use products such as LastPas for credentials storage, the application has a built-in password generator.  Make sure to include all character sets, require every character type and set the password length to a high number (I try not to use anything less than 15 myself)
3.  Never, ever put any trust in a pop-up security alert.  Do not click them, just close the page and leave.
4.  Don't click on links in emails from people you do not know.  They are more than likely phishing.  Most financial institutions and credible businesses will not email you and ask you to provide them with your personal information.   Report any such emails as spam in your email system and move on.
5.  DO NOT open any email attachments sent to you from people you do not know.   This is also a very bad thing and could lead to your computer being infected or worse, taken over.
6.  Browsers such as Firefox and Chrome have extensions to prevent Phishing, called phishing blockers.  Pick one, install it and let it do its job.
7.   STOP or DO NOT use Internet Explorer (IE).  That browser is absolutely awful and you should stop using it immediately.  People who write virus' and other such malware love IE because of the ease with which it propagates their malicious code.  Firefox or Chrome are so much better and they are free.
8.  Use strong passwords anywhere you need to create an account (see note in #2 about creating strong passwords).
9.  Strong passwords don't make it easy to remember, so use something like LastPass (which is FREE) to remember the sites, logins and passowrds that you have.
10.  I know that some people will tell you to enable auto-updates on whatever type of system you are on, but I will just say to make sure you keep your software updated.  I do not use auto-updating myself as I am not always in a position to allow major updates to "just happen".
11.  If you are running on Windows, please be sure and use anti-virus software.  There are free options out there, just find one and use it.   As for Linux and OSx, I leave it up to you.

Ok, now that I have gone over some of the most prevalent security rules for you and your computer on the internet, go forth and surf safely and securely. 

Wednesday, April 01, 2015

Oh look.... my blog

Yes, its true.  I have completely neglected this blog over the past couple of months.  It is by no fault of my own, but instead I place the blame on the reason, "I was working".  Work has been quite busy, keeping me virtually chained, working on sprint stories. 

Don't get me wrong, I love my job, I am just giving a reason for the neglect that I have provided my readers.  The good news, as that all that hard work has provided me with some content which I plan on posting.  Hopefully I can get a post up here very soon so that I can quench your thirst for geek knowledge. 

Till then, keep coding!

Saturday, January 31, 2015

Online Learning For The Self Taught

To begin with, I am a self taught person.  I spend most of my downtime trying to learn or read about something new.  I am always of the mind that I don't know everything and that there is always something that I could be learning.  If you ask my wife, she will tell you that whenever I go someplace, I typically have a book with me, or have my nose in a website trying to learn something.  You should never, ever stop learning.  It keeps your brain young and you on the cutting edge (if that is where you yearn to be).  For my field (I am a Systems Engineer), there are so many changes every day, you can never truly keep up.

Now don't get me wrong, I am not slamming or advising against a formal education.  If you have the opportunity afforded to you to go to college, by all means, go.  You will not regret it and it will benefit you in the long run.  There are some organizations where they require a college degree or they won't even look at you as a candidate (yes, I have run into these).  But, if you are like me and you either don't have the chance, or were not able to finish college, then you will need to seek your knowledge elsewhere, and today that is the online world. 

Online learning takes many shapes.  You can find tutorials on a large number of sites, usually blogs, that will guide you step by step through a particular task or in learning a programming language.  Then there is a slightly older technology called a CBT (Computer Based Training).  You won't run into this much online, but you may find it at large companies that have an internal training department.  You sign up and take courses from their internal learning website.  Its one way, they feed you the information and you write it down.  There may even be a quiz or two. 

Then we get to one of the latest things, the MOOC(Massive Open Online Course) or also referred to as Open Courseware.  This is a system that has now been employed by universities and websites alike, allowing people to take their courses either for free, or for a fee.  Some of these even offer a certificate as proof of passing the course.  

You will find that there are many universities that you have heard of that have MOOC available to the public, but also some you may not have.  A couple of names that stand out are MIT, Stanford, Yale, Johns Hopkins, Harvard, Duke, and the list goes on.   You may find that while the colleges have a page on their site to inform you about their open courseware, their site actually links to something like Coursera, or EDX.

When I first started looking for online resources to learn from, I came across some of the typical "Hey, come here and take our course on ", only to find out that it was either misleading and only gave a very small, a lot to be desired intro, or they got you to a point and they hit you up for money to continue the course.  That really burned when I ran into that.  There are still those today, believe it or not.   I am big into Data Science, and discovered a site called dataquest.io.  I started off with the first lesson or two, but was soon prompted to sign up for their premium service if I wanted to continue.  I was disappointed as there was some aspects of the site that I was interested in, but I just don't have extra funds to pump into something like that at the moment.  I have to keep things on the cheap.  So if you are interested in something like that and have the funds, but all means, check it out.  
So in my further quest, I decided to try and find if anyone had compiled a degree curriculum or syllabus, listing the courses needed to fulfill that degree, with links to said courses.  It took me a bit of searching, but I finally found a couple of links to what I was looking for.  

The first one I found was that of a Bachelor's level curriculum in Computer Science.  This was great, exactly what I was looking for.  What was better, was that that page was already updated to include a link to their Intensive Bachelor's level curriculum in Computer Science.  This was fantastic.  I looked through both lists and was amazed to find such a complete curriculum list, compiled and with links.  

While I was blown away by what I had found, I wanted more.  I still have an interest in Data Science.  There has to be something out there to satisfy that need, and there was.  I bring you, the curriculum for the Open Source Masters in Data Science.  This filled a void, and a big one.  This had an awesome set of courses and links to books as well.  

As you can see, I was able to find 3 different resource that provided me a full curriculum, with links to courses.  All that's left now is to take the courses.  Ah, to have that much time available.  If you do, that's awesome, have at it.  I, unfortunately, only have so much time, but I do my best.

In all of my perusing of the internet learning resources, I have come across a few and made some notes on them.  I provide those for you below, with some of my comments on each.  

Online Learning Sites

- All free
- Beginner learning tracks
- git (source control), web dev, iOS, misc electives, ruby, javascript
- Also has screencasts giving overview or tutorial on specific topics  (ie:  they have a 4 part screen cast on docker)

- Computer related
- courses are free to take
 - You can get a certificate for some courses, but that costs money

- A large number of courses in a bunch of different categories
- free
- all link to free courses at schools that have the courses online

- Tons of courses
- Free
- Not always current teachings, but within a few years.  Material still quite valid.

- large array of courses
- math
- languages
- computer science
- web development
- all free

- tons of courses
- all free
- great for kids

- 10K free, online courses

- Lots of topics
- Degree related studies
- Free

- Lots of topics
- Free

- Lots of courses
- Free
- Large array of topics

- Free
- All technology based

- Costs $$
- Technology based

- Free
- Each topic shows places on the web to learn

- Laern to code
- Free
- A few different tracks

- College
- Free online courses

- Free
- Online Educational courses in a variety of topics

- Course software offered by from multiple online sources

- DevOps approach
- Free

- Learn data science in your browser
- Misleading initially.  You can only take a few 'missions' for free, but then are required to pay a subscription of $35 or more a month to continue.

- Online curriculum
- Lists where to take courses
- Lists resources for online learning
- Also lists book price, if available



Well, that is the list which I have compiled thus far.  Its not complete by any stretch, but instead is meant more as a taste of what you can find via your favorite search engine.  There are so very many sites that you can find, hopefully you will find the courses that are right for you and further your knowledge.  

So go forth, and learn ( and have fun doing it ).  Master your craft and be the best that you can be.

Not to be all cheezy, but I leave you with a quote from the movie "Drumline":

"And if you don't have the honor and discipline to learn you craft... then quite frankly Devon, you don't deserve to be here."   - Dr. Lee to Devon Miles

















Wednesday, January 21, 2015

Passwords.... Passwords Everywhere

The online world has grown so incredibly much over the past 20 years that its mind boggling.  I remember when all I had to remember was several passwords.   Of course back then there were BBS's still in existence and the internet was an amazing playground just waiting to be explored and getting bigger every day.

Today the number of passwords that you need to remember is astronomical.  Because of that, password security is something that people get extremely lax on.   You hear jokes about people using 'password' as their password, or things like '123456', 'secret', or some other easy to remember word, phrase or date.  In fact, they do an annual survey of the worst passwords of that year.  I hate to say it, but its ignorance of password security that causes people accounts to so easily get hacked.  Now and again I get an email from a friend with a link in it, or directing me to "check this out".  Its usually something out of character for that person. I am extremely skeptical and security minded, so I tend to be wary of things.  I will inform the person and usually they confirm that their account was accessed illegally and that they just changed their password.

One of the biggest complaints I hear is "Sure I can create harder passwords, but how will I remember them?".    I can completely sympathize with that thought, but these days there are applications to assist you with that.  There are password managers that you can use to store your passwords in so you don't have to remember all of them.  You just need to ensure the password to use that application is secure and that you remember it.  And that is what I would like to talk about in this post, because there are far to many easily brute forced passwords out there.  All a person would need is a really detailed set of dictionary files to work off of and they could successfully get into one or more accounts in a system.

There are generally two types of applications:  desktop and browser based.  The application that you choose is up to you, but I recommend trying a couple out and finding one you like and sticking with it.

One of the more popular applications is LastPass.  LastPass runs as an extension to your browser and is available for all 3 major OS's (Linux, Windows and Mac) and all browser (Opera, Chrome, Firefox, Safari and *cough* *cough* IE).  I use LastPass (almost) exclusively and love it!  As you surf to a new site and log in (or create a login), LastPass will offer to create an entry for the site in its database (if it doesn't already have it).  If there is an entry, it compares it to see if it has changed (and offers to update the entry if it has).   LastPass is quite handy and because of it I have the option in my browser to save passwords, turned off.  Of course that is something you shouldn't do anyway.   One really handy option in LastPass (and other softwares as well) is the option to generate secure passwords.  LastPass will generate them and if you click the button to accept it, it will populate it into the form field(s) and then save a generic entry for that site.  So handy!  Oh, and LastPass is FREE!

If you are on a Mac, 1Password is comparable to LastPass.  The only difference is that 1Password costs about $35,  but it is well worth the money.  It has a browser extension just like LastPass, but also has the added nicety of also being its own application on the Mac.  This allows you to store more than just website passwords.  May be you have some company secrets you don't want getting out, or a list of combinations to you safes (mind you I am being totally hypothetical here).  Either way, you have options.

Moving on, another popular application is KeePass.   This application is a standalone application by default, but does have plugins that you can install to give it more functionality, such as browser integration.

One thing that all of these applications have in common though, is that the data itself is encrypted.  That way nobody can just access your stored information without proper access.  For all of these applications you need to supply a password to use them (which you setup after you initially install them.  Some application (like KeePass) have the added benefit of allowing you to specify a key (ssh key for example) for added security.  This key would need to be present and the correct password also entered, providing a form of 2-factor authentication.  This is nice because the key would not have to reside on the machine  You could store the key and database file(s) on a thumb drive (for instance), and keep them with you at all time.

Another option for keeping things a bit more available is if you have a DropBox account, or a similar service, you could store your databases in your dropbox account and access them when you need to.  DropBox's site claims that your data, no matter what you store, is stored with AES256 bit encryption.  Even though the database files that go along with the KeePass application are already encrypted, the extra encryption certainly doesn't hurt.

All-in-all, my recommendation is to try something out and see if you like it.  If not, move on to the next one.  Examine the features and see what is important to you from a security standpoint.  I personally use a combination of LastPass for my internet, 1Password on my work laptop (company provided) and KeePass on my home laptop.

Feel free to Google search password managers and explore what is out there.  It is always better to be safe than sorry.   Password security is no joke.  What's nice is that these applications make the task of having harder, more difficult to crack passwords a bit more palatable.  Especially when they are doing the storing / remembering of logins.  

OSx 10.10.1 Annoyances

If you have had a Mac for any length of time, you are probably used to upgrading to the latest version of the OS when they release it.   Of course within the past couple of years we have all learned that we even have to be wary of Apple and its releases, as they have not been perfect by any stretch.  

My work is holding off on the latest release due to incompatibilities with some pieces of software.  This didn't stop me though, and this was because:  1. I had already upgraded, and 2. Luckily it turns out I didn't use the software in question.  Yay!

But, I have noticed that there are a couple of things in the new release that I find particularly annoying, especially since the modified behavior that I had either previously set specifically, or that was already a default action(and I preferred).

The first one is the setting in System Preferences for automatic display brightness adjustment.  I find this setting annoying as I don't like my computer deciding how bright my screen is supposed to be.  Also, having the screen brighter certainly drains a bit more of the battery.  My eyes are adjusted to having it set lower, and I like it that way.  Plus, when you have a headache(or migraine as I tend to get), the last thing you want is a brighter screen.  

With the 10.10.1 release, the update turned on automatic brightness adjustment.  It took me about an hour to actually notice it.   But if you want it off (like me), go to System Preferences -> Displays and uncheck the box next to "Automatically adjust brightness".  

The other setting that really irked me was that after updating to 10.10.1, I noticed that the default behavior of the machine when you close the lid had changed.  For the longest time the action was to put the computer to sleep when you shut the lid.  After updating, the default action was to hibernate.  As people have probably experienced, hibernate is a royal pain, mostly because when you open your laptop, you have to press the power button and then wait for it to restore.  On a Mac, when you sleep it, you simply open the top and the display comes alive almost right away (within a couple of seconds typically) and you can then log in and get right to work.  Pretty much almost no waiting.  Hibernate is a sloth to come back in comparison to sleep.  

I had to do a little digging to figure out how to fix this.  What you need to is open up your command line terminal and enter the following to make sleep the default when the lid is closed:

  sudo pmset -a lidwake 1

After that, if you shut the lid, it should simply sleep.  Now, some people are probably saying, "Why not just specifically tell it to sleep?".  The reason is to save time.  Instead of taking the time to go to the menus and click sleep, you can simply shut the top of your laptop and have it automatically do it for you.  

Again, these are my annoyances with OSx 10.10.1.  If you are not bothered by them, then continue on.  Otherwise, I hope this helped to fix them for you.
 
Creative Commons License
This work is licensed under a Creative Commons Attribution 3.0 License.