Ever since I started using Windows 10, it has been creating folders called "Camera Roll" and "Saved Pictures" in the "My Pictures" folder. It was the last straw. Applications had been creating subdirectories in the "My Documents" folder for ages now. Not again. The line must be drawn here. This far, no further. And I will make them pay for what they've done! Do you want to know more?


Why do I want to? Because I run the incredibly awesome [FreeNAS](http://www.freenas.org/) on a small server, and the jails are FreeBSD. One of those jails is supposed to be a in an N2N VPN, so I can access the files from elsewhere. Do you want to know more?


Are you also annoyed with the Windows lock screen? You know, the one you must swipe or click away before you can enter your login data. The one that doesn't even respond to shift anymore since Windows 10. It can be disabled as follows: * Open the Group Policy Editor. Either 1. press Win+R and run gpedit or, if you don't have gpedit.msc, 2. open the Microsoft Management Console by pressing Win+R and entering mmc. Go to FileAdd/Remove Snap-In, select the Group Policy Object Editor, press Add, Finish and OK. Expand the Local Computer Policy. * Navigate to 3. Computer Configuration 4. Administrative Templates 5. Control Panel 6. Personalization, edit Do not display the lock screen and set it to Enabled.


Just recently, the latest CyanogenMod nightly began supporting encryption on my phone, even though the bugreport still says it's an open issue. I don't mind. Anyway, this allowed me to finish a major project of mine: Protect the data on my phone, even in the case of a theft, while maintaining the ability to use the device conveniently. The goal. I want a strong disk encryption password, but i want a weak screen password or PIN, because unlocking the device is a frequent task. In such a scenario, it makes sense to implement an account lockout policy: In other words, we want the phone to shut down after, say, 3 failed attempts to unlock the screen. This prevents the screen password from being brute forced. Your device needs to be rooted to do everything I did. You will also need the Android studio if you want to do this properly, and it's a large download, you might as well start now. Click here if you're still interested.


I really love Signal, but it is lacking a good Public Key Infrastructure. I hope this is something that the WhisperSystems people are going to be working on in the future, because all the potential is there: The authentication method of scanning QR codes is brilliant, because it is so usable. For now, I have my fingerprint up on my homepage so people can verify it (as long as they believe that I have full control over my homepage). If you want to get your fingerprint as a QR code image file, this is what you do: Get the qrencode command line tool either through your Linux package manager or through cygwin on Windows. In Signal, choose My identity key from the main menu and type those digits into a file, say textsecure-fingerprint.txt. Then, use this little Python script to generate the QR code:
from base64 import encodebytes
from os import system
d = open("textsecure-fingerprint.txt","r").read().strip().split()
k = encodebytes(bytearray.fromhex(''.join(d)))
system("qrencode -o textsecure-fingerprint.png -l L -t PNG " + k.decode("utf-8"))
And there you go. If someone knows how to get the fingerprint directly from the device, I'd be happy to know that.


So you have a scanned document, and you want to produce a searchable PDF from these images. In my case, I want to digitalize some of my books. There are other tutorials out there, but none of them worked for me. Here's what I did, maybe it helps you. First, get a debian box and install the packages tesseract (this is the OCR software), xsltproc (dark magic), exactimage (for hocr2pdf) and of course pdftk. Now, take your scan and use scantailor to split it into several neat black and white .tif files, one for each page. Now, create a file called fix-hocr.xsl and put this in it:
<?xml version="1.0"?>
<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
<!-- use on hocr file to fix for hocr2pdf 0.8.9 textbox placement -->
<xsl:template match="/html">
   <xsl:text>&#13;</xsl:text>
   <xsl:copy>
      <xsl:apply-templates select="@*|node()"/>
   </xsl:copy>
</xsl:template>
<xsl:template match="node()|@*">
   <xsl:copy>
      <xsl:apply-templates select="@*|node()"/>
   </xsl:copy>
</xsl:template>
<xsl:template match="span[@class='ocr_line']">
   <xsl:copy>
      <xsl:apply-templates select="@*|node()"/>
   </xsl:copy>
   <xsl:element name="br">&#13;</xsl:element>
</xsl:template>
</xsl:stylesheet>
Don't ponder on that. It is a dark conjuring that fixes a bug in hocr2pdf. For every .tif file, we now do the following: * Perform OCR on it, and record the information of where the letters are located in the image. That's what HOCR is all about. * Do some vodoo with fix-hocr.xsl on the HOCR information from tesseract because tesseract's output causes problems with hocr2pdf, at least it did for me. * Use the hocr2pdf tool to create a PDF document which contains two layers: One layer of text information and the original tif image above it. And here's how we do that.
for pg in \$(ls *.tif); do 
 tesseract -l eng -psm 1 $pg stdout hocr |
 xsltproc -html -nonet -novalid fix-hocr.xsl - |
 hocr2pdf -i $pg -o "\${pg%%.tif}.pdf"; 
done
Ignore the warnings about nonclosing ?xml tags, they're bogus. Now you should have tons of searchable pdf pages, let's merge them into a document.
pdftk *.pdf cat output book.pdf;
The document will be huge. Compressing it is a whole different story of pain and awe. What worked pretty good for me was to convert the PDF to PS and then from PS back to PDF and then from that PDF to DJVU:
pdf2ps book.pdf book.ps;
gs -dCompatibilityLevel=1.4 -dBATCH -dNOPAUSE -dPDFSETTINGS=/ebook -dPDFA=2 -sDEVICE=pdfwrite -sProcessColorModel=DeviceGray -sColorConversionStrategy=/RGB -dUseCIEColor -sPDFACompatibilityPolicy=2 -sOutputFile=book2.pdf book.ps;
pdf2djvu --loss-level=200 --dpi=299 --verbose --monochrome -o book.djvu book2.pdf;
For 300 dpi files. Somehow, setting the DPI to 299 for pdf2djvu shrunk the file size absurdly, as opposed to 300. My wild guess is that 299 somehow allowed pdf2djvu to actually use its lossy compression, while maintaining the 300 did not. As you can see, I have no actual idea what is happening here, so you will probably have to toy with the options a bit like I did. Another side note: The PDF remained huge no matter what I tried, but I got the DJVU down to about 10kb per page, which would be 2mb for 200 pages.


Say you work somewhere where all workstations run Linux, only you have Windows on your laptop, which you basically use all the time. Now as I type this, I am not sure if anyone else shares my fate. Anyway; this does not stop you from running some of the cool Linux tools. Just install CygwinX (through the regular Cygwin installer) and start the XServer from the start menu. Icons will appear in your taskbar and you can start an XTerm. Inside that XTerm, type:
rattle@windows.box$ ssh -Y rattle@linux.box
Password: 
Last login: Thu Sep 17 12:43:19 2015 from windows.box

rattle@linux.box$ xmaple
and there you go!
Maple on Windows
Maple on Windows
The -Y switch is the one that does all the magic, obviously.


Today, this video tutorial led me to the application verifier, which is pure awesome, as explained here in part. I had never heard of this thing before, and I am having the time of my life with it. If you like Windows hax, check this out.


Scenario. You have a Windows 7 key and want to farm a Windows 10 key from it, using the automatic upgrade. Of course, you want to do this in a VirtualBox ((Side note. If you have a customized Windows, you possibly need to install Virtual Box 4.3.12 because anything after that will throw an error.)). The first thing you do is, set up a VM with at least 30GB of harddrive. Let's assume that this VM is called Nekarat. This is an outdated pop culture reference, google it. In the host system (not the VM), go to your happy place (i.e. cmd.exe) and do this:
cd c:\Program Files\Oracle\VirtualBox
VBoxManage.exe setextradata Nekarat VBoxInternal/CPUM/CMPXCHG16B 1
It will not seem like anything has happened, but trust me, it did. It enables a certain CPU instruction for the virtual machine without whome the Windows 10 update fails. Boot the VM. Install Windows and update it completely. Do not install the VirtualBox Guest additions: The display driver is incompatible with the Windows 10 update. Now might be a good time to make a snapshot if you want to upgrade more than one key. Activate Windows. Then, in the VM, add this to the registry, courtesy of filecritic.com:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\OSUpgrade]
"AllowOSUpgrade"=dword:00000001
Check for updates, it should now download Windows 10. Wanna know how to extract the key?


Virtual Desktops rock and you should read this list of new shortcuts before complaining that there are none, like I did. Important ones: * WIN + TAB, new task view opens up and stays open. * WIN + CTRL + D, create new virtual desktop. * WIN + CTRL + F4, close current virtual desktop. * WIN + CTRL + LEFT/RIGHT, switch virtual desktop. Unfortunately, the new start menu doesn't really rock. I suggest you have a look at my suggestion about the Search Everywhere Interface and maybe vote on it.


When students write exams, they want to know their score as fast as possible. However, the system that is supposed to deliver this information to the students is usually slow, for a lot of reasons that I will not go into. Where I work, it has become quite usual to publish a pdf on the course website that lists the student ID together with the number of points they scored. Since student IDs are usually anonymous, most people don't see it as a problem. However, the more this practice is used, the less anonymous a student ID actually is: Once there are enough of these lists public, this data might theoretically be used to connect a student to his or her student ID only by knowing which courses he or she attended. I propose a much better solution. I did not come up with this myself by the way, this is due to a brillian colleague of mine, but I still wanted to share it with the world. (more…)


I recently broke the display of my smartphone and wanted to sell it on eBay. However, I am paranoid about my data. So this is what I did: * Get a new phone and set it up. * Encrypt the Phone with Android's builtin encryption feature: * Set a lock screen password (not a PIN) with a random 16 letter string (at the time of writing, Android won't let you choose longer passwords). * Go to security in your settings and find the option to encrypt the phone, confirming your password. * After this is done, open an ADB shell on your phone. Because the phone's internal memory is flash, there might still be areas that contain sensible and unencrypted information. We will overwrite them with random data.
cat /dev/random > /data/junkfile
* If you have a stock Android installed, perform a factory reset. If you do not have a stock Android installed: * Go to the Google Developers' Factory Images for Nexus Devices page and grab your image. * Extract that file and find a batch file that will flash this stock distribution on your phone automatically. Warning. You might really have to try several different USB cables and several different USB ports on your computer before fastboot succeeds. For me it worked on the 3rd port and the 2nd cable, that's 7 failed attempts. * Take pictures of your old phone with your new phone and make sure to remove all the metadata from those pictures:
for img in $(ls *.jpg); do mogrify -strip $img; done
* Now you're good to go, put that old heap of junk up for sale! If you have any comments, go ahead.


So you want to have some more control over your android phone? Sure you do. For any, just slightly above userlevel stuff you might want to do with it, you require the tools ADB (the Android Developer Bridge) and Fastboot (Fast boot). Since I am still quite ignorant to all of this, I decided to write a small reminder blagpost for myself on how to get those tools. Oh yea, this is all on Windows. Linux users have package managers and stuff like this just works. You will need the Java Development Kit. After you got that, you need to get the Android SDK Tools. Download "SDK Tools Only". Once you have installed it, open the SDK Manager. It will want to install a lot of stuff, but unless you actually want to do development, you might not even have to install anything. I installed the following only: * Android SDK Tools * Android SDK Platform-tools * Google USB Drivers Assuming that %GSDK% is the path where you installed the SDK tools, you will find the applications adb.exe and fastboot.exe in
%GSDK%\Android\android-sdk\platform-tools
You might want to add that to your path, or not. Fun fact. If you use cygwin, you can call adb shell from a cygwin terminal and then invoke bash on the phone, and the cygwin terminal will interpret all the color codes sent back from the phone's bash correctly, so you can have a really comfortable shell open on your phone:
Shell from Cygwin on LG G3
MinTTY on LG G3 sporting CM12