I recently wanted to buy a new Harddisk. I did not want one that uses "shingled magnetic recording" because thats awfully slow. Instead I looked for a "perpendicular magnetic recording" HDD, but I learned thats not a thing anymore. Instead I could buy CMR disks.
For those getting here by google looking for a quick answer: CMR=PMR.
For those who want to know why PMR was renamed to CMR and why SMR disks are slow:
read on
In an attempt to piggyback on the people's vague fear of random lawsuits in Germany, I'll blog on how to remove the last octet of an IP in NGINX log files.
Do you want to know more or get sued?
I recently dropped my Sony Z5 Compact and the glass on its back splintered. So I bought a new phone. Sony A Z5 Compact for the horrendous amount of 70€.
When I bought my last phone everything had to go quick, Cyanogen mod was just announced dead and LineageOS was not ready yet. So I just installed the stock rom and lived with it.
This time I wanted to go with a custom Rom and without any Google Apps on it.
Here is what i did:
Recently I once again stumbled upon a detail of the HTTP specification involving the POST verb and "enforced" https. I'll document it here in an attempt to save other people the time (hopefully also future-me).
Do you want to know more?
Flask pretty-prints response generated by the
flask.json.jsonify function. Avoiding this on a per request basis doesn't seem to be intended: There is a configuration variable for the whole application: JSONIFY_PRETTYPRINT_REGULAR. But setting that to False minifies every JSON responses. And, in general, I enjoyed the pretty printed output. So implementing X-PrettyPrint - which seems to be a quasi-standard - also sounded like a the wrong way because it means replacing the call to jsonify by a custom implementation. This short story has a happy end though: Flask does not pretty-print the response if it receives an AJAX request. So one can just send the appropriate header:
curl -H 'X-Requested-With: XMLHttpRequest' "https://exmaple.com/api/endpoint.json";
For some reason, [Jira]'s [formatting] is not Markdown. Since you write everything in Markdown, you might be looking for a converter. If you furthermore hate node.js as much as yours truly, the search can easily claim your soul. Rest assured - I think [mistletoe] is the answer we are seeking. It is a pure Python Markdown parser which can render the parsed Markdown in any format, and one of them is Jira. It even comes with a [script] for this exact purpose.
[Jira]: https://jira.atlassian.com/
[formatting]: https://jira.atlassian.com/secure/WikiRendererHelpAction.jspa?section=all
[mistletoe]: https://github.com/miyuchina/mistletoe
[script]: https://github.com/miyuchina/mistletoe/blob/dev/contrib/md2jira.py
I am writing a backup script which is supposed to backup data to a remote server, encrypted, and run as a scheduled task on a Windows machine. If you want all of that, you will have to store the encryption key somewhere. Instead of storing the password in plaintext, I had the idea to use the [Data Protection API]. Initially worried that I might have to write a wrapper for [CryptProtectData] myself, I quickly found the decent looking github project [DPAPIbridge]. Ultimately however, I figured out that Powershell can do all things. Presenting
vault.ps1:
Param(
[string] $StoreSecret,
[Parameter(Mandatory=$True,Position=0)]
[string] $filename )
[void] [Reflection.Assembly]::LoadWithPartialName("System.Security")
$scope = [System.Security.Cryptography.DataProtectionScope]::CurrentUser
if ($StoreSecret -eq "") {
$data = Get-Content $filename
$ciphertext = [System.Convert]::FromBase64String($data)
$plaintext = [System.Security.Cryptography.ProtectedData]::Unprotect(
$ciphertext, $null, $scope )
[System.Text.UTF8Encoding]::UTF8.GetString($plaintext)
} else {
$plaintext = [System.Text.UTF8Encoding]::UTF8.GetBytes($StoreSecret)
$ciphertext = [System.Security.Cryptography.ProtectedData]::Protect(
$plaintext, $null, $scope )
[System.Convert]::ToBase64String($ciphertext) > $filename
}
vault.ps1 [-StoreSecret SECRET] FILE. If the optional argument is present, it will store a protected blob containing SECRET in FILE, otherwise it will read a blob of protected data from FILE and print the enclosed secret string.
[DPAPIbridge]: https://github.com/vincepare/DPAPIbridge
[Data Protection API]: https://msdn.microsoft.com/en-us/library/ms995355.aspx
[CryptProtectData]: https://msdn.microsoft.com/de-de/library/windows/desktop/aa380261(v=vs.85).aspx
[Borg]: https://borgbackup.readthedocs.io/en/1.1.2/usage/general.html?highlight=borg_passcommand#environment-variables
I am quite unsatisfied with the current state of full disk encryption solutions available for use with Windows 10 on a Laptop with SSD. This blag post will mirror some of what [Bruce Schneier already said on the matter][Schneier2]: I will discuss some of the options and point out problems. I am not offering a solution, just a variety of bad choices to pick from.
[Schneier2]: https://www.schneier.com/blog/archives/2015/06/encrypting_wind.html
Do you want to know more?
So you develop in [Microsoft Visual Studio Community Edition](https://www.visualstudio.com/de/vs/community/) and you long for the old days when there was a way to get the [MSDN Library](https://msdn.microsoft.com/en-us/library/) as an offline help file? Fear not, you still can. Open Visual Studio, type
Ctrl+Q to open the quick access bar, usually located in the upper right corner of your interface. Enter Help Viewer, it should yield one result by that name, marked as an *"individual component"*. Selecting that entry should allow you to download and install the Help Viewer. Now relaunch Visual Studio and start the Help Viewer via quick access in the same way. You will be prompted whether you want to download some *content* - and I bet you do.
I am not very disciplined. So trying not to be distracted while working at my computer is a major project for me. Since "deep work" is en vogue, it is possible to disable notifications in nearly every app nowadays. But there are often tiny bits one cannot change: Slack's icon in the notification area is one of those things: Whenever you have an unread message in any of the channels you are part of, Slack will show a small blue dot on its icon in the notification area. One can argue that it is not that hard to ignore that but fishing is also not that hard and I cannot do it. What I can do though is overwrite
slack-taskbar-unread.png by slack-taskbar-rest.png in %APPDATA%\Local\slack\app-VERSION\resources\app.asar.unpacked\src\static\.
Spoiler: My main point in this post is not given away by the title.
But first things first: What are all those words?
Would you like to know more?
Part of me wants to write about all the [horror](https://www.bleepingcomputer.com/news/security/ten-malicious-libraries-found-on-pypi-python-package-index/) and [glory](https://crates.io) there is to be seen in package management, but quite frankly it'll take too long. Instead, I will just leave you with a tiny piece of advice. Here comes. If you are on Windows and you want to install a *legitimate* Python package (like for example [PyCryptodome](https://pypi.python.org/pypi/pycryptodome), because naturally you are **fully aware** that [PyCrypto is dead](https://github.com/dlitz/pycrypto/issues/173).), which in reality is a bottomless pit, at the center of which there is a C library, straight from hell - then maybe get the [Microsoft Compiler for Python](http://www.microsoft.com/en-us/download/details.aspx?id=44266) instead of, who knows, wasting hours or even days looking for a less reasonable solution. Credit, as so very often, [goes to stackoverflow](https://stackoverflow.com/a/27327236/1578458).