Category Archives: IT / Computers

Off the Matrix Notes

Posted on by
Reply

Namecheap Shared Hosting

  • Free Dynamic DNS with domain (Namecheap has a free Windows client. Use zoneclient for Linux)
  • Email (IMAP): usese Maildir (for those who need migration)
  • Contacts: CardDav (use DavX5 adapter on Android)
  • Calendar: CalDav (use DavX5 adapter on Android)
  • Notes/Tasks: NextCloud (can sync with NextCloud’s built-in CalDav server)
  • Blog: WordPress
  • And of course, your own website!

VPS Hosting

  • NextCloud has File-On-Demand (like OneDrive) called Virtual File System (VFS)
  • YunoHost: easy to use modular self-hosting
  • UBOS Linux: distro for self-hosting. Even works for Raspberry Pi
  • Awesome-Selfhosted: has many free web services packages

Phone (Android only)

  • De-google your phone with microG Project
  • Play store: F-droid (Bonus: many open source apps that are paid apps on Google store offer the full version for free on F-droid to encourage you to move away from Google Play), Yalp Store

Research

  • restoreprivacy.com
  • Rob Braxman Tech (He knows about the nasty dictators like the Chinese Communist Party. Don’t think you are safe in America. The reach of the Chinese Communist Party Mafia, formerly known as the Chinese SOVIET Republic) is beyond our imagination.

Alternatives to Big Tech respecting privacy (for now)

  • Search (Google): DuckDuckGo
  • Browser (Chrome): Brave
  • Email (Gmail): see above (self-host) or ProtonMail (zero knowledge encryption)
  • Cloud (Google Drive, OneDrive, Dropbox, etc): see above (self-host) or use zero-knowledge encryption
  • Text/Chat (Whatsapp, Line): Signal App
  • Calling: Telegram has better voice quality than signal, but sometimes it has weird behavior on certain phones. Telegram does not have zero-knowledge proof, so it’s up to Pavel Durov (he’s usually good at not bending to totalitarians).

Alternatives to Big Tech that refuses to censor and manipulate users (for now)

  • Video (Youtube): Odysee (LBRY), Rumble
  • Facebook: MeWe
  • Twitter: Gab, Safechat, CloutHub has a crappy search feature, Parler now has PC bots patrolling and misfiring

Zero-knowledge encryption means the server have no access to the info you put in there as they are all encrypted and protected by a password which only you have (preferably use zero-knowledge proof so the owner of the server do not have any master keys to see your data: you lost the key and the data is practically gone forever)

Loading

ATX Motherboard 433Mhz Wireless Remote Soft Power Button

Posted on by
Reply

I tucked away my PC a little away from my workstation desk and the power switch is located at an inconvenient location. I tried to keep the wiring minimal so I’d rather not wire a dedicated ATX power switch onto my desk.

Unfortunately my motherboard does not support turn on by USB keyboard, and I’m not ready to upgrade because I am using it to test PCI data acquisition cards and it’s the fastest one that has 4 PCI slots and they are hard to find nowadays.

I found a $2.5 wireless module on eBay that claims to switch LED lamps which works on the standard 433Mhz channel and it replicates momentary switch pattern and can operate on 5V (My motherboard is new enough to have 5Vsb from onboard USB header).

Note that there’s a schematic picture which switched the colorings of the input and output pairs.
The actual wiring color is correct.

Initially I was tempted to get the built-in relay version, but I was worried about the current draw from 5Vsb and those are 12V relays., not to mention the footprint is much bigger (the one above is 22.5mmx 11mm x 8mm).

I thought I can figure out with some sort of BJT switch instead of using a relay that has a much bigger current draw requirement, but I realized it’s a pain in the ass because the output is ‘floating’ differential. The OUT- does not tie to the power ground (it’ll short out the unit when I tried to. That’s why I added quotes to ‘floating’ because it’s only relative to OUT+). I also measured OUT+ which is +5V with respect to power ground.

I tried to power a LED and it only works if current flows from OUT+ to OUT- so it’s really sinking current from source power to do that, and it’s unidirectional.

I’d just take a gamble and hook up with a 5V NO relay that I have around. Turned out it actuates with the 5Vsb from the USB header. I glued the relay to the back of the PCB and hook up a flyback/snubber diode (reverse biased) across the relay coil so the back EMF won’t fry my motherboard.

  • Image 111 - Remote Control Round Transmitter 433MHz RF Wireless DC 9V 12V 24V 10 Controller
    The transmitter switch costs $3.65, which is more expensive than the receiver board.
    It comes with 12V battery which is typical with 433Mhz door bells.
  • Press the learning button once and immediately press the transmitter button to pair

Seems like the transmitter-receiver pair is on momentary switch mode by default, so no addition configuration is needed other than pressing the learn button and immediately press the transmitter button to pair.

I wired a jumper extension cable (male – female) to the relay output from the middle as a by-pass since I’d like to keep the original power switch’s functionality (so it’s basically OR-ing between hardwired switch and the wireless remote 433Mhz switch)

  • The white wire is the antenna
  • Basic pinouts
  • Bottom view
  • Note the reversed-biased diode soldered across OUT+ and OUT- as snubber for relay coil
Close up for construction and the high level wiring.

Here’s an example of taking 5Vsb from USB header and tapping into the power switch jumper in Front-Panel jumper block:

Note that the PWR SW- pin is connected to the ground. Since I’m using a relay, the relay output is floating so the polarity does not matter.

Loading

NextCloud setup notes

Posted on by
Reply

Free Horde Webmail client was ugly so I was looking for alternatives to view my email, calendar, contacts and notes. After a bit of research, I decided to try NextCloud.

NextCloud hosts calendar/tasks (CalDav) and contacts (CardDav) as a server, but do not store emails. Use any email provider (from your ISP or free email services as long as they do IMAP/POP and SMTP).

  • Default welcome/demo files are under /core/skeleton (you can change this by editing /config/config.php)
  • If you move the folder, you have to edit the database and root location paths in /config/config.php
  • Need to setup MySQL first. Avoid PostgreSQL option as it does not work out of the box.
  • Disable sqlite3 PHP extension
  • If installed on shared hosting, install without featured app because it will install CODE which is a can or worms.
  • Collabora Online is a can of worms. See below

Collabora Online (LibreOffice engine to edit documents live on web browsers) require special handling:

  • There’s a free community edition called CODE (Collabora Online Development Edition)
  • Do NOT install the BUILT-IN CODE server Nextcloud App if you NextCloud is on a shared hosting because this will appear as a rogue app that slows Nextcloud to a crawl, exhausting entry processes (aka concurrent Apache requests), and still it’ll timeout opening a document. Probably malfunctioning due to some permission issues on shared hosting.

Ports that need to be opened (more accurately port-forwarded to the CODE server) for Collabora:

  • 443 (HTTPS)

Turns out port 80 (HTTP that starts with Univention administration interface) is not necessary. It just redirects to port 443 (HTTPS) if you forgot to type the URL starting with https:// (it’s http:// by default when you type in the address bar of your browser).

Since the URL of Collabora Online-server in NextCloud settings uses only HTTPS and a HTTP URL is going to be redirected to HTTPS anyway, don’t bother with forwarding Port 80 (HTTP) and enter https:// in the Collabora Online-server URL instead.

You don’t need to forward 9980 (WOPI) either. Somebody mentioned it in Nextcloud forum but that’s not the cause.

Well, the next part is the hairiest. Turns out even the Collabora server checks out with NextCloud, the documents won’t open (some weird error messages):

The webpage at https://<Collabora Server>/loleaflet/23e6a73/loleaflet.html?WOPISrc=https%3A%2F%2F<Collabora Server>%2Findex.php%2Fapps%2Frichdocuments%2Fwopi%2Ffiles%2F2180_octqxsu7tnwz&title=<Filename of document to edit>&lang=en&closebutton=1&revisionhistory=1 might be temporarily down or it may have moved permanently to a new web address.

Of course, substitute <Collabora Server> and <Filename of document to edit> with your scenario.

I tried going to https://<Collabora Server> and noticed this NET::ERR_CERT_AUTHORITY_INVALID error:

Turns out given my server do not have the SSL certificate installed yet (and I got around it by “Disable certificate verification” in Collabora Online setup), my users/clients has to manually visit the Collabora (NOT NextCloud) server and click through the security warning to accept the Collabora site that do not have a valid SSL certificate. After that the Collabora Online works properly!

In other words, if you run into certificate issues with Collabora server, NextCloud won’t tell you when it calls Collabora server (with REST API) to open the document, instead it’ll just appear as a fail HTTPS call without warning or giving you a chance to correct the certificate issue.

Loading

Dissociating Windows 10 account with Microsoft (online) account

Posted on by
Reply

I’ve recently closed my Microsoft account (finding big tech too intrusive and too eager to make users subjects of their social experiments, aka data harvesting) and do not want Windows to link to it.

After tons of research on forums, I’ve found that Microsoft removed “Sign in with a local account instead” button/link in “Settings->Accounts->Your Info” page since 2017. So this method won’t work anymore:

So far nobody offered a solution that does not involve starting over with a new local account, but in involves moving your user specific settings and desktop folders, which is a pain in the butt.

After exhausting publicly available avenues so that I’m not reinventing the wheel, I decided to go back to first principles trying to ‘crack the code’. The first thing I thought of, based off my intuition about Windows system since middle school, is to search for my associated Microsoft Account ID (the email account string) in the registry. Turns out it only appears only in two keys (branches):

#1: HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\UserExtendedProperties\{Microsoft ID}

#2: HKEY_USERS\.DEFAULT\Software\Microsoft\IdentityCRL\StoredIdentities\{Microsoft ID}
#3: HKEY_USERS\.DEFAULT\Software\Microsoft\IdentityCRL\StoredIdentities\{Microsoft ID}\{SID}

Replace {Microsoft ID} with your Microsoft (Web) Account Email address. {SID} is the security identifier of the underlying local/domain user account (starts with “S-1-” followed by a long string of numbers with dashes)

If your Microsoft (Web) account is associated with only one local/domain account (SID), simply delete the two registry branches (called keys) #1 and #2 that ends with your {Microsoft ID}. The line #3 is just a sub-key (sub-folder/ranch) under line #2, so if you delete the whole line #2 branch, the rest below it is gone.

Given the registry key structure, I’d anticipate that if you have associated the same {Microsoft ID} to a few windows local/domain accounts, and only wanted to just break its link to specific local/domain accounts without affecting the rest, you might want to just get rid of this

HKEY_USERS\.DEFAULT\Software\Microsoft\IdentityCRL\StoredIdentities\{Microsoft ID}\{SID}

instead of the first two registry paths that covers information about the {Microsoft ID} unrelated to the local/domain account. To find out which {SID} refers to the local/domain account you want to delete, go to command prompt and type this

WMIC useraccount get name,sid

and it will show you a table that maps your Windows local/domain account name to SIDs so you can pick out the right registry key path (#3) to delete.

Of course, after you’ve deleted the last SID associating {Microsoft ID} on your computer, you might as well delete all references to the {Microsoft ID} to avoid orphan registry keys that confuse people.

Loading

Updates to Linux on Pogoplug v4

Posted on by
Reply

I have an old Pogoplug v4 series hacked to install Debian Linux based on this instruction long ago: http://blog.qnology.com/2014/07/hacking-pogoplug-v4-series-4-and-mobile.html
which boots on an SD card, which I used as a no-ip update client.

I realized some of the URLs to the package servers are broken. So here’s my notes to update it.

First apt-get doesn’t work anymore because the files has been moved to the archive package server. The solution is to replace all the contents (now obsolete) in /etc/apt/sources.list by this line:

deb http://archive.debian.org/debian wheezy main

Then you update the package manager (apt-get) with this command:

apt-get update && apt-get upgrade

Note that it’s still Debian 7 and it will not work with new software that requires later versions

Loading