KeePass, OTP, and Themes

Originally published 2018-09-06, updated 2020-07-29 My beloved KeepassX has not seen a release since 2016, but a newer fork entitled KeePassXC has. The latest version looks very much the same when viewed from LMDE3 with a dark theme. The added functionality is quite nice: A TOTP Seed and Code Generator. For native theme support (under ... Read more

WordPress Form and Comment Spam

As with security in general, escaping the scourge of WordPress form and content spam requires a layered approach. Here is what works. Databases and Behavioral Anti-Spam The first step is the one that nowadays works the least well. In the beginning we had Akismet, and things got better, but this is an arms race, and ... Read more

ufw, firewalld, iptables on Amazon Linux

ufw is known as a Debian (and Ubuntu) firewall, which is disabled by default but easy to use. There are some GUI front-ends which make it popular for Linux on the desktop. Coming from a CentOS background (RHEL/Amazon Linux AMI), ufw is not as common (as, say firewalld, or simply iptables, to which both ufw ... Read more

Debian on AWS Lightsail

This is a setup of several items, starting with Debian 9 on Amazon AWS Lightsail. This has server basics and apt, and then follows with links to additional articles. In general, after several years of running CentOS on Linode, and then Amazon Linux AMI on EC2 and Lightsail, I find that Debian 9 is simply faster, just as secure, and at least slightly easier to use.

Note: as of Sep 2020, Debian 10 is now available on Lightsail

I will update this soon (mid-2020) to Debian 10 - Bullseye (stable) on AWS and Debian testing on the desktop. I consider this combination to be very good for intermediate users as it keeps them up-to-date on the latest testing build (when things break, that is a learning opportunity), as well as having access to most recent versions of applications, utilities and support libraries. Debian is a huge linux ecosystem which is generally well-supported by a very large community. For one's production desktop environment, Debian testing is an excellent balance of up-to-date application availability and community supportiveness. Together with the extremely stable desktop environment using Openbox/LXDE, very low system requirements are needed.

To be honest, once getting the hang of Openbox/LXDE, I do not see any advantage to Linux Mint or Ubuntu, for that matter (besides the personal repositories). Cinnamon (available on other distributions than Mint) is buggy, memory hungry, and requires a bit of customization. Openbox/LXDE offers nearly the same kind of required customizations, but demands many fewer resources and is nearly crashproof. In my opinion, the good parts of Mint do not include cinnamon, rather applications such as Nemo and Pix, which can of course be installed and run without Mint or Cinnamon.

Read more

Telegram for Social Networking

Telegram is a great chat app, but there is more, and less to it, than say Twitter and Facebook. The first thing is that a lot of this gamification of likes/thumbsup is gone. Want to know if someone read your post? That has to be done either via direct message, or in a group (and ... Read more

Obfsproxy, Viscosity, OpenVPN

OpenVPN is great, and the OpenVPN command line client and the Viscosity GUI are also nice. However, all configurations need to be checked to ensure there is no information leakage. Secondly, the basic OpenVPN connection needs another layer of encryption and/or obfuscation, in order to interoperate with Internet firewalls and services that use deep packet ... Read more

Link Disavow Tool Bing Google Yandex

Link disavowel is desired someone (a competitor, or simply a derranged troll) has created low-quality links to your site. In some cases, in competitive, global markets, this may actually be the result of perhaps hundreds of domains created for the purpose of wrecking large numbers of competitors by providing Google with evidence of negative behavior. ... Read more

Referer, Referral, Analytics Spam

Spam, spam, spam, spam, spam, eggs, and spam. You get spam with your analytics. These are not real visitors, just spam in the logs. Here is how to de-spam your analytics. Google Analytics Spam Filters Admin > Account > Filters Add custom filter, exclude by hostname Filter Pattern .*(hostname\.tld|hostname\.tld).* Note that a filter can have ... Read more