We started producing shows as Today with a Techie on 2005-09-19, 13 years, 4 months, 5 days ago. Our shows are produced by listeners like you and can be on any topic that "are of interest to hobbyists". If you listen to HPR then please consider contributing one show a year. If you record your show now it could be released in 10 days.
Please help out tagging older shows !
Hosted by Ken Fallon on 2019-01-18 is flagged as Explicit and released under a CC-BY-SA license.
Tags: GraphicsMagick, ImageMagick, VCard, Android, LinageOS.
Listen in ogg, spx, or mp3 format.
Comments (0)
I have had problems importing vcards onto my Android phone. After a lot of troubleshooting, I tracked it down to embedded images in the card. The PHOTO;VALUE field to be precise.
Some images worked and some didn't, and looking at the properties some that worked were larger than others that didn't. In the end I tracked down a post on stackoverflow that hinted that the aspect ratio was important. And sure enough it was.
starting with jelly bean (4.1), android now supports contact images that are 720x720.
Stack exchange
before, starting with ICS (4.0), android has supported contact images that are 256x256.
and before that, contact photos had just a size of a thumbnail - 96x96.
I tried a 720x720 on a few phones but decided to settle on 256x256 for now.
To do image manipulation, I tend to use the GraphicsMagick tools instead of the more popular ImageMagick suite. You should be able to achieve the same result in either.
My requirements were:
To use an example I took the following image and saved it as Linus_Torvalds.jpg
By Krd (photo)Von Sprat (crop/extraction) - File:LinuxCon Europe Linus Torvalds 03.jpg, CC BY-SA 4.0, Link
Step one is to use the -size 256x256 option which you would think would do the scaling, but in fact it only reduces the file to 366x509 which is not what I expected.
$ gm convert -size 256x256 "Linus_Torvalds.jpg" Linus_Torvalds_1.jpg
$ gm identify Linus_Torvalds_1.jpg
Linus_Torvalds_1.jpg JPEG 366x509+0+0 DirectClass 8-bit 56.1Ki 0.000u 0m:0.000002
However it appears that the option is used when creating new files, and is also used by the processor to determine the intended target size. Which is why I left it in. So what we actually need is the -resize option.
$ gm convert -size 256x256 "Linus_Torvalds.jpg" -resize 256x256 Linus_Torvalds_2.jpg $ gm identify Linus_Torvalds_2.jpg Linus_Torvalds_2.jpg JPEG 184x256+0+0 DirectClass 8-bit 47.7Ki 0.000u 0m:0.000001s
So this has done a good job at scaling the image down. It's now scaled correctly so that the biggest edge is scaled down to 256. In this case it was the height but the width is now shorter than what we need. We do want to maintain the aspect ratio so that we don't distort the image but 184x256 is not 1:1 aspect ratio nor is it the needed dimensions of 256x256.
The solution to this is to use the -extent command.
$ gm convert -size 256x256 "Linus_Torvalds.jpg" -resize 256x256 -extent 256x256 Linus_Torvalds_3.jpg
$ gm identify Linus_Torvalds_3.jpg
Linus_Torvalds_3.jpg JPEG 256x256+0+0 DirectClass 8-bit 48.0Ki 0.000u 0m:0.000001s
This gives us the correct size and a 1:1 aspect ratio, but the image is left justified. To fix this we need to use the -gravity command. That needs to be the first argument of the command. Finding the correct order of the commands took some trial and error.
$ gm convert -gravity center -size 256x256 "Linus_Torvalds.jpg" -resize 256x256 -extent 256x256 Linus_Torvalds_4.jpg
$ gm identify Linus_Torvalds_4.jpg
Linus_Torvalds_4.jpg JPEG 256x256+0+0 DirectClass 8-bit 48.5Ki 0.000u 0m:0.000001s
Finally we remove all profile information using +profile which should make the image more generic.
$ gm convert -gravity center -size 256x256 "Linus_Torvalds.jpg" -resize 256x256 -extent 256x256 +profile "*" Linus_Torvalds_5.jpg
$ gm identify Linus_Torvalds_5.jpg
Linus_Torvalds_5.jpg JPEG 256x256+0+0 DirectClass 8-bit 5.7Ki 0.000u 0m:0.000001sPutting it all together we get.
gm convert -gravity center -size 256x256 "big-image.jpg" -resize 256x256 -extent 256x256 +profile "*" "256x256_image.jpg"
You should now be able to add these images to vcards without any problem.
Here is a one liner to create 96x96 256x256 and 720x720 thumbnails of all the jpg images in a directory.
for image in *jpg;do for size in 96x96 256x256 720x720; do gm convert -gravity center -size ${size} "${image}" -resize ${size} -extent ${size} +profile "*" "thumbnail-${size}-${image}";done;doneAlso available here
Hosted by Dave Morriss on 2019-01-17 is flagged as Explicit and released under a CC-BY-SA license.
Tags: Bash,array,indexed array,associative array,parameter expansion.
Listen in ogg, spx, or mp3 format.
Series: Bash Scripting | Comments (0)
This is the third of a small group of shows on the subject of arrays in Bash. It is also the eighteenth show in the Bash Tips sub-series.
In the last show we looked at ways of accessing elements with negative indices and how to concatenate arrays. We then launched into parameter expansion in the context of arrays.
There are a few more parameter expansion operations to look at in this episode, then in the next episode we will look in more depth at the declare built in command and at some of the commands that assist with loading data into arrays.
I have provided detailed notes as usual for this episode, and these can be viewed here.
In some stories, the narrator or dominating character can’t be trusted by the audience, creating opportunities for various storytelling effects. What makes for an unreliable narrator? What are some of the strengths and weaknesses of this technique? How can the underlying structure of a tale be similar to an unreliable narrator, even if the story doesn’t actually have one? Lostnbronx takes a rambling, off-the-cuff look at this interesting literary tool
Hello and welcome to Hacker Public Radio, I’m Edward Miro and for this episode I decided to record an episode on the importance of good passwords. This will be part one in a series of podcasts I’m going to call “Information Security for Everyone”. As with most of the content I create in the world of infosec, my goal is to present the information in a way that a majority of people can get value from it and anyone can play this for a friend, colleague or family member and make it easy for the non-hackers in our lives to understand.
One of the first things most people think about when it comes to online safety is their password. We all know that passwords are to our online accounts what keys are for our locks. Would you use the same key for your house, your car, your office and your safety deposit box? Of course not. And if you did, what would happen if a bad guy could get a copy of just that one key? They’d have access to everything. With so much of our personal, confidential, financial and medical information accessible from our various online accounts, what can we do to make things as safe as possible?
For me personally I employ and advise a three faceted approach:
Clearly the solution is to use a unique password for each account and make them complicated enough that an attacker couldn’t guess it or crack it in an amount of time that would be actionable. One problem this presents to general users is the inconvenience and difficulty in remembering these passwords or storing them in a secure way. This leads into my first bit of advice:
My recommendation is to use a password manager. I’m going to make references to managers such as LastPass because that’s the one I’ve always used, but I’m not saying it’s the best or would be the best for you. There are many great options and I would rather people use the one that works the best for them and not merely the one I like best. Anyways. Applications like LastPass give you the ability to store all passwords in your encrypted “vault” and then request them through browser add-ons or standalone applications. They also have built in features that allow you to generate secure passwords at any length or complexity.
When using a password manager, all you have to remember is your ONE master password. When you sign in, the manager can then decrypt all your saved passwords and let you use them. When I sign up for a website, I use LastPass to generate the longest and most complex password supported by the site and it gets stored in my vault safely for later use.
There are various options online to choose from and I suggest you do some research and try a few different ones to see what is comfortable for you. One thing to consider when using a password manager is that the master password is your single point of failure and should be a long and complex password that you don’t use ANYWHERE else.
If you’re wondering how to come up with a secure password that you can remember there are various strategies online, but I follow this:
Take a poem, song lyrics or phrase that is easy for you to remember. For this example I’ll use the phrase:
"The stars at night are big and bright. Deep in the heart of Texas."Then I take the first letters from each word and that gives me:
TsanababdithoT.Then I swap out the vowels for some numbers/special characters. And that gives me:
T5@n@b@bd1th0TI checked that password on Dashlane’s Password Strength Checker, and got the following results:
It would take a computer about 204 million years to crack your passwordAnd that’s just an example of a very secure password that I thought up in just a few seconds that I probably won’t ever be able to forget it.
Another very important recommendation I want to touch on in this episode is using two-step authentication. I use it for all accounts that offer it and it’s very easy to set-up and use. It works in tandem with an application on my mobile device called Google Authenticator(though there are others and like LastPass this is just the one I use) and it’s available for Android and iOS. After you install the app, you access the security settings for the account you want to protect and register it with your device.
What it does is provide a “second” password when logging it that is only used one time. When you log in, the site will prompt for the two-step authentication code, you then open the Google Authenticator app and the code for the session will be listed. The codes are only available for a short time and are constantly changing. This makes someone gaining unauthorized access to your account VERY difficult.
Some information security professionals see a password manager as insecure due to it being a single point of failure. I can understand this and would respond that although this might be true, having a complex master password and using the manager in conjunction with two-step authentication makes it a pretty safe and solid system. And even if there is a breach, none of my passwords are the same and changing them is incredibly fast and easy with a manager.
Also, I usually don’t recommend keeping hard copies of passwords, but if you can guarantee the physical security of your password list, this in my opinion is preferable to using the same, insecure password for all your accounts.
Please remember, if you’re like most people on the internet and you use an easy to crack password or the same password on all your sites, all it takes is one compromised account to give bad guys access to everything.
I’m also including a list of links in the bottom of the show notes to everything I mentioned and also a link to the site Have I Been Pwned. This is a service that collects accounts that have been involved in hacks and lets anyone search for their email address and see if their information is already compromised. If it is, do this NOW:
I know this will take a long time. But it’s worth it. Then, you only have to remember one master password and you will be exponentially safer online.
I also linked SplashData’s “The Top 100 Worst Passwords of 2018”. PLEASE don’t use anything on this list.
Well, thank you for taking the time to listen to my basic introduction to passwords. I hope this will help any non-hackers in your life and like I say in all my podcasts, I don’t claim to know all there is to know and love feedback and any opportunities to learn more or collaborate with others in the field. As with most of the research and articles I’ve written in the past, these are geared toward standard users in a business setting and are meant to be a jumping off point for further research and to be a foundation for cyber security 101 level training classes. If you like what I do, and want to have me come speak to your team, or just wanna chat, feel free to email me.
Thank you and have a safe 2019!
https://docs.google.com/document/d/1E1xAwWpq-C4vEh8LCRw7MD7jnaclX9Faf2L3dZWiqQY
In response to JWP's episode 2697 and ClaudioM's comment, this show covers the shutdown command as it appeared in Sun Solaris and OpenSolaris, and currently appears in both Oracle Solaris and OpenIndiana.
The quick version:
shutdown-i sets the destination init state (5 to shutdown, 6 to reboot, and so on; see man init for more)-y to answer "yes" to the safeguard prompt asking you whether you really want to shutdown-g to set how many seconds until shutdown. Default is 60.
In practise, I don't even use the shutdown command. I use poweroff, which does a shutdown and poweroff.
Both shutdown and poweroff require root permission. On OpenIndiana, you can either use sudo bash or pfexec bash to get a root prompt.
Some links:
Sun Microsystem docs (with Oracle branding on it)
Hosted by Dave Morriss on 2019-01-10 is flagged as Explicit and released under a CC-BY-SA license.
Tags: 3D printing,DIN rail,Raspberry Pi.
Listen in ogg, spx, or mp3 format.
Comments (0)
A DIN Rail is a metal rail for mounting pieces of electrical equipment inside an equipment rack, for performing tasks in a building, in a machine, and so forth. It’s common to see DIN rails holding circuit breakers for example.
See the Wikipedia article on the subject for full details.
A number of people in the Maker Community have made use of these rails, and there are a number of freely available designs for stands that can be 3D printed on which you can mount these rails. There are also designs for mounts onto which devices like Raspberry Pis and disks can be fitted and attached to a rail.
This show will recount my experiences with creating a compact mounting system for one of my Raspberry Pi systems. I had the help of my son and his girlfriend in 3D printing the parts for this project.
I have provided detailed notes and pictures for this episode, and these can be viewed here.
Wikipedia article DIN Rail
Original idea I had with my toy game project was to have Yesod render most of the user interface as static HTML and have as little client side scripting as possible. Later I realized that there would be parts with significant amount of client side code and it might be better if whole site was written in Elm.
Couple goals I had in my mind when I started this:
Backend is written in Haskell and front end in Elm. Communication between them is via REST interface and most of the data is in JSON. All JSON encoding / decoding is centralized (more or less), same with initiating requests to server.
End points used for REST calls are defined in single data type that captures their name and parameters. These are used when initiating requests, meaning there’s smaller chance of typo slipping through.
type Endpoint
= ApiStarDate
| ApiResources
| ApiStarSystem
| ApiStar
| ApiPlanet
| ApiPopulation PlanetId
| ApiBuilding PlanetId
| ApiConstructionQueue PlanetId
| ApiConstruction Construction
| ApiBuildingConstruction
| ApiAvailableBuildingsFor example, sending a GET request to retrieve all construction projects on a planet is done as:
Http.send (ApiMsgCompleted << ConstructionsReceived) (get (ApiConstructionQueue planetId) (list constructionDecoder))GET Request is sent to ApiConstructionQueue endpoint and it has planetId as parameter. When server sends response, our program will parse content of it will be a list that is parsed with constructionDecoder and create “ApiMsgCompleted ConstructionsReceived” message with result of the parsing. Update function will process this and store list of constructions somewhere safe for further use.
Update function is in charge of reacting to messages (mouse clicks, page changes, responses from server). In a large program update function will quickly get big and unwieldy. Breaking it into smaller pieces (per page for example), will make maintenance easier. This way each page has their own message type and own update function to handle it. In addition there’s few extra ones (cleaning error display, processing API messages and reacting to page changes).
Same way as API end points are encoded in a type, pages are too:
type Route
= HomeR
| ProfileR
| StarSystemsR
| StarSystemR StarSystemId
| PlanetR StarSystemId PlanetId
| BasesR
| FleetR
| DesignerR
| ConstructionR
| MessagesR
| AdminR
| LogoutR
| ResearchRrouteToString function is used to map Route into String, that can be placed in hyperlink. Below is an excerp:
routeToString : Route -> String
routeToString route =
case route of
HomeR ->
"/home"
StarSystemR (StarSystemId sId) ->
"/starsystem/" ++ String.fromInt sId
PlanetR (StarSystemId sId) (PlanetId pId) ->
"/starsystem/" ++ String.fromInt sId ++ "/" ++ String.fromInt pIdBecause mapping needs to be bi-directional (Route used to define content of a href and string from a href used to define Route), there’s mapping to other direction too:
routes : Parser (Route -> a) a
routes =
oneOf
[ map HomeR top
, map ProfileR (s "profile")
, map ResearchR (s "research")
, map StarSystemsR (s "starsystem")
, map StarSystemR (s "starsystem" </> starSystemId)
, map PlanetR (s "starsystem" </> starSystemId </> planetId)
, map BasesR (s "base")
, map FleetR (s "fleet")
, map DesignerR (s "designer")
, map ConstructionR (s "construction")
, map MessagesR (s "message")
, map AdminR (s "admin")
, map LogoutR (s "logout")
]Result of parsing is Maybe Route, meaning that failure will return Nothing. Detecting and handling this is responsibility of the calling code, usually I just default to HomeR.
Borrowing from Yesod, client uses recursive function to define breadcrumb path. This is hierarchical view of current location in the application, allowing user to quickly navigate backwards where they came.
Breadcrumb path consists of segments that are tuple of (String, Maybe Route). String tells text to display and Route is possible parent route of the segment. This allows hierarchical definition: “Home / Star systems / Sol / Earth”. Because route has only (for example) PlanetId, we need to pass Model too, so that the data retrieved from server can be used to figure out what name such a planet has.
{-| Build complete breadcrumb path and wrap it in enclosing HTML
-}
breadcrumbPath : Model -> Html Msg
{-| Recursively build list of breadcrumbs from segments
Last one is plain text, while parents of it are links
-}
breadcrumb : Model -> Bool -> Route -> List (Html Msg)
{-| Get segment of given route in form of ( String, Maybe Route )
String denotes text describing the segment, Maybe Route is possible parent
-}
segment : Model -> Route -> ( String, Maybe Route )
Hosted by JWP on 2019-01-08 is flagged as Explicit and released under a CC-BY-SA license.
Tags: Raid6.
Listen in ogg, spx, or mp3 format.
Comments (0)
Raid 6 is a take of raid 5 but with support for 2 drive protection.
Hosted by HPR Volunteers on 2019-01-07 is flagged as Explicit and released under a CC-BY-SA license.
Tags: Community News.
Listen in ogg, spx, or mp3 format.
Series: HPR Community News | Comments (2)
Welcome to our new host:
Edward Miro / c1ph0r.
These are comments which have been made during the past month, either to shows
released during the month or to past shows.
There are 34 comments in total.
There are 15 comments on 11 previous shows:
There are 19 comments on 10 of this month's shows:
Policy decisions surrounding HPR are taken by the community as a whole. This discussion takes place on the Mail List which is open to all HPR listeners and contributors. The discussions are open and available on the HPR server under Mailman.
The threaded discussions this month can be found here:
http://hackerpublicradio.org/pipermail/hpr_hackerpublicradio.org/2018-December/thread.htmlAaressaar, Ahuka, Al, Archer72, b-yeezi, bjb, bookewyrmm, Brian in Ohio, clacke, Claudio Miranda, Clinton Roy, Dave Morriss, David Whitman, desearcher, dodddummy, Edward Miro / c1ph0r, finux, folky, Honkeymagoo, HPR Volunteers, HPR_AudioBookClub, Jeroen Baten, Joey Hess, Jon Kulp, JWP, Ken Fallon, klaatu, knightwise, lostnbronx, m1rr0r5h4d35, MPardo, MrX, NYbill, operat0r, Philip, Quvmoh, Shane Shennan, sigflup, Steve Saner, swift110, Thaj Sara, The Alien Brothers Podcast (ABP), the_remora, TheDUDE, thelovebug, ToeJet, Tony Hughes AKA TonyH1212, tuturto, Various Creative Commons Works, Various Hosts, Xoke, Xtrato, Yannick the french guy from Switzerland.
Get a full list of all our shows.