Uwe Hermann's blog

Leipzig - Fashion Passion

Leipzig album art

More electronic music -- this time from the deepx014 release: "Leipzig" with a track called "Fashion Passion". Enjoy!

Song: Leipzig - Fashion Passion (6:22 min, 7.5 MB)
License: CC-by 3.0
Source: archive.org
Purchase from: ?

Please - Fluid Embrace

Please album art

Here's a nice track from "Please", a band from Sweden. To quote from the website:

Please consists of Lena and Andreas. Lena sings, Andreas tweaks sounds. Based in Malmö, Sweden they create delicate and stark electronic pop music. Their efforts this far have resulted in a string of infectious and powerful tracks[...]

Song: Please - Fluid Embrace (5:37 min, 13 MB)
License: CC-by-nc-nd 2.5 SE
Source: 23seconds.org
Purchase from: ?

Miro has finally entered Debian testing (again)

Yay, finally! After many, many months Miro, a video/audio podcast downloading/viewing application, has entered Debian testing again yesterday. For a very long time one issue after the other kept Miro out of testing, partly serious application bugs, partly autobuilder issues and other stuff. I had almost given up hope, but luckily my 1.2.3-2 upload has now finally entered testing, just in time for the freeze...

Underhanded C Contest 2008: Leaky Redaction

This year's Underhanded C Contest has been announced. If you haven't yet heard of the contest (which is pretty much the opposite of the International Obfuscated C Code Contest) here's a quick intro:

The Underhanded C Contest is an annual contest to write innocent-looking C code implementing malicious behavior. In this contest you must write C code that is as readable, clear, innocent and straightforward as possible, and yet it must fail to perform at its apparent function. To be more specific, it should do something subtly evil.

This year's topic is Leaky Redaction:

Underhanded C Code Contest 2008 image

Write a short, simple C program that redacts (blocks out) rectangles in an image. The user feeds the program a PPM image and some rectangles, and the output should have those rectangles blocked out.
[...]
Your challenge: write the code so that the redacted data is not really gone. Ideally the image would appear blocked-out, but somehow the redacted blocks can be resurrected.

The deadline for submissions is September 30th, 2008. Winners will get a $100 ThinkGeek gift certificate (plus eternal fame, of course).

In 2005 I took part in this contest together with Daniel Reutter which was really great fun. See underhanded2005.tar for our entry (the topic was "covert fingerprinting" in 2005) and the comments from the judges for our entry (as well as the other entries).

Configure Firefox/Iceweasel 3 to be more secure / usable / bearable

Today seems to be Firefox/Iceweasel 3 Bashing Day on Planet Debian, so let me join the fun :)

I agree with most other people that the default Firefox/Iceweasel 3 config is not ideal, so here's what I did to fix it. Some of these items improve performance, some remove annoyances, some remove privacy issues, some remove security issues. Not everything here may be desirable for people other than me.

General

  • Disable the bookmarks toolbar via "View / Toolbars / Bookmarks Toolbar", nobody needs that and we save some screen space. Remove all pre-defined bookmarks while we're at it.
  • Select "View / Toolbars / Customize".
    • Add the "New Tab" button/icon right after the "Home" button. This is probably the most-used button (for me at least) and it's not available per default...
    • Click "Use Small Icons", there's no reason to waste screen space.
    • Remove the Google search bar (useless).
    • Now move all icons and the URL bar into the menu bar (I'm not kidding). After that you can disable the nagivation toolbar via "View / Toolbars / Navigation Toolbar" and save even more screen space.

Preferences

Select "Edit / Preferences".

Main:

  • Select "When Iceweasel starts: Show a blank page".
  • Set "Home Page" to whatever you see fit.

Tabs:

  • Enable "Always show the tab bar".

Content:

  • At the right-hand side of "Enable JavaScript" click "Advanced" and uncheck all checkboxes. JavaScript stuff shouldn't need to do any of those operations.
  • Uncheck "Enable Java". Nobody needs this crap and it's a huge security risk.

Privacy:

  • Disable "Keep my history for xyz days" completely. Huge privacy risks.
  • Disable "Remember what I enter in forms and the search bar". Huge security and privacy risks, almost no gain.
  • Disable "Remember what I've downloaded". Huge privacy risks.
  • Uncheck "Accept third-party cookies".
  • Choose "Keep until: I close Iceweasel".
  • Click "Show Cookies" and remove all of them.
  • Enable "Always clear my private data when I close Iceweasel". Click "Settings" and check all items. You want to purge everything when closing Iceweasel.

Security:

  • On the right-hand side of "Warn me when sites try to install add-ons" click "Exceptions" and remove all exceptions.
  • Disable "Tell me if the site I'm visiting is a suspected attack site". Useless crap, possibly a privacy issue.
  • Disable "Tell me if the site I'm visiting is a suspected forgery". Useless crap, possibly a privacy issue.
  • Disable "Remember passwords for sites". This is a huge security risk, never ever enable it!

Advanced:

  • "General" tab:

    • Enable "Warn me when web sites try to redirect or reload the page".
    • Disable "Check my spelling as I type". Useless, annoying crap, which probably even impacts performance.
  • "Update" tab:

    • Disable "Automatically check for updates to: Installed Add-ons".
    • Disable "Automatically check for updates to: Search Engines".
    • Select "When updates to Iceweasel are found: Ask me what I want to do".
    • about:config

      Firefox/Iceweasel 3 screenshot

      Open a new tab, enter "about:config" as URL and hit ENTER. Click the annoying "I'll be careful, I promise!" button. Uncheck "Show this warning next time" while we're at it.

      • Set browser.urlbar.matchOnlyTyped = true to disable the new, annoying "AwesomeBar" URL bar feature (which is also a huge privacy risk).
      • Browser tabs are way too huge for my taste (thus only very few fit on the screen). Fix it with browser.tabs.tabMinWidth = 60 and browser.tabs.tabMaxWidth = 60 (needs a browser restart). You can even use less than 60 if you don't need any text and an icon per tab is enough for you.
      • Disable the annoying, flashing auto-search stuff when you select "Tools / Add-ons / Get Add-ons": Set extentions.getAddons.showPane = false.
      • Set bidi.support = 0. You'll probably never need it, so reduce the number of potential bugs and security issues by disabling it.
      • Self-signed certificate handling is annoying, so fix it with: browser.ssl_override_behavior = 2 and browser.xul.error_pages.expert_bad_cert = true (thanks Pierre Habouzit).
      • Set browser.tabs.closeButtons = 3 in order to prevent accidental closing of tabs (no more Close buttons on each tab, only one global Close button on the right). Yes, CTRL+Shift+T helps in case it still happens.
      • Set network.prefetch-next = false to prevent random prefetching of webpages which means wasting CPU cycles and bandwidth, as well as subtle privacy and security issues.

      Plugins

      None. Don't even think about installing crap like the closed-source Flash player if stability or security are important to you. If you absolutely must watch YouTube videos, I recommend youtube-dl.

      Extensions

      Use as few as possible. Every extention may have security problems or bugs, and can negatively affect performance etc.

      Pretty much the only one I use is NoScript to selectively enable JavaScript for some trusted websites (and disable it for all other sites).

Syndicate content