Tips Archives • Page 40 of 64 • Linux Tips

Bonus Article: KGIII Rants A Little About Security

The below ‘article’ is a rant about security – except it was written while really, really intoxicated. It’s not very good. I can’t even clean it up to make it good – but it does have some good bits scattered throughout and I’m just going to publish this as a ‘BONUS ARTICLE‘.

Note: I may someday break this article down into bits and pieces, which is the only way I can think of to make it worth reading. At this point, I just don’t want the time to be wasted, so it might as well get published.

After trying to edit it, again while inebriated, I am not sure I can turn this into an article… I’m a bit inebriated. It’s perfectly legal here. I think I can… It’ll need to be pretty simple.

Let’s talk some basics about security!

You know what I get a kick out of? I get a kick out of seeing the people who move to Linux for “privacy reasons”, only to see them log back in to social media/forums to show that they have now moved to Linux.

They’ll login to accounts where they left plenty of personal information.

I’m not sure who they think they’re hiding from, but it’s not good privacy and they’re hiding from nobody important.

Real privacy is difficult, possibly next to impossible.

Seriously… Even the vaunted Tor is generally only as safe as you are smart, and then only on .onion domains. Once you hit the regular web, you’re probably not safe from a nation-state. Here are some theoretical attacks against Tor.

Realistically? How much privacy do you need or want? As you can guess, it’s a spectrum and and there are extremes on either end. There are also the law of diminishing returns on either end of the spectrum.

By the way, privacy is not security. Privacy is just one aspect of security.

So then, what is security?

Let’s start with the basics. For at least ‘good’ physical security, it should be ‘who you are’, ‘something you have’, and ‘something you know’.

For example, the security guard should check your ID to ensure who you are. The ID is something you have. The something you know is a password, a PIN, or a passphrase. That’s the least amount of security you can physically have to be any good.

Then, there are things you can do to improve it, for example. You can make it a rotating passphrase, make the guards work in pairs, require confirmation from someone proven to be in the building at the time, etc… You can do a layered approach where they may need all three of those things to enter yet another section and incorporate a man-trap between them.

Of course, on the other end of the spectrum is anyone and anything gets in and out. We tend to call those public spaces, when anyone can get in and out. As a general rule, you lose some rights to be in the public spaces – among those rights would be some degree of privacy (which will vary per jurisdiction). That’s pretty damned insecure. As far as security (and privacy goes) that’s the opposite.

So, again, there’s this giant spectrum of security. Where you want to be on that line is up to you. I find it’s a judgement call. We’re even willing to give up some privacy to be recognizable on a forum. Some of that lack of privacy is what keeps the forum secure and running smoothly. We give that privacy up because we get something in exchange.

At the same time, we might not want Google knowing everything we’re up to. We may be some dissident trying to reach a journalist to expose human rights violations and be under legitimate threat of death – or worse than death. We all make judgement calls about how much of our information we’re going to share.

And, really, unless you’re at the extremes, life is pretty good. It’s pretty easy to retain a little bit of privacy while participating in an online community. It’s less easy to do so with a typical Facebook account. where you are in some way connected to a more physical you.

Me? Oh, come on… I’ve long-since eaten the Google kool-aid. The ads here are from Google. I use their Analytics to better optimize the site, and all that – and more. Hell, I use Google Chrome and I’m logged in as the same user that does all those other things. I don’t use Gmail very often, so there’s that. I only use one of their accounts and that’s just to service my phone. But, that too is tied to all things Google.

The thing is, I know this. I know the privacy I give away. I made an informed decision to cede that privacy for those benefits. For me, the risks outweigh the benefits and I have a level of trust for Google.

That’s the right choice – for me. Y’all make your own choices. If you don’t know how to block Analytics (or ads), just go ahead and ask. Just because I use those things doesn’t mean you need to. You’re perfectly free to block anything you want. You’ll still show up and be counted in the raw server logs. I’ll still be able to see what you did on the site. (Don’t worry, I don’t much care – unless you’re harming the site. The site’s security automatically blocks hundreds of requests per day.) But, yeah, I could see your IP address.

Oh, man… Oh no!!! Your IP address?!?

And the things people think about their IP address, as though it’s some great secret. If you really care, use a VPN – but learn what a VPN actually is before buying into the hype. They tout it as some great security (and it actually can be, but not how you’re using it) but it’s not really. Especially if you’re logging into sites like the video site you’re unlocking!

By the way, it’s ‘security’ when you connect to a VPN ’cause a web access point is locked down so that it only takes inputs from one IP address. That’s not how you’re gonna be using your VPN. (Well, you might, if you keep reading these articles.)

No, your IP address isn’t important. There’s no l337 hacker out there that’s just waiting to learn your IP address before he dusts the Cheetos off his shirt and gets to work hacking you. It’s just bots scanning bots at this point and you’re behind a NAT anyhow. Keep your stuff secure, mostly by keeping it off the public internet.

Ah, yes… The MAC address people…

No, you don’t need to change your MAC. The only reason you’d want to do so would be for something local. It’s not hiding you from Google, ’cause it’s only seen at the very first hop in network traffic. Once the packet is beyond that point, it uses its own MAC address. While changing your MAC address is a useful skill (for local “Spoofing” purposes), it’s not gonna make you appear any different to the rest of the web.

Lemme see…

More security stuff to spew out onto the page?

I’ve been known to say, “Security is a process, not an application.” I’m probably not the first to express it similarly, but it doesn’t make it any less true. It is indeed a process. It starts best with a good plan and deciding where on the spectrum you’d like to be. Be sure to compare that with where on the spectrum you need to be to accomplish your computational goals. Somewhere in the middle is probably gonna be the sweet spot for you.

The thing is, you have to know where you can be on the spectrum involved. You have to know what the extremes are. You have to be aware of what techniques are available and what they really do. You need to be aware of what threats there are and what goals you want to accomplish. ‘Cause the only completely secure computer is one that doesn’t work and you might want to be extra sure by burying it in 25 feet of concrete.

Want some privacy? How about blocking third party cookies and scripting. How about you take a look at browser fingerprinting and deciding where you want to be on that spectrum? In pretty much every OS you can block DNS requests by using your hosts file. There are even curated lists that you can download and use.

Alright, I wrote this while impaired. I’ll eventually schedule it or delete it. I’ll probably proofread it, maybe trying to make it salvageable, and the likes.

Meh… After reading this sober, I’m just gonna submit it as a bonus article. It’s not very good. I just barely proofread it and it wasn’t nearly as good as it seemed while drunk!

Thanks for reading! If you want to help, or if the site has helped you, you can donate, register to help, write an article, or buy inexpensive hosting to start your own site. If you scroll down, you can sign up for the newsletter, vote for the article, and comment.

Check Disk Speed In The Terminal

In today’s article, we’re going to learn how to check the disk speed in the terminal. When I say ‘disk’ I also mean drives, like SSDs. I could use ‘storage drive’, or perhaps just ‘drive’, but the word ‘disk’ is what I’m going with. So, if you have any questions about other devices – the answer is that it should work just fine if you want to speed test them.

I should point out that we’ll only be checking disk read speeds. We won’t do any write tests today. We’re just going to see how fast we can read data from the disks we have installed.

There’s a number of ways to check the speed of your disks. You can do so with tools like Gnome Disks or HardInfo, for example. If you’d rather, you can do a full-blown benchmark of your Linux system with GeekBench. This article will explain how to check disk speed in the terminal, because why not? The GUI tools may provide more data, but you don’t always need more data.

The tool we’ll be using for this ‘hdparm’ and it’s available for any major distro out there. In fact, it may be installed by default. So, if you want to get a head start, check to see if you have it installed. If not, go ahead and install it – just like you’d install any other software.

Anyhow, the tool describes itself as:

hdparm – get/set hard disk parameters

Which sums it up nicely. If you check the man page with man hdparm, you’ll see it’s actually pretty complicated. Fortunately, we’ll just be using it to check the disk speed. It can be used to do all sorts of stuff, as you can see from the man page. Perhaps we’ll cover some of that in a future article?

Anyhow, there’s not a whole lot that goes into this. So, let’s jump right in.

Check The Disk Speed In The Terminal:

This article requires an open terminal, like many other articles on this site. If you don’t know how to open the terminal, you can do so with your keyboard – just press CTRL + ALT + T and your default terminal should open.

With the terminal open, you should first identify the disk you’re looking to test. You can list all your attached drives with:

lsblk

lsblk

Once you identify the drive you’re looking to check, you’ll almost certainly want to add a /dev/ in front of it – because that’s really where it’s mounted. So, if the disk you want to check is sda1, you’d use /dev/sda1. Even if it says something like /media/<user>/<drive_name>, you’ll still be using /dev/<disk>.

Now, to check the disk speed, you’ll use the following:

sudo hdparm -tT /dev/<disk>

1	sudo hdparm -tT /dev/<disk>

That gives you a good example result, including things like buffer and cache. If you want, you can actually check the direct disk speed as well. That just requires the --direct flag. It looks like this:

sudo hdparm -tT --direct /dev/<disk>

1	sudo hdparm -tT --direct /dev/<disk>

That’ll give you some results as though you were reading directly from the disk without a buffer involved. It’s an option to check, should you want to. But, you can get a good look at what your disk reads are going to be.

Closure:

That’s actually all there is to it. ‘Snot very difficult. Sure, hdparm is this big complicated application – but you can still use it to check the disk speed in the terminal. You don’t actually have to master all the options of these complicated applications in order to use them. You can still use them, learning more and more options as you use their features as needed.

Find Out Which Display-Manager You’re Using

In today’s article, we’re going to help you find out which display-manager you’re using. Your display-manager is an easy thing to change, but you should probably know which display-manager you’re using before you go about trying to change it. Either way, this article isn’t about changing your display-manager, it’s about finding out which one you’re using.

Sure, you could use a search engine and find out what the default display-manger is for your distro of choice, but where’s the fun in that? There are a few ways, some distro-specific, to find out which display-manager you’re using.

So, what is this ‘display-manager’? Well, a display-manager is often called a ‘login-manager’, and that’s actually a better name for it. It’s the (usually graphical) bit that shows up at the end of your boot process. It’s where you type in your username and password, and can sometimes make some other choices like keyboard layout.

The display-manager is a bit more than that, behind the scenes. It does things like manage authentication and manage user sessions. You can do all these things from the terminal, but your display-manager will let you do that graphically while not having to worry about anything deeper than that.

I guess it’s worth knowing which display-manager you’re using. After all, you might not want to change it, you might be having some issues with it and need to know which one you’re using so that you can start digging into solutions. I’m sure there are all sorts of reasons why you’d want to know this information. So, without further ado…

Find Out Which Display-Manager You’re Using:

Like many other articles on this site, this one requires an open terminal. If you don’t know how to open the terminal, you can do so with your keyboard – just press CTRL + ALT + T and your default terminal should open.

Once you have your terminal open, you can try one of the following (because this data is stored in different places on different distros):

Debian/Ubuntu/etc:

cat /etc/X11/default-display-manager

1	cat /etc/X11/default-display-manager

SEL/OpenSUSE/etc:

cat /etc/sysconfig/displaymanager

1	cat /etc/sysconfig/displaymanager

RHEL/Fedora/etc:

cat /etc/sysconfig/desktop

1	cat /etc/sysconfig/desktop

Those are drawn from my old notes and probably still work today (I haven’t rechecked them all), but chances are good that you’re using a distro with systemd and, as such, it’s a simple (and universal) command to find out which display manager you’re using. The following command will give you the name and a bunch of other information about your display-manager:

systemctl status display-manager

1	systemctl status display-manager

The outcome of that should look similar to this, where the answer is in the first line of the output:

which display-manager are you using — See? I even gave you a handy arrow. In this case, it’s lightdm.

That command will work on pretty much any modern distribution, so long as it uses systemd – as most of them do. If you’re using another distro, the commands above should help you find out which display-manager you’re using.

Closure:

Yup… Another article. I’m well past the year mark and still haven’t decided to skip a day. I don’t have a bunch of articles in the queue currently, so it’s a bit more taxing but not too bad. Either way, now you now how to determine which display-manager you’re using.

Install The Full Version of Vim In Ubuntu

Today, we’re going to show you how to install the full version of Vim in Ubuntu. Along the way, you may learn a few other things, but the process is simple enough. Even a new user can follow this article – I’d assume. I mean, I could follow it. I think…

Though, I’m not sure that a new user would opt for learning Vim. Either way, some of us will learn something from this article, even if it’s just me learning something from writing it. After all, if I read the headline aloud to you, our conversation might realistically start with this:

“But, KGIII, Ubuntu already comes with Vim installed!” You might say. “You don’t need to install it. D’uh!”

To which I’d respond, “You’d think so, and it appears to, but it actually only comes with a limited version of Vim. Watch, I’ll show you! Then we’ll install the full version of Vim.”

See? It's a small version of Vim. — Check the highlighted line. See? It’s just the small version of Vim. It’s not the full version.

NOTE: We won’t be worrying about a GUI version of Vim. Maybe we can cover that in another article, but you can probably figure that one out on your own.

Now, Vim stands for Vi Improved, with Vi being a really, really old text editor (circa 1976) and Vim is an improvement on it. You’ll see it written as ViM or VIM from time to time, but if you go by the description in the man page, it’s simply “Vim”. Because of that, I’ve decided to spell it that way.

Actually, now that you know the initially installed Vim is just the small version (hint: tiny version), you can probably figure out the rest on your own. I have faith in you, my dear readers. Yes, yes I do… Still, I’ll tell you how, otherwise it’d be a pretty silly article!

Install The Full Version of Vim:

You’re going to want an open terminal for this one. If you don’t know how to open the terminal, you can do so with your keyboard – just press CTRL + ALT + T and your default terminal should open.

With your terminal open, run the following command:

sudo apt remove vim-tiny

1	sudo apt remove vim-tiny

Next, we want to install a full version of Vim. To do that:

sudo apt install vim

1	sudo apt install vim

There are also some GUI versions of Vim that may be in your default repositories. You can opt to install those, but we’ll not be covering those in this article. This article is just about how to install the full version of Vim.

Hmm… Well, that’s really all there is to it. I suppose you could string the commands together, all nice and fancy like…

sudo apt remove vim-tiny -y && sudo apt install vim -y

1	sudo apt remove vim-tiny -y && sudo apt install vim -y

Yeah… So, really, that’s all there is to this. However, the important thing is that most folks don’t realize that it’s not the full version of Vim that has been installed by default. It’s just the tiny version, which is lacking in features. If you want, you can verify the currently installed version of Vim with this command:

vim --version

1	vim --version

Assuming you’ve installed the full version of Vim, the output will look similar to:

The output shows that this is the full version of Vim. — Again, check the highlighted line to see the difference. As you see, it’s the full version. Sweet!

Closure:

Well, there you have it. You now know that Ubuntu’s initially installed version of Vim is just the tiny version of Vim. You also now know how to install the full version of Vim in Ubuntu. If you’re a fan of Vim, or would like to start learning Vim, this is probably a good thing to know.

How To: Completely Remove Software In Ubuntu

Today’s article is going to show you how to completely remove software in Ubuntu. This will also work for other distros that use apt as their package manager. It’s a pretty handy tool to have in your toollbox, because we’ll not only be removing software, we’ll also be removing any config files associated with said software. It’s not all that difficult, and anyone should be able to understand this article.

When you ‘remove’ software, be it with the GUI or with the terminal, you’re actually only removing the software itself. You’re often leaving behind the config files (if there are any) and the ‘remove’ may leave dependencies still installed. The reasoning for leaving config files behind is presumably so that you can reinstall the software and have the same configurations you had earlier in time.

As you can guess, that’s not always a good thing… It may well be those configuration files that caused some sort of error in the first place. It may well be those config files that prompted you to remove the software in the first place. Erasing and starting anew might be your only realistic path forward, especially if reverting to backups did not work.

So… That’s why we have this article. This article is going to teach you how to completely remove software in Ubuntu. If you want, you can still try removing software and reinstalling (as a troubleshooting step), and this then becomes one of your later troubleshooting strategies. Read on, and you’ll see…

Completely Remove Software In Ubuntu:

When you remove software with the terminal, you probably do it like so:

sudo apt remove <application>

1	sudo apt remove <application>

That’s great. It removes the application and may even remove some of the dependencies it pulled in when you installed it. This is not necessarily a bad thing – but we want to completely remove software in Ubuntu, and this is how you do it.

As I said in the preamble, using the above command will likely leave your configuration files behind (if there are any) and some dependencies. With the ‘purge’ command, you’ll get rid of those configuration files. To do this, you’ll want to:

sudo apt purge <application>

1	sudo apt purge <application>

While that’s great and all, when you installed your application you may well have installed some other applications (dependencies), that is some applications that the software depended on. Those too may have config files related with them and to really ensure you’ve completely removed the software, you’ll want to do an autoremove.

If you’re unfamiliar with the autoremove function of apt, the man page has it summed up nicely:

autoremove is used to remove packages that were automatically installed to satisfy dependencies for other packages and are now no longer needed as dependencies changed or the package(s) needing them were removed in the meantime.

You don’t specify an application with the ‘autoremove’ command, you just run:

sudo apt autoremove

1	sudo apt autoremove

That should do it, actually. The last command should remove any dependencies that were installed and not removed automatically when you purged the software with the commands above.

Closure:

And there you have it! It’s another article! I still haven’t missed a day, and I’m well beyond my initial obligations. This time, the article tells you how to completely remove software in Ubuntu – and it’ll work in any distro that uses apt. It’s a pretty simple thing, but it’s worth knowing. Eventually, it’s bound to come in handy.