I moved!

Hi everyone,

this past weekend I started a new blog at http://www.niklas-meinzer.de.

I will post about the same topics as I did here and even moved some of my blogs over there.

So if you are interested please head over there and look around.

I will keep this blog online, since I get quite a lot of traffic and don’t want to dissapoint people looking for certain solutions…





Posted in Uncategorized | Leave a comment

Encrypted Dropbox Backups

Data backups are probably one of the most annoying topics in the world of computers. Yet they are a necessity if you want to minimize your risk of data loss. There is tons of commercial products that do the job and probably more strategies employed than people living on earth.
So I just want to describe my approach and if someone comes across this I am happy to hear about your opinion in the comments!

I generally divide of all the files on my computer in three tiers:

  • Completely reproducible: Everything that is reproducible with low or no effort. For example all the stuff that comes with a Linux distro, binaries, etc.
    This tier obviously needs no backup.
  • Large non-reproducible files: Music, Pictures, Movies, etc. Everything that I want to keep but it’s too large to just keep it in a Dropbox folder or something comparable.
  • Small non-reproducible files: Mostly documents like invoices, CVs, config files. These files are small and thus easier to handle in terms of backup.

So with two different tiers of files that need backups I also have two different strategies that I use:

External hard drive Backups

I have a little one liner shell script that just calls rsync with a couple of parameters and creates a copy of all the files in my home folder. The files in the exclude list file are skipped, for example the “Downloads” folder where I generally have large stuff that I don’t really need lying around. Have a look at the script here.

There are two Problems with this approach:
First: It’s not technically a backup, it’s just a copy. A “real” backup has to be incremental, such that I could go back to any snapshot I ever took. With a copy if you ever damage an original file and run a backup that file is lost. But I decided that it is good enough for me.
Second: It’s not off site. It does not protect my data from a fire or a very thorough thieve who steals both my computer and the external hard drive.

Encrypted Dropbox Backups

Dropbox is a service that I guess many people use for file backup and it’s great and easy to use, but unfortunately in the post-Snowden era we have to assume that everything that is on Dropbox is readable for at least the US-Government agencies. If you properly encrypt your data before you send it to Dropbox however you’re good to go.
That is if we assume that the employed encryption algorithm is unbroken. If you followed the Snowden revelations you might feel uneasy to trust any kind of encryption, but just as Bruce Schneier says: I trust the mathematics.

So I wrote a little script that collects all those smaller files I want to backup, packs them into a tar-gzip archive with a time stamp in the filename, passes this to gpg, which uses the CAST5 Algorithm to encrypt the tar file using a user supplied password.
Finally, the encrypted file is moved to the Dropbox directory and thus automatically uploaded to Dropbox. Have a look at the script here.

I don’t have s strict rule when I execute those script, I just do it sometimes when I think of it, which obviously is not optimal and I will try to find a doable way of doing it more regularly.

So that’s it, please let me know what you think about this in the comments or describe your approach.

Posted in Linux | Tagged , , , | Leave a comment

Replacing the Wifi card on a Lenovo Thinkpad T420

A journey has ended! I have finally replaced the wifi card on my Lenovo Thinkpad T420. This is my Story:

I bought this computer at the beginning of 2012 to replace my old Samsung R560, which was  three years old and still kicking, but it had a couple of those annoyances that laptops which are made for entertainment have: A glossy hull, useless extra media contol keys and the the inability to be opened with one hand. So I kept that machine as a secondary computer and purchased my T420 because I thought the Thinkpad T-Series are glamour free work horses. I also assumed the device would function under Linux without problems. And I was almost not let down: The T420 is performing like a beast, highly portable and has an insane battery lifetime even under Linux. The only problem was that the wifi seemed to have some problems.

I had random connection failures where no data would come trough even though the connection was still displayed as active, sometimes it wouldn’t connect at all and all that was dependent on the wifi infrastructure. (It worked almost flawlessly at home but problems arouse at any other place including my university (which is a big  deal obviously)).

Initially I thought it must be a linux/driver issue and searched around the web. Eventually I pinned the problem down to my Wifi card, a “Realtek 8188CE”. The sole mentioning of that name in a forum will get people to offer condolences. Apparently the issue is not Linux specific, but it’s worse there. I tried downloading and compiling the latest driver from Realtek with no success. So I quickly made the decision that the module has to be replaced. Replacing the hardware turned out to be easier than I expected. The real problem was to get the device to accept the new card.

Lenovo ships their laptops with built in white lists in the BIOS which checks Wifi and WWAN cards for a Lenovo branding, a so called FRU number. If  it finds an unbranded module it will refuse to work.

So I contacted Lenovo and asked where I could purchase such a branded card. The answered with a generic e-mail saying “please find a list of our licensed stores attached” with a list of all online shops known to man as an attachment. So I found a fitting card at Cyberport.de where I also bought the Thinkpad, contacted them and asked about the branding. They said they were not sure but assumed it would work. When the card arrived I quickly put it in only to be greeted with a friendly message claiming to have found an “unauthorized network card”. “Computer says nah…” (By the way: After I explained this to Cyberport on the phone they offered to take the card back. Thumbs up!)

When you see this... you're screwed!

When you see this… you’re screwed!

So no branding on that card. I contacted Lenovo support again this time via phone. The stressed lady with a foreign accent collected all my personal information before letting me ask any questions. After I told her about my problem I got an answer that boils down to this: “If you’r card is not from Lenovo it will not work. This is not a defect so I cannot help you! Linux??? We are not supporting Linux. Good bye.”

The weirdest thing is that neither her nor her colleagues answering to my e-mails could tell me where I could actually buy a Lenovo branded card. I made it explicitly clear that I do not want this to be treated as a warranty request or anything. I wanted to buy a wifi card… you know…. with money. No chance. All I got was the generic list of “authorized dealers”. Apparently Lenovo disallows the use of third party cards without offering cards themselves… so…. no cards for you!

Eventually someone in the Lenovo Forums provided me with the FRU numbers of some of the wifi cards Lenovo uses. Searching for those directly yielded some results and I was eventually able to buy a used “Intel Centrino Advanced-N 6205” from a German online store. The card arrived today and I was finally able to boot with a non crap card. Linux automatically loaded the drivers and all I had to do is re-entering the WPA-2 key for my home network. I have yet to test the card on other networks but I am really optimistic. The remainder of this article will be a short how to on the issue.

How to replace the card

If you want to replace your card you need to make sure that you chose a compatible one. The most obvious thing to check is the number of antennas: If the new card has more antennas than the current one, you need to install additional antennas behind the screen and I guess you don’t want that. So check how many antennas your card has (the Realtek 8188CE has two) and chose a replacement accordingly.

Then try to find out the FRU number of this device, I found my number in the Lenovo Forums but I guess contacting support is also worth a try.

Now search for the FRU number directly. It is my understanding that you can’t buy new Lenovo branded modules so you need to find a used one. If you live in Germany or do not fear shipping costs check out www.nbwn.com, they have a great selection of used notebooks and parts.

Once you obtained a card follow the instructions in this video to replace the old card or my following step-by-step instruction pictures:

Flip the notebook over and remove the screw from the memory cover.

Flip the notebook over and remove the screw from the memory cover.

Remove the screw that keeps the keyboard in place.

Remove the screw that keeps the keyboard in place.

Flip over the device again, push the keyboard towards the screen and lift it up. Be careful not to damage or disconnect the cable.

Flip over the device again, push the keyboard towards the screen and lift it up. Be careful not to damage or disconnect the cable.

Remove the antennas (blue circles) and the screw.

Remove the antennas (blue circles) and the screw.

Take out the card.

Take out the card.

Now insert your new card and re-assemble your device.

Posted in ThinkPad | Tagged , , , , , | 4 Comments

So I left Arch Linux… what’s up with that?

About a year ago I started this blog, primarily as a sort of public collection of notes on how to do things on Linux, especially Arch Linux.

At the time I was annoyed by a lot of decisions Canonical made with Ubuntu, which I had been using for quite a while. So I made the decision to retake the control I felt canonical was taking away from users by switching to Arch Linux. This article is essentially a summary of my experiences with it and an explanation on why I am not using it anymore.

When my new laptop arrived in January of last year I immediately installed Arch Linux on it. For someone like me who’s Linux installation experience is basically “insert an Ubuntu live CD and click install” it was quite a challenge, but the Arch Wiki provides an amazing guide that made me succeed eventually (The Arch Wiki and Forum are in my opinion two of the best places in the internet to get help with Linux, not only Arch).

The Awesomeness

  • It’s customizable: The main reason for me to try Arch Linux, as I said earlier, is it’s customizability. You have to hand pick the software packages you want to be installed. This includes the Window Manager or Desktop Environment of your choice. So in the end you wind up with an operating system really suited for your needs.
  • It’s up-to-date: Arch is a rolling release distribution, which means that once an update for any package becomes available it will (almost) immediately be available for Arch users. Release cycle oriented distributions like Ubuntu also have an update function for bug fixes and security updates, but “bigger” updates will only be introduced in the next release of the distro. (There are of course ways to still get the latest version of almost everything, but it requires knowledge and work and kinda conflicts with the whole idea of a release based distribution)
  • It’s a great source of knowledge: The process of installing Arch Linux alone is probably one of the most effective ways to learn how Linux works and is configured. And even the running system sometimes requires you to dig deep into the file system to tweak a config file. I have learned much about Linux during my time with Arch, most of it on the Arch Wiki and forum.

So I ran Arch for the better part of 2012 and was quite pleased with the things I mentioned earlier, but there were also some things I did not like so much.

The Annoyances

  • Stuff breaks… often: Arch is bleeding edge. You get every update almost instantly… what?… I said that already? Yeah, it’s a big plus, but also in stability and convenience terms it’s a pain in the butt. You have to be on guard every time you update your system, you have to follow the mailing list and there is a good chance you have to fix something after the update. Again, thanks to the Arch Community those fixes are almost always available in the forums, but you still have to do them.
  • Your system is unique: And that makes it sometimes a bit harder to troubleshoot stuff. Especially if you are not sure what’s causing your problem. Other peoples solutions might or might not apply to your setup. Of course this is not an Arch exclusive problem, but my guess is that is happens more often than with more restrictive distributions.

The last two points are only a problem if you do not have fun fixing problems and learning stuff (which I did) or if you simply don’t have the time (this one applies to me). I do all my work for the university on my laptop and it needs to work all the time. Also I use it as an entertainment device to watch movies, listen to music or play games. (Boy, has Linux gaming taken off lately 😀 ) And if I want to do one of those things, it needs to work.
I hate it to sit down and write some code only to find out that the last system update has broken the compiler or something.
So, Arch Linux, it’s not you, it’s me! There is nothing wrong with how Arch is, but it has just turned out not to be the right thing for me now.

That’s why I eventually decided to ditch Arch and switch to Linux Mint for now. I am now running Mint 13 Maya Cinnamon Edition and am quite happy with it.
I am almost sure that I will come back to Arch someday though!

Posted in Arch Linux, Linux | Tagged , , | 10 Comments

Got my piece of pi…

Check out what arrived this morning with the mail:

This slideshow requires JavaScript.

That’s rght! I finally got my Raspberry PI!

If you haven’t heard of it yet, go check out their page now! (Also: Wtf dude?)

I can’t wait to get started playing around with this thing, the only problem is, I don’t have a screen that I can connect to it. The Pi only has an HDMI and Composite video out and my Screen only has VGA. Adapters cost more than the Pi itself, but I was planning on getting a new screen anyway, so I gotta speed up that purchase decision!

On the pi website three OS images are offered: One debian based (which is recommended for beginners), Arch Linux ARM and QtonPi. I am obviously going with Arch 🙂

What plans do I have with this? I am not sure myself just yet. When I ordered it months ago, I just wanted to have one! So now I am going to experiment around with it and can see it becoming a fileserver, mediacenter and/or emulator box in the end.

Watch out for more stories on the pi on this blog!

Posted in RaspberryPi | Tagged , , , | Leave a comment

How companies learn which sites you’re visiting and how to prevent it

Today I want to talk about a general issue that affects us all every time we are using the web. That is: the protection of our personal data.

In the olden days when you visited a web site, your browser would connect to the server, receive an html document and render it for you. Today, with Web 2.0 and what not, your browser still receives an html document, but it looks more like a shopping with instructions on where to get the different parts of the site. So when you connect to a certain website, you are in most cases actually connecting to multiple web servers.

This image for example is actually located on a Wikimedia server, not on wordpress.com

Sometimes this is very obvious, for example, if the page contains a Google Maps frame, it is clear that it must be connecting to the Google Maps server. In other cases it is not so clear, because these third party elements don’t even have to be visible: A lot of websites contain hidden elements that send information about the visitors to Google Analytics or other statistic services. If you want to know more about that there is a neat little Chrome extension called Collusion that visualized which website send information to third parties.

Sites with a blue circle are the ones you actually visited the others are third party sites.

Collecting anonymous user data to improve websites or services is one thing.  It gets really creepy once the third party your data is sent to knows your actual name (and address, and favorite animals….). Why would they know that? Well this is where “social widgets” come in, these small website elements that are currently spreading all over the web:

This thing sends the information, that you are visiting the page it’s on, to Facebook, Google and Twitter.

What happens is this: When you are logged into a service like Facebook or Google (chances are high that you are right now), you have a valid cookie of that service in your browser, so the site will still know who you are, if you leave the page and come back later.
Now when you visit a page with a social widget on it, your browser will send a request to Facebook/Google/etc to get the widget. It will also send your cookie information along. This basically means, that they now know that you, John Doe are currently looking at website XY. Since these widget are on practically every website nowadays the social network services can create detailed personal web usage profiles. It depends on your level on paranoia what you make of this, but it’s certainly not the most comforting of thoughts.

But wait! There is hope! Thankfully, the internet is not (yet) completely controlled by the data collecting juggernauts. There are a lot of plugins, tools and browser extensions that help you protect your privacy in many ways.
In the remainder of this article, I would like to present one example that I find very inspiring: Disconnect.me
The reason why it’s so inspiring is, that one of the founders of this start-up company, Brian Kennish, actually quit his job as a developer at Google, so he could make the “Disconnect”  Chrome plugin that keeps your browser from sending your data to all the major data collectors including Google.

The extension takes only two clicks to install and immediately starts preventing sites from sending your data to Digg, Facebook, Twitter, Google and Yahoo (unless you are on one of their pages). You can easily deactivate and reactivate the blocking of any of the five services. (There exist versions for Firefox and Safari as well).

Now go ahead, try it and enjoy a little more private web experience.

PS: If you would like to learn more about the topic, here is a talk by the above mentioned Brian Kennish:

Posted in Personal Privacy | Tagged , , , , , | Leave a comment

Thinkpads throttle CPUs down when battery is removed

I was pretty sure that the proper way to treat your laptop battery, if you want a long fulfilling life for it, is to remove it from the laptop when you are connected to an AC adapter. After all the lifespan of a laptop battery (or any rechargeable battery) depends largely on the number of charging cycles. Now if you leave the battery in the computer when it’s connected to the AC adapter, it will drain it just a little bit and then recharge it again over and over. This is true at least for the default setting of Lenovo ThinkPads (as you can read here).

Now let me back up here a little: Today I noticed one of my current programming projects performance dropped significantly over night. I ran a benchmark last night and the same this morning without any major changes, but got much worse results. So I looked for the reason in the code, reverting my recent changes (which should not affect performance at all, but just to be sure). Just before I started to believe in black magic and question my sanity, I thought maybe the reason isn’t in the code after all but my computer is just somehow slower. So I did a little research and finally noticed something odd in the output of cpufreq-info for all 4 cores:

  analyzing CPU 0:
  driver: acpi-cpufreq
  CPUs which run at the same hardware frequency: 0 1 2 3
  CPUs which need to have their frequency coordinated by software: 0
  maximum transition latency: 10.0 us.
  hardware limits: 800 MHz - 2.30 GHz
  available frequency steps: 2.30 GHz, 2.30 GHz, 2.00 GHz, 1.80 GHz, 1.60 GHz, 1.40 GHz, 1.20 GHz, 1000 MHz, 800 MHz
  available cpufreq governors: powersave, ondemand, performance
  current policy: frequency should be within 800 MHz and 800 MHz.
                  The governor "ondemand" may decide which speed to use
                  within this range.
  current CPU frequency is 800 MHz.

What? “Frequency should be between 800 MHz and 800 MHz?” That’s a rather tight margin! Of course this would explain the performance drop, but where does this come from? Changing the governor or setting the frequency manually did not change anything. Some web research showed that I was by far not the only one experiencing the problem and that can have multiple reasons. Explanations include kernel bugs and overheating CPUs. I could exclude the overheating and did not want to believe in kernelbugs yet. So I looked on and finally found an issue affecting Lenovo Thinkpads exclusively:

According to this article from ThinkWiki, the included AC adapters 65W are not enough to provide enough power to the system when it is on full load, so the BIOS decides to set the frequency to the lowest value and keep it there, if no battery is found. The article also offers a quick fix to this: Add processor.ignore_ppc=1 to your parameters in /boot/grup/menu.lst and everything will be fine. I tried it and yes, it really fixes the problem, but it’s not supposed to be safe as it doesn’t change the fact that the adapter doesn’t supply enough power. So when on full load the system can crash, I guess. So far it hasn’t for me.

So this leaves me with three options:

  1. Use the fix described above and risk the possibility of crashes.
  2. Leave the battery inserted always and risk decreasing it’s lifetime.
  3. Buy a stronger AC adapter. There are 90W and even more powerful ones available (but the 90W is enough for the T420; see this thread)

I have not decided yet, but am probably going with option three, since the extra adapter costs less than 20€.

Anyway, I’m a little angry at Lenovo now. I mean if they ship an inferior Adapter with my laptop, they could at least tell me. (People in this thread argue, that it is not inferior, because it is smaller and lighter and thus easier to carry.)

Posted in Linux, ThinkPad | Tagged , , , , , | 2 Comments