I recently participated in the Guernsey Global Games Jam 2016 and with our team we’ve created a cracking game called ‘Sacrificial Inferno’. Here is the website.
Here are a couple of work in progress videos…
Also, I’ve uploaded a couple of real life photos from the event onto my gaming website, gamelydigest.com . See here .
The latest release of Windows has quite a few settings for privacy which I’ve documented below.
These settings relate to advertising in Windows Store apps and via the Internet. I’ve turned both off. The SmartScreen Filter suggests it will block known dodgy URLs from being accessed in third party Windows Store apps.
Taken from here your Advertising ID is “is a unique identifier, consisting of a random string of characters, which Windows generates for each user on a device. When turned on, apps can access the ID in order to deliver advertising that is relevant to you based on your app usage. You can turn it on or off at any time. If you turn it on again, a new identifier will be generated.”
I have this off on my desktop and on, on my laptop. The answer to this one comes down to “Do I need this?”. You can read more here .
I’ve switched this off on my desktop and laptop. I don’t want anything being synced. From what I can find on Microsoft’s website this will sync things like your theme, browser settings and passwords. Also, this seems to suggest these are synced via Microsoft’s servers rather than peer-to-peer.
If you want to use Cortana you’re going to need to leave this option on. Leaving it on will send speech, inking, typing, contacts and calendar to Microsoft. I’ve turned it off. You can read more here .
Wifi Sense is a feature allowing Windows 10 to share Wifi passwords with your contacts. This means the Wifi passwords are potentially hackable and so this setting should be switched off. On the first screen below, click “Manage Wifi settings” to get to the Wifi Sense settings. You can read more here .
This section is a bit sneaky. Microsoft have lumped diagnostic (e.g. crash data) in with general usage data. Looking at the documentation you want to set this to “Basic” which is the minimum. Basic still includes sending Microsoft what software you have installed but there does not appear to be a way around that.
You can also disable the prompts for feedback here too.
I recently came across this message after installing an SSL certificate on one of my websites.
The message means that although the site is secure, some active content is not. Content can be passive or active.
Passive includes tags like…
* <audio>
* <img>
* <video>
As you can see, these all tend to be view type content.
Active includes tags like…
* <script>
* <link>
* <iframe>
* <object>
* @import
Although some of the active tags can be used for view type content like the passive ones, they can also be used to make Document Object Model (DOM) changes which means they have the potential to be insecure.
In my case it was due to Google Fonts import. This line in particular…
@import url(http://fonts.googleapis.com/css?family=Roboto:400,700);
The fix is to remove the http allowing your browser to determine the protocol. You could also just set it to https instead (if supported).
@import url(//fonts.googleapis.com/css?family=Roboto:400,700);
This is a follow on to my previous post ‘ Simple Security on a Linux VPS ’ in which I said I would post about how to setup SSH key access on a server. SSH key access works by adding your local machines identify to a file on the server called authorized_keys. Once your key is in the file, you can login as that server user using your local key. Previously, I would SSH onto the server and paste my local SSH key into authorized_keys using nano but I’ve since found a much quicker way to do it by running this command.
ssh-copy-id <username>@<host>
Simples!
When working with remote PostgreSQL databases it’s nice to be able to use a graphical user interface to manage the data. Fortunately, it is very straight forward to setup by creating an SSH tunnel to the remote server and then connecting pgAdmin to the server as if it’s on localhost.
The first step is to create an SSH tunnel. Replace username and host respectively.
ssh -N -L 3333:localhost:5432 <username>@<host>
Arguments
If you want the command to go into the background so you can continue to use the terminal, add an -f argument.
Using pgAdmin, connect as you would to a local database except use the port we’ve bound to (3333):
If you ran the command as suggested, CTRL+C in the terminal will kill the SSH tunnel. If you sent it into the background using -f then you will need to kill the command by finding the background process using ps aux and grep.
$ ps aux | grep 3333
This runs the command ps aux and returns any lines containing 3333 (the port we bound to locally). The number we’re interested in is the PID, which is the second number below.
jason 6674 0.0 0.0 48280 912 ? Ss 21:15 0:00 ssh -Nf -L <username>@<host>
With the PID we can kill the background process by doing.
kill 6674
Running the ps aux command again will reveal that the background process is no longer running.
Tired of seeing the Rails asset pipeline logging in the console? Disable it by adding this code…
# Hide asset pipeline logging
config.assets.logger = false
into…
config/environments/development.rb
Boom! No more asset pipeline logging during development. Remember to turn it back on if you have asset problems, though.
I maintain a number of Linux VPS (5 at the time of writing) and wanted to cover some basic security measures. When you sign up for a Linux VPS you tend to be given a root login to set it up. You should never leave it with root access as it’s a security risk. The minimum you want to do is create a new login and prevent root from logging on via SSH. Another good precaution is to change the default SSH port. For maximum security you want to use SSH keys for access which I’ll cover in another post.
For this example I’m going to create a new login called ‘admin’ which does not have root privileges and prevent people from using SSH to connect as root. The admin user will be able to switch users to root or run commands as root using sudo but will be prompted for the password.
The first step should always be to create the new user and make sure they can login and gain root privileges. Disabling root access and then finding out the new account can’t SSH onto the VPS is a less than ideal situation…
To add a new user we’re going to use the ‘adduser’ command. This will add the user, prompt you twice for the users password and ask you to provide Full Name, Room Number, Work Phone, Home Phone and Other. I’ve only filled in the Full Name.
root@discuss:~# adduser admin
Adding user `admin' ...
Adding new group `admin' (1000) ...
Adding new user `admin' (1000) with group `admin' ...
Creating home directory `/home/admin' ...
Copying files from `/etc/skel' ...
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
Changing the user information for admin
Enter the new value, or press ENTER for the default
Full Name []: Admin
Room Number []:
Work Phone []:
Home Phone []:
Other []:
Is the information correct? [Y/n] y
If for some reason you do not have the ‘adduser’ command, you’ll need to use the less friendly version, ‘useradd’.
At this point you need to log out of the VPS and log back in as admin. Do not proceed until you can do so!
Next, we want disable root access which involves editing a file called ‘sshd_config’. You should backup this file to admin’s home directory first by doing the following…
admin@discuss:~$ cp /etc/ssh/sshd_config ~/sshd_config_backup
Use nano to edit the file. You need to sudo this as it is a protected file. Input admin’s password.
admin@discuss:~$ sudo nano /etc/ssh/sshd_config
In the file you want to find the variable ‘PermitRootLogin’ and set it to no. This is what is will look like…
PermitRootLogin yes
Set it to no.
PermitRootLogin no
If it has a # in front of it then you need to remove that, it’s a comment.
Lastly, you need to restart SSH for your changes to take effect.
admin@discuss:~$ sudo service ssh restart
ssh stop/waiting
ssh start/running, process 27951
Once you’ve done that, whenever you try to login as root you will get the error message.
Permission denied, please try again.
This is a follow up post to this post in which I promised to post my solution to handling thumbnails when different reviewers submit different aspect ratio images, e.g…
Well, here it is..
for f in *.jpg; do convert "$f" -resize "576x324^" -gravity center -crop 576x324+0+0 +repage "${f%%.jpg}t.jpg"; done
This command does the following things:
These are some of my most regularly used Ruby Gems when I’m working with Rails.
As the name suggests, Better Errors takes Rack errors and makes them better. You don’t even have to make any code changes.
Sidekiq is a background task processor, similar to Cron, but for Ruby. All you need to do is write the tasks method and tell Sidekiq to execute it asynchronously. Sidekiq also comes with a decent dashboard, these screenshots are from the Gamely Digests Discourse Sidekiq.
Capistrano extends the Rake DSL to provide ways to run scripts on servers. It’s main usage is for deploying apps onto servers. On jotter.io and data.gg I have it set up so running this command…
cap production deploy
will upload the latest version to my server, run any migrations and restart the app on the server. I can also deploy a staging version or rollback to the previous version if something goes wrong.
On the server the directory structure looks like this…
/path/to/app/current/ (symbolic link to the very latest release in the releases folder)
/path/to/app/releases/ (contains the last couple of releases)
/path/to/app/repo/ (git repository)
/path/to/app/shared/ (has things like pids, logs, etc.)
Devise is user authentication for Rails. Devise will setup all the parts necessary for users to register, login, reset passwords, etc. If you know your project needs use logins, Devise is a no-brainer. You’re always going to want to modify the way the forms look so Devise provides a command to generate all the views for you to change. For everything else, Devise has a massive ‘How-to’ section on their Wiki.
Simple Form is a tool to help you make forms in Rails. Rails comes with its own way to do forms but I’ve never been happy with it. Simple Form is very similar for the basics.
<%= simple_form_for @user do |f| %>
<%= f.input :username %>
<%= f.input :password %>
<%= f.button :submit %>
<% end %>
Simple Form really shines for me when it comes to associations and configuration. Associations can be done as simply as this…
<%= simple_form_for @user do |f| %>
<%= f.input :email %>
<%= f.association :app_acount %>
<% end %>
Part of the install process adds some configuration files allowing you to set the input types, internationalization, what classes to apply to what components by default, priority countries in country picker drop-downs and much more.