It seems now that Windows 10 is trying to push adverts onto its users via the lockscreen. There are two modes this appears to be impact, you can see what yours is set to by going into the ‘Personalization’ area and looking at the ‘Background’ drop-down.
If you have it set to ‘Windows spotlight’ then you’re going to get adverts. This mode rotates between a range of images provided by Microsoft. You can click a button on the lockscreen to say you “don’t like” the advert but the long term impact of this is unknown.
In ‘Picture’ mode shown below, you can disable the adverts by turning “Get fun facts, tips, tricks, and more on your lock screen” (“and more” would appear to mean adverts all up in your grill) to “Off”.
I recently participated in the Guernsey Global Games Jam 2016 and with our team we’ve created a cracking game called ‘Sacrificial Inferno’.
Here
is the website.
Here are a couple of work in progress videos…
Sacrificial Inferno Gameplay & Mechanics
Sacrificial Inferno Procedurally Generated Levels
Also, I’ve uploaded a couple of real life photos from the event onto my gaming website,
gamelydigest.com
. See
here
.
The latest release of Windows has quite a few settings for privacy which I’ve documented below.
General
These settings relate to advertising in Windows Store apps and via the Internet. I’ve turned both off. The SmartScreen Filter suggests it will block known dodgy URLs from being accessed in third party Windows Store apps.
Taken from
here
your Advertising ID is “is a unique identifier, consisting of a random string of characters, which Windows generates for each user on a device. When turned on, apps can access the ID in order to deliver advertising that is relevant to you based on your app usage. You can turn it on or off at any time. If you turn it on again, a new identifier will be generated.”
Location
I have this off on my desktop and on, on my laptop. The answer to this one comes down to “Do I need this?”. You can read more
here
.
Other Devices
I’ve switched this off on my desktop and laptop. I don’t want anything being synced. From what I can find on Microsoft’s website this will sync things like your theme, browser settings and passwords. Also,
this
seems to suggest these are synced via Microsoft’s servers rather than peer-to-peer.
Speech, Inking and Typing
If you want to use Cortana you’re going to need to leave this option on. Leaving it on will send speech, inking, typing, contacts and calendar to Microsoft. I’ve turned it off. You can read more
here
.
Wifi Sense
Wifi Sense is a feature allowing Windows 10 to share Wifi passwords with your contacts. This means the Wifi passwords are potentially hackable and so this setting should be switched off. On the first screen below, click “Manage Wifi settings” to get to the Wifi Sense settings. You can read more
here
.
Feedback & Diagnostics
This section is a bit sneaky. Microsoft have lumped diagnostic (e.g. crash data) in with general usage data. Looking at the
documentation
you want to set this to “Basic” which is the minimum. Basic still includes sending Microsoft what software you have installed but there does not appear to be a way around that.
You can also disable the prompts for feedback here too.
I recently came across this message after installing an SSL certificate on one of my websites.
The message means that although the site is secure, some active content is not. Content can be passive or active.
Passive includes tags like…
As you can see, these all tend to be view type content.
Active includes tags like…
Although some of the active tags can be used for view type content like the passive ones, they can also be used to make Document Object Model (DOM) changes which means they have the potential to be insecure.
In my case it was due to Google Fonts import. This line in particular…
The fix is to remove the http allowing your browser to determine the protocol. You could also just set it to https instead (if supported).
My website
data.gg
recently had some local publicity and I appeared on local
BBC TV
and
BBC Radio
. These links won’t work forever so if you’re from the future you’ll have to take my word for it 🙂
This is a follow on to my previous post ‘
Simple Security on a Linux VPS
’ in which I said I would post about how to setup SSH key access on a server. SSH key access works by adding your local machines identify to a file on the server called authorized_keys. Once your key is in the file, you can login as that server user using your local key. Previously, I would SSH onto the server and paste my local SSH key into authorized_keys using nano but I’ve since found a much quicker way to do it by running this command.
When working with remote PostgreSQL databases it’s nice to be able to use a graphical user interface to manage the data. Fortunately, it is very straight forward to setup by creating an SSH tunnel to the remote server and then connecting pgAdmin to the server as if it’s on localhost.
The first step is to create an SSH tunnel. Replace username and host respectively.
Arguments
N: Do not execute a remote command. We just want port forwarding.
L: This is the bind target on the local client. In our case we’re asking that port 3333 on localhost be bound to localhost:5432 from the remote server. 5432 is the default PostgreSQL port.
If you want the command to go into the background so you can continue to use the terminal, add an -f argument.
Using pgAdmin, connect as you would to a local database except use the port we’ve bound to (3333):
If you ran the command as suggested, CTRL+C in the terminal will kill the SSH tunnel. If you sent it into the background using -f then you will need to kill the command by finding the background process using ps aux and grep.
This runs the command ps aux and returns any lines containing 3333 (the port we bound to locally). The number we’re interested in is the PID, which is the second number below.
With the PID we can kill the background process by doing.
Running the ps aux command again will reveal that the background process is no longer running.
I maintain a number of Linux VPS (5 at the time of writing) and wanted to cover some basic security measures. When you sign up for a Linux VPS you tend to be given a root login to set it up. You should never leave it with root access as it’s a security risk. The minimum you want to do is create a new login and prevent root from logging on via SSH. Another good precaution is to change the default SSH port. For maximum security you want to use SSH keys for access which I’ll cover in another post.
For this example I’m going to create a new login called ‘admin’ which does not have root privileges and prevent people from using SSH to connect as root. The admin user will be able to switch users to root or run commands as root using sudo but will be prompted for the password.
The first step should always be to create the new user and make sure they can login and gain root privileges. Disabling root access and then finding out the new account can’t SSH onto the VPS is a less than ideal situation…
To add a new user we’re going to use the ‘adduser’ command. This will add the user, prompt you twice for the users password and ask you to provide Full Name, Room Number, Work Phone, Home Phone and Other. I’ve only filled in the Full Name.
If for some reason you do not have the ‘adduser’ command, you’ll need to use the less friendly version, ‘useradd’.
At this point you need to log out of the VPS and log back in as admin. Do not proceed until you can do so!
Next, we want disable root access which involves editing a file called ‘sshd_config’. You should backup this file to admin’s home directory first by doing the following…
Use nano to edit the file. You need to sudo this as it is a protected file. Input admin’s password.
In the file you want to find the variable ‘PermitRootLogin’ and set it to no. This is what is will look like…
Set it to no.
If it has a # in front of it then you need to remove that, it’s a comment.
Lastly, you need to restart SSH for your changes to take effect.
Once you’ve done that, whenever you try to login as root you will get the error message.
This is a follow up post to
this
post in which I promised to post my solution to handling thumbnails when different reviewers submit different aspect ratio images, e.g…
Well, here it is..
This command does the following things:
Resizes the image as close to 576×324 as possible based on the smallest fitting dimension (indicated by the ^).
Sets the ‘gravity’ to the centre for the next command.
Takes a central crop of the image (central due to previous command) to the size 576×324. The x and y offsets give the location of the top left corner of the cropped image with respect to the original. 0 and 0 in this case.
Repage which removes image data to do with virtual image location. I’ve added this simply because the documentation recommends doing so as a pre-caution when using the crop command.