Turning off Lid Close Standby on Ubuntu Server 14.04 LTS in three easy steps

Let’s say you’ve turned your old laptop into a server. Great choice! It’s smaller than a full size tower, uses less power, is quieter (most of the time) and if you can’t access it you can tab right in on the physical keyboard and screen.

However, open laptops take up more space, so you’ll want to close the lid, right? On Ubuntu Server, closing the lid will put your server in standby, which is… unhelpful, to say the least.

Well, here’s how to stop that from happening, for all version of Ubuntu from 13.10 onwards (13.10, 14.04 LTS, 14.10 as of January 2015)

Step One

First, open /etc/systemd/logind.conf with a text editor

sudo vim /etc/systemd/logind.conf

Step Two

Find the line with HandleLidSwitch and change it to

HandleLidSwitch=ignore

Step Three

Save, exit and restart the daemon

sudo service systemd-logind restart

Et Voila! Your server is now happy about running with its lid closed!

How to lock down your Windows 7 machine like Fort Knox

I like security. There’s a fact for you

Imagine you’re going to sleep, and you suddenly realised you’ve left the front door wide open, with the keys still in the lock.
How would you react? Anyone with the right state of mind (and who doesn’t have a fully trustworthy 24/7 security team to pry the keys from that lock, close the door and secure the premises for you) would get up, go to the front door, close it and lock it, before proceeding back to bed with the confidence that an unwanted person won’t be getting in.

Your computer wide open like that proverbial front door, and even so if you use your administrator account for your day-to-day, and let’s face it, who doesn’t these days when you can have a computer each?

I decided to write this article after I read about a tool which claims to break bitlocker drive encryption, and one of the described methods was to get a hold of the computer whilst it was unlocked on an administrator account, install the software, then do evil.

This is done by using the default UAC (User Account Control) settings to gain applications privileged access without the need for actual administrator input.

Not on my computer, heres how:

Part One – Telling the computer what to do when evil brews

In this part we will fiddle with some of the darkest depths of security settings available to make administrator privilege requests (UAC elevations) much harder for an evil person to make a computer do evil stuff

Step One

Open up the Local Security Policy by going to Run and typing secpol.msc
Hit enter and it should open up the local security policy (if you are requested to allow it privileges, click yes. Notice how you just get a yes or no, and anybody with access to your computer can click ‘yes’ or ‘no’ for you (to do very evil things)).
Turns out that by default you don’t get this prompt. Evil people could be changing them for you!

Step Two

Navigate to Local Policies/Security Options and scroll to the bottom of what should be a long list of stuff

Step Three

Find these three entries entitled User Account Control, and check they are set to the following, if not set it to them by double clicking the option and selecting it from the drop down menu:

User Account Control: Admin Approval Mode for the Built-in Administrator account
    Default: Disabled
    Setting: Enabled
User Account Control: Behaviour of the elevation prompt for administrators in Admin Approval Mode
    Default: Prompt for consent for non-Windows binaries
    Setting: Prompt for credentials on the secure desktop
User Account Control: Behaviour of the elevation prompt for standard users
    Default: Prompt for credentials
    Setting: Prompt for credentials on the secure desktop

Part Two – Telling the computer to be more picky

Now that we have prevented evil people breaking past privilege requests without an administrator present, we need to make it so that the computer calls for an administrator more often. Doing this also prevents an evil person undoing all the good we did in part one.

Step One

Go to Start, open up Control Panel and in the search box, type ‘UAC’ and click ‘Change User Account Control Settings’

Step Two

Click ‘yes’ to the UAC prompt (the last time you’ll ever click yes) and set the slider to ‘Always Notify’, as seen below
UAC Notification Selection Screen


Your computer is now protected from evil people at the cost of you having to enter your password every time you do something administrative, which shouldn’t happen with average day-to-day computer usage.

If you do get the UAC prompt, before you enter your password, think: Why am I doing this?
The UAC is there to tell you that you are doing something that is potentially dangerous, so take the time to take a step back and ensure that you are making the right decision

Stay Safe and have a Merry Christmas everyone!

DNS woes on OS X 10.10 Yosemite

Today I spent the better part of two hours setting up a BIND9 nameserver on my raspberry pi server, and I quickly ran into an issue:

The DNS cache on OS X was not updating. There are two methods circulating of solving these, which are:

dscacheutil -flushcache
sudo discoveryutil udnsflushcaches

So, I had to find another way.
And I found one. The super easy way of fixing this is to lower your TTL in your zone file, do the ping, and set it back again (or leave it)

e.g. take this here:

ben.local. IN SOA server.ben.local. hostmaster.ben.local. (
        1               ; serial
        5H              ; refresh
        4H              ; retry
        4W              ; expire
        1D              ; minimum
)

In this case, the TTL (refresh) is set to 5 hours. You won’t be able to get a lot of work done in that time, so set it to 5 to force a refresh every 5 seconds, i.e.

ben.local. IN SOA server.ben.local. hostmaster.ben.local. (
        1               ; serial
        5               ; refresh
        4H              ; retry
        4W              ; expire
        1D              ; minimum
)

Oh, and you don’t need to change the serial unless you have slaves waiting for an update. Make the changes, then run sudo service bind9 restart to restart the nameserver, and voilà! You can get back to work.

In future, if this is a private nameserver which only receives a few queries a second, then feel free to set it to something reasonable, like a minute. or five. or ten. Keep the five hour TTLs for high load servers where you need to cater for tens of thousands of DNS requests a second

The crisis of the storage space – part two.

If your windows machine has run for twenty days straight without crashing or otherwise needing a restart, then congratulations!

It also means I should share with you a little secret. Windows uptime = disk space used for the page file, etc. A restart will significantly cut hard disk usage (4GB in my case :)) and allow you to continue working.

I would write more but I simply couldn’t be bothered. Believe it or not I have a life.

The crisis of the storage space

I have run out of hard disk space on my computer.

I have run out of hard disk space on my other computer

I have run out of space on all of my external storage devices, including the SD and CF cards for my camera

I have run out of space on my current phone, my old phone and my school-tied iPad

I have even run out on my Raspberry Pis.

In case you haven’t noticed, I’m running a little short on storage space.

This isn’t the first time it has happened, and I doubt it will be the last, but I’m damn well sure that it is a problem.

So how does one go about solving it then? Well, I started by uninstalling everything I didn’t use, regardless of whether I needed it or not. I went on to remove old documents I didn’t need any more (which I really, really hate doing), before clearing out system temp files and removing update backups.

It is about this time I deem it ripe to rebuild a computer. This requires a backup of my documents, which, well, I can’t exactly do.

Oh dear sweet mother of all things holy in and out of the computer world.

In case you hadn’t noticed, I’m not feeling too good about this.

I will keep you updated.

With faithful regards,

Me.

The end of the PC is nigh.

Firstly, I do apologise about the hideous colour scheme on the last theme, the green made me see yellow.

As one who browses the internet for hours upon hours a day, it didn’t take long to realise how much buzz there was a couple of years ago about ‘cloud computing’, and after kicking my feet up for those past years saying to myself ‘That’ll never happen’ – and before I knew it the world overtook me and I was bombarded with adverts for cloud hosting and it was all quite frustrating.

But since then, a new threat has cropped up. The tablet. A lightweight, easy to use and very portable system, which got me scratching my head. It didn’t have a keyboard.

Now I know I’m meant to be a ‘computer boffin’ or what have you, but I really couldn’t get my head around the idea that a computer is now this touch screen with a battery, a pretty solid mobile processor, a long -ish life battery and a hard casing on the back. It was like someone had decided that the laptop was too easy to break, and so they broke off the lid, and went ‘Hey, I could make money out of this idea!’.

Windows for Pen Computing kicked off Microsoft's tablet efforts back in 1991.

Windows for Pen Computing kicked off Microsoft’s tablet efforts back in 1992.

If I’m honest. I should have seen this coming. Tablets have sort of been around since before I was born. Take Windows for Pen Computing. It was an application that could be bought for Windows 3.1 (I know, right? 3.1 was like April ’92). It allowed 3.1 to be used on these primitive plastic tablets, which at the time, could run an Intel processor, but not for a day’s work.

Since WfPC Microsoft made a whole load more mistakes, right up to the point of a ‘touch screen table‘ in 2008. With no hardware or software developers, virtually no buyer market and the fact that they were only available after filing a request with Microsoft, and going through a screening process and having a swarm of checks made on you/your company, it was clear this product was not to make money, it was simply to prove that Microsoft knew what they were doing when it came to tablets. and they do, with the exception of hardware.

Microsoft have always done an amazing job when it comes to writing software, but they’ve always been a bit, well, crap when it comes to their hardware. Remember the snapped off lid I mentioned earlier? They took that a step further by allowing you to attach the keyboard back on. And take it off again.

I really shouldn’t be giving Microsoft Surface all this hate. It follows on an idea which Apple have dropped altogether. I said I don’t understand tablets, and it’s true. But what I do understand is the idea of Tablet PC’s.

My First Tablet PC - A Toshiba Portégé M200

My First Tablet PC – A Toshiba Portégé M200

I used to have a tablet PC, if I remember rightly it was a Toshiba Portégé M200-16M. Lightweight and rugged, with a screen which twisted round and locked down, it was a brilliant first laptop and tablet PC.

SIDE NOTE: I spent so many hours on that thing, I could swear the screen got a few millimetres thinner!

It is thanks to Microsoft that the Tablet PC is being dug out of its grave, with the release of Windows 8, everyone has been scrambling to get their lines of portable computers stocked up with tablet PC’s once more. The Microsoft Surface is to be disliked in my opinion, however it it designed to keep Microsoft revenues rolling in, because Microsoft and Bill Gates made their fortune on the Software, and with Entry Level Windows 7 Home Premium rolling off the shelves at £80, and the OS line going up to their top end Windows 7 Ultimate at £150, it’s no suprise that Windows needed a financial solution now that their Windows 8 lineup is cheap as dirt, and so came up with the idea of a tablet / tablet PC hybrid. Yes that’s right, tablet AND tablet PC, that’s the removable keyboard that stirs that one up.

Quite frankly the iPad is a disaster, and Apple have messed up their pricing, so they get a minimal mention in this post. Does this mean I’m a Microsoft kinda guy? I’m writing this from Windows 7, installed on a Mac. Hmm.

It’s now just a wait until the guys in Cupertino (Yes, that means Apple) come up with a comeback for the tablet PC hybrid.

So, to sum this up, Microsoft have been toying with this tablet idea for far longer than Apple have been even thinking about it, I used to have a laptop with a French name, Mobile devices are going to take over the world, and Windows 8 is pretty rubbish. Thank you for reading!

Ben Wilkinson

10 years of Windows XP

Hello all,

I hope you’ve all had a wonderful Christmas!

I received a new game, which just happened to not work with Windows 8. So I used Windows XP instead – which means installing all of the updates – bundled into service packs.

I soon realised that Microsoft has dropped support for much of Windows XP, meaning that I can’t grab the service packs and update the machine.

It was this that made me – like other people – furious, and I was about to actually write a letter of complaint to Microsoft (LIE), when it dawned on me…

Many of us have used Windows XP at some point. My old school had computers running Windows XP, and much of my new school’s library computers still run it. Everything else in the school is up-to-date-ish with the teachers using Windows Vista – the world’s worst OS in the history of mankind, and some machines run Windows 7. We don’t have any machines running Win8 yet.

So, we’ve pretty much all used Windows XP, and guess what? That shouldn’t surprise anyone, for the same reason that Windows XP support has been dropped: It’s now ten years old! (Happy Late Tenth Birthday XP!)

In my eyes, it is one of the best operating systems ever. In fact, I think it is the best. But there were always problems with XP, that aren’t now haunting us in Win7 and Win8. Most single user computers used the Administrator account as their standard account, which gave system-wide access to anything being run on the computer. Including any viruses, malware, spyware, worms, trojans, etc. installed on the computer. That is why – whilst still using XP as the standard OS for any Windows work I do – I only ever log into the Admin account to install software and update the machine, etc. Everything else is done on a ‘Limited’ Account.

Of course, you all know about the pesky Windows Updates that would give us a quarter of an hour to save up and let it shut down, and unless logged in as an Admin, you would be unable to postpone it. This gave me many problems, as I have the fancy logon screen, you know? The one where you have to enter a username and password, instead of just a click-me and enter password screen. Securer.

So, now that Microsoft is giving the techies like me a gentle nudge to move on from XP, by hiding the Service Packs from us when we want to install Windows, I am being politely held at gunpoint to move on. I do say politely.

Therefore, that means that the time has come to say goodbye to the OS that set itself in stone, because the stone is weathering away, and we need to go with the flow.

But since Windows 7 is rubbish, and Windows 8 is a pile of you-know-what, it’s time to switch to where I should be, after all, I am a mac user.

But Macs suck, most of the time.

It’s time… Hello Linux.