Category: Tips

Downloading Audio/Songs from YouTube

Sometimes you come across a video in YouTube and you want to save its audio. Originally I thought it would take some search for the actual URL of the flv source, then downloading it using wget and finally conversion using ffmpeg. But luckily for me, it turns out there is much simpler way to so so: youtube-dl is small python script that does it all. It will download and extract the audio from a YouTube video without any hassle.

Installation is quick via pip:

$ pip install --user youtube_dl

Note that there is an underscore there instead of an hyphen. youtube-dl is also available in Ubuntu’s repository, however the version there is too old and didn’t work for me. The --user flag tells pip to install it for the current user (I just don’t like installing unnecessary things as root :-)). Now all you have to do is:

$ youtube-dl --extract-audio http://www.youtube.com/watch?v=XXXXXXXXXX

All that is left is to fix the metadata tags of the file with the correct values with your favorite player.

Securing Access to phpMyAdmin on Lighttpd via SSH

phpMyAdmin lets easily manage your MySQL databases, as such it also presents a security risk. Logging in to phpMyAdmin is done using a username and password for the database. Hence, if someone is able to either eavesdrop or guess by brute-force the username and password could wreak havoc of your server.

A possible solution to the eavesdropping problem, is to use SSL to secure the communication to the phpMyAdmin. However, SSL certificates don’t present any method to stop brute-forcing. To prevent brute-forcing attempts, you could limit access to your IP address. However, most of us don’t have static IPs at home. The solution I came up with, kinds of combines both approaches.

Instead of using SSL to encrypt the data sent, I’m using SSH and instead of limiting access to my IP address, I’ll limit access to the server’s IP address. How will it work? First we start by editing the phpMyAdmin configuration for lighttpd. This usually resides in /etc/lighttpd/conf-enabled/50-phpmyadmin.conf. At the top of the file you’ll find the following lines:

alias.url += (
        "/phpmyadmin" => "/usr/share/phpmyadmin",
)

These lines define the mapping to the phpmyadmin installation, without it the phpMyAdmin wouldn’t be accessible. We use lighttpd’s conditional configuration to limit who is able to use that mapping by changing the above lines to:

$HTTP["remoteip"] == "85.25.120.32" {
        alias.url += (
                "/phpmyadmin" => "/usr/share/phpmyadmin",
        )
}

This limit access to the phpMyAdmin only to clients whose IP is the server’s IP (of course you’ll need to change that IP to your server’s IP). This stops curtails any brute-forcing attempts, as only someone trying to access the phpMyAdmin from the server itself will succeed.

But how can we “impersonate” the server’s IP when we connect from home? The easiest solution would be to use to the SOCKS proxy provided by SSH.

ssh user@server.com -D 1080

This will setup a SOCKS proxy on port 1080 (locally) that will tunnel traffic through your server. The next step is to instruct your browser of OS to use that proxy (in Firefox it can be done via Preferences->Advanced->Network->Connection Settings, it can also be defined globally via Network Settings->Network Proxy under Gnome). This achieves both of our goals. We are now able to connect to the server while using its own IP and our connection to the server is encrypted using SSH.

This method can be used to secure all kinds of sensitive applications. We could have achieved the same thing by using a VPN, but it’s more hassle to setup compared to SSH which is available on any server.

Manually Install SSL Certificate in Android Jelly Bean

Apparently it’s pretty easy, but there are some pitfalls. The first step is to export the certificate as a DER encoded X.509 certificate. This can be done using Firefox (on a PC) by clicking on the SSL’s lock sign in the address bar, More Information -> View Certificate -> Details -> Export. The exported certificate needs to be saved on the root directory of the internal storage of the phone, with *.cer extension (or *.crt). Other extensions will not work.

Afterwards, on the phone, click on “Install from device storage” under Settings->Security->Credential Storage. If you did everything as you should at the previous step, it will display the certificate name, and ask you to confirm its installation. If you’ve exported the certificate as the wrong format, gave it the wrong extension or placed it somewhere else than the root of the internal storage, it will display the following error:

No certificate file found in USB storage

If you see it, just make sure you are exporting the certificate correctly and saving it at the right place.

More details: Work with certificates (Geared towards Galaxy Nexus, but should apply to any Android 4.0 and above.

Updated Aug 2015: Fixed a broken link.

Installing Citrix Receiver on Ubuntu 64bit

It’s a hassle.

The first step is to grab the 64bit deb package from Citrix website. Next install it using dpkg:

~$ sudo dpkg --install Downloads/icaclient_12.1.0_amd64.deb

This results in the following error:

dpkg: error processing icaclient (--install):
 subprocess installed post-installation script returned error exit status 2
Errors were encountered while processing:
 icaclient

Which can be fixed by changing line 2648 in /var/lib/dpkg/info/icaclient.postinst:

         echo $Arch|grep "i[0-9]86" >/dev/null

to:

         echo $Arch|grep -E "i[0-9]86|x86_64" >/dev/null

And then execute

~$ sudo dpkg --configure icaclient

Credit for this part goes to Alan Burton-Woods.

Next, when trying to actually use the Citrix Receiver to launch any apps, I’ve encountered the following error:

Contact your help desk with the following information:
You have not chosen to trust "AddTrust External CA Root", the
issuer of the server's security certificate (SSL error 61)

In my case the missing root certificate was Comodo’s AddTrust External CA Root, depending on the certificate used by the server you’re trying to connect to, you may miss some other root certificate. Now you can either download the certificate from Comodo, or use the one in /usr/share/ca-certificates/mozilla/AddTrust_External_Root.crt (they are the same). Either way, you should copy the certificate to the icaclient certificate directory:

$ sudo mv /usr/share/ca-certificates/mozilla/AddTrust_External_Root.crt /opt/Citrix/ICAClient/keystore/cacerts/

These steps got Citrix working for me, but your mileage may vary.

Separate Numbering for Problems in LaTeX

By default when using the amsthm to create environments such as theorems, claims and problems, they all use the same numbering. Sometimes it’s annoying, as the numbering for the problems should generally be unaffected by the theorems present (or lack of them). For example the default behavior produces:

Problem 1
Problem 2
Theorem 3
Problem 4

where the desired behavior would be (in my opinion):

Problem 1
Problem 2
Theorem 1
Problem 3

Fortunately, this can be done by redefining the problem environment.

\let\problem\@undefined % undefines the existing problem environment
\theoremstyle{definition} % set the style of the new environment to 'definition'
\newtheorem{problem}{\protect\problemname} % (re)define the 'problem' environment

The \theoremstyle can be one of three defaults plain, definition and remark or some custom style defined using \newtheoremstyle.

See amsthm‘s documentation for more information, such as subordinately numbering (numbering per section).

Annoying Outlook Error

Sadly, there are occasions where I can’t use my beloved Gmail account and have to use Outlook to connected to a corporate Exchange servers. Due to Exchange inability to efficiently operate with large mailboxes (at least that what the tech support there tells me), I have to resort to so move messages to a local PST. However, some time a go I’ve started encountering the following error whenever I’ve tried moving messages into a PST file:

Cannot move the items. The item cannot be move. It was either already moved or deleted, or access was denied.

I’ve tried changing permissions, moving my PST around, repairing it with some tools that comes bundled with Office (I read somewhere that such error can be caused by corrupted PST files), and even tried creating a new PST. But, alas, the not so helpful message just wouldn’t get a way.
Continue reading Annoying Outlook Error

Scanning Lecture Notes – Separating Colors

Continuing my journey to prefect my scanned lecture notes, I’ll be reviewing my efforts for finding a good way to threshold scanned notes to black and white. I’ve spent several days experimenting with this stuff, and I think I’ve managed to improve on the basic methods used.

In the process of experimenting, I’ve come up with what I think are the 3 main hurdles into scanning notes (or text in general) to black and white.

  1. Bleeding. When using both sides of the paper the ink might be “bleed” through to the other side. Even if the ink doesn’t actually pass through, it might still be visible as kind of shadow, when scanning, just like when you hold a piece of paper in front of a light and you’re able to make out the text on the other side.
  2. Non-black ink. Photocopying blue ink, is notoriously messy. Scanning it to b&w, also imposes challenges.
  3. Skipping. This is an artifact that sometimes introduced when writing with a ballpoint pen. It’s a result of inconsistent ink flow, and is more rare with more liquid inks such as rollerballs or fountain pens.

Those issue can be visualized in the first three images. These images are the originals I’ve tested the various methods with. The other images are results of the various methods, explained in this post, and should convey the difference between them.
Continue reading Scanning Lecture Notes – Separating Colors

Scanning Lecture Notes – Compression

A new semester is about to begin, hence I again set out to organize lecture notes and scan them. This time I intend to invest more time investigating and perfecting this process. Hopefully, I’ll present my conclusions in few posts, each focusing on a different aspect.

In the first post, I’ll discuss the various ways to compress the scanned lecture notes. Because lecture notes (at least mine) aren’t especially colorful has I only use one pen at the time, I want the result to be black and white (line art). This allows readable lecture notes in while preserving small size per page (as you can see in Some Tips on Scanning Lecture Notes).
Continue reading Scanning Lecture Notes – Compression

Sending Desktop Notification from Cron

Usually when one wants to keep track of one’s cron jobs, one tells the cron daemon to email the output of the commands. While this is probably the best solution for servers, on desktop machines is problematic. Many ISPs block outgoing traffic on port 25 (SMTP), and if you want to send the emails via external SMTP server (such as GMail) this requires you to store authentication details in plain text. A better solution for the desktop would be to harness the desktop notifications available in Ubuntu.

There is a useful tool called notify-send which is able to send desktop notifications directly from the command line. However, there are few caveats:

  • notify-send expects its input on the command line, it can’t read from stdin.
  • If you run from cron you must tell it which display to use.

The first issue can be worked around by using cat to pick up the input. The second issue is handled by adding a DISPLAY environment variable to the crontab. So your crontab will look something like this:

DISPLAY=:0
10 1 * * sun some_cool_command | notify-send "Backup Documents" "$(cat)"

The first argument to notify-send is the title of the notification. The second is the actual text to appear in it, in our case it’s whatever comes in the stdin. If you want to store the output in a log file as well as displaying it in a desktop notification, you can use tee, which basically saves its input to a given file and also pipes it again to stdout.

DISPLAY=:0
10 1 * * sun some_cool_command | tee -a ~/some_log.log | notify-send "Backup Documents" "$(cat)"

WiFi won’t connect on Samsung Galaxy S2 with CyanogenMod 9 (ICS 4.0.4)

After upgrading to CyanogenMod 9 (ICS 4.0.4) I’ve experience problems connecting to WiFi networks. Most of the time I’ve tried to connect to a WiFi network it would try to connect and then fail. Often it would also show the network I’ve just tried to connect to as “Not in range”. This was extremely irritating, as I could stand by my router and have the phone report that there is no signal, while another Galaxy S2 phone would connect immediately, the only difference was that the other phone was running Android 2.3.7. Needless to say, I haven’t made any major (or minor) changes to my WiFi equipment and the problem wasn’t confined just to my home. Sometimes, it would connect after being idle for a day or so.

Back when I was using CyanogenMod 7, I had no problems with the WiFi on my phone, and I could also replicate this behaviour on another Galaxy S2 I’ve upgraded to CyanogenMod 9. Initially I thought it was some bug in CyanogenMod, but I came up with nothing. Over the weekend, I’ve figured maybe the bug isn’t specific to CyanogenMod, and I’ve found this bug report WiFi freeze on Samsung Galaxy S2 with ICS 4.0.3. For some reason many people have problems with WiFi on Galaxy S2 with ICS. While the report relates to the WiFi freezing, which I didn’t experience, I’ve decided to sift through the comments. Some people mentioned the “Wi-Fi frequency band” feature available in Wi-Fi settings -> Advanced (available by pressing the menu button), so I’ve decided to try playing with the different settings there.

This setting allows you to choose the WiFi operating frequency between three options 5GHz, 2.4GHz and “Auto”, which as you can guess automatically figures out the right frequency, 5GHz (802.11a and 802.11n) and 2.4GHz(802.11b/g/n). However, it seems the phone (probably due to a problem in the driver) fails the “Auto” thing. Instead of guessing the right frequency, it fails to connect. So I’ve changed it to 2.4GHz, which is still more popular choice in routers over 5GHz, and instantly my phone connected to my router.

For conclusion: If you have trouble connecting to WiFi on Samsung Galaxy S2 with ICS, you should probably set the phone to use 2GHz only (or 5GHz only) instead of the default “Auto” mode.