Babylon Berlin – proto goth music Bauhaus could relate to in a show about Trotskyites being killed by Stalinites in late 20s Berlin before, presumably as we haven’t gotten that far but knowing how it goes, the Nazis take over. All in a police drama with people trying to keep the Weimar Republic together. Now that’s historical based drama!
Definitely recommend it!
This article is too interesting so saving here. Good to know the risks even if it is a little old
https://www.erinbromage.com/post/the-risks-know-them-avoid-them
This is just one comparison of of deaths year over year as well as official noted COVID-19 deaths. Seems ok to skeptical all COVID-19 related deaths are truly being counted as such. Very easy to say it was a stroke that caused the death but ignore COVID-19 caused the stroke. Looking at year over year data this year does have significantly more deaths per month beginning when this started.
Easy with DigitalOcean instructions here:
https://www.digitalocean.com/community/tutorials/how-to-set-up-an-openvpn-server-on-debian-9
I just did what was documented here but added in case they go away ever.
1 – get the installed packages
dpkg -l | grep php | tee packages.txt2 – get php 7
sudo apt install php7.3 php7.3-common php7.3-cli
3 – get the rest of the packages that you got in step 1
4 – uninstall php5
sudo apt-get purge php5*
5 – if you have fpm for web serving point all the things that used to point to
/var/run/php5-fpm.sock
to
/var/run/php/php7-fpm.sock
To block ads using Squid is simple.
Get the list of ad urls:
## get new ad server list
curl -sS -L --compressed "http://pgl.yoyo.org/adservers/serverlist.php?hostformat=nohtml&showintro=0&mimetype=plaintext" > /etc/squid/ad_block.txt
Then add this to squid.conf to reference the file and block the urls:
## disable ads ( http://pgl.yoyo.org/adservers/ )
acl ads dstdom_regex "/etc/squid/ad_block.txt"
http_access deny ads
#deny_info TCP_RESET ads
Then, for Mac Ports at least, do this:
sudo port reload squid4
Or for a recent Linux it’d be something like:
sudo service squid4 restart
This may not make much sense to others but it’s all the things for setting up Exim4 in Debian that weren’t obvious.
This is the command to cleanup old backups in Time Machine should you ever need to. Replace with an appropriate path for your backup location. I find it’d best to delete ranges of old backups with the * wildcard as well.
tmutil delete /Volumes/BackupDriveName/Backups.backupdb/MacComputerName/YYYY-MM-DD-HHMMSS/
Easy to ad block with your own DNS server if you don’t want to trust adblock or other plugins.
Get the blacklist from http://pgl.yoyo.org/adservers/
Choose for the bind 8 config format.
I had to change the file so that the records read like this:
zone "101com.com" IN { type master; notify no; file "/etc/bind/null.zone.file"; };
by adding the “IN” between the domain name and the “{ type master ….” part. Use your vi-skills for this.
Give this file a easy name, like ‘blacklist’. Now create a line in /etc/bind/named.conf.local:
include "/etc/bind/blacklist";
Create a file /etc/bin/null.zone.file with the following contents:
$TTL 86400 ; one day
@ IN SOA nds.example.com. hostmaster.example.com. (
2002061000 ; serial number YYMMDDNN
28800 ; refresh 8 hours
7200 ; retry 2 hours
864000 ; expire 10 days
86400 ) ; min ttl 1 day
NS nds.example.com
A 192.168.1.100
@ IN A 192.168.1.100
* IN A 192.168.1.100
and replace example.com by your internal domain name and replace 192.168.1.100 by the name of your web server. The above format allow for the use of wildcards. This means that you do not have to care about the subdomains.
service bind9 restart
2 is copied from here for posterity: https://box.matto.nl/dnsadblok.html
3 – use a different DNS source if you want
If you want to use a different DNS server (say you don’t trust your ISP or Google to know every site you query) you can find others here:
And then in /etc/bind/named.conf.options add the forward to the dns servers:
forwarders {
69.195.152.204;
96.47.228.108;
96.90.175.167;
};
Google appears to update it’s SSL cert nightly which breaks my fetch mail script nightly as well. Here’s a simple python script in case this happens to you!
import ssl
import socket
import hashlib
import sys
addr = 'imap.gmail.com'
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.settimeout(1)
wrappedSocket = ssl.wrap_socket(sock)
try:
wrappedSocket.connect((addr, 993))
except:
response = False
else:
der_cert_bin = wrappedSocket.getpeercert(True)
pem_cert = ssl.DER_cert_to_PEM_cert(wrappedSocket.getpeercert(True))
#print(pem_cert)
#Thumbprint
thumb_md5 = hashlib.md5(der_cert_bin).hexdigest()
#print("MD5: " + thumb_md5)
wrappedSocket.close()
cnt = 0
thumb_md5_d = ''
for letter in thumb_md5:
if cnt%2 == 0 and cnt!=0:
thumb_md5_d += ':'
thumb_md5_d += letter
cnt += 1
thumb_md5_d = thumb_md5_d.upper()
infile = "//home//user//fetchmailrc.tmp"
text = open(infile)
outfile = open('/etc/fetchmailrc', 'w')
outfile.truncate()
textToSearch = 'GOOGLE_FINGERPRINT'
for line in text:
if textToSearch in line:
line = line.replace( textToSearch, thumb_md5_d )
outfile.write(line)
Where fetchmailrc.tmp is this (in addition to whatever else in your fetchmailrc):
poll imap.gmail.com protocol IMAP user "login@gmail.com" there with password "password" is blah@blah.com here nofetchall ssl sslfingerprint 'GOOGLE_FINGERPRINT'
Then you setup a cron job to run it nightly and now you’ve got up to date Google fingerprints!