Using bookmark synchronization on Google Chrome for Linux and Mac

For a long time, I blamed the sluggish performance of the web browser on my Linux machine at home on the ancientness of the hardware.  However, when my much nicer Linux machine at work showed the same problem, I began to think maybe it was just Firefox.  I’ve been an avid Firefox user for many years, but my loyalty wavers when my browser can’t keep up with my keyboard.  Based on the advice of strangers on the Internet, I decided to give Google’s Chrome browser a try.

Chrome is still a maturing browser, but it is fast and capable.  There’s only one real drawback: bookmark synchronization.  With Firefox, I had been using Xmarks to synchronize my bookmarks, but that’s not currently available for Chrome.  In the “Early Access” builds of the Linux and Mac versions of Chrome, the bookmark sync that the Windows version has is available.  This syncs the bookmarks to your Google Docs account, which makes it rather handy.  However, synchronization is not enabled by default.  To enable it, you have to pass the –enable-sync option at launch time, which is easier said than done.  Fortunately, it’s not too terribly difficult.

Continue reading

Setting up a new Mac

As part of my new job, I got a shiny new 13″ MacBook Pro.  Even though I’m quite a Linux fanboy, I really enjoy the quality of the hardware and OS X. However, it isn’t perfect.  There are a lot of applications that I like to have available.  Since I have nothing better to talk about, I figured I’d list them here:

  • Adium — one of the best instant messenger clients I’ve ever used.  It has support for just about every major IM protocol except…
  • Skype — I don’t really use it for IM, but it’s great for audio and video calls.
  • Firefox — I prefer it to the Safari browser that ships with OS X.  It happens.  And with that comes…
  • Xmarks — a browser plug-in that syncs bookmarks.  It comes in very handy when you use multiple computers.  So does…
  • Dropbox — allows you to synchronize arbitrary files between multiple computers.  I mostly use it for configuration files (e.g. .bashrc, .screenrc)
  • VirtualBox — sometimes you actually need to use another OS to do some important task (like play Sim City)
  • DOSBox — is good for playing some of the older games that I like
  • Chicken of the VNC — I’ve played with several VNC clients for Mac, and this one is the best.
  • iTerm — hands-down better than the default
  • ZTerm — a program to make serial connections.  I used it a fair bit in my old job, I don’t anticipate needing it much in my new job.
  • Colloquy — an Internet Relay Chat client
  • VLC — a media player that will play just about anything
  • Grand Perspective — a program that shows a graphical representation of disk usage, allowing you to find the files that are chewing up all the space on your hard drive.

Accessing Taleo from Mac or Linux

Some companies (including my own employer) use a company called Taleo to manage the hiring and recruitment process.  As an applicant, I’ve not been very impressed with it, but that’s neither here nor there.  From the applicant side, you can use just about any browser to fill out the forms and submit your application.  However, if you’re a hiring manager, Taleo expects that you’ll be using the Internet Explorer browser.  If you’re on a Windows machine, that’s probably available to you.  For Mac and Linux users, it’s not an option.

So what can you do?  You can either go find a Windows machine to use, or you can try to run Internet Explorer using Wine.  Neither of those are necessarily that appealing.  Fortunately, there’s a third option, which is to use the (closed-source but free-as-in-beer) Opera browser.  Once you’ve got that installed, it’s a quick process to get Taleo workin* In Preferences, click on the “Advanced” tab and select “Content”

  • Click the “Manage Site Preferences…” button
  • Click the “Add…” button
  • Enter your Taleo site (e.g. “” or “”) in the “Site” field
  • Choose “Open all pop-ups” in the “Pop-ups” drop-down menu
  • Click the “Network tab”
  • Select “Mask as Internet Explorer” in the “Browser identification” drop-down menu (note that “Identify as Internet Explorer” will NOT work)
  • Click “OK”
  • Click “Close”
  • Click “OK”

That’s all it takes.  As a bonus, you now have the very capable, stable, and secure Opera browser installed.

My future with Apple products

Despite having been given the “Mac Guy” appellation by Mario Marathon viewers, I am not an Apple fanboy.  Don’t get me wrong, I really like my current and previous Mac Book Pros.  The hardware has been solid (as a few encounters with gravity can attest to) and OS X is a great mix of power, reliability, and ease of use.  There’s no doubt that Apple turns out quality products, I don’t have an issues with their offerings.  It is a philosophical problem that I have.  As an advocate of openness, can I continue to support a company like Apple?

Apple has shown a willingness to support open source software on some occasions (as one would expect, those occasions are the ones where it suits Apple’s interests to be supportive), but at times the Apple model stands in opposition to the ideals of freedom that open source (and open standards) movements are based on.  The most recent example was reported by Wired earlier this week saying that the next minor release of Snow Leopard would “break” some “Hackintoshed” machines, specifically those using Intel’s Atom processor.  I get it, Apple is foremost a hardware company.  The software exists to promote the sales of the hardware, so allowing the software to be used on non-Apple hardware doesn’t serve Apple’s interests.

I don’t deny that Apple has the right to do what they’re doing, although if they had a larger market share, the Department of Justice might start taking notice.  No, to me, it’s not about whether or not they can do this, but whether or not they should.  The interests of Apple’s shareholders say “no”, the interests of the Apple community say “yes.”  Apple certainly has no legal obligation to do what’s in the best interests of users, but if they want to differentiate themselves from Microsoft, then perhaps they should.

What it really comes down to, then, is the question of “how closed can Apple (or any other company) become before I am no longer willing to give them my business?”  Or should it even matter?  If I give up Apple, should I also give up Skype, Flash, video drivers, and many other things that restrict my ability to use a product how I see fit?  These are not easy questions to answer, and the answer is different for each person.  For myself, I will wait and let my thoughts on the matter evolve for a while.  Hopefully by the time I’m ready to replace my current Mac Book Pro, I’ll have figured it out.

Cyber security awareness month: Other uses for SSH

As I noted a few weeks ago, October is cyber security awareness month.  I’d planned on writing a big how-to for remotely and securely connecting to another computer, but time has escaped me, so what I’ll give here is the quick and dirty version, and trust that my readers can use Google to fill in the backstory.

Back in May, I wrote an article about using SSH as a proxy to help secure your web browsing when away from home.  SSH was designed primarily to provide shell (command line) access to remote machines using encryption and other features to prevent someone from eavesdropping, but it can be used to tunnel all kinds of other traffic.  For example, you can tunnel your Subversion version control over SSH, using the svn+ssh argument (e.g. svn co svn+ssh my_svn_files). Or you could tunnel your VNC (a remote desktop protocol) over an SSH connection.

Why would you want to tunnel VNC?  The first reason is that VNC by default passes all traffic in plain text, which means all of your keystrokes (read: passwords) are exposed.  By using an SSH tunnel, your session is encrypted. The second reason is that by using an SSH tunnel, you don’t have to open the firewall for the VNC port(s).

So how do you tunnel VNC, or another protocol?  The -L argument to SSH (or LocalForward in the config file) tells SSH to forward locally.  To tunnel to a VNC server running on display :1, you’d do something like:  ssh -L 5901:localhost:5901   and then point your VNC viewer to localhost:1.

In addition to interactive-type uses, SSH can be used for file transport as well.  The scp command copies files to and from a remote server in the same manner that the cp command works locally.  sftp can be used as a secure replacement for the FTP protocol (but there’s no provision for anonymous access).  And most importantly, the venerable rsync command can be used with SSH by specifying it as the argument to the -e flag (e.g. rsync -e “ssh” -av /some/local/directory

So the moral of the story is: SSH can help keep you secure.

Which free virtual machine program to use?

For a while I’ve been debating whether I should buy a copy of VMWare Fusion for my Mac or to stick with the free version of VirtualBox.  For my needs, they compare nearly identically.  The deciding factor ended up being the KVM switch I use on my Linux and Windows machines.  Crazy, right?

For all platforms except Mac OS X, VMWare provides VMWare Server for free.  Server is a pretty solid VM platform for lightweight purposes.  Version 2 switched to a web-based interface which has advantages and disadvantages.  The main advantage is that it is very easy to connect to a VMWare server instance running on a different machine just by connecting to the address in a web browser.  The big problem I had with Server is that every time my mouse would leave the VM window, it would trigger my KVM switch (TrendNet TK-407K if you’re interested) to switch to the next computer.

Now the main reason I bought this particular switch was because it was very cheap.  It doesn’t have a whole lot of fancy features, it just lets me share a single set of interfaces across 4 machines, which is all I really need it to do.  The problem is, there doesn’t seem to be any way to turn off this automatic changing of machine.  Since I want to use my VM for actual work, having my keyboard mouse and monitor switch to a different computer every time I leave the VM is quite a hassle.  I found a few suggestions via Google, but none of them seemed to help.

After installing VirtualBox, I tried to get it to reproduce this problem.  It could not.  Since VirtualBox is free and available on Windows, Mac, and Linux, it really became an easy decision.  All thanks to a $60 KVM.

Microsoft’s Mac products

There’s a lot of hate out there for Microsoft.  Some of it is deserved, some is mere fanboyism.  For my own part, I generally avoid Microsoft products where I can.  It’s not that I absolutely refuse to touch anything that comes out of Redmond, but there are generally free-er and better tools available to accomplish the same ends.  Still, there are some things Mircosoft does very well.  Apple support is not one of them.

Now, I understand that Microsoft and Apple are competitors in some sense.  (I would argue that Microsoft is a software vendor and Apple is a hardware/ecosystem vendor, but that’s another discussion).  To some, it might be surprising that Microsoft has any Apple offerings at all, but the reality is that it is in their best interests.  Macs, especially the laptops, are becoming more prevalent in enterprise settings (especially in education, where Apple has long enjoyed a higher-than-average market share).  In order for Microsoft to keep their death grip on the lucrative enterprise environment, they need to make sure their products can continue to be used.

Unfortunately for the user, Microsoft does not seem to have put much effort into their Apple offerings.  Whether this is by choice or by circumstance, the end result is the same: people can’t get work done.  At the risk of sounding like a cynical anti-Microsoft zealot, I’m going to guess that this is an intentional move.  It does make short-term sense, after all.  By making gestures, Microsoft can be seen as playing nicely, but when things don’t work as well as they do on Windows, people will have no choice but to abandon Apple.

Now, I can’t speak to the Office products very much.  Outside of Access, I’ve barely touched Office 2007, so I don’t know to what degree it is crippled compared to the Windows versions.  I do know that VBScript is not supported in Office 2008, which causes all kinds of problems for some Serious Business(tm) in Excel.  Check boxes in Excel sheets also seem to not print, which is a bit of a hassle when I go to turn in an absence form.  Of course, Access doesn’t even have a Mac counterpart, which wouldn’t bother me except I have yet to find the time to migrate our inventory database out of Access and into something more platform-independent.  This leaves me stuck with running a virtual machine or keeping a Windows box on my desktop any time I want to do something with the inventory.

My big gripe today, and in general, is with Entourage.  It is a pretty lousy e-mail client, although 2008 is an improvement over 2004.  Entourage is a little bit on the clunky side.   For IMAP accounts, Apple Mail would be my choice.  Exchange support is the one feature that give Entourage a raison d’etre in the first place, and it is lacking in a few key areas.  The worst failing is the lack of support for Exchange tasks and notes.  Because my Blackberry has great Exchange support, it would be really nice if I could make notes on my to-do list and have them show up in Entourage.  I can’t.  Since I’m primarily at my desk all day, I primarily use Entourage for my to-do list.  This means I’m stuck without it if I don’t have my laptop with me.  (Or I have to switch to a third-party app, which isn’t that appealing either).

The other complaint is the lack of support for Outlook .pst files.  I’m not that big a fan of .pst files in Outlook either, but I accept they’re a necessary evil.  Regardless of my feelings on .pst in general, it seems silly that Entourage only supports a different (non-Outlook compatible) file format.  Mail storage is a tricky business anyway, and I just prefer to use an IMAP account when I need extra storage space.  That way it is compatible with any modern mail client.

So now that I’ve complained about Entourage, here’s the whole point: the Evolution groupware client supports Microsoft Exchange better than some Microsoft products do.  Imagine my surprise when I was setting up Evolution on my Linux box only to discover that not only did my e-mail and calendar synch, but my to-do list did, too!  I about keeled over from the shock.  This is where Microsoft needs to pay close attention to what others are doing.  If other vendors support your products better than you do, that is a Bad Thing(tm).

Fortunately for Microsoft, getting Entourage working on the Mac isn’t as simple as the Linux side.  Using fink gets you caught in a web of dependencies that don’t seem to be resolvable as of this writing.  Novell issued a Mac build that installs okay, but I’ve had problems getting it to enable an Exchange account.  I’m not the only one with this problem, as the bug report indicates, but the solution that worked for others so far has not worked for me.

In the meantime, I’ll just keep hoping that Microsoft improves the next version of office, or that better competitiors will come forth.

SOCKS it to me

(This is the first in a series of “there’s already a thousand other articles about this out there, but I’m writing my own so that I’ll have something to put on my blog” articles).

For security’s sake, some of the services I run in my department aren’t accessible off-campus, or even outside of my department’s subnets.  This is normally a good thing, but it can be a bit of a hassle sometimes.  If I’m at home and I want to check my Exchange e-mail with Entourage, or if I need to access my Samba server, I can always just fire up a VPN connection.  But if I need to play around with CUPS, and I’m not wired in to my department (say, for example, I’m sitting in a meeting and I want to get actual work done instead), then I’m just up a creek.  The VPN is at the University level, and I don’t really feel like letting the whole campus print to my printers.  We spend too much on printing anyway.

This is where SOCKS comes in.  SOCKS is a proxy protocol — instead of traffic going directly from a server to you, it goes through the proxy first.  SOCKS can be used to pass all kinds of traffic, but probably the most common use is to encrypt, hide, or otherwise mangle web traffic.

Some uses of SOCKS are completely honest, like my example above to access restriced resources when I’m away from my office.  Another reason to use SOCKS is if you’re on an untrusted network, like at a coffee house, and you don’t want anyone who is trying to snoop your network traffic to see what web pages you’re viewing.  A less noble case is tunneling your web traffic through somewhere else while you’re at work, thus allowing you to visit sites your boss would not approve of.  I suppose you could also use a SOCKS proxy to visit sites that the law would not approve of, but you’ll still get caught.

So I’ve gone on for over three hundred words so far, and I still haven’t said how you can actually do this.  As it turns out, it is surprisingly simple.  All you need is an SSH server, and SSH client, and a web browser.  The SSH server runs on whatever you want to use as a proxy, in this case my Linux desktop at work.  The SSH client and web browser run on the computer you’re using to surf ye olde intertubes.  (If you’re using Linux or Mac OS X, you’ve probably already got the SSH client and SSH server available, but you might have to get it started.  Windows users will need Cygwin or something similar.  In any case, Google is your friend).

To get started, just make an SSH connection to your proxy host.  Something like

   ssh -ND 8120

will do quite nicely.  The “-ND” option does not mean to root for Notre Dame.  Do not do that under any circumstances.  “N” tells SSH not to run a command, so you won’t get a command line, which in this case is fine.  “D” specifies the local port to use.  I chose 8120, but you can choose pretty much whatever you want between 1025 and 65535.  The important thing is to remember it.  The rest is your username and then the server you want to connect to.

Okay, so now you’ve got the connection set up.  The next thing to do is to tell your browser to use it.  Firefox users, go to Preferences and select the “Advanced” tab.  Next, select the “Network” section.  You’ll see a line that reads “Configure how Firefox connects to the internet.”  Click on the “Settings” button next to that.  Select the “Manual Proxy Configuration.”  In the box labeled “SOCKS Host” enter “localhost” and in the “Port” box next to that, enter the port you chose when you set up your SSH connection.  Click “OK” and then you’re done.

If you did it right, you’re now sending all of your web traffic through the proxy.  Well done!

So what would you say you do here?

The job of a systems administrator is very vague.  Some sysadmins are responsible for a single set of systems — a large farm of e-mail servers, for example.  Others are responsible for everything up to and including telephone lines.  Most of us lie somewhere in between, but even most sysadmins would have a hard time narrowing down what it is that we do.  Perhaps the best way to describe my job is to give a list of what I’ve worked on this week.

  • Fix the weather data web server so that the maps get updated
  • Set up a new network printer
  • Put together a price quote for a high-end Linux workstation
  • Diagnose a problem with compiled code
  • Add a new user to our main file server
  • Put together a price quote for another high-end Linux workstation
  • Setup two new MacBooks
  • Diagnose a problem with a network printer (the cable had come unpluged)
  • Make Ethernet cables
  • Replace toner in a printer
  • Install a library package so code could be compiled
  • Various updates and fixes to the department’s website
  • Tell a user how to restore the desktop switcher to Gnome

And that’s only the tickets I got.  That doesn’t even cover any self-driven tasks.  Of course, next week, I’m sure the list will be completely different.