Eubolist's Blog

about IT, Linux, the web and much more

Archive for the ‘Internet’ Category

Python Script: Merge and sort multiple RSS Feed items in one Feed

with 3 comments

In my first blog post a while back I wrote about showrss and how to concatenate multiple tv-shows into one personalized rss feed.

I’ve been using their service for about a year now and am quite happy with it. Sadly though, despite multiple requests, they haven’t included National Geographic and Discovery Channel documentaries yet. So today I took the time and wrote customfeed, a little python script that is able to fetch multiple feeds, sort the items and concatenate them in the right order to a new feed. Although I wrote the script for use with ezRSS feeds, it should work just as well with any other feeds (might need some little modifications or tweaks though).

The script depends on python-feedparser, so make sure you have that one installed:

sudo aptitude install python-feedparser

or:

sudo easy_install feedparser

The most convenient way is to set up a cronjob that executes customfeed.py every few hours or so. Mine looks like this:

24 */6 * * * /usr/local/bin/customfeed.py

Advertisements

Written by eubolist

2010/12/24 at 02:12

A simple way to enable .py Python CGI scripts on Lighttpd (“Lighty”) webserver on Ubuntu

leave a comment »

After multiple, failed, attempts with mod_fastcgi I found a simple three step solution to enable python scripts on my webserver:

  1. sudo ln -s /etc/lighttpd/conf-available/10-cgi.conf /etc/lighttpd/conf-enabled/
  2. Add the following section to your /etc/lighttpd/lighttpd.conf file:
    ### Python Config ###
    cgi.assign = (

    “.py” => “/usr/bin/python”
    )
  3. Restart lighty: sudo /etc/init.d/lighttpd restart


That should do the trick. As it says in the title, this is a simple and painless way to enable Python CGI scripts on lighty.

Written by eubolist

2010/06/13 at 15:06

Ubuntu Lucid Lynx 10.04 LTS is out!!

leave a comment »

Download the newest Ubuntu long term support (LTS) release on http://releases.ubuntu.com/releases/10.04/. If possible choose a torrent download to save Canonical some server bandwidth and you some time.

Tests about the new Ubuntu will be on my blog soon!

Written by eubolist

2010/04/30 at 22:18

Google adds site speed as a factor in PageRank

leave a comment »

Google announced on their official webmaster central blog that they have added the speed (=how fast a website loads for the end user) as a factor in their calculations for a site’s page rank.

Google state in their blog that this change will only affect “fewer than 1% of the search queries”. Given that Google has about 91’000’000 search queries a day, “fewer than 1%” is still “fewer than 910’000” search queries – which is quite a lot.

If you own a webserver on your own, like me, you may be worried that websites of you / y0ur customers might be negatively affected by the change. But don’t panic: Testing and improving the speed of your websites is actually very simple.

  • Step 1: Install FireBug, a FireFox extension.
  • Step 2: Install Page Speed, an extension for FireBug.
  • Step 3: Test the websites you wish to improve and follow the instructions of FireBug/Page Speed (=adjust code or webserver config).

See, that wasn’t that difficult, was it?

Written by eubolist

2010/04/11 at 23:15

Posted in Google, Internet

Tagged with , , ,

A guide to make safe passwords

with 2 comments

There are a lot of informations out there on how to make secure passwords, most of which are about passwords for cryptographic purposes, written by security experts. Of course the most secure password form is a true random password consisting of upper/lowercase letters, numbers and special characters. There are a lot of web services out there to generate such strings, take this one for example: http://clsc.net/tools/random-string-generator.php

Now it occurred to me, that some security enthusiasts – and some folks at Microsoft – also advise people to choose random passwords for their accounts (computer, mail, social networking …) as well – to make it safe, of course. This is idiotic because the average user certainly does not want to memorize multiple random strings and this policy would encourage users to use one password for all their accounts. Using the same password for multiple accounts is a very bad idea – if one account gets compromised (the programmers at your dating site didn’t do a great job in securing their server) all your other accounts (PayPal, eBay, …) will be in danger, too. And even if you can memorize the random password there is a good chance that you will forget it once you haven’t used it in a while. Which is quite probable to happen since most people are too lazy to always type the password and decide to store it in Firefox, the keyring or whatever password manager they’re using. So don’t use random passwords as long as you’re not an autistic savant genious with a superhuman memory.

Now, since I’ve condemned the really safe option of random passwords let’s have a look at the two possibilities an attacker has to crack your password. The first method would be a dictionary attack: The attacker uses a dictionary file with lots and lots of words in it as possible passwords. This attack is the reason why it’s a bad idea to use simple words without modification as passwords. The second method is a bit simpler, it’s called brute force attack.  Similar to the dictionary attack the attacker tries to guess your password, this time – as the name suggests – every possible password is tried, starting with a and ending with ZZZZZZZZ… Brute force is a lot slower than a dictionary attack because obviously many more passwords have to be guessed until the right one is found. But the big advantage is that the password doesn’t have to be a word, so a password such as “123++” doesn’t offer a lot of protection against brute force attacks, despite being quite strong against a dictionary attack (always depending on the dictionary used, of course).

So what properties does a password need to be safe?

  • It should be long. The longer the better. Why not use a short sentence for example? A short sentence consisting of a few words is very easy to remember and contains a lot of characters, making it hard to break. In case spaces are not allowed you can just leave them out or substitute them with a dash or a certain number.
  • It should contain upper and lowercase letters, numbers and special characters. Adding a number and a special character after your usual password vastly increases the security of your password. Let me show an example: if “monday” is your usual password, it consists of 10 lowercase letters. So a brute force attacker has to try a maximum of 246 possible passwords until he eventually will guess the right one. Given he can try 5000 passwords per second he will crack your password in about 10 hours (he would even be a lot faster if he used a dictionary attack in this example). Now we add a number and a special character to your password and capitalize the first letter: “#0nd4y” A brute forcer would have to try the full ASCII set to crack your password: 1286 which would, at the same speed, take the attacker almost 140 thousand years!
  • It shouldn’t be a plain (or simple variation of a) dictionary word. Even if the above sample may seem secure against brute force attacks, it may not be against a dictionary attack where the dictionary has been added variations of the words (a huge list like that can be easily and quickly generated with an automated script). Use words from foreign languages you know, they are not likely to be in a dictionary (since the largest dictionary files are English, and who would guess eg. a french password on a Spanish user and website?)
  • As I already mentioned: One password per account! Don’t use the same password for multiple accounts. Just don’t.
  • Finally, the last and maybe most important point: It should be easy to memorize! How can one achieve that regarding my other points above? Even passwords containing special characters or numbers are easy to memorize if you create yourself a pattern. There an infinity of patterns you could use to generate safe, easy-to-memorize passwords. Here are a few ideas: Always add the same number (e.g. your birthdate) plus one special character after or before the word you use: puppy –> 1351976?puppy / 1351976=puppy / 1351976@puppy / … Or play around with a whole sentence: puppy –> i have a cute puppy 9877+*$ / i-have-a-cute-puppy9877 / ihaveacutepuppy+*$ / i9have8a7cute7puppy!!! / …

This way even if you don’t use a password for a long time you, and only you, will still be able to guess the right one amongst the most likely variations that you have in mind. And even though I certainly do not consider myself a security expert, I think this is one of the safest, most reliable ways to choose your passwords for everyday users.

Written by eubolist

2010/02/19 at 17:12

Install MythTV 0.22 on Ubuntu 9.04 Jaunty Jackalope

with 2 comments

If you want to install the newest version of MythTV on Jaunty, here’s what you have to do:

  1. Add the following lines to your /etc/apt/sources.list:
    deb http://ppa.launchpad.net/mythbuntu/repos/ubuntu jaunty main
    deb-src http://ppa.launchpad.net/mythbuntu/repos/ubuntu jaunty main
  2. Add the Mythbuntu key by typing the following command: gpg –keyserver hkp://keyserver.ubuntu.com:11371 –recv-key 1504888C && gpg -a –export 1504888C | sudo apt-key add –
  3. Update your list and install Mythbuntu-repos: sudo aptitude update && sudo aptitude install mythbuntu-repos && sudo aptitude safe-upgrade

Written by eubolist

2010/02/07 at 21:04

Google plans on releasing a tablet PC running Chromium os

leave a comment »

The new Google Chromium Tablet PC

Looks like a few days after the presentation of the Apple iPad, Google published some design studies of their very own tablet pc. The drafts on their page are still very vague, but it certainly looks very promising:

The idea of a 10-finger compatible virtual keyboard would definitely be a relief for a lot of frequent pc users

Check out all the pictures and a video simulation at Chromium.org

Written by eubolist

2010/02/03 at 21:42