Monday, November 22, 2021
Monday, November 01, 2021
How to learn a new language (by using flashcards for gratis).
- Learn a couple of new words per day. Don't overdo this. Start small.
- Use Flashcards.
- Use them every day.
- That is it… just 1,2,3….
- From this web address: https://www.jw.org/nl/bibliotheek/boeken/Bestudeer-dagelijks-de-Schrift-2022/
- And an English version for reference here: https://www.jw.org/en/library/books/Examining-the-Scriptures-Daily-2022/
- If you found AZW3 files you can skip this, if not:
- Go to https://calibre-ebook.com/download and get whatever version will work on your device.
- Install it.
- Now open the Calibre app. Click on the [Add Books] button and add the EPUB files we downloaded.
- In the top right corner, choose the MOBI or AZW3 format.
- Now, click on the [convert book] button. In the right bottom corner you will see a spinning wheel, signifying the conversion process is working. Click it if you get impatient so you can look at a status-bar instead (mine seemed to be stuck at 47% for a while 🤔) :
- If using Calibre is not for you you van try this instead: Find the location where you saved the English and Dutch ePUB files that we just downloaded, and use upload those files now to the free converter too on this website: https://convertio.co/nl/epub-azw3/ It will give you back AZW3 files for the EPUB's that you uploaded.
- Now our MOBI or AZW3 files are created. Save the files at a location that you can find later.
Wednesday, October 20, 2021
Go to "http://vscode.dev" and start coding with Visual Studio Code entirely in your browser.
Tuesday, September 21, 2021
Highlighted: book highlighter
Friday, September 10, 2021
natural gas mining
For years, oil and gas companies have struggled with the problem of what to do when they accidentally hit a natural gas formation while drilling for oil. Whereas oil can easily be trucked out to a remote destination, gas delivery requires a pipeline.
If a drilling site is right next door to a pipeline, they chuck the gas in and take whatever cash the buyer on the other end is willing to pay that day. "There's no choice. There's no middle finger. Whatever gas comes out that day has to be sold," explained Haby. But if it's 20 miles from a pipeline, things start to get more complicated.
More often than not, the gas well won't be big enough to warrant the time and expense of building an entirely new pipeline. If a driller can't immediately find a way to sell the stash of natural gas, most look to dispose of it on site.
One method is to vent it, which releases methane directly into the air – a poor choice for the environment, as its greenhouse effects are shown to be much stronger than carbon dioxide. A more environmentally friendly option is to flare it, which means actually lighting the gas on fire.
"Chemistry is amazing," explained Adam Ortolf, who heads up business development in the U.S. for Upstream Data, a company that manufactures and supplies portable mining solutions for oil and gas facilities. "When CH4, or methane, combusts, the only exhaust is CO2 and H2O vapor. That's literally the same thing that comes out of my mouth when I exhale," continued Ortolf. But Ortolf points out, flares are only 75 to 90% efficient. "Even with a flare, some of the methane is being vented without being combusted," he said.
This is when on-site bitcoin mining can prove to be especially impactful. When the methane is run into an engine or generator, 100% of the methane is combusted and none of it leaks or vents into the air, according to Ortolf.
Bitcoin makes it economically sustainable for oil and gas companies to combust their methane rather than externally combust it with a flare.
"There is no such thing as stranded gas anymore," said Haby. But Ortolf has taken years to convince people that parking a trailer full of ASICs on an oil and gas field is a smart and financially sound idea.
"In 2018, I got laughed out of the room when I talked about mining bitcoin on flared gas," said Ortolf. "The concept of bringing hydrocarbons to market without a counter-party was laughable." Fast forward three years, and business at Upstream, a company founded by lead engineer Steve Barbour, is booming. It now works with 140 bitcoin mines across North America.
It is also helping to curtail the overall carbon footprint of some of these oil and gas sites. Recent production stats show that in the U.S. alone about 1.5 billion cubic feet of natural gas is wasted on a daily basis. And these are just the reported numbers, so the actual figures are likely higher.
Friday, June 25, 2021
Tuesday, June 08, 2021
q - Text as Data
q - Run SQL directly on CSV or TSV files
http://harelba.github.io/q/Sunday, June 06, 2021
Wednesday, June 02, 2021
Thursday, May 27, 2021
How they spy on us.
As a privacy tech worker, let me explain why this is happening. 🧵
https://threadreaderapp.com/thread/1397032784703655938.html
Saturday, May 22, 2021
schappim/macOCR: Get any text on your screen into your clipboard.
Tuesday, May 18, 2021
Sunday, May 16, 2021
Saturday, May 15, 2021
Wednesday, May 12, 2021
Tuesday, May 11, 2021
Monday, May 10, 2021
Sunday, May 09, 2021
Thursday, May 06, 2021
Hardening macOS - Ricard Bejarano
How?
Install a fresh copy of macOS
Note: this step is optional, but highly recommended, it's best to start off with a clean system to avoid possible misconfiguration.
Boot into Recovery Mode (hold
command
+R
during boot)(Optional) Go to the Utilities > Firmware Password Utility and consider setting up a firmware password to protect your data should it be lost or stolen
Format the boot drive and install macOS from scratch (Warning: this step will permanently delete the contents of the boot drive)
First boot
Clear the NVRAM (hold
command
+P
+R
during boot) (skip if you set up a Firmware Password previously)Create an administrator user account with a strong password and no hint. This user is for administration purposes only.
Go to System Preferences > Users & Groups and create an unprivileged user account for day-to-day use, it is considered best practice by Apple itself
Go to System Preferences > Users & Groups > Guest User and uncheck Allow guests to log in to this computer
Go to System Preferences > Software Update and consider enabling automatic updates (if you are not comfortable enabling this, consider at least turning on security updates by going into Advanced… and checking Install system data files and security updates)
Go to System Preferences > Security & Privacy > General and set Require password after sleep to immediately or 5 seconds
Go to System Preferences > Security & Privacy > General and set Allow apps downloaded from to App Store or App Store and identified developers
Go to System Preferences > Security & Privacy > Firewall and turn on the firewall
Go to System Preferences > Security & Privacy > Firewall > Firewall Options… and check Block all incoming connections
Go to System Preferences > Security & Privacy > Privacy > Location and uncheck Enable Location Services
Go to System Preferences > Security & Privacy > Privacy > Analytics and uncheck Share Mac Analytics
Go to System Preferences > Sharing and anonymize the computer's name, this name can be see by those connected to the same network as yours
Go to System Preferences > Sharing and turn off every service (turn on only when using it and disable afterwards)
Go to System Preferences > Network > Advanced > DNS, add two entries to DNS Servers for
1.1.1.1
and1.0.0.1
and remove any other serverGo to System Preferences > Spotlight > Search Results and uncheck Spotlight Suggestions and Allow Spotlight Suggestions in Look up
Go to System Preferences > General and uncheck Allow Handoff between this Mac and your iCloud devices
Go to System Preferences > Bluetooth and turn off Bluetooth (turn on only when using it and disable afterwards)
Go to Finder > Preferences > Advanced and check Show all filename extensions
Disable Captive Portal (use your browser instead):
sudo defaults write /Library/Preferences/SystemConfiguration/com.apple.captive.control Active -bool false Disable Crash Reporter:
sudo defaults write com.apple.CrashReporter DialogType none Block malicious domain names using the
/etc/hosts
file (see StevenBlack/hosts)Consider running an outbound firewall such as Little Snitch (proprietary, full-featured) or LuLu (open-source, very basic)
Consider doing binary whitelisting with google/santa
Go to System Preferences > Security & Privacy > FileVault and turn on FileVault (note: may take some time)
Secure FileVault when on sleep:
sudo sh -c 'pmset -a destroyfvkeyonstandby 1; pmset -a hibernatemode 25; pmset -a powernap 0; pmset -a standby 0; pmset -a standbydelay 0; pmset -a autopoweroff 0' If you plan on using ssh with ssh-agent, add a safe timeout parameter to ssh-agent to protect your credentials:
# make a copy of com.openssh.ssh-agent.plist: sudo cp -p /System/Library/LaunchAgents/com.openssh.ssh-agent.plist /Library/LaunchAgents/local.com.openssh.ssh-agent.plist # edit the file sudo vim /Library/LaunchAgents/local.com.openssh.ssh-agent.plist
<!-- add the missing lines to the file --> <key>ProgramArguments</key> <array> <string>/usr/bin/ssh-agent</string> <string>-l</string> <string>-t</string> <string>8h</string> </array>
# apply the changes sudo launchctl unload -w /System/Library/LaunchAgents/com.openssh.ssh-agent.plist sudo launchctl load /Library/LaunchAgents/local.com.openssh.ssh-agent.plist Edit
/etc/auto_master
asroot
and comment the line beginning with/net
(note: this is a workaround to an unpatched vulnerability)Reboot and log back in as the unprivileged user
Second boot (user)
Go to System Preferences > Security & Privacy > Privacy > Contacts/Calendars/Reminders/Photos and remove any apps that shouldn't have access to any of those folders, if any
Go to System Preferences > Security & Privacy > Privacy > Camera/Microphoneand remove any app you don't want to have access to the camera or microphone, if any
Go to System Preferences > Security & Privacy > Privacy > Full Disk Access and remove any app you don't want to have full-disk access, if any
Go to System Preferences > Security & Privacy > Privacy > Advertising, check Limit Ad Tracking and click Reset Advertising Identifier
Carefully assess and install a web browser. Regardless of your browser…
- …block third-party cookies
- …disable DNS preloading
- …disable Flash support
- …install an ad blocker
- …enable Do Not Track
- …opt-out of telemetry
- …consider using a privacy-respecting search engine in lieu of Google
- …consider a whitelist approach to JavaScript execution
Note: if using Safari, go to Safari > Preferences > Search and uncheck "Include Safari Suggestions" and to Safari > Preferences > General and uncheck "Open"safe" files after downloading"
Consider tunneling your traffic through a VPN when connected to untrusted networks (see ThatOnePrivacyGuy's VPN comparison or roll your own)
Consider using a privacy-respecting email service provider (see ThatOnePrivacyGuy's email comparison or roll your own)
Consider setting up PGP/GPG encryption for email regardless of your email service provider
That's it?
No.
Again, you don't have a "100% secure system", you are just a lot harder to screw with than everyone else in the city.
Keep in mind that securing a system is not a one-time job, you must actively backup your data, patch your system, look out for new vulnerabilities… Some general best practices are:
Keep your system up-to-date, both macOS and installed software
Prevent unattended physical access to the device from anyone but yourself
Encrypt sensitive data on rest and on transit
Backup your data, multiple, encrypted (of course) copies of your data in different physical locations
Keep your guard up, you are your system's last line of defense