Synergy truly rocks.
For a while now I’ve been using osx2x along with UltraVNC, just so that I could use one keyboard and dual monitors on two computers — a Mac and a PC.
osx2x’s problems were many: the PC would detect a / as a ?, and vice versa; the number pad wouldn’t work, and sometimes the shift key would get stuck. Worse, it was impossible to play games on the PC and span over to the Mac’s monitor — osx2x would either completely garble the mouse commands, or would just crash. I had to put a KVM in place just so that I could switch the hardware keyboard to the PC when I wanted to game.
Development for osx2x seems to have stopped; it’s been stuck at 2.20 for almost a year, with no news listed on the page. The app, though small, is really annoying. In order to work, it must be in the foreground, and will also display a huge arrow pointing to the remote display. It consumes space on the Dock, and even at its smallest size, the app window is larger than a minimized iTunes window.
Synergy is a real pain to install, particularly on OSX. I’ve not yet seen a good way to get it to start on login, but I’ve not looked very hard. The key to setting up Synergy is that it is totally backwards from a VNC setup: the machine the hardware [keyboard, monitor] is plugged into is the server, and the machine that you’re controlling is the client.
Configuring a WinXP Synergy client is dead-easy. On a Mac, you’ll still have to edit text files, but I did find a GUI front-end, SynergyOSX, but I haven’t tried it. Here’s a hint: your system names will be the WinXP NetBIOS name, like “Home”, and the Mac’s Rendezvous name, like “Bob.local”. Be sure to test your connections, and you’ll see what the problem is if you run into any.
So far, Synergy is pretty nice. Once you start the server [from Terminal], it disappears and does its job. On the WinXP client machine, it leaves a little systray icon. And yes, the / key is indeed the / key, not the \ key.
Games still don’t play well across the Synergy connection, but that’s to be expected.
I’m really impressed with the latest version of Firefox.
One of the neater additions is Live Bookmarks.
Live Bookmarks let you bookmark an RSS feed, which will appear as a bookmark folder that contains all of the headlines in the feed.
On certain sites, you’ll see an orange RSS icon in the bottom right corner of the Firefox browser window. If you click it, it’ll give you an option to subscribe to the site’s feed.
I poked around for a few minutes and found out how to make my site RSS-enabled, at least as far as Firefox was concerned:
If your site content management tool already handles RSS feed generation, you can add the following line in the < head>section of your main index:
< link rel="alternate" type="application/rss+xml" title="RSS" href="http://unxmaal.com/mt/index.rdf" / >
Obviously, replace the link to my RSS feed with the link to your own.
In a fit of masochism, I decided to secure my Airport Express WLAN via WPA and Radius authentication.
RADIUS authentication lets you manage access to your wireless LAN from a central RADIUS server, making it much more secure than storing authentication info on your wireless access points.
I picked up a pre-compiled OSX package of FreeRadius from Carpe Stellarem.
There are a few other ways to get FreeRadius, including via Fink package, and by Andreas Wolf’s installer.
Carpe Stellarem also sells a shareware, GUI-based RADIUS configurator app for $19, and I recommend you pay for it. I didn’t, because I am a fool, and because I wanted to learn how to configure RADIUS by hand, and because I am a fool.
I found this page very useful, although it does not explain exactly what I wanted to do.
My installation steps are pretty much as follows:
Install FreeRadius. Modify /etc/raddb/clients.conf to have the IP of your Access Point, and a “shared secret”.
client 192.168.1.50 {
secret = testing123
shortname = wifi
nastype = other
}Add a user to /etc/raddb/users. Username should be the WiFi NIC’s MAC address, and the password should be the same [this is the only way it'd work for me.]
0001020a0b0c Auth-Type := Local, User-Password == “0001020a0b0c”
Reply-Message = “Hello, %u”Configure your WAP [in my case, the Airport Extreme] to talk to the RADIUS server, using the “shared secret” you listed above. Start the RADIUS daemon in debug mode: /usr/local/sbin/radiusd -X Try to connect, and cross your fingers. Pay very close attention to error messages; if you have problems, RADIUS will usually tell you exactly where you screwed up.
If you’ve done everything right, your client machine [laptop] will hop right onto your WLAN, with no fuss. The whole authentication mechanism takes place behind the scenes. If it does prompt you for a password, you’ve probably done something wrong in your users.conf file, so check it first.
Once you’ve proven that everything works, you’ll need to fiddle with making radiusd start on boot. For this to happen, it’ll have to be able to run “daemonized” — via /usr/local/sbin/radiusd .
I got stuck at this part; radiusd “reads configuration files”, then dies. The minimal [and rude] info I’ve found via searches indicates that /etc/raddb/radiusd.conf should have both ‘user=’ and ‘group=’ set to a user and group that have read/write permission to the RADIUS files and directories. However, even setting these to root/wheel didn’t fix the problem. If I find anything out, I’ll post the fix here. (I do wonder if it is a problem with the precompiled version of FreeRadius that I used.)
I’m sure this is old news [I'm finding articles as old as 2002] but in reading the info for Apple’s latest Security Update, I noticed that in most of the security fixes, Apple gives the discoverer credit for finding and reporting the problem.
That’s a lot nicer than suing the whistleblower.
Not entirely sure what’s going on, but lately I’ve got a ton of fake referrer entries from various sites’ mt-comments.cgi — and they all come from one IP: 66.98.210.44 .
Luckily, I know the magic of .htaccess, so now nobody from “Everyone’s Internet” can read my page. And good damn riddance.
Here’s an example of the log files:
66.98.210.44 - - [02/Sep/2004:20:05:43 -0400] “GET /mt/archives/002005.html HTTP/1.1″ 200 16969 “http://WWW.katiehood.COM/cgi/mt-comments.cgi” “Windows XP Internet Explorer 6.x”
66.98.210.44 - - [02/Sep/2004:21:22:24 -0400] “GET /mt/archives/001302.html HTTP/1.1″ 200 17057 “http://zero12.securesites.net/cgi-bin/mt/mt-comments.cgi” “Windows XP Internet Explorer 6.x”
66.98.210.44 - - [02/Sep/2004:21:39:55 -0400] “GET /mt/archives/001981.html HTTP/1.1″ 200 17365 “http://www.thoughtbomb.net/cgi-bin/mt/mt-comments.cgi” “Windows XP Internet Explorer 6.x”
66.98.210.44 - - [02/Sep/2004:22:26:51 -0400] “GET /mt/archives/001467.html HTTP/1.1″ 200 16895 “http://www.graysathletic.co.uk/cgi-bin/mt/mt-comments.cgi” “Windows XP Internet Explorer 6.x”
And the .htaccess file (doesn’t block EI’s whole range, but it’s good enough):
order allow,deny
deny from 66.98.210
allow from all
