Q: When you are in your local coffee shop sipping on a latte, surfing the web, what prevents your neighbor three rows over from stealing the internet passwords you type in?

A: Nothing!

If you go to web sites that start out “https://”, (the “s” is the important part), you’re safe. But if you log in to non-secure sites, which happens all the time, your neighbors can “sniff” the network and see exactly what you are doing. To protect yourself, you need to use some kind of security. To get all geeky on you, I’m going to describe using a proxy through SSH tunneling, or possibly described as making a VPN to the cloud.

I took this content from Shanghai Web Hosting. He’s got some good geekery content there. Check it out. I’ve tried it myself and it took just a few minutes to get it going. If you are baffled by this but are worried, and you’re a friend of mine, then call me!

I used my web host provider, Dreamhost as the tunnel server. If you don’t have a web hosting provider (IE a company that hosts a web site like Dreamhost hosts Lee.org for me), then… umm.. that’s another issue.

In brief, here’s what happens when you use this system

1. You set your web browser once to use the new secure tunnel.
2. You connect to the trusted server with SSH. A secure tunnel is automatically created.
3. The bad guy 3 rows over sipping a latte and sniffing the cafe’s internet connection doesn’t see your passwords.

————————————————–

As SSH is inherently tunnel-enabled for setting up socks5 proxy servers, you can instantly turn your personal computer into a socks5 proxy server by the help of PuTTY through your web hosting server, breaking through firewalls. The idea is to direct all traffic from your local computer browser through PuTTY SSH session to the web hosting server and back from it.

Here we go:

1. First, make sure your web hosting provider provides SSH access to your hosting server.  DreamHost (use coupon  CASH60 for $60 discount) as well as a lot of other hosting companies do.
2. Second, download  PuTTY, run it, and set up the SSH account by entering your hosting server address in  Host Name (or IP address).
3. Add SSH tunnels by:
   Connection -> SSH -> Tunnels ->   give it a random  Source port (in this example, ‘8844′), enter  Desctination as ‘localhost’ and select  Dynamic and  Auto, and clickAdd. Now there should be an item of ‘D8844′ in the  Forwarded ports list.
4. You may want to switch back to  Session to save the session for easy access so that a simple double click would trigger the connection based on all the configurations you have done so far.
5. Double click the saved session and log into your SSH account. Now you are in your web hosting server.

Leave the SSH session open and your personal computer has now become a socks5 proxy server. Open your favorite browser, for example, FF3:

1. Tools -> Options -> Advanced -> Network -> Settings -> Manual proxy configuration -> SOCKS Host: localhost, Port: 8844 -> OK
2. You are now set. Fire up a tab and surf through the socks5 proxy on your local computer.

Remember though, that all traffic you use by browsing the web pages and downloading whatever stuff by the local proxy goes through your web hosting server and will be counted on the hosting bills.

Exciting! Now you’ve got your very own proxy server (socks5 server is the most versatile among all types of proxy servers including HTTP proxy and FTP proxy) that’s local, stable and in your perfect control for getting around all kinds of firewalls. Screw all those obsolete online proxy server lists with unusable proxy servers!

I haven’t used it yet but a program like FoxyProxy or Proxifier can help make it easier to enable this kind of system. Those two applications were recommended to me by security-conscious  friends.

—————————————–

Once you’ve got that setup, you can put a shortcut on your desktop of wherever that lets you start it quickly. Make the Target of the shortcut look something like this and it’ll start your new Saved Session but quick.

C:\Users\Lee\Programs\putty.exe -load “enable proxy tunnel”

And if the Saved Session has a hostname that looks something like this, you won’t have to type in the username, only the password

User@lee.org

—————————————

Ok, now you’re ready to run VNC through an SSH proxy tunnel. I found instructions on DSLReportts.com that work. This worked for me in about 10 minutes :-)

Using VNC through a Putty SSH tunnel

Run putty and setup an SSH connection and tunnel to the VNC server.

In this example we have setup an ssh connection to YOUR_IP_ADDRESS_HERE and given
it the session name  BBR .

Finally set up a tunnel from port 5900 to your computer to port 5900 on
the VNC server. (as shown below)

Now  you must save the session otherwise you’ll need to do it all again
next time you make a connection.

Open the session and make a connection to the SSH server.

Step 4.:
Run the Ultra VNC viewer and make a connection to localhost:5900.

You should have a login prompt from the VNC server machine now.

I regularly take control of the computers of friends and relatives to help them resolve computer problems. It’s just so much easier SEEING the problem than having it described to you.

Easiest method: Team Viewer noncommercial version

Your friend must be at their computer to help log you in. Team Viewer relies on VNC and VNC Single-click code. The Team Viewer people are running a Repeater and a pretty interface.

Tell your friend:

1. go to http://www.teamviewer.com
2. click on “Start Customer Module”
3. download and run it
4. When it says “please tell your partner the following ID to connect to you desktop” tell them the numbers shown

What you have to do:

1. go to http://www.teamviewer.com
2. click on “Start full version”
3. download and run it (you don’t have to install it… follow the prompts)
4. Where it says “Create Session”, type in the ID that your friend tells you
5. then type in the password your friend tells you
6. Now, you HAVE THE POWER! You can control their PC :-)

This is going out mostly to friends of mine…

Would you like to be my Crashplan.com backup buddy? I’ve been playing with it a bit now and I feel pretty good about it. We trade disk space on each others computers… we can’t see each other’s data, but it’s backed up nicely. And it doesn’t cost money to run it peer-to-peer like this. It can be set up so that the Crashplan people don’t have any backdoors into your backup.

I’m looking for maybe 100 gig and I can offer you the same.

Preference will go to friends that don’t live very close to me since one concern is the whole San Francisco earthquake –> fire –> destruction thing.

I went away for Thanksgiving. When I came back, my iPhone wouldn’t complete a sync with iTunes. This is what would happen:

1. plug USB cable from iPhone to PC
2. sync starts
3. iTunes says “backing up iPhone… syncing iPhone”
4. and then iTunes would stop. The iPhone disappeared from the Device List on iTunes. The phone kept saying “Sync in Progress”… forever :-(

And one time when I tried syncing, I got a message on my computer:

Attempting to copy to the disk “iphone” failed. The disk could not be read from or written to.

Here is how I fixed it:

I went into iTunes on my PC and deleted the video podcasts I had recently watched and subsequently deleted on my iPhone. It was several items from the “Best of Youtube” video podcast. I then synced the iPhone again, this time successfully. Hurray!

I’m not sure if this had anything to do with it but I also did the following:

When I was travelling, I had updated several iPhone apps directly on my iPhone. I went and updated the apps on iTunes and then synced. I’m pretty sure the fix I mentioned in the previous paragraph was what did it, but if not, try updating the iPhone apps on your computer.

Feel free to comment and tell me if this works for you!

I shoved together all the video footage I took at Maker Faire 2009 and… well, here you go. Enjoy!

local version:

My friend Karen asked me about free wiki software. Here is my response

————————–

Well, PBWiki (http://pbworks.com/) offers advertiser supported wiki services but I really really really (really!) recommend using Mediawiki instead. Mediawiki is the software that runs the FLG wiki. It’s really good software and it’s what users are familiar with. I run it on Dreamhost.com. If your friend has an ounce of geek in them, they should sign up and run their own wiki. And if they don’t have an ounce, they probably shouldn’t be running a wiki, really.

Dreamhost service is like $8/month. I have a coupon-thing where they’ll get $48.50 off a $96 1 year membership or $25 off a monthly. My promocode: SPLITITWITHLEE

Oh and I see that they have a free trial thing on their homepage: http://dreamhost.com/

If your friend can find a friend that already has a hosting plan at Dreamhost or another provider, they might let them mooch off them for free since it probably won’t cost any money extra. That’s what I do for SWARM and FLG and some personal wikis I run.

I installed the Tomato firmware on my WRT54GL about 15 minutes ago. I was clenching my teeth, preparing for a long slog through the trenches of firmwaredom but I got a very pleasant  surprise!

Installation was:

1. download
2. install firmware
3. set the SSID and password

I was up in 5 minutes! W00t!

Now I’m wandering through the configuration and it all “just works”. I am very happy. I think I might have to make a donation to the project.

The main reason I needed to upgrade was that the Linksys firmware has this asinine problem: you can open specific ports in the firewall for services like FTP and VNC but you can’t set static DHCP IP addresses with the server, you’ve got to muck with the client computer’s settings. That is dumb. All the open source firmware does it, DD-WRT, Open-WRT etc… but Tomato promised to do it EASILY. And it succeeded.

5 stars for Tomato!

That is stupid.

PARTICULARLY since the firmware has a whole section for “Port Range Forward”ing. DOUBLY SO since the firmware upgrade I ran today, bringing it from a 2007 version to a 2009 version, improved on this by adding a “Single Port Forward” feature. The ASININE trouble is that you have to specify what IP address you are forwarding to BUT you can’t associate an IP address to a MAC address on the router. DUMB.

Yes, you can set the IP address manually on your computer but SCREW THAT SHIT.

DD-WRT, Tomato or Open-WRT will be installed shortly.

Update 11-21-09: Tomato installed. Loving it.

For the last 2 years, I’ve been using an “Asus WL-500G Premium” wifi router. It died 2 weeks ago so I fell back to using my old “Netgear WGR614 v5”. I immediately noticed that the internet wasn’t what it used to be. :-(. The most  noticeable  thing was that DNS on the Netgear was so slow that sometimes it would time out. But every page took a bit longer to load…

So 10 minutes ago I installed my new “Linksys WRT54GL” and wowie kazaowie, the internet is faster than ever! Every site is zippity do-da fast!

Moral of the story: Try a new router, it might fix your slow web browsing problems :-)

If you are using Microsoft Outlook on an Exchange Server and performance is consistantly slow, this might help.  One way to make Outlook much faster is to do the following.

1. Create an offline .ost file
2. Set Outlook to be offline by default (and leave it “offline” all the time)
3. Set Outlook to check for mail very often

From now on, Outlook will draw upon the local data file instead of constantly checking for changes over the network. It completely syncs up every 60 seconds so you’ll never be out of date.

After you do this, Outlook won’t ask you for the Exchange password for 60 seconds. Make sure you type in the password or Outlook won’t send an receive email properly! One workaround is to click “Send/Receive” whenever you start Outlook. Then it will immediately ask for the password.

I have gotten this to work in Microsoft Outlook Office XP and Microsoft Outlook 2003. I haven’t tried any others.

These instructions are borrowed from intermedia.net.

To enable Offline Folders:

• Launch Outlook.
• On the “Tools” menu, click “E-Mail Accounts”, click “View or change existing e-mail accounts”, and then click “Next”.
• In the “Outlook processes e-mail for these accounts in the following order” list, click “Microsoft Exchange Server”, and then click “Change”
• Click “More Settings”.
• Click the “Advanced” tab, and then click “Offline Folder File Settings”.
• In the File box, type the path to the file you want to use as the .ost file.
  The default file name is Outlook.ost. If this file already exists, you are prompted for a new name. You should not use an OST file that was previously used. You may wish to first  delete the existing file and create a new “outlook.ost”.Once you have created the offline file, Outlook will be able to download data to it. It may take several minutes or an hour to download all of the mail.

To manually control Offline Folder state:

• Launch Outlook.
• On the “Tools” menu, click “E-Mail Accounts”, click “View or change existing e-mail accounts”, and then click “Next”.
• In the “Outlook processes e-mail for these accounts in the following order” list, click “Microsoft Exchange Server”, and then click “Change”
• Click “More Settings”.
• Now you are on the General tab. From here, do one of the following:
  • To always start Outlook offline, click “Manually control connection state”, and then click “Work offline and use dial-up networking”.
  • To choose each time you start Outlook whether to work offline or online, click “Manually control connection state”, and then select the “Choose the connection type when starting” check box.
  • To always connect to the network, click “Manually control connection state”, and then click “Connect with the network”.
  • To have Outlook automatically detect whether you can connect or not, click “Automatically detect connection state”. If Outlook is unable to connect with your server, it opens in Offline mode automatically.Note To specify the amount of time to wait for a response from the server before you are notified to retry or work offline, type a number in the Seconds until server connection timeout box.