Saturday, December 31, 2011

Free Fast VPN proxies 2

For free proxies, Ultrasurf is still going strong, with constant updates to defeat censorship.

I do a lot of things on Amazon EC2, still free, including as a VPN server.  You can install a proxy server but ultimately you want to use other package other than browser, and that you want encryption.  A VPN may not be that slow because it uses UDP instead of TCP for transport.  Your own VPN is a lot faster than a public proxy, and you won't even feel it when browsing.

I install Openvpn myself.  But somebody should create an image with Openvpn securely installed, and all the configurations including the firewalls.  On the client side, we need someone to show us how to configure the VPN settings in Ubuntu elegantly so that you can easily switch between VPN and no VPN.  At the moment I kill the client whenever I need to switch and also set the DNS server.

I was surprised that TOR has documented how to use it as a VPN, directing all net traffic through it.  It's really not that bad when it's not at the peak hours, and you can have your private TOR node on EC2 to speed things up.

TOR is supposed to be hard to trace, unless you are big brother targeting someone known.  EC2 and other VPN and proxies suffers from more or less the same fate.  You don't know what the server does with your real IP.  Do you trust a company that you never heard of not to log your IP.  Or if they are small, nobody cares what they do.  It is possible that Amazon don't need to log any IP, because they are just hiring some hardware to you and you are responsible for the rules, like DMCA take downs.

Being untraceable, TOR IP's are usually banned when it matters.  EC2 and other small companies (probably using EC2 or other clouds) are not likely to be banned.  If you ban Amazon IP's, you are banning many services provided in the cloud.  Ec2 has the advantage that whenever you reboot, you have another IP (something like that). 

You need a credit/debit card to register for EC2 but a gift card will do.

Single cell phone multiple numbers (SIM method) 2

Still no carrier gives you a 2nd line with a different phone number.  But since the last post, things are a lot different.

If you buy direct from China, you have dual SIM card GSM phone for cheap, almost half that of my refurbished unlocked GSM phone many years ago.  They use those phones when people travel, it's much cheaper to just get another SIM from the convenient store than to do cross border roaming.  So you have two independent lines on a single phone, active all the time.  So you don't need any magic dual sim adapter unless you still don't want to part with your old GSM phone.

The other way is of course to buy a smart phone from China, and the only choice is Android.  Typically they have two sims because of the same reason above, and that it is popular to have one sim for voice, and another for broadband.  So you can say money when you don't need broadband all the time.  But both sim's are fully functionally.

The easiest, anywhere, is that you buy a smart phone.  In Android you have Google Voice app bundled, and you have the app in iPhones.  This app is pretty integrated in Android.  You can set that international calls will be using Google Voice alone.  Or any phone or text you send, you will be given the option of which number to use.  Or of course you can start GVoice to use the other number.  Also, you Google number is live all the time, direct to your phone.

You just need to signup for a Google Voice account and then ask for a new number.  It's free and "permanent" except for international calls.  But I think Google Voice is only available in US.  The only problem is that you use Google number as your main number.  I don't know if the app deals with a 2nd Google number.  Also, the rule is one mobile number for one Google Voice account.  You can redirect the numbers how you want it, but you need two mobile numbers to register for two accounts.

Skype is in disarray one year on.  It's probably because Skype has been using a sophisticated encryption intended for desktops years ago, and it's P2P, requiring extra processing than just the calls.  Typically they work but not well for the latest Android phones.

If you don't want to scrap your old phone because of the phone list, look if it supports Bluetooth.  Most does.  You just need to enable it and the new smart phones can import the phone list directly.

Friday, December 30, 2011

Home Security - cam, monitor and DVR (2)

Update to first part.

Wifi IP CAM didn't come down in price by a lot.  Direct from dhgate, it is closer to the $50 mark rather than the $100 mark.  You need a portable or desktop to record the video automatically.  That's not bad when you are sleeping or away from the desk.

DVR changes a lot since last time.   Even in the past, it doesn't make sense to have a CMOS CAM, turns the images into analogue signal, then the DVR re-digitize the image, compress and store it in hard disk.  Now, many people don't have NTSC and PAL anymore.  HDMI output for a CAM is too much.  So it only make sense to integrate the CAM with the DVR.

They became cheap small HD camcorders.  They are everywhere but they are just not for security CAM application.  You need overwrite or cycle recording.  So you never need to change "tapes" or SD cards.  The other very desirable feature is software motion detection - which saves a lot of storage space. 

There are one in dhgate exactly that.  They say it's for cars.  The price is not a lot more than $50.

My old DVR is going strong.  Similar things are still on sale but became more expensive now, a lot more than $50.  The output of my old CAM's are still NTSC.  HDMI output will be a lot more expensive.

Sunday, December 25, 2011

Printing on custom paper size in Ubuntu Linux

I'm so surprised that you cannot do that, not when your child is born, not when he graduate high school.  Somebody is waiting for that for his grandson birth announcement.

Basically the software package will allow any paper size.  But the printer typically has a list of papers, but no custom.

I was looking for something that avoid killing any of my brain cells.  But actually I think that's unsolvable.  I made a compromise, looking for a simple offset that I can specify to align things to where I want them.  No luck.

So I decided to solve it once an for all.  The problem:

Typically, you can select a paper on the printer that is not the same as the size on your package that you really want - real.  Typically the printer will place the real paper in the middle of the printer paper.  But for the printing, the real paper is aligned with the upper left corner of the printer paper.  So there is an offset when the real paper is not aligned at the corner, but the middle.

You can set the paper margin on your package to offset this.  Assuming the printer paper is larger than your real paper.  And that your real paper can fed through the printer.

top margin  = desired top margin
bottom margin  length printer - length real + desired bottom margin
right margin = (width printer - width real) / 2 + desired right margin
left margin = (width printer - width real) / 2 + desired left margin

Since you know the dimensions of papers anyway so it's not too bad by using the calculator.  You may even be able to set the software by a macro or script.

Friday, December 16, 2011

Managing EBS in EC2 for Ubuntu Linux

EBS in EC2 means virtual hard drive.  You are given one to start with, which is attached to your instant to run things.  This is exactly the boot drive where your OS is.  The free tier gives you 10GB EBS for free, but the free micro instant comes with only 8GB, which doesn't add up.

Sooner or later you need more disk space (or less).   You can change the size of the boot disk but very inconvenient.  First you create a snapshot (copy) of the boot drive.  From the snapshot you create a volume (new drive), with bigger space.  Then you stop your instant (computer), remove the boot drive and connect the new one. But you still see exactly the same old drive, because it's up to your installed OS to change the partition.  In addition, you can perform a lot of operation only on an unmounted drive.  So you may need another instant (like CDROM drive for the install disk) to modify your boot disk.  If you modify the partitions you can easily brick the whole disk.  Also, when you are working on EC2, you don't normally have GUI.

It's much easier to create a virtual empty disk drive, and mount as any directory on the file system that you desire.

First, you create a new volume on the EC2 control panel, with the capacity you needed.  Then you just attach it to your instant, running or not.  For Linux, the control panel will give you a new device name by default, such as /dev/sdf .  If you specify sdb, the extra disk space will be mounted to /mnt later by default.

The job of visualization is completed.  You need to configure your hard drives via your computer, i.e., your instant.

You need to start your instant (if not running) and then connect to it with ssh.  Then you need to "format" the new hard drive.

First check if the drive is there:
#sudo fdisk -l

You will get errors because these commands are not compatible with the file system or something else on the drive.

To "format"
#sudo mkfs -t ext4 /dev/sdf
The device name should be the same you have chosen at the control panel.  If you have chosen sdb for the lastest Ubuntu, all you have to is reboot at the control panel.  The drive will be mounted at /mnt.  Then you can setup directory links to this space as desired.


For any other device name or any other mount directory, you need to edit /etc/fstab.  And add the line:
/dev/sdf       /your/directory    auto    defaults,nobootwait,noatime     0       0
You can see that sdb is there already, to be mounted to /mnt.

In your boot drive, you should also create an empty directory /your/directory.  Then when you reboot via control panel, this empty directory will be replaced by the disk space of the new device.

Thursday, November 24, 2011

What is out there smartphones update

I almost brought a smartphone from China.  But they don't have Black Friday.

The latest 4G phones are free.  iPhone 4S is not free, but it's not 4G either.

Basically the latest spec, very new across all the major carriers, are qHD phones with 960 x 5??, slight less pixels than iPhone's 960x640.  These Androids are pretty standard sized at less than 5" in height vs apple's 4.5".  The iPhone won't fit in any women's pocket anyway.  Bigger screen allows easier touch tying - keys are bigger!

8MP camera with 1080p HD video capture.  Front camera 640x480(?) VGA video conference.

Android 2.3 has multi-touch, while iPhone haven't.  Some brands announced that they will upgrade your phone to Android 4 pretty soon.

4G for AT&T is available in the form of LTE.  It's symbolic as at the moment as even 3.5G HSPA isn't that widely available.  For this reason the iPhone don't have LTE yet.  LTE should be the world standard following GSM/WCDMA.  But because of frequency fragmentation across the world, I doubt if the current LTE phones will work all over the world with it roll outs extensively throughout the world.

The mandatory entry level data plans are symbolic.  You can't do anything smart with that.  But the expensive plans more than offset by the free toys.  If you don't have a pocket sized 1080p camcorder yet, you save yourself another $100.  When the time comes to impress somebody with 4G speed, you can just run over the limit and pay extra for once.

Verizon and Sprint split on 4G.  Verison offers LTE while Sprint has WiMax.  Maybe the reason is that Sprint is on the PCS band while Verizon is on the traditional mobile band.

There are no generic qHD phones from China yet.  Data at best is HSPA (HSDPA, HSUPA).  And I doubt if the LTE phones they may offer at a later date will work well in both Europe and America.

Of course, you need a plan and a 2 year contract for the awesome free phones.  But I can tip you off with a small secret.  Third part credit checks are less dirty than carriers' own.  Carrier's share non-public blacklist database, while you know what is on your credit history.  So walking into a carrier's own wireless shop is the worst that you can do if your credit have problems.  Third party wireless shops are better.  Online check is best.  They have to be automatic and in the open.  So try Amazon wireless if you need to.

Sunday, November 20, 2011

The what is out there buying guide for smartphones

With multitouch gestures and swype, my faith in smartphones is restored.  I'll probably going to try one.

Tiny physical keyboards are out, so it's really iOS (iphone) vs Android.  I'm sorry to say that Apple is going in the way of the PC market.  Android has taken over, huge, but Apple will remain profitable, trend setter, and cute.

Screen

The first thing to look at is the screen resolution, not the size.  iPhone 4 and 4S has 960x640 pixels.   At 326 ppi (pixels/inch), Apple call it retina display.  If you are old enough, it should look like those light boxes for viewing films for slides.  Anyway, you should not be able to see pixels.

But density and resolution isn't that crucial.  It's image problem, yours.  You may not want to see all of a web page in a 3+ inch screen.  At that super density, it will be sharp but there's other coloring and lighting problems.  I won't and can't go into that but really it's your image problem.

iPhone 3 is worthless at 1/4 of the resolution and about 1/4 of the density.  There are plenty of Android devices at the same resolution and size - even cheaper.

There is the new Android phone, Galaxy Nexus, that has HD display 1280x720p.  The screen is slightly larger at 4+", but that's pretty standard in Android phones.  There are the odd one or two Android phones with screens slightly denser than the iPhone 4, but they don't really sell, and hard to find.

The most common Android phone has screen resolution 800x480, about 4"+.  It doesn't look that much compared to iPhone 4.  But imagine that the best netbook, like the MacAir, with it's screen height squeezed into less than 4 inches.  You need good justification to have a higher ppi screen, other than my phone is sharper and smaller than yours.

The screen has something to do with playing back HD videos.  Piping out the data via the Himi connection to the TV is easy.  Decoding, resizing and filtering to display on a smaller phone screen takes more processing power.  So expect jitters if you don't have HD screen, and a powerful processor.

Next criteria - carrier and network. 

You still want a phone right?  In US, the network is still split between AT&T and Verizon/Sprint, the same old GSM vs CDMA network.  Now that GSM becomes WCDMA/3G/UMTS, it would be rather confusing.

You can't go wrong with AT&T and it's resellers.  Phones will be compatible worldwide, and most phones are quad band, not limited to USA or rest of the world.  Either you have to get an expansive, unlock phone without contract, or you unlock the phone yourselves if possible.  In past experience, you can unlock your phone via your carrier after a few months, saying that you need to travel.

Data


Carriers find three different ways to charge you - voice, text, and data.  It is ridiculous as not so long ago, text is only popular in countries such as Czech, for younger people to save money on phone bills.  Now text cost more than voice, and voice is worthless.  You can have free text, via data, but you need a smartphone with apps to go with it.   Another justification for a smart phone.

Data speed is a major differentiator for networks.  Verizon/Sprint got there first and call it 4G.  The similar thing in AT&T is HSDPA for the rest of the world.  These are normally included other than the most basic data package.  However, unless you have a lot to upload and download in a rush, like HD video, 3G speed are decent.

High data speed is particularly relevant to WiFi tethering, where you use your phone as a WiFi router like you do at home, so all your WiFi capable devices can access the internet via your phone, anywhere where there is reception.  All smartphones have WiFi and most are tethering capable, thought some cheap carrier resellers hide it.  But the problem is that carriers charge an arm and a leg for it.

So I don't think data speed is relevant to average smartphone users.  3G speed is decent.  Download videos you made via the SD card.  And go to McDonalds if your computer need free WiFi.


iOS 5 vs Android 2.3

iOS is on the iphone 4S, not the 4, unless you hack it.  Latest Android on phones is 2.3, mostly come with 2.2.  Android 4 is only available on the latest Galaxy Nexus.  Android 4 unifies the tablet version with the smartphone version of Androids.

The killer app for iOS 5 is Siri, the voice assistance that allows you to do very sophisticated things, according to Apple.  Actually if you hack it, you can get it on iphone 4 too, and it's available to any OS soon, provided Apple don't crack down on it as in WiFi tethering.  I think for average smartphones, most will be satisfied with voice to text, saving you a lot of typing.

Android has multitouch, while still hidden in iOS 5.  I won't buy a smartphone without multitouch, the same that I won't get a portable without it.  Considering it's cheaper than apple, it's a no brainer.

Many Android has swype out of the box, or you can install it yourself free.  iPhone has it on app stores, but not as smooth and integrated.  There are similar things on the Android market place with varying degree of intelligence.  You can touch type without lifting your finger, by just sliding your finger on screen.

Android has better integration with Facebook, Twitter, and of course Google everything, if you like that sort of things.

Cam and Video

This are unrelated to playback on the screen.  Later phones has HD video capture at 720p.  The resolution is still less than 1 megapixels.  At CAM mode the resolution is usually a bit higher like 3mp to 7mp.  It's all about the len.  There's no point to use the phone as a SLR camera.  For HD video capture, it's worthwhile to get a cheap and small camcorder so you don't lost your expensive phone easily.

Most phones come with a decent len at the back, and many with an additional pinhole cam at the front for video conferencing, suitable on the go, with sufficient burring to compensate for the lack of makeup.

Plan

AT&T has the fashion accessory plan for the iPhone 4S, if you use the phone as fashion accessory only.  It's $40 plus mandatory $15 data plan for the 4S.  Text extra, if you don't know how to text via data.  With this plan, you can't do much for the data, and hence you can't be smart much.

In contrast, it's reseller, Simple Mobile, has the $40 unlimited everything plan, up to 3G speed, upgradeable to 4G.  It's BYO, bring your own phone.  For iPhone 4S without contract, it can be just under $700! 

Sprint reseller Virgin, has the $35 for unlimited data (4G?).  It's Android lineup is pretty update and cheap too.  But it's only for US and then some.


Recommendations

To maintain your international geek image without paying an arm and a leg, I recommend to get an Android direct from China, plus a Simple mobile plan.

Almost of the phones are made in China anyway.  It's sort of open source hardware plus open source software Android.  The display and chips are fairly standard.  The best ones, 800x480, are over $200.  It's International and 4G.

If you don't want that state of the art, $100 gets you a pretty smartphone and pretty display too.

Online marketplace sites like dhgate are ebay killers.  There are numerous scan artists like eBay in the beginning but there are good protections in place.  For standard electronics, you can get full refund if they don't ship you the numerous functions on the list.

Unlike eBay, they allows review too but people are't that talkative as in Amazon.  Don't like the idea that the Chinese mafia has your name and card number in their record?

Anyway, there are plenty of reliable merchants and the units they sold worldwide is staggering.

Other reasons you need a smartphone

GPS - smartphones use network information, internet, wi-fi, in additional to satellites to provide accurate information fast.  Some have turn to turn instructions and for me, a google map anywhere in the world is super for me.

Free text, free phone call via internet.  But you pay the data package.  A device good for HD porn will do your stuff justice.

Show your merchandise and portfolio any time.  I still remember a non-story about a traveling sale person showing his next seat passenger in his brief case, electrical extension sockets with extension wire.  Is that really still necessary?

A pair for grandma's and grand kids?  It's so easy and so cheap with video, apart from the plans.

Tuesday, November 8, 2011

Ubuntu 11.10 Oneiric shared network printing

Shared printers over the network used to be so simple in Linux, as long as your printer is connected to any computer.  Even Windows is doing quite well.

Not anymore.  In Oneiric, you can't set the printer via the system settings any more.  You have to go through your own internet.  Browse to http://localhost:631, the standard CUPS interface.

And then what?  Who cares?  Can I print now?

First go to your server, the computer to which the printer is connected.  Check the printer tab if you see your printer.  Then go to the admin tab to enable most if not everything on the server list.

Then go to, say, your netbook.  Browse to the same interface.  Check the printer appears in the printer tab.  Then you also have to enable most if not everything on the server list, while your netbook is obviously the client.

If I know that I would have pay a few dollars more for a wireless printer.

Saturday, October 29, 2011

Reinstalled Ubuntu 11.10 Oneiric 3rd time

It was killing me for the AO722 as I have to do extra things each time.

First, the wired vs wireless conflict.  Since the 2nd time, it wasn't a fresh install and the USB OS starts to be "intelligent".  So much so that I can't even boot without an Ethernet cable connected.  All the known methods do not work.  Actually it can't even run on the USB drive, but can re-install itself on the hard drive.

For the resolution, recall that you need to blacklist atl1c in /etc/modprobe.d/blacklist.conf.  Then you need to
#rmmod atl1c
#update-initramfs -u

Without update, the kernel will always load the atl1c it remembered. 

Then disable the beep by alsamixer.  Find the conexant sound card by F5.  Actually muting the beep doesn't even work.  You have to turn the beep volume down to zero.

The 1st reinstall, it was because of Unity / Compiz.  The system menu bar disappeared and unity won't come out.  I can't launch anything.  I spent a few times more than the time taken to reinstall.  It wasn't that I mess up the settings.  I didn't even do anything.  I'm certain that many things that go wrong may lead to the self disabling of unity.  It may not even be hardware or desktop GUI related.

It was because all users are affected, while settings to unity and compiz are individualized.  Sometimes a crippled unity2D may work.  But you don't really want to keep that for long.  You can always launch something via terminal - ctrl-alt-t, or bring up an independent terminal session - ctrl-alt-F1.

The 2nd reinstall was due to messing up Grub, the boot loader.  All I wanted to do was to set the delay to 2 or 3 second before I can determine which OS to boot.  Basically you have nothing to do that.  All the docs are confusing as the new install will be Grub2, while if you have an old install, you will have Grub legacy.  The recommended startup manager don't work for Grub 2.  There is the Grub-customizer that can do it but it wasn't in a trusted repository.

I could have triggered a downgrade to Grub1, or I did that accidentally, or I never have Grub1.  I tried to reinstall Grub2, but probably on the wrong partition as root.  I have at least 7 partitions.  3 comes with windows. 1 linux swap.  1 for the OS.  1 for users.  1 unused, to grow at demand.  Once that was the crippled OS with users file for temporary backup.  I ended up with the Grub> prompt at boot.  It is easier to reinstall than looking up the command documentary.

Even with Grub working, there was a lot of blank screens in between the so called splash screens - giving some feedback for the users that the OS is loading.  It takes oneiric 30 secs to get to the login screen (only a few more seconds for Windows 7).  There is 5 sec of blank screen after the bios screen, and after the Grub screen, the rest of time will be mostly blank, until the brief splash screen at the end.  That would be really bad.  My wife thinks it was dead.

When I accidentally have grub legacy installed, there is always a text message telling you that it's booting.

The grub-customizer can add you own image to replace the blank screen.  But without animations you would think that the machine is hanged.

Its really a good idea to make a separate partition for the users, so you just overwrite the OS without copying the user files around.

First, don't encrypt your home directories or any partition containing them.  Because all the user config files will be encrypted.  You can't even reconfigure for them as the superuser.

The idea is simple.  Install gparted to resize, create the partitions.  You need one for root, the OS, and one for /home, which contains all the users.  You have to run Ubuntu on the USB for example, as the partitions must be unmounted in order to modify them.  You cannot unmount the OS, root partition.  You just need to mount the new partition using disk utilities and copy over the old user files to the user partition.

If you are keeping the current OS, you need to remove all the old user files on /home, and make empty dummy user directory in it.  You have to modify /etc/fstab and add the user partition to be mounted at /home.  When you reboot everything will be the same as before, except the users will be on a different partition.

When you reinstall the OS, it's simpler.  The live USB Ubuntu have all the options if you choose the custom option.  You will be asked which partition for root and which one for /home etc.

Sometimes the old users will not be recognized or have errors.  Sometimes it's due to file ownership.  If all else fails, rename the user directory.  Delete the user.  Add the same user.  Copy over the user files to the same place.  Without a separate partition, you or the installer may accidentally erase everything.  And for a clean install, you want to erase the old configurations on the OS.

There is something wrong over at Ubuntu.  It looks very nice and good for a fresh install.  All the geeky things are hidden or not even bundled.  You may win some but if anything happens, nobody will be able to help.  You don't throw the 1% existing users under the bus go get a few new recruits.  The forums are not working.  You have ubuntu forums and then ask ubuntu.  Most of info are outdated.

Whenever you make a decision, you should consider the CIA interrogation manual, classified or unclassified.  One main technique is confusion.  Ubuntu is good at it now.  You will pay whatever price for constant confusion to go away - buy a powerful notebook and pay up for the windows anti-virus scams, or buy a more expensive apple.

And then there is the physical abuse that don't register.  In the ubuntu forums you can't search for more than once every few sec.  In ask ubuntu many proxy servers or potential servers are banned.

And then there is the non-violence abuse.  Posting a link to point to somewhere else is both abuse and confusion.  May be really 1% should be using Ubuntu, but if there is no increase for long, there will not be a Ubuntu.  On the other hand, throwing everything old under the bus will be a disaster.  But if you don't develop something cool, there won't be developers left. 

So, when in doubt of where to go, what to do next, consult the CIA manual.

Tuesday, October 25, 2011

Disable AC adaptor beep in portables in Ubuntu 11.10

This is the answer to the million dollar question: disable the AC adapter / power cord beep in Acer Aspire One AO722 netbook in Ubuntu 11.10.

It is easy in Windows and perhaps earlier versions of Ubuntu.

In U11.10, you need the command line.  First bring up the terminal, e.g., use ctrl-alt-t.

Then use the utility
#alsamixer

For portables there are no separate system speakers for the system beep, therefore the desktop methods won't work.  For some portables, there are two devices, one for the digital HDMI and one for the analog speaker and headphones.  You have to pick the correct one for the volume settings.

For the AO722, use F6 to pick the conexant sound card, rather than the first HDMI sound card.

Then use the arrow keys to get to the beep column.  Type m to toggle the muting status.

The heart attack beep will be off when the power cord is attached or removed.  But the beep is not altogether muted.  The beep volume seemed to be coupled to the master volume or the alert volume.  

Friday, October 21, 2011

Installing Ubuntu 11.10 on Acer netbook AO722

Update: Ubuntu 14.04

Yeah, it has been a while. I didn't know when the wifi stopped working. But the kernel has long solved the Qualcomm (ethernet driver) vs Broadcom (wifi driver) conflict. I think Ubuntu even used and loaded a different driver. You don't need to do anything, just to undo the changes like I made. There's no need for blacklisting. You must not blacklist those drivers listed below. Delete the preferred driver version if you did that, not that it may matter. You don't need to do net boot first, just boot normally into harddisk or usb. I didn't change driver nor it's version because I think they use another one now.

Other than using the method to silence the annoying the speaker, you can also blacklist the speaker instead.

I tried the different video drivers again via system settings, software updates. All are about the same. 1080 HD on youtube is watchable. 1080 HD on local drive is watchable, but sound will be lost after a sec or two because sync cannot be maintained. FHD video seems to be in slow motion but watchable. But for lower bitrate 1080p videos, it could play normally except for wrong lip sync, such as animated movies. There's no suspend issues. It's a pity that the screen is better than the cheap acer chromebooks but they are much faster and play HD without a flinch.

 Update: wifi problems in 12.04

Firstly, the new broadcom wifi driver doesn't work.  You need to remove and reinstall the old version.


#sudo apt-get remove bcmwl-kernel-source
#sudo apt-get install bcmwl-kernel-source=5.100.82.38+bdcom-0ubuntu6
 
Then you need to stop the auto update:

#gksu gedit /etc/apt/preferences.d/bcmwl-kernel-source
 
and paste in the following lines to the file:
 
Package: bcmwl-kernel-source
Pin: version 5.100.82.38+bdcom*
Pin-Priority: 1001 


Now for the AO722, you need to resolve the driver conflict with the Ethernet controller.  This method disable the Ethernet wired connection!

#gksu gedit /etc/modprobe.d/blacklist.conf

and add the following lines at the end of the file:

#ethernet
atl1c
#incompatible wireles, just in case
bcma
brcmsmac
#video, for an unrelated problem
fglrx

Then you update the kernel before reboot.

#update-initramfs -u

If for any reason you need the Ethernet again, comment out atl1c in the above file, update kernel and reboot.

End of update
_____________________________________________________________________

The AO722 came with full Windows 7 64-bit, clumsy IE, loaded with advertising demos.  It would be a great performance upgrade to switch to Ubuntu.

But you won't be able to watch Netflix.  And because of open source video driver or flash plug-in, 720p HD on youtube will be stuttering. 

I suggest to install via a USB flash drive.  It will also be the "recovery disk" when all else fails.  The alternative is to boot up Windows and install something to read the Linux disk formats.

For a fail safe install, plug in the Ethernet cable to your wireless router.  At least get a cable ready.  The wired driver has conflicts with the wireless Broadcom driver!

When installation is completed, the OS will suggest proprietary wireless and video drivers to install, as opposed to the bundled open source drive.  Don't.

The proprietary video driver will freeze after suspend.  It will not wake up.  So don't do it.  The default drivers are OK.  But either the driver or the flash plug-in isn't good enough.  You cannot not play 720p HD on youtube smoothly.  Playing local files or over the local network is OK, but I haven't tried HD and other codecs.

Other than that, the screen flickers a little during boot.

If the wireless driver works, connect automatically and ask you the encryption password, savour it.  Once it is working, it will not work again once you reboot it.  It will then be conflicting with the Ethernet driver.

There is no other way out but to disable the Ethernet driver.  Add the line:

blacklist atl1c

in the file /etc/modprobe.d/blacklist.conf.  Then run:
#update-initramfs -u

And remember to sudo.  If you don't update, rebooting do not update for you.  You can check with lsmod.

You can check by lsmod first.  If you see atl1c and wl in the output, you are most likely using the conflicting drivers.  They are the latest drivers.

A common fix is to change the boot order to network before the system disk drive.  This will give time for the Ethernet driver to settle before the wireless one.  But if you switch user after boot, the same thing will occur because the networking settings are per user.

If your wireless doesn't work, or you play around with the drivers until it doesn't work, it's expected.  You look around the blacklist files and you will understand.

The descriptions at Broadcom are good, but some instructions do not make sense.  On top of the network drivers' conflict, your wireless probably will fail changing from 11.04 to 11.10, not because of the AO722.

First check what you have by
#lshw -C network
You can see the Broadcom BM4313 hardware, and at the driver entry, wl.  If you see anything else, you need to reinstall the drivers.

Then you need to see if the kernel driver is compatible:
#lsmod

You should see wl in the list.  Typically, the driver will be selected for you during OS install, and will be affected by the old configurations.  Typically you have to remove the bcma driver and blacklist it as above:
#rmmod bcma

The other older drivers are already blacklisted.

If there are troubles and you need to reinstall the drivers, you should install synaptic package manager first.  You can search in the Ubuntu software center.  You can also find the drivers in the Ubuntu software center.  The problem is that after I installed it, it worked, and then I can't find the driver again in the center.  Also it don't show the version numbers.

In the package manager, you search for Broadcom or bcm.  What you need are two drivers:
bcmwl-kernel-source
broadcom-STA-source

You need to reboot and may need to reinstall them to get the right drivers.

Broadcom just updated their Linux wireless driver page.  But I think the drivers at Ubuntu depository are almost update.  But if you compile the updated Broadcom drivers on you own, you may solve the network interface conflicts.

But why you want this netbook?  It fits in the glove box of my vintage.  It don't cost that much if you shake it too much into disintegration.  It's a fully functional computer with full 64 bit OS.  At 11.6", the screen resolution of 13xx by 7xx is "bigger" than an old 17" desktop monitor.  So it looks really nice if you care to sit close to it, like in the car.  And you should be pleasant to read books too, and hold it like an open book if you sort out the center of gravity.  It's exactly the size of a letter paper.  It's so sexy that chicks finger me.  Not exactly.  They finger the screen as if it is an iPad, tablet, iPhone, or just point of sale check out machine.

 UPDATES: upgrading kernel is a big hassle as usual.  The non-compatible wireless driver came back which didn't work.  I have to bring back the ethernet driver and the cable.  Reinstall the working driver, and then blacklist the ethernet driver.  Also, tried if the propriety driver works for new kernel.  No.  Reinstall.

So my new blacklist comes to:
#wireless
bcma
brcmsmac
#ethernet
atl1c
#video, just in case
fglrx

Remember to update before reboot.

For the correct driver to install, you can just search for them in Ubuntu software center
For video:  xserver-xorg-video-radeon
For wireless:  bcmwl-kernel-source

Via lsmod, the drivers are radeon, wl.  You also have to remove the other wrong drivers first.  The order is totally important.

Sunday, October 16, 2011

Ubuntu 11.10 upgrade - almost a nightmare

The other day a prompt popped-up, saying that Ubntu 11.10 is ready.   I just pressed the button for the upgrade, thinking it was as simple as the software updates every few days.  I never had any problems since the last Ubuntu upgrade.

It happened that whatever problems others have, I also have them, and then some.

Maybe because of my non-standard (sophisicated I would say) setup, like all the partial encryptions, encrypted swap space, etc, reboot failed.  I started the recovery mode.  I got in, but what do I do?!

I tried to look at the boot log, no clue.  And before that, the boot loader complained that all my NTFS (Windows) drives have fatal errors.  That was real scary.

I tried to remove the last application that appeared at the boot log out of desperation.  Then the first error message came out - that the software package manager wasn't in a proper state.  I ran the suggested command and it was fixed.  My computer manager to crash the software package manger at half the upgrade.

But that was fixed after wasting a lot of clueless time, swapping between the recovery mode, and normal mode a few times, and using the desktop to search for answers on the web.

Now the NTFS drives.  Who haven't got one or two partitions?  It's not safe to get rid of Windows altogether.  I still can't see the ink levels on my printer.

It happened that they took out the fix NTFS utility from the system bundle.  The system cannot find the programs to check and fix the NTFS drives, causing a fatal error.  It is a valid philosophy, but stupid.

NTFS support is still there.  You can mount the drive and read the data as before.  Just that you cannot fix the hard disk errors.  For that you have to download the newer optional NTFS package.  But actually it is there and installed.  But for some reason they call it another name, being new and different.  You can also "fix" the disk errors from other utilities like the Disk Utilities.

I think the reason for the change is that the fix disk utilities is not as good as the Windows one.  I fixed it on Ubuntu.  But when I check it on Windows, it still got plenty of errors.

The proper solution is to edit the /etc/fstab file.  For the NTFS disks, change the last 1 to 0, telling the system not to try checking and fixing them, using a package that didn't exist.

This is fixed after booting and fixing all the drives in Ubuntu and Linux, which is a waste of time.  Like testing and fixing memory first, you should check and fix all your drives first, in Windows for NTFS, and others in Ubuntu, before you do major upgrade.

And of course you should backup your home directory first.

After successful booting, of course the default desktop environment is the new unity interface.  The saving grace is that it's compatible with the classic Ubuntu gnome desktop, once again.  The ridiculous fact is that 11.04 was not compatible with the earlier gnome desktop.

After I played around a bit, and maybe after some coding errors, unity disappeared.  Everything seemed to be working.  But I don't have the Unity to launch anything, and no system bar at the top.  All I got is the bar for the "file explorer".

It happened that the desktop or whatever is called Compiz, and Unity is a plug-in.  Somehow Unity is disappeared and you are left with a useless desktop, unless you have some application links on the desktop.

To reset to the default state of Compiz and Unity you need to do the following:

#gconftool-2 --recursive-unset /apps/compiz-1
#unity --reset

The tricky bit is that you can't start a terminal or anything.  In recovery mode you also have to login as a normal user as the desktop settings is user specific.  You can also try alt-ctrl-F1 that sort of thing to get a terminal to launch the commands.

Alt-ctrl-F1 gets you to the raw linux mode, without any GUI.  It's like the recovery mode but with everything else normal, except the GUI.  Alt-ctrl-t is the default  hot key for bringing up a terminal.

Finally, after the hens and eggs problems, it worked.  And now I can move to the new Unity because it beats Windows 7.

But I'm afraid there are problems at Ubuntu.  Wrong philosophy?  Many heads in all directions?  Heading for the wrong path?  These will be next.

ps It is recommended to install the Compiz settings manager but I advice against it until you sort out all your other troubles.  It sets many other things so you can't go back to default even after you completely removes Compiz and reinstall.

Friday, September 23, 2011

Modify encrypted swap partition in Ubuntu

If you want to resize, merge, split, move your partitions, you may have to modify your encrypted partition too.

If you haven't got it, install GParted to view and manage your partitions.

Before you do anything serious, make a rescue disk in a USB thumb flash drive, and make sure that your computer can boot from it, and you know how to.  In Ubuntu a rescue/recover disk is actually a full sized Ubuntu operating system on trial.  You can use it straight from the flash drive, or install Ubuntu into your hard drive for a dual boot or pure Ubuntu system.  Just don't do that and keep using it directly from flash drive.

The latest Ubuntu have GParted installed, and make sure that your thumb drive have it.

I hate to say that you should back up you data before you modify your partitions.  But that's not very practical for most, unless you have a new bigger hard drive, or a huge external drive.  GParted is pretty safe and I lived to tell you the story.

If you didn't setup your swap, I didn't, you may find where it is in the file /etc/fstab.  You will find a line with the word swap.  For a swap partition it will be at /dev/sda2 etc, but identified with the partition's UUID, a global unique code.  For a swap file, it will be typically be at /swapfile.

The size of the swap file or partition will be about one to two times your system RAM.  If you have ample RAM and disk space, the recommended size is equal to your RAM.  But the old school of twice the RAM size doesn't matter.  Now disks are half to one Terrible lot of Bytes.

Especially if you encrypted your swap file, you cannot be sure that it's functional because in GPart it show up as an unknown partition and unmounted.  Don't let it fool you.

First you turn off swap:

#swapoff /dev/sda2

for swap partition or if you have a swap file

#swapoff /swapfile

Edit the /etc/fstab file:

#sudo gedit /etc/fstab

and comment out the swap file entry.  If your swap isn't encrypted, now it would be a normal partition (if you reboot) and you can do anything about it with GPart for example.  You can delete it or your swap file.

If your swap is encrypted, you will not be able to boot again.  You have to remove the mapper.  You can see at /dev/mapper what the mapped partition is, eg, cryptswap1. To remove it:

#dmsetup remove cryptswap1

Without it, you OS cannot boot even in recovery mode, as the mapper is looking for the swap partition that do not exist or defunctional one way or the other.

To setup the swap partition again.  Create a partition in GPart if you don't have one already.  Keep it unmounted.  Format it to linux-swap.

In /etc/fstab, uncomment the old swap partition line.  Instead of the UUID, you can just use the device name, /dev/sda2 for example.

You may be able to do

#swapon /dev/sda2

But if you reboot you will sure have the swap partition active.

Now you can use the ecryptfs utility to encrypt the swap file again.  You can see your swap at /dev/mapper and the corresponding line added at /etc/fstab.

Remember to comment out the line for the previous swap partition in /etc/fstab.  The ecryptfs utility does not do it for your.

You can use the system monitor to see how much and how often your swap partition is used.

Wednesday, August 24, 2011

Ubuntu startup disk on USB flash drive refuse to boot

I have created a startup disk on USB thumb drive for an ancient desktop.  I never tried to boot it up.  Nowadays, basically it's a full copy of virgin OS on flash drive.  For this reason you shouldn't bother with Windows recovery.  Have Ubuntu dual boot and you can read and write your drives no matter what.  A flash drive is extra protection when both boot fails.  A 2 GB drive is too cheap for the postage.  If you have Frys or Micro Centers, you can pick it up dirt cheap.  

For strange reasons the flash drive wouldn't boot.  I searched the Web.  All the problems and solutions are not relevant to me.  There's only one person saying that must be memory.  Of course, but memory errors are the most spectacular.  I'm not having anything spectacular.  As a last resort I tested my memory using the memtest that comes with Ubuntu.

It wasn't surprising that I have at least a memory error.  I think I spotted errors long ago.  I don't believe it because it passed the BIOS tests, and Windows and Ubuntu boots well. 

For no good reason I swapped the memory banks.  It was scary as the motherboard refuse to boot again.  It boots if I swap them back.  So the simple memory tests test only some of the bytes, not all the bytes.

So I went to Micro Center to pick up some cheap memory.  Memtest shows no error and everything boots, including the USB flash drive.  Amen.

The life time guarantee on the memory is basically useless.  By the time good memory fail, it will be obsolete, if not, dirt cheap.  If you are still using your obsolete system, for memory you cannot wait for the return authorization and wait for them to sent you the memory.  And if you bother to pull out the memory, it's worth while to upgrade to bigger memories.

There comes a time when obsolete parts cost more than new parts, for the hard to find factor.  Basically this is driving you to give up your obsolete system and upgrade.

Epson scanner warmup problem in Linux

Today I reached the holy grail, the ancient motherboard and ancient Epson scanner is working under Ubuntu, the last device that refuse to work.

With the kernel upgrade, the know problem of my most ancient motherboard is gone all of a sudden.  The motherboard temperatures can be detected and I can use it to run something hot, rather than sitting pretty.

My ancient Epson USB scanner always work under Windows.  But my other things wouldn't work nicely in the ancient mother boards.

Firstly, in Ubuntu, you need the sane package installed for scanners.  Try type the command xsane.  If you don't have it installed, follow the instructions to install it or just fire up the package manager.  The sane package will be chain installed in order to get the GUI front-end working.

Type the command

#scanimage -L

to check if your scanner is recognized.   For some Epson scanners, you can see the name of the so called backend, some sort of driver - plustek.

My scanner is recognized, responded, but hanged after scan started with no messages.

Ignore what Epson have to say and their recommendation of drivers for Linux.  It is way too out dated.

Go to /etc/sane.d

Edit plustek.conf file (sudo)

Change
option warmup -1
to
option warmup 60

Then my scanner works.  If they still don't, edit all the epson*.conf files.  Comment out the scsi lines.

Fire up your scanner with xsane and be patient.

Tuesday, August 23, 2011

What is WiiXplorer?

You don't really have a clue after reading the long list of features.  But it is a must have.

It can be installed directly via the Homebrew Browser (an app on Homebrew channel).  So you don't need to do anything like touching the SD card.  I installed it after I installed USB Loader.  It works without a hitch.  I suppose it will work without the USB Loader.  I have everything compatible to Wii 4.3.

Now that you need the USB drive to be at the Wii to backup all the games, you don't want to move the drive upstairs and downstairs to the PC and the Wii.  Two separate drives aren't necessary better even if you have the money.  You need something to connect your PC to the USB drive at the Wii.

The Wii is a pretty good SDHC card reader (and writer).  You can watch your pictures and videos right on the big screen after a trip.  If you can copy the card to your PC, you don't need a separate card reader.

The WiiXplorer is basically a GUI file manager, like that of any other OS.  It's behavior like Windows Explorers and nautilus(?) in Ubuntu.  Basically that's the tasks you do daily the most, copy, move, delete, rename files and folders.

The multi device means the SD card drive, USB drive, and SMB share on the PC over WiFi is supported.  It should also support USB flash drive, but I didn't tried.

There is an icon at the top left hand corner to show what device is being displayed.  If you click on it, there's choice of SD, USB, and SMB etc.

The USB drive connected to the Wii is NTFS formatted (Windows).  My desktop is of course ext (Linux), but wrapped up with SMB.

It's the same SMB setup as mplayer-ce.  But you can do it via the GUI when you run WiiXplorer.  Remember to uncheck readonly at the PC end if you want to be able to write back to the PC drives.


So you can copy/move files from any device to any device.  And you can sit at the Wii and do everything with the Wiimote, without going to your PC, as long as it is on for the SMB server.

If you download something to the PC into the SMB share folder, you can move it to any storage on the Wii.  You can also move anything on the Wii storages into your PC.  With this thing, you never need to go up and down stairs to install something.

But moving files over WiFi is pretty slow if you have 4GB of data.  The speed is about 500 MB/s.  You need 2000 sec to move 1GB of data.  It's not too bad.  If you want it immediately, you can carry the USB drive around, the speed is at least 20MB/s at the lower end.  Otherwise you can start moving something when you are not using the Wii for an hour or two.

If you setup the Wii as an ftp server, you can sit at the computer and do everything too.

WiiXplorer also launch installed Homebrew applications according the file type.  But it didn't work for me.  If the image display works, then it's a compliment to mplayer-ce.

Usng WiiXplorer is obvious, except that the right click on a file is achieved via the + button.  You use this button to bring up the copy-paste menu.

Wii media center limitations

Last time we talked about streaming movies to the Wii directly from your computer, via wifi connection.

The Wii is not HD yet, and the connections are standard RCA jacks.  You can have adapters for your PC or HDTV for cheap, but the resolution is limited to about DVD resolution of 480p, that of the Wii output.

The mplayer-ce can play almost any formats in any resolutions, but the Wii isn't fast enough for playing HD stuff.  Down conversion from HD to SD is pretty intensive processing, decode HD stuff and then recode.  You have to do it in your PC first.  The processing takes roughly the same order of time as the movie play time, depending on your CPU.

Setting up Wii as a mega game center

Instead of swapping DVD games, you can put them all on a USB drive.  That's mega.  You can also "exchange games" via the Internet this way.

The problem for the Wii is the versions.  Software modifications are very specific to the firmware version of Wii.  Since these softmods aren't updated that often, you may be using out of date instructions.  There's still a possibility of bricking the wii.

The other problems are trolling.  You never know what the purposes of some instructions, and the mentality of some writers.

Let me tell you a story.  I overheard a kid said to his father, "You said we will go to the game shop again to get a new game.  That was last January."  So the kid probably got the Wii for Christmas or Thanks Giving, at the sales or not.  Then he got a game probably the next year at New Year sales.  Then no more games for another year, probably.  So, for whatever reasons, please minimize the trolling.

So if your Wii is virgin, update to 4.3U/E/J.   U for US, E for Europe, J for Japan etc.  You can do everything in 4.3.  If you already have homebrew something in your Wii, I don't think updating will brick it.  But you will have to install homebres all over again.  For this reason, you want to disable automatic updating once you complete installing everyting homebrew for 4.3.

First the trusted instructions are here at GAF, pretty good, very detailed but not too specific.  The order of installation is:

Wii 4.3
Homebrew
IOS236
d2x
Configurable USB Loader

Homebrew is simply a simple way to run other applications and installers.  Almost all softmods are IOS, modifying the I/O system of the Wii, say, instead of reading the DVD drive, read from the USB instead.  d2x handles with some ways that games uses I/O.  The USB Loader manages the games and play them.

Firstly, about the security.  These installers load a lot of things directly from websites and Nintendo.  So you have to trust them.  If you have internet filters for your kids, typically these ware sites and even game sites are blocked by default.  Then you MAY have to turn your firewall off to your Wii, and only your Wii.  You can do it easily on your Wifi router by setting the DMZ option on your Wii - demilitarize zone, meaning no protection.

After installing everything, you should set the firewall to normal.  The homebrew software will still download from the web, but this is normally allowed.  There is no guarantee what is in your softmods.  For example, the easiest method to install Homebrew is to use the letterbomb method, without actually buying an old game.  But your IP and the MAC of your Wii is given away.

If you If the installation complains that it cannot download a file, search for the file directly on the internet, download it, and put it in the right place on the SD card as directed.  This probably won't happen if your Wii is unprotected from the Internet.  The installers actually check hash signatures, so you probably won't download the wrong files into your wii.

Before you do anything, it's best to go to Homebrew channel, get to BootMii by the Home button.  Then save 512 mb of NAND memory onto the SD card.  In BootMii, the wiimote won't work, use the Wii power button as next, and the reset button as select.  If anything goes wrong, you can load the NAND back to the Wii and all your installations are nulled.

After installing IOS236, you should get the hell out without any further steps, step 2.  To get out of step 2, you push the 2 button, confusing, isn't it?  Otherwise you need to insert a real game, start it, and install IOS236 again.

Something is missing in the USB Loader instructions.  I don't know what the hell he is talking about.  Just download the v69 version directly.  It works as instructed.

I advise using NTFS for file format, which is the usual format that comes with USB drives, which is used in Windows, Linux compatible.  You have to add two lines to the config.txt file.  Then you don't need to add another FAT32 petition.  Just remember that in NTFS, filenames are case sensitive, while the old FAT are not.

The important thing is that, USB Loader (and a few others with similar names) put everything on the folder wbfs at root of your USB drive (single or multiple partitions).  Otherwise the loader won't see them.

You can only plug the USB drive into USB1 socket, the one near the bottom or near the edge.

The loader will backup your DVD game to the USB drive via the + button.  It takes a while for all 4 Gb of data.  The filename will be GAMEID.iso inside the wbfs folder (or a few other alternatives).

If you somehow get DVD image files .iso files, you must lookup the correct GAMEID from the internet such as http://wiitdb.com/.  Rename your file to GAMEID.iso and put it right under the wbfs folder.  Or else the loader won't see the game.

If you play the same games often, you can use the SDHC cards too.  You need an 8 GB for one game, and a 16 GB card for 3 games.  USB flash drive should work.  You don't even need a card reader for your PC.  But with the USB socket at the back of the Wii, I find it not that convenient.

I have a very old SD card (up to 2 GB), but I never come across the need to use it in installing all the homebrew software.  All SD cards are now SDHC.  Anything other than the biggest capacity you can get it on the net for cheap.  So cheap that the postage is significant.  You can pick these things up like trash in shops such as Fry's and Micro Center, if you are lucky to live near one.

The best format for external HDD is NTFS.  HDD is also the cheapest, but some adaptors of old internal hard drives don't work.  As for the games, you simply download the .iso DVD image file and put it under the wbfs folder.  Some are compressed into .rar for example after "scrubbing".  You extract back the .iso file after download. 

The USB loader can also read .wbfs files.  But the HDD should also be formated as wbfs.  If your HDD format is NTFS and you download a .wbfs file into the wbfs folder, it will play, but the USB loader will ruin your whole HDD.  You don't discover it until the whole disk of data is corrupted.  I have unrecoverable errors probably due to a combination of back sectors.  Even after complete reformatting, the HDD isn't "clean" as reported.  So I reserve 100 GB for games in one partition.  The others disk space I can safely create a clean partition and use it for backups.

Sync your folder in the cloud with your local drive

For backups, you sync your local folder to some servers in the cloud.  Since only the updated files are copied, you can run the command via cron automatically, daily or hourly.  You can do the same to encrypted files if you use ecryptfs.

For bittorrent downloads into the cloud, you can automatically sync the downloads to your local drive.  With automatic sync, it's as good as downloading directly, without the hazzle of starting bt client on your computer.  But the bandwidth usage increases by 50%, because the files got transferred out of the cloud twice, one for seeding and one to your computer.

The easiest way is using Ubuntu in EC2 and locally, which I am.  First to copy a file or whole folder, from EC2 to hard drive.  Assume you have a folder called downloads in EC2, and your default username there is ubuntu.

scp -i /home/yourusername/yourkeyfile.pem ubuntu@ec2-70-19-168-131.compute-1.amazonaws.com:downloads/foldername /home/yourusername/downloads

The advantage is that there is a counter for the percentage completion.  You can custom the filenames and folder names.

If you sync the files, a single command is all you ever need, and you can put it into cron and forget about it.

rsync -e "ssh -i /home/yourusername/yourkey.pem" -av --exclude '*.part' ubuntu@ec2-33-55-444-222.compute-1.amazonaws.com:downloads ~

For bittorrents, you exclude the partial downloads and never waste bandwidth.  The disadvantage is that the command is completely slient.  You have no way of knowing the progress unless using other means such the system network monitor.  Also the partial file is hidden somewhere, so you cannot take a peep first.

Wednesday, August 17, 2011

USB Flash drive shrinks in capacity due to hidden bad trash

In Ubuntu, each drive has a hidden trash bin, just like in Windows.  But in Ubt, "undelete" is integrated.  This works for native Linux file system formats ext?, and old Windows FAT32, but somehow don't work for new Windows NTFS with multiple partitions.

Users see a single trash bin accessible via the status bar.  When a drive is mounted, it's trash appears in the central trash bin.  A flash drive is automatically mounted when it's inserted.

In the desktop GUI, Gnome, you cannot delete a file, but only move it to the trash.  So you don't recover disk space when you remove files on the flash file.  You have to empty the trash.

For some reasons, probably pulling out the flash drive without unmounting it first, and didn't empty the trash first, the trash can information got corrupted.  Say the trash can cannot be emptied.

First, you have to become superuser to force delete files in trash can.  You need to bring up the file explorer or file browser in Linux:

#gksu nautilus



From there you browse the the flash drive, show hidden files via options.  Then you have sufficient privilege to delete files in the Trash can.

Settings up Wii as your wireless media center and free game center

Why Wii?  Because it's easy, parents can do it.

Why Wii?  The HD version will only be launched in 2012.  But you can see how popular Netfix streaming is, while most of the library are DVD's.

Why Wii?  Sometimes you don't want to go to the center of the living room and watch the main TV.  You don't want to sit in front of the desktop too often either.  Sitting in front of a notebook is worse.  Kids like their own quiet corners sometimes.  I like my own space too sometimes.  If you haven't throw away all your obsolete TV's, they are pretty good for Wii.  Or you can pick up a decent monitor for pennies in the dollar on a garage sale.  You can go to the garage with a Wii, and connect that to a TV that you didn't bother to throw away yet.

Why Wii?  The Wiimote is something, though other consoles have been catching up.  You can control the usual complicated media player maneuvers with your left hand. 5 year old kids surf channels and movies like a pro.

Homebrew is a generic term for all the alternative software for game consoles.  For Wii there is the wiibrew.org.  This site is not one of those who try to sell you something when it's free.

First you need to setup the Homebrew channel.  Even wiibrew.org is not up to date.  For all their methods, you need to buy a real game DVD, start playing at least once, save the game on SDHC card.  Then you replace the saved games files with the hacked files.

The best is the Letterbomb method at http://please.hackmii.com/.  There are videos and tutorials to help you. http://www.youtube.com/watch?v=YYDM3D5grp0  To get your Wii MAC, go to the Wii setup menu, at the Internet options.  After all that is done, you go to the Wii calendar.  You can find the email on Today or on Yesterday.  You can see the letter with a bomb icon.  You click on it and begin to install.  You install Homebrew Channel, and I suggest also bootmii for many other things.

The site didn't work for my secure Linux and secure Firefox.  You may use IE or the bundled cut down browser on Ubuntu.

The current System Menu Version of the Wii is 4.3 (U for US, E for Europe etc).  You should update your system to 4.3, otherwise earlier systems don't even support USB2.0.  Though if you or someone have installed some hacks before, they will be deleted during System Menu update.

The Wii treats storage devices differently.  The most likely to work storage is the early SC, up to 2GB.  Next best is SDHC, and it works on my Wii.  Then it's USB drive or flash drive.  I use SDHC throughout without problems.

The next one to install is Homebrew browser, from whom you can download other games and software via wifi.  wiibrew.org has a page on it.

The Wiimote is something, though other consoles also have it.  With it, a simple painting game becomes a multilayer strategy game, and they are like having fun painting on the wall instead of on paper.

For the media center bit, you should install mplayer-ce via Homebrew.  WiiMC is better but it didn't work for me.  Mplayer-ce plays at least .mp4, .avi (xvid) and .mov files.  It plays all of them on SDHC cards.  It doesn't play .mov files on USB flash drive.  It only plays .avi files on my desktop via file sharing with SMB.  It doesn't play photos.

If you don't use wifi to transfer files, you have to copy the files to flash drive or SDHC card, carry the drive or card to the console.  My old camera is good at taking pictures but very slow in transfering the files.  The USB connector is at the back of the Wii which is inconvenient.

The best method is file sharing.  You play the files directly on your hard drive of your computer via wifi.  You do not need to copy and carry the drives and cards around.  Actually no files are copied.  They are like streaming to your Wii immediately.  For this reason don't use ftpii, where files are actually copied, and can be slow via wifi. 

The easiest file sharing method is via SMB.  The beauty of Ubuntu and Linux is that it's built in.  You don't need to install Samba.  There are several methods to config sharing on Ubuntu but the only one works for is to open a terminal, and then the command:

#shares-admin

The app have nice GUI.  You specify the folder to share where your movies will be, and select SMB as the method.  You give the share a name, say wii, to identify it on the wii side.  Leave the Windows tab alone as you are not sharing with Windows.  I don't think you need it but I picked one of the user on the desktop as allowed user for the share folder.

On the Wii side you look for the smb.config file under apps/mplayer-ce/.
#Samba share1  (smb1:/) 
ip1=192.168.0.2
share1=wii
user1= 
pass1=
  
Add the share name you picked to identify the path of the shared folder.  The ip is you PC, typically 192.168.0.xxxx, depending on your brand of wireless router.  I also add the user name that I picked and his login password for Ubuntu.  This is probably not needed or wrong way to do it.  But that's what working after a lot of trouble shooting.

That is not all.  The firewall at the wireless router typically do not bother with network traffic within the LAN.  Unfortunately Linux has a good firewall itself.  The Wii, and anything else, is not allowed to connect into Linux.

Messing with the Linux firewall is messy.  But there is firestarter, that I am already using.  All you need to do is to set the inbound policy.  You set it to SMB/Samba at the drop down menu, and the firewall will open the ports.

Tuesday, August 16, 2011

Tips for bit-torrent clients in the cloud

Specifically, I use Transmission as the bit-torrent client, installed on free Amazon EC2 Ubuntu Linux.  There's no monitor in the cloud so I'm using the so called headless mode, or no GUI mode, or command line mode.

Actually the Transmission daemon runs forever, and except for the configuration, you never need to deal with it.  You can use the web interface via the browser on your desktop.

First you must configure Transmission on EC2 by editing the settings text file.  First you have to set the seeding ratio.  Many trackers require the ratio to be at least 1:1.  You must upload the same bytes that you download.  But still you can upload a lot more than you download.  This can be quite costly in EC2.

Transmission only honor the upload ratio AFTER download is completed.  Because EC2 is very fast, your download is fast but your upload is even faster, which can be by a few times if all your peers are slow.  So by the time your movie download is finished, you may have already uploaded 10 times the size of the movie.  You have to limit your upload speed.  100 kb/s seems to be decent.  If you set it too low, it will affect your download rates.

The download rate depend very much on the time of the day.  You save time when everybody in your region go to sleep.  The bit-torrent download could be a few times faster, and the download from EC2 to your computer could be twice.  But you don't save anything, except for time.

The free EC2 only comes with about 8GB of storage.  The BT client will hang because of out of storage space if somebody put together the whole season of TV shows.  On the web interface, you select the torrent and then select the file tab.  Just check the files you want first to be somewhat less than 8GB.  When you finish downloading, you pause Transmission.  Then you use remote copy or other mean to transfer the files to your desktop.  Then you delete the files on EC2.  Then you resume the torrent.  It's strange that Transmission behave exactly as if you haven't deleted the completed files.

You want to decide if you still want the movie file while the torrent is active.  VLC can read partially download files.  But it will be rather complicated when the file is on EC2.

When the download is completed, you want to decide if you want the movie and download in full to your desktop.  You can use a command line video editor to cut out a few minutes at random.  You can download these and watch before you decide.  You can use a command line video player to generate snap shot galleries for you to download and preview.

But it's simpler to just download the movie file using scp or similar.  Once you started downloading, most of the Linux movie players can play the partial files.  Even better, unlike bit-torrent partial files with pieces arriving in random order, you start playing the movie at the beginning while the rest is being downloaded.  This is like some sort of streaming.  If you are picky about movies, you may save bandwidth equal to the size of the movie.

Monday, August 8, 2011

Home made universal pet waterer

Upside down bottle type of waterer is basically a waste of money, unless your dog is large.  You are buying a big bottle or tank.  It amazes me that people actually use these things in the office.  I hate to change the bottle.

For pets that drinks less than a few liter of water, you can make a waterer in a minute, with things in your recycle bin.

All you need is to cut a hole near the bottom on a soda bottle.  Then put a bottle in another container such as a plastic coffee container.

The tube and cup is optional.  Without these your pet drinks from open spaces of the "coffee container".

The two pieces design makes it universal.  For large pets, you can use several soda bottles with almost fitting outer container, which all feed into a single drinking cup.

For small pets, you can fit a small cup inside the cage suitable for the size of the pet and the size of the cage.  The large soda bottle can stay outside.

Determining the optimal size and optimal placement of waterers also lead to 2 pieces design.

You want cups to be small to save space, keep water fresher or waste less water, reduce dust, and reduce other rubbish such as litter, food residue and animal waste.  On the other hand, you need some mass so your pet cannot topple the waterer. 

Soda bottle

You cannot use soft plastic bottles such as milk bottles.  They cannot withstand the atmosphere pressure and will be squashed.  Ordinary soda bottle will be tough enough.

You can use whatever means to make a hole, such as scissor or knife.  I drill a pilot hole using a plastic drill.  Then enlarge it using a wood drill.  Holes have to be at least 3/8".  Water will not come out of small holes at all.  A larger hole allows the water and air bubbles to flow more easily.  Water comes out and air comes in at the same hole, nothing you can do about that.  I enlarge the hole using a rotatory drill bit for cutting plastic.  But a scissor is as good as anything else.

The hole should be near the bottom to maximize the delivered water volume but enough water left to give the bottle and outer container some weight for stability.  The height of the hole is also one of the variables to adjust the water level.

You can just refill the bottle at the hole so make it in a convenient place, perhaps with a 2nd hole next to it for air to get out.

The cup

Any cup will do but there may be a lot of requirements.  It has to be the right size for your pet, can be fixed or cannot be toppled.  I use PVC under sink drain pipes with a U section.  Pets drink from one end and the "plumbing" at the other side.  You can glue or use all the other methods to fix PVC piping.


The tube 

As shown, you just need a tube, dipping into the outer container and the cup.  You don't need to do anything as long as the tube ends are under the water line.

I use 1/4" vinyl tubes for small pets.  I'm not sure if vinyl tubes are for potable water.  But 1/4 tubes for connecting to fridge ice makers are readily available, but not as flexible as vinyl tubes.  There are also PEX tubes surely for potable water, but I don't know how flexible they are at 1/4".  For larger pets, you may want to use 3/8" or larger tubes for faster refill.

The simplest way to keep the tube in place is to drill a 1/4" hole (for 1/4 flexible tubes) on the wall of the outer container and the cup, above the water line.  Then insert the tube through the hole into the water.  Of course you can always use clips.

Installation

The water level at the outer container and cup need to be aligned.  Otherwise the cup either overflows, draining all the water, or the water level in the cup is too low for the pet to drink from.

You can start by changing the height of the outer container little by little, such as using stacks of old CD/DVD cases.  Then you fix the cup, find some objects to replace the CD cases with the same height, cut PVC tubes as legs for a stand, or make an adjustable stand.

To start, you need to fill the bottle, raise the outer container up so the cup overflows.  This get rid of air in the tube.  If this doesn't work, fill the tube with water fully or partially, then insert into the outer container and cup.  Try again.

Refilling the bottle

When the cup cannot be refilled by the bottle, it's time to refill.  In this case, lift the bottle up will not spill any water into the outer container.  There's no water in the bottle above the water level line.

If there is water remaining above the water level line, some water will spill into the outer container and then into the cup, which may overflow a bit.  You have to lift the bottle swiftly and turn it horizontally so the hole is at the top.

Fill the bottle at the hole, carry it horizontally back to the outer container.  Turn it vertical and slip into the outer container in one swift maneuver.  It's easier than turning a water bottle upside down, and with less spills.  Kids can do it, which is the goal of the design.

As long as the ends of the tubes stay in water below the level line, the system will keep on working.


Maintenance

It's trivial to dismantle the whole system to clean.  You may even microwave all the plastics.

For some reason you may not want to dismount the cup from time to time.  It may be mounted at a hard to reach corner, or the dismounting need a lot of work.

To keep the water fresh, you may need to drain the cup after, say, vacation.  Fill the bottle nearly full.  You fill a short 1/4" tube (same size as the other tubes) with water.  Dip one end into the cup and drop the other end below the cup.  Water will drain from the cup and being replaced from the bottle.  Small particles will be sucked out of the cup.  For larger particles you can use a thicker tube.

To disinfect the system, I suggest to use perfectly safe H2O2, available in drug stores at 3% strength.  Drain the cup until the water left in the bottle and the outer container roughly equals the volume of H2O2 you want to add.  (A 50% mixture is often suggested for disinfection.) Then pour the H2O2 into the outer container.  Stop draining the cup when the water level in it starts to drop.  Leave the system for a while for the H2O2 to take action.

To rinse the system, refill the bottle to full.  Keep draining the cup until the water level in cup drops.  Repeat.

Sunday, August 7, 2011

The science and technology of wok

I have a few large woks and frying pans, all ruined, by wife.  The importance of wok is that, it could cure anorexia or the early development of it.  My small kid would eat everything that comes out of the wok, but will make a lot of diplomatic efforts in order not to eat other things.

It was time to replace the wok, actually deep frying pan.  It was always time.  With all the negative news about non-stick pans, our well scratched non-stick frying pan seemed to be a health hazard.

I went to Target with all the beautiful cook wares.  It was a mistake.  I would think that they would have come up with a safe non-stick now.  So I brought a non-stick frying pan that seemed to have an indestructible non-stick surface.  They always claim that on infomercials.

The non-stick surface didn't come off this time.  Perhaps wife didn't use a steel spatula to scrub on the food stain.  But food stain did get on the side non-stick surface.  We use intense heat, otherwise it wouldn't be stir fry.

That didn't bother me a bit, except that when the pan is heated, small brown bubbles will come out on the side like boiling.  It's the same whenever we wash it, and then heat it again.  I'm not worried if that's food residue like soy source, that we used a lot.  But I'm worried about other chemicals.

So this IS time to get another wok.  From my research last time, I know it have to be a case iron wok.  (Wrong)  Just that Target and most cook ware shops don't have it, at least not in the form of a wok or practical frying pan.

A wok with a flat base is basically a deep frying pan.  A round normal wok is perfect if you have gas (gasoline, propane).  For electric and induction you need a flat base.  But a flat base wok is not really a wok.   And in the western world, you need a wok ring as a stand for the round bottomed wok.

You choice of material is cast iron and carbon steel (and stainless steel).  You don't want any coating on the inside or the outside.  They don't last, can't stand intense heat, or they just want more of your money.

I made the silly mistake that cast iron is iron, and carbon steel is steel.  I have enough stainless cookware.  Each and every one have food stains on it.  Wife prefer to fry in pots without the oil splashing around.  The good thing about stainless steel is that even with a lot of scrub marks, the outside and inside looks decent, except for the spots with food stain on it.  You can remove stains if you try hard enough, and there are chemicals to do it.

Obviously stainless steel is not a replacement for non-stick.  I'm sure cast iron is the nearest thing.

Basically everything is steel or everything is carbon steel.  The least refined steel is cast iron, iron with carbon content > 2%.  More refined is carbon steel with less carbon content.  Stainless steel is steel with chrome added so it will not rust.  The lesser the amount of carbon, the harder is the steel.

The confusion with cast iron is that traditional western cast iron cook ware is very different from traditional Chinese cast iron wok.  Western cast iron is thick, rough surface and I bet very non-stick.  Chinese cast iron wok is not a lot different from a carbon steel wok in appearance and weight.

My explanation can be that western cast iron has higher carbon content, so they are more brittle and hence it has to be thicker.  And the high carbon content cast iron is suitable to use sand mold to cast the shape of a frying pan or wok.  Chinese cast iron wok has lower carbon content, hence stronger.  I think they are made like pressing on a piece of red hot iron into the shape of a wok.

You can dismiss western cast iron cookware if you want Chinese style stir fry.  They are good for what they are designed to cook traditionally.  And I bet they are really non stick, because it doesn't matter if there is any stain on it or not.  It heat up slow and is heavy.

So basically it's steel with varying carbon content, and the high carbon content "cast iron" are at the cheaper end it cost to reduce carbon content.

"Carbon steel" heat up faster, harder and in general thinner, lighter.

Basically that's all academic.  It does not make that much difference if you fry on occasion or even daily, as opposed to in a Chinese restaurant.  A piece of iron with 2% or 1% carbon do not make that much of a difference in a family setting.

A a piece of machine made piece of iron cannot be fragile.  If you do not use your wok as a fighting shield, a cast iron wok is fine, which could still last a lifetime, what Chinese expects of their wok.  And it's only $10.

Stronger carbon steel can be made thinner.  It heats up faster and weight less.  The weight is important as the smallest wok is some 13" diameter up to 16 or larger in restaurants.  It will be your largest piece of cookware so you decide what weight you can deal with, on and off the stove, hanging it up, putting it in the cabinet, hand washing, etc.

For carbon steel I would go for those hand hammered.  I bet the purpose is to make it thinner.  It only cost a little extra.  They have steel and they have labor.  You just can't compete.

Now the only other consideration is seasoning.  Before use, you have to oil it and burn it to give it a protecting and non stick surface.  Many people seemed to worry about it, doing it wrong.

In iron age terms, you are adding food stain to a weapon, to use in a kitchen when you are not fighting.  You just can't do it wrong.

I suppose higher carbon content cast iron have a rougher surface and holds food stain better.  Food stains come off in stainless steel pots, so people are worrying that "seasoning" come off easier in carbon steel.  That's laughable.  No body worries about food stain coming off too easy.  You can always reapply.  But in normal use food will always stain your wok.

The worry is that food stain will become too thick, and come off in blocks, making the wok surface uneven. But you can deal with it one way or another, or all by itself.

Please don't say that "I need to toss it" unless you are a Chinese cook, or intended to be.  It only happens, perhaps, in kitchens in Chinese restaurants.  It's a hazard to do it in your own kitchen.  So it doesn't need to be that light, and don't need a long and strong handle.

The most practical handle is the small loop ones holding securing with two rivets.  That's indestructible and most space saving.  If you want to move it when hot, you can just use two wet washing cloth.  Don't move it while cooking, and you don't need to.  A long handle may break at the welding point, and wooden handles are silly idea, unless you can replace it.  Though the whole thing is rather cheap - a piece of iron.

If you have rust, that means your food stain is not good enough.  You can just scrub off the rust and food will find it's way to stain it.  The wok is iron and rust is sort of iron oxide, stable compounds what wouldn't do anything to your body.  These will just pass out straight away.  You won't get iron supplement either - they have to be in soluble ion form.

Now they are teaching home cooks to stain their cook ware with food, and how to make them stay.  And not to use soap to wash woks.  How lovely.  But wife and many home makers have obsession with removing stains.  That will education them good.

Surprisingly, even Chinese supermarkets don't sell authentic woks as used in Chinese homes for ages.  Perhaps they are too cheap, from $10 for cast iron to $20 for hand hammered carbon steel with a steel tossing handle.  You can find the Wok Shop selling woks online for at least several years.  There's no other competition.  They are in San Francisco China town.  So you are mostly paying for the postage.  If you are on a road trip there, this is your gift idea.

Thursday, August 4, 2011

Protecting your files in Ubuntu Linux - encryption

I always use Truecrypt to protect my files in Windows.  When I moved to dual boot with Ubuntu, naturally I used Truecrypt too.  The lovely thing is that I can even use the same encrypted profile for Firefox.  Only that extensions and plug-ins using native compiled code will not work.  But those are not much.

Now that I didn't return to Windows for months, I'm was looking for something better in Linux.  And yes, ecryptfs for Ubuntu.

Truecrypt is a block device.  You give it a drive, partition or file, it does whatever it likes, and implement it's file system on it, though Tc implements the same files system such as FAT or NTFS.

I never wanted to encrypt whole system, too risky if I didn't buy a new computer and start from fresh.  Partitions are too troublesome because I had too many inherited from hush jobs of upgrading the hard drives a couple of times.  So I use only large files as containers.

From a few to 30 Gb files, they fill up sooner or later.  You end up with a couple of large files where you can fit them in, or you have to make bigger and bigger drives and setup things all over.

Truecrypt turns out to be quite reliable.  I had crashes because the encrypted profiles I am constantly using.  The file container became unreadable.  Luckily Tc comes with it's own fix disk utility, very much like that in Windows.  So I can fix my old FAT and NTFS containers even in Ubuntu.  I used old FAT for a reason because they are old and contain less traces.

ecryptfs is integrated into Ubuntu, which comes with a Private directory that is not initiated.  All you have to do is type in a terminal:

ecryptfs-setup-private

I didn't remember if I used this but here it says it will ask you for your login password, and generate a passphrase for you if you leave it blank.

That is it.  After you login in (with password), automatically you can access your encrypted files in Private as if they are unencrypted files.  When you logout or power down, nobody can in theory access your files without your passphrase.

There are tools to migrate ecryptfs to your whole home directory and even the whole system.  But it looks too risky for me.  Not that I know ecryptfs is risky.  They way I do it will be risky.  You will never know after upgrade from hard drive to hard drive and OS to OS.

The advantage of ecryptfs is that it's not a block device.  It's a layer on top of the file system.  So you do not need to allocate space for the container.  the Private directory will grow just as any other directories.

Another critical feature of ec is that you can backup the encrypted files in .Private.  This is huge for incremental backups using existing tools.  Using Truecrypt, you have to copy the whole 30 Gb container everyday.   Or mount the original container and then a backup container and then backup incrementally.  Then unmount both after.  In Linux you can just about do it without operator intervention, that is, while you are sleeping.  But storing your passphrase somewhere in some form opens up chances for attacks.

The bad thing of Truecrypt is that you have to enter your passphrase every time you mount.  So it's at least two passwords, one for login and one for Tc.  It is even more troublesome in Linux.  Because mounting is a privileged action, you need to enter your login password again every time.  So there is less incentive in dismounting and mounting secret containers repeatedly.  For ecryptfs, you only need to login once, the rest is automatic.

Encrypt Arbitrary Directory

Now of course you want to use folders other than Private in your home directory.  Say I want to store something encrypted in my massive external drive.  First of all, you may have the impression that ecryptfs only works on Linux file systems.  I'm sure my external drive comes with some Windows format like NTFS, which is compatible with Linux, with or without ecryptfs.  Though they don't call it NTFS in Linux.

The bad is that if you use any folders other than Private, mounting during login is not automatic.  You can do it automatically but you probably don't want to.  And it's conceptually simple to mount manually and dismount whenever you want to.

To setup any folders, it is:

mkdir /home/myusername/secret
mkdir /home/muusername/.secret
chmod 700 /home/username/secret

You can use any folder on any drive with Linux compatible file formats.  To mount it:

sudo mount -t ecryptfs /home/myusername/.secret /home/myusername/secret

ecryptfs will ask you for a passphrase.  Use defaults encryption parameters if possible, otherwise you have to remember it or be screwed if you don't remember them.

It will ask you for a passphrase for the filename encryption.  The default is derived from the mount passphrase, something to do with signatures.  So if you don't enter anything, all you ever need to recover data is your mount passphrase.

The mounting command is the same for the first time or not.  So next time you will want to put the command in a script instead of entering all the parameters again:

sudo mount -t ecryptfs /home/myusername/.secete /home/myusername/secret -o key=passphrase,ecryptfs_cipher=aes,ecryptfs_key_bytes=16,ecryptfs_passthrough=no,
ecryptfs_enable_filename_crypto=yes

Those are the default parameters except enable filename crypto.  If you don't encrypt the filenames sometimes it's as good as not encrypting.  Say if the filename is the official name of a song or movie, people know the content already.  It should not be difficult to proof what the encrypted content is.

To disable access to the decrypted files:

sudo umount /home/myusername/secret

You can do the same for Private without logging out.

Security

It should be noted that when the decrypted files are mounted, they are accessible to everybody according to the file system modes.  Basically it's according to

chmod ugo+rwx file/directory

That means user, group, and others can be given read write or execute access.  So you are not protected from system admin and it would be extremely hard to.  He can get you one way or another.  But it's all academic as Ubuntu is designed for personal computers and now portables and notebooks.

The only thing to worry about is malware that you may have downloaded, and execute itself with your own privilege.  It's 100 to 1 chance you get it in Linux, based on the number of users.  Also you should only install software in the list of official depositories.

File recovery

Normally, all you need is your encrypted files and your passphrase, called the mount passhrase, which is the encryption key.

For auto-mounted Private, there is a complication.  You login password is not the key.  Your mount passphrase may be entered by you or automatically generated, in which case you don't even know about it.  For automount the mount passphrase has to be stored somewhere.  It's encrypted by your login password and stored in a file called wrapped passphrase in ~/.ecryptfs

To be sure you can decrypt any files, you need to store the plain mount passphrase
somewhere.  To get the plain mount passphrase:

ecryptfs-unwrap-passphrase /home/username/.ecryptfs/wrapped-passphrase

I print out the passhrase, put it in a secure sealed envelope, under the bottom of the tray, in a fire proof lockbox.

You can copy the whole .ecryptfs directory into a USB drive, an SD card and put it in a safe place.

Even with the complications, changing your login password is safe, all the other stuff are automated if you use the normal password change GUI or command. Admin can change your password but he will break the system. Without your old password, he should not be able to rewrap your mount passphrase.

Multiple passwords

If you mount the same directory with two passwords, you should get two sets of encrypted files.  It somewhat fit my two password three type of containers system, depending on whether they need to be backuped or not.  So I can put files together that needed to be backed up.  So there's two password, two containers, but still three types of files.

Tips: start from empty folders and copy things into it gradually once you are familiar with it.  For example, if you type in a slightly wrong password by mistake, you will think you screw up everything.

Protect swap space

Now it is a total solution as ecryptfs can protect swap space too.  Though by nature hibernate and that sort of thing that need disk space will not work.

When you are multitasking, applications each take a lot of memories.  For the inactive ones, their memories are swapped onto disk space to free some for other applications to use.  Because swap spaces are not encrypted if you did not install systemwise encryption, files or their fragments may appear on the swap space.

This is particularly important if you edit your active clients file everyday.  If you have some secret file to hide without accessing it for months and years, you can ignore this.

The developer now understands that you have to have some easy to use total solution, or few can use it, no matter how official it is.

You need to install something extra:
sudo apt-get install ecryptfs-utils cryptsetup

and  that's it:
sudo ecryptfs-setup-swap

You can check as in the link above that your swap space is changed and encrypted.  I did everything without any problem so far.  And didn't notice any speed penalties, except for copying movies files - that's about 7 Mb/sec on slow external disks.  Watching is no problem.