Increase Your Security at Public Charging Stations

As smartphones get smarter, the battery seems to discharge quicker. Old flip phones could stay charged for a few days with minimal use. Smartphones? A full day and you’re lucky.

This is frustrating for those of us who use their phones heavily. I personally have a phone that when it’s in my day bag seems to discharge it’s battery at about 3x the rate it normally would sitting on my desk connected to WiFi.

By now, many people are carrying portable power packs to give their phone boosts when on the road. I have a few different ones with various capacities that I’m almost always carrying with me these days whenever I’m on the road.

However, some of you may not be here yet, which leaves you scanning almost every room you walk into for an available power source. Personally, I can see this as working ok if you’re hanging around let’s say a library for a few hours, and/or carry a very long extension cable with you everywhere you go.

Enter: Public Charging Station

A popular service that communities and public buildings are now offering is Public Charging Stations. These, I’m sure, are life savers for many people. I’ve sat close to these at times while en-route and have seen how busy they get. The ones I’ve seen come with 2 or 3 prong plug female connections and USB connections.

2 prong plugs are great if you have your 2 prong AC/DC USB plug. But, the security problem here is with USB connections. Most USB cables don’t just have PWR (5V) and GND lines. They also have data lines. Data lines allow communication to occur, data to be sent. This means that when you plug your USB cable into your computer, you can communicate with the device you just plugged in – explore/transfer files, install apps, etc.. This is great if it’s your computer, but what happens if it’s somebody else’s computer? Do you know this somebody else? And what if this somebody else is equipped to do some major compromizing to your phone?

Your Phone’s Just Been Hacked

So, you plug your USB cable into a public USB power port at the airport, and continue to purchase – on your phone – that new shirt on Amazon, then book a hotel at your destination, and log in to check your phone bill to make sure you weren’t getting charged roaming fees.

STOP! Somebody might be watching what you’re doing!

There are countless programs out there that allow me, anonymous hacker, to view your phone’s screen, which is made infinitely easier if you plug your phone right into my computer that has said hacking tools.

You logged into your amazon account and typed in your VISA or PayPal account information into your phone? Yeh, that’s just been logged with my handy little data logger.

Preventing Your Phone From Being Hacked

Obviously you don’t want this to happen. Nobody want’s their personal data compromised (in spite the growing number of people responding to security and personal privacy with the common ‘I have nothing to hide’ remark).

What can you do to prevent your smartphone from being hacked while charging it at a Public Charging Station? I’ve got a few suggestions, but I’d love to hear some of yours in the comments below.

source: Aukey

Charge ‘Dumb’ Battery Packs / Power Banks Instead

Battery packs – those little things shaped like a external hard drive – are ‘dumb’. You don’t use them to buy off of Amazon. They hold power and then discharge power into your USB device. There are even (bigger) power packs that can charge your laptop. So, if you plug your drained battery pack into the Public Charging Station instead of your phone, you have NO risk of your phone becoming compromised.

Now that we’re talking about power banks, let’s spend a little bit of time thinking about how simple and valuable they can be so that you don’t even have to get close to the Public Charging Station in the first place.

Keep Smartphones Smart

Smartphones are only as smart as the software / apps you have installed on them. The common myth that Macs, Linux, or Android operating systems can’t get viruses isn’t true. Anything can be hacked, it’s just a matter of how. However, all operating systems’ reputation depends on have large teams combating all known vulnerabilities so that you don’t have to worry about it.

So, keep your phones smart by upgrading to the latest version of software. Also, don’t install programs unless you know what they’re going to be doing. And if you don’t use those apps anymore, uninstall them. It is incredibly easy to install apps on your phone, so don’t be scared that you’ll never be able to again. If you can’t chances are there’s a far better app out there to do the job.

Keep Your Phone Locked While Charging

Of course, I’m assuming your screen enters into a locked mode when not in use. If it doesn’t, please go and enable that now. Security 101.

It’s not 100% foolproof, but locking your phone stops most apps from really running. Some hacking programs just data log anything that’s been typed or viewed. If your phone is locked, you’re not using it, so nothing will be monitored.

Another point though, is that most likely you don’t want to be hanging around this Public Charging Station all day. So, if you lock your phone and read a book while it’s charging, your phone will actually charge faster. While we’re on the topic of charging faster, let’s also put our phone into Airplane Mode. This disables all your beacons which is essentially putting your phone into low power mode and will greatly reduce your charge time (ie. your phone will charge faster).

Go one step further and just turn off your phone fully when charging at a Public Charging Station. Hard to hack a phone turned off.

Anker USB Power Hub

source: Anker

2 Prong Plug

Using a two-prong (or 3) plug to charge your phone is definitely the safest secure bet. It might not always be possible, but generally if there’s USB power ports, there’s going to be wall plug to plug directly into. Depending on the USB port current (most likely ~ 0.5 A), you’ll also charge much faster if you use a higher current 2 prong plug ( could be up to 2 A) directly into the wall.

This is one thing that I’m always on the lookout for: high current USB charging wall plugs. For USB, high current is anything greater then 1 A. 1 A is good, too. 0.5 A is horribly slow. There is probably a very long thread on Reddit about the effect/deterioration of Li-ion batteries vs. charge current, but at the rate we go through smartphones, extending the battery life isn’t usually everybody’s biggest concern: charge speeds are. So, it’s smart to keep your eye open for these USB wall plugs with a high output rating on them. It’s almost standard on USB ports to be 5 V, aside from those larger power banks that can smartly output up to 12 V sometimes.

If you have a few USB devices that always die on you, you could also think about a USB Hub. This works the same as a one port, except it’s got about 4+ USB connections on it. You plug the 3 prong plug into the wall which connects to the hub, and at the hub, you can connect your USB devices to charge. As above, these will come with various port current outputs, so be cautious when buying them (I’d go for something in the range of 1.5 A output).

Ok, that’s it for tips. Maybe you have some for me?

 

Thanks to Aukey – manufacturer of battery packs and other really cool gadgets – for inspiration on this article with their own article on Protect Yourself From Public Charging Stations To Avoid Mobile Phone Hacking!




Crucial Tools for Monitoring an NGINX Server Deployment

server: NGINX
monitoring tool: NGINX Amplify
monitoring tool: ngxtop
monitoring tool: access_log

Necessity of Monitoring a Server

As a professional, it’s essential you monitor the status of your tools. If you’re building a bridge, you check for cracks; if you’re running a server, you monitor logs. It’s important. If people come to your website and may get turned away because of some mis-configuration or server fault. In this case, there is no point in having a website at all if all the traffic is getting sent away. Further, if your website is working extremely slow, then you’re also going to have visitors very quickly going to find another resource on the internet.

So, we know that it is very important to monitor the status of your web server. I will provide some of the tools that I use in this post.

Warning: Making your server run fast and cleanly is addictive, once you begin down this road, it is like a rabbit hole and you will not return the same (lazy web administrator).

NGINX Amplify

By far, one of the easiest to use and elaborate monitoring tool is Amplify by NGINX (they may still be in Beta, but beta is a great thing when the developers respond immediately to issues). Amplify goes into much greater detail then I will here about how to install and configure Amplify on the first of three configuration blogs: Setting Up NGINX Amplify in 10 Minutes. The default metrics that show up on your Amplify Dashboard are very good for monitoring your server, more so now that they’ve done some UI changes, but it’s worth the time to also go into the Alerts and Custom Dashboards sections to see if they are giving some suggestions to change your server configuration (NGINX itself), as well as custom graphical metrics.

Stub Status must be turned on for some more back end information, so don’t miss that in the configuration step, but more importantly I feel is setting up the access log configuration acutely.

They have put together three full posts on how to configure your Amplify here:

  1. Setting Up NGINX Amplify in 10 Minutes
  2. Improving Server Configuration with NGINX Amplify Reports
  3. Using NGINX Amplify Custom Dashboards and Filters for Better NGINX Monitoring

NGINX Access and Error Log

NGINX’s built in access_log and error_log directive should most definitely be turned on. This provides all kinds of essential information regarding your NGINX server. Without this critical information, you’re kind of shooting in the dark when it comes to troubleshooting your server errors.

Using the access log, you can also set the log format, this can be customized to give some detailed information about what’s happening on your server in regards to error codes, request URI, referrer, etc.

You set the access_log format inside the nginx.conf file (typically located in etc/nginx/nginx.conf on a Ubuntu deployment), but you can also set the access_log parameters inside each virtual server configuration block so that you can have a unique log files for each virtual servers (typically located in etc/nginx/sites-available/siteName). Virtual servers are usually used if you have multiple websites hosted by the single NGINX server.

A caveat that should be noted is that if you define access_log within each unique virtual server, Amplify can provide a breakdown of each websites access_logs.

For a full list of access_log log_format descriptors, see NGINX Metrics & Metadata documentation.

note: I’m still working on ways to customize my access_log file results so I can better identify exact URL requests for 4XX and 5XX errors, so if you have a resource or some tips, I’d love to hear them below.

NGXTOP

From the command line within your server you can run ngxtop to get very detailed breakdown of what’s happening on your server in real time. There are multiple commands that you can customize, so do have a look at the GitHub documentation to get a better idea of what you can do with this powerful tool. This is more of a real-time monitoring tool (as the Ubuntu top command is, too).

Python Script

I say Python script because Python is quickly becoming my favorite programming language, but you could probably use any language you like to parse the access_log files for basically anything you’re looking for. If one was so inclined, they could even turn this into an hourly cron job that sent results to you via email.

Working on this code now. 🙂

Hope some of this helps, and I’d love to hear if you have any other suggestions that are essential for you and your server administration!

 

 




The Best Color Profile For Printing and the Internet: Differences in sRGB and AdobeRGB

What is a Color Profile or Colorspace

Every single device or medium out there has an ideal color profile for viewing pleasure. That is, your phone, your laptop, and your printer all have a recommended color profile for optimum color representation that will look good to your eyeballs (or the professionals that decide it will look good for you). There are a few main color profiles that are most standard in the world of images:

  1. sRGB
  2. AdobeRGB
  3. CMYK
  4. ProPhoto RGB

There are dozens more, and each of these color profiles has its benefits and detriments that, in fully understanding where you’re using the images, will help you understand what color profile you want to use.

So, what this means is that there are different color profiles that show and define color differently. It’s like a new deck of playing cards, sure, they’re all aces and kings, but the graphics and size of letters on them are all different. Some are better for old folks with trouble seeing tiny numbers, some are better for young kids who like to see more wild illustrations for the royalty.

Why is my color dull on my computer?

If you’ve just scanned your beautiful painting or transferred your beautiful photograph from your camera that looks so vibrant on the back of your camera, and you then you open up Photoshop or Lightroom all excited to see how it looks after scanning and notice that it looks a bit dull and desaturated, then there’s a good chance that you’re not viewing the image in sRGB color profile.

sRGB Color Profile

sRGB is the standard color profile for anything being viewed by a monitor, so this means laptops, televisions, smartphones, and even the person sitting next to you on the airplanes laptop screen. Almost all monitors and phones across the board are set up to in the sRGB color profile. Unless you’re doing fancy things and have a special program that has converted your monitor to display another color profile, you’re going to get the best viewing pleasure from your images if your in the sRGB color profile.

What this means for you as an image creator is that any image that you put onto the internet should be in sRGB color space.

Read more about sRGB on Wikipedia

AdobeRGB Color Profile

AdobeRGB is the standard color profile for anything being printed. A growing number of printers request your images in the sRGB color profile, but an AdobeRGB image will have a wider range of colors that a professional quality printer will be able to use.

What this means for you is that if you’re printing your image, you most likely want to be in AdobeRGB color space, but I would highly suggest to have a conversation with your printers about what color space they desire for your submitted images.

Read more about AdobeRGB on Wikipedia

ProPhoto RGB and CMYK

ProPhoto RGB is another color profile that is designed for photographs. It is often the default color space of Adobe Lightroom. ProPhotoRGB has a very large gamut, which has its benefits in preserving exact colors.

CMYK is the exact colors that almost all printers use. Cyan, Magenta, Yellow, and Black. When you order toner for your printer, these are the options you have. Using this color profile has it’s benefits for printing, but once again, ensure that your printer wants color in this space before you send them the print file.

Read more about ProPhoto RGB and CMYK

Which Color Profile is Best for You

Internet

Hands down, using sRGB will give you the best most vibrant and alive colors for anything in the digital world. If it’s staying digital, use sRGB. Go ahead, export the exact same image in sRGB and AdobeRGB and compare them side by side on your monitor. Leave comments below which one looks best on your monitor!

Printing

If you’re printing, do ask your printer what color profile or space they desire. Often times professional printing houses will have information online (on their website) of how to prepare images for them. I have never met a printing house that didn’t enjoy having a conversation on the phone about what color profile to send them my art in.

Most of the time, they’ll want AdobeRGB. Note, this isn’t the same conversation as what’s better: TIFF or PDF. If they want sRGB, they very well might be converting the images once they receive them and prepare the image for proofing.

Hope this helps!

 

Further reading:




Easily Convert The Color Profile of an Image in Photoshop

software: Adobe Photoshop

I have previously written about the differences of Color Profiles, but here I would like to talk about how to convert between the Color Profiles in Photoshop.

To begin with, ensure that Photoshop is open, and the image you’d like to convert is also opened within Photoshop.

From here, select: edit -> convert to profile

Edit and Convert to Color Profile in Adobe Photoshop

Edit and Convert to Color Profile in Adobe Photoshop

From here you are given a menu as shown below:

Convert to Profile selection window in Adobe Photoshop

Convert to Profile selection window in Adobe Photoshop

There are a few items that should be of interest to you inside of here.

First, take a look at the color profile or color space that your image is currently in, ie. the Source Space. If you see above, the image is in sRGB color space.

Next, you can see there are many choices for Destination Space , which only you will know which to pick now!

For more information on what color space or profile you should be using, have a read of this article on the differences in sRGB, and AdobeRGB color profiles.

Hope this helps!




NGINX Ubuntu Upgrade Fails with an Error

web server: NGINX
os: Ubuntu
application: NGINX Amplify

NGINX Amplify is a great tool for monitoring the status of your NGINX deployment. It’s a new thing they’ve been working on and perhaps even still in beta mode.

Recently I was upgrading my Ubuntu based server, and the NGINX Amplify agent wouldn’t upgrade, giving an error along the lines of:

sudo apt-get upgrade
Setting up nginx-amplify-agent (0.40-1~trusty) ...
dpkg: error processing package nginx-amplify-agent 
(--configure):
subprocess installed post-installation script returned error 
exit status 1
Setting up libcurl3-gnutls:amd64 (7.35.0-1ubuntu2.10) ...
Setting up libcurl3:amd64 (7.35.0-1ubuntu2.10) ...
Setting up curl (7.35.0-1ubuntu2.10) ...
Processing triggers for libc-bin (2.19-0ubuntu6.9) ...
Errors were encountered while processing:
nginx-amplify-agent
E: Sub-process /usr/bin/dpkg returned an error code (1)

 

Bummer. I didn’t really think much of this until I got an email from a fellow over at NGINX, so I thought I’d tell him this was happening. He asked me to share with him some more information, and we worked our way through a few things that I’ll outline below.

We tried a few things, but essentially the only thing that worked was:

I suggest you add hostname to the agent configuration manually 
(/etc/amplify-agent/agent.conf):
----
[credentials]
hostname = yourhostname
----

 

In this place, for yourhostname you may use any valid hostname, except local hostnames (‘localhost’,
‘localhost.localdomain’, ‘localhost6.localdomain6’, ‘ip6-localhost’).

After this, running:

sudo apt-get upgrade

worked, and everybody was happy again.

A note from support at NGINX Amplify:

Please note that current version of amplify-agent (0.40-1) contains a bug in the hostname detection logic, this is the reason why some users have problems with the upgrade. So, explicit assignment of hostname in the configuration is just a workaround.

Hope this helps!