Manage Multiple Cloud Services With Jolicloud Drive Google Chrome Extension

Do you use online cloud storage service?  Do you have multiple accounts with multiple cloud storage services?  Do you use Google Chrome browser?  If you say yes to all of these questions, then Jolicloud Drive Extension for Google Chrome can help you manage multiple online cloud storage services at once with ease.  In the video right after the break, I briefly introduce you to Jolicloud Drive Chrome Extension.  Enjoy!!!

Advertisements

Adding .htaccess File To QNAP’s /share/Web/ To Secure All Web Applications Within

Legal Disclaimer:  Following the tip within this blog post at your own risk.  You have been warned, thus you know that you are going to do something dangerous here to your web server or QNAP server.  With this knowledge of yours and by having reading this warning or skipping this clear warning, you cannot hold me for your stupidity or dangerous action against your very own QNAP server or web server or against anyone’s web server that you’re responsible for its administrative duties and procurements.

Are you running a web server on QNAP NAS?  NAS stands for Network Attached Storage server.  If you are for whatever purpose, whether this web server is for production purpose or testing purpose, you might want to know that .htaccess file can help secure QNAP’s web applications such as WordPress, Drupal, and the rest.  Here’s how to create proper .htaccess file that controls all web applications at once on your QNAP server.

  1. You need to change into directory of /share/Web by using this Linux command [cd /share/Web].  Of course, please do ignore the square brackets as these are only for clarifying the command line.
  2. Quickly do [ls -la] to figure out if you have an .htaccess file already.  If you do, please make a backup of this file in case you need this original file again for whatever purpose.  To make a backup of this .htaccess file that you already have had in the QNAP’s /share/Web directory, use this command [cp -p -a /share/Web/.htaccess /share/Web/.htaccess-old].
  3. Once you had followed the step #2 herein, then you can try to remove the original .htaccess file (Not the backup one you just made OK?) by using this command [rm -rf /share/Web/.htaccess].  Be very careful with [rm -rf] command line, because if you misspell a file or a directory you’re trying to remove, you will definitely lose such directory or file forever and won’t be able to recover it.
  4. Now let us create the .htaccess file again, but this time we’re creating it the way we like it.  Of course, .htaccess is a complex file, thus regular Joe like us needs not to worry about making this file too complex.  Instead, let a regular Joe like us to just create simple .htaccess file that denies all IP addresses but only allows a specific IP addresses.  This means, if you want to allow one or two specific IP addresses to access QNAP’s web applications, this .htaccess file should satisfy your command.  So here we go…
    1. Creating .htaccess file by using this command [touch /share/Web/.htaccess].
    2. Now, let’s edit the .htaccess file we just created by using this command [vim /share/Web/.htaccess].
    3. Let’s enter the lines below for our new .htaccess file shall we?  These lines must be in the order as follow…
      1. order deny,allow
      2. allow from 192.168.0.x (please use your very own IP address here)
      3. allow from 192.168.0.x (please use your very own IP address here)
      4. deny from all
    4. What we had done was adding 2 IP addresses to the allow list in .htaccess file so these 2 IP addresses will be able to interact/access the web applications that reside in QNAP’s /share/Web directory.  You can add more IP addresses or remove most IP addresses but allowing only one according to your desire by simply adding more [allow from…] or remove [allow from…] lines.  Of course all [allow from…] lines must be written or typed out above the line which said [deny from all] and below the line which said [order deny,allow].  Now, we must save our newly edited .htaccess file by doing this while you’re still in the vim editor.
      1. Hit escape key on the keyboard to exit the editing mode.
      2. Type in [:wq] and hit enter key on the keyboard.  Of course, please do ignore the square brackets as these are only for clarifying the command line.
  5. The last step is to secure our new .htaccess file by doing two things.
    1. First thing to secure is to make sure the owner and the group owner of the .htaccess file are indeed the right owner and group owner.  For me personally, I prefer to not use admin user and administrators group for any web application files and directories, because I don’t want the evil doers to be able to use one of these files with high privilege access to escalate the privilege and execute malicious commands.  This is why on my QNAP server I rather make most of my web applications’ files and directories in the name of user httpdusr and group owner everyone.  So let’s do this command to make this happens OK?  Type in [chown httpdusr:everyone /share/Web/.htaccess].  Afterward, just do [ls -la /share/Web/.htaccess] to see if .htaccess file indeed is using user httpdusr and group owner everyone.
    2. Second thing to secure is to make sure the .htaccess file has the right permission.  So we need to use this command [chmod 400 /share/Web/.htaccess].  What this command does is change the permission of .htaccess file in /share/Web directory to read only for user (owner of the .htaccess file) and no other permission is allowable for anyone else, hint the two zeros after #4.  These two zeros stand for no permission for group user (whoever has the group authorization of whichever group) and no permission for everyone else (this is the last 0 for).  Finally, you can do [ls -la /share/Web/.htaccess] to confirm that the permission for .htaccess file is indeed 400 or not.  If it’s so, it means only the QNAP web server user httpdusr will be able to read the file, but even this user cannot write to or execute whatever within this .htaccess file.

Now, with this .htaccess file configuration for your QNAP’s /share/Web directory, the web applications that are residing within this specific Web directory will not be accessible to anyone with any IP address unless somebody is using the IP address that is being allowed by this very .htaccess file.

Do you know that by following the tip herein, you can also use this very tip for non-QNAP web server?  Just create a similar .htaccess file within whatever web server’s directory to prevent snooping to most IP addresses and allow only the IP addresses that are being allowed within.

Virtual Machine Is A Very Beautiful Thing

Virtual machine is a very beautiful thing, but the majority computer users might be ignorant of it.  How beautiful virtual machine is?  Let me just say this right off the bat, virtual machine is there to piss off evil doers!  It’s so beautiful that you can basically download computer viruses onto a virtual machine without the fear of these nasty things go around and infect a physical machine.  Of course, with just about anything, if one is so inept in computer things, one might be able to allow the computer viruses and what not to infect the whole Intranet (LAN) network even one is using a virtual machine.  Nonetheless, one has to be very inept to do so.  For an example, allowing virtual machine to be on the same subnet with a physical machine without its own protection measures (i.e., antivirus, firewall and what not) — thus, showing just another door to the evil doers.  The evil doers can use a compromised active virtual machine as a gateway for their Intranet (LAN) hacking activities.  The beautiful thing is that if one is smart enough to secure a virtual machine, one basically has a hardened sandbox which can easily be used as a platform for browsing the dangerous web at will.  Perhaps, even downloading computer viruses and what not for testing purposes such as testing to see the effectiveness of an antivirus program.  Professional antivirus software reviewers are mostly using a hardened virtual machine to test to see how effective an antivirus program can be.

Virtual machine is so beautiful that it is very perverted.  How?  I’ve heard how many people have seen their computers got infected with computer viruses, worms, trojans, and what not just because they have been browsing dangerous pornographic websites.  What’s worse is that these folks do not use readily available simple measures such as Javascript blocker software/plugins (e.g., ScriptSafe, Noscript, etc…).  For an example, I’d talked to one person who complained that he would format his computer often, because he caught too many computer viruses.  This very person would like to say that he’s an advance computer user.  Nonetheless, he’d told me that he befuddled how his Windows machine kept on catching a flu (i.e., sarcasm for computer viruses).  Furthermore, he told me that it was too easy for his computer to catch a flu whenever he got perverted.  Obviously, it meant that he browsed pornographic websites and his computer caught a flu.  In the end, he told me his assumption that there’s no way a PC can be OK if one is browsing a pornographic website.  I told him flat out that he’s dead wrong.  The simplest answer I could give to him at that point was that just make sure his physical machine is clean (i.e., not being infected with any computer virus) and then install a virtual machine.

Virtual machine is beautiful since it’s allowing us to have a secure sandbox to play around.  Of course, it’s a bit more complicated than just a secure sandbox, because a virtual machine can run just about all major operating systems.  Furthermore, a virtual machine can be a quick testing ground for security software and what not.  If a virtual machine user doesn’t like what he or she sees, he or she can simply go through few clicks to delete a virtual machine and make a new one.  My suggestion for whoever that does browse the web dangerously is to install a virtual machine on a clean physical machine, install Linux such as Ubuntu, install firewall and ClamAV onto Ubuntu, harden up Ubuntu (virtual machine) as if it’s running on a real machine, and then browse the dangerous web.

Virtual machine is a strange beast, because it can do certain things exceptionally well and efficient, but it can be totally useless at times.  For an example, playing games on a virtual machine is a no no.  First of all, a virtual machine does not use a dedicated graphic card, because it’s emulating one.  Even if a virtual machine environment allows a physical computer to share dedicated graphic resources, I doubt a virtual machine could really share dedicated graphic resources efficiently.  Playing intensive graphic resource demanding games would be almost impossible.  Nonetheless, if one uses a virtual machine for applications such as virtualizing a NAS (i.e., Network Attached Storage server), it can become very interesting.  Imagining this further, how interesting it is for one to be able to clone a virtualized NAS easily, right?  Virtual machine platforms such as VirtualBox is certainly carrying the option of allowing a computer user to clone a virtual machine through few clicks of a mouse.

In summary, virtual machine is very beautiful, but the degrees of beautifulness are scaling accordingly according to whoever is using it.  One can simply use a virtual machine to test out how effective an antivirus software can be, but one can also use it to run a virtualized NAS.  If one is horny, one can simply browse the dangerous pornographic websites with a virtual machine.  Basically, virtual machine is quite useful and secure if one knows how to use it as a sandbox.

 

There’s Time To Be Nice, But Digital One Isn’t So

Should you be a nice guy when it comes to Internet etiquette?  The answer isn’t so simple since it’s all depending on the context of things.  For an example, a friend sent you an email for whatever purpose, important or not, you might have to reply to him or her.  Down to earth Internet etiquette cannot be so disconnected from physical world, otherwise we are not who we are, as in being human with complex emotions.  Thus, our strong human traits such as politeness can also be our weaknesses.  This is why social engineering is useful for some bad actors who have intension to hack into your digital life.

Without going to rant much on elusive Internet/digital philosophy, let me get to the point.  I’d recently received many online bank surveys through my email inbox.  The politeness of online etiquette wanted me to click on the survey request link in the email so I could start a survey, because being polite is good, whether that would be on the web or off the web.  Unfortunately, in the back of my head, my impolite part of the brain told me to not being so nice and polite, because the survey itself might not be sent from the bank.  I think there are ways to fake emails that look like they’re from the legitimate party.

My eventual action was usually a quick delete of such email.  Why?  Although I’m a nobody and poor, thus my bank account would be a waste of time for whoever wants to hack into it.  Thus, I’m not supposed to be all that protective toward my online bank account.  Regardless, I don’t really like being hack, because it feels very invasive.  Imagine a stranger just walks into your life and does whatever to you, how do you feel?  This is the feeling of being hack, because you don’t know the hacker or hackers!  So, it was a quick and simple decision, I rather not being polite and willy nilly clicking on a bank account survey link.  I don’t care if the email is legitimate or not, I just won’t subject myself to downloading malware or virus or trojan onto my computer just so I could have a nice digital etiquette.

In summary, I think we need to be very cautious about the stuffs that go through our emails.  Especially, survey invitations and what not might not be so innocent.  I’m writing this post is to remind my future self and whoever else to be more cautious about Internet security in regarding to email.  Furthermore, I like to remind my future self and whoever else that if a hacker has your email account, he or she can basically try to reset your passwords from your bank accounts, social website accounts, and what not.  If hackers are successful at resetting your online accounts’ passwords, then they’re basically taking control of your digital life.  Simply put, do you want a stranger to take over your life, albeit it’s an Internet one?

World Conflicts Are Not That Simple!

In this day and age, 21st Century to be exact, conflicts around the world are never going to be simple.  Heck, even in the ancient time, the conflicts then were not so simple.  Now, we have so many countries that are doing overlapping business, because there is so called a chain of supply this and that.  For an example, United States imports from China most, China relies on neighbors and far West for technology and raw materials to produce stuffs for United States, and countries such as Australia love to sell energy products to China to support the supply chains in China.  Obviously, the example I mentioned is to be simplistic, because China is not only exporting goods to United States, but China is exporting to the whole world at large.  United States is obviously not only importing from China, but United States is importing from the whole world at large.  Still, the whole world is importing from China most!  The last sentence does implicit a weakness of globalization.  It begs the question what if China’s supply chains are in trouble, what will the implications be for the world’s economics at large.  It’s not so simple to just say that my country will become self sufficient immediately.  Any country can’t just magically wave a wand in the air, and then the technology and infrastructure and various vocations of expertise — that take decades to build — suddenly and magically materialize for whatever production purposes.  The complexity of the world nowadays begs the question that even small conflict can put any country which depends on the world’s economics in a very uncomfortable position, especially in economics sense.

I think one thing people fail to realize is that nuclear factor is even more important as a war deterrent for world peace than ever before.  Although some of us probably have wished that humankind should have never been able to figure out the nuclear technology, thus nuclear would never have existed.  Nonetheless, such wish is rather foolish since nuclear age has been here for a while already.  This is why nuclear weapons have been employed by various countries for deterrent purposes.  Nuclear weapons are not a figment of the imagination for a long time already!!!  Countries that have nuclear weapons know this, thus these countries use nuclear weapons as war deterrent strategic maneuver.  It’s a very effective war deterrent strategy indeed!  With this knowledge, we can see that United States, China, India, Pakistan, Russia, UK, France, Israel, and North Korea cannot be invaded outright.  The big three countries that for sure cannot be invaded outright are United States, China, and Russia.  Why these three countries have the power to fully destabilize the world or prolong the world peace?  Simply put, their military, economic, and world influence mights ensure their power to dictate world order!  Smaller countries, with nuclear technology or not, cannot compete or go head to head with United States, China, and Russia.  Of course, there is always something that is not on people’s mind and yet will be the exception of whatever rigid order.  In today’s world balance, for United States, China, and Russia to go to war against one another, the exceptional culprit behind this global catastrophe would be a psychopath with powerful positions that can manipulate a country’s foreign policy.

Although the big three in the world will not wage war against one another outright, but they can definitely use their smaller allies to wage proxy wars.  This is why we, people with brain, know that small conflicts around the world might not be so simple.  I can safely assume that all conflicts nowadays are a sort of game for the big three to push and pull against one another, and so in the end of the day the winners will always be the big three!  In short term though, the players who gain something in whatever conflict that the big three are manipulating can also be said that they’re the winners, too.  Nonetheless, in the end of the day, they might not be the ultimate winners!  This is why, I think we, the people of the world, should be more informed, open minded, and less judgmental, and only in this way we can see the events that break out around the world with clearer sense.

In conclusion, United States, China, and Russia know they will not benefit in an all out war, but they’re more profitable in term of controlling the events of the world.  This is why I think the ongoing chaos in East and South China seas, Ukraine, and the Middle East are small events that will dictate the world influence of the big three!  In these events, the big three cannot claim their innocent!  Nonetheless, the big three are acting in their own interest, because the big three after all have to lookout for their own people.  It’s just unfortunate that the smaller players in the world stage have to be manipulated by the big three!  Of course, nobody knows how the world map will look like in the future, thus we can never say that the big three we have now will be the big three of 300 years later.  Remember Roman Empire?  Remember how big they were in ancient time?  If I’m not wrong, they’re no longer here since AD 476.  That’s a long time ago.  Let just say that, the big three are not invulnerable, but at the moment and years to come, these are the players that make the world spins.  At the moment, Ukraine crisis is just another event that the big three are positioning themselves for their own future!  Unfortunately, the West and Ukraine itself will have to be manipulated by the big three!  Russia is looking to gain the most in Ukraine crisis, and Russia does have the popular vote as Crimea’s people are voting for Russia.  China is not yet making a hard stand for Ukraine crisis since it’s playing a waiting game.  Meanwhile, United States is anxiously preventing Russia from annexing Crimea.  Who’s right?  Who’s wrong?  It’s hard to tell, because the big three are never innocent!  Nonetheless, I hope after Ukraine crisis, the world will be more peaceful, however Ukraine crisis will turn out to be!  Let’s not see someone is so stupid enough to push for World War III, OK?  As Albert Einstein had said something along this line, he knew we will have to use nuclear weapons in World War III, but he suggested that we might fight with sticks and stones in World War IV.  It’s a long conclusion, I know!