Categories
Social Media Technology

Goodbye WhatsApp, Hello Signal (and Telegram)

(If you’re just looking for the brief version, read it here. Otherwise to read my ramblings, carry on!)

On September 26, 2006, Facebook opened to everyone at least 13 years old with a valid email address.

I remember signing up, thrilled that I could finally be a part of this new ‘Web 2.0’ movement that all my still-at-university friends had been talking about. At the very beginning, it was an incredible new tool for keeping in touch with friends, sharing events, and finding new and interesting ways to socialize.

Over the years, the information that the company has gathered on individuals is staggering in breadth, depth, and scariness. An information gathering campaign that once only existed in the wet dreams of intelligence agency wonks was now a living, breathing thing, and we were all voluntarily giving it more oxygen every day, with every post, every message, every uploaded picture, every ‘Like’.

I now view the company as one of the most insidious and evil companies in tech, and am unable to divorce the many terrible events in real life that have occurred after being organized, in part, on Facebook, from any other benefits it might bring.

In 2009, WhatsApp was launched, and it took off in a big way in the UK and Europe. With smartphones in their infancy but commanding a high price, mobile service providers began offering enticing ‘unlimited data’ plans, to try and encourage us all to swap over to the new expensive devices. As a trade-off, at least for some providers, you had fewer bundled text messages that you could send.
WhatsApp made the idea of ‘bundled texts’ an immediately archaic idea. WhatsApp allowed you to send essentially supercharged MMS messages for, essentially, nothing. It was all ‘data’, and suddenly you no longer sent ‘a text’ you sent ‘a WhatsApp’.

Apple pushed further away from SMS with iMessage so now if you were an Apple user, you expected richer features. If you were messaging an Android user, the obvious answer was WhatsApp.

In 2014, Facebook bought WhatsApp. Now everyone you knew was either on Facebook, or on WhatsApp, but either way you were on a platform controlled by Facebook.

WhatsApp (and Facebook) were immediately at pains to point out that no information would be shared with Facebook, and WhatsApp chats would stay secure.
Of course, those of us who have been in tech a while (or been through an acquisition) know that there are no guarantees and just because a company says they aren’t going to do something, it doesn’t mean they aren’t eventually going to do it.

Sure enough, as of February this year, the WhatsApp Terms of Service are changing (outside of Europe) to remove certain clauses which previously stated that no information would be shared with Facebook.

WhatsApp is no longer a platform I wish to be on as a result.
I’m still on Instagram, another Facebook owned property, and I’m sure there will come a time when I need to move away from that too. The only reason I haven’t already is that there’s no good alternative to it (yet) and I still very much enjoy it.

For WhatsApp though, there are now several excellent alternatives. The two I’ve chosen are Signal and Telegram.

Signal actually uses the same basic encryption as WhatsApp. In fact, WhatsApp only started to encrypt its non-text messages after partnering with Signal to further develop the technology.

Signal.org is a Not-for-Profit organization, and the Signal Messenger app is open source, peer reviewed, and funded entirely by grants and donations. Security is the foremost consideration, then features. I’ve certainly seen improvements in functionality since I started using Signal over a year ago and for the most part it’s just as good as WhatsApp in terms of functionality.

A messaging app with even more features is Telegram. However, this is not an end-to-end encrypted tool. For some, that may not matter and, honestly, if somebody really wanted to pilfer the many (many) cat pictures I exchanged across these services, they’re welcome to them. As mentioned, my primary reason to ditch WhatsApp is its Facebookification.

However, if you’re making a significant change, might as well go for security, right?
So my #1 recommendation is Signal; anybody security-minded who wants to get away from Facebook’s clutches will gravitate to this one.
Telegram is for those who want to ditch Facebook, but can’t live without some of the rich features available elsewhere.
For example, my server has a webhook connection with my Telegram account, allowing the server to send me alert messages directly to my connected devices.

Either way, it’s “So Long” to WhatsApp. It’s been a blast.

Categories
Boston London NYC Random Musings Relocation Technology Travel Without a Plan Work

Without a Plan

Much like a dream, the idea for this series of posts was so clear at the time. That time was yesterday, November 27th, at about 6:00PM EST whilst I was in the shower. Also like a dream, the clarity of the idea has faded somewhat in the intervening 19 hours.

However, I’m still here to write it because I feel compelled to. I’m at a point in my life where things are really quite different from what’s gone before in some ways, whilst remaining resolutely, defiantly the same in others. Perhaps I hope that this series of posts will provide me with some stream-of-consciousness-introspection, a kind of ‘Write Your Own Therapy’ exercise. Maybe I’m just a closet narcissist who wants to write more about himself.

Uncertainty is probably the most appropriate feeling as I go into this. As the title says, this is Without a Plan, subtitle TBD. I’ve lived much of my life without what I would consider any concrete plan. I’ve taken opportunities as they arise, certainly missed out on my share too, bounced around the United Kingdom and, latterly, the United States, and questioned myself more times than I care to admit. I’ve experienced truly wonderful moments, and plumbed the depths of depression.

“So what?” you might think, “That describes everybody.”

Perhaps it does, perhaps it doesn’t. One thing I’ve come to realize is that many of us are all broken in our own ways, but that some people really just do Have Their Shit Together in ways that I wish I could, but probably never will.

Anyway, let’s get into it, shall we?

I’m a 35 year old IT Manager, working for a software company in the North East of the United States of America.

Before all of that, I wanted to be a writer.

Categories
Security Technology

Authentication for Free, as in Beer (FreeIPA)

I’ve been busy with work lately, but got some time this Sunday to work on the next part of my build – authentication.

The Unraid build itself is coming on well, but I now have 14 separate docker containers doing things for me, all with their own individual authentication methods. If I plan on opening up the server to external access (which I do), then I need something to manage usernames and passwords from a central point.

That something is LDAP.

LDAP stands for Lightweight Directory Access Protocol, and is an open, vendor-neutral, industry standard application protocol for accessing and maintaining distributed directory information services over an Internet Protocol (IP) network.

The most common implementation of LDAP that people will probably have heard of is Microsoft’s Active Directory, itself an implementation of LDAP. It’s what I’m most familiar with, having worked with flavors of AD from 2003 onwards. It’s easy to setup and easy to work with, and is – in my view – the best implementation of LDAP for a heavily Windows-based environment.

I’m not exactly running a completely Windows environment. My primary machine, and that of my girlfriend, is running Windows 10. However, I have 14 docker containers (and growing), and some implementations I want to do that require some integration with whatever LDAP server you’re running, and I’m not sure how well AD would play with those.

Lastly, AD requires you to be running Windows Server, which requires a license, and also some fairly decent system requirements.

Plus, it’s fun to learn new things.

So I’ll be using something called FreeIPA (hopefully the punny title makes sense now) on a CentOS 8 install, with 2 vCPUs, 4GB RAM and a 60GB disk.

Read on for how it’s done.

Categories
Technology

USBs and IOMMUs and moving disk mounts … oh my!

In my last post I commented about my USB situation, which I hoped would be quickly resolved with a USB expansion card. I picked up this model from Inateck; a 5-port USB A device which would allow me to connect my USB switcher for keyboard & webcam, a headset for gaming, as well as gamepads and wheels.

It arrived with customary Amazon quickness, and I added it to the machine. Slightly annoyingly it (and others) required a power connection from the PSU, as the PCIe slots can’t supply the 5V required. I was out of SATA connectors so this meant running a Molex cable through the case (urgh).

I brought the machine back online and found the new USB device sitting happily in its own IOMMU group, so I bound it to VFIO, rebooted the server, then passed it through to the Windows machine and started it up.

That’s where my troubles began.

Categories
Technology

Blackjack Updates

So it’s been six days since my last post, and after a busy and at times frustrating week (work-wise, nothing to do with Blackjack) I have some more updates.

First, good news.
The Plex migration worked flawlessly as I mentioned in the last post. We’ve been running it for 6 days now and have watched a bunch of stuff on it without any issue whatsoever. This is what should have happened but I’m still pleased.

As you can see, I’m also penning this on my Windows 10 VM, using dual screens. The performance is excellent – it’s faster at booting than the bare metal install on my old machine!

I’ve now shut down my old machine, physically replacing it with Blackjack and swapping the rest of the memory. We’re now running on 64GB total, with 24GB reserved for the Windows 10 machine. It was pretty happy with 8 and I’m sure would be happy with 16, but if I have a surplus why not use it?
So far the containers I have running aren’t taxing the system much at all, but I have further plans which may drive that usage higher.

There have been a few things that haven’t quite worked as well as I’d hoped though.

Categories
Technology

Moving house with Plex & Docker

So, my data is all moved from t’old machine t’new one (for any Americans, you’ll need to read that sentence in a strong Yorkshire accent. Good luck.)

That could be that, but losing all of the ‘watched/unwatched’ and progress through series would be a bit of a pain in the arse, so I’m trying to migrate the metadata of my now-old Plex install (Razorback) to the new one (Blackjack).

On Windows, Plex stores everything in C:\Users\username\AppData\Local\Plex Media Server.

In Docker, that data is located at /mnt/cache/appdata/Plex-Media-Server/Library/Application Support/Plex Media Server/

Plex’s FAQ does include information on moving Plex data around, but it’s a far cry from what you really need to know in a scenario like this. That is fair, as there are a large number of potential scenarios and configurations that it would be unfair to expect Plex to constantly stay on top of and document adequately – after all if it doesn’t work, people would come crying to Plex and they’d have to support that or risk the wrath of Unhappy Internet People.

I’ll make this a long story short – I’m going with the basic bitch method of just copying the (several hundred thousand) files across the network from my Windows machine. I tried zipping the whole lot up and then unzipping it on the host, but with various combinations of commands I always got the same error: caution: filename not matched, which didn’t make sense then, and still doesn’t now.
I tried a number of different solutions from researching online but decided quite quickly that this is one of those annoying Linux things that I know I’ll spin my wheels on for an hour or so, and eventually just have to do it the basic way anyway.

So, I skipped ahead.

At the very least I am grateful that Plex have kept the folder structure and mechanisms broadly identical across different platforms. I’ve certainly dealt with software in my time where a Windows and a Linux version of an app were entirely incompatible and there was no hope of moving settings from one to the other, so this is a refreshing change from previous experiences.

Of course now we’ll have to see if this actually works or not. I have … middling hopes of success, but we’ll see.

A few hours later …

So the metadata is all copied over. I started the Plex Docker and immediately went into the server settings and edited my libraries; the existing libraries pointed at the old media locations, which was good. I added the new locations and let Plex scan them.

And … it worked! My On Deck still shows a half-watched episode of Brooklyn Nine-Nine, and my watched / unwatched lists are all there.

Categories
Technology

UnRAID: Data, Cache, and the Mover

So I’ll say up front, it’s possible that I haven’t set my storage up in the optimum way, and that choosing ‘just’ a 500GB cache drive has caused me some small issues, but I think that in daily operation, things should be fine.

My biggest challenge with the transition to the new machine was always going to be moving the data from old to new, whilst keeping the old one running and serving media.
As it transpired, we’ve had some internet issues over the last week which has meant the Plex server has been inaccessible to the outside world most of the time anyway, but I had already hatched a plan and that was what I stuck to.

I had 4x6TB (not 4x4TB as I said in my first post) in my Windows machine configured in Windows Storage Spaces. Due to the way it was configured, I could only remove one of the disks, despite having just over 1 disk-worth of data.
Therefore I’d need to move everything before I could destroy the array on my Windows machine and move the other disks.

The cache drive was a savior here, both in terms of storage and speed.

Categories
Technology

UnRAID: Getting the hang of things

SpaceInvaderOne

As I mentioned in the last post, SpaceInvaderOne is a brilliant resource for UnRAID – and a bunch of other things besides. It also doesn’t hurt that he’s a Brit based out of one of my favorite cities in the UK, Bristol.

I’ve mentioned a bit about parity in these posts and, if you’re wondering how it works, he has a brilliant explainer here.

He also talks in a subsequent video about key plugins to use with UnRAID. I was expecting a list of plugins, which is what I got, but also something even more impressive and much better than the disparate group of different plugins with different install techniques and documentation that I was expecting …

Community Applications

Community Applications is the plugin you must install with UnRAID, because it makes everything else so damn easy.
I’m not kidding – once it’s installed, this is your one-stop-shop for searching for plugins and one-click installing them. Most plugins I’ve found will also link you directly to the UnRAID Community Forum thread for that plugin should you have questions or just want to find out more.

It’s easy and brilliant and exactly what it should be. SpaceInvaderOne had some particular recommendations which I followed because after all, he’s the expert.

Plugins

The first one to install is Fix Common Problems, which does exactly what it says on the tin. It scans your system, and tells you if things are configured incorrectly, not configured at all and should be, or anything else that means your system could potentially not be running at its best.

Next up is the Dynamix series of plugins. These do everything from allowing you to schedule a cronjob to do regular SSD TRIM operations on any SSDs you have installed on the system that support them, to helpful visualization tools to show easy disk usage and system temperature information. There are a bunch more that I need to explore, but they really seem to have thought of a ton of use cases and developed for them.

It’s Getting Hot in Here

One of the things I really wanted for this machine was for it to be quiet. No shit right? Half the components I ordered are literally from a company with that name.
My biggest concern was balancing temperature and noise – it’s relatively easy to keep a machine cool if you blast air through it at high speed, but that comes with a lot of noise. Equally it’s easy to keep a machine quiet – lots of large fans run at slow speed – but that tends to let things get hot.

It probably didn’t help that we had an unseasonably warm week this week, and that I was adding a third machine to a room that already had two in it, but I’ve been seeing temperatures that are a little higher than I would really like, thanks to the Dynamix System Temperature plugin.

My existing machine runs at mid-30s at idle, and I stress tested it up to 85 degrees which is well within tolerances for the hardware – but that’s in a larger case with better ventilation at the front, and fewer cores.

I cranked my fan controller on the case from ‘Silent’ to ‘Performance’ but it honestly didn’t make much difference – however the BIOS is also set to Silent, so I may need to reboot and play around with those settings to crank the fans up a bit without making it too loud.

There’s also a reasonable chance that I screwed up the heatsink somehow, with the mounting issues I mentioned earlier.
Either way, once I have the machine fully up and running and I’m ready to move the rest of the disks over, I need to do a lot of cable management to get the machine into its final state, so I can remount the heatsink if I need to, and move some fans about.

So Plexy

The main barrier to swapping machines is replacing the Plex server running on Windows with the new Blackjack hosted data. As mentioned in my first UnRAID post, I had intended to run Plex on Ubuntu, but I changed my mind and went for a straight-up container. This meant that installing Plex was simpler than its ever been. I setup a couple of shares for the media, pointed Plex at them, and it was ready to roll.

Obviously there’s nothing in it yet, I still need to migrate all the media over (a process ongoing as I write). The last thing then is to try and migrate the database, keeping all of the ‘watched/unwatched’ tallies for me and the other users. Once that’s done and confirmed, I can delete the data from the Windows machine and relocate the disks.

No-IP

Remote access to this box is going to be important. I’ve used No-IP for years for keeping my domain name linked to the IP of wherever my machines are located. Usually this was an app installed on my machine but now I’m in the world of containers my first question is ‘Is there a container for that?’

The answer is yes, so I’ve now offloaded one more thing to the main system that I don’t have to worry about a guest OS doing.

Categories
Technology

Getting started with UnRAID: Initial struggles

A couple of things I forgot to mention in the last post.

Firstly on the built-in fans; the two fans were identical, but held in with very different screws. The rear fan had what I would consider to be ‘regular PC case screws’, but the front fan was held in with odd small stubby screws which, when removed, had a strange sticky gasket attached to them which sort of broke away as I removed them.

Perhaps typical purchasers of these cases don’t remove the existing case fans and just add to them but … I found it an odd difference, and a disappointing lack of quality on the front screws.

Lastly, the ‘cable management’ around the back of the motherboard tray started out well, but started to become problematic. The case panel is lined with a foam insert, which is great for deadening vibrations and thus noise, but it means there’s not a lot of space in there. My goal was to keep the motherboard side of the case clean and clear, but I may need to let more cabling into the body of the case in order to not have everything so smooshed up behind it.

Anyway, it was another day before I could get the machine connected up to a monitor and to begin working on it. I booted into the BIOS/UEFI setup first to tweak things and see what I was dealing with.

The ASRock Z460 Taichi has what I’d call a ‘typical’ UEFI setup screen – graphics that (to me) hark back to 90s Japan, but it was functional and let me get to what I need. I went through all the settings, making sure to enable the virtualization features, as well as turning on the IOMMU passthrough features I’d need later.

I probably spent most time fiddling with the motherboards’ built-in LEDs. They do all sorts of things, but I just wanted a static white light. I’ve yet to see if I’ll be able to install software on my Windows VM to manage that further – possibly turning it off at night automatically – but for now it’s fine.

Next was to boot into UnRAID itself.

Categories
Technology

UnRAID: Building Blackjack

That’s right, the God Box has a name.
My previous naming conventions followed The Expanse series of books (and now TV), but here I’ve swapped one form of plagiarism for another.

When discussing the idea of this build with one of my colleagues, he suggested a color scheme of white-on-black, which I liked the sound of and subsequently stole.
When I was a child, I remembered these sweets called Blackjacks – white and black chewy candy – and Fruit Salads. The black & white color scheme made ‘Blackjack’ a fitting choice.

I’ll probably call the Ubuntu installation Fruit Salad (that color scheme is a bit more of a stretch …) and I still need something fitting for Windows but .. whatever, we’re getting off topic.

Let’s talk hardware.

An Intel Core i9-10850k sits on an ASRock Z490 Taichi motherboard. Not pictured is the 64GB of G-Skill DDR4 2133Mhz RAM which was (at the time of picturing) installed in my existing machine.
That CPU is cooled by the be quiet! Shadow Rock 3 CPU cooler (center). Flanking that in the image is five white be quiet! Shadow Wings 2 140mm case fans.
To the left in front of the fans/motherboard is both a 500GB and 1TB Samsung Evo 970 NVMe SSD, for use as a cache drive and VM file drive respectively.
To the far right is the Republican Party a Corsair RM750x power supply in white (with white braided cables) and atop of that is a Zotac Gaming GeForce 2060 RTX graphics card.
On top of that is a Unifi 16 port POE switch.
At the very bottom of the picture are white SATA cables, white SAS cables for the SAS controller card which will eventually be transplanted along with the other disks from my main machine, and an 8TB WD Red NAS disk for parity.

Finally, the whole lot is ensconced in a be quiet! Dark Base 700 ATX tower, with additional drive bays purchased alongside it.

So let’s get to it!