Monday, December 8, 2014

Check your Postgres database catalog integrity effortlessly in seconds

Regular database backups is something no one can afford missing. If your database is inconsistent backups won't be produced successfully. A quick search on pg_dump schema with oid does not exist reveals a lot are suffering and cannot produce any backups.

Going through the search results, people suggest manually scanning the system catalog tables to identify inconsistencies. This is a tedious process and requires a lot of knowledge about the catalog structure.

Fortunately, there is an open-source tool called pg_catcheck, which can detect these inconsistencies. However, it requires you to install Postgres from source and build the tool against its source tree, which may be tricky on some systems. In this blog, I will introduce a cloud-based solution to effortlessly run pg_catcheck, without any compilation, at no extra cost.
Cloud pg_catcheck is a heroku customized fork of the original repo. There are 2 main advantages to use it over the local one:


  1. No need to download, compile postgres or pg_catcheck from source.
  2. For postgres servers running on heroku (or any AWS-based servers), super fast running time because it runs on the same infrastructure of the database server, reducing the time to do the check from minutes to several seconds.
Fortunately, heroku gives free 750 dyno hours per month, so you will always do the checks for free, because there are no web dynos running.


How to use:

To check your own database, just clone this repo, deploy it to heroku, set database url and finally run the check:

 # setup: do this only once
git clone https://github.com/hammady/pg_catcheck.git
cd pg_catcheck
heroku create --buildpack https://github.com/ddollar/heroku-buildpack-multi.git
git push heroku master

# set the database url and run the check
heroku config:set DATABASE_URL=postgres://username:password@host:port/databasename
heroku run ./check

Before deploying, you need to create an account on heroku, if you don't already have one. 

Read more...

Tuesday, May 21, 2013

Remove the stupid onscreen keyboard input from an example banking website

The onscreen keyboard input is a security feature in many website, especially banking websites. It is only useful if you are accessing your account from a public machine (which is not a good practice anyway). On such computers, a spyware may be monitoring your keyboard strokes and will have access to your typed password. However, on your own computer, if you are vigilant enough, there is no such need for such keyboard.

Here are 2 userscripts that will enable the normal keyboard input for QIB banking website on the main and the transaction pages. You will need Tampermonkey to get them working on Google Chrome, or Greasemonkey for Firefox.

After installing the above browser extensions, just follow the following links and click on "Install" on the very top of the page. Once your browser shows the main and transaction pages, it will automatically enable the password fields so that you can freely type your passwords.

  1. Enable main page password field
  2. Enable transaction page password field
The script can be extended to work on any page by looking for read-only fields and enabling them, I will do this later inshaAllah :)


Read more...

Wednesday, April 3, 2013

[Linux/Mac] Always leave your trash occupied, but not full

Some people have a common "bad" practice of deleting items permanently as seeing the Trash (Recycle Bin for poor Windows users) non-empty provokes them! Rule of thumb: don't ever permanently delete your files, the trash is a great feature, so please use it! You never know when you will need those files again.

However, by time your trash size will grow up and take a lot of space of your storage. No, I won't ask you to empty it every now and then. The best practice is to only delete files that are older than a specific date, lets say 30 days.

To be short, this is a little bash script that will calculate the total trash size then deletes those old items and print again the new size:

victim=~/.Trash
echo Calculating $victim size...
echo $victim size: `du -sh $victim | cut -f1`
echo -n "Emptying $victim items older than 30 days, please be patient..."
find $victim -mtime +30d -exec rm -fr {} \; &> /dev/null
echo Done
echo Current $victim size: `du -sh $victim | cut -f1`

You can change the victim to ~/Downloads or whatsoever, you can also change the number of days to weeks or months or whatsoever. Use it at your own risk :)

Read more...

Thursday, June 2, 2011

الآن يمكنك الكتابة بالعربية على الأندرويد باستخدام لوحة مفاتيح آبل اللاسلكية

لقد كتبت تدوينة الأسبوع الماضي تتحدث عن كيفية إضافة اللغة العربية كلغة ثانية على لوحة مفاتيح آبل اللاسلكية لاستخدامها على هاتف الأندرويد. ولكني قد كتبتها باللغة الإنجليزية. وبعد مرور أسبوع تقريبا جاءت مبادرة المجلس الأعلى للاتصالات وتكنولوجيا المعلومات بدولة قطر لدعم المحتوى العربي على شبكة المعلومات. بالطبع لم تكن هذه هي المبادرة الأولى فقد نظم المجلس الأعلى مؤتمر كتكوم الذي كانت إحدى محاوره الرئيسية دعم المحتوى العربي على شبكة المعلومات.
وبعد تشجيعهم لي على موقع تويتر فلم أجد بدا من أن هذه التدوينة هي أولى تدوينة لكتابتها باللغة العربية لأنها تخدم لغتي الحبيبة العربية شكلا ومضمونا، وإليكم التدوينة.

إذا كنت محظوظا بما فيه الكفاية بتملك لوحة مفاتيح لاسلكية - بلوتوث وخاصة لوحة مفاتيح آبل اللاسلكية، إذًا فإنه من الممتع استخدامها للكتابة على هاتف الأندرويد خاصتك لكونها مريحة جدا في الكتابة. ولحسن الحظ أيضا، فهناك عدة تطبيقات على سوق تطبيقات أندرويد تتيح لك ذلك، أذكر منها بالأخص اثنين: BlueInput و BlueKeyboard JP.
هناك أيضا العديد من مقاطع الفيديو التي تشرح كيفية استخدام هذه البرامج منها على سبيل المثال هذا المقطع:



ربما لاحظت أن اللغات المدعومة في التطبيق السالف ذكره لا تشمل سوى الإنجليزية والألمانية واليابانية، أي أن العربية غير مدعومة. أما في التطبيق الثاني فالإنجليزية فقط هي المدعومة وحدها. وبما أني أكتب كثيرا على الهاتف بالعربية فكم تمنيت أن أكتب باستخدام لوحة المفاتيح لما وجدته من سهولة استخدامها وبالأخص في المؤتمرات والمحاضرات حين أريد كتابة ملاحظات أو إرسال تغريدات آنية. المهم فقد راسلت مطوري هذه التطبيقات وطلبت منهم إضافة العربية، ولكن أحدهم لم يرد مطلقا والآخر أخبرني أنهم بصدد طرح إصدار جديد من شأنه إضافة لغات جديدة حسب اختيار المستخدم. لم يسعني الانتظار وخصوصا أنهم لم يحددوا موعدا ثابتا.

بعد البحث في شكبة المعلومات والدراسة السريعة لتصميم وبناء نظام الأندرويد، فقد قررت أن أضف دعم العربية بنفسي. وبالفعل تم بحمد الله مرادي وأنشأت تحديث للأندرويد وهو ما يطلق عليه ROM Update
من شأنه إضافة اللغة العربية كلغة ثانية بحيث تعمل على أي تطبيق للوحة المفاتيح على كل تطبيقات الهاتف. وبما أن هذا التحديث يعدل في نظام التشغيل فيجب أن يكون جهازك مفتوح وهو ما يسمي بالروتنج أو Rooting.
هذا دليل جيد جدا للروتنج أنصح بالرجوع إليه إذا لم تكن قد فعلت بعد.

في الوقت الحالي هذا التحديث مصمم فقط لجهاز جوجل نكسس إس المحمل بنظام تشغيل معدل موداكو أو سيانوجنمود. ولكن لا يعني هذا أن بقية الأجهزة غير مدعومة وذلك لأني ليس عندي الوقت الكافي لحزم التحديث لجميع الأجهزة المتوفرة. إذا كنت مهتما، فقط اترك تعليق أدناه مع ذكر نوع جهازك ونظام تشغيله المعدل وسيسعدني عمل التحديث لجهازك.

للتحميل وكيفية التنصيب والاستخدام، راجع التدوينة السابقة.
هذا كل ما أردت كتابته، في انتظار تعليقاتكم ويسعدني مساعدتكم.
والسلام عليكم
حسام


Read more...

Thursday, May 26, 2011

[Android] Adding Arabic Layout for Bluetooth HID Keyboards

If you are lucky enough to have a bluetooth HID keyboard, like Apple Wireless Keyboard, then it would be ultimate fun to use it on your Android phone for convenient editing. Luckily as well, there are couple of Market apps that let you do this. The first is BlueInput and the other is BlueKeyboard JP. There are many tutorials explaining how you use these apps, here is one of them:


As you can see, only English, Dutch and Japanese layouts are supported. For the other app, only English is supported. As an Arabic speaker, I wished that I could use my keyboard to write in Arabic. I tried to contact the developer of BlueKeyboard JP but he never answered. He even didn't have much time to publish my comment on his website. I contacted Teksoft, the developers of BlueInput, but all what they have said is that they are gonna add more layouts soon.

After some readings in the Android OS architecture, I have developed a ROM update that will add the Arabic layout to ANY HID app you are using! Obviously, your device should be rooted.
A good guide for rooting Nexus S can be found here.

As of the moment, the update is available only for Nexus S running either Cyanogenmod7 or MoDaCo. Although, cooking an update for any device is darn easy, but I don't have much time to do this for all and every device on the market. If you are interested, please leave a comment below mentioning your device model and firmware, and I will cook the update for you.

Download (144 KB):
How to install:

Because you have a rooted device, you should be already having Clockworkmod recovery installed as your recovery manager (or a similar). Flash my update the same as you flash any update.
  1. Download the appropriate file from above and save it on your device sdcard.
  2. Reboot the device in the recovery mode (for Nexus S, hold the Power & Vol-up while switching on, and then select Recovery)
  3. Choose 'install zip for sdcard'
  4. Choose 'choose zip for sdcard'
  5. Select the update file you have saved in step 1
  6. Confirm install by selecting 'Yes - install blah blah...'
  7. Wait a couple of seconds and make sure no errors are displayed
  8. Now choose 'Go Back' and reboot your device normally
How to use:

  1. Assuming you have successfully connected your keyboard and can type in English, wherever you want to write in Arabic, just press the Alt key two times, that simple!
  2. To type again in English, just press the Alt key two times, again!
  3. When writing in Arabic, you can use the shift key to write alef hamza, Arabic comma, semicolon, diacritics (tashkeel) and everything you are used to write on your computer.
  4. You will also notice that digits are written in Hindi, so yes it is real Arabic keyboard :)
Note: in BlueKeyboard JP, there is a bug that will not let you switch to Arabic when the bottom ads are shown, to workaround this, just press 'Esc' on your keyboard for the ads to go away and then you can switch back and forth to/from Arabic.

Important: Don't use this update for devices having physical keyboards. Obviously this will modify their layout.

That's it for now, waiting to hear from you.

Read more...

Sunday, September 26, 2010

Securing apache Basic authentication

The easiest way to secure your apache webserver is using Basic authentication. Users wanting to access your webserver will be prompted to enter a username/password pair to do that. However, Basic authentication is not secure as it does not encrypt these credentials, nor the content itself. The solution comes in Digest authentication. This is how to migrate your server configuration from Basic to Digest authentication.

In Basic authentication, you create a passwords file (using htpasswd command) then configure apache as in the link above. To migrate to Digest authentication all you have to do is to:
  1. Use the command htdigest instead of htpasswd to create users
    htdigest -c /path/to/your/passwords/file "Authentication Realm" username
  2. Configure apache by adding the following:
    AuthType Digest
    AuthName "Authentication Realm"
    AuthUserFile /path/to/your/passwords/file
    Require valid-user

  3. If you have SELinux running, enable httpd to access the passwords file:
    setsebool -P httpd_enable_homedirs 1
  4. Restart apache:
    service httpd restart
Note: the apache user (usually apache) needs to have read access to the passwords file, apparently!

It is worth nothing that Digest authentication only encrypts your password, but not the content. Moreover, anyone sniffing on the packets, having the encrypted password, can use it directly to access your content. To overcome these issues, you have to put your content under SSL, but this is another story.



Read more...

Thursday, August 19, 2010

Nokia Ovi Store distribution market and the axis-of-evil countries

Today I was reading some technical news and came across an article from the Forum Nokia Blog. The article highlights the achievements and new features of the Ovi Store. What drew my attention in this page is the distribution market map of the store. It basically tells which countries have paid apps, which have free only apps, which are totally blocked!




As you can see from the map, these are the axis-of-evil countries that are blocked from the Ovi Store:
  1. Iran
  2. Syria
  3. Sudan
  4. Cuba
  5. North Korea
  6. Cote d'Ivoire
  7. Congo
  8. Zimbabwe
  9. Did my eyes miss something?
This reminds me of the ban of some of these countries from the SourceForge website post Clinton's Internet Freedom Speech. At least Nokia should make this block list under the control of the app publishers, exactly like what SourceForge did.

I don't like the political influence on the technical world. It does not align with the human rights of the people of these countries.

You too Nokia?


Read more...