- Systems Preferences > Software Update > Make sure it's up to date.
- Also, click "Advanced" button and, at a minimum, make sure that the check box for "Check for updates" and "Install system data files and security updates" are enabled.
- Anti-malware protection: At a minimum, install the free version of Malwarebytes: https://www.malwarebytes.com/mac-download/
- Set a weekly reminder to manually run a scan. The purchased version can automatically scan.
- To prevent Facebook from tracking you around the web. I recommend installing:
- Firefox: https://www.mozilla.org/en-US/firefox/mac/
- The Firefox Facebook Container browser extension: https://addons.mozilla.org/en-US/firefox/addon/facebook-container/
- Optionally, you may also wish to install other Firefox-created browser extensions from: https://addons.mozilla.org/en-US/firefox/user/4757633/
- Firefox Multi-Account Containers "lets you keep parts of your online life separated into color-coded tabs that preserve your privacy. Cookies are separated by container, allowing you to use the web with multiple identities or accounts simultaneously."
- Firefox Relay which "lets you generate email aliases that forward to your real inbox. Use it to hide your real email address and protect yourself from hackers and unwanted mail."
- To install an Ad-blocker, I recommend uBlock Origin. Install the browser extension in both
- Firefox: https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/
- Chrome: https://chrome.google.com/webstore/detail/ublock-origin/cjpalhdlnbpafiamejdnhcphjbkeiagm?hl=en
- Verify that all currently running processes are legit. Run Objective-See's Task Explorer: https://objective-see.com/products/taskexplorer.html
- Once running, use the top right corner filter "#nonapple" to remove Apple processes from the list.
- Scroll through the top list and ensure that the process and, more importantly, the full path look familiar to you. Also, make sure the "virustotal" value for each entry is 0 or low. For example:
- Chrome 0/75 virustotal
/Applications/Google Chrome.app/... - Chrome Helper 0/74 virustotal
/Applications/Google Chrome.app/... - Firefox 0/76 virustotal
/Applications/Firefox.app/... - FrontendAgent 0/76 virustotal
/Library/Application Support/Malwarebytes/... - plugin-container 0/76 virustotal
/Applications/Firefox.app/... - RTProtectionDaemon 0/75 virustotal
/Library/Application Support/Malwarebytes/... - SettingsDaemon 0/76 virustotal
/Library/Application Support/Malwarebytes/... - If you see a process that you are unfamiliar with, Google it and try to determine if it's a program that you installed.
- If you do not recall installing it, try to determine how to remove it.
- Verify that all currently running processes are legit. Run Objective-See's Netiquette: https://objective-see.com/products/netiquette.html
- Once running, scroll through the list and ensure that you are familiar with all of the processes.
- If you see a process that you are unfamiliar with, see step #5.3-4
- Verify that all currently running Kernel Extensions are legit. Run Objective-See's KextViewr: https://objective-see.com/products/kextviewr.html
- Follow steps #5.1-4.
- Verify that all currently running Kernel Extensions are legit. Run Objective-See's KnockKnock: https://objective-see.com/products/knockknock.html
- Once running, press the "Start Scan" button at the top.
- Once finished scanning, click on the first section on the left sidebar.
- For each section, scroll through the list on the right side.
- Follow steps #5.2-4
- Repeat for each section on the left sidebar.
- If you know what to look for, some other Objective-See programs worth installing:
- Lulu: https://objective-see.com/products/lulu.html
- BlockBlock: https://objective-see.com/products/blockblock.html
- ReiKey: https://objective-see.com/products/reikey.html
- OverSight: https://objective-see.com/products/oversight.html
- RansomeWhere?: https://objective-see.com/products/ransomwhere.html
- Do Not Disturb: https://objective-see.com/products/dnd.html
it's here...
Monday, January 18, 2021
How to keep your macOS safe
Tuesday, January 5, 2021
How to install nginx-ts-module under CentOS 7
I have an encoder that outputs an HLS stream and I wanted NGINX to receive it.
I was unable to find a single page with complete step-by-step instructions so hopefully you find this useful.
- For NGINX to accept an incoming HLS stream, you will need a 3rd-party module and, AFAIK, Arut's nginx-ts-module is only game in town. Click the green "Code" button and select "Download ZIP": https://github.com/arut/nginx-ts-module and decompress it.
- Follow the following steps from: https://www.vultr.com/docs/how-to-compile-nginx-from-source-on-centos-7
- Summary:
Become root and enter:yum check-update || sudo yum update -y
yum groupinstall -y 'Development Tools' && yum install -y vim
yum install -y epel-release
yum install -y perl perl-devel perl-ExtUtils-Embed libxslt libxslt-devel libxml2 libxml2-devel gd gd-devel GeoIP GeoIP-devel
- Navigate to http://nginx.org/en/download.html and download the latest "Mainline" NGINX source code. Version 1.19.6 was the latest on 2021-Jan-5:
wget http://nginx.org/download/nginx-1.19.6.tar.gz && tar zxvf nginx-1.19.6.tar.gz
- NGINX depends on PCRE, zlib and OpenSSL libraries as per the NGINX compiling instructions: https://docs.nginx.com/nginx/admin-guide/installing-nginx/installing-nginx-open-source/#sources All the instructions I found online, recommend downloading the latest source code of those libraries and linking them to the NGINX build, however, this failed for me with the make error:
/bin/ld: ../pcre-8.44/.libs/libpcre.a(libpcre_la-pcre_compile.o): relocation R_X86_64_32S against hidden symbol `_pcre_OP_lengths' can not be used when making a shared object
/bin/ld: ../pcre-8.44/.libs/libpcre.a(libpcre_la-pcre_config.o): relocation R_X86_64_32S against `.rodata' can not be used when making a shared object; recompile with -fPIC
/bin/ld: ../pcre-8.44/.libs/libpcre.a(libpcre_la-pcre_exec.o): relocation R_X86_64_32S against `.rodata' can not be used when making a shared object; recompile with -fPIC
/bin/ld: ../pcre-8.44/.libs/libpcre.a(libpcre_la-pcre_fullinfo.o): relocation R_X86_64_32S against `.rodata' can not be used when making a shared object; recompile with -fPIC
/bin/ld: ../pcre-8.44/.libs/libpcre.a(libpcre_la-pcre_jit_compile.o): relocation R_X86_64_32S against `.rodata' can not be used when making a shared object; recompile with -fPIC
/bin/ld: ../pcre-8.44/.libs/libpcre.a(libpcre_la-pcre_study.o): relocation R_X86_64_32S against `.rodata' can not be used when making a shared object; recompile with -fPIC
/bin/ld: ../zlib-1.2.11/libz.a(deflate.o): relocation R_X86_64_32S against hidden symbol `_length_code' can not be used when making a shared object
/bin/ld: ../zlib-1.2.11/libz.a(inflate.o): relocation R_X86_64_32S against hidden symbol `zcfree' can not be used when making a shared object
/bin/ld: ../zlib-1.2.11/libz.a(inftrees.o): relocation R_X86_64_32 against `.rodata' can not be used when making a shared object; recompile with -fPIC
/bin/ld: ../zlib-1.2.11/libz.a(trees.o): relocation R_X86_64_32S against hidden symbol `_length_code' can not be used when making a shared object
/bin/ld: ../zlib-1.2.11/libz.a(zutil.o): relocation R_X86_64_32 against `.rodata.str1.1' can not be used when making a shared object; recompile with -fPIC
/bin/ld: ../zlib-1.2.11/libz.a(crc32.o): relocation R_X86_64_32S against `.rodata' can not be used when making a shared object; recompile with -fPIC
/bin/ld: ../zlib-1.2.11/libz.a(inffast.o): relocation R_X86_64_32S against `.rodata.str1.1' can not be used when making a shared object; recompile with -fPIC
/bin/ld: final link failed: Nonrepresentable section on output
collect2: error: ld returned 1 exit status
make[1]: *** [nginx-1.19.6/nginx] Error 1
make[1]: Leaving directory `/root/nginx-1.19.6'
make: *** [build] Error 2
I tried adding -fPIC to various places but I was unsuccessful. I wasn't able to get the following solutions to work: https://serverfault.com/a/831233
https://stackoverflow.com/questions/48599572
Instead, I installed the dev libraries from CentOS and EPEL with:yum -y install zlib-devel pcre-devel openssl-devel
- Navigate into the NGINX source directory, make sure it's properly extracted and look through the "configure" options
cd ~/nginx-1.19.6; ls
./configure --help
- I figured I should try to compile NGINX similar to how EPEL's NGINX binary is compiled. I suggest installing the EPEL NGINX for reference and for the install scripts to create the nginx user, group, ...
Install NGINX and then run the following command to see it's compiled options:yum -y install nginx
nginx -V
nginx version: nginx/1.16.1
built by gcc 4.8.5 20150623 (Red Hat 4.8.5-44) (GCC)
built with OpenSSL 1.1.1c FIPS 28 May 2019 (running with OpenSSL 1.1.1g FIPS 21 Apr 2020)
TLS SNI support enabled
configure arguments: --prefix=/usr/share/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib64/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --http-client-body-temp-path=/var/lib/nginx/tmp/client_body --http-proxy-temp-path=/var/lib/nginx/tmp/proxy --http-fastcgi-temp-path=/var/lib/nginx/tmp/fastcgi --http-uwsgi-temp-path=/var/lib/nginx/tmp/uwsgi --http-scgi-temp-path=/var/lib/nginx/tmp/scgi --pid-path=/run/nginx.pid --lock-path=/run/lock/subsys/nginx --user=nginx --group=nginx --with-file-aio --with-ipv6 --with-http_ssl_module --with-http_v2_module --with-http_realip_module --with-stream_ssl_preread_module --with-http_addition_module --with-http_xslt_module=dynamic --with-http_image_filter_module=dynamic --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_random_index_module --with-http_secure_link_module --with-http_degradation_module --with-http_slice_module --with-http_stub_status_module --with-http_perl_module=dynamic --with-http_auth_request_module --with-mail=dynamic --with-mail_ssl_module --with-pcre --with-pcre-jit --with-stream=dynamic --with-stream_ssl_module --with-google_perftools_module --with-debug --with-cc-opt='-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -m64 -mtune=generic' --with-ld-opt='-Wl,-z,relro -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -Wl,-E' - I modified this output to install the compiled version into a new directory: /opt/dave
Change PREFIX, paths and BUILDDIR to suite your needs:
./configure --prefix=/opt/dave/usr/share/nginx \
--sbin-path=/opt/dave/usr/sbin/nginx \
--modules-path=/opt/dave/usr/lib64/nginx/modules \
--conf-path=/opt/dave/etc/nginx/nginx.conf \
--error-log-path=/opt/dave/var/log/nginx/error.log \
--pid-path=/opt/dave/var/run/nginx.pid \
--lock-path=/opt/dave/var/run/nginx.lock \
--http-log-path=/opt/dave/var/log/nginx/access.log \
--http-client-body-temp-path=/opt/dave/var/lib/nginx/tmp/client_body \
--http-proxy-temp-path=/opt/dave/var/lib/nginx/tmp/proxy \
--http-fastcgi-temp-path=/opt/dave/var/lib/nginx/tmp/fastcgi \
--http-uwsgi-temp-path=/opt/dave/var/lib/nginx/tmp/uwsgi \
--http-scgi-temp-path=/opt/dave/var/lib/nginx/tmp/scgi \
--user=nginx \
--group=nginx \
--build=CentOS \
--builddir=nginx-1.19.6 \
--with-select_module \
--with-poll_module \
--with-threads \
--with-file-aio \
--with-http_ssl_module \
--with-http_v2_module \
--with-http_realip_module \
--with-http_addition_module \
--with-http_xslt_module=dynamic \
--with-http_image_filter_module=dynamic \
--with-http_geoip_module=dynamic \
--with-http_sub_module \
--with-http_dav_module \
--with-http_flv_module \
--with-http_mp4_module \
--with-http_gunzip_module \
--with-http_gzip_static_module \
--with-http_auth_request_module \
--with-http_random_index_module \
--with-http_secure_link_module \
--with-http_degradation_module \
--with-http_slice_module \
--with-http_stub_status_module \
--with-http_perl_module=dynamic \
--with-mail=dynamic \
--with-mail_ssl_module \
--with-stream=dynamic \
--with-stream_ssl_module \
--with-google_perftools_module \
--with-stream_realip_module \
--with-stream_geoip_module=dynamic \
--with-stream_ssl_preread_module \
--with-compat \
--with-openssl-opt=no-nextprotoneg \
--with-debug \
--with-cc-opt='-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -m64 -mtune=generic' \
--with-ld-opt='-Wl,-z,relro -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -Wl,-E' \
--add-dynamic-module=../nginx-ts-module-master - If configure runs without error then build and install it:
make
make install
- I renamed the new NGINX to differentiate it from the EPEL installed NGINX:
cd /opt/dave/usr/sbin
mv nginx nginx-1.19.6
- NGINX will fail if the following directory isn't created:
mkdir -p /opt/dave/var/lib/nginx/tmp/media
chown -R nginx.nginx /opt/dave/var/lib/nginx - Backup the existing conf file:
cd /opt/dave/etc/nginx
cp nginx.conf{,.bak}
- Use the following nginx.conf file to test HLS ingest:
load_module /opt/dave/usr/lib64/nginx/modules/ngx_http_ts_module.so;
worker_processes 1;
events {
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
server {
listen 2935;
server_name localhost;location / {
root html;
}
location /publish/ {
ts;
ts_hls path=/opt/dave/var/lib/nginx/tmp/media/hls segment=10s;
client_max_body_size 0;
}
location /play/ {
types {
application/x-mpegURL m3u8;
application/dash+xml mpd;
video/MP2T ts;
video/mp4 mp4;
}
alias /opt/dave/var/lib/nginx/tmp/media/;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}
- Test the newly compiled NGINX binary:
/opt/dave/usr/sbin/nginx-1.19.6
- Send a test from the same or another computer to NGINX with ffmpeg (either compile ffmpeg from source or use the following instructions taken from https://linuxize.com/post/how-to-install-ffmpeg-on-centos-7/):
yum localinstall --nogpgcheck https://download1.rpmfusion.org/free/el/rpmfusion-free-release-7.noarch.rpm
yum -y install ffmpeg
ffmpeg -re -i <Filename>.mp4 -bsf:v h264_mp4toannexb -c copy -f mpegts http://<FQDN or IP of NGINX>:<Port>/publish/<User-defined name> > /dev/null 2>&1 < /dev/null - To restart ffmpeg if it crashes and to prevent it from outputting to the console use the following (taken from: https://stackoverflow.com/a/16527559):
#!/bin/bash
while [ true ]; do
ffmpeg -re -i <Filename>.mp4 -bsf:v h264_mp4toannexb -c copy -f mpegts http://<FQDN or IP of NGINX>:<Port>/publish/<User-defined name> > /dev/null 2>&1 < /dev/null
sleep 0.1
done - View the replublished HLS stream with VLC:
http://<FQDN or IP of NGINX>:<Port>/play/hls/<User-defined name>/index.m3u8 - If you're happy with it all, you may wish to make the new NGINX a service and start on boot.
Alternatively, if you're not interested in the above steps, there seems to be a 3rd-party pre-compiled package of the nginx-ts-module here: https://centos.pkgs.org/7/getpagespeed-x86_64/nginx-module-ts-1.18.0.0.1.1-2.el7.gps.x86_64.rpm.html
There also seems to be a Docker image here: https://hub.docker.com/r/2chat/nginx-ts-docker
Thursday, April 23, 2020
Nimble installation steps on CentOS
Nimble installation steps on CentOS
Prep the server
lock down SSH: https://www.liberiangeek.net/2014/07/enable-ssh-key-logon-disable-password-password-less-logon-centos/Maybe even install Port Knocking: https://www.cipherdyne.org/fwknop/
Remove unnecessary services
Update packages
vi /etc/ssh/sshd_config
yum install tcpdump lsof iftop
lsof -i -n
yum whatprovides /usr/libexec/postfix/master
yum remove postfix rpcbind
yum update
shutdown -r now; logout
Install Nginx
yum install nginx
systemctl start nginx
#How do you determine if you are running firewalld or iptables?
#Add nginx to firewalld
firewall-cmd --permanent --zone=public --add-service=http
firewall-cmd --permanent --zone=public --add-service=https
firewall-cmd --reload
#or add nginx to iptables
iptables -A INPUT -p tcp --dport 443 -j ACCEPT
/sbin/service iptables save
iptables -L -v
systemctl enable nginx
cp /etc/nginx/nginx.conf /etc/nginx/nginx.conf.orig
vi /etc/nginx/nginx.conf
SSL Certs
vi /usr/share/nginx/html/sldp-embed.html
#if you want to create a free FQDN:
#1. register one with: https://www.dynu.com/en-US/
#2. install and use certbot: https://certbot.eff.org/lets-encrypt/centosrhel7-nginx
yum install certbot python2-certbot-nginx
certbot --nginx
#make a remind about SSL cert renewals#confirm the cert is correctly installed: https://www.ssllabs.com/ssltest/analyze.html?d=<FQDN>&hideResults=on
#change nginx.conf to remove port 80
#Otherwise, to manually create a cert and use the customer's FQDN:
#Have the customer create an DNS A record
#and create an SSL Certificate Signing Request (CSR)
cd /etc/pki/tls/certs
#Create the openssl conf file:
vi cert.conf
[ req ]
default_bits = 2048
default_keyfile = FQDN.key
encrypt_key = no
prompt = no
distinguished_name = req_distinguished_name
req_extensions = req_ext
[ req_distinguished_name ]
C = US
ST = New York
L = New York
O = Organization Name (eg, company)
OU = Dept
CN = FQDN
emailAddress = email@example.org
[ req_ext ]
subjectAltName = @alt_names
[alt_names]
DNS.1 = FQDN
openssl req -new -out FQDN.csr -config FQDN.conf
#Verify the CSR:
openssl req -noout -text -in sslcert.csr
openssl dhparam -out /etc/ssl/certs/ssl-dhparam.pem 4096
#Send the CSR.
#Once the signed certificate is received, install it on the Nimble server:
vi /etc/nginx/conf.d/ssl.conf
#Add:
server {
listen 443 http2 ssl;
listen [::]:443 http2 ssl;
server_name server_IP_address;
ssl_certificate /etc/ssl/certs/nginx-selfsigned.crt;
ssl_certificate_key /etc/ssl/private/nginx-selfsigned.key;
ssl_dhparam /etc/ssl/certs/dhparam.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # drop SSLv3 (POODLE vulnerability)
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
ssl_prefer_server_ciphers on;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK';
}
#Check syntax errors:
nginx -t
#confirm the cert is correctly installed: https://www.ssllabs.com/ssltest/analyze.html?d=<FQDN>&hideResults=on
Install Nimble
vi /etc/yum.repos.d/nimble.repo
[nimble]
name=Nimble Streamer repository
baseurl=http://nimblestreamer.com/centos/7/$basearch
enabled=1
gpgcheck=1
gpgkey=http://nimblestreamer.com/gpg.key
yum makecache
yum install nimble nimble-srt
/usr/bin/nimble_regutil -u test@yourcompany.com -p mypassword --run-as-normal-user
#figure out why can’t run as normal user
vi /etc/nimble/nimble.conf
port = 0
ssl_protocols = TLSv1 TLSv1.1 TLSv1.2
ssl_port = 41443
ssl_certificate = /conf/cert/default.crt
ssl_certificate_key = /conf/cert/default.key
service nimble start
#Get the latest version of the SLDP player: https://softvelum.com/player/web/
curl -o sldp-v2.13.3.min.js https://softvelum.com/player/releases/sldp-v2.13.3.min.js
vi /usr/share/nginx/sldp-embed.html
<!DOCTYPE html>
<html>
<head>
<script src="sldp-v2.13.3.min.js"></script>
</head>
<body style="margin: 0; padding: 0; height: 100%; position: absolute; width: 100%;">
<div id="player-wrp" style="width: 100%; height: 100%;"></div>
<script type="text/javascript">
var curURL = new URL(window.location.href);
var streamUrl = curURL.searchParams.get("stream") || '';
var sldpPlayer = SLDP.init({
container: 'player-wrp',
stream_url: streamUrl,
autoplay: true,
pause_timeout: 0,
buffering: 100,
width: 'parent',
height: 'parent'
});
</script>
</body> </html>
Configure Nimble via WMSPanel
https://wmspanel.com/ > Nimble Streamer > Live Stream Settings > GlobalDisable HLS and DASH
Only enable SLDP
Add MPEGTS In and out
Set SRT custom parameters
passphrase
pbkeylen
Test!
https://<Nimble server>/sldp_embed.html?stream=wss://<Nimble server>:<Nimble port>/<Nimble app>/<Nimble Stream>Have fun!
Tuesday, April 2, 2019
Recommendations for finding a cheap place to stay in NYC
Monday, August 21, 2017
Family-friendly NYC Restaurant Recommendations
On Aug 16, 2017, a coworker wrote:Going to NYC next week with family. Can you recommend some good casual restaurants for lunch/dinner. Thanks.
- Stardust is a diner near Broadway where all of the staff break out in broadway show tunes. It’s the only place on this list I haven’t been but I’ve heard good things about it. A friend, his wife and his 3 kids were just in town last week and they recommend it as well! https://www.yelp.com/biz/ellens-stardust-diner-new-york
- Junior’s in Times Square for the full-on diner vibe and get the Cheesecake. 2 locations: https://www.yelp.com/biz/juniors-restaurant-and-cheesecake-new-york and https://www.yelp.com/biz/juniors-new-york-7
- Carmine’s for Italian food served family style (big plates to share): https://www.yelp.com/biz/carmines-times-square-new-york
- Burger & Lobster: Only 3 things on the menu: A burger, a whole lobster or a lobster roll. Each one $20: https://www.yelp.com/biz/burger-and-lobster-new-york-3 and a Flatiron location see below.
- 2nd Ave Deli for that typical NYC Jewish/Snowdon Deli vibe - https://www.yelp.com/biz/2nd-ave-deli-new-york
- Urbanspace Vanderbilt is just next to Grand Central and is a food court with local and high quality vendors: https://www.yelp.com/biz/urbanspace-vanderbilt-new-york-2
- Black Tap: Amazing burgers and insane milkshakes: https://www.yelp.com/biz/black-tap-craft-burger-and-beers-new-york also have West Village, and SoHo locations (see below)
- Friedman’s for lunch near Penn Station: https://www.yelp.com/biz/friedmans-new-york-59
- Eataly is a fun Italian market with different speciality counters and restaurants like pizza/pasta, charcuterie, seafood, … and a rooftop restaurant: https://www.yelp.com/biz/eataly-new-york-8
- Burger & Lobster: Only 3 things on the menu: A burger, a whole lobster or a lobster roll. Each one $20: https://www.yelp.com/biz/burger-and-lobster-new-york and a Times Square location see above.
- Chelsea Market is very convenient to the High Line, thus very touristy but it does have some great restaurants and shops including some amazing tacos but the taco spot always has a long line: https://www.yelp.com/biz/chelsea-market-new-york
- Coppelia is a great 24/7 Cuban spot: https://www.yelp.com/biz/coppelia-new-york
- Black Tap: Amazing burgers and insane milkshakes: https://www.yelp.com/biz/black-tap-craft-burgers-and-beer-new-york-2 also have Midtown West and SoHo locations (see above and below)
- Veselka 24/7 Great Ukrainian diner https://www.yelp.com/biz/veselka-new-york
- Vanessa’s Dumpling House - try the dumplings and sesame pancakes: https://www.yelp.com/biz/vanessas-dumpling-new-york and they also have a Chinatown location (see below).
- Cafe Mogador Delicious Moroccan food: https://www.yelp.com/biz/cafe-mogador-new-york
- Black Tap: Amazing burgers and insane milkshakes: https://www.yelp.com/biz/black-tap-craft-burgers-and-beer-new-york also have Midtown West and West Village locations (see above and below)
- Sammy’s Roumanian Steakhouse a delicious taste of jewish Eastern Europe with a really fun and unique atmosphere with live singing and dancing: https://www.yelp.com/biz/sammys-roumanian-steakhouse-new-york
- Katz’s Deli for their massive pastrami sandwich - the NYC equivalent to Schwartz’s. https://www.yelp.com/biz/katzs-delicatessen-new-york Then go for gelato right across the street here:
- Il laboratorio del gelato with over 30 amazing gelato flavors! https://www.yelp.com/biz/il-laboratorio-del-gelato-new-york
- New Territories with Hong Kong-style waffle cones and insane milkshakes: https://www.yelp.com/biz/new-territories-new-york
- Soft Swerve with ube (purple yam) soft serve! https://www.yelp.com/biz/soft-swerve-new-york-2
- Buddha Bodai Kosher Vegetarian Restaurant - delicious Chinese food with 2 locations buried in the heart of Chinatown: https://www.yelp.com/biz/buddha-bodai-kosher-vegetarian-restaurant-new-york and https://www.yelp.com/biz/buddha-bodai-kosher-vegetarian-restaurant-new-york-4
- Vanessa’s Dumpling House - try the dumplings and sesame pancakes: https://www.yelp.com/biz/vanessas-dumpling-house-new-york-2 and they also have an East Village location (see above).
- Taiyaki has a HK-style waffle made into a fish with custard filling (may also have crazy long lines): https://www.yelp.com/biz/taiyaki-nyc-new-york
Thursday, April 30, 2015
Sent email Auto Responder AppleScript for Mail.app
- Launch Apple's Mail.app
- Disable your email signature because it may overwrite the email contents.
- Select the "Sent" emails that you wish to respond to the same recipients.
- Modify the below code as desired, most importantly, theContent variable for the body of the email that you wish to send.
- Click AppleScript Editor's "Run" button.
tell application "Mail"
-- Make sure to follow steps #1 and #2
set theSelection to selection
if theSelection is {} then return
activate
repeat with thisMessage in theSelection
tell thisMessage
-- For each sent message selected, get the "To:" field
set recipientAddress to {address} of its recipients
-- Equivalent of hitting the "Reply" button
set theOutgoingMessage to reply thisMessage with opening window
end tell
-- If you do not wait half a second then the message body might not get written.
delay 0.5
tell theOutgoingMessage
-- Delete the "To" field because replying to your own sent email will
-- auto-populate the "To" field with your own email address.
set address of to recipients to ""
-- This will automatically set the "To" field to the person you want to reply to
-- This script will fail if the original email has a CC, BCC, or multiple TO recipients.
make new recipient at end of to recipients with properties {address:recipientAddress}
-- If you wish, prepend some text to the subject.
set subject to "Additional info " & subject
-- Most important part of this script!!!
-- This will be your email response so CHANGE the contents below
set theContent to "Hi," & return & return & "I just wanted to followup my previous email with some additional very important information." & return & return & "Please take note of this very important information and, if desired, please take action." & return & return & "Thanks again." & return & return & "Best Regards," & return & "The Important Info Messenger."
set content to theContent
-- Uncomment this line to automatically send the email
-- send theOutgoingMessage
end tell
end repeat
end tell
Monday, June 11, 2007
Recover Deleted Files
Sunday, June 3, 2007
Customize any and every webpage!
Then write your own script or install some of the hundreds available at UserScripts.org.
Here are my recommendations:
User Scripts Search Sorting - With Install Rate improves the sorting on userscripts.org making it easier to find scripts. Use it to toggle between 'install rate' or 'installs'
After a secure login gmail defaults to HTTP so I got tired of manually switching it back into HTTPS. Secure-em-All automagically secures many webmail sites.
Sourceforge Direct Links saves time with direct download links from sourceforge projects. But save yourself some time and do not install either cleaner layout scripts because they no longer work.
Download Video allows you to download videos from youtube, gvideo, and myspace.
Textarea Backup w/Restore Buttons automatically backs up the text you type so you'll never accidentally loose another email. It has a restore button so it's better than the script that automatically restores text [when you do not want it to].
You'll find tons more for the sites you use and dont worry you can turn greasemonkey or any script on/off with a click of a button.
View the source before you install each script just to verify it doesnt do anything sketch and I hope you find it as useful as I do.
Thursday, May 31, 2007
Google Developer Day 2007 in Beijing
The Keynote speaker, Narayanan Shivakumar, Engineering Director, talked about Google's hardware, software, and basically described the building blocks they've developed for all their services and APIs. He mentioned the Sitemaps Protocol which allows you to inform search engines about URLs on your website.
Jon Trowbridge, gave a very "exciting" talk about Linux and OSS. He mentioned that google has built a free project hosting site.
Mike Schroepfer, Mozilla's vice president of engineering, talked about some cool Firefox 3 features: work offline mode, better bookmarking, and SQL Lite for full-text and image history indexing.
He discussed two very useful web development tools:
Firebug, an add-on that allows html, javascript, and css editing for on-the-fly debugging and also, web page optimizing to see which elements are taking the longest to load.
Aptana IDE, a web IDE developed by a start-up that has taken eclipse + firebug + firefox to create a very cool webdev app
Guido van Rossum, the author of Python, introduced it and gave a glimpse of what to expect in Python 3000. Also, he mentioned his favorite web framework for python was django.
Bob Lee, the co-author of Guice gave a technical talk on the use of Google's internal Java dependency injection framework.
there are pictures available
and if you haven't seen google maps new street view check it out!
I would have preferred to hear more of the technical talks but they were given by the Chinese speakers.
Nevertheless, it was an interesting day...
Monday, April 30, 2007
Keep your files secure
However, to be even safer, copy the sensitive data to the TrueCrypt folder and then secure delete the original file. In Windows, use Eraser to securely move the file. Eraser is also easy to use, open source, and free!
In Linux, use wipe. Under Debian and Ubuntu, just 'aptitude install wipe' to begin having fun!
If you require the destruction of all hard disk data beyond forensic recovery then the best solution is to run the drive's internal secure erase command. This can only be accomplished on ATA/IDE drives with the free Disk Drive Secure Erase program or on any type of drive with EDT's Digital Shredder.
All other software overwrite programs take 8x as long and can not erase reassigned user blocks. If this acceptable then I recommend the free and open source DBAN program. Get DBAN and many essential utilities on the Ultimate Boot CD, a freely downloadable boot CD.
Friday, April 13, 2007
Secure your email and chat
http://www.hush.com/
to securely chat over MSN, Google, AIM and many other IMs use pidgin
[formely gaim] download it here
http://www.pidgin.im/download/windows/
then download the OTR windows 3.2.0 plugin
http://www.cypherpunks.ca/otr/#downloads
and for help setting up OTR, follow these steps
http://www.cypherpunks.ca/otr/win-install/otr-setup.html
Saturday, March 31, 2007
View blocked websites
The best way to do this is to use the tor network.
tor, is free, opensource and developed by the EFF, so it's trustworthy and safe to use.
http://tor.eff.org/index.html.en
tor on its own is tricky to setup so i recommend a very easy to use package called vidalia which installs tor and other necessary apps.
http://www.vidalia-project.net/download.php
once installed, filter-free surfing is as simple as clicking the'Tor Enable' text button in the bottom right corner of firefox.
if you dont already surf with firefox, download it here
if you need to install the tor button then download it here
Thursday, March 15, 2007
Get IE running under WINE
Also, ies4linux leaves ~/.wine alone. So you have to reinstall your windows apps using ies4linux's ~/bin/ie[6|5] or move ~/.ies4linux to your old wine directory.
Friday, March 2, 2007
How to move Picasa photos to another partition
So in Windows Explorer, create an empty folder on the new drive. In Picasa, mark it "Scan Always" in Tools > Folder Manager. Then in Windows Explorer, copy an image [preferably one that has not been modified] from the old folder to the new one. Picasa will automagically add this photo and the new directory with show up under Folders on the left sidebar. Now in Picasa, you can select all the remaining photos in the old folder and move them to the new one. Thus preserving Albums and precious metadata!
Saturday, February 17, 2007
free and essential mac os x software
web: Camino is Firefox but nicer looking and faster.
However, I also use Firefox because of it's many useful add-ons.
check out: adblock, greasemonkey, and nukeAnything
office: NeoOffice is OpenOffice but nicer looking.
video: play most video formats with VLC, mplayer,
or if need be use RealPlayer or Windows Media Player
p2p: standard bittorrent client or feature-rich azureus BT client
aMule for Donkey2k network and
Poisoned for old school Gnutella G1, G2, and limewire networks
chat: multi-protocol chat client adium
voip: skype defacto internet voice app
mp3: iEatBrainz will automagically fix bad or unlabeled id3 tags.
games: macMame download some ROMs for some old school fun
remote: CotVNC great VNC client
Vine Server a VNC server to remotely control your mac
utility: MissingMediaTools is great for burning CD/DVDs when the builtin apps dont work
HandBrake to convert DVDs
unix: 1000s of unix apps, all very easily installable with fink.
viewer: Chmox will open MS .chm help files
volunteer: use your mac to help find medical cures by running Folding at Home
to make it run automatically go to:
system prefs > Accounts > login items > and add.