100SILEX, de 0 ŕ 100 s: feeling
1522 5 Simple steps to secure TT-RSS reader
secure tt-rss, tt-rss security
5 Simple steps to secure TT-RSS reader
July 27, 2015 by Anand Leave a Comment
Share: share htpcBeginner
We recently presented Tiny Tiny RSS to you as a great alternative to Google reader, which is one more way you can extend the functionality of your home server or your hosting space. Hopefully, you already exported your data from Google Reader. In this post, we will show you how to secure TT-RSS reader to prevent unauthorized access. Tiny Tiny RSS is an open source web-based news feed (RSS/Atom) reader and aggregator, designed to allow you to read news from any location, while feeling as close to a real desktop application as possible. As we previously explained, it makes an ideal candidate to replace Google Reader. While there are services like Feedly and Newsblur grabbing the crowd Google Reader, which some of you may prefer, there are a group of people who would like to run a RSS reader on their own server and keep things private. Assuming that you have already installed Tiny Tiny RSS on your alternative to Google reader or hosting space, we will now show you how to secure TT-RSS reader.
Secure TT-RSS Reader
One of the main reasons to move to an RSS aggregator like TT-RSS is maintaining your privacy. So if you do not secure TT-RSS reader well you are not only making your data available public but also making your system vulnerable to potential attacks. Choosing a strong username and password while setting your TT-RSS is the first basic thing that you can do to secure TT-RSS reader. Listed below are few more ways you can increase TT-RSS readerâ€™s security.
1. Rename TT-RSS Folder
One of the first lines of defense is to not use tt-rss in your URL to access your TT-RSS reader. To do this on your hosting account, use a folder name other than tt-rss while installing TT-RSS. On your Linux home server, edit /etc/tt-rss/apache.conf and change the first /tt-rss to something else. An example is shown below.
TT-RSS Rename URL
TT-RSS Rename URL
After making the change, restart your TT-RSS and Apache to apply the changes:
sudo service tt-rss restart
sudo serivce apache2 reload
Your TT-RSS reader is now available through the new URL (example: http://mydomain.com/myreader) only.
Amazon Kindle Fire HDX
2. Enable SSL
Accessing TT-RSS through http sends all information as unencrypted data. This could mean less privacy due to potential sniffing. The solution is to encrypt the data during transfer, which makes sniffing by hackers harder. To enable and enforce HTTPS access on Linux servers with Apache, install the following run-time libraries:
sudo apt-get install libssl0.9.8 libpam0g openssl
Restart your Apache server as shown above. You should now be able to access your TT-RSS reader with HTTPS. Note that you may have to have a SSL certificate generated. Refer to Apache documentation if you want to generate your own certificate. By default, the system will install self-signed certificates for you. These certificates are likely to raise warnings when you point your browser to the site.
3. Disable Single User Mode
By default the single user mode is already disabled (in /etc/tt-rss/config.php). Enabling single user mode will also disable TT-RSS login system. Therefore, keep the single user mode disabled.
Disable Single User Mode
Disable Single User Mode
A better way to make it a single user system is by limiting the number of registrations to 1 as described below. For whatever reason, you still want to enable single user mode, make sure you implement Apache Authentication method described below.
4. Self Registrations
Self registrations allow a visitor to register themselves, which could reduce TT-RSS security. If your TT-RSS will be for personal use only, then you may want to disable user registration by setting â€śENABLE_REGISTRATIONâ€ť to â€śfalseâ€ť.
TT-RSS Self Registrations
TT-RSS Self Registrations
To further secure TT-RSS Reader, uou may also want to change â€śREG_MAX_USERSâ€ť to â€ś1â€ť to make your account the only account on TT-RSS.
asus n66uASUS RT-N66U Dual-Band Wireless-N900 Gigabit Router
asus n66u reviewsFind out why it is rated the best wireless router in its class.
5. Apache Authentication
Last but not the least, enable Authentication. This is even more important if you have enabled â€śSingle User Modeâ€ť describe above. Every time you access TT-RSS, you will be asked for a username and password as shown in the picture below:
Secure TT-RSS Reader
On your hosting account this equivalent to password protecting a directory, in this case the TT-RSS directory. To do this on your Ubuntu server, you will have to create a .htpasswd file. More information is available in Apache documentation. But the easiest way to achieve this is to use one of the htpasswd generators available online.
After you enter the username and password two code blocks will be generated. Copy the contents of the .htpasswd code block and save it to /etc/apache2/.htpasswd_ttrss. Next, copy the contents of the .htaccess code block and add it to /etc/tt-rss/apache.conf as shown below:
TT-RSS Apache Authentication
TT-RSS Apache Authentication
Save and exit. Restart both TT-RSS and Apache previous shown above. You should be prompted for a password every time you try to access TT-RSS. Some may think that this double authentication method is an extra inconvenience. But I would rather be safe than sorry.
Go ahead, secure Tiny Tiny RSS Reader and enjoy reading articles on your private secure RSS Reader.
868 How Facebook Ships Code Â« FrameThink â€“ Frameworks for Thinking People
Iâ€™m fascinated by the way Facebook operates. Itâ€™s a very unique environment, not easily replicated (nor would their system work for all companies, even if they tried). These are notes gathered from talking with many friends at Facebook about how the company develops and releases software.
Itâ€™s been over six months since I assembled these observations and Iâ€™m sure Facebook has continuously evolved its software development practices in the meantime. So these notes are probably a little bit out-of-date. It also seems like Facebookâ€™s developer-driven culture is coming under greater public scrutiny. So Iâ€™m feeling more comfortable now about releasing these notesâ€¦ HUGE thanks to the many folks who helped put together this view inside of Facebook! Thanks are also due to folks like epriest and fryfrog who have written up corrections and edits.
484 Why did so many successful entrepreneurs and startups come out of PayPal? Answered by Insiders
Why did so many successful entrepreneurs and startups come out of PayPal? I long have been fascinated by the extraordinary achievement from the ex-Paypal team and wonder about the reasons behind their success. In the past, mass media tried to answer this question several times but still couldnâ€™t give us a clear answer.
I once asked David Sacks the same question during an event in Los Angeles. He told me the secret is that Paypal has built a â€śscrappyâ€ť culture. No matter what problems they faced, they would find a way to solve them. I kind of got the idea, but was still confused about the execution details.
So when I saw some of the past Paypal employees answering this question on Quora, I was super excited! After all, they should be the only ones who can tell people the inside stories.
Below are some highlights of their answers. *If you want to check out the sources or leave your comments, please go to here and here.
On Talent Management
â€śPeter and Max assembled an unusual critical mass of entrepreneurial talent, primarily due to their ability to recognize young people with extraordinary ability (the median age of *execs* on the S1 filing was 30). But the poor economy allowed us to close an abnormal number of offers, as virtually nobody other than eBay and (in part) google was hiring in 2000-02.â€ť (by Keith Rabois, former Executive Vice President of Paypal)
â€śExtreme Focus (driven by Peter): Peter required that everyone be tasked with exactly one priority. He would refuse to discuss virtually anything else with you except what was currently assigned as your #1 initiative. Even our annual review forms in 2001 required each employee to identify their single most valuable contribution to the company.â€ť (by Keith Rabois, former Executive Vice President of Paypal)
â€śDedication to individual accomplishment: Teams were almost considered socialist institutions. Most great innovations at PayPal were driven by one person who then conscripted others to support, adopt, implement the new idea. If you identified the 8-12 most critical innovations at PayPal (or perhaps even the most important 25), almost every one had a single person inspire it (and often it drive it to implementation). As a result, David enforced an anti-meeting culture where any meeting that included more than 3-4 people was deemed suspect and subject to immediate adjournment if he gauged it inefficient. Our annual review forms in 2002 included a direction to rate the employee on â€śavoids imposing on othersâ€™ time, e.g. scheduling unnecessary meetings.â€ť (by Keith Rabois, former Executive Vice President of Paypal)
â€śRefusal to accept constraints, external or internal:We were expected to pursue our #1 priority with extreme dispatch (NOW) and vigor. To borrow an apt phrase, employees were expected to â€ścome to work every day willing to be fired, to circumvent any order aimed at stopping your dream.â€ť Jeremy Stoppelman has relayed elsewhere the story about an email he sent around criticizing management that he expected to get him fired and instead got him promoted. Peter did not accept no for answer: If you couldnâ€™t solve the problem, someone else would be soon assigned to do it.â€ť (by Keith Rabois, former Executive Vice President of Paypal)
â€śDriven problem solvers: PayPal had a strong bias toward hiring (and promoting / encouraging, as Keith mentions) smart, driven problem solvers, rather than subject matter experts. Very few of the top performers at the company had any prior experience with payments, and many of the best employees had little or no prior background building Internet products. I worked on the fraud analytics team at PayPal, and most of our best people had never before done anything related to fraud detection. If heâ€™d approached things â€śtraditionallyâ€ť, Max would have gone out and hired people who had been building logistic regression models for banks for 20 years but never innovated, and fraud losses would likely have swallowed the company.â€ť (by Mike Greenfield, former Sr. Fraud R&D Scientist of Paypal)
â€śSelf-sufficiency â€“ individuals and small teams were given fairly complex objectives and expected to figure out how to achieve them on their own. If you needed to integrate with an outside vendor, you picked up the phone yourself and called; you didnâ€™t wait for a BD person to become available. You did (the first version of) mockups and wireframes yourself; you didnâ€™t wait for a designer to become available. You wrote (the first draft of) site copy yourself; you didnâ€™t wait for a content writer.â€ť (by Yee Lee, former Product & BU GM of Paypal)
On Culture & Ideology
â€śExtreme bias towards action â€“ early PayPal was simply a really *productive* workplace. This was partly driven by the culture of self-sufficiency. PayPal is and was, after all, a web service; and the company managed to ship prodigious amounts of relatively high-quality web software for a lot of years in a row early on. Yes, we had the usual politics between functional groups, but either individual heroes or small, high-trust teams more often than not found ways to deliver projects on-time.â€ť (by Yee Lee, former Product & BU GM of Paypal)
â€śWillingness to try â€“ even in a data-driven culture, youâ€™ll always run in to folks who either donâ€™t believe you have collected the right supporting data for a given decision or who just arenâ€™t comfortable when data contradicts their gut feeling. In many companies, those individuals would be the death of decision-making. At PayPal, I felt like you could almost always get someone to give it a *try* and then let performance data tell us whether to maintain the decision or rollback.â€ť (by Yee Lee, former Product & BU GM of Paypal)
â€śData-driven decision making â€“ PayPal was filled with smart, opinionated people who were often at logger-heads. The way to win arguments was to bring data to bear. So you never started a sentence like this â€śI feel like itâ€™s a problem that our users canâ€™t do Xâ€ť, instead youâ€™d do your homework first and then come to the table with â€ś35% of our [insert some key metric here] are caused by the lack of X functionalityâ€¦â€ť (by Yee Lee, former Product & BU GM of Paypal)
â€śRadical transparency on metrics: All employees were expected to be facile with the metrics driving the business. Otherwise, how could one expect each employee to make rational calculations and decisions on their own every day? To enforce this norm, almost every all-hands meeting consisted of distributing a printed Excel spreadsheet to the assembled masses and Peter conducting a line by line review of our performance (this is only a modest exaggeration).â€ť (by Keith Rabois, former Executive Vice President of Paypal)
â€śVigorous debate, often via email: Almost every important issue had champions and critics. These were normally resolved not by official edict but by a vigorous debate that could be very intense. Being able to articulate and defend a strategy or product in a succinct, compelling manner with empirical analysis and withstand a withering critique was a key attribute of almost every key contributor. I still recall the trepidation I confronted when I was informed that I needed to defend the feasibility of my favorite â€śbabyâ€ť to Max for the first time.â€ť (by Keith Rabois, former Executive Vice President of Paypal)
â€śExtreme Pressure â€“ PayPal was a very difficult business with many major issues to solve. We were able to see our colleagues work under extreme pressure and hence we learned who we could rely on and trust.â€ť (by Keith Rabois, former Executive Vice President of Paypal)
474 Why Intelligent People Fail
Why Intelligent People Fail
Content from Sternberg, R. (1994). In search of the human mind. New York: Harcourt Brace.
1. Lack of motivation. A talent is irrelevant if a person is not motivated to use it. Motivation may be external (for example, social approval) or internal (satisfaction from a job well-done, for instance). External sources tend to be transient, while internal sources tend to produce more consistent performance.
2. Lack of impulse control. Habitual impulsiveness gets in the way of optimal performance. Some people do not bring their full intellectual resources to bear on a problem but go with the first solution that pops into their heads.
3. Lack of perserverance and perseveration. Some people give up too easily, while others are unable to stop even when the quest will clearly be fruitless.
4. Using the wrong abilities. People may not be using the right abilities for the tasks in which they are engaged.
5. Inability to translate thought into action. Some people seem buried in thought. They have good ideas but rarely seem able to do anything about them.
6. Lack of product orientation. Some people seem more concerned about the process than the result of activity.
7. Inability to complete tasks. For some people nothing ever draws to a close. Perhaps itâ€™s fear of what they would do next or fear of becoming hopelessly enmeshed in detail.
8. Failure to initiate. Still others are unwilling or unable to initiate a project. It may be indecision or fear of commitment.
9. Fear of failure. People may not reach peak performance because they avoid the really important challenges in life.
10. Procrastination. Some people are unable to act without pressure. They may also look for little things to do in order to put off the big ones.
11. Misattribution of blame. Some people always blame themselves for even the slightest mishap. Some always blame others.
12. Excessive self-pity. Some people spend more time feeling sorry for themselves than expending the effort necessary to overcome the problem.
13. Excessive dependency. Some people expect others to do for them what they ought to be doing themselves.
14. Wallowing in personal difficulties. Some people let their personal difficulties interfere grossly with their work. During the course of life, one can expect some real joys and some real sorrows. Maintaining a proper perspective is often difficult.
15. Distractibility and lack of concentration. Even some very intelligent people have very short attention spans.
16. Spreading oneself too think or too thick. Undertaking too many activities may result in none being completed on time. Undertaking too few can also result in missed opportunities and reduced levels of accomplishment.
17. Inability to delay gratification. Some people reward themselves and are rewarded by others for finishing small tasks, while avoiding bigger tasks that would earn them larger rewards.
18. Inability to see the forest for the trees. Some people become obsessed with details and are either unwilling or unable to see or deal with the larger picture in the projects they undertake.
19. Lack of balance between critical, analytical thinking and creative, synthetic thinking. It is important for people to learn what kind of thinking is expected of them in each situation.
20. Too little or too much self-confidence. Lack of self-confidence can gnaw away at a personâ€™s ability to get things done and become a self-fulfilling prophecy. Conversely, individuals with too much self-confidence may not know when to admit they are wrong or in need of self-improvement.
101 - 201