Fabian Franke

intentionally left blank

Lion: Full Disk Encryption auf externen Platten

Schritt 1: Wir öffnen das Terminal (über Spotlight oder im Dienstprogramme/Utilities Ordner zu finden)

Schritt 2: Devicenamen vom Datenträger finden. Diesen findet man in der Identifier Spalte

1
2
3
4
5
6
7
diskutil list

/dev/disk2
   #:                       TYPE NAME                    SIZE       IDENTIFIER
   0:      GUID_partition_scheme                        *8.0 GB     disk2
   1:                        EFI                         209.7 MB   disk2s1
   2:                  Apple_HFS sonyvault               7.7 GB     disk2s2

Im Beispiel hier mit einem USB Stick wäre das disk2s2, sollte über den Namen des Datenträgers beziehungsweise über seine Größe leicht ermittelbar sein.

Schritt 3: Das Device umwandeln und damit das Passwort nicht direkt sichtbar zu lesen ist geben wir das über die Standardeingabe ein.

1
diskutil corestorage convert {device} -stdinpassphrase

Bonus Schritt 4: Nachschauen wie weit die Konvertiertung fortgeschritten ist.

1
diskutil corestorage list

oder für die ganz ungeduldigen:

1
watch -n2 diskutil corestorage list

Bei der internen Platte geht das auch bequemener Systemeinstellungen/Sicherheit/FileVault und für die Time Machine Festplatte über das zugehörige PrefPane.

Nun haben wir wenn der Rechner aus ist eine schöne verschlüsselte Platte. Dank Firewire und Thunderbolt gibt es die Möglichkeit direkt auf den Arbeitsspeicher zuzugreifen (DMA), was im Grunde etwas Gutes ist, aber in unserem Fall schlimmstens bedeutet dass das Passwort für die Festplatte/n direkt aus dem Arbeitsspeicher gelesen werden kann. Beim Aufwachen aus dem Standby sollte dieser Angriff erfolglos sein, aber um sicher zu gehen das der Schlüssel beim Wechsel in den Standby Modus verworfen wird sagen wir das Power Management nochmal explizit.

1
sudo pmset -a destroyfvkeyonstandby 1 

`

tmux as a screen replacement

Since I could not find a way to get screen working with split screens and different windows I switched to tmux.

So far, after setting up the same look and feel as my screen configuration, I quite like it (the tmux configuration is actually human read- and editable).

Below is my current .tmux.conf file

Need more panes per window?

Flash free OSX

I extended my AppleScript to surf the web with a flash free OSX, but have a flash chrome user as fallback handy. Now it automatically grabs the URL from the active tab of the foremost browser (Camino, Chrome, Firefox, Opera, Safari, Webkit), closes the tab and opens the URL within Google Chrome (since Chrome is shipped with its own Flash plugin version we can get rid of the system wide plugin). With the release of Chrome 14 Google added the possibility to create multiple user profiles. That comes in handy when we don’t want to have an active flash plugin all the time, but do not want to enable/disable it all the time.

For convenience I created an Alfred.app extension: openWithFlash.alfredextension (Extensions are a Powerpack feature , which is totally worth buying by the way)

If you want to use another script launcher, get the raw script at the end of this post

Alfred Extension

Just open the extension to install it. To make it work as easy as possible we have to do a couple simple things:

  1. At first we have to activate GUI scripting to allow AppleScript retrieving the formemost window and get to interact with browsers which offer only poor AppleScript support (I’m looking at you Firefox..). Open the System Preferences and find the Universal Access Prefpane. At the bottom check the Enable access for assistive devices.

  2. Now we create a Alfred.app Hotkey to invoke the script. Open up the Alfred.app preferences and jump to the hotkey panel. Click the + button in the lower left corner and choose Extensions/Apple Script . Then select the Apple Script Extension entry, select the open with Flash Script in the dropdown menu and choose a hotkey.

  3. If you don’t have Camino, Firefox and Opera installed you need to delete some codeblocks from the script. Without deleting the blocks the script won’t execute. Over in the extensions panel, find the open with Flash Script in the AppleScript section. Scroll down the script and remove the code blocks for not installed browsers.

  4. If you want just Chrome to be your flash fallback you can skip this step, but if you want to use a separate flash free Chrome user for browsing you have to make a little change.

    Search for theFlashChromeUser and change it to your newly created user.

    Now you can open up chrome://plugins/ with your main user profile and happiely disable Flash

  5. Let us delete the flash plugin from our system. If you are lucky, you will find an uninstaller at /Applications/Utilities/Adobe Flash Player Install Manager

    If not use the Finder and browse to /Libray/Internet Plugin-Ins and delete the Flash Player.plugin

  6. Now let’s open some heavy flash site like derbauer and press the hotkey. If everything works out, the tab closes, Chrome starts and displays the site.

    On Firefox you have to release the shortcut keys fairly fast to get the wished result. (The script gives you about half a second)

    If nothing is happening, check the Console (/Applications/Utilities/Console.app) for more information.

Raw script listing

Flashfreier Google Chrome mit Flashfallback

nginx: google+ Redirect

Redirect von domain.tld/+ auf ein Google+ Profil

1
2
3
4
5
# ____ google plus redirect _________
location /+ {
  rewrite ^(\/\+)$ https://plus.google.com/deineeigeneidkommthierhin
  last;
}

reboot

time to reboot this.

Imagine a picture of some defibrillator paddles here.