Category Archives: Uncategorized

Truth Bomb!

lol

Trump has started (yet another?) social media site. It's just another twitter clone running on off-the-shelf open-source software. But on Trump's special site, a comment isn't a comment. No, on Trump's site, a comment is a Truth.

And yes, someone already walked in off the street and claimed the "realdonaldjtrump" account.

Frankenstein's Pedant

https://wilwheaton.tumblr.com/post/665430096517136384

Nobody gets prickly if you say "I ran over the pedant in my Ford" instead of "I ran over the pedant in my Ford-brand automobile". Likewise, it is perfectly grammatically and logically correct to say "Frankenstein disemboweled the pedant" instead of "Frankenstein's monster disemboweled the pedant".

"Frankenstein" is a synecdoche for "Frankenstein's monster" (or "a Frankenstein-brand monster") the same way "Ford" is a synecdoche for "Ford-brand automobile."

He Was The NAS

We were keeping all our music and pictures on a little WD "My Cloud Home" device - a very simple 4TB Network Attached Storage device. It worked well for a couple of years, but recently it started dropping off the network periodically. So I figured it was time to replace it.

I did my research and settled on a Synology DS220+ - a two-bay RAID NAS with an actual (and accessible) operating system and more features than I would ever need. Got it home, hooked it up, gave it a couple of hours to copy all the files from the WD box, then started mapping drive letters to the new network path. All very straightforward.

And then I got to the Sonos stuff. Sonos accesses your music files with a network path and a user/pwd. But, it couldn't see the new NAS. Google immediately turned up a ton of articles about why - it's because Sonos uses an old and obsolete communications protocol (Smb 1) that the NAS wouldn't support by default. I could tell the NAS to use Smb1, but the more I read, the less that seemed like a good idea. Smb1 isn't just obsolete, it's insecure. And turning it on potentially compromises the security of your whole network.

The WD My Could Home also used Smb 1, apparently, but I didn't know about it at the time.

Sonos is rumored to be working on supporting Smb 2 or 3, but they haven't said when it will be ready. So I had to figure out something...

Luckily, there are lots of options to deal with this. I could use a program called Plex to manage all our music. It's a centralized media server - clients talk to Plex and it will encode and stream the music (or movies) to them. Not ideal, because it would mean having to copy any new music from the iTunes world to the Plex world. And, I couldn't get it to work anyway. Sonos wouldn't talk to Plex for some reason, so I ditched that idea.

Eventually I found a post in the Sonos forum archives that dealt with this exact situation in a very clever and satisfyingly geeky way. First, install Docker on the NAS (took like three mouse clicks). Then create a docker container (basically, a virtual computer isolated from the world) that does one thing: provide read-only access to the music files using Smb 1. Sonos can talk to the container with Smb 1, and the container can read the music files. And that's all it can do. This way, even if someone bothers to hack Smb 1 and get into the container, the only thing they're going to find is a read-only view of our MP3s. They can't see out of the container and might not even know they're in one.

We use Docker all the time at work because it's a great way to deliver and run software, but I never thought I'd find a use for it at home. Now I have!

Security

Y'all should update your bookmarks to https://ok-cleek.com/blogs .

This site was HTTP (insecure). But it has a lot embedded content from places like google and twitter that is HTTPS (secured). And that was starting to cause some things to not display correctly (and everything to run slowly), now that browsers are getting picky about mixing secure and insecure content.

So now: https://ok-cleek.com/blogs.