Monday, February 13, 2017

Blog links not working? I moved to Blogger.

Since I'm not really active with my blog posts, I decided to move to Google Blogger platform instead of hosting my own Wordpress blog.

While that made things easier and simpler for me, it had a bad side effect that I wasn't counting on. All old links to this blog will not work anymore, they'll just take you to the main page of the blog.

However, all the posts are still there, granted they're all in newer dates because when I imported them Blogger didn't maintain the actual date, but they're still there.

Apologies for any and all inconveniences. I'm going to work on customizing the template soon and refining the layout.

Saturday, February 11, 2017

Bandwidth and Time Control on Local Network

Recently I’ve been facing two problems with my network, my monthly quota is almost reached and the kids using their devices keeping them up at night.

I needed bandwidth and time control on local network, urgently.

There are many solutions to this problem, the easiest one is to shop for a new router capable of bandwidth control and time access.

If you don’t want to buy a new router or you just want something advanced with many features, you can always build a small PC and install pfSense on it.

I’m planning to make pfSense my main router soon, but that’s another project for another article.
Until that happens, I went with a re-inventing the wheel type of solution. I have a Debian system (As shown in the photo above) running 24/7 that handles a few tasks for me, so I decided to utilize it for this problem.

Why do I need bandwidth and time control?


I needed that level of control because of the content the kids view, specifically on YouTube.
They use a tablet and a smartphone to watch videos every day, and the official YouTube app will stream at 1080p if the connection allows it. That is an overkill for the devices they use, the content they view and the long video sessions they have.

Limiting bandwidth, or to be more exact, speed, YouTube will detect it and will only stream at 360p-480p, maximum.

As for time control, well, I can’t count how many times I’ve caught the kids watching YouTube after their bed time, so, something needed to be done.

Squid:


Squid is a powerful caching proxy with many features, including bandwidth control and access time limit.

Usually Squid is used to cache web content, so you won’t have to re-download something twice, since it is saved on the Squid server.

For this project though, I’m just using the basic features, disabling cache and even logs.
Installation was straight forward because Squid is available in Debian’s official repositories.

sudo apt install squid

The idea is to have all the devices the kids use run through this proxy, and with it, the bandwidth and time access is easily controlled.

I also want this proxy to only disable access based on time for the kids’ devices, any other device connected through it should have no time limit, just bandwidth limit.

This is the configuration I ended up with:
  • No caching
  • No logging
  • Allow internet access for kids from 6:00 AM to 9:15 PM
  • Allow internet access for all other devices without a time limit
  • Limit bandwidth speed to 1.4 Mbps (140 kbyte) to all connected devices
Just a note, the following is NOT the full configuration file, just what I’ve added to it beyond the default values.

I located the “INSERT YOUR OWN RULE” line in /etc/squid/squid.conf and added the following bellow it:

# Define local network IPs to MYNETWORK
# and KIDSTAB to kids' tablet MAC address
# and KIDSPHONE to kids' phone MAC address
# and ALLOWEDHOURS to allowed access time
acl MYNETWORK src YOUR-LOCAL-IP-RANGE/MASK
acl KIDSTAB arp XX:XX:XX:XX:XX:XX
acl KIDSPHONE arp XX:XX:XX:XX:XX:XX
acl ALLOWEDHOURS time 06:00-21:15

# Disable caching
cache deny all

# Disable logging
access_log none
cache_store_log none
cache_log /dev/null
logfile_rotate 0

# Allow access only during ALLOWEDHOURS for KIDSTAB/PHONE
http_access allow KIDSTAB ALLOWEDHOURS
http_access deny KIDSTAB
http_access allow KIDSPHONE ALLOWEDHOURS
http_access deny KIDSPHONE

# Allow access for other devices in network without a time limit
http_access allow MYNETWORK

# Limit bandwidth/speed to 140kb
delay_pools 1
delay_class 1 1
delay_access 1 allow all
delay_parameters 1 140000/140000

I saved and closed the file, then I ran sudo squid -k parse to make sure the configuration file parses without errors, then I restarted Squid by using sudo systemctl restart squid

By default, Squid will run on port 3128. All I had to do next is edit the Wifi connection on the tablet and the phone to have it run through the proxy. My Debian box has a static local network IP.

As an example, here is how the proxy settings should look like:
  • Proxy: 192.168.1.100
  • Port: 3128
This depends on how you have your network setup, also, if you noticed, the MAC addresses in the configuration files are XX:XX:XX:XX:XX, this should be replaced with the actual MAC address of the device.

A guide on acl and its parameters can be found here.

Important Note:


This type of bandwidth control will only work with HTTP and HTTPS connections, basically surfing and streaming on sites/apps like YouTube and HTTP/S downloads.

That means, torrents for example, will not be affected by Squid’s parameters.

For full control over bandwidth, a router or a pfSense system, would be needed. Since I only needed to limit the basic type of connections, I used Squid.

Conclusion:


This solution works perfectly, and obviously if my machine was capable, I would have it actually caching all web content, since that would save on bandwidth quota, but, that is maybe a project for a later time.

Until I get my pfSense router ready, Squid will be my savior.

There are so many things that can be done with Squid, such as blocking specific websites, type of connections, caching control. It’s a long list of features that is definitely worth checking.

Below are screenshots showing the time access denied message (before 6 AM) and when access is allowed (after 6 AM), and the last screenshot shows a YouTube video with bandwidth information.


Old Netbook NAS


Much has changed since I first started my experiment, I have since decided to not treat it as a netbook, but an actual NAS. From the operating system to the configuration, we’ll dub this as Old Netbook NAS Part 2, the boring guide.

Control Panel


Since I have PHP and NGINX installed already on this NAS, I decided to go with the phpSysInfo project. It provides all I need with monitoring and has many options and features.

Though I might completely switch to Monit instead, if I decide to remove PHP and NGINX in the future.

Note


This is a long guide and entails editing of configuration files. If you’re not comfortable or unsure of any of the details, then I recommend that you not do it. However, if for the sake of knowledge and risky adventure, then go right ahead, enjoy this geeky ride.

Debian


I decided to switch to Debian, it’s the base of many Linux distributions out there, including Ubuntu and its flavors. I had a few options when downloading it. Debian Stable, Testing or Unstable. The release names explain themselves, the stable is tested heavily but the down side is that it’s not bleeding edge.

That’s more than enough for this setup, since it is an old netbook, I won’t have any hardware detection problems and if any, I was sure I’d be able to fix it easily.

My geeky side disagreed with that though, for an hour it kept convincing me “Come on, you coward, use Unstable, live on the edge”. The thought was intriguing, having to tinker with the latest updates and methods. I decided to go half way to make my geeky and cautious side happy, so I picked Debian Testing (Currently code named Stretch). For more details about the difference in releases, visit this page.

I downloaded a Debian ISO (netinstall) without any desktop environments, added it on a USB thumb drive then started the setup. However, this time I wanted to experiment even further, I got an 8GB memory card from Kingston, I wanted to see if I’ll be able to install the operating system on it and have the HDD fully empty for my scratch storage daily needs.

I got my USB Debian drive and inserted the Kingston memory card, started the graphical install and honestly, the process couldn’t have been any easier. Very straight forward, basic information entry, if you’ve installed an operating system before, you’ll definitely be comfortable installing Debian.

During installation you’re basically entering user name, password, root password, location and keyboard layout. I used the entire disk since it’s just a memory card and from there it went on installing perfectly.

Configuration and NAS Setup


I did a few things differently from my first attempt, since I wanted to try and make this my permanent configuration. The idea is that I wanted to never look at my netbook ever again, unless I wanted to clean all the dust you see in the pictures.

Sudo:


The first thing I did was install sudo, unlike Ubuntu, it doesn’t come pre-installed. This is essential in my opinion, it allows you to run root commands for specific users without actually exposing the root system, it’s almost like a sandbox, but not really.

There are many guides on how to install sudo, it’s very basic and you can find it easily with a simple Google search. To give you an idea of what I’ve done though, I installed sudo, then added my user to the sudoers list.

Note:


In this guide I’ll be using apt, not apt-get. As I mentioned above, I went with a Debian Stretch install. If you’re using Jessie or an older version, apt-get would be the way to go.

Installing Updates:


After that I installed all the updates by running sudo apt update to update the package list then sudo apt upgrade to install the updates.

Installing SSH and Samba


The installation process for SSH and Samba are exactly the same as Ubuntu, however this time I changed some of the configuration.

To install SSH: sudo apt install openssh-server

Then I configured SSH, even though this netbook will only be accessed on my local network, it doesn’t hurt to have some extra security measures.

To change the configuration use this command sudo nano /etc/ssh/sshd_config it will open the Nano text editor to change some values, here are some basic things I did:
  • By default, SSH will listen to Port 22, changing that port isn’t really a strong security measure, but basically you’re just changing the obvious entrance.
  • I disabled root login by changing the PermitRootLogin value to no
  • Only allowed one user to use SSH by adding something like AllowUsers sam at the bottom of the file
After that I restarted SSH by using the sudo systemctl restart sshd command and all my initial configurations were up and running.

Now that I was done with SSH, it was time to get ready to install Samba, this time I had a different approach. I wanted to create a Samba share with two users, the second user would basically have “read only” access, meaning they can view the content but they can’t add, edit or delete any of it.

That way my family can access my vacation photos, without deleting one they thought they made a face in or didn’t like. I’m so evil.

To Install Samba: sudo apt install samba

After it’s installed, I added a new user without having any home folder made for them by using the useradd -M family command, “family” being the user name. Then I used usermod -L family command to lock the account, no one will be able to login with it or use it in the system, it’s just a user. Arguably there are others that would recommend adjusting that user even further with no shell access, but to me that was enough.

Then I created a Samba password for each user by running the sudo smbpasswd -a <username> command, “<username>” being the users you added earlier, for example sam, then run the command again for family. Each with their own password, they’ll be able to access the NAS from any device within the local network with those credentials.

HDD Auto Mount:


After I created the Samba users, now it was the time to prepare the hard drive to be accessed and auto mounted in case the netbook rebooted at any point.

First I created a directory to use as a mounting point, I named it nas. sudo mkdir /media/nas
Then I ran the sudo blkid command to get the UUID of the hard drive to uniquely identify it for the mounting point. After I copied the UUID I edited the configuration to auto mount the HDD to the directory I created earlier, first I used the sudo nano /etc/fstab command to open the configuration in Nano editor, then at the bottom of the file I added the following:

#MyStation drive
UUID=[MY_HDD_UUID] /media/nas ext4 defaults,noatime 0 0

Replacing “[MY_HDD_UUID]” with the actual one, of course. What that basically does is tell the system to mount my HDD to /media/nas on start up, which is using the Ext4 filesystem and using the default options with noatime to prevent updating the hard drive with access times, that way I’ll be able to make it go on standby if it wasn’t used for a while. For more details please read this guide on fstab.

HDD Standby:


For this task I used TLP. This tool helped me significantly, it spins down the HDD (standby) and it controls many aspects such  as CPU performance to save power consumption and resources. I also have it handle the power outage. Since this is a netbook and it has a battery, I have it monitor when the netbook switches to battery mode, if power is critically low (10%), then it would safely shutdown the netbook.

TLP utilizes HDParm to spindown HDDs, so consider TLP an advanced tool that handles power management.

Adding a Samba Share:


The users are set up and the hard drive is configured, now all we have to do is add a Samba share so the users can access it from the network.

First, we edit the configuration file: sudo nano /etc/samba/smb.conf

Then at the very bottom, I added the following:

[MyStation]
    comment = Debian Netbook Share
    path = /media/nas
    browsable = yes
    valid users = sam family
    write list = sam

Let me explain what that list means.
  • [MyStation] defines how the share will be seen in the network, so for example when accessing it on Windows, you’ll see “MyStation” folder, you can change it to whatever you want.
  • The comment part is just to help you identify what this share was, since we’re only creating one share, this is optional, you can leave it blank if you want.
  • The path is to define what folder will be accessed on the netbook, in this case I added the mounting point for my HDD
  • Browsable means they can browse it, it’s that obvious.
  • Valid users lists the users that can actually access this share, in here I specifically defined both “sam” and “family” to be the only users allowed access.
  • Write list makes “sam” the only user that can add, edit or delete to that share, any other allowed user will only have “read only” access, meaning they can view the content, but not change it in any way.
After that I saved then closed the configuration file then I restarted the samba service to implement the changes by using the sudo systemctl restart smbd command.

Done. I tested everything and now I have a fully functional NAS that I use as my daily scratch disk in my local network.

Download Station & Weekly Reboot


At this stage, the NAS is working perfectly as a storage unit, but I wanted to expand its function a bit. I wanted to create a download station like I mentioned in Part 1, and I wanted to set up a cron job to have the netbook reboot weekly, just for good measure.

qBitTorrent:


I’m a huge qBitTorrent fan, it’s rich with features, easy to set up and has an awesome Web-UI. They have a guide for Ubuntu Server which works perfectly fine for Debian as well, since after all Ubuntu is based on Debian.

You can find the guide here. It basically installs the non-GUI version of qBitTorrent and the guide helps you set up the auto start on boot.

Aria2 and Aria2-webui


This is really optional, I haven’t implemented it yet, but I am considering it. Since I wanted a download station, with qBitTorrent the torrents downloads are covered, but I wanted a solution for HTTP downloads as well, since it’s a scratch NAS drive, why not put it to work.

Update: I decided to go ahead and install aria2 with the Web UI.

Aria2 really seems like the perfect solution, combined with the web-UI, it basically gives you the same features qBitTorrent does, but for HTTP. It actually has torrent support, but I’d rather use it for HTTP only. Like I said though, very optional.

Installation was easy for aria2, since Debian includes the package already, so you won’t have to add any sources. However, configuration took me a while, for both aria2 and aria2-webi. You can find the full documentation for aria2 here.

I might write a guide on how to configure aria2, I’m still not sure, since like I said I consider this to be highly optional. I basically installed and configured it out of curiosity, but I have to say the result is awesome and I’m definitely going to use it as my HTTP downloader from now on.

Weekly Reboot:


This was really easy to implement, all I had to do was edit the crontab by using the sudo crontab -e command, if it’s your first time running it, it will ask you to pick an editor. I always pick Nano. At the bottom of the file, I added the following:

# Weekly reboot. Wed, 1:05 PM
05 13 * * 3 /sbin/reboot

Then I saved and closed the file. I picked that specific time because I know at that moment specifically I’ll never be home or using the NAS drive.

You can also use this @weekly /sbin/reboot instead of the specific hour, minute and day set up I had. There is a great guide on Cron provided by Ubuntu, you can find it here.

Impoartant: Netbook Lid Closed:


Since I’m going to keep this netbook running all the time, I wanted to keep the lid closed, but I immediately found out that if you close the lid it’ll suspend the netbook, making it inaccessible.
To change that, edit the configuration file by using the sudo nano /etc/systemd/logind.conf command, then uncomment and/or change the HandleLidSwitch value to ignore, which should look like this:

HandleLidSwitch=ignore

Then save and close the file.

Conclusion


I know it seems like a lot of work, this guide is long but only because as I said in the beginning, I dubbed it to be boring. I learned so much in the process and I’m sure I’ll learn more and more as I go. As a geek, it was definitely worth it.

Because I used a minimal Debian install, and after all the setup and configuration it only uses 75MB of memory, compared to the 125MB from Lubuntu (with GUI off) on my first attempt.

Once you get used to the process, it becomes a reflex, the next time I do this it’s going to be much faster and easier, and I’m sure by then I would have tinkered with even more configuration and ideas.
I’m really happy with the result so far, I didn’t throw the netbook or let it catch dust and my network has expanded ever so slightly.

Just a side note, I installed NTP to keep my netbook time synced and updated, Debian has a great guide on it here.

Things I’m considering to do later:
  • ddClient: To update Dynamic IP with OpenDNS [Done]
  • SSH key security instead of passphrase [Done]
  • Unattended upgrades (Automatic updates) [Hesitant]
  • NTP server. (Broadcast time within my network) [Done]
  • Experiment with ownCloud to be used later on a full PC set up. [Delayed. Saving it for my future NAS server project]
Stay geeky!

Large Google Chrome Icon Fix

Since the recent November Windows 10 update, for some reason the start menu displayed a large Google Chrome icon. It drove me mad. I use Firefox as my main web browser, I have Google Chrome installed just in those rare occasions I need to view something with Flash, since I don’t have that installed and I rely on Google Chrome as my “Flash browser”.

At first I was sure Google would release a quick update to fix this issue, but it’s been a while now so I decided to look deeper into it.

Note:


I published this solution in December 2015 and the date of this note is May 2016, yet Google Chrome still has this issue. The fix below will have to be implemented every time there is an update to Google Chrome.

Many discussions are going around as to why Google hasn’t released a fix for this, one of which blames Windows 10 and how it handles x86 (Win32) software, they’re all kind of odd and arguable, until then, this is how to fix it.

Explanation:



Google Chrome uses Windows 10 feature to style the icon, or to be more exact, the tile. It will allow developers to do many things, including showing specific style titles for websites that you might have pinned using Google Chrome, in Windows 10 Taskbar or Start menu.

Neat idea, with awesome potential, however, in this case at least, it is what’s causing the problem. The styling method is simple for the main Google Chrome tile, it uses the VisualElements XML file to specify some attributes, such as background color, size and so on. Until they release a proper update for this, here is how to fix it.

Step One:



Open your Start Menu and right click on your pinned Google Chrome icon, then click on “More” to show the sub-menu and from there click on “Open File Location”. This will open the location of the shortcut that shows in the menu.

Step Two:



In the window that opened, right click on the shortcut icon and click on “Open File Location”, that will open the location of the original chrome.exe within the Program Files folder.

Step Three:


Now we reached the source, in that last window you just opened there should be a file named “chrome.VisualElementsManifest”. It is an XML file.

Rename that file and add “.old” at the end without the quotes. Making it either “chrome.VisualElementsManifest.old.xml” or “chrome.VisualElementsManifest.xml.old”. Either one is fine, the idea is that we rename the file so it doesn’t get recognized.


Better than removing it completely, that way we’ll always have the file on hand and whenever we want it back, we just remove the “.old” suffix that was added to the name.

Step Four:


Close all the windows you have opened now and repeat Step One, the step that opens up the window with the Google Chrome shortcut icon.
 
What we want to do here is trigger the start menu to apply the change, for that to happen we need to update the “Modified Date”. Simplest way to do it is right click on the icon, Cut, paste it on the Desktop, then Cut/Paste it back to exactly where it was in the window that was opened.


Result and Fix Explanation:


The process of this fix is very simple, we basically tricked Windows 10 into thinking there are no Visual Elements for the Google Chrome tile and it should use the default settings instead.

No system files need to be edited, just letting Windows 10 know that we don’t approve of that fashion statement, so to speak.


I am honestly not sure why Google decided to choose that as their style for the tile, I really hope it was a mistake and not an effort to dominate their browser on the start menu by making it look bigger. I really hope so.

What disturbs me though is that it’s been weeks and there were even a couple of updates, but no fix for this issue. I wonder why.

I have faith in Google though, I always do. Keep on doing what you do, almighty digital creature. We love you.

Windows 10 Update Stuck

A bug I have encountered, thankfully not too often, is that Windows 10 update gets stuck at a certain percentage. Both times it happened to me it was just stuck at 0% and it would stay like that for hours.
This guide will help you fix the “Windows 10 Update Stuck” bug.

Explanation:


For some reason, at least in my case, the files in the update process are corrupted. It could be a loss of packets when downloading or a bad write, I’m really not sure. The fix for this is to basically restart the update process completely, removing the files that were partially downloaded and might be causing the corrupted error.

Caution: This fix involves some command prompts with admin permissions and renaming some folders within the Windows installation folders and System32. You do this at your own risk, the explanation was to help you understand exactly what’s going on, so if you’re unsure or if you don’t feel comfortable doing it, don’t.

Step One:


Restart your computer and as soon as Windows is loaded, right click on the start menu button and click on “Command Prompt (Admin)”.


Step Two:


Then we need to stop all the services for Windows Update. In the Command Prompt window, type each commend and press Enter after:

net stop wuauserv
net stop bits
net stop cryptsvc


Do not close the Command Prompt window, leave it open.

Step Three:


We’ll need to rename the folders containing the update files that might be corrupted or causing the update to be stuck. In the same Command Prompt window, type the following commands:

ren %systemroot%\System32\Catroot2 Catroot2.old
ren %systemroot%\SoftwareDistribution SoftwareDistribution.old


If it fails to rename the folder that means one of the services is running, repeat from Step One again and make sure that you don’t run anything after you reboot your PC.

Step Four:


Now we’ll need to start the services again, in the same Command Prompt window, type the following commands:

net start wuauserv
net start bits
net start cryptsvc


Now go ahead and check for new updates. It should, hopefully, fix the process and the update should finish without any problems.

This is definitely not the only method to fix this issue, but it is the one that worked for me and the one I tested. Use caution, always, research everything. This method doesn’t delete any files so you should be safe. It basically renames the folders by adding a “.old” suffix to it.


WAMP Fix for Windows 10

If you use WAMP, XAMPP, EasyPHP or any of the development platforms for PHP on Windows 10 then you might have encountered a problem of a missing file or Port 80 is already being used.

Here we’ll show how to fix those common issues between those platform, underlined as WAMP fix, since it works for all.

Port 80 Already Being Used:


You might encounter that problem since Apache relies on Port 80 to communicate, at least in its default settings, there are two solutions for this, but first, let’s explore what’s causing the problem.

Skype:


If you’re a Skype home user, then it could be the reason, Skype by default will monitor activity on Port 80 and 443, I won’t get into details of why, because it’s been a long debate online, some say it’s a genius fix by the original creator of Skype, others say it doesn’t make any sense, since 80 is for HTTP.

You can easily disable Skype from monitoring that port by opening Skype, click on the Tools menu, then Options.

From there, click on the Advanced tab in the sidebar to expand it and select Connection, uncheck the option for “Use port 80 and 443 for additional incoming connections”.


That’s it, you’re done. Skype will no longer interfere with Apache, or more specifically, port 80.

World Wide Web Publishing Service:


In windows 10, WWW Service is enabled by default (IIS), this service is used to monitor HTTP protocol and performance counters, usually enabled for Windows Server.

I have no idea why this service is turned on by default in Windows 10, its use is for, well, web connectivity and administration, servers.

By default it will monitor Port 80 which will conflict with the default Apache setting, there are two ways to disable it, one is temporary and the other is permanent.

To temporary stop the service, click on the Start menu and search for “services.msc”, without quotes. Locate “World Wide Web Publishing Service”, click it, then on the left side bar click on “Stop the service”.


You may have to do this every time you start the platform (WAMP/XAMPP/EasyPHP), good for casual developers that don’t really want to interfere the default setup of Windows 10.

To permanently remove the service, go into Control Panel, click on “Uninstall a Program” then from the left sidebar, click on “Turn Windows features on or off”.

Expand the “Internet Information Services” and uncheck the “Word Wide Web Services”, then click on Ok.


Apache’s Default Port:


I honestly wouldn’t recommend doing this, but that’s just my opinion. It doesn’t really affect anything, but you might have to change your localhost URL every time you type it, from “localhost” to “localhost:port”, port being the new port number you have picked.

Services like WAMP, XAMPP and EasyPHP provide an easy way to edit Apache’s port. From their control panel, find the configuration option for Apache.

Find the option that edits “httpd.conf”, and then find the line that says either “Listen 80” or “Listen 127.0.0.1:80”, change 80 to whatever port number you think is suitable, 8080 is a popular choice, after that all you need to do is restart Apache. Older versions might have a “Port 80” line instead.


This could change slightly, but the basics will remain the same, configure Apache to change the port.
Your new localhost URL to view your local project will most likely need to be one of either:
  • 127.0.0.1:8080
  • localhost:8080

MSVCR110.dll is Missing:


You might encounter that error every time you try to start WAMP, XAMPP or EasyPHP on Windows 10. The reason for that is C++ Redistributable for Visual Studio 2012 is not installed and even removed after an upgrade to Windows 10, which is a dependency for those platforms to run.

To fix that, go to this URL:
http://www.microsoft.com/en-eg/download/details.aspx?id=30679

Download the x86 or the x64, depending on your system or which platform architecture you’re using. If you’re unsure, check the platform website for details (WAMP/XAMPP/EasyPHP). Though installing them both should be just fine.

Conclusion:


Windows 10 is an amazing operating system, they seem to be trying to push a lot of services and features on all users by default, which I would consider to be their only downside so far, unless you also count the lack of update notes.

I was and still am always hopeful that programs and platforms do a basic check of their dependencies on install, it would save a lot of hassle for their users. I’m sure they’ll release updates soon that will install the C++ dependency they need to run, until then, just use this manual fix.

Hopefully these solutions are sufficient enough to cover all the problems you might encounter with Windows 10 and PHP development, if you do find another though, please let us know, we’ll be more than happy to feature your solution in this article.

Keep on developing.


Life Without Flash and Java

Flash and Java were the most needed sources to be installed on most devices, if you’ve been surfing the web as long as I have, you’ll know that the old days were mostly about having everything run with Java, and fancy websites used to utilize Flash for animated effects, even simple parts of a website such as header navigation required flash.

Then web browser games became popular, which relied heavily on Flash and sometimes Java, they still do, but I think in terms of popularity, that has decreased over time.

Bank and school portals used to rely on Java fully, some, sadly, still rely on it till this day.
Because of all the attention, Flash and Java became a target for malicious content and attacks, and in many cases, even recently, they were brutally successful. A massive debate has been going in the security community on who’s to blame, some said that the companies behind those platforms were not taking the needed care it deserved, others debated because for example, Flash is closed sourced, it’s been impossible (or hard?) for others to create another platform with a better or a more secure system.

If you search Google about the security issues with Flash and Java, you’ll find at least a mile long worth of articles explaining some horror stories of devices compromised or rendered completely useless unless a format and a clean reinstall of the operating system is done, and worse.

Let’s also not forget that websites with videos or media also relied heavily on Flash, but thankfully and slowly, all the major players are starting to switch to HTML5, a Flash free experience.

I decided to take the step and not install Java or Flash, and see how it goes, so here is my report.

Life Without Java:
 
This was surprisingly easy, I’ve uninstalled Java months ago and since then I haven’t encountered a single situation where I needed Java to be installed, though I have read reports and comments that the main issue without Java is sometimes online banking or logging in to school systems.

Reports claim that the use of Java has decreased a lot, if you are worried about it affecting your regular activities online, then my suggestion to you would be uninstall Java, experience everything that you do normally and see if you actually need it, when it explicitly tell you that “You cannot view or interact with this service without Java”, then go ahead and install it, I would even recommend when that happens, to uninstall it after you’re done with that task.

Not having Java installed means it is one less source of vulnerability on your device, and you’ve actively decreased the resources used, there are not scheduled Java updates, no sources being loaded in the background so it will make your system happier.

One big issue from people was having Java installed because they play Minecraft, that is no longer the case, they have released a new update to their launcher which bundles a minimal version of Java into the installation. Basically they took the part they needed from the Java framework and excluded the rest, so, you can safely and without worry uninstall Java, Minecraft is now taking care of itself.

Life Without Flash:

I’ve only uninstalled Flash about two weeks ago, so my report could possibly be not as complete as it was with Java, though from the looks of it so far, it seems that Flash will not be on my installed programs list anytime soon.

I’ll be honest, this was not an easy decision, even though I know all the risks and how exploitable Flash can be, it is (or hopefully, was) a relied upon framework in many aspect of my online activities, especially when it comes to watching funny cat videos.

With  YouTube however, taking an awesome step of utilizing an HTML5 player, it kind of gave me the courage, in my theory, YouTube is a leader in its category, and many will follow its footsteps, they are not naive, and thankfully, so far, my guess was proven to be correct.

Some of the media services I’ve tried that offered an HTML5 alternatives include, but not limited to:
  • Youtube
  • Vimeo
  • Vine
  • Metacafe (Partially)
  • TED
  • IMDb
  • Dailymotion
  • SoundCloud
There are of course other media services that aren’t just about watching a quick video. The last couple of years, relying on web streaming to watch TV shows and movies has been gaining popularity and it looks like it will keep on going up the scale.

One of the biggest issues for those service providers on not switching from Flash to HTML5/MSE was advertising revenue and DRM, though since the HTML5 player initiative, that issue is no longer, well, an issue. HTML5 as an alternative has evolved since then, and is now fully capable of handling all the concerns those companies mentioned.

For example, Netflix has an HTML5 + Silverlight option to enjoy their streaming services, as mentioned by them here: https://help.netflix.com/en/node/23742.

However, Hulu has yet to make that switch, but if I had to guess, it’s a question of when, not if. You can read the dated announcement they made about their thoughts on HTML5 and why they haven’t switched to it here: http://blog.hulu.com/2010/05/13/pardon-our-dust/.

As I mentioned though, all those concerns are now a thing of the past, especially with many devices that just don’t support Flash (ie: iOS devices), HTML5 will soon, hopefully, be their choice, or honestly if they can come up with an equally decent alternative, it would be great.

My suggestion, try living without Flash and see if it has an impact on your routine online activities, if it’s a big impact, then install it and for the love of everything that is sacred, keep it updated.

Caution: Google Chrome, Internet Explorer & Microsoft Edge
 
If you have decided to make the move to have a life without Flash, then you should know that Google Chrome, Internet Explorer and Microsoft Edge come bundled with Flash installed specifically for them. My suggestion is to either disable Flash from the browser’s settings or for a complete experience without Flash, install Mozilla Firefox web browser.

Conclusion:
 
Flash and Java have been big names in the online world, both for the good side and the ugly vulnerable side, ever since I’ve uninstalled them I have a sigh of relief, two less sources of possible malicious attacks I won’t worry about anymore and knowing that I don’t have any resources being used to keep them running and updated is also a nice frosting on the cake.

In no way this is an easy decision to make, so my suggestion is always to experiment, you will not lose anything if you uninstall them, find out exactly if you need them or not before blindly installing them, the online media world is slowly changing, your preference of services could have made the switch already.

If you are forced to use them for specific services, I would highly recommend using them on a separate browser, for example, have Firefox as your main web browser, and Google Chrome just for that Hulu experience you need, assuming they still don’t support HTML5 players, this way you will be having the best of both worlds. With and without Flash/Java.

Know your options, and be safe.