The U.S. Department of Justice has today released a redacted copy of Special Counsel Robert S. Mueller III’s “Report on the Investigation Into Russian Interference In The 2016 Presidential Election.” Unfortunately, as released, one cannot search the 448-page report for key words or phrases of interest. I have created a searchable copy that you can download here (133 MB PDF).
In December 2017, I wrote a post about how to use Quad9 DNS resolution with Algo VPN, a free and open-source project by Trail of Bits that lets you easily set up your own non-logging VPN server.
My earlier tutorial no longer works with versions of Algo VPN since 25 April 2018, when the Algo VPN code base was changed to enforce encrypted DNS lookups (and five days later, WireGuard support was added, yay!). By default, Algo now uses Cloudflare’s secure DNS lookup. Quad9, which I prefer because of its option to block known malicious sites, implemented DNS over HTTPS in October 2018, and you can now use it with Algo VPN instead of Cloudflare if you like. I will provide step-by-step instruction on how to do this below.
Bear in mind that for these instructions to work, you must be using an Algo installation made with the code base since the April 2018 revision implementing secure DNS lookup:
1. SSH to your Algo server via your terminal app:
ssh root@ip -i ~/.ssh/algo.pem
2. Open /etc/dnscrypt-proxy/dnscrypt-proxy.toml for editing:
nano /etc/dnscrypt-proxy/dnscrypt-proxy.toml
3. Find the line:
server_names = ['cloudflare', 'cloudflare-ipv6']
4. Replace with:
server_names = ['quad9-dnscrypt-ip4-filter-pri', 'quad9-dnscrypt-ip4-filter-alt', 'quad9-doh-ip6-filter-pri', 'quad9-doh-ip6-filter-alt']
5. Hit Control-X to exit, choosing Y to save and keeping the same file name.
6. Type reboot at the command line to reboot.
That’s all! Your Algo VPN server will now use Quad9 for secure DNS resolution.
Note that there are other secure DNS servers that you can set as parameters for server_names. You’ll find them listed here.
After upgrading an instance of NextCloudPi from version 13 to version 14, I received the following error notification:
In short, the table “oc_share” was missing the index “parent_index” and the table “oc_filecache” was missing the index “fs_mtime”.
I tried SSH-ing to my NextCloudPi server and running the suggested command, “occ db:add-missing-indices” but it generated an error.
Despite the missing database entries, the instance still seemed to run fine, but I found the constant error message vexing.
After some online research and examination of my NextCloudPi instance’s directory structure, I found the following solution, and not seeing it posted elsewhere, thought I’d share it here:
1. SSH to your NextCloudPi instance.
2. Get a root prompt by entering:
sudo bash
3. Go up to the root directory by typing the following command twice (or as many times as necessary):
cd ../
4. Switch to the nextcloud directory:
cd /var/www/nextcloud
5. Run the following command:
sudo -u www-data php occ db:add-missing-indices
6. You should receive something like the following prompts (which I received):
Check indices of the share table. Adding additional parent index to the share table, this can take some time... Share table updated successfully. Adding additional mtime index to the filecache table, this can take some time... Filecache table updated successfully.
7. That’s all! Type “exit” and hit enter to terminate the SSH session. The error message should no longer appear.
The Persian word for “music video” is نماهنگ. According to Wikipedia, the term was approved by the Farhangestan (Academy of Persian Language and Literature). I encountered it on the website of the office of Iranian Leader Ali Khamenei, which published a music video in connection with his audience with members of the Islamic Propagation Coordination Council. The video is captioned: نماهنگ دیدار اعضای .شورای هماهنگی تبلیغات اسلامی سراسر کشور
In Persian, a commercial product that is unopened and in its original packaging is described as being آکبند. I encountered this word for the first time in an article on Iranian tech website Digiato about restrictions on returning travelers bringing mobile phones into Iran, in the following context:
یکی از مسئولان ستاد قاچاق کالا به دیجیاتو میگوید که هر مسافر مجوز آوردن یک موبایل مسافرتی (موبایل رجیسترنشده، چه آکبند باشد چه نباشد) به داخل کشور را دارد.
In a post on 1Doost.com, Nooshin Mohammad Ali provides what seems to me to be a dubious folk etymology, claiming (while citing no source) that it’s derived from the English “UK Band” which supposedly was printed on ribbons wrapped around British goods arriving at the port of Abadan before the 1979 Islamic Revolution.
An interesting but ultimately inconclusive discussion of the etymology of آکبند extracted from the Adabiyat listserv appears on The Iranian here.
Comments welcome.
Algo VPN is an open source project from computer security firm Trail of Bits. It facilitates the creation of a non-logging (and optionally ad-blocking) virtual private network (VPN) on a virtual private server (VPS). I’ve been using Algo VPN for a couple months and am pleased with it’s performance, particularly on Apple devices, which natively support the IKEv2 protocol implemented by Algo VPN.
By default, Algo VPN uses Google’s domain name resolution (DNS) servers (8.8.8.8 and 8.8.4.4). Recently, I heard about an alternative, non-profit DNS service called Quad9 (9.9.9.9) that has some attractive features. In particular, Quad9 blocks known malicious domains, collects no personally-identifiable information, and does not store the IP addresses of end users to disk. Steve Gibson spoke about Quad9 in episode 638 of his weekly Security Now podcast.
Perhaps in the future, Algo VPN will offer Quad9 as an alternative to Google’s DNS servers. But until such time, and for already existing installations, here’s how you can point your Algo VPN server to Quad9’s DNS servers:
1. SSH to your Algo server via your terminal app:
ssh root@ip -i ~/.ssh/algo.pem
2. Open /etc/dnsmasq.conf for editing:
nano /etc/dnsmasq.conf
3. Find the lines:
server=8.8.8.8 server=8.8.4.4
4. Replace with (the second line, not originally included here, is Quad9’s secondary IPv4 address; thanks to commenter “c.” for noting this):
server=9.9.9.9
server=149.112.112.112
5. Hit Control-X to exit, choosing Y to save and keeping the same file name.
6. Type reboot at the command line to reboot.
That’s all! Your Algo VPN server will now use Quad9 for DNS resolution.
U.S. president Donald J. Trump devotes a great deal of time to Twitter. Have you ever wondered what he sees on Twitter? I did, so I created the “Twitter Through Trump’s Eyes” public list that includes the President’s own tweets along with those of the 45 Twitter accounts that he follows. I will keep this list updated as necessary. You don’t need to have a Twitter account to view. Clicking on the image below will take you to the list.
Recently, the question of how best to translate the English phrase “including, but not limited to” has crossed my desk. Google Translate offers از جمله، اما نه محدود به which seems quite good, and I’ve found an example of its use (multiple times) on a webpage of Iran’s Islamic Parliament Research Center, where the “but not limited to” part is placed in parentheses از جمله (اما نه محدود به). The same page sometimes uses شامل instead of از جمله.
If you are using the Enigmail security add-on for Mozilla Thunderbird under Ubuntu Linux, you may have recently discovered (as I did today) that it no longer works with the version of GnuPG that you have installed, and that you need to upgrade. But it’s not evident how to do this, as there is no GnuPG update available in the Ubuntu Software Center.
Fortunately, there is an easy way to upgrade Ubuntu to GnuPG 2. Just open a terminal and type:
sudo apt-get install gnupg2
and enter your password when prompted.
On the evening of Monday, 15 February 2016, Iran’s television channel 3 aired a 13-minute report titled “The Rules of the Game” (in Persian, قاعده بازی) about the 17 January 2016 prisoner swap between Iran and the United States, arguing that the exchange was a victory for Iran and a loss for the United States. The program, produced by the “General Administration for Analytical and Documentary Programming” (اداره کل برنامههای تحلیلی و مستند) contends that the settlement of a longstanding property dispute between Iran and the United States was linked to the prisoner exchange, reporting among other things that on the day of the exchange, the U.S. flew $400 million in cash to Tehran’s Mehrabad Airport.
The following is a rough translation of the report that I have prepared. Comments are welcome.