Category: Tools

(k)ubuntu on ideapad in legacy

Hello reader,

Did you just buy a new laptop, hoping you could just install (k)ubuntu and start working like a pro? And did this turn out to be an unpleasant experience because (k)ubuntu won’t boot? And are you also weirded out by my infomercial-style writing? Then I have the solution for you!

About a week ago I bought a nice new IdeaPad with awesome specs. After installing kubuntu, I couldn’t get it to boot up. It took me a while to find the problem, which turned out to be the simplest possible explanation (A typical case of Occam’s razor).

Assessing the damage

To make sure you’re experiencing the same problems, make sure you followed the following steps first, before trying the solution I’ll propose further down the article.

Image

Make sure you used a 64bit version of the OS. If you came here because of a problem with a UEFI-bootable device, it’s highly likely you need 64bit.

Boot

If you’re using Legacy boot (BIOS), first make sure your boot mode is set properly (legacy, also set priority to legacy). Also make sure you have QuickBoot/FastBoot, Intel Smart Response Technology (SRT) and in the case of a laptop running windows 8, Fast Startup disabled.

In terms of booting, also make sure the correct boot order (the HDD first) is set.

Installation

This one might sound silly, but make sure you successfully installed (k)ubuntu, and that it didn’t crash on some sort of error.

The proposed fix

In my case, the problem was a missing boot flag. That’s silly, and can easily be fixed.

Start live cd/usb

We’ll need a terminal so we can run some commands to fix this problem. First, start the live cd. Once there, open up a terminal.

Check boot flag

Before we start messing with our disk, let’s first make sure that the missing flag is indeed the problem. Run sudo fdisk -l and check if your primary disk (HDD) has a boot flag enabled. You can read more about this here.

Set the boot flag

If the boot flag doesn’t exist, this is most likely the cause of your OS not booting.

  1. First, find the name of your primary disk. In my case, this is nvme0n1.
  2. Run fdisk, so we can manipulate the disk and add the boot flag.
    • sudo fdisk /dev/nvme0n1
  3. Now were in interactive mode, run the following commands in sequence:
    • a (toggle a bootable flag)
    • 1 (partition number)
    • w (write changes)
    • q (quit)
  4. Reboot your machine. You should now boot to (k)ubuntu.

I hope this helps someone!

Github credentials sharing

jspm install and github rate limiting

It has come to our attention (thanks to @michielcornille!) that some developers, probably unknowingly publish their username and password to the world. This is dangerous.

Using this information, people with ill intentions can:

  • Delete your account, or do anything else for that matter.
  • Login on your other accounts (logged in on heroku? your production environment is now vulnerable).
  • Login on other systems using the same credentials (people still don’t use different passwords on different sites).
  • Modify code and inject malware into existing repositories without you knowing.

An example of this, used in our own repository can be found here.

In our case, it’s a readonly access token. But some use their github username and password instead. for obvious reasons, I will not be linking to examples in this post.

This is usually done by developers due to github’s rate-limiting on api requests, which occurs for example when working with JSPM. There’s nothing wrong with using a token, provided you’re careful.

What can I do?

If you already have your username and password on github, change your password. It’s in version control now, and people have it.

If you’re using an access token, check the permissions. Anyone can use your token, and if it has too many permissions, you’re now vulnerable. You can safely change the permissions without breaking the token itself.

  1. Always use 2FA. Read more about it here. This makes sure that even if someone gets your login credentials, they can’t do anything.
  2. Don’t put your credentials on github. Not even base64 encoded (that can just be decoded). Instead, take one of the alternative approaches (for instance environment variables).
  3. When creating access tokens for your account, give it the minimal permissions required.

Please share this article with anyone you might think is vulnerable for this.

Thanks for reading,

happy coding!

PHPStorm / Webstorm plugin acejump

Fresh IDE, happy me

Today is a good day. I got to configure my IDE on a new machine, which is always a joy. I started setting up the basics such as code style, libraries, line numbers, eof newline etc and moved on to the plugins. To my surprise, very few people I work with seemed to be familiar with an amazing plugin called AceJump. This triggered me to write about it and try to better your IDEs one by one.

What is AceJump?

AceJump is a plugin by johnlindquist that allows you to jump your cursor through a file, by simple find and magic. The plugin itself has the following description:

General usage instructions
Hit “ctrl+;”, type a char, then select a char to jump to. When selecting the char “shift” will select the block between the cursor and char. You can toggle “target mode” by tapping “ctrl+;” again, which will select the word you jump to. You can remap the AceJump keyboard shortcut in File->Settings->KeyMap and search for “Ace Jump”. Right-click on it, then select a different shortcut.

The simplicity of the plugin, and the power it gives you makes it an important tool to have in your arsenal. More info about the plugin can be found in this youtube video by John: Ace Jump.

Where can I get it?

You can find the plugin by clicking here or by going to File->Settings->Plugins->Browse Repositories and searching AceJump.

Documentation for everything

Hello fellow geeks!

Today I’d like to share a nice piece of software that has boosted my productivity by 200%. It’s a tool that allows you to download documentation from a lot of libraries, frameworks, programming / scripting languages, stack overflow, packagist and more. It’s called Dash (for mac) and Zeal docs for Windows / linux. For this post I will be talking about Dash specifically, but most of it also applies to zealdocs.

What it does

Like they say themselves:

Dash gives your Mac instant offline access to 150+ API documentation sets.

It integrates with the system (shortkey) and a lot of editors / other systems. As an example, in your editor, you can select some text (for instance, Angular’s $http) and push the shortkeys for Dash (defaults to cmd+shift+d), which will bring up the documentation on $http for angular.js. Are you writing php, and are you unsure on what strstr or stristr do? Select that, press the shortkeys and boom, documentation.

Like I said, it has documentation for a lot of things. Node.js, PHP, javascript, ruby, Zend Framework 2, Laravel, and much, much, much (I can keep going like this) much more.

It also supports Packagist and automatically builds documentation for all packages you wish to use, if there aren’t any. And it supports stackoverflow by downloading answered questions which you can search.

Download

It’s offline, fast, has everything in one place and doesn’t force you to wait for the browser. It’s just cool. Check it out:

Mac: Dash

Windows/Linux: Zeal docs

©SpoonX 2017