Wednesday, August 24, 2011

Ubuntu startup disk on USB flash drive refuse to boot

I have created a startup disk on USB thumb drive for an ancient desktop.  I never tried to boot it up.  Nowadays, basically it's a full copy of virgin OS on flash drive.  For this reason you shouldn't bother with Windows recovery.  Have Ubuntu dual boot and you can read and write your drives no matter what.  A flash drive is extra protection when both boot fails.  A 2 GB drive is too cheap for the postage.  If you have Frys or Micro Centers, you can pick it up dirt cheap.  

For strange reasons the flash drive wouldn't boot.  I searched the Web.  All the problems and solutions are not relevant to me.  There's only one person saying that must be memory.  Of course, but memory errors are the most spectacular.  I'm not having anything spectacular.  As a last resort I tested my memory using the memtest that comes with Ubuntu.

It wasn't surprising that I have at least a memory error.  I think I spotted errors long ago.  I don't believe it because it passed the BIOS tests, and Windows and Ubuntu boots well. 

For no good reason I swapped the memory banks.  It was scary as the motherboard refuse to boot again.  It boots if I swap them back.  So the simple memory tests test only some of the bytes, not all the bytes.

So I went to Micro Center to pick up some cheap memory.  Memtest shows no error and everything boots, including the USB flash drive.  Amen.

The life time guarantee on the memory is basically useless.  By the time good memory fail, it will be obsolete, if not, dirt cheap.  If you are still using your obsolete system, for memory you cannot wait for the return authorization and wait for them to sent you the memory.  And if you bother to pull out the memory, it's worth while to upgrade to bigger memories.

There comes a time when obsolete parts cost more than new parts, for the hard to find factor.  Basically this is driving you to give up your obsolete system and upgrade.

Epson scanner warmup problem in Linux

Today I reached the holy grail, the ancient motherboard and ancient Epson scanner is working under Ubuntu, the last device that refuse to work.

With the kernel upgrade, the know problem of my most ancient motherboard is gone all of a sudden.  The motherboard temperatures can be detected and I can use it to run something hot, rather than sitting pretty.

My ancient Epson USB scanner always work under Windows.  But my other things wouldn't work nicely in the ancient mother boards.

Firstly, in Ubuntu, you need the sane package installed for scanners.  Try type the command xsane.  If you don't have it installed, follow the instructions to install it or just fire up the package manager.  The sane package will be chain installed in order to get the GUI front-end working.

Type the command

#scanimage -L

to check if your scanner is recognized.   For some Epson scanners, you can see the name of the so called backend, some sort of driver - plustek.

My scanner is recognized, responded, but hanged after scan started with no messages.

Ignore what Epson have to say and their recommendation of drivers for Linux.  It is way too out dated.

Go to /etc/sane.d

Edit plustek.conf file (sudo)

option warmup -1
option warmup 60

Then my scanner works.  If they still don't, edit all the epson*.conf files.  Comment out the scsi lines.

Fire up your scanner with xsane and be patient.

Tuesday, August 23, 2011

What is WiiXplorer?

You don't really have a clue after reading the long list of features.  But it is a must have.

It can be installed directly via the Homebrew Browser (an app on Homebrew channel).  So you don't need to do anything like touching the SD card.  I installed it after I installed USB Loader.  It works without a hitch.  I suppose it will work without the USB Loader.  I have everything compatible to Wii 4.3.

Now that you need the USB drive to be at the Wii to backup all the games, you don't want to move the drive upstairs and downstairs to the PC and the Wii.  Two separate drives aren't necessary better even if you have the money.  You need something to connect your PC to the USB drive at the Wii.

The Wii is a pretty good SDHC card reader (and writer).  You can watch your pictures and videos right on the big screen after a trip.  If you can copy the card to your PC, you don't need a separate card reader.

The WiiXplorer is basically a GUI file manager, like that of any other OS.  It's behavior like Windows Explorers and nautilus(?) in Ubuntu.  Basically that's the tasks you do daily the most, copy, move, delete, rename files and folders.

The multi device means the SD card drive, USB drive, and SMB share on the PC over WiFi is supported.  It should also support USB flash drive, but I didn't tried.

There is an icon at the top left hand corner to show what device is being displayed.  If you click on it, there's choice of SD, USB, and SMB etc.

The USB drive connected to the Wii is NTFS formatted (Windows).  My desktop is of course ext (Linux), but wrapped up with SMB.

It's the same SMB setup as mplayer-ce.  But you can do it via the GUI when you run WiiXplorer.  Remember to uncheck readonly at the PC end if you want to be able to write back to the PC drives.

So you can copy/move files from any device to any device.  And you can sit at the Wii and do everything with the Wiimote, without going to your PC, as long as it is on for the SMB server.

If you download something to the PC into the SMB share folder, you can move it to any storage on the Wii.  You can also move anything on the Wii storages into your PC.  With this thing, you never need to go up and down stairs to install something.

But moving files over WiFi is pretty slow if you have 4GB of data.  The speed is about 500 MB/s.  You need 2000 sec to move 1GB of data.  It's not too bad.  If you want it immediately, you can carry the USB drive around, the speed is at least 20MB/s at the lower end.  Otherwise you can start moving something when you are not using the Wii for an hour or two.

If you setup the Wii as an ftp server, you can sit at the computer and do everything too.

WiiXplorer also launch installed Homebrew applications according the file type.  But it didn't work for me.  If the image display works, then it's a compliment to mplayer-ce.

Usng WiiXplorer is obvious, except that the right click on a file is achieved via the + button.  You use this button to bring up the copy-paste menu.

Wii media center limitations

Last time we talked about streaming movies to the Wii directly from your computer, via wifi connection.

The Wii is not HD yet, and the connections are standard RCA jacks.  You can have adapters for your PC or HDTV for cheap, but the resolution is limited to about DVD resolution of 480p, that of the Wii output.

The mplayer-ce can play almost any formats in any resolutions, but the Wii isn't fast enough for playing HD stuff.  Down conversion from HD to SD is pretty intensive processing, decode HD stuff and then recode.  You have to do it in your PC first.  The processing takes roughly the same order of time as the movie play time, depending on your CPU.

Setting up Wii as a mega game center

Instead of swapping DVD games, you can put them all on a USB drive.  That's mega.  You can also "exchange games" via the Internet this way.

The problem for the Wii is the versions.  Software modifications are very specific to the firmware version of Wii.  Since these softmods aren't updated that often, you may be using out of date instructions.  There's still a possibility of bricking the wii.

The other problems are trolling.  You never know what the purposes of some instructions, and the mentality of some writers.

Let me tell you a story.  I overheard a kid said to his father, "You said we will go to the game shop again to get a new game.  That was last January."  So the kid probably got the Wii for Christmas or Thanks Giving, at the sales or not.  Then he got a game probably the next year at New Year sales.  Then no more games for another year, probably.  So, for whatever reasons, please minimize the trolling.

So if your Wii is virgin, update to 4.3U/E/J.   U for US, E for Europe, J for Japan etc.  You can do everything in 4.3.  If you already have homebrew something in your Wii, I don't think updating will brick it.  But you will have to install homebres all over again.  For this reason, you want to disable automatic updating once you complete installing everyting homebrew for 4.3.

First the trusted instructions are here at GAF, pretty good, very detailed but not too specific.  The order of installation is:

Wii 4.3
Configurable USB Loader

Homebrew is simply a simple way to run other applications and installers.  Almost all softmods are IOS, modifying the I/O system of the Wii, say, instead of reading the DVD drive, read from the USB instead.  d2x handles with some ways that games uses I/O.  The USB Loader manages the games and play them.

Firstly, about the security.  These installers load a lot of things directly from websites and Nintendo.  So you have to trust them.  If you have internet filters for your kids, typically these ware sites and even game sites are blocked by default.  Then you MAY have to turn your firewall off to your Wii, and only your Wii.  You can do it easily on your Wifi router by setting the DMZ option on your Wii - demilitarize zone, meaning no protection.

After installing everything, you should set the firewall to normal.  The homebrew software will still download from the web, but this is normally allowed.  There is no guarantee what is in your softmods.  For example, the easiest method to install Homebrew is to use the letterbomb method, without actually buying an old game.  But your IP and the MAC of your Wii is given away.

If you If the installation complains that it cannot download a file, search for the file directly on the internet, download it, and put it in the right place on the SD card as directed.  This probably won't happen if your Wii is unprotected from the Internet.  The installers actually check hash signatures, so you probably won't download the wrong files into your wii.

Before you do anything, it's best to go to Homebrew channel, get to BootMii by the Home button.  Then save 512 mb of NAND memory onto the SD card.  In BootMii, the wiimote won't work, use the Wii power button as next, and the reset button as select.  If anything goes wrong, you can load the NAND back to the Wii and all your installations are nulled.

After installing IOS236, you should get the hell out without any further steps, step 2.  To get out of step 2, you push the 2 button, confusing, isn't it?  Otherwise you need to insert a real game, start it, and install IOS236 again.

Something is missing in the USB Loader instructions.  I don't know what the hell he is talking about.  Just download the v69 version directly.  It works as instructed.

I advise using NTFS for file format, which is the usual format that comes with USB drives, which is used in Windows, Linux compatible.  You have to add two lines to the config.txt file.  Then you don't need to add another FAT32 petition.  Just remember that in NTFS, filenames are case sensitive, while the old FAT are not.

The important thing is that, USB Loader (and a few others with similar names) put everything on the folder wbfs at root of your USB drive (single or multiple partitions).  Otherwise the loader won't see them.

You can only plug the USB drive into USB1 socket, the one near the bottom or near the edge.

The loader will backup your DVD game to the USB drive via the + button.  It takes a while for all 4 Gb of data.  The filename will be GAMEID.iso inside the wbfs folder (or a few other alternatives).

If you somehow get DVD image files .iso files, you must lookup the correct GAMEID from the internet such as  Rename your file to GAMEID.iso and put it right under the wbfs folder.  Or else the loader won't see the game.

If you play the same games often, you can use the SDHC cards too.  You need an 8 GB for one game, and a 16 GB card for 3 games.  USB flash drive should work.  You don't even need a card reader for your PC.  But with the USB socket at the back of the Wii, I find it not that convenient.

I have a very old SD card (up to 2 GB), but I never come across the need to use it in installing all the homebrew software.  All SD cards are now SDHC.  Anything other than the biggest capacity you can get it on the net for cheap.  So cheap that the postage is significant.  You can pick these things up like trash in shops such as Fry's and Micro Center, if you are lucky to live near one.

The best format for external HDD is NTFS.  HDD is also the cheapest, but some adaptors of old internal hard drives don't work.  As for the games, you simply download the .iso DVD image file and put it under the wbfs folder.  Some are compressed into .rar for example after "scrubbing".  You extract back the .iso file after download. 

The USB loader can also read .wbfs files.  But the HDD should also be formated as wbfs.  If your HDD format is NTFS and you download a .wbfs file into the wbfs folder, it will play, but the USB loader will ruin your whole HDD.  You don't discover it until the whole disk of data is corrupted.  I have unrecoverable errors probably due to a combination of back sectors.  Even after complete reformatting, the HDD isn't "clean" as reported.  So I reserve 100 GB for games in one partition.  The others disk space I can safely create a clean partition and use it for backups.

Sync your folder in the cloud with your local drive

For backups, you sync your local folder to some servers in the cloud.  Since only the updated files are copied, you can run the command via cron automatically, daily or hourly.  You can do the same to encrypted files if you use ecryptfs.

For bittorrent downloads into the cloud, you can automatically sync the downloads to your local drive.  With automatic sync, it's as good as downloading directly, without the hazzle of starting bt client on your computer.  But the bandwidth usage increases by 50%, because the files got transferred out of the cloud twice, one for seeding and one to your computer.

The easiest way is using Ubuntu in EC2 and locally, which I am.  First to copy a file or whole folder, from EC2 to hard drive.  Assume you have a folder called downloads in EC2, and your default username there is ubuntu.

scp -i /home/yourusername/yourkeyfile.pem /home/yourusername/downloads

The advantage is that there is a counter for the percentage completion.  You can custom the filenames and folder names.

If you sync the files, a single command is all you ever need, and you can put it into cron and forget about it.

rsync -e "ssh -i /home/yourusername/yourkey.pem" -av --exclude '*.part' ~

For bittorrents, you exclude the partial downloads and never waste bandwidth.  The disadvantage is that the command is completely slient.  You have no way of knowing the progress unless using other means such the system network monitor.  Also the partial file is hidden somewhere, so you cannot take a peep first.

Wednesday, August 17, 2011

USB Flash drive shrinks in capacity due to hidden bad trash

In Ubuntu, each drive has a hidden trash bin, just like in Windows.  But in Ubt, "undelete" is integrated.  This works for native Linux file system formats ext?, and old Windows FAT32, but somehow don't work for new Windows NTFS with multiple partitions.

Users see a single trash bin accessible via the status bar.  When a drive is mounted, it's trash appears in the central trash bin.  A flash drive is automatically mounted when it's inserted.

In the desktop GUI, Gnome, you cannot delete a file, but only move it to the trash.  So you don't recover disk space when you remove files on the flash file.  You have to empty the trash.

For some reasons, probably pulling out the flash drive without unmounting it first, and didn't empty the trash first, the trash can information got corrupted.  Say the trash can cannot be emptied.

First, you have to become superuser to force delete files in trash can.  You need to bring up the file explorer or file browser in Linux:

#gksu nautilus

From there you browse the the flash drive, show hidden files via options.  Then you have sufficient privilege to delete files in the Trash can.

Settings up Wii as your wireless media center and free game center

Why Wii?  Because it's easy, parents can do it.

Why Wii?  The HD version will only be launched in 2012.  But you can see how popular Netfix streaming is, while most of the library are DVD's.

Why Wii?  Sometimes you don't want to go to the center of the living room and watch the main TV.  You don't want to sit in front of the desktop too often either.  Sitting in front of a notebook is worse.  Kids like their own quiet corners sometimes.  I like my own space too sometimes.  If you haven't throw away all your obsolete TV's, they are pretty good for Wii.  Or you can pick up a decent monitor for pennies in the dollar on a garage sale.  You can go to the garage with a Wii, and connect that to a TV that you didn't bother to throw away yet.

Why Wii?  The Wiimote is something, though other consoles have been catching up.  You can control the usual complicated media player maneuvers with your left hand. 5 year old kids surf channels and movies like a pro.

Homebrew is a generic term for all the alternative software for game consoles.  For Wii there is the  This site is not one of those who try to sell you something when it's free.

First you need to setup the Homebrew channel.  Even is not up to date.  For all their methods, you need to buy a real game DVD, start playing at least once, save the game on SDHC card.  Then you replace the saved games files with the hacked files.

The best is the Letterbomb method at  There are videos and tutorials to help you.  To get your Wii MAC, go to the Wii setup menu, at the Internet options.  After all that is done, you go to the Wii calendar.  You can find the email on Today or on Yesterday.  You can see the letter with a bomb icon.  You click on it and begin to install.  You install Homebrew Channel, and I suggest also bootmii for many other things.

The site didn't work for my secure Linux and secure Firefox.  You may use IE or the bundled cut down browser on Ubuntu.

The current System Menu Version of the Wii is 4.3 (U for US, E for Europe etc).  You should update your system to 4.3, otherwise earlier systems don't even support USB2.0.  Though if you or someone have installed some hacks before, they will be deleted during System Menu update.

The Wii treats storage devices differently.  The most likely to work storage is the early SC, up to 2GB.  Next best is SDHC, and it works on my Wii.  Then it's USB drive or flash drive.  I use SDHC throughout without problems.

The next one to install is Homebrew browser, from whom you can download other games and software via wifi. has a page on it.

The Wiimote is something, though other consoles also have it.  With it, a simple painting game becomes a multilayer strategy game, and they are like having fun painting on the wall instead of on paper.

For the media center bit, you should install mplayer-ce via Homebrew.  WiiMC is better but it didn't work for me.  Mplayer-ce plays at least .mp4, .avi (xvid) and .mov files.  It plays all of them on SDHC cards.  It doesn't play .mov files on USB flash drive.  It only plays .avi files on my desktop via file sharing with SMB.  It doesn't play photos.

If you don't use wifi to transfer files, you have to copy the files to flash drive or SDHC card, carry the drive or card to the console.  My old camera is good at taking pictures but very slow in transfering the files.  The USB connector is at the back of the Wii which is inconvenient.

The best method is file sharing.  You play the files directly on your hard drive of your computer via wifi.  You do not need to copy and carry the drives and cards around.  Actually no files are copied.  They are like streaming to your Wii immediately.  For this reason don't use ftpii, where files are actually copied, and can be slow via wifi. 

The easiest file sharing method is via SMB.  The beauty of Ubuntu and Linux is that it's built in.  You don't need to install Samba.  There are several methods to config sharing on Ubuntu but the only one works for is to open a terminal, and then the command:


The app have nice GUI.  You specify the folder to share where your movies will be, and select SMB as the method.  You give the share a name, say wii, to identify it on the wii side.  Leave the Windows tab alone as you are not sharing with Windows.  I don't think you need it but I picked one of the user on the desktop as allowed user for the share folder.

On the Wii side you look for the smb.config file under apps/mplayer-ce/.
#Samba share1  (smb1:/) 
Add the share name you picked to identify the path of the shared folder.  The ip is you PC, typically 192.168.0.xxxx, depending on your brand of wireless router.  I also add the user name that I picked and his login password for Ubuntu.  This is probably not needed or wrong way to do it.  But that's what working after a lot of trouble shooting.

That is not all.  The firewall at the wireless router typically do not bother with network traffic within the LAN.  Unfortunately Linux has a good firewall itself.  The Wii, and anything else, is not allowed to connect into Linux.

Messing with the Linux firewall is messy.  But there is firestarter, that I am already using.  All you need to do is to set the inbound policy.  You set it to SMB/Samba at the drop down menu, and the firewall will open the ports.

Tuesday, August 16, 2011

Tips for bit-torrent clients in the cloud

Specifically, I use Transmission as the bit-torrent client, installed on free Amazon EC2 Ubuntu Linux.  There's no monitor in the cloud so I'm using the so called headless mode, or no GUI mode, or command line mode.

Actually the Transmission daemon runs forever, and except for the configuration, you never need to deal with it.  You can use the web interface via the browser on your desktop.

First you must configure Transmission on EC2 by editing the settings text file.  First you have to set the seeding ratio.  Many trackers require the ratio to be at least 1:1.  You must upload the same bytes that you download.  But still you can upload a lot more than you download.  This can be quite costly in EC2.

Transmission only honor the upload ratio AFTER download is completed.  Because EC2 is very fast, your download is fast but your upload is even faster, which can be by a few times if all your peers are slow.  So by the time your movie download is finished, you may have already uploaded 10 times the size of the movie.  You have to limit your upload speed.  100 kb/s seems to be decent.  If you set it too low, it will affect your download rates.

The download rate depend very much on the time of the day.  You save time when everybody in your region go to sleep.  The bit-torrent download could be a few times faster, and the download from EC2 to your computer could be twice.  But you don't save anything, except for time.

The free EC2 only comes with about 8GB of storage.  The BT client will hang because of out of storage space if somebody put together the whole season of TV shows.  On the web interface, you select the torrent and then select the file tab.  Just check the files you want first to be somewhat less than 8GB.  When you finish downloading, you pause Transmission.  Then you use remote copy or other mean to transfer the files to your desktop.  Then you delete the files on EC2.  Then you resume the torrent.  It's strange that Transmission behave exactly as if you haven't deleted the completed files.

You want to decide if you still want the movie file while the torrent is active.  VLC can read partially download files.  But it will be rather complicated when the file is on EC2.

When the download is completed, you want to decide if you want the movie and download in full to your desktop.  You can use a command line video editor to cut out a few minutes at random.  You can download these and watch before you decide.  You can use a command line video player to generate snap shot galleries for you to download and preview.

But it's simpler to just download the movie file using scp or similar.  Once you started downloading, most of the Linux movie players can play the partial files.  Even better, unlike bit-torrent partial files with pieces arriving in random order, you start playing the movie at the beginning while the rest is being downloaded.  This is like some sort of streaming.  If you are picky about movies, you may save bandwidth equal to the size of the movie.

Monday, August 8, 2011

Home made universal pet waterer

Upside down bottle type of waterer is basically a waste of money, unless your dog is large.  You are buying a big bottle or tank.  It amazes me that people actually use these things in the office.  I hate to change the bottle.

For pets that drinks less than a few liter of water, you can make a waterer in a minute, with things in your recycle bin.

All you need is to cut a hole near the bottom on a soda bottle.  Then put a bottle in another container such as a plastic coffee container.

The tube and cup is optional.  Without these your pet drinks from open spaces of the "coffee container".

The two pieces design makes it universal.  For large pets, you can use several soda bottles with almost fitting outer container, which all feed into a single drinking cup.

For small pets, you can fit a small cup inside the cage suitable for the size of the pet and the size of the cage.  The large soda bottle can stay outside.

Determining the optimal size and optimal placement of waterers also lead to 2 pieces design.

You want cups to be small to save space, keep water fresher or waste less water, reduce dust, and reduce other rubbish such as litter, food residue and animal waste.  On the other hand, you need some mass so your pet cannot topple the waterer. 

Soda bottle

You cannot use soft plastic bottles such as milk bottles.  They cannot withstand the atmosphere pressure and will be squashed.  Ordinary soda bottle will be tough enough.

You can use whatever means to make a hole, such as scissor or knife.  I drill a pilot hole using a plastic drill.  Then enlarge it using a wood drill.  Holes have to be at least 3/8".  Water will not come out of small holes at all.  A larger hole allows the water and air bubbles to flow more easily.  Water comes out and air comes in at the same hole, nothing you can do about that.  I enlarge the hole using a rotatory drill bit for cutting plastic.  But a scissor is as good as anything else.

The hole should be near the bottom to maximize the delivered water volume but enough water left to give the bottle and outer container some weight for stability.  The height of the hole is also one of the variables to adjust the water level.

You can just refill the bottle at the hole so make it in a convenient place, perhaps with a 2nd hole next to it for air to get out.

The cup

Any cup will do but there may be a lot of requirements.  It has to be the right size for your pet, can be fixed or cannot be toppled.  I use PVC under sink drain pipes with a U section.  Pets drink from one end and the "plumbing" at the other side.  You can glue or use all the other methods to fix PVC piping.

The tube 

As shown, you just need a tube, dipping into the outer container and the cup.  You don't need to do anything as long as the tube ends are under the water line.

I use 1/4" vinyl tubes for small pets.  I'm not sure if vinyl tubes are for potable water.  But 1/4 tubes for connecting to fridge ice makers are readily available, but not as flexible as vinyl tubes.  There are also PEX tubes surely for potable water, but I don't know how flexible they are at 1/4".  For larger pets, you may want to use 3/8" or larger tubes for faster refill.

The simplest way to keep the tube in place is to drill a 1/4" hole (for 1/4 flexible tubes) on the wall of the outer container and the cup, above the water line.  Then insert the tube through the hole into the water.  Of course you can always use clips.


The water level at the outer container and cup need to be aligned.  Otherwise the cup either overflows, draining all the water, or the water level in the cup is too low for the pet to drink from.

You can start by changing the height of the outer container little by little, such as using stacks of old CD/DVD cases.  Then you fix the cup, find some objects to replace the CD cases with the same height, cut PVC tubes as legs for a stand, or make an adjustable stand.

To start, you need to fill the bottle, raise the outer container up so the cup overflows.  This get rid of air in the tube.  If this doesn't work, fill the tube with water fully or partially, then insert into the outer container and cup.  Try again.

Refilling the bottle

When the cup cannot be refilled by the bottle, it's time to refill.  In this case, lift the bottle up will not spill any water into the outer container.  There's no water in the bottle above the water level line.

If there is water remaining above the water level line, some water will spill into the outer container and then into the cup, which may overflow a bit.  You have to lift the bottle swiftly and turn it horizontally so the hole is at the top.

Fill the bottle at the hole, carry it horizontally back to the outer container.  Turn it vertical and slip into the outer container in one swift maneuver.  It's easier than turning a water bottle upside down, and with less spills.  Kids can do it, which is the goal of the design.

As long as the ends of the tubes stay in water below the level line, the system will keep on working.


It's trivial to dismantle the whole system to clean.  You may even microwave all the plastics.

For some reason you may not want to dismount the cup from time to time.  It may be mounted at a hard to reach corner, or the dismounting need a lot of work.

To keep the water fresh, you may need to drain the cup after, say, vacation.  Fill the bottle nearly full.  You fill a short 1/4" tube (same size as the other tubes) with water.  Dip one end into the cup and drop the other end below the cup.  Water will drain from the cup and being replaced from the bottle.  Small particles will be sucked out of the cup.  For larger particles you can use a thicker tube.

To disinfect the system, I suggest to use perfectly safe H2O2, available in drug stores at 3% strength.  Drain the cup until the water left in the bottle and the outer container roughly equals the volume of H2O2 you want to add.  (A 50% mixture is often suggested for disinfection.) Then pour the H2O2 into the outer container.  Stop draining the cup when the water level in it starts to drop.  Leave the system for a while for the H2O2 to take action.

To rinse the system, refill the bottle to full.  Keep draining the cup until the water level in cup drops.  Repeat.

Sunday, August 7, 2011

The science and technology of wok

I have a few large woks and frying pans, all ruined, by wife.  The importance of wok is that, it could cure anorexia or the early development of it.  My small kid would eat everything that comes out of the wok, but will make a lot of diplomatic efforts in order not to eat other things.

It was time to replace the wok, actually deep frying pan.  It was always time.  With all the negative news about non-stick pans, our well scratched non-stick frying pan seemed to be a health hazard.

I went to Target with all the beautiful cook wares.  It was a mistake.  I would think that they would have come up with a safe non-stick now.  So I brought a non-stick frying pan that seemed to have an indestructible non-stick surface.  They always claim that on infomercials.

The non-stick surface didn't come off this time.  Perhaps wife didn't use a steel spatula to scrub on the food stain.  But food stain did get on the side non-stick surface.  We use intense heat, otherwise it wouldn't be stir fry.

That didn't bother me a bit, except that when the pan is heated, small brown bubbles will come out on the side like boiling.  It's the same whenever we wash it, and then heat it again.  I'm not worried if that's food residue like soy source, that we used a lot.  But I'm worried about other chemicals.

So this IS time to get another wok.  From my research last time, I know it have to be a case iron wok.  (Wrong)  Just that Target and most cook ware shops don't have it, at least not in the form of a wok or practical frying pan.

A wok with a flat base is basically a deep frying pan.  A round normal wok is perfect if you have gas (gasoline, propane).  For electric and induction you need a flat base.  But a flat base wok is not really a wok.   And in the western world, you need a wok ring as a stand for the round bottomed wok.

You choice of material is cast iron and carbon steel (and stainless steel).  You don't want any coating on the inside or the outside.  They don't last, can't stand intense heat, or they just want more of your money.

I made the silly mistake that cast iron is iron, and carbon steel is steel.  I have enough stainless cookware.  Each and every one have food stains on it.  Wife prefer to fry in pots without the oil splashing around.  The good thing about stainless steel is that even with a lot of scrub marks, the outside and inside looks decent, except for the spots with food stain on it.  You can remove stains if you try hard enough, and there are chemicals to do it.

Obviously stainless steel is not a replacement for non-stick.  I'm sure cast iron is the nearest thing.

Basically everything is steel or everything is carbon steel.  The least refined steel is cast iron, iron with carbon content > 2%.  More refined is carbon steel with less carbon content.  Stainless steel is steel with chrome added so it will not rust.  The lesser the amount of carbon, the harder is the steel.

The confusion with cast iron is that traditional western cast iron cook ware is very different from traditional Chinese cast iron wok.  Western cast iron is thick, rough surface and I bet very non-stick.  Chinese cast iron wok is not a lot different from a carbon steel wok in appearance and weight.

My explanation can be that western cast iron has higher carbon content, so they are more brittle and hence it has to be thicker.  And the high carbon content cast iron is suitable to use sand mold to cast the shape of a frying pan or wok.  Chinese cast iron wok has lower carbon content, hence stronger.  I think they are made like pressing on a piece of red hot iron into the shape of a wok.

You can dismiss western cast iron cookware if you want Chinese style stir fry.  They are good for what they are designed to cook traditionally.  And I bet they are really non stick, because it doesn't matter if there is any stain on it or not.  It heat up slow and is heavy.

So basically it's steel with varying carbon content, and the high carbon content "cast iron" are at the cheaper end it cost to reduce carbon content.

"Carbon steel" heat up faster, harder and in general thinner, lighter.

Basically that's all academic.  It does not make that much difference if you fry on occasion or even daily, as opposed to in a Chinese restaurant.  A piece of iron with 2% or 1% carbon do not make that much of a difference in a family setting.

A a piece of machine made piece of iron cannot be fragile.  If you do not use your wok as a fighting shield, a cast iron wok is fine, which could still last a lifetime, what Chinese expects of their wok.  And it's only $10.

Stronger carbon steel can be made thinner.  It heats up faster and weight less.  The weight is important as the smallest wok is some 13" diameter up to 16 or larger in restaurants.  It will be your largest piece of cookware so you decide what weight you can deal with, on and off the stove, hanging it up, putting it in the cabinet, hand washing, etc.

For carbon steel I would go for those hand hammered.  I bet the purpose is to make it thinner.  It only cost a little extra.  They have steel and they have labor.  You just can't compete.

Now the only other consideration is seasoning.  Before use, you have to oil it and burn it to give it a protecting and non stick surface.  Many people seemed to worry about it, doing it wrong.

In iron age terms, you are adding food stain to a weapon, to use in a kitchen when you are not fighting.  You just can't do it wrong.

I suppose higher carbon content cast iron have a rougher surface and holds food stain better.  Food stains come off in stainless steel pots, so people are worrying that "seasoning" come off easier in carbon steel.  That's laughable.  No body worries about food stain coming off too easy.  You can always reapply.  But in normal use food will always stain your wok.

The worry is that food stain will become too thick, and come off in blocks, making the wok surface uneven. But you can deal with it one way or another, or all by itself.

Please don't say that "I need to toss it" unless you are a Chinese cook, or intended to be.  It only happens, perhaps, in kitchens in Chinese restaurants.  It's a hazard to do it in your own kitchen.  So it doesn't need to be that light, and don't need a long and strong handle.

The most practical handle is the small loop ones holding securing with two rivets.  That's indestructible and most space saving.  If you want to move it when hot, you can just use two wet washing cloth.  Don't move it while cooking, and you don't need to.  A long handle may break at the welding point, and wooden handles are silly idea, unless you can replace it.  Though the whole thing is rather cheap - a piece of iron.

If you have rust, that means your food stain is not good enough.  You can just scrub off the rust and food will find it's way to stain it.  The wok is iron and rust is sort of iron oxide, stable compounds what wouldn't do anything to your body.  These will just pass out straight away.  You won't get iron supplement either - they have to be in soluble ion form.

Now they are teaching home cooks to stain their cook ware with food, and how to make them stay.  And not to use soap to wash woks.  How lovely.  But wife and many home makers have obsession with removing stains.  That will education them good.

Surprisingly, even Chinese supermarkets don't sell authentic woks as used in Chinese homes for ages.  Perhaps they are too cheap, from $10 for cast iron to $20 for hand hammered carbon steel with a steel tossing handle.  You can find the Wok Shop selling woks online for at least several years.  There's no other competition.  They are in San Francisco China town.  So you are mostly paying for the postage.  If you are on a road trip there, this is your gift idea.

Thursday, August 4, 2011

Protecting your files in Ubuntu Linux - encryption

I always use Truecrypt to protect my files in Windows.  When I moved to dual boot with Ubuntu, naturally I used Truecrypt too.  The lovely thing is that I can even use the same encrypted profile for Firefox.  Only that extensions and plug-ins using native compiled code will not work.  But those are not much.

Now that I didn't return to Windows for months, I'm was looking for something better in Linux.  And yes, ecryptfs for Ubuntu.

Truecrypt is a block device.  You give it a drive, partition or file, it does whatever it likes, and implement it's file system on it, though Tc implements the same files system such as FAT or NTFS.

I never wanted to encrypt whole system, too risky if I didn't buy a new computer and start from fresh.  Partitions are too troublesome because I had too many inherited from hush jobs of upgrading the hard drives a couple of times.  So I use only large files as containers.

From a few to 30 Gb files, they fill up sooner or later.  You end up with a couple of large files where you can fit them in, or you have to make bigger and bigger drives and setup things all over.

Truecrypt turns out to be quite reliable.  I had crashes because the encrypted profiles I am constantly using.  The file container became unreadable.  Luckily Tc comes with it's own fix disk utility, very much like that in Windows.  So I can fix my old FAT and NTFS containers even in Ubuntu.  I used old FAT for a reason because they are old and contain less traces.

ecryptfs is integrated into Ubuntu, which comes with a Private directory that is not initiated.  All you have to do is type in a terminal:


I didn't remember if I used this but here it says it will ask you for your login password, and generate a passphrase for you if you leave it blank.

That is it.  After you login in (with password), automatically you can access your encrypted files in Private as if they are unencrypted files.  When you logout or power down, nobody can in theory access your files without your passphrase.

There are tools to migrate ecryptfs to your whole home directory and even the whole system.  But it looks too risky for me.  Not that I know ecryptfs is risky.  They way I do it will be risky.  You will never know after upgrade from hard drive to hard drive and OS to OS.

The advantage of ecryptfs is that it's not a block device.  It's a layer on top of the file system.  So you do not need to allocate space for the container.  the Private directory will grow just as any other directories.

Another critical feature of ec is that you can backup the encrypted files in .Private.  This is huge for incremental backups using existing tools.  Using Truecrypt, you have to copy the whole 30 Gb container everyday.   Or mount the original container and then a backup container and then backup incrementally.  Then unmount both after.  In Linux you can just about do it without operator intervention, that is, while you are sleeping.  But storing your passphrase somewhere in some form opens up chances for attacks.

The bad thing of Truecrypt is that you have to enter your passphrase every time you mount.  So it's at least two passwords, one for login and one for Tc.  It is even more troublesome in Linux.  Because mounting is a privileged action, you need to enter your login password again every time.  So there is less incentive in dismounting and mounting secret containers repeatedly.  For ecryptfs, you only need to login once, the rest is automatic.

Encrypt Arbitrary Directory

Now of course you want to use folders other than Private in your home directory.  Say I want to store something encrypted in my massive external drive.  First of all, you may have the impression that ecryptfs only works on Linux file systems.  I'm sure my external drive comes with some Windows format like NTFS, which is compatible with Linux, with or without ecryptfs.  Though they don't call it NTFS in Linux.

The bad is that if you use any folders other than Private, mounting during login is not automatic.  You can do it automatically but you probably don't want to.  And it's conceptually simple to mount manually and dismount whenever you want to.

To setup any folders, it is:

mkdir /home/myusername/secret
mkdir /home/muusername/.secret
chmod 700 /home/username/secret

You can use any folder on any drive with Linux compatible file formats.  To mount it:

sudo mount -t ecryptfs /home/myusername/.secret /home/myusername/secret

ecryptfs will ask you for a passphrase.  Use defaults encryption parameters if possible, otherwise you have to remember it or be screwed if you don't remember them.

It will ask you for a passphrase for the filename encryption.  The default is derived from the mount passphrase, something to do with signatures.  So if you don't enter anything, all you ever need to recover data is your mount passphrase.

The mounting command is the same for the first time or not.  So next time you will want to put the command in a script instead of entering all the parameters again:

sudo mount -t ecryptfs /home/myusername/.secete /home/myusername/secret -o key=passphrase,ecryptfs_cipher=aes,ecryptfs_key_bytes=16,ecryptfs_passthrough=no,

Those are the default parameters except enable filename crypto.  If you don't encrypt the filenames sometimes it's as good as not encrypting.  Say if the filename is the official name of a song or movie, people know the content already.  It should not be difficult to proof what the encrypted content is.

To disable access to the decrypted files:

sudo umount /home/myusername/secret

You can do the same for Private without logging out.


It should be noted that when the decrypted files are mounted, they are accessible to everybody according to the file system modes.  Basically it's according to

chmod ugo+rwx file/directory

That means user, group, and others can be given read write or execute access.  So you are not protected from system admin and it would be extremely hard to.  He can get you one way or another.  But it's all academic as Ubuntu is designed for personal computers and now portables and notebooks.

The only thing to worry about is malware that you may have downloaded, and execute itself with your own privilege.  It's 100 to 1 chance you get it in Linux, based on the number of users.  Also you should only install software in the list of official depositories.

File recovery

Normally, all you need is your encrypted files and your passphrase, called the mount passhrase, which is the encryption key.

For auto-mounted Private, there is a complication.  You login password is not the key.  Your mount passphrase may be entered by you or automatically generated, in which case you don't even know about it.  For automount the mount passphrase has to be stored somewhere.  It's encrypted by your login password and stored in a file called wrapped passphrase in ~/.ecryptfs

To be sure you can decrypt any files, you need to store the plain mount passphrase
somewhere.  To get the plain mount passphrase:

ecryptfs-unwrap-passphrase /home/username/.ecryptfs/wrapped-passphrase

I print out the passhrase, put it in a secure sealed envelope, under the bottom of the tray, in a fire proof lockbox.

You can copy the whole .ecryptfs directory into a USB drive, an SD card and put it in a safe place.

Even with the complications, changing your login password is safe, all the other stuff are automated if you use the normal password change GUI or command. Admin can change your password but he will break the system. Without your old password, he should not be able to rewrap your mount passphrase.

Multiple passwords

If you mount the same directory with two passwords, you should get two sets of encrypted files.  It somewhat fit my two password three type of containers system, depending on whether they need to be backuped or not.  So I can put files together that needed to be backed up.  So there's two password, two containers, but still three types of files.

Tips: start from empty folders and copy things into it gradually once you are familiar with it.  For example, if you type in a slightly wrong password by mistake, you will think you screw up everything.

Protect swap space

Now it is a total solution as ecryptfs can protect swap space too.  Though by nature hibernate and that sort of thing that need disk space will not work.

When you are multitasking, applications each take a lot of memories.  For the inactive ones, their memories are swapped onto disk space to free some for other applications to use.  Because swap spaces are not encrypted if you did not install systemwise encryption, files or their fragments may appear on the swap space.

This is particularly important if you edit your active clients file everyday.  If you have some secret file to hide without accessing it for months and years, you can ignore this.

The developer now understands that you have to have some easy to use total solution, or few can use it, no matter how official it is.

You need to install something extra:
sudo apt-get install ecryptfs-utils cryptsetup

and  that's it:
sudo ecryptfs-setup-swap

You can check as in the link above that your swap space is changed and encrypted.  I did everything without any problem so far.  And didn't notice any speed penalties, except for copying movies files - that's about 7 Mb/sec on slow external disks.  Watching is no problem.