If you asked for help on a new Windows 10 Laptop with Outlook 2016 cause the displayed Fonts unsharp or unclear
check Outlook Settings -> Advanced -> Display -> set „disable Hardware Acceleration“ for the Video Card !
or check the Subpixel Rendering of windows 10 go:
Search -> Clear Type Settings -> rerun all Dialogs -> select the best readable Window with Texts
Can be a Linux Problem too! Seen on some OpenOffice Setups!
Checkout if installed, the advanced Video Driver Software at System Settings or beside Clock Icons! (seen at ATI)
If you work on older Laptops and you use a Console only System Setup like on Debian there is a Bug on systemd and the console-setup package since years. After reboot all Font Settings seems gone. But the Settings are not real gone, cause systemd does not pull the settings on boot!
How to fix?
edit the crontab of root by
sudo su -
insert the /bin/setupcon command on „@reboot“ means on every boot!
@reboot /bin/setupcon > /dev/null 2>&1
save and exit, reboot now
now the PC should echo big Fonts for old eyes „Terminus 20×12 Frambuffermode“
If you share your Systems and you want to disable USB Drive connects there is a small solution. By default the gvfs Service handle all automounts and drive scans. On old Linux Systems you could purge the complete gvfsd „Backend“ but Ubuntu-Desktop forces some pakets to the default Desktop Package! If you purge it the working Desktop can be destroyed!
It’s easier to disable the „USB Drivers“ called Modules from load on Start! Cause Rules are „Software“ and can FAIL unknown!!
Howto? Edit the /etc/modprobe.d/blacklist.conf and add:
Update initramfs (Kernel Image)
update-initramfs -u -k all
Now try to plugin USB Sticks , they should now be ignored!
To enable USB Drives temporaily do:
$sudo modprobe uas
Now the USB Stick should be able to mount for root!
Advantage? No gvfs, org.freedesktop rules or package deps are touched!
Remark: On Laptops DISABLE all USB Devices for Security Reasons! There should now „Fake Keyboard“ or „Fake Mouse“ be able to enter the Systems!!! (USB Kill Sticks)
If you want to be more secure, on Linux you can isolate used programs on different Users! All you need is installed by default!
Add a new User for eMail and Browser to the System with:
$sudo adduser mailuser
$sudo adduser webuser
now install if not installed by default „gksu“ User Switch
$sudo apt-get install gksu
copy now the default App Links to webuser’s Home Desktop, for mailuser enter mailuser’s name
$cp /usr/share/applications/firefox-esr.desktop /home/webuser/Desktop/firefox-esr.desktop
edit the firefox-esr.desktop by right click on nautilus or a editor and change command line:
gksu -u webuser -w "/usr/lib/firefox-esr/firefox-esr %u"
save and exit
Now to test click on the Firefox App Link and a Password is asked! Enter the webuser password and you use Firefox on a isolated Account!
Do same for thunderbird eMail Client! that no bad Code can access your Emails!
Set the Home Folder rights for webuser and mailuser to 700 with:
$sudo chmod 700 /home/webuser
$sudo chmod 700 /home/mailuser
Remark: Same Technics available at Windows or other Unix Systems, alternate use VNCSERVER! a App to run Desktops inside Desktops!
Advantage: Programs run on isolated RAM Space!
You heard perhaps last day’s about the major problems of Attacks to Systems with the „WannaCry“ Crypto Ware
Howto protect yourself?
Enable the Firewall on Windows Systems!! Always!
Update daily the Virus Scanners and Windows Patches!
Disable and CLOSE Ports you never need! SMB Protocol is a open unencrypted Transfer Protocol!
Use a second Router with Firewall behind your ISP Router or Modem! (openwrt, pfsense)
Check with nmap Portscanner Tool the taken Rules and check if the work!
For Network Access use ALWAYS SFTP with Authentification over KEYs Logins (Two Factor: Key and Password for unlock the Keyfiles id_rsa)
For fresh installed Systems do a Full Backup of the Disk.
To Save your work files use USB Drives or USB Sticks which can be unplugged, if you don’t need them.
Backup weekly the Windows Disk to a external USB Disk 1TB sold for less than 50$
..last but not least use a Live CD of Linux like ubuntu to access the Internet..
The Linux Windows Share Service called Samba is also under attack
CVE-2017-7494 to fix enter smb.conf with a Editor:
nt pipe support = no
restart the Service with:
$service samba stop && service samba start
Don’t use reload, to be secure that the config is really reloaded!! A „systemd“ Problem!
Check the Samba Share for write and read access!
Major INFO 06-2015: Do not set tmpfs on ubuntu 15.XX or Systems with systemd!!! This block PC boot !!
If you want to setup a Ubuntu/Debian Laptop with a full encrypted HDD use a „alternate“ CD/DVD.
After Setup you have to change some little Parameters to extend the lifecycle of the SSD Chips
disable Swap if you have more than 4GB Ram
enable a RAMDISK with tmpfs for logs, caches of Browsers
install cpufrequtils for CPU freqscaling
install laptop-mode-tools to set powersave mode for hardware modules
install xbacklight to reduce backlight energy
open a Console and change to root user, enter „$sudo -s“ and password,
now we have to disable swap, edit with $nano /etc/rc.local and insert a „swapoff -a“ before „exit“
edit with „$nano /etc/fstab“ insert and set „#“ at line with older „/tmp“ entry :
tmpfs /tmp tmpfs nosuid 0 0
tmpfs /var/run tmpfs nosuid,mode=0755 0 0
tmpfs /var/lock tmpfs noexec,nosuid,nodev 0 0
tmpfs /var/log tmpfs noexec,nodev,nosuid 0 0
remove /var/tmp and create a symlink „$ln -s /var/tmp /tmp“
login as User to Config the Firefox / iceweasel Browser to use the RAMDISK as Cache with „firefox -P“ Command
delete the default Profile, create new named „ram“ and let the Profilemanager create the new Profile to /tmp
restart Firefox / iceaweasel with „-P“ option, now all is hold inside the RAMDISK!! (after a reboot all is History and Cookies are deleted!)
if you use other applications with CACHE do same with EVERY Applications (read the readme.txt of Apps)
Enjoy the new very secure Internet Laptop with builtin steal protection and secure private permanent browsing!
Current Laptops / PCs uses 16:9 Widescreen Displays and if you dont want to use Xorg (Gnome,unity,Openbox Desktops)
you can use on Linux Console the program called „screen“ it offers:
– Split Consoles horizontally and vertically
– disconnect the screen and let the scripts/commands active on remote Systems
– reconnect if the remote Session was broken cause network problems
On Gnome or unity you can use „terminator“
– manpage of screen
firefoxbook a free chromebook replacement – Screen after boot
A free Howto to get a free Chromebook Replacement: Called Firefoxbook
Everybody knows a product called chromebook, but you must not buy such a laptop with branded OS! Here is a small Howto get a similar Laptop with free firefox.
How does it work? Easy, the Laptop boots from Stick or CF-Card to RAMDISK, the firefox profile and cache is always new created at non permanent RAMDISK. The private Mode surpress cookie and other waste. Only the Window Settings are stored (Fullscreen/ F11). After boot the Internet is connected and Firefox is shown on Desktop.
All you need:
a Laptop, can be a older one, i prefer Thinkpads
a Wireless/LAN Card if not available inside
4GB USB Stick or 4GB CF-Disk with ATA-CF-Adaptor
Time to work
Tinycorelinux at CD source
Download Tinycorelinux and burn it to CD
reboot the Laptop on the CD to tinycore
open a Terminal and enter #sudo tc-install
reboot the Laptop and remove the CD
boot the Laptop on the USB Stick
check network connection
if not available plugin LAN cable reboot again on stick
or setup WIFI with the WIFI Manager
check internet connection again
NOW LETS MAKE SAFE!
if the Laptop is online install firefox with: #tce-load -wi firefox
NOW!! Create first a firefox profile on the RAMDISK!!
do run as tc user #firefox -P
create new firefox profilename „tmp“ locate it at /tmp
now run as user tc #firefox, close firefox!
edit now /opt/.filetool.lst with #sudo vi /opt/.filetool.lst
add „tmp/localstore.rdf“ line, close and save
edit as user tc #vi /home/tc/.setbackground
add line „sh /tmp/tcloop/firefox/usr/local/firefox-official/firefox –private“
save settings to USB Stick called mydata.tgz with #filetool.sh -b“
run #sudo reboot
Enjoy a Firefoxbook with always safe browsing option! On every reboot the old cached data are really lost cause the profile is always placed inside ramdisk and never on chip!
Do always reboot or shutdown without backup by menu, or push only the Laptop Power Button to auto delete waste at poweroff. Other Browsers can be used also (Opera).