Ruminations on the Digital Realm

Jan Stedehouder

Archive for the month “September, 2007”

PC-BSD Day 25: Updating the system

I was getting annoyed by the long string of error messages pointing to second or third digit dependencies that weren’t met. For a freshly installed PC-BSD system I expected it to be a bit more up to date. One could argue – as is done in the PC-BSD forums- that this version of *BSD is meant for desktop users who should restrict themselves to using the PBIs and leave updating the system to the Online Update Manager (Settings -> Software & Updates). At the same time the Quick Guide does explain the packages and ports systems to install new software. But how do you keep PC-BSD in sync with the developments in those two systems, when -as I experienced- installing packages is accompanied by error messages and broken installs and the Online Update Manager tells me the system is up to date?

Checking the PC-BSD forums

How would the current group of users deal with this issue? For that I went to the PC-BSD forums and searched to any clues on how to update and/or upgrade the PC-BSD system. I must say that the overall picture isn’t heart warming nor encouraging. Upgrading from 1.3.4 to 1.4 is not recommended. Upgrading from a 1.4 beta release to the final release is not recommended.

What does the FreeBSD handbook say?

Chapter 4.5.4 explains how to upgrade the ports with various tools. The portupgrade utility is a command line tool with which you can upgrade the entire system or just an application. It is recommended first to run the #pkgdb -F instruction to fix any problems in the package database. The portupgrade instructions can look like this:

# portupgrade -a which will update all outdated ports on the system
# portupgrade -aP which will update all outdated ports on the system and use a package instead of a port if one is available (saving a ton of compile time)
# portupgrade -R firefox which will update Firefox but first will update all the ports required by it.

Another tool that can be used is portmanager. With # portmanager -u the whole system will be updated.

And what about the GUI tools?

I have the DesktopBSD-tools installed on my system. One very annoying problem I encounter is the message that there are conflicts in the package database, but no real information on how to fix this. Fortunately, I found this thread in the PC-BSD forum. Anyway, I opted to update all the outdated ports and DesktopBSD-tools started to handle them. It took somewhat more than an hour and -sad to say- this again showed a long list of errors and unsolved dependencies.

The unavoidable comparison

For most of the time I want to test PC-BSD on it’s own merit and not compare it to -for instance- Ubuntu Linux, but today I couldn’t really avoid it. I am spoiled by Ubuntu and the update utility. It tells me when new updates are available and then it is simply a matter of clicking the update icon and entering the root password. Dependencies are taken care of. I can do the same via the commandline, refresh the resources and update the whole thing. The graphical interface to update an Ubuntu box are simple enough for most desktop users. It’s that simplicity I miss on PC-BSD. Only when a desktop user stays away from the ports and packages he/she won’t notice the dependency errors, but then he/she is completely dependent on the PBI collection. At that point the benefits of the packages and ports are gone and would it be wiser not even to mention it in the quick guide anymore.

And at the end of the day…

I didn’t have a graphical desktop anymore. My LCD tells me that the input is not supported and running the wizard (option 6 from the bootloader) didn’t solve the problem. My my. I guess something went seriously wrong.

PC-BSD Day 24: Time to pay the bills

It’s that time of the month again. My employer is so kind to send the monthly reward for my hard work and I am so kind to send most of it to the ones that want a part of that money. It’s that brief albeit virtual moment that you actually feel you own something. This brief moment needs to be captured into some decent software, which is why I took a look at the various programs available for handling your finances.

KMyMoney

PC-BSD uses the KDE desktop as a default, so it makes sense to have a look at the K program for personal bookkeeping: KMyMoney. And -to be honest from the start- I would also use it on any other desktop. After launching it you select “Setup a new KMyMoney data file” and follow the steps in the wizard. First you enter your personal information and then you select the default currency. The next step allows you to select a template for the accounts. There are 8 different templates, one default and seven localized.

The taskbar on the left gives access to your accounts, the institutions you do business with, the categories to keep track of where the money went. As with many K programs the right mouse button is your friend to add and edit items in the various screens. You can import Quicken files and GNUCash files.

GNUCash

GNUCash Finance Management is the behemoth of financial desktop software. Installing it on a fresh PC-BSD box brings you a ton of dependencies like Firefox and GOffice. When I saw the enormous list of second and third digit dependency error messages flashing by I was worried GNUCash wouldn’t even run, but it did anyway. GNUCash doesn’t have a wizard but a druid. The difference? Beats me, it does the same job as the wizard. It might make a difference in an RPG, but not while setting up a new set of accounts.

The druid helps to select a currency and then you have to choose one of the template sets. You have a template for business accounts, a simple checkbook or common accounts for the most of us. The next step is where you have to come clean with yourself. How much money is in each account.

GNUCash is a very powerful program that strictly adheres to bookkeeping guidelines. Personally, I found it a bit too powerful and complex for my taste and use. However, it does hold it’s own against it’s proprietary brethren like Quicken or Microsoft Money.

Eqonomize

If you need a somewhat smaller program, just to keep tracks of the money, Eqonomize might be of use. The interface is similar to KmyMoney, but the accounts are somewhat simpler with fewer categories. Adding or removing accounts and categories is easy enough. There is one drawback to Eqonomize: it is setup to use dollar accounts only.

Homebank

Homebank is like a blank slate which you can edit to your own liking. There is no standard template of accounts. It’s up to the user to add the accounts, the payees and the categories. The program has been well maintained, but it is funny to see that in the preferences you can still select the Euro options and the original exchange rate.

Grisbi

The last program I wanted to look at was Grisbi. It’s one of the better financial programs for endusers under Linux. Grisbi also has a complete set of accounts in Dutch, which makes it somewhat more attractive for me. The interface needs some work as often the titles of the columns are invisible.

On PC-BSD it was the only program in this category that didn’t end up in the menu. It is a Gnome based program, but so is GNUCash and that program is in the menu (along with it’s icon). The program runs fine when launching from the command line and editing KMenu to have a Grisbi entry shouldn’t be a problem.

Conclusions

This is only a brief look at the various programs in the finance category that are available for PC-BSD users, but it does show that there are no problems with handling your finances via this desktop. Whether the programs cooperate with your online banking depends heavily on the bank and the protocols it uses. For local financial management there is no reason to hold of moving to PC-BSD.

PC-BSD Day 23: Installing PC-BSD 1.4 final and a first look at the games

Today I started with a final attempt to install PC-BSD on a physical hard drive. This disk I know is good and has been working up to this day without so much as a hickup. Sadly, again I was confronted with error messages and no PC-BSD install. Not a good start and a major disappointment considering I must have installed dozens of Windows, Linux, BeOS and QNX versions on this collection of hard drives. Since I did not see an outcry of complaints in the forums about this problem it must be on my end. Maybe PC-BSD doesn’t like the swappable hard drives, maybe there is another conflict. At this time I wanted to call it quits with the physical install and finish this series with the virtual install only.

PC-BSD in all it’s glory

Then there was Gustavo’s suggestion. Maybe it were the aperture settings for the graphics card. I have a nVida N6200 256 Mb card. Following the suggestion I went to the BIOS and changed it to 128 Mb and AGP 2x instead of 4x. After that it was a matter of selecting the proper nVidia driver and there it was: the PC-BSD desktop from a physical hard drive.

One of the first things I tested was Compiz Fusion. I’m a sucker for eye candy and though I don’t want to have it enabled all the time, it does make working with the computer more pleasant. Compiz Fusion simply worked. The rotating cube was there and all the effects. I selected on of the included Emerald themes and the desktop looks amazing now.

Gaming under PC-BSD

This solution makes it possible to write something about gaming under PC-BSD. The ports collection reveals an interesting collection of games, most of which should be familiar to the Linux gamer. There is the set for the casual gamer like the various Tetris clones, card games and some arcade racers. My personal favorite Neverwinter Nights is also there. It isn’ t a native version but the Linux version. This can be done by using Linux Binary Compatibility (chapter 10 of the FreeBSD handbook).

What other games makes use of LBC to run under PC-BSD? I found America’s Army, Darwinia, Defcon, Doom, Wolfenstein: Enemy Territory, Quake III and Unreal Tournament. Just like under Linux First Person Shooters appear to be supported the best. There are Free-BSD ports for Alien Arena, Open Arena, Sauerbraten and Nexuiz. You want to play your favorite shooter with some friends, but also want to run a FreeBSD server? It should be possible considering the string of Halflife server packages or Star Trek Voyager: Elite Force packages. Add FlightGear, TORCS and Boswars to the mix and you have a fairly complete gaming environment to spend a few hours. And I thought I was fragged for not having a physical install. Good thing the community was there to come to the rescue.

YES! My new book about Ubuntu Linux is hitting the bookstores.

ProbleemloosOverstappen It finally arrived. Today I got a box with the first five copies of my new book entitled “Probleemloos overstappen op Linux”, translated “Switching to Linux without problems”. The book aims to help W2L migrators and guides them through the various steps of securing crucial data from the Windows installation to installing Ubuntu Linux on the computer and acquainting them with a large collection of applications. I believe we (Dennis Leeuw and myself) succeeded in writing a book that takes the daily experience of the Windows users as focus and from that point explain the strengths and challenges of using Linux every day.

Of course, such a book can not be written without the help of others. I like to thank Gijs van der Poel who has been our mentor and coach throughout the process and who took care of the many mundane aspects of dealing with the publisher. Jos Herni, our co-writer who had to leave the team but continued supporting us with encouragement and the vast experience he has build up in using and writing about Ubuntu Linux over the years. And then, of course, the proof readers who had to wrestle with the rough drafts of the book: Ivo Jossart, Hans Lunsing, Toine Koops, Kees van der Staak and both Gijs en Jos. Finally, the team at SDU/Academic Service. I wonder whether there were times they thought it might have been a better idea to be involved in another project.

And, one thing we can not and should not forget in the realm of Linux and open source. This book couldn’t have been written without the long and relentless effort of the thousands of hackers, coders, programmers, howto writers and active users who are responsible for a great operating system and immense collection of valuable applications. We can only hope our book honors your hard work and make a contribution to a wider use of Linux.

PC-BSD Day 22: From a virtual to a real hard drive… and back

Up to now I have been using PC-BSD on a virtual box. That’s not really a problem provided you have enough RAM for both the host and the guest operating systems. On a side note:the FreeBSD handbook made it clear that it is possible to use FreeBSD as a guest OS, but not yet as a host. On the website of PC-BSD you do find a link to Win4BSD, which should allow you to run a virtual Windows box. In order to test that I wanted to install PC-BSD on a real hard drive. That would provide the proper environment to test out the eye candy features and the gaming abilities for a later article as well. Plus, I needed to get the final release of 1.4 up and running.

Going from drive to drive to drive

I usually have more than one experiment running at the same time. Most of the time I use a virtual system to install and test some Linux distribution of the day. And I have a small stack of physical hard drives with a swappable bay for easy switching. Needless to say the side of my box is open for easy access to plug in new hardware. The disks are not the latest of the latest, but they all work. Why the explanation?

Well, I took the first drive, put the PC-BSD cd in the drive and rebooted. The graphical installer would launch and I went through all the steps. An attempt was made to create the partitions and then a long string of attempts to install packages passed by. Not enough space. Weird. Wouldn’t a 40 Gb drive not be sufficient?

Okay, then another drive which was happily using CentOS before this attempt. Nope. Same problem. Not enough space to install PC-BSD. At this point I started to get both annoyed and curious. I took a closer look at the messages that pass by when you fire up PC-BSD. It did give some DMA related warnings (FAILURE – READ_DMA status=51 error=84 LBA=0)

The third drive was loaded into the computer and the reboot didn’t reveal any error messages this time. I could finish the install without any warnings or glitches. Time for a hypothesis. Apparently Windows or Linux are less fickle about the quality of the hard drive they are installed on. PC-BSD does a check and when it fails at a point it simply stops. Either you take a good hard drive or you don’t get *BSD. Makes sense, but some information on why it failed would have helped. Anyway, I had my hard drive with PC-BSD. Or so I thought.

Rebooting the system brought me to the bootloader and the boot process, but along the line noticed an error message flashing by and a warning the system would reboot in 15 seconds. And again. And again. No doubt some hardware conflict is preventing PC-BSD to boot normally. However, after three attempts I didn’t feel like digging into the error message (couldn’t allocate kernel virtual memory), going online to check it out and try to fix it. After all, this is a regular working day and there are other things to do. The virtual box will have to do for the next few days.

PC-BSD Day 21: the bleeding edge of PBIs and what's the jail got to do with it?

I have discussed the PBIs a couple of times already, but there is one element that deserves some attention. The PC-BSD forum has a separate section for PBIs that are under development, let’s say the bleeding edge of PBIs. The list of available packages isn’t particularly large, but I found a few items that do prove some creative uses of the PBI system.

Getting Firefox and Flash 9

One of the problems I had was to use websites that require Flash 9 (see Day 17). Even the final release of PC-BSD 1.4 comes with Flash 7 support ‘only’. Going over the PBIs ready for test I found an integrated Firefox/Flash 9 package. What does it do? It installs Firefox under Wine with Flash 9 support. Excuse me?

Yep, the PBI uses a Windows version of Firefox and makes it run under PC-BSD with the help of Wine. That’s even a step further that the suggestion I got to use the Linux version of Firefox that is available in the ports collection. I don’t know about you, but I found this pretty ingenious thinking.

This install of Firefox doesn’t conflict with other versions of Firefox on your box. As the comments with the package show, the screen fonts do need some working (though I have seen far worse). The good thing is that it just works. The websites I used for testing Flash 9 support can be used in all their glory. I must say that FirefoxWine feels a bit sluggish, but this PBI is a very simple solution for a real life problem. Hopefully it is only a temporary solution until full Flash 9 support comes to PC-BSD.

Learning to know the inside of jails

The second package that drew my attention had the tantalizing forum title JAIL TEST- SQL-Ledger book-keeping web based software. The description is as follows:

Yesterday I made PC-BSD Push Button Installer (PBI) self-contained sql-ledger installation in jail with apache, perl, postgresql- just have to launch it with doublecklick and press next button- after less than minute you’ll have fully working web server with accounting system.

Whoow! Slow down there. SQL-Ledger is a serious accounting/ERP system. It’s not something an average end-user might play with, though if you are following a course in bookkeeping this is a very strong and complete sandbox to use. I also understood the last part about Apache/Perl/PostgreSQL. It’s a bit different from PAMP, but the general idea is there. It’s a webserver. But accounting and jail are two words people generally don’t want to mix, especially since it usually means your money has been send to some vague bank accounts in the Caribbean.

Fortunately the developer of the PBI package gave a brief explanation of what a jail is in the context of FreeBSD:

In case someone don’t know what FreeBSD Jail is:
1. Virtualization : Each jail is a virtual environment running on the host machine with its own files, processes, user and superuser accounts. From within a jailed process, the environment is (almost) indistinguishable from a real system.
2. Security : Each jail is sealed from the others thus providing an additional level of security.
3. Ease of delegation : Thanks to the limited scope of a jail, it allows administrators to painlessly delegate several tasks which require superuser access without handing out complete control over the system.
So, you can log into jail as user and su – to root (gain full admin privileges in jail). You can install/delete software in jail without touching host base system from where jail is started. Jail got it’s own base system and can see only it’s own processes- same restriction for host system- you can’t see what processes in running in jail without special tools.

The FreeBSD Handbook has a complete chapter about Jails and it’s part of the section that deals with security related tasks and functions. In short, jails are an improvement of the chroot environment. That’s a concept I am more familiar with since it is used to create custom Ubuntu DVD’s. With a chroot environment you still share resources with the host system. A jail further isolates the virtual system from the host system. As the book explains: a root in the jail can only perform critical operations in the jail, the virtual system, and not in the host system. The handbook then provides a step-by-step workshop that helps you to create your own jails and setting them up. You can create a jail with a complete FreeBSD environment or just with some limited services.

This article explains how a developer creates multiple jails for testing purposes. Some additional reading can be found here. I must say I haven’t tried it yet and I am still fiddling with the PBI package and it’s settings, but on a conceptual level I find it very interesting. It’s definitely something that I wish to try later this year after I got some more experience with FreeBSD based systems.

PC-BSD Day 20: Alternative desktops

KDE is the default desktop for PC-BSD. It is possible to install GNOME, but I ran into a few problems with that (no keyboard input possible and no window borders). One of the finer things about Linux and *BSD is that you can choose whatever desktop you’d like to work with (or even forget about a graphical work environment altogether).

But first: back to encryption

One other program that I stumbled upon was KGPG. However, when I installed it via pkg_add I got tons of dependency errors and left it at that. Strange enough it popped up during reboot and nested itself in the taskpanel. KGPG asked me if I wanted a secret key and gave some instructions on file encryption/decryption. I will give it try over the coming days.

Default alternatives

PC-BSD installs two alternative desktops by default: Fluxbox and TWM. What can be said about them? They are quite ‘ barren’ and not particularly interesting. No doubt they do well on less powerful desktops, but there are other graphical environments that can do a better job at that.

Getting new desktops

I made a shortlist of alternative desktops that I wanted to see on my PC-BSD box. The Enlightenment project is making some interesting progress. Xfce has become a very good and light desktop environment. And finally, there is Blackbox. Maybe I expect too much and am I plain lazy, but I like see a simple install that leads to a fully functional desktop. Ubuntu Linux has some great metapackages. You are an easy $sudo apt-get install kubuntu-desktop away from a complete KDE desktop. For Xfce you just use the xubuntu-desktop metapackage.

First, I installed Xfce with #pkg_add -r xfce which left me gasping for some air. Man, this was so 70s and completely unlike the Xfce desktop I know. A brief search through the ports collection revelead I had installed the wrong version. I should have used #pkg_add -r xfce4 to get the latest incarnation. Sad to say this install didn’t finish without error messages. Xfce4 required xterm-229 and xterm-228 was installed. When I finally logged in to the new desktop the friendly mouse was there. There was a brief flicker of hope when the desktop icons flashed by. But that was it. Once those icons were gone there was nothing. No menu, no icons, no quick access buttons. Just a blank screen.

Trying to get Enlightenment was stonewalled by a third digit dependency. The install of Blackbox finished without any errors, but the desktop needed some serious configurations to get access to all the applications.

No, this wasn’t one of the nicer experiments with PC-BSD. One could argue that it is enough to support one graphical environment well when you are focusing on end-users. KDE is a very powerful desktop environment. Still, it would have been nice to get an alternative desktop that actually worked.

The FreeBSD handbook again

The amount of information in the FreeBSD handbook still amazes me. It ranges from the mundane to the -for me at least- exotic. Chapter 8 deals with configuring the kernel, why it is important to learn to master this skill and then explains step-by-step how to do it. Chapter 12 explains the booting process. At least now I know where the term ‘boot strap’ comes from. The chapter 14 till 19 contain extensive information about increasing the security of your system. Just going over these chapters and learning to master the skills is an adventure in itself.

It reminded me about my early days with Linux. I bought a second-hand book on Unix (with a Slackware CD) and learned more about Linux from that book than from some other books that actually dealt with Linux. One advice for Linux users that want to acquire a solid skillset: download the FreeBSD handbook and start reading.

Note: this article was written based on PC-BSD 1.4 RC1. On September 24 the final version of 1.4 was released. From day 22 and onward I will use that final version.

PC-BSD 1.4 Da Vinci released

While I am still playing with the RC1 version PC-BSD released the final version. Along with it there appears to have been a make over of the website. One of the nice items is the section Migrate with some information about migrating to PC-BSD.

Well, this means I have to move on during the first 30 days series. I am downloading the materials as I write this and look forward to installing it later this week. For the rest: feel free to it and download it as well.

PC-BSD Day 19: Improving end-user security (day 2)

Vidalia and TOR

My my, this experiment took longer than I expected. Trying to install Vidalia via the ports collection didn’t work out. There were dependency issues with Qt-xx-4.3.1 packages while Qt-xx-4.3.0 were installed. That brought back some bad memories about the ‘old days’ under Linux. I still can’t figure out why a third digit update should brake other packages.

Anyway, I decided on sticking with the packages and installed TOR, Privoxy and Vidalia that way. For Vidalia I needed to install tor-devel instead of tor. Remember, I wanted Vidalia to have a nice graphical interface to setup both Privoxy and TOR. Unfortunately, this was one of those days. Launching Vidalia ran into segmentation fault 11 and then nothing. The good thing is that you can set up both TOR and Privoxy by getting into the configuration files. For one, I needed to ‘tell’ PC-BSD to run the two programs at boottime. This was my first acquaintance with the /etc/rc.conf file. I added two lines:

tor_enable=”YES”
privoxy_enable=”YES”

After that I needed to create two new directories that Privoxy badly wanted in order to work:

/var/run/privoxy
/var/log/privoxy

The third step required editing the config file in /usr/local/etc/privoxy. According to the TOR page the following line had to be added in order for TOR to user Privoxy in the proper way:

forward-socks4a / 127.0.0.1:9050 .

Finally, in order to make the use of TOR from within Firefox somewhat easier, I added the TORbutton extension to the webbrowser. That should do it. I thought.

The only thing I could actually get while browsing was the privoxy page telling me it wasn’t possible. I guess some more fiddling is required. When it comes to setting up TOR for the end-user I think we could call this a fail. Compared to setting TOR up under Windows and/or Linux the version for FreeBSD needs some work before it can be called userfriendly.

Drive and file encryption

One program I like for getting an encrypted drive is Truecrypt. The version for Windows is easy to install and to use. The Linux version is more cumbersome since there is no GUI included with the program. And -as I found out- there is no *BSD version for it. For good measure I tried to install it under Wine (it did install but wouldn’t launch) or compile it from source (no luck there). So, what other methods are there for drive and file encryption for FreeBSD/PC-BSD.

For starters, you can set up an encrypted swap space while installing PC-BSD. This is considered a good thing for laptop users. FreeBSD has the ability on-board to encrypt disk partitions and this is explained in chapter 18.16 of the FreeBSD handbook. The chapter discusses two methods, but -in all honesty- in kind of turned out when I noticed the phrase: Rebuild the kernel as described in Chapter 8.

This doesn’t mean file encryption isn’t possible. It is, but it requires command-line actions. I found references to three programs: bcrypt, mcrypt and ncrypt. Of these three I found ncrypt the easiest to use. The instructions how to construct the proper command-line to encrypt or decrypt a file are concise and easy to understand. The other two had quite cryptic messages (pun intended) before I could actually start working with them.

Anyway, the available methods are outside the reach of the average end-user, especially when he/she is trying to get away from Windows. On the other hand, if you are aware of the need for this level of security you’re not the average user anymore and you might even enjoy the command-line tools.

PC-BSD Day 18: Improving end-user security (part 1)

This week the so-called Big Brother Award, a price given to a person or organization that most threatens civil liberties in the digital realm, was awarded in the Netherlands to the end-users. We can blame organizations and government institutions for intruding on our online privacy, tampering with our digital liberties, but at the same time we litter the net with personal data and sensitive information. Yet, it is not so complicated to enhance our security with a few simple measures which I described in the article “Portable security for the practical paranoid” . Today I want to implement these features on my PC-BSD box.

Improving e-mail security

The first and last line of defense is the use of common sanity. Unfortunately, there is no way to install that, not with #pkg-add-r comsanity or with #make install comsanity. It would be nice -from a sysadmin’s perspective or when you are the one in the family that everyone calls when there is a screwup- if the computer would just show a message like: “You are showing irrational and insane behavior in the use of this computer. All system files will be erased in five seconds. Your personal files will not be touched and can be salvaged by someone who knows what he/she is doing. Otherwise… well, you asked for it”.

There are at least two things I would like to see in Thunderbird: an improved spam filter and the possibilitiy to encrypt my e-mail traffic. Spamato (needs java) and Enigmail (requires GPG). Installing Enigmail is a matter of downloading the appropriate .xpi from the website. The dropdown box shows there is a version for FreeBSD 6.x. After downloading you launch Thunderbird and go to Tools -> Add ons. Select the enigmail.xpi file and restart Thunderbird.

The new menu item “OpenPGP” is now visible. Selecting “Key management” opens the wizard that helps you to set it up and select the first key pair. There is no need to install GNUPG. After this you can sign and encrypt all outgoing e-mail.

Of course I was curious how KMail would do. You can set up encryption under Configure -> Security -> Crypto backend. There is no wizard and a ton of fields to fill with information. I think I will leave that for another day.

Spamato is a somewhat more advanced filter than the already well-working filters of Thunderbird. I installed the .xpi file and added it to Thunderbird. Under Windows and Linux I am automatically greeted by the message that it can’t find Java. No such message under PC-BSD. This doesn’t mean Spamato actually works. You still have to tell it the location of the correct java executable.

Anonymous internet

To be honest, I didn’t start looking for ways to cover my online tracks until I was confronted with a few websites that wouldn’t allow visitors from the Netherlands. In the past I could listen to music via the Pandora website. In order to sign up you needed a US-based zipcode (90210 anyone?), but nowadays the IP-address is the rat. Short of moving to the United States I found two ways to circumvent that barrier, methods for anonymous surfing: TOR and JAP.

Caveat Emptor (or, for non-literaty among us, read before you proceed): Anonymous does not mean secure. TOR is a peer to peer based proxy network where traffic is routed through various TOR servers before reaching it’s destination. Just about anyone can set up a TOR server and capture the traffic. So think before you start sending your credit card data through the TOR network. JAP provides a similar service and is located in Germany. The German authorities do not appreciate this level of anonymity and it is told the developers were forced to build in a backdoor. Chances are that German law-enforcement is listening in, so better select some decent music when you visit Pandora.

The online instructions at the JAP website ask to check the available Java version on your system. However, these instructions do not seem to work when you used the Java PBI package to get Java. It’s a matter of simply downloading the JAP.jar file and launching the program with #java -jar JAP.jar. Two windows appear, the main JAP windows and the JAP installation assistant. The assistant is pretty good. It tells you about the settings for your webbrowser and has instructions for a small collection of those. Simply put: you should change the proxy settings of your webbrowser to localhost and port 4001.

After applying the changes you are asked to run a few tests and fine-tune JAP based on the warnings you get. If you think websurfing has become too slow because of this you can try to select another free server or you can opt for one of the paid services. JAP does hide your IP from the site you are visiting, but that’s about it. Using it under PC-BSD is not a problem.

In order to get TOR I decided to use the install via the ports collection. When it comes to security I believe it is necessary to get the latest version possible. I also like to have a GUI, so I opted to install Vidalia. More on this tomorrow.

Post Navigation