Signal — What this app is and why we should use it

In a world of always-online, marketing, and advertising, what data of yours *isn’t* being tracked anymore? With Signal, you can take your text messages, group messages, and phone calls out of the equation and start taking back your privacy for free.

You may have heard of Signal, or seen the Signal icon in your phone’s respective App Store. But what is it? This well-built, open-source, and peer-reviewed app for your phone and computer can send and receive text messages and multimedia messages, group texts, handle phone calls for you, and more!

But this isn’t your grandma’s messaging app. There is something specific about it that makes the free app worthy of mention, and recommendation:

Privacy.

Ah, privacy. It used to be something we all had. However, with the rapid growth of a connected and online world, most people enjoy significantly less privacy than they previously did. Websites track you, apps send data about you to their developers, your purchase history, search history, web browsing history, and so much more is bought and sold by businesses around the world in an effort to better advertise to you — or accomplish more nefarious objectives. So…Signal?

Signal offers privacy that other messaging applications do not. Any phone calls or messages sent from a Signal user to another Signal user are end-to-end encrypted, making them very difficult for unwanted listeners/viewers to access. Beyond that, you can rest assured your data isn’t being collected and sold to the highest bidder since the only data Signal retains about its users is:

  • Unix timestamps for when each account was created
  • the date that each account last connected to the Signal service

You can read more about the data they store, and also examples of data they have provided when previously subpoenaed in this article.

Photo from CNBC

Signal provides a variety of optional features that we’ve seen claim popularity on other platforms (that are definitely tracking you and selling your data) such as:

  • Group messaging
  • Stickers, emojis, GIFs, and other animated graphics
  • Disappearing messages
  • Typing icon/notifications and other chat-like features
  • Customizable conversations and notifications per-conversation
  • Voice and video calls — including group video calls
  • Registering with your phone number instead of creating a complicated account
  • No cellular service required when sending between Signal users as long as you have WiFi (think like iMessage or Facebook Messenger, both of which may invade your privacy, especially given their companies’ history with data and privacy issues)

…and all of it can be encrypted and completely private. If all your contacts aren’t on Signal yet, that’s okay; it won’t get in the way of communicating with them. Signal handles regular unencrypted text, multimedia, and group messages just a quickly and elegantly as Signal messages.

Funded by grants and donations, open-source, peer-reviewed and audited, Signal is a best bet in maintaining your privacy while communicating.

You can get Signal for your device at these links as of date this article was published:

Android | iOS | Windows | macOS | Debian-based Linux Distributions

Give it a try! Getting started and using Signal is fast, simple, and secure. A best of all, it’s both private and free. Join me on Signal today! If you’re already a Signal user, or decide to try it, leave a comment below with your thoughts on the encrypted messaging service, what you like or don’t like, as well as any thoughts you have on the privacy issues surrounding our online world.


This article is not sponsored by Signal or any of their affiliates.

Featured image from dnaindia.com.

Print Server using Windows Server Core

Introduction

Many administrators are always looking for ways to simplify the required management of their environments, save on overhead, resources, etc. With the advent of Windows PowerShell and it growing to be a commonplace administrator utility in Windows environments, simple systems such as print servers no longer really require a full-fledged graphical user interface. Print servers are prime candidates to be hosted on the CLI-based Windows Server Core variant of Windows Server, especially where they are so easily managed through remote PowerShell. In this brief article, we’ll take a quick look at spinning up a core print server and some of the options available for administering the new server.

Spinning up your machine

Whether you are using traditional hardware for your server (a rackmount server, blade server,tower server/desktop PC) or a virtualized environment, you’ll first need to actually install Windows Server Core on your machine. For my environment, I spun up a virtual machine in my Proxmox virtual environment, but many may be using VMware, Hyper-V, or other solutions which will work perfectly fine.

Adding the features and roles to the server

Once you have Windows installed and your requisite network and domain configuration done, add the necessary services and features to the server:

Install-WindowsFeature Print-Services

This will install the Print Services role as well as the Print Server Role Service. No further configuration is necessary as far as the services and features go. All that is left to do is add some printers!

Administering the server

There are multiple ways to administer your new Windows Core print server.

PowerShell

Arguably the correct way to manage a Windows Core server, is PowerShell. Like other deployments, a print server is managable through the command line with general ease. Beginning with Server 2012’s Core version, there are many print management commands available to administrators.

As an example, we can configure a printer using just two commands:

Adding the printer port: Add-PrinterPort -Name "192.168.254.5" -PrinterHostAddress "192.168.254.5"

Adding, sharing, and publishing the printer: Add-Printer -Name YourPrinter01 -DriverName "HP Universal Print Driver PCL6" -PortName 192.168.254.5 -Shared -ShareName "YourPrinter01" -Published

VBS

An archaic option also exists. At C:\Windows\System32\Printing_Admin_Scripts you’ll find a variety of VBS scripts that can be used to administer the print server. But seriously, who is preferring VBS when we have PowerShell?

As an example, we can configure a printer using the following commands:

Creating the printer port: cscript prnport.vbs -a -r 192.168.254.5 -h 192.168.254.5 -o raw

Adding a printer on the above printer port: cscript prnmngr.vbs -a -p YourPrinter01 -m "HP Universal Print Driver PCL6" -r 192.168.254.5

Sharing the above printer: cscript prncnfg.vbs -t -p YourPrinter01 -r 192.168.254.5 -h YourPrinter01 +shared -direct -m "Default printer for HR" -l "YourDesiredLocation"

Publishing the printer to Active Directory: cscript pubprn.vbs \\printserver\YourPrinter01 "LDAP://CN=YourContainer,DC=YourDomain,DC=com"

GUI

If you really just can’t let go of using the graphical user interface just yet as you ease into command-line-based administration you can still get your hands on the GUI by executing: C:\Windows\System32\printui.exe /il

Additionally, on a remote machine, you can connect RSAT to your Windows Core print server and use the Print Management snap-in for the Microsoft Management Console to visually administer the print server.

But seriously…get comfortable with PowerShell. This is the way.

Conclusion

And, well, that’s pretty much it. There is certainly a more granular level of detail we could go into, but for the purposes of a general overview, I think that does it. Windows Core servers are quick and easy to spin up and an absolute breeze to configure if you are comfortable with PowerShell. In a lab environment, they can also be a great way to get more comfortable with PowerShell if you are just learning. Go ahead and spin up a Windows Core server in VirtualBox or your choice of virtualization bench and give it a try!

What are you using core servers for in your environment, and how do you like it? I’d love to hear from you in the comments below.


Additional Reading

Install Print and Document Services | Microsoft Docs

Using Server Core as a Print Server – Microsoft Tech Community

Proxmox Node Cannot Update Packages via apt-get

Problem

A virtualization host/node running Proxmox (whether clustered or not) will fail to update packages via apt-get and produce the below error messages in the task queue:

Environment

Proxmox Virtualization Environment (confirmed for versions 6.2 and newer) running the free/community editions without and enterprise subscription.

Cause

The cause of this issue results from not having a Proxmox Enterprise subscription/license. These errors are caused by apt-get attempting to procure updates from the subscription enterprise proxmox repository, but because the node or cluster does not have a valid enterprise subscription, the update fails and produces an error.

Solution

Access the shell for the node/virtualization host producing the error and run the following command:

cp /etc/apt/sources.list.d/pve-enterprise.list /etc/apt/sources.list.d/pve-enterprise.list.backup && echo -e "#$(cat /etc/apt/sources.list.d/pve-enterprise.list)" > /etc/apt/sources.list.d/pve-enterprise.list

This command copies the repository sources list, renames the original as a backup so the system does not use it, then comments out the line of the list for the enterprise repository.

Once this command runs successfully, you should be able to either (a) wait for the scheduled updates to try to run again or (b) manually search for and install updates using apt-get update/upgrade. Either way, no errors should be produced.


Additional Reading

https://dannyda.com/2020/06/19/how-to-fix-proxmox-pve6-1-26-1-7-update-failedfailed-to-fetch-401-unauthorized-task-error-command-apt-get-update-failed-exit-code-100/

How to Revert Node Certificates to Default Configuration in Proxmox VE

Purpose

The purpose of this document is to explain the steps necessary to reset and regenerate the state of the node/host certificates.

Assumptions

This document assumes you have a properly functioning Proxmox cluster with all nodes accessible on the network/via web browser. You’re replaced or modified any of the certificate or key files generated by PVE and now need to revert to the default state.

Step 1 – Cleanup existing certificate files

Delete or move the following files:

  • /etc/pve/pve-root-ca.pem
  • /etc/pve/priv/pve-root-ca.key
  • /etc/pve/nodes/<node>/pve-ssl.pem
  • /etc/pve/nodes/<node>/pve-ssl.key

The latter two need to be repeated for all nodes if you have a cluster.

If you do not repeat the latter two on each host, your issue will return.

Step 2 – Regenerate certificates

Afterwards, run the following command on each node of the cluster to re-generate the certificates and keys:

pvecm updatecerts -f


Additional Information

https://pve.proxmox.com/wiki/HTTPS_Certificate_Configuration_(Version_4.x,_5.0_and_5.1)#Revert_to_default_configuration

Fix “Cannot Start VM or Console Due to TASK ERROR: Can’t Lock File ‘/var/lock/qemu-server/lock-#.conf’ – Got Timeout”

Purpose

This document will delineate the steps necessary to correct an issue where you cannot start, stop, or open the console of a VM due to the following error:

TASK ERROR: can't lock file '/var/lock/qemu-server/lock-#.conf' - got timeout

Assumptions

This document assumes you have administrative access to the shell of the problem node, and that the problem node is available on the network.

Cause

This is often caused by a console session not closing out correctly or a hangup when moving between tabs of console sessions.

Solution

qm unlock ###

where ### is the unique VM ID of the virtual machine or container. If this does not work alone, safely reboot the host following use of this command.