just trying to find the answer…

Civilization V extra crashy on Linux?

I really do not play many games on my computer, but one game I play on occasion (and only on occasion, since it such a time vampire) is Civilization V.

The Time Vampire counts the hours you waste playing Civ 5… ah ah ah!

Unfortunately, Civ V is very crashy on Linux, and it seems to nail my CPU and fan while I am running it.

Until I fixed it.

Civ V is an OLD game, and wasn’t really designed to do multi-threading well. Civ is supposed to detect on first time start up your total number of available threads.

But it doesn’t. So you need to fix it.

The file you need to edit is in a hidden folder called .local under your home directly. Set your ‘Files’ browser to “show hidden” and you’ll see it.

/home/heinrich/.local/share/Aspyr/Sid Meier's Civilization 5/config.ini

The file is called config.ini. Open the file and look for this line:

; This is capped at runtime to the number of physical processors
MaxSimultaneousThreads = 8

The problem is, my CPU is a 6 core CPU with 12 threads. I need to change this number to 12.

If you need to know how many cores and threads your CPU has, enter this command in the terminal:

Your total number of threads is CPU x Threads per CPU. Change the number of MaxSimultaneousThreads to your actual max number of threads.

Save and re-start Civ 5. It should run now, and suck hours and hours of your life away.


Here’s one New Year’s Resolution you should keep

There has been more and more news about hackers getting into large corporations and stealing your passwords and personal data.

Everyone is guilty of using the same password for different websites. This allows hackers to try to hack various websites trying to dig deeper and eventually get what they want from you (money, information, personal data, etc…).

So, for 2019, have a security plan.
1. Spend the money and get a good password manager, like LastPass. I use LastPass as it supports Mac and Linux, but you can use any password manager you like.
2. Spend the money and get a security key, like Yubico or Google’s Titan Key. Using this key, the ONLY WAY a hacker can get into a site you’ve secured using this method is by having that hardware key. Google requires ALL employees have a Titan and they have had zero breaches using this.

Ok, I understand that this will cost you about $100, but it will save you a fortune in misery down the road.

VPN Protocols and WireGuard

In a previous post, I discussed WHAT a VPN is and WHY you need a VPN. If you missed it, it’s called, “VPN and you“.

So now that you know WHAT and WHY, let’s talk about the HOW.

A VPN Protocol is HOW the connection from you to the server is created and encrypted. It’s really important as this will determine how FAST and SECURE your connection will be.

Old and Useless Protocols:

  1. PPTP2: Written in 1995, it has been cracked by nearly everyone.
  2. LPT2/IPSEC: Written by Microsoft, LPT2 provides ZERO encryption and requires IPSEC for the encryption part. But even that is useless as it’s rumored that the NSA has cracked the encryption. The default port is UDP 500 making easy to spot and block if you’re in a country that actively blocks VPNs, like China or the United Arab Emirates.
  3. IKEV2: Another Microsoft classic, another NSA cracked. See a trend here?

Current Protocols:

  1. OpenVPN: An open source project, it has yet to be cracked and is considered the model of security. Most VPNs use this, as you can change ports, use UDP or TDP, and change encryption methods (but just don’t use Blowfish).
  2. RouterPro: This is only available as a JFIF applet installed on a customized firmware router and connecting to Astrill. Why do I mention this obscure protocol? Because when I lived in a part of the world where they blocked every VPN connection, and OpenVPN connections were unreliable*, this worked like a champ.

There’s a new protocol and it’s awesome:

This EXIT sign has a wire guard, shouldn’t you? 😉

WireGuard. WireGuard is a new protocol written using a fraction of the code that OpenVPN uses and even Linus Torvalds approves of the code. For a super deep dive into WireGuard, check out the Ars Technica initial write up.

I tested WireGuard at home and found it to 3x to 4x faster than my OpenVPN connection. It blew my socks off and forced me to re-think my VPN configuration for 2019.

You can even run WireGuard on your router if you have OpenWRT firmware.

As of this writing, there are only TWO VPN providers who offer the WireGuard protocol.

  • Mullvad. Based in Sweden, they offer a free trial for 3 hours. They are also the perfect choice if you are SUPER paranoid. Example, you can create an account with them, SEND THEM AN ENVELOPE WITH CASH and your account number, and you’re good to go. No names, no e-mail addresses, no paper trail. You can pay with Bitcoin, or credit card as well. They have very simple documentation on connecting using WireGuard. Mullvad also donates to the WireGuard project, so your subscription helps WireGuard (indirectly). While they cost a bit more, they offer 48 WireGuard servers to connect to, with 13 in the US and 2 being in New York. €60 Euros/$68 USD for a year.
  • AzireVPN. Another Swedish company, they also offer a “pay in cash” model for ultimate security. While they are less expensive than Mullvad, they only offer 5 WireGuard servers. €45 Euros/$51 USD for a year.
  • UPDATE: iVPN. They offer a three day free trial, have an easy to use app, and seem to have plenty of Wireguard servers. $100 a year.
  • You can roll your own WireGuard server on DigitalOcean or any other cloud computing host.

…and now for some bad news:
It’s still early days for WireGuard. When you connect, you will get a warning that this is still considered ‘alpha’ software. It’s not fully tested, could disconnect unexpectedly, and isn’t for people who are afraid of the command line. (this wasn’t my experience, but your milage may vary).

Eventually, someone may write GUI interface (could be me!) that will make this easy for everyone.

But I think we need to give WireGuard a try.

I wish everyone a safe and healthy holidays and hope 2019 brings you all the things you wish for.

* While OpenVPN was not initially blocked, Etisalat was clearly scanning for OpenVPN connections and terminating them whenever it found them. So you would make your connection, and 15 to 30 minutes later, it would terminate.

I’m rooting for Fedora 28!

Fedora 28 was released last week and it’s buttery smooth.

Many of the old issues with Nvidia graphics which required arcane spells and command line magic (which is the most powerful magic) to configure are GONE! Hooray!

Bizarrely, when you install Fedora 28 now, the user account is configured AFTER installation on THE FIRST boot up. Previously, everything was set up at installation, which I actually prefer.

Furthermore, root is not configured, meaning that UNLESS you set the root password, you won’t be able to wield ultimate command line magic.

But to set it up takes under 30 seconds. Ready? GO!

In the Terminal type:

sudo su -

it will ask for your admin/user password and you’ll get the “Spiderman” warning. Then type:


to set the password.



VPN and you.

VPNs are making the news and being advertised everywhere on the internet. If you are wondering WHAT a VPN is and IF you need one, this is the article for you.

What is a VPN?

The term VPN comes from the original use of the VPN as a Virtual Private Network.  Originally, the idea with this:

  • Bob works in an office.
  • The office has a network.
  • The network, for  security purposes, DOES NOT have access to the Internet.
  • Bob is outside of the office and needs to access the office network. He uses a VPN.

In this case, Bob connects to the office from home thru a VPN network appliance that sits in his office. He calls that network appliance and it provides a secure connection between Bob and the office. Bob is VIRTUALLY in the office and Bob has a PRIVATE encrypted connection and Bob can use the NETWORK.

DO I need a VPN?

You might be thinking, “Wait, I work in a flower shop, not an office, do I need a VPN?”

Yes, you do my florist friend.

After a hard day of floristing, you come home and connect to the Internet. You go to all your favorite websites and do all your favorite things. But there is a log of all those activities that resides with your internet provider. They can sell that log, sell your information to third parties.

Maybe you visited a website like, “Revolutionary Florists” by accident, or just out of curiosity. These guys advocate that only florists should be in power. Guess what? You just got your name on a watchlist.

Maybe you, in a moment of weakness, downloaded via Bittorrent that Japanese animation about that girl in high school who saves the world from alien demons by yelling at them? (ok, I just described every Japanese animation of these last 20 years). Well, the company and the lawyers of that Japanese animation can come after you. It’s really happened and people have had to cough up serious money.

Maybe you live in a country where all Internet access is very closely watched.

Maybe you work at a company who monitors your internet usage.

The simple fact is, if you want to look at the Internet without care of concern of who is watching you, you need a VPN.

If you value your privacy, you need a VPN.

VPN the nitty gritty.

How to get a VPN? Does it come in a box in the store? No. You need to find a VPN provider, and yes that is going to require some research and yes, you should pay for it.

A word on “Free VPN” providers

Nothing is “free”. Having a VPN company requires expensive software and hardware, so why would it be free? It’s not.

They sell your data to third parties, include adverts and basically do anything to monetize your account. Further, imagine the VPN server as a door. If only a dozen people an hour use that door, traffic flows smoothly. But what if 10,000 people an hour tried  to use that door? Nobody is going anywhere.

What to look for in a VPN provider

Nearly all paid VPN providers charge about the same price, so ignore the cost.

  1. Logs. If the VPN provider keeps logs of your activity, that’s NOT GOOD. Why keep a record of my browsing activity? Good VPN providers DO NOT keep logs so when someone shows up asking, they can honestly say, “sorry, we have no records”.
  2. Customer Support. VPNs can be tricky things to configure and get right. And when you run out of answers, usually a good tech support agent can help out.
  3. Speed. Good VPN providers have plenty of servers and plenty of bandwidth, so they won’t be slowing you down.
Not a review per se, but my experience with VPN providers.

I worked for a company that used to never monitor our internet browsing habits. Then, a few people abused this by watching porn in the office where EVERYBODY could see it and then a new IT director came in. Soon, our browsing became monitored and filtered. Bizarrely, the filter would often block tech sites that developers referenced and we really got annoyed.

I signed up for StrongVPN. It’s a great VPN company and used to have great tech support. I used for them for years. But I had to ditch them for two reasons:

  1. Logs. They kept logs. However, looking at the site now, they claim they do not keep logs anymore.
  2. Tech Support. When I started, it was awesome, after a while it went downhill.

I MIGHT re-consider joining StrongVPN, however, I am very content with my current VPN provider.

Astrill is an awesome VPN provider. This is not a paid endorsement. Some cool things about Astrill:

  1. No logs! Ever!
  2. Unlimited switching of servers. Want to use a server in New York, or Florida or St Louis and see which works best for you? Knock yourself out.
  3. Tech Support is very good. It’s not great, but the people you speak with are usually very sharp.
  4. Custom Protocols. They have their own OpenVPN protocol called RouterPro, which prevents you from being blocked in countries that block the OpenVPN protocol.
  5. Custom tools. I have my VPN configured on my router. This way, traffic from my router is protected. They offer a special JFF file you can install on your router. It’s very handy.
  6. They offer VPN apps for Mac, Windows, Linux, iOS… you name it.

That’s all for now. Next time I’ll discuss VPN protocols and why you shouldn’t use the default Blowfish encryption your VPN provider offers.




Not password, passphrase

For years, people have been warned about using strong passwords and being told that strong passwords have the following characteristics:

  1. Mixed Upper and Lower Case
  2. Special Characters

It goes without saying you should NEVER have a password that might relate to your name or the name of a family member.

But there is a website that will tell you exactly how STRONG (or weak) your password happens to be. The strength of a password is measured in entropy. The higher the entropy, the stronger the password.


So, using the above criteria, how strong are the following passwords?

Password Entropy Comment @1k guess per sec
He1nr1ch$ 39.9 Reasonable Strength. But it’s also my name. 17 years
Fleaswtracenlant 72.8 Strong. But it’s also the name of my ‘A’ School in the Navy. 149.7 BILLION years
Trump_8==> 42.9 Reasonable, and reflects a political opinion. 140 years

Is there a better way? Yes. Use four words that only mean something to you.

Example. Chicken Nuggets Tent Farts

I went camping with a friend of mine. He ate an entire 20 pack of Chicken Nuggets. I slept outside for obvious reasons.

What is the entropy here? 116.4 bits, which is incredibly strong. At a 1,000 guesses a SECOND, it would take 2,634,346,452,833,500,000,000,000 years to guess the password.

That’s 2.6 septillion years.

As a frame of reference, the Big Bang event occurred 14 billion years ago and the last dinosaurs died out 65 million years ago.

XKCD had a comic for this…

Fresh Fedora Install? Do this next…

A while back, I installed Fedora 27 on a Dell laptop. I installed it as a partition, so I could dual boot either Windows 10 or Fedora. After a while, I found myself using only Fedora. So I reformatted the drive (using LVM whole disk encryption) and now it’s a Fedora only machine. If I want Windows, I’ll create a VM image.

Update your install

I know you think, “I just installed this, it must be updated…” Yeah, well…. no.

Do this

sudo dnf upgrade --refresh

The instructions are detailed here https://fedoraproject.org/wiki/DNF_system_upgrade.

The upgrade will take a while but it’s worth it. After it’s done, a system reboot is a good idea (it couldn’t hurt).

Install GCC and Ruby

Bizarrely, GCC and Ruby are not installed by default. But you can check by typing:

gcc --version

and if you don’t have gcc installed, you will be offered the choice to install it.

bash: gcc: command not found...
Install package 'gcc' to provide command 'gcc'? [N/y]

Say yes.

Now for Ruby.

ruby -v
bash: ruby: command not found...
Install package 'rubypick' to provide command 'ruby'? [N/y]

again, say yes.

That’s all for this installation of “Fun with Fedora”.



Do you Sikuli?

Do you SikuliX? You really should…

What is SikuliX? SikuliX is an GUI automation tool. It’s open source, so it’s everyone’s favorite price… free!

Sikuli supports a variety of languages. To quote the website:

  • Python language level 2.7 (supported by Jython)

  • running RobotFramework text-scripts is supported (see docs)

  • Ruby language level 1.9 and 2.0 (supported by JRuby)

  • JavaScript (supported by the Java Scripting Engine)

… and you can use it in Java programming and programming/scripting with any Java aware programming/scripting language (Jython, JRuby, Scala, Clojure, …).

Can you guess what language, I prefer my SikuliX? If you said Ruby, you’ve been paying attention.

I’ve been using it for app testing and browser based testing as well.

SikuliX can’t be trained to carry buckets of water just yet

Linux Distro of Choice

If you ask 20 people who  use Linux, “what is the best version of Linux?” you will probably get 20 different answers.   If you’re lucky.

There is actually a website dedicated to tracking every distribution of Linux called,  DistroWatch.

Choosing a version of Linux can be daunting, but it ultimately comes down to what are you looking for in an operating system.

I wanted a version of Linux that had the following specifications:

  • Well documented. When everything goes south, I can’t call somebody, so give me a wikipage I can read.
  • Well supported by a community of users. Many distros are “here today, and gone tomorrow”. That means I need to learn the ins and outs of a new system every few years? No thank you, I am busy enough.
  • Works well, easy to use, doesn’t require a lot of maintenance.
  • Regularly updated. I was looking at one variant of Linux, that looks GORGEOUS, but it hasn’t been updated in over a year.
  • Offers a variety of developer tools. This is a minor consideration, as most Linux distros can use all the same tools.

So which Linux ticked all my boxes? Fedora.

Currently at version 27 (as of this writing), I have been using it a few months now and I am very happy with it.

  • It’s very well documented.
  • It has great community support. In fact, the good people at Red Hat Linux sponsor Fedora.
  • Has it’s own “magazine” with regular tips and tricks for users of all levels. I liked the article which showed how to change your boot up window to a Hot Dog.
  • It works great. Try it yourself.
  • It’s regularly updated, and they release a new update every six months or so. Fedora 27 was released Nov 14th, 2017, and Fedora 28 is expected May 1st, 2018. Upgrading is pretty easy.
  • Has all the software tools and toys you could ever want.

Give it try! It’s light years better, faster, and more secure than Windows.

Mr Hot Dog says, "Eat me!"

Mr Hot Dog says, “Eat me!”

Happy 2018!

It’s a whole new year! I will hopefully be blogging more now.

Page 1 of 3

Powered by WordPress & Theme by Anders Norén