glsk

Li-ion batteries don’t like being fully charged. They will retain capacity significantly longer if you charge them up to 80% or less. Check this plot from Battery University:

If you usually use up all of your laptop battery during the day, gradual battery degradation is something you’ll have to live with. However, if you mostly work with AC charger plugged in, you can set lower limit to your battery charge and prolong its life.

Lenovo ThinkPad T460s laptop has a built-in fingerprint reader, but unfortunately until recently there was no way to make it work. You know the story: the manufacturer (Validity, later bought by Synaptic) refuses to release the documentation and says they may release proprietary Linux driver someday. Thankfully, Nikita Mikhailov started reverse engineering these sensors and that work has been adapted by Marco Trevisan to create a functional fprint driver for 2016 ThinkPads (including T460s).
The procedure to make it work is not very straightforward, so I’ve decided to document it here for posterity.

Disclaimer: I’m not an expert in networking, so the instructions below may be flawed. Be warned and proceed with caution! Corrections are highly welcome.

DNS leaks are nasty. ISPs may tamper with DNS for purposes of censorship or eavesdropping. Luckily, there are public DNS servers, e. g. Google (8.8.8.8), Cisco OpenDNS (208.67.222.222) and Quad9 (9.9.9.10) which may behave better.

I’ve set up my router to use public DNS servers instead of provider’s. In LEDE (OpenWrt) router firmware this can be done in GUI: go to Network → Interfaces → WAN → Edit → Advanced Settings, uncheck ‘Use DNS servers advertised by peer’ and add custom server IPs below.

The trouble is that LEDE runs its own DNS server and advertises its address (e. g. 192.168.0.1) to clients via DHCP. When NetworkManager connects to OpenVPN it keeps this address as one of DNS resolvers (even if you add push "dhcp-option DNS 9.9.9.10" to OpenVPN server config). You can check it with

cat /etc/resolv.conf

# Generated by NetworkManager
nameserver 9.9.9.10
nameserver 208.67.222.222
nameserver 192.168.0.1

This way, DNS requests may occasionally be sent to the router which forwards them to configured servers skipping VPN tunnel and making them visible to the ISP (unless you’ve set up DNSCrypt, of course).

I’ve upgraded my Manjaro kernel from 4.9.65 to 4.14.2 today and suddenly my bluetooth mouse stopped working. The adapter is Intel Wireless 8260 on Lenovo T460s laptop. After some searching I stumbled upon this kernel bug, but fiddling with firmware didn’t seem like an exciting prospect.
Thankfully, I’ve found solution in this thread on Manjaro Forums. Seems like the bug is there at least since kernel 4.13.2:
sudo nano /etc/modprobe.d/iwlwifi.conf

options iwlwifi bt_coex_active=0

After reboot the mouse is working fine with Wi-Fi turned on, audio receiver is yet to be tested.
UPD: bluetooth audio receiver is working fine too.

Recently I was struggling to make tab close icons look closer to Breeze theme. Now I managed to make tabs look Breeze-ish too! The icon rules are also better now, opacity works without superposition problems:

UPD: See this post for better icons and Breeze tab style.

I was upset that close tab (×) and new tab (+) buttons in Firefox didn’t match my current icon theme (Breeze). Thankfully, a workaround is still possible in v.48.

Just add the following snippet to your userChrome.css file in [Firefox_profile_directory]/chrome folder:

In this post I want to share some details about my simple low budget smart home system based on 433.92 MHz receiver/transmitter controlled by Arduino. It can be easily extended with many cheap wireless devices, such as door bells, remote sockets, smoke alarms, leak detectors, etc. I’ll describe how to control remote socket, receive alarms from wireless smoke detector and draw a plot of room temperature obtained from regular wired sensor.

Ever since I’ve learned about alternative router firmware I wanted to give it a try. With bugs and security holes being found in vendor firmware every now and then it was becoming even more relevant. Being an open source software advocate, I was mostly looking into OpenWrt. Unfortunately, my hardware was either not supported (ZyXEL P660 ADSL router) or in some early alpha stage (D-Link DIR-300). But then I learned about a reasonably cheap TP-LINK TL-WR841N[D] router which has good OpenWrt support. So I bought it (for ~18 €, got version 9.2) and immediately flashed OpenWrt on it — which was super easy: I just uploaded .bin file and waited for reboot.
Read more

It’s finally here. Well, it’s still in beta and invite-only, but it works. Let’s Encrypt will give you free trusted certificate for your HTTPS server and provide an easy script to verify, obtain and renew it.
So far only Apache is fully supported, so if you use NGINX or Lighttpd you’ll have to configure it manually. Which is not a big deal, especially if you were using TLS with self-signed certificate before.
The only trick was that one has to use fullchain.pem for ssl_certificate in NGINX config (possibly the same applies to Lighty). After that the certificate was accepted by all my browsers on both Linux and Android: https://glsk.net.