I’ve exhausted all my invites. If you want one, leave a comment anyway, others have been sending invites to people here, too. Or, check the Designer News thread. A guy there is offering invites if you send him your email address.
Real Final Update
I’m out of invites, but post your email if you want one. A number of kind individuals have been sending invites to people leaving their emails in the comments.
Update Jan 22, 2015
I now have 9 more invites to send out for those of you that still want an invitation to Inbox by Gmail. Just leave a comment and I’ll get one sent to you.
Stop receiving copyright infringement notices from your ISP because of BitTorrent
I like BitTorrent a LOT. I’ve used it since it’s release around 2001 or 2002. Recently, however, it’s become more risky to download torrents from your home internet connection.
Disclaimer: I am absolutely not condoning downloading copyrighted material, of any kind. This is aimed at giving casual BitTorrent users some things to consider and nothing more
A number of my friends have received copyright infringement notices from their ISP’s for downloading a movie, music album, or any copyrighted material, for that matter. Most ISP’s will terminate your service if you continue to infringe.
When you download a torrent to your computer, and you aren’t using a VPN, your IP address will be reported to the BitTorrent tracker (that’s just how BitTorrent works). Various groups (including anti-piracy groups) can gather IP addresses of people downloading any given torrent, so having your ISP provided IP show up there could result with you receiving a copyright infringement notice.
That’s where having a VPN comes into play. If you’re connected to a VPN while downloading a torrent on your computer, the IP address of the VPN server will be reported to the BitTorrent tracker, instead of your ISP provided IP.
You have a few options that offer various levels of protection, depending on how much money you want to spend, or how paranoid you are. 🙂 Three pretty simple options are detailed below. These methods aren’t guaranteed to keep you safe, but should be sufficient for most “casual” pirates. You’re still at risk using these methods, please read the clarification on protection part at the end of this post.
Option 1. Use a VPS for a personal VPN (aka: Poor Mans VPN)
Once you have the VPS, just follow the steps I outlined in my Poor Man’s VPN post and you’ll be all set.
Option 2. Get a Paid VPN
A good way to hide the IP provided by your ISP is to use a VPN. There are many paid VPN services available, like IPVanish and ExpressVPN. I know a few folks who use IPVanish and are very happy with the service.
Option 3. Use Put.io
I’ve been using Put.io for around a year now and will never go back to running a BitTorrent client on any of my machines. Put.io is a cloud-based BitTorrent client, plus much more.
That means I can stream videos straight from Put.io to my Chromecast, without the need to ever download them to my computer. I’ve often explained it to friends as a sort of personal Netflix.
Put.io also has a feature that will download your torrent immediately. If another Put.io user has already downloaded the torrent you’re downloading, the files will be copied to your account, so you never even connect to the BitTorrent tracker to download data. It’s pretty awesome.
Another benefit of Put.io is that it frees up your home internet connection bandwidth, all the downloading and seeding is done on the Put.io network. This means you’d no longer have to waste your bandwidth to seed the torrents you’ve downloaded. This is a major factor for some people, especially those who don’t have very fast upload speeds at home (like me).
I’m surprised that Put.io hasn’t tried to hire Steven Schoen to bring his app under the Put.io umbrella, making it an official Android client. Maybe the have, who knows.
A couple screenshots from the Put.io Android app are below.
So, which method should I use?
If you have a Chromecast and an Android device, I’d suggest using Put.io. It’s a nice all-in-one solution, and plans start at only $9.99 a month, which gets you 50GB of storage. I have yet to find a Put.io iOS client that has Chromecast support, however there are Put.io clients for iOS, just not with Chromecast support.
Even if you don’t have a Chromecast, or don’t have the ability to stream from a Put.io client to a Chromecast, you can still benefit from Put.io. After a torrent is finished downloading in Put.io, you can download the files from Put.io to your computer. Just like downloading a file from your Dropbox account using the Dropbox website.
If you want to download torrents to your computer using a more conventional BitTorrent client, like Transmission, I’d advise using a VPN. A paid VPN or the Poor Mans VPN setup will work.
Most paid VPN services have multiple VPN servers that you can connect to, so the IP being reported to the BitTorrent tracker can be changed pretty easily, just by connecting to a different VPN server. IPVanish has plans starting at $10/month and have hundreds of servers located around the world.
If you went the Poor Mans VPN route, changing your IP would be slightly more difficult because your VPS would likely have a static IP. But it’s still not your IP from your ISP. The BitTorrent tracker would see the IP address of your VPS instead of the IP provided by your ISP, giving you some level of protection. There’s still the possibility that a copyright holder could send a copyright infringement notice to your VPS host. Worst case there is you’d lose your VPS, which is far better than having your ISP terminate your internet service.
Just some things to take into consideration before you decide what the best solution is for you.
Especially if you have an Android device and a Chromecast. Even if you don’t have a Chromecast or Android device to stream to the Chromecast, you can still download the files from Put.io to your computer.
Put.io is a bit more expensive than the other options, but is well worth it in my opinion. Put.io offers 4 plans:
50GB of storage for $9.99 a month
200GB of storage for $19.99 a month
500GB for $29.99 a month
1000GB for $49.99 a month
A Quick Poll
Now, On To The New Put.io
A couple months ago, Put.io released a new interface to their website, which also implements aspects of Google Material Design. The new interface is still being built and tested, but can be previewed at http://soon.put.io/.
Here’s a screenshot of the new Put.io interface (it’s the featured image for this post, too).
And here’s a screenshot of the old Put.io interface, which is still the default.
The new interface is much easier to use than the old. It makes extensive use of AJAX, which makes for a much nicer user experience as far as not having to wait for a new page to load. It’s also much more visually appealing.
The new interface and the Put.io Android client from Steven Schoen look very similar to each other, providing a consistent look across the put.io website and the Android client. Not really important for functionality, but it’s nice to have a consistent look across the board for a specific service.
This post covered a lot of material and was written without much revising. If I’ve gotten something wrong, I’d really appreciate you letting me know.
If anyone knows of a Put.io client for iOS that supports Chromecast, please let me know! I’m an Android guy but my daughter has an iPad mini, and I’d love if she could cast from a Put.io client on her iPad to the Chromecast.
Comments are open if you have any questions or anything else to add.
Clarification on Protection
The protection methods listed aren’t full proof, something I thought was quite obvious. All methods listed can lead to your IP address being discovered, but they all add an additional step that law enforcement must do to find your IP. Some scenarios that would result in your IP address being discovered are covered below.
Scenario 1. A law enforcement agency could demand user information from a VPN provider, which would reveal your identity if the VPN provider complied. Same deal with the Poor Man’s VPN solution. Law enforcement could request information from your VPS host, and if your VPS host complied, your identity would be revealed.
Scenario 2. A Law Enforcement agency could demand user info from Put.io, which would also reveal your identity, provided Put.io complies with the request. Put.io says they respect the privacy of their users, but there’s still absolutely no way to prove that they wouldn’t hand over user information if it was requested. However, I tend to trust Put.io more than most companies, simply because they’re not based in the United States and the owner is a genuinely good guy.
In both scenarios listed above, your home IP would be revealed. But why not make law enforcement jump through some hoops to get your IP? Instead of just handing it to them like you do when downloading a torrent from a public tracker without using a VPN.
If you’re uploading new movies to public trackers or are downloading massive amounts (think terabytes a month) of copyrighted material, none of the protection options I’ve outlined will offer you enough protection. Those of you who would draw the attention of anti-piracy groups who would get law enforcement involved should be able to figure out better ways to protect your identity. And that’s not something I care to cover.
I’d had this code sitting around for a while and decided to make a new site dedicated to it. It’s called passwds.io. It’s a simple service that produces pseudo-random passwords that have some elements that can actually be pronounced, hopefully making them easier to remember.
I do not recall where I got the original code to generate the pronounceable passwords, but am trying to find the source so I can credit where it’s deserved.
Brandon Lighter brought up the fact that I could be storing all generated passwords, but I’m not. This was developed as a tool for myself to use while I was a sys admin at a large local business, I’d use it to create new passwords for users in Active Directory. It’s still the same code.
Once I can bring the code to a level that isn’t so scattered, I will put it on GitHub so everyone can see the source and what’s going on. It’s really very, very simple.
Of course, I could omit the important “logging” piece when pushing to GitHub, but at some point people just have to trust others, and I’m flat out saying there’s no type of logging being done at passwds.io, other than the standard Google Analytics and Gaug.es for site analytics/
Brandon does bring up good points though, like no usage of special characters.
Secondly, they are only lower-case, upper-case, and numbers, which means you are pulling from a much smaller character set than you could be, making brute-force attacks easier.
I may add an option to do pronounceable passwords, or passwords with special characters enabled, which would probably break pronounceability. But options are always nice.
If you have other suggestions, I’d love to hear them. I’ve debated adding user accounts and the ability to save your generated passwords (that would be accessible only by you), but that sort of goes beyond the scope of passwds.io, which is simple, fast password password creation.
An example output from passwds.io can be seen in the screenshot below.
Also, check out Placezombie.com if you’re looking for some pretty gruesome zombie images to use as placeholder images in your designs. Sample 900×150 pixel greyscale image below, achieved with https://placezombie.com/g/900×150 :
Anyway, like I said, I’d love to hear your thoughts on passwds.io. Leave a comment here, it’s the best way to communicate with me about passwds.io. I haven’t bothered setting up passwds.io email yet.
ServerPilot will automatically install Nginx, Apache, PHP, and MySQL on a new, freshly installed/created, 64-bit Ubuntu 12.04 or Ubuntu 14.04. So if you’re using DigitalOcean, create your Droplet, and SSH to it. You should be able to harden SSH up a little, but make sure you don’t install any new packages yet.
Getting started with ServerPilot is crazy easy. All you need to be able to do is SSH into your server and run a command. I highly doubt anyone reading this doesn’t know how to do this. If you don’t, Google will tell you how.
“Connect” a new server. Just enter your servers hostname and click the “Continue With Setup” button. Screenshot below.
3. Run The Install
Connect to your server via SSH. Remember, it must be a new server, preferably with no additional packages installed yet. To install Nginx, Apache, PHP, and MySQL, run the command below, from this gist:
The --server-id and --server-apikey values will be provided for you, they’re blacked out in the screenshot below.
This repository provides a sample Vagrant configuration for testing ServerPilot. Basically a server that you can use to test ServerPilot before using it on a new, paid VPS. The README is very detailed, definitely read it if you need help using Vagrant. There’s even an example on using composer to create a Laravel app.
From the README, The ServerPilot API is RESTful and allows you to manage ServerPilot resources using HTTP requests. All responses return JSON objects, including errors. As seems typical from ServerPilot, the documentation in the README is excellent.
The API will let you do things like list servers, connect new servers, or list all system users, among many others. An example that would list all servers can be seen in the gist below.
That request would return JSON similar to this:
You get a pretty cool monitoring dashboard for $10/month. I found the screenshot below in a post from Jake Peterson, it appears to be the ServerPilot monitoring dashboard.
There’s the free plan, obviously, and then two paid plans. One is $10/month and the other is $49/month. You can see what you get for your money on their pricing page.
If you’re a PHP developer and use a VPS provider like DigitalOcean or Linode, ServerPilot is probably worth checking out. Even if you don’t end up using, it’s pretty neat that something like this even exists.
I only have one feature I’d really like to see, the ability to select certain packages to be installed. If that were included in the $10/month plan, I’d definitely do it. As it stands currently, though, it’s definitely a time saver and very well executed.
%d bloggers like this: