Seven years ago, I wrote the first post in this blog to explain how to build this blog. Basically, I still use the Hexo framework for blogging. Here is the summary of how you can rebuild the blog today.

Versions

• Node.js v17.6.0
• npm 8.5.1
• hexo 6.0.0
• hexo-theme-next 8.10.0

If you use the different versions, things may break.

Create GitHub Repo for the blog folder

It will be convenient to use git to version control your post writings. You can just create an empty private repo. Let’s call the folder as your_blog_folder/

Create Github Repo for hosting blog Github Page

A public repo with the repo name as YOUR_NAME.github.io, YOUR_NAME here is your GitHub account name.

Install Node, Hexo and NexT

Install Node.js with Homebrew

1

brew install node

Install Hexo and NexT with npm

1
2

npm install -g hexo-cli
npm install hexo-theme-next

Initialize Hexo

Make sure you are in the target folder

1
2
3

cd your_blog_folder
hexo init
npm install

Configure Hexo and NexT

your_blog_folder/_config.yml is the config file for Hexo, and you need to copy the config file of NexT at /node_modules/hexo-theme-next/_config.yml to the root folder of your_blog_folder/, rename it to _config.next.yml. So they are now in the same folder. Here are some of the key configuration changes.

For _config.yml

1
2
3
4
5
6
7
8
9
10
11

# Site
timezone: 'America/Toronto'
# URL
url: http://YOUR_NAME.github.io
# Extensions
theme: next
# Deployment
deploy:
  type: git
  repo: https://github.com/YOUR_NAME/YOUR_NAME.github.io
  branch: main

For _config.next.yml

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28

# Creative Commons 4.0 International License.
creative_commons:
  sidebar: true
  post: true
# Menu Settings
menu:
  home: / || fa fa-home
  archives: /archives/ || fa fa-archive
# Sidebar Settings
sidebar:
  position: right
# Social Links
social:
  GitHub: https://github.com/YOUR_NAME || fab fa-github
# Subscribe through Telegram Channel, Twitter, etc.
follow_me:
  RSS: /atom.xml || fa fa-rss
# Misc Theme Settings
codeblock:
  theme:
    light: tomorrow-night-bright
    dark: tomorrow-night-bright
  copy_button:
    enable: true
    style: mac
# Reading progress bar
reading_progress:
  enable: true

Write a post

1

hexo n 'Your_post_name'

And if you are using vscode, you will find the Your_post_name.md in the your_blog_folder/source/_posts/ you can write in markdown.

Generate the post html

1

hexo g

You can view the post locally and make changes if you need.

Deploy the post to GitHub

1

hexo d

It will automatically generate GitHub Page for you which you can see by visiting YOUR_NAME.github.io

When you try to deploy the blog, if you see this message ERROR Deployer not found: git, or other error messages, for example, you need rss feed ready for your blog, please double check if you have all node_modules installed.

1
2

npm install hexo-deployer-git --save
npm install hexo-generator-feed --save

Reminder

If you git clone the private blog repo to write a new post, remember to npm install before you try to deploy it to github. Because the moment you git clone to your local machine, the folder node_modules is empty. It is not sync with git by default as set in the .gitignore generated by Hexo.

1
2

rm -rf node_modules && npm install --force
hexo d -g

Ref:

Hexo
https://hexo.io

Theme NexT
https://theme-next.js.org

hexo-generator-feed
https://github.com/hexojs/hexo-generator-feed

For some reason, you need to use a HTTP Proxy.

Let me assume you have an account of Microsoft Azure.

Create VM on Azure

First, go to Azure Portal and create a linux virtual machine, say, Ubuntu 20.04 LTS. Default config will be fine during your VM setup.

Connect to VM

Connect to the virtual machine via SSH with client, in my case, I use Terminal on MacOS. Let’s rename the private key file to azureuser.pem which you download from the previous VM creation step. Use chmod 400 to ensure you have read-only access to the private key.

1
2

chmod 400 azureuser.pem
ssh -i /Path/To/Some/Folder/azureuser.pem azureuser@vps_IP

Install Squid

1
2
3

sudo apt-get update -y
sudo apt-get upgrade -y
sudo apt-get install squid -y

Update Squid Config file

1

sudo nano /etc/squid/squid.conf

Find and insert the below two lines BEFORE the line of http_access deny all, to allow your IP to use the proxy.

1
2

acl client src your_IP
http_access allow client

By default, Squid uses port 3128. If you are going to change it, just remember to double check if any other application is using the port by default.

1

http_port PORT_NUMBER

By default, Squid will append your original IP address in the HTTP requests it forwards, something like X-Forwarded-For: 192.1.2.3. So, if you don’t want the destination server to know you are using a proxy, and you want to remove some of the request_headers that Squid passes on to the destination server, you can Ctrl + W to find and uncomment these:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16

# forwarded_for off
# request_header_access Authorization allow all
# request_header_access Proxy-Authorization allow all
# request_header_access Cache-Control allow all           
# request_header_access Content-Length allow all
# request_header_access Content-Type allow all
# request_header_access Date allow all
# request_header_access Host allow all
# request_header_access If-Modified-Since allow all
# request_header_access Pragma allow all
# request_header_access Accept allow all
# request_header_access Accept-Charset allow all
# request_header_access Accept-Encoding allow all
# request_header_access Accept-Language allow all
# request_header_access Connection allow all
# request_header_access All deny all

All, done. Ctrl + O to save the file, and Ctrl + X to exit the file. Restart Squid or maybe you can just restart VM.

1

sudo service squid restart

Open Port for Squid

Lastly, go to your VM on the azure portal, open the Networking Tab in the settings. You need to add one inbound port rules to make the Squid http_port number (by default, 3128) accessible from your IP.

Use HTTP Proxy in Python

1
2
3
4
5
6
7

import requests

http_proxy = {
	'http': 'http://vps_IP:PORT_NUMBER',
}

r = requests.get(url, proxies=http_proxy)

Use HTTP Proxy in Terminal on MacOS (Bash)

Enter the below command into the terminal for a session use.

1

export http_proxy=http://vps_IP:PORT_NUMBER

If you want to make the proxy permanent in the Terminal, you can add it into bash_profile.

Use HTTP Proxy on iOS

Go to the settings page of the WiFi you are currently using. Configure HTTP Proxy to Manual and enter the details.

By the way, save your time and do not use Squid to bypass GFW. It will fail, technically speaking. I’m sorry.

Squid is not designed to encrypt internet traffic by any means. On the contrary, Squid server can and will intercept SSL interception because Squid is literally the man-in-the-middle (MiTM). Keep that in mind if you consider making use of the other’s HTTP Proxy.

Ref:

Ubuntu documentation for Squid:
https://help.ubuntu.com/community/Squid

Squid man page:
http://manpages.ubuntu.com/manpages/focal/en/man8/squid.8.html

Official Squid site:
http://www.squid-cache.org

I have been thinking about how to store customer’s login details into the database.

I mean, how to arrange the tables to store the passwords securely enough so that even if one day the database is leaked (and it will), no actual passwords are exposed.

On seond thoughts, managing the passwords by myself could be a bad idea.

Hand it over to Google or Facebook.

OK.

Let’s say, for some unknown reasons, I have to do it.

The million-dollar question is, HOW.

• If I store the plain text password anywhere in the database, the company probably would just fire the guy who designed the database, that’s me, for good.
• If I store the hashed password with username, just like that, it is vulnerable to dictionary or rainbow table attacks. But maybe I can keep my job, for now.
• If I use SHA512, instead of MD5, as the hash function, the computational power required to crack the passwords is signaficantly different.

Solution (perhaps)

Add random salt to each individual password, and then calculate the SHA512 hash values. Remember to generate salt again, once the customer changes the password. Also, I need a cryptographically secure random function to generate salt.

In practice, use longer salt, I guess.

Ref:

Password Cracking
https://www.youtube.com/watch?v=7U-RbOKanYs

How NOT to Store Passwords!
https://www.youtube.com/watch?v=8ZtInClXe1Q

Rainbow table
https://en.wikipedia.org/wiki/Rainbow_table

Somehow I decided to reset an useless old iPad (A1395, iOS 9.3.5) which had been jailbroken. After erasing all the content and settings, I found the iPad became bricked. The situation is that if you press the Power button, a few seconds of Apple logo shows, followed by a battery status in the center of the screen. And that’s it, it just did not turn on.

Solution

You need to make sure you have charged the iPad for several hours. It helps to rule out the cases when iPad refuses to turn on with low battery. If the battery is all good, there are two ways to rescue your iPad. Try the force-restart first.

Force Restart

Hold down the Power button and the Home button at the same time for 10 seconds. You will see the Apple logo twice I guess. The second time when you see the logo, you can let go the two buttons and wait/pray for the iPad to turn on.

Factory Reset in DFU mode

• Connect your iPad to a Mac (Sorry, I did not test if you can connect iPad to a Windows, chances are you can)
• On the iPad, hold down the Power button and the Home button at the same time, yes, for 10 seconds.
• Then, release the Power button but continue to hold the Home button for another 5 seconds.
• It should be entering DFU mode now. Choose Restore the factory settings.
• Wait for the iPad to reinstall everything once again.

I know a bricked iPad is useless. But, you know what, after rescuing the old iPad, I find the iPad is still useless anyway.

All emulators in AVD failed to run after I accidentally update Android Studio to 4.2.1 on macOS Catalina (10.15.7).

You can find more debug details if you run the emulator in terminal.

1
2

emulator -list-avds
emulator -avd your_avd_name

Solution

Downgrade (sort of) amulator to 30.4.5 (build_id 7140946)
https://dl.google.com/android/repository/emulator-darwin_x64-7140946.zip

First, downlaod the zip file and unzip it.
Then, find the emulator folder under sdk folder. Replace the items inside with what you have downloaded.
Restart Android Studio (for example, go to menu File, select Invalidate Caches / Restart) and try to run the emulators again.

You will see the warnings saying something, like, these files can not be verified due to unknown developer. Remember to go to Mac System Preference, Security & Privacy, under the General tab, allow these apps to run. Eventually, everything will be fine. Good luck.

Ref:
https://issuetracker.google.com/issues/191799887
https://issuetracker.google.com/issues/191805460
https://medium.com/nerd-for-tech/how-to-downgrade-android-emulator-on-macos-6e611d2d2bcb

When this bug happens, it shows that it takes time to open the MySQL Editor, but the fact is that it will never open. So you will wait forever.

I am on MacOS Catalina and the MySQL Workbench version is 8.0.22, just in case you want to know.

Why this error happens (My guess):

You changed the password to the MySQL database user, but it somehow failed to sync the password in the keychain.

The solution:

Go to the /Applicaiton/Utilities/ to find the Keychain Access App and run it. Search and delete the password to the database user. Try search ‘MySQL’. Reopen the MySQL Workbench and you should be fine now.

Update: The typo has been fixed if you are using Dynamic web module version 5.0

When you are using the Servlet Template in Eclipse, you may encounter the error saying “The import javax.servlet cannot be resolved.”

For example, I am using Eclipse for Mac (Version 4.19.0). First, create a Dynamic Web Project, target runtime: Apache Tomcat v10.0, Dynamic web module version 4.0. And inside this project, create a new servlet file using the Create Servlet Wizard. Soon you will see the errors pop up in the servlet file you just created.

1
2
3
4
5
6
7

// BEFORE
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

How to fix it? All you have to do is changing the superclass name from javax into jakarta. Why does this happen? I think it is because, as mentioned on Wikipedia page, that from 12 Jun 2020 and on, API moved from package javax.servlet to jakarta.servlet. Let’s hope Eclipse will update the template someday in future. For the exising codes out there, I guess they are doing well.

1
2
3
4
5
6
7

// AFTER
import java.io.IOException;
import jakarta.servlet.ServletException;
import jakarta.servlet.annotation.WebServlet;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;

Of course, you can create an empty class file to build servlet from scratch, to avoid such issues. Just in case you do face the similar errors in Eclipse when coding Java, I hope the simple fix would help you.

Wikipedia page of Jakarta Servlet:
https://en.wikipedia.org/wiki/Jakarta_Servlet

Finally, I got hexo upgraded.

Simple & powerful as it is advertised.

It worked fine, I guess.

I have been thinking about to code myself a blog from scratch because the hexo blog seems out of date. The interactions between Github and Hexo are sometimes failing and I got warnings of it might not be working in some future. Maybe it’s good time to practice some front-end coding with html/css and javascript.

The coding experience on Leetcode is fantastic because you can always get instant feedback that your code is not working. Then you try again and get the feedback again that your codes fail. Back and forth serveral times until you get it.

To be honest, I like Project Euler more, because of its simplicity and the sense of art comes from the simplicity. Still, I think you need the Leetcode to practice to get a job. In this sense, it’s a wonderful website that gives you hope of the employment.