Removing stickers off Nintendo boxes

Posted on 2 March 20242 March 2024 by Tobias Hellgren

Here’s a little tutorial on how to get rid of nasty stickers and residue off Nintendo cardboard boxes. Just because a box is full of stickers, doesn’t mean it can’t be fixed! Using this method you can still transform it into a presentable state.

What you will need is basically three things:

High percentage Isopropanol Alcohol
Cotton buds
Patience

Here’s my latest attempt at removing some nasty tamper-evident stickers off this copy of Super Mario Land in otherwise nice condition. This is how it looked on the Tradera/eBay listing:

A copy of Super Mario Land with large stickers in norwegian or danish stating that the item cannot be returned if the seal is broken

The first thing I did was to empty the box so that its contents wouldn’t be affected should anything go wrong. I proceeded to lay out some paper for the table’s protection, and then soaked a cotton bud plentiful in alcohol before starting massaging the stickers.

Even though these stickers were thick they accepted the alcohol pretty well and started to loosen up after a minute or two. Once you see that the stickers are starting to fade and you can notice the artwork underneath, you’re almost at the finish line! Keep adding alcohol if it has dried out, but don’t overdo it at this point. You’ll want to gently rub in the alcohol, not scrub as I did and managed to ruin some of the box.

A cotton bud with the sticker's print ink coming off.

Once the stickers start to become translucent, try carefully feel the corners to see if they are willing to let go of the priceless artwork. Don’t force them, they should just slide off. If not, add some more alcohol on top and around the edges.

A box of Super Mario Land, without stickers.

This was the final result. Not perfect, but a hell of a lot better than it was before. You can see the result of me rubbing a bit too hard, but still, I’m pleased with the outcome. Looking up close, it’s barely noticeable where the stickers used to reside.

Once done, I celebrated by playing the game. I know this game by heart so it took me about half an hour to complete. I simply love Hip Tanaka’s ending theme for the game. And I must admit, the game does look good in the cabinet.

Until next time, retronauts!

Aegis – The go-to 2FA for Android

Posted on 4 February 20241 March 2024 by Tobias Hellgren

(I just realized it’s been over a year that I’ve written anything on this blog. You may also have noticed that it looks a little bit different now. This is because I intend on making this blog a part of a bigger website – a homepage, if you will.)

Why Aegis?

I’ve been jumping between different two factor authenticator (2FA) apps the past year or two. I had earlier for a long time settled for Authy, mostly because I wanted to get away from Google and Microsoft. This app seemed robust enough, had some customizable logos for the connected services and also employed a backup feature – which at the time was MIA over at Google’s and Microsoft’s departments. It also had a desktop version that was synced, which at least at the time seemed like a good idea.

As the months passed by I started slowly to realize the flaws in Authy. Not only could you actually not customize the logos yourself, but the search engine used was simply a Google image search wrapper; meaning that logos showed up that either aesthetically didn’t fit or was totally unrelated to the service you tried to configure for. I tested this theory by simply searching for some random crap and Authy downloaded the image without hesitation.

Not only that, I realized that while it’s nice to have the OTP’s synced between devices, it did this through centralization. This, in my opinion, isn’t secure at all and could potentially invade my privacy.

Enough about Authy. I’ve moved on, and so should you.

A screenshot of a phone running Aegis So what makes Aegis any different? Well, first and foremost, it’s completely free (as in libre) and open source software not developed or run by a for-profit corporation.

This means that not only is the code available for anyone to examine and contribute to (which, contrary to popular beliefs is actually very important for security applications), it’s also available to download without the involvement of Google as it’s available through the F-Droid repository.

Second, it has all the features needed for a proper 2FA application and some quality-of-life improvements over its competitors, which I’ll get into shortly.

The only real downside for Aegis is that it’s not available for iOS. But if you’re using iOS, you’ve got other problems to attend to. Yes, by all means, please be offended.

Features

Customizable views

This is one of the most important features for me, as I’ve got almost all my accounts configured with 2FA and will be picking up my phone several times a day to fetch their one-time codes.

Since Aegis allows you to pick your own icons, or even download icon packs from them, the account is instantly recognized through its branding. And for a better overview, you may also configure how the codes are displayed in different sizes: normal, compact, small and tiles. I personally like the setting “small”.

You can also separate the codes between groups. Say you want to have your work OTP’s in the same app as your private, you can create a group for those and have those filtered out by default. This is especially useful if you have two or more different accounts on the same service.

Security

The configurations are safely stored on your device with encryption, which can be unlocked by a password or by using bio-metrics such as fingerprints and/or face unlock. It also allows for a separate encryption password for the backups, should you want an extra layer of security.

Aegis can also be configured to disallow screenshots from being taken, should you ever have been infected by malware that tries to steal your OTP’s. You can also configure to have the codes be hidden from prying eyes until you tap on them.

These are just a few of the security settings I figured was worth mentioning.

Backup, import and export

Another key feature is being able to restore your 2FA configurations should your device ever be lost. Instead of having the vault sync using a centralized service, you can configure continuous backup instead.

Since the vault is encrypted, this means you can put your backup wherever you want. You can use your device’s automatic cloud backup as well as backup through Storage Access Framework in Android, perfect if you’ve got a personal Nextcloud server.

If you’ve got multiple devices, these can be synced using the import/export functions of the app. You can also use the import function to fetch configurations from other 2FA apps, but unfortunately it does not support Authy (this isn’t Aegis fault though, it’s simply because Authy doesn’t support export at all.)

Final words

I mean, there isn’t much else I can share with you guys. It’s only a 2FA app, after all.

It works securely and with personal customization, it’s open and free and has awesome features. So if you’re ever in need of two factor authentication, look no further than Aegis.

Hello world! (or: How to WordPress behind Reverse Proxy)

Posted on 22 January 202324 February 2024 by Tobias Hellgren

Why does it have to be so troublesome?

I have now, knock on wood, finally managed to set up WordPress multisite behind an Nginx Reverse Proxy with working subdomains and corresponding certificates. Previous attempts had resulted in long response times and timeouts, which almost made me give up on the idea. But today, I once again delved into the madness and started with some terminal-fu.

In previous attempts, I had installed the Fastest Cache plugin, which satisfied WordPress’s recommendation to use page and object caching, all within a single plugin. The problem with this is that it adds a lot of redirects to the .htaccess file, and I suspect that this was causing the long response times for pages and the API.

And since there are probably more people who need a setup like this, I thought I’d share my settings.

First and foremost, we need an Nginx configuration for the domain/subdomain that needs to be accessed. This configuration will also provide the pages with their certificates:

server {
     server_name chuggybumba.com;

     listen 443 ssl http2;
     ssl_certificate /etc/letsencrypt/live/chuggybumba.com/fullchain.pem;
     ssl_certificate_key /etc/letsencrypt/live/chuggybumba.com/privkey.pem;

     location / {
          proxy_set_header Host $host;
          proxy_set_header X-Real-IP $remote_addr;
          proxy_set_header X-Forwarded-For $remote_addr;
          proxy_set_header X-Forwarded-Proto $scheme;
          proxy_set_header X-Forwarded-Host $host;
          proxy_set_header X-Forwarded-Server $host;
          proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
          proxy_pass https://[INTERN IP-ADRESS]:443/;
     }
}

server {
     if ($host = chuggybumba.com) {
          return 301 https://$host$request_uri;
     }

     server_name chuggybumba.com;
     listen 80;
     return 404;
}

As you can see, Let’s Encrypt is already configured here. To get started with Let’s Encrypt using this configuration, set up a virtual host that only listens on port 80, and then let CertBot take care of the configuration. Once it’s done, adjust using the settings mentioned above. Note that it’s absolutely important to have a slash ( / ) after the port number in the proxy_pass command!

We’re proxying directly to port 443 on the internal server, as this is to ensure that the WordPress API functions smoothly and doesn’t need to go through multiple redirects.

The next configuration is for the local Apache server (though Nginx could be used here as well, I’m following the WordPress-recommended installation, so Apache it is!)

<VirtualHost *:443>
     ServerAdmin admin@chuggybumba.com

     ServerName chuggybumba.com
     DocumentRoot /var/www/wordpress

     SSLEngine on
     SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
     SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key

     ErrorLog ${APACHE_LOG_DIR}/error.log
     CustomLog ${APACHE_LOG_DIR}/access.log combined
 
     <Directory /var/www/wordpress>
         Options FollowSymLinks
         AllowOverride Limit Options FileInfo
         DirectoryIndex index.php
         Require all granted
     </Directory>

     <Directory /var/www/wordpress/wp-content>
         Options FollowSymLinks
         Require all granted
     </Directory>
</VirtualHost>

In the Apache configuration, we don’t need to set up any subdomain virtual hosts, as these are handled by the reverse proxy on the Nginx machine. We also don’t need to use a valid certificate here. Instead, we have installed a snake-oil certificate to allow us to deliver encrypted traffic to the reverse proxy.

After this, you can simply follow WordPress’s own instructions to set up the multisite configuration.

Once everything is up and running, make sure not to use plugins that add their own redirects to the .htaccess file, such as Fastest Cache, as this will only lead to issues. Instead, I recommend installing WP Super Cache for page caching and Memcached for object cache storage.

To Mastodon and beyond!

Posted on 22 January 202324 February 2024 by Tobias Hellgren

I have just connected the blog to the Fediverse, so now you can follow it via platforms like Mastodon. Just search for @thanius@blog.chuggybumba.com and all posts will appear in your feed!

[INSERT TIPS ON HOW TO DO THIS HERE]