Make a Bootable Ubuntu USB stick: The Easy Way

By far the fastest way to install a new operating system is from a USB memory stick. In this post I’m going to show you the easiest way of making an Ubuntu bootable USB stick. For this we’ll use UNetbootin, a small portable program that turns your USB stick into a bootable drive – the alternative of a CD for example, from which you can install an operating system.

You will need:

  • A USB stick at least 1GB in size
  • Decent internet access for downloading Ubuntu or another Linux distribution of your choice
  • A computer that can boot from USB (check your BIOS settings and boot options)

Step 1: Prepare your USB drive

Insert your USB memory stick into an empty port and make sure to backup any files that you need from it as we’ll be formatting the drive later. This isn’t mandatory, but I like to format the drives I’m working with as it makes things much neater if you don’t mix personal files with the Linux distribution that you’re installing.

Step 2: Download & Run UNetbootin

Navigate to UNetbootin’s SourceForge page and download the latest version of the program. Once it’s downloaded you can run it straight away as it doesn’t require an installation.

Step 3: Select your desired distribution and destination memory stick

For this tutorial we’ll pick Ubuntu. By default the program will select the most recent Live version of the distribution, but since I have a 64-bit processor, I’ll go for the x64 version.

The next thing you’ll want to do is to make sure that you’ve selected the correct drive letter. Check in Start -> Computer to confirm. In my case this is drive E:\

Step 4: Run the program and sit back

At this stage you just have to press OK and let UNetbootin do its thing. It will download the correct ISO, unpack the files and make your flash drive bootable.

Step 5: Boot from the USB stick

Now the only thing you need to do is boot from the memory stick and you’ll be able to run Ubuntu Live. Check your BIOS settings to make sure USB boot is enabled. During restart most systems will allow you to select a boot device by pressing a key like Esc, Del or F12 – check Google or your manufacturer’s website for more information.

How to enable WordPress permalinks using Webuzo and Nginx

If you are using WordPress on Webuzo with a LEMP stack, chances are you’ve had trouble with making the permalinks on your website work. Below is a tutorial on how to fix this in Webuzo and enable pretty URLs.

The first thing we’ll need to do is create a config file on the server. For this you can use SSH, file transfer or even the File Manager under Server Utilities in Webuzo’s Enduser Panel.

I like to put my custom configuration files under /home/user/myconfigs/ so I can easily find them, but you can pick any destination you want. In our chosen folder, we create the file or files that will be enabling pretty URLs on the server. You can have one common file across multiple websites, or if you require different configurations, you might have /home/user/myconfigs/type1.conf and /home/user/myconfigs/type2.conf

Inside the config file you’ll need the following code that is standard for enabling permalinks in WordPress on Nginx (thanks Soumik Ghosh).

location / {
    index index.php index.html index.htm;
    try_files $uri $uri/ /index.php?$args;
}

Note the location attribute; if your WordPress installation is in a subfolder like /blog , you’ll need to create a separate file for that domain and alter the line as follows:

location /blog/ {

Now that we’ve created the configuration file(s), we need to navigate to Features > Extra Configuration and add them as records to our domains. Select the desired website and the Nginx server and paste the path to your config file; then click Add Record.

Webuzo Extra Configuration

If your WordPress permalink settings are correct, everything should start working straight away, even without the need to manually restart Nginx yourself. Enjoy your new beautiful URL functionality!

RFID security is a joke – or how I “paid” Amazon with a wristband

bPay bands

bPay bands

So a few days ago I heard that Barclays Bank were giving away their new product for contactless RFID payments – the so called bPay wristband. Knowing that NFC-enabled chips for payment or otherwise are pretty unsecured, I decided that I would like to play with the new band and I ordered one. It was pretty easy to do and you don’t even need to be a Barclays customer or to provide them with real personal information for that matter.

The main goal of these bands is to be used as a replacement for your wallet during festivals – the idea being that you pay for alcohol, but you don’t bring your wallet, which you are prone to lose after you get wasted. Sounds great in theory, I guess, but never mind that now; discussing how unsecured and ridiculous contactless chips for payment and in general are, may be a topic for another post. Barclays have already been called out for their unsecured chips, but to be fair they didn’t quite deserve to take the bad press – every NFC-enabled card is the same.

I received my wristband in the post and for some reason I decided to act as a user first and “woke up” the band on the website – this basically ties the chip number with your account so you can top up money, I guess. I decided not to top up right now, but to dig out the chip, examine it and see what I’ve got.

bPay band chip

bPay band chip

I wasn’t too surprised to find that the fancy bPay wristband was nothing more than a pre-paid MasterCard, save the magnetic strip and all the extra plastic – just in a form factor that you can wear.

I was originally planning to play with the wristband by cloning it on my phone and replaying the signature on a POS terminal – testing how unsafe these are and how I could buy drinks on you after shaking your hand in Hyde Park. Maybe just for fun I was going to replay it remotely via proxy – we’ve had that technology in the public domain for some time now, but it’s cool to see it in action. However, upon noticing the MasterCard logo it struck me – this little thing must have a card number. After all, these wristbands aren’t actually a new payment product, but just a mini card with NFC.

So instead of doing the obvious contactles shenanigans I could try to buy something online with this…

First step is to find out what the card details of this thing actually are. You can do this with your phone and an app that can read NFC. I’m not going to put any links here, but you can do a simple search and find what I’m talking about.

I already know, from reading previous research, that all “tap and go” payment chips contain pretty much everything that would be printed on your card and encoded in the magnetic strip, with the exception of the CVV number, usually seen on the back of the card. I scan the plastic with my phone and surprise, surprise – we have a number and an expiry date. Obviously, these mass-produced cards don’t hold name, address or other personal information, hence why you have to “wake them up” online in your account.

But that shouldn’t stop us – not having CVV or any money on the card doesn’t mean that we can’t prove that it can be used online. There are some merchants that don’t check your address and don’t even require a CVV. Notable examples? Amazon.

After quickly logging in to my account and heading over to the ‘Manage Payment Methods’ section, I find that Amazon is in fact pretty happy with me entering the details of my wristband as a new card and even using a complete nonsense name just to top it all off. Feeling pretty accomplished at this point, I wonder: can you actually complete a transaction using this thing? Because I’m not about to top up the minimum amount of £25 in the middle of the night just to do a silly test, I think: what requires a valid payment method, but doesn’t immediately cost any money? The answer? Audible. I had downloaded the app from an ad in Bacon Reader a few days ago as my way of saying “thank you” to the awesome developers who maintain it. Figured I was going to try the service when I got around to it… Now, the perfect time to start my trial, I click the confirmation button with bPay as my selected payment method and voilà – “Thank you for shopping at Audible”!

Amazon is happy and I have my trial – if I don’t want to continue I’ll cancel and they’ll be none the wiser. Of course I ought to change my payment method if I want to keep the service, because otherwise any request for funds will surely be denied with my modest balance of £0. Obviously if you top up your card you’ll be able to make actual purchases online. The Audible trial was simply a proof of concept using an empty account.

TL;DR: bPay bands are in fact MasterCard(s). They are unsecured. You can use them online and register for an Audible trial by reading their card details with your phone.