Setting Default Browser in Linux When Things are Stubborn

Running XFCE4 and setting the preferred applications generally works. However, I noticed that some applications still would not listen to my demands of using a specific browser when launching links. For example, using python’s webbrowser module, and therefore almost any other module opening external links, would use Firefox or Opera (depending on which was available).

# Checking python invocation of a browser
import webbrowser as w

Here’s the culprit, check in your /etc/alternatives/ directory and you’ll see what I mean.

ls -l /etc/alternatives/

Notice the entry x-www-browser. This will be a symlink to a browser and this value was different than what I was attempting to set through the XFCE4 GUI configuration. This problem seems somewhat common as I’ve seen it occur in KDE and GNOME as well.

To fix this issue, simply run the following command and you should be presented with a list of browsers from which you can set.

# Update your browser choice and choose from the presented text menu
sudo update-alternatives --verbose --config x-www-browser

# Now make sure teh proper symlink is setup
ls -l /etc/alternatives/x-www-browser

Now you should have a functional default choice. Those GUIs can suck it!

Transposing Matrices in Python

We have a list of nested lists (list of matrices) that we wish to transpose.

Utilize chain to iterate over our master list (x), flattening it, and then we iterate over the elements and return these as a transposed list element.
We can also check that an iterated element exists and meets some value requirement (here, less than 200).

from itertools import chain
[[y[i] for y in list(chain.from_iterable(x)) if y[i] and y[i] < 200] for i in range(0,len(x[0][0]))]

Here, we are assuming that the subunits are invariable in length.

Checking your SSH key Fingerprint

As many of you probably are already well aware, Github recently was made aware of a mass-assignment vulnerability (1). If you aren’t caught up, you can find the info here on the Github blog (2, 3).

This afternoon, Github sent out an email to users that they had disabled all SSH keys for a users’ accounts and they would remain suspended until validated. You can validate your keys by visiting the SSH keys section under your account settings where you will then be able to reject or validate each of your stored keys. These are listed by machine ID and key fingerprint.

But how do you know the fingerprint of your SSH key to ensure it is the correct one for each machine ID? Simply SSH into each machine and run the following, replacing the location of the key to match where you have yours stored:

ssh-keygen -lf ~/.ssh/

Analyzing Brute Force Attempts in BASH

If you have a public facing SSH server running on the standard port, your message log is probably filled with failed authentication attempts from brute force attacks. Let’s mash up some quick BASH commands to analyze this data. For our purposes, we’ll look at the top attacker IPs and the top usernames tried.

First, pull down all of your message files and decompress them in a working directory using bunzip2.

Once you have all your message logs ready, we will search through them and pull out all of the authentication failure entries and grab the IP and username for each attempt.

grep -r "authentication error" messages* | awk '{split($0,a," "); print a[NF],a[NF-2]}' > attempts

So we first use grep to look for failed authentications by searching recursively for the string “authentication error” in all of our message logs by using the wildcard. We then pipe this to awk and split each input line found into an array delimited by a whitespace. The last part of each line, and therefore our new array, goes something like: ‘authentication error for USERNAME from IP’. So to get the username and IP from our array we can use the array length variable NF and use that to index the variables we need. Here we grab the last using a[NF] and two in from that with a[NF-2]. Finally, we output this to a file called attempts.

Now, let’s use more BASH magic to do the analyses for us. Our attempts file now is in the format as follows: IP USERNAME. We want to see the top IPs and usernames and we can do that with some sorting commands.

cut -d ' ' -f2 attempts | sort | uniq -c | sort -nr > attempts_username
cut -d ' ' -f1 attempts | sort | uniq -c | sort -nr > attempts_ip

Here, we simply grab either the username in the second column or the IP in the first with cut, sort this data, prepend lines with the number of occurrences of each, and then sort by this occurrence number and output to a new file. You can now view attempts_username and attempts_ip to see the top usernames and IPs, respectively, of brute force attacks.

Lastly, we can associate the keep usernames and IPs together and sort on one or the other to see the correlation between the two. To end our initial analyses, we will sort on usernames and find out for the top attempted usernames, what are the top originating IPs.

 sort -k 2,2 attempts| uniq -c | sort -nr | head -n 10

Next time we will be using some GEOIP methods to see where our top attack attempts are originating.

Finding Images with Python

Let’s say we wish to take a directory, the current directory in this example, and gather all the image files. This could be helpful if we were then going to use PIL or Image Magick to manipulate those files, or create a select-able list for use in a GUI, and so on…

There are countless ways we could do this, but here is one with a module that is very helpful with image details.

import os,imghdr
for f in os.listdir(os.getcwd()):
		if imghdr.what(f):
			print f

Monty Hall Sneak Peak

Coming Soon: Monty Hall game player in Python.

For now, here is a little teaser:

The 10 billion iteration answer:
Ran 10000000000 iterations in 104833.082781s {'wins': 3333340564L, 'losses': 6666659436L}

The code is hosted, of course, on GitHub and can be found here:

As soon as I get the rest of it written up I’ll be posting everything here along with a little code walk-through including a very basic example of Python decorators as well as general object-oriented approaches.

Game Recommendations : Round 1

Try to throw up rudimentary, sometimes cringe-worthy quality recommendations on Steam of the PC games I’m playing. Figured that with my minimalist friends list on Steam that there may be some more benefit reaped from those inexpertly written reviews by posting them here as well. So without further ado, here are the first batch:

  • Great little game with some fun physics (think elliptical orbits). Soundtrack is superb!



Steal Storm: Burning Retribution
  • Great arcade feel and tight controls, engaging soundtrack, strong visuals and explosion sprites accompanied by well done sound effects. Addictive.



Crayon Physics Deluxe
  • Fun. Each level can be as easy or complex as you wish… Can be pretty tricky to flag levels. Cute.



  • Amazing! Cell shaded FPS in all it’s glory… doesn’t get much better than this for an RPG/FPS. Tough game.



Chessmaster Challenge
  • The old chessmaster I remember from systems like Gameboy but now with really great tutorials. Also has a mode that teaches you advanced strategies (openings, defenses, etc) from chess champions in a tutorial format.


Prince of Persia
  • Ubisoft+PoP+cell shading … greatness all around. Beautiful game and supremely enjoyable adventure. Very relaxing!

BUT — broken with steam. Overlay won’t work and does not register any playtime, etc, with steam. Can buy and launch through steam just fine though. A 3+ year issue that hasn’t been fixed but don’t let it hinder you from buying and playing the game… just a heads up.


Sid Meier's Civilization V
  • Total crack… that’s all I’ll say. If you don’t mind countless, back to back all-nighters then go ahead and play, you won’t be disappointed.



  • One of the most beautiful games I’ve ever played. Excellent gameplay, engaging story and characters, a lot of depth across each of the 3 playable characters, and did I mention it was insanely beautiful?

Got this game on sale and actually felt really bad playing it and realizing how little I paid for it. That says everything you need to know. Buy it, play it, love it!

More to come…

Mutaku on Google+ Pages

We are now on Google+ Pages as you can see by way of the link on the right side of the page or by clicking here.

If you are a G+ user feel free to swing by the page. Will post software updates and anything Mutaku related to that page as well as to the other regular locations.

Happy G+ing!