HOWTO: Configure XChat Azure on OS X to connect to Freenode using SASL + Tor

Tags: , , , , ,

With all the recent news about the NSA, Prism Surveillance Program and the US Federal Government actively spying on its citizens without cause, I decided to update the detailed HOWTO I posted in early 2011 describing how to connect to Freenode using Xchat (on Linux/FreeBSD) using SASL + Tor. The process is relatively simple, but there is a simplified version now, and it works seamlessly with XChat Azure on OS X, as well as Linux, without having to compile any plugins using GCC.

A win, win, all around! Let’s get started! (click the images below to zoom to full size)

Installing Tor on Your OS X Machine
Configuring Browsers to use Tor (to validate Tor functionality)
Configuring XChat Azure to Speak Through the Tor Proxy
Adding a Freenode Tor Network Server to XChat Azure
Installing the SASL Perl Script to Manage SASL Connections
Connecting to Freenode using SASL + Tor


Installing Tor on Your OS X Machine

To get Tor running on your OS X machine, you’ll need to install it. There are several ways to do this, but the easiest is to use the TorBrowser Bundle, package for OS X.

It’s straightforward to install that, just download and install it as you would any other OS X software. Once you’ve got it installed, you’ll see the main Control Panel, shown here:

Vidalia Main Control Panel

If you see the green “onion” icon in your Finder menubar at the top of your screen, you’re up and running and connected to the Tor network. You can check this further by looking at the “Bandwidth Graph” to see if bytes are actually flowing across your connection.


Configuring Browsers to use Tor (to validate Tor functionality)

Now you’ve got Tor running, you’ll need to verify that it actually works and that you can send and receive traffic over it.

Open your browser of choice (I use Firefox but any browser will work) and find the configuration option in your browser’s Preferences pane for setting a “Proxy Server”. You’ll want to point it to a proxy server address of, port 9150, as shown below.

The reason this isn’t the “standard” Tor port of 9050, is because the Tor Browser Bundle project wanted to ensure that they didn’t collide with a system-installed version of Tor, so they went with 9150 instead.

Firefox Vidalia Proxy Configuration

Once you’ve got that configured, point your browser to the Tor Check Site. You should see output that looks like this:

Tor Browser Check Results

If you’ve gotten this far, you’re almost there! If you see an error message or cannot connect to the Proxy, make sure Tor Browser is running, that it’s showing ‘green’ in your menubar, and that you’re using port 9150, not 9050 in your Proxy port configuration.


Configuring XChat Azure to Speak Through the Tor Proxy

Now let’s configure XChat Azure. Open up your XChat Preferences (Command-,) and go to the “Network setup” page. Here is where you’ll configure similar parameters we just used for Firefox above to permit XChat Azure to communicate across Tor.

Configure it to look like the following values:

XChat Azure Vidalia Proxy Configuration

Now ALL of your networks will attempt to use Tor, which may not be what you want. We’ll go over that in a moment, so you can exclude (“bypass”) the proxy for public networks.


Adding a Freenode Tor Network Server to XChat Azure

To add a new Network in XChat Azure, you’ll want to go to “File => Network List”, or use Command-S. You’ll see a default network list here.

Click the [+] sign in the lower-left corner to add a new network. You’ll name this “Freenode_Tor” or something similar. Don’t put spaces in the name, this is important.

When you add this network, you’ll want to click on “Show Details” and configure it to look similar to the following two screenshots.

The first tab, you’ll want to double-click the server name line and add a server with the name:


And the port:


Make sure you also check the “SSL” box there. This is the SSL port for Freenode servers.

XChat Azure Freenode Onion Tor Configuration

On the second tab, you’ll want to check the two boxes shown. If you want to reject invalid SSL certs (not a bad idea), uncheck that second box.

XChat Azure Freenode SSL Configuration

You’ll also see a checkbox that says “Bypass proxy server”. You’ll want to check that box for all other non-Tor networks, but not this one. We actually want to use the proxy server here, so leave it unchecked.


Installing the SASL Perl Script to Manage SASL Connections

Next, we need to install a small script that will be used to manage our SASL connections under XChat Azure. You can find several of those on the Freenode SASL page. I haven’t tested any of the scripts there except the Perl script, so we’re going to use that one for this HOWTO.

Download that Perl script using whatever tool you use, and put it into your $USER/.xchat2/ directory using iTerm or Finder.

Now when you start up XChat Azure, you should see something like this at the top:

[07:58]   Perl interface loaded
[07:58]   Python interface loaded
[07:58]   SASL: auth loaded from /Users/setuid/Library/Containers/org.3rddev.xchatazure/Data/Library/Application Support/XChat Azure/sasl.auth

We need to make sure we set some auth values while this script is loaded. To do that, you’ll run the following command inside the XChat Azure text box:

/sasl set Freenode_Tor <username> <password> PLAIN
/sasl save

So if your Freenode username was ‘foobar’ with a Freenode NickServ password of ‘MyS3cretPas5word’, you’d type:

/sasl set Freenode_Tor foobar MyS3cretPas5word PLAIN
/sasl save

Now your SASL authentication is saved, and you’re ready to connect!


Connecting to Freenode using SASL + Tor

Using Command-S (or File => Network List from the app menus), highlight your “Freenode_Tor” network and click the “Connect” button. It will take a few moments, but you should see something that looks like the following:

XChat Azure Freenode Successful Connection
If you see that, you’re all set! Now you can join any channels you wish and be sure that your IRC communications are being anonymized behind the Tor network.

Note: Sometimes you’ll see an error that looks like the one below, when you randomly reach a Freenode server with a wildcard SSL cert.

XChat Azure Freenode Wildcard SSL Cert Error

If you run into this, just close XChat down and restart, or attempt to reconnect to the “Freenode_Tor” network again until you get a proper server in the randomized list.

That’s it, good luck!

HOWTO get YouTube video content onto your Apple iPod

Tags: , , , ,

I’m sure you’ve heard of YouTube by now.

YouTube is a video sharing website where users can upload, view and share video clips with other visitors to the site. YouTube was created in mid-February 2005 by three former PayPal employees.

The San Bruno-based service uses Adobe Flash technology to display a wide variety of user-generated video content, including movie clips, TV clips and music videos, as well as amateur content such as video blogging and short original videos. In October 2006, Google Inc. announced that it had reached a deal to acquire the company for US$1.65 billion in Google stock.

In August 2006, The Wall Street Journal published an article revealing that YouTube was hosting about 6.1 million videos (requiring about 45 terabytes of storage space), and had about 500,000 user accounts.

A YouTube search done today reveals more than 83 million videos and many millions of user channels. In fact, there are so many, YouTube no longer lists how many and restricts all searches to only 1,000 results or less.

Not bad for a company that is completely unprofitable and whose revenues being noted as “immaterial” by Google in a regulatory filing. The bandwidth costs to operate YouTube alone are estimated at approximately $1 million a day.

But enough about the numbers and dollars, let’s talk about how to get that content onto your Apple iPod video device!

I find myself with lots of “spare time” around my commutes, waiting for trains, driving, late at night while I turn off my brain and relax and many other places. I’ve collected lots of audiobooks, music streams and videos that I watch and discard from my ipod on a regular basis. A lot of the video content I watch now comes directly from YouTube.

The first thing you’re going to need is a copy of YouTube Downloader. This is a very simple Python script that takes a YouTube URL as input and will download and copy the file to your local system.

There are versions of youtube-dl available to all of the current Linux distributions if you simply install it with your normal packaging tools (yum, aptitude, synaptic, etc.), as well as a detailed guide to installing YouTube Downloader under Windows XP for those stuck on that legacy platform.

That’s step one.

The second step is to grab a current copy of the ffmpeg Video Encoder. Your Linux distribution may have this already, but if not, you can just download the latest source with SVN or Git and build it yourself.

For Windows users, you can either download a compiled version (you’ll need a copy of 7-zip to unpack it), or follow this HOWTO and build your own on Windows from source.

If you’re building this on Linux or Windows, make sure you include libfaac support in your build. This is critical, because iTunes won’t accept the format if it isn’t in MPEG-4 format (or AVI, but AVI files are enormous).

At the very least, use the following options when building ffmpeg from source:

./configure --prefix=/usr --enable-gpl --enable-pthreads 
            --enable-libvorbis --enable-libtheora 
            --enable-libgsm --enable-libfaac --enable-libfaad 
            --enable-liba52 --enable-shared --enable-libschroedinger 

If you got it right, you should see something similar to the following:

install prefix            /usr
C compiler                gcc
.align is power-of-two    no
ARCH                      x86_64 (generic)
big-endian                no
MMX enabled               yes
CMOV enabled              no
CMOV is fast              no
EBX available             yes
EBP available             yes
gprof enabled             no
debug symbols             yes
strip symbols             yes
optimizations             yes
static                    yes
shared                    yes
postprocessing support    no
software scaler enabled   no
new filter support        no
filters using lavformat   no
video hooking             yes
Imlib2 support            no
FreeType support          yes
network support           yes
IPv6 support              yes
threading support         pthreads
SDL support               yes
Sun medialib support      no
AVISynth enabled          no
liba52 support            yes
liba52 dlopened           no
libamr-nb support         no
libamr-wb support         no
libdc1394 support         no
libdirac enabled          no
libfaac enabled           yes     <--- This is what you want to see
libfaad enabled           yes
libfaad dlopened          no
libgsm enabled            yes
libmp3lame enabled        no
libnut enabled            no
libschroedinger enabled   yes
libtheora enabled         yes
libvorbis enabled         yes
libx264 enabled           yes
libxvid enabled           no
zlib enabled              yes
bzlib enabled             yes

Build it and install it. Now you should have a working ffmpeg encoder.

The third step is to encode the video and lastly, sync it to your iPod.

In this process, I'm going to use the example of "Groovy Dancing Girl" starring "Sophie Merry" from Ireland. She created an Internet sensation with her YouTube video, but now she's become quite famous as a new face on Etam's product lines.

This was a short-enough video to use as an example, but in practice, I'm normally converting 1-2 hour videos found on YouTube for watching on my iPod. Inbox Zero with Merlin Mann is a good example of just such a video.

Let's put all the steps together:

  1. Download the video using youtube-dl. We're going to pass it the -l (that's an 'ell', not a 'one') option so we save the video itself with the original title as it appeared on the upstream YouTube URL.

    $ /usr/bin/youtube-dl -l
    Retrieving video webpage... done.
    Extracting video title... done.
    Extracting URL "t" parameter... done.
    Requesting video file... done.
    Video data found at
    Retrieving video data: 100.0% (   8.81M of 8.81M) at   85.50k/s ETA 00:00 done.
    Video data saved to Groovy Dancing Girl-Sr2JneittqQ.flv

  2. Encode the video using the ffmpeg you just built above:

    $ ffmpeg -i Groovy\ Dancing\ Girl-Sr2JneittqQ.flv -threads 4 -b 604k -ac 1 -ab 256k -ar 44100 -vol 500 Groovy\ Dancing\ Girl.mp4
    FFmpeg version SVN-r13835, Copyright (c) 2000-2008 Fabrice Bellard, et al.
      libavutil version: 49.7.0
      libavcodec version: 51.57.2
      libavformat version: 52.16.0
      libavdevice version: 52.0.0
      built on Jun 19 2008 22:21:44, gcc: 4.2.3 (Ubuntu 4.2.3-2ubuntu7)
    Seems stream 0 codec frame rate differs from container frame rate: 1000.00 (1000/1) -> 29.92 (359/12)
    Input #0, flv, from 'Groovy Dancing Girl-Sr2JneittqQ.flv':
      Duration: 00:03:42.35, start: 0.000000, bitrate: 56 kb/s
        Stream #0.0: Video: flv, yuv420p, 320x240, 29.92 tb(r)
        Stream #0.1: Audio: mp3, 22050 Hz, mono, 56 kb/s
    Output #0, mp4, to 'Groovy Dancing Girl.mp4':
        Stream #0.0: Video: mpeg4, yuv420p, 320x240, q=2-31, 604 kb/s, 29.92 tb(c)
        Stream #0.1: Audio: libfaac, 44100 Hz, mono, 256 kb/s
    Stream mapping:
      Stream #0.0 -> #0.0
      Stream #0.1 -> #0.1
    Press [q] to stop encoding
    frame= 6654 fps=571 q=2.0 Lsize=   18676kB time=221.63 bitrate= 690.3kbits/s    
    video:16489kB audio:2055kB global headers:0kB muxing overhead 0.708581%

    This will give you a video called "Groovy Dancing Girl.mp4", which is of type:

    VIDEO:  [mp4v]  320x240  24bpp  29.917 fps

  3. Now drag this .mp4 video directly onto your iTunes application window to add it to your Video library, and iTunes will sync it to your iPod the next time you connect. Voila!

    If you're solely a Linux user, you can use Songbird (a Mozilla project), or install Amarok (my personal favorite, absolutely blows away iTunes in features).

If you have any questions, contact me or leave your comments here and I'll do my best to help you out.

Good luck!

So many iTunes iProblems and iBugs

Tags: , , ,

iTunes Logo

My wife and I have amassed a very large collection of music over the years from our CDs. I’ve painstakingly ripped all of the CDs to Ogg Vorbis format and mp3 format. There’s rougly 10,000 files on the Music slice of the FreeBSD media array I’ve built for this purpose. It’s big.

She has a 20″ iMac that I bought for her last Christmas and I have several Linux machines and one Windows machine. The Windows machine runs iTunes, while the Linux machines all run AmaroK (which blows iTunes out of the water in functionality and intuitive features).

The Windows machine has an M:\ drive mapped to the Music share on the FreeBSD server via Samba. From here, I can load iTunes and drag all of the albums into iTunes. About an hour of importing, fetching album artwork and conversion later, I have a fully populated library of music in iTunes to work with.


The first problems began when I realized that iTunes doesn’t like having the “My Documents” folder stored on a network share (My Documents → My Music → iTunes is where iTunes stores its Music Library). if iTunes tries to launch at login time, it will barf and truncate the existing music library to create a new, empty, default music library. This means I have to reimport all 10,000 music files again.

Once I realized that, I made sure the My Documents folder was opened (initiating the network mapping) before iTunes attempts to load. Now that part works… but it is still an iTunes bug.

The second problem I found, was that iTunes doesn’t like Samba locking. The music files we have are shared on a tightly locked-down Samba share. This share looks like the following:

        comment         = Music
        path            = /usr/local/array/Media/Music/
        case sensitive  = yes
        writeable       = yes
        guest ok        = no
        browseable      = yes
        locking         = yes
        public          = no
        write list      = @gnu
        hide files      = /.DS_Store/

Note the Bolded portion. If I have locking enabled on the Music share, iTunes won’t allow me to edit the id3v2 tags in the mp3 files. If I disable locking (NOT recommended for a multi-user share like this), then I can edit the mp3 tags, metadata and other pieces.


Thirdly, I tried importing ALL of our music into the iTunes copy running on Windows, and then using the iTunes Sharing option to share that entire music library on the LAN, so my wife’s Mac could see and use it.

They got that wrong too.

When you share one iTunes Library, you basically create a “streaming radio station”, nothing more. This means my wife can’t plug in her iPod and pull music from the shared library to her iPod and load it up. She can only click on music and listen to it while she sits at her Mac.

No iPod functionality with iTunes music sharing. Lovely.

AmaroK 2.0 and KDE4 is soon to be released for Windows and OS X. The sooner that is done, the sooner I can be rid of this broken piece of software called iTunes on the Windows machine and on the Mac. Once we’re all on AmaroK, things will work much better.

Why the iPhone Failed

Tags: , , ,

I love gadgets. I have lots of them.

My role as pilot-link maintainer has me thinking about devices, data, synchronization and plenty of other things on a daily basis. Not a day goes by when I’m not trying to mentally redesign some portion of the datapath between devices.

That being said, the iPhone has created a lot of buzz in the industry. It’s a neat looking device, and has plenty of eye-candy to please the masses, for a short while. I’m sure it’ll do great as a device in the industry.

Apple iPhone

But the iPhone is absolutely useless to me and to anyone but the ENTRY LEVEL Apple customer and userbase. Before you reach for that tomato to throw at me, hear me out…

  1. It has less storage for music than an iPod, and is twice as large.
  2. It does not sync to anything BUT an Apple OS X machine and onboard applications. Can I sync this with Linux? No. Windows? No. FreeBSD? No.
  3. It doesn’t upgrade any existing device (i.e. getting data into it is manual re-entry, which is prone to lots of errors and mistakes
  4. It has a VERY fragile face. Can you stick this in your pocket with your bluetooth headset and keys? Not likely. Can you put it in your bag and not have it scratched/crushed/cracked? No.
  5. Can I share data on it with a non-iPhone user by “beaming” business cards or other datafiles back and forth? No.
  6. Can it run another operating system, other than OS X? Can I run Linux on it? No. (at least not yet, but that doesn’t erase the issues in 1,4 and 5 above.)

While its a neat looking device, so are plenty of gadgets that went exactly nowhere. My Treo680 has more storage, more features, more functions, more stability and more flexibility with support for at least 5 separate operating systems out of the box than the iPhone.

My colleagues who know I love gadgets are asking me when I’ll be getting an iPhone (probably so they can play with it). The answer is a resounding never, until all of the above issues are addressed. This isn’t a Linux statement, this isn’t an anti-Apple statement, this is a usability statement.

My wife has a 20″ iMac that I bought her last Christmas, and she loves it. She also has a 4-gig Nano I bought her the previous Christmas. The two work great together. She also has a flip phone I bought her for Mother’s Day a few years ago.

She admits that her phone has more features than she’ll ever use, and the iPhone isn’t even interesting to her… and she has the optimum environment to use it within.

I’m not sure who they’re targeting, and without any clear, open path to development on the device, I can’t see developers being their target audience.

I think the only people who will covet and buy an iPhone are those who “Just Gotta Have One™”, without really looking at how it misses the target on almost every issue.


  • No replaceable battery. This IS 2007, right? (there are plenty of links describing how to replace it yourself though, but you void the warrantee by doing so.)
  • It has a camera, but can’t record video (my Treos have all done both)
  • Custom headphone jack; can’t use your normal headphones with it.
  • Stereo bluetooth ONLY with the Apple-branded headset(s)
  • AT&T’s “unlimited” plan is not unlimited (read the fine print; you’re limited to 5 gigabytes per-month)
  • Requires switching to an alternate keyboard to get things like commas and other meta keys. By contrast, my Treo has a series of ‘shift’ keys that do the same thing, depending on whether you want numbers, letters, punctuation and so on. MUCH faster with the meta keys than popping up an alternate keyboard.
  • No Flash support (but there is a way around that)
  • No support for non-iPhone headphones (those expensive studio earphones you have? Forget it.)
  • No support for memory expansion cards (SD/MicroSD/CF), when it takes nearly no space to implement it
  • No non-Safari SDK available
  • Capacitive touchscreen, not resistive; no using it with gloves on in colder climates. (Treo wins again here)

And the list goes on. While I think lots of “Must Have It” gadget people will love the device, for real productive or business users, its a lemon.

Bad Behavior has blocked 983 access attempts in the last 7 days.