Our Blog

Ongoing observations by End Point people

Endless OS: A Linux Distro for Kids

Mom & daughter working at a computer

Photo by August de Richelieu

In 2020 some of us had to work from home while taking care of the kids ourselves, as most childcare services are temporarily closed due to the COVID-19 pandemic. In this post I won’t complain about the pandemic, but rather share my experience.

I have installed several different Linux distrobutions for my kids’ desktop computer in the past, but have found it quite difficult to find a balance between strict parental controls and no parental controls at all. Then I came across Endless OS, a Linux distro based on Debian, but with heavy customizations to focus on school from home.


The installation process was smooth and easy. The install image I chose was quite huge though - around 16GB. But given we can just use a USB drive as the installation medium nowadays this should not be a big issue. The installer does not seem to give an option to encrypt my hard disk with LUKS during the installation phase.

Endless OS is powered by OSTree (which is defined as “a system for versioning updates of Linux-based operating systems”) and Flatpak. The default window manager is a customized Gnome. According to the website, “Endless OS uses OSTree, a non-destructive and atomic technique to deploy operating system updates. That means updates can be installed without affecting the running state of the system, making the process safe and robust from environmental factors such as a sudden power loss.”

According to its website, the operating system is free for individuals and non-commercial use up to 500 computers.


Package installation and package updates

We can choose from a couple ways to install new packages (or update them). You can either use the Control Centre, or (if you want to install remotely) the command line. Although Endless OS is based on Debian, the apt command does not work here. Instead you can use Flatpak, with commands like flatpak install <package name>. Flatpak assists the user when installing a new package. For example...

linux kids

Creating a Messaging App Using Spring for Apache Kafka, Part 4

Kursat aydemir

By KĂĽrĹźat Kutlu Aydemir
January 14, 2021

Spring-Kafka Photo by Daniel Tran on Unsplash

This article is part of a series. The GitHub repository with code examples can be found here.

After a long break from this series let’s keep moving further.

Let’s configure and prepare the WebSocket session pool. As we go through some custom operations like authentication and storing messages on the time of socket messages and sessions received, we need to create a WebSocketHandler for WebSocket configuration. When a WebSocket session message is received we’re going to send the message to a Kafka topic. In order to achieve this we need to define our WebSocket message handler MessageHandler and Kafka message producer MessageSender. We also need a session pool WebSocketPool so we can manage the client sessions.


package com.endpoint.SpringKafkaMessaging.websocket;

import org.springframework.web.socket.WebSocketSession;

import java.util.HashMap;
import java.util.Map;
import java.util.Set;

public class WebSocketPool {
  public static Map<Long, Set<WebSocketSession>> websockets = new HashMap<>();

WebSocketPool holds client sessions in a map of <user_id, <set of WebSocketSession>>. This map allows multiple sessions for one user, ensuring it will work from multiple client applications.


package com.endpoint.SpringKafkaMessaging.websocket;

import org.springframework.web.socket.WebSocketSession;

import java.io.IOException;

public interface MessageHandler {
  public void addSessionToPool(Long userId, WebSocketSession session);
  public void sendMessageToUser(Long userId, String message) throws IOException;
  void removeFromSessionToPool(Long userId, WebSocketSession session);


package com.endpoint.SpringKafkaMessaging.websocket;

import org.springframework.stereotype.Service;
import org.springframework.web.socket.TextMessage;
import org.springframework.web.socket.WebSocketSession;

import java.io.IOException;
import java.util.HashSet;
import java.util.Set;


java spring kafka spring-kafka-series

Cesium KML-CZML Editor

Dmitry kiselev

By Dmitry Kiselev
December 21, 2020

Image 00

End Point’s immersive technology team is happy to present a great new tool for the rapidly growing Cesium community: Cesium KML-CZML Editor. The editor gives users the ability to visually and dynamically edit KML and CZML in its Cesium browser window. Updates made with it can be exported at any time to CZML, the native markup language for Cesium.

The Cesium KML-CZML Editor addresses an important but hitherto unaddressed need of the Cesium community: It provides an intuitive interface for making adjustments to fix the many inconsistencies with how KML created for (and often by) Google Earth appears on 3D maps rendered with Cesium. It is a powerful tool for converting and adapting KML for Google Earth into CZML that displays nicely in Cesium. The editor also works as a visual editor for creating and editing CZML, regardless of whether you’re converting from KML.

The inconsistencies with how Cesium displays KML created for Google Earth are due to occasional differences between how Cesium and Google Earth render KML when various attributes aren’t specifically set within a given instance of code. The situation is similar to how web browsers sometimes interpret given instances of HTML differently. Just as with HTML, KML doesn’t require every attribute to be defined in a given instance of markup code.

Image 01

On the left side we have the editor toolbar, and on the right side the Cesium globe showing loaded or created entities the way they would appear in Cesium.

The Editor Toolbar consist of the following areas:

  • File Import: you can load KML, KMZ, CZML and GeoJSON formatted data, and you can load multiple files to combine them into one CZML document.
  • Creation tools.
  • A list of uploaded or created entities (will appear after upload or creation of a new entity).
  • The actual editor for entity properties (will appear after entity selection).

Let’s start with a very basic example of highlighting a building by marking it with a pin in Google Earth:

Image 02

Now let’s move the camera...

cesium google-earth gis open-source

Media erasure in the time of SSD

Ardyn majere

By Ardyn Majere
December 10, 2020

Garbage Photo by Alex Fu from Pexels

How valuable is your data? Losing it to a third party is usually a business’s worst nightmare—​and can cause legal or even criminal repercussions, depending on the drive’s contents and the business’s jurisdiction.

Every system adminstrator worth their salt knows that running “rm” (or equivalent delete operations) doesn’t actually remove data, it simply removes the file name from the filesystem and leaves the data in place on the disk.

When dealing with traditional storage, destroying (intentionally or otherwise) your data used to be relatively easy. A wise system admin could simply run:

shred /dev/sda

And be fairly certain of the result. A cautious one might run a demagnetizing wand over the drive. Only the most paranoid might destroy it physically.

The Age of SSDs

Nowadays, most servers have switched away from storing data on rotating metal or glass platters. Solid state drives, or SSDs, are faster, less prone to errors from physical impact, and generally more sought after.

SSDs have issues with speed if the drives are too full, and have a limited lifespan—​only a certain number of write operations can be achieved. This is less of an issue with modern drives thanks to wear leveling built into the firmware of the drives. However, this leads to some issues as well.

Complicated systems introduce issues

Because SSDs manage which blocks of storage they write to, a simple shred won’t do. There could be hundreds of bytes, or even kilobytes or megabytes, of data that the shred doesn’t reach.

Even some “traditional” storage can run into such issues these days. Hybrid drives offer some speed advantages: By leveraging a small amount of SSD storage, these drives save data to SSD first, then write it at slower speeds to the actual magnetic platters. The same issues with SSD storage can affect this cache of data.

So how to be sure?

Ideally, I would recommend using a combination of methods for security. Here are the main methods that...

security storage

Vue 3 is out with exciting new features

Bimal gharti magar

By Bimal Gharti Magar
December 8, 2020

Space Shuttle launch Photo courtesy of NASA

Vue 3 was officially released on September 18, 2020 with improved performance and some exciting new features.

Composition API

The Composition API is one of the most significant changes. It helps with logically grouping related fragments of components. In Vue 2, we used the Options API to pass various options during component configuration:

// src/components/ProductList.vue
  <div class="child">
      <div class="add-product">
        <h2>Add Product</h2>
        <div>Name: <input name="name" v-model="newProduct.name" /></div>
        <div>Price: <input name="name" v-model="newProduct.price" /></div>
        <button @click="addProduct">Add</button>
      <div class="search-product">
        <h2>Search Product</h2>
        <input name="name" v-model="filterText" placeholder="Start typing to search" />
    <div class="list-product">
    <h1>Product List</h1>
      <li v-for="product in filteredProducts" :key="product">{{product.name}}:{{product.price}}</li>

export default {
  data() {
    return {
      newProduct: {name: '', price: 0.00},
      productList: [
        {name: 'Milk', price: 2},
        {name: 'Carrot', price: 12},
        {name: 'Sugar', price: 8},
        {name: 'Cheese', price: 20}
      filterText: ''
  methods: {
    addProduct: function(){
  computed: {
    filteredProducts: function () {
      if(this.filterText.trim().length > 0){
        return this.productList.filter(p => p.name.toLowerCase().indexOf(this.filterText.toLowerCase())>-1)
      return this.productList;

This component’s functions have several responsibilities, and as the code grows more functions with different responsibilities will be needed, making it more difficult to understand and implement new changes...

vue frameworks javascript

3D Audio Fundamentals

Matt vollrath

By Matt Vollrath
December 5, 2020

Concert hall acoustics Photo by PT Russell on Unsplash

It’s easy to prove to yourself that you need two eyes to perceive how far away things are in the world around you. Shut one eye and the world appears flat. This ability is called stereoscopic vision. A lesser-known exercise is proving that you also need two ears to perceive which direction a sound is coming from. Shut one ear and the world outside your vision is harder to track. This ability is called binaural hearing.

As VR technology continues to push the boundaries of sight immersion with increasing accessibility, sound reproduction has not lagged behind. In fact, the consumer hardware needed for sound immersion has been accessible for decades. By leveraging 3D audio techniques, a pair of headphones can be turned into the aural equivalent of a VR headset.

The magic of stereophonic audio reproduction was first demonstrated in 1881 when French inventor Clément Ader connected microphones on the stage of the Paris Opera to listening rooms in the Palais de l’Industrie through telephone lines, where visitors experienced remote live performances on pairs of receivers. The exhibit was extremely popular and got a glowing review in Scientific American.

The technology began to proliferate in the 1930s after British engineer Alan Blumlein patented binaural sound applications and applied them to cinema, producing sound that seemed to follow actors across the screen. The use of two (or more) audio channels for sound reproduction continued to develop. Today, stereophonic audio mastering and reproduction is the industry baseline.

Stereophonic alone is not the final word in spatial audio. Recording a symphony with two microphones and experiencing it with headphones or stereo speakers is much more immersive than a single microphone and speaker, but much like a 3D movie, it is a window into another world. Advanced 3D audio can deliver the same kind of immersion upgrade as a VR headset over a 3D movie, putting the user firmly inside another world...


Demonstrating the QuickBooks Desktop SDK

Daniel gomm

By Daniel Gomm
December 4, 2020

Rock arch Photo by Clarisse Meyer

Is your client or company thinking about switching to QuickBooks? If so, you might be discovering that migrating your existing financial and sales data out of your old system and into QuickBooks is both time consuming and tedious. You might even have an existing ecommerce site or database with tons of data and no clear way of getting the orders into QuickBooks without manual entry.

Recently I was tasked with solving this problem. Our client needed to migrate data from an existing MySQL database into QuickBooks, and automatically add orders from our ecommerce site directly into QuickBooks going forward.

In this article I’ll go over how to use the QuickBooks Desktop SDK (also referred to as QBFC for “QuickBooks Foundation Classes” in the API documentation) to send and receive data from QuickBooks.

QuickBooks primer for developers

For the uninitiated, QuickBooks is an accounting software made by Intuit. It can be used to manage lots of data, including lists of customers, inventory items, sales orders, and invoices. All of this data is stored in a “company file”, which is a file with a .qbw extension that uses a proprietary data format. This file gets created when setting up QuickBooks for the first time, and may be served to multiple machines across a network depending on the “open mode”.

The open mode determines how the company file can be accessed. In multi-user mode, there is one company file stored in a central location on the network which all users can access. You can use multi-user mode if your license supports multiple users, otherwise you will only be able to use single-user mode. In single-user mode, only one user can access the company file at a time.

There are two methods of communicating with QuickBooks: The QuickBooks Desktop SDK, which I mentioned earlier, and the QuickBooks Web Connector. Both use qbXML, an XML data format that is used to communicate with QuickBooks, and defines tags for each type of request it can process...

csharp dotnet

A great gift for the holidays: No ads!

Ardyn majere

By Ardyn Majere
December 3, 2020

Pi-hole logo

Many people will bring home a pie during the holiday season, but perhaps you’ll find a place in your home network for a Raspberry Pi instead?

With more people than ever working from home, many more people are using their personal infrastructure to conduct business, and aren’t able to rely on a crack team of network engineers to make sure their system is secure. While there are many things one can do to improve network security, from using a VPN to ensuring you update your system, a Pi-hole is one quick, inexpensive way to help keep your network a little safer not just on your phone or laptop, but on every device that connects to your router.

It’s great not only for technical types, but for everyone who connects to your network. You can even set it up with remote access and gift it to a relative, as long as you’re willing to fix it if it breaks. With the holiday season coming up, it’s surely something to consider.

Shut the door with Pi-hole

Pi-hole is an open source DNS server for your local network which blocks advertising and, after adding some extra block lists, some malicious websites.

This is done before the data even gets downloaded, by redirecting requests for ads and garbage to a blank page, which means your internet will be faster as well as safer—this is especially important if you’re sharing networks with spouses and kids. It doesn’t rely on any client-side software, either, so it works regardless of platform, even on some smart TVs and apps. (Remember to support the websites and apps you use by other means if possible, though!)

In addition to securing your network by allowing you to block malware, there’s an optional step that you can take to secure your DNS entirely: Encrypted DNS. With this, you can stop your ISP or any other entity from not only tampering with your DNS results, but seeing them at all. It won’t stop state actors, but it should help keep your browsing data from being sold.

Here’s some example stats from the author’s home. This...

linux security networking
Page 1 of 192 • Next page

Popular Tags


Search our blog