Noting this here in the hopes that it will be useful for somebody (or even me :)) in the future, since it took me longer than I expected to figure this out.

Scenario: you have a Google account with entries in Google Calendar that you would like to see on your iOS device (iPad / iPhone). Some (well, many) sites suggests that you need to install Google Calendar on the device. This is in fact not necessary!

All you need to do is to link your Google account with the native iOS Calendar App by going to Settings > Apps > Calendar and under “Accounts” add your Google Account. È voilà! That’s all folks! Hat tip to this article for reminding me about the procedure.

PS. You might need to do an additional step for the shared calendars, as described by Scott Hanselmann here: go to https://www.google.com/calendar/syncselect and select the calendars you want to be sync-ed to the iOS devices. I’m not sure if this is needed, since I’ve done it several years ago and it was already enabled when I recently set up a new iOS device.

PS. PS. There is now a new option for ad blocking for iOS devices that is well worth considering: uBlock Origin Lite for iOS.

Image taken from John Davey’s Flickr album with permission.

To start with: good ad blocking is the best one can do for their security / privacy online these days!

For a long time adblocking on iOS devices (iPad / iPhone) was limited. One could use DNS based blocking (Pi-Hole or NextDNS are good options), but many advertisement circumvent these blocks. There was AdBlockPlus which worked well, however:

• I feel uneasy about the company behind it given past behaviour
• Even today, when installing on iOS, ABP forces the user to activate their subscription for a 7 days free trial and then one has to dig through the settings to deactivate it – less one gets charged after the 7 days
  • For reference, the setting is under Settings > Apple Account > Subscriptions
• Ad blocking extensions have full access to the content of the websites you’re visiting (by necessity – since they have to remove part of it). I’m not comfortable with giving this company access to everything I visit / type in to a browser.

There is the current gold standard in adblocking – UBlockOrigin – however it’s not available for Firefox under iOS due to some dubious practices of Apple (Apple makes it so that you can’t really install alternative browsers on iOS – all the “alternatives” are actually reskins of Safari – so Firefox for iOS can’t support the Firefox extensions, less it gets banned from the AppStore – hopefully the EU will look into this anti-competitive practice and make it end soon).

So, I was excited when I’ve learned that uBlock Origin Lite is available for iOS: https://apps.apple.com/us/app/ublock-origin-lite/id6745342698

Some thoughts:

• first and foremost: it works well!
• second: it’s free – although I would like to provide some support for the author, they don’t seem to be interested in it currently. So here I am at least spreading the news about it.
• third: I trust this extension more since it has a long reputation of being trustworthy and it’s F/LOSS.
  • Sidenote: Apple doesn’t provide a way to verify that the source code published is the same as was used to build the binary in the AppStore like f-droid does for example – but maybe one day.
• what I also liked: theoretically it also has a minimal mode which doesn’t require access to the current website (see my concerns above about this kind of software). Unfortunately that doesn’t seem to work on the websites I frequent, but maybe it could be used in some situations where higher situations are needed.

And the setup:

• Install it from the AppStore
• Open Settings. Navigate to Safari -> Extensions
• Turn it on (optionally for private windows also)
• To avoid constant prompting, set the websites to “allow all” (the last option on the page)

Enjoy a safer, more private and faster browsing!

Update: also, don’t forget to disable the Advertising ID on your devices. Here is an EFF tutorial about how to.

Noting this here because all the information I could find on the Interned told me “use MakeMKV for it”. And while MakeMKV seems like a fine product, it’s a bit harder to install, since it doesn’t seem to be packaged for Debian at least. I still gave Handbrake a try (since it is packaged for Debian) and lucky me, it turns out it does work with BlueRay disks.

Now, the following instructions are a bit fuzzy, since I used a bit of a round-about way to achieve this, but here is what I did:

• Installed VLC (just from the repositories, nothing fancy)
• Made sure that it could play BDs
  • It was giving the error “Missing AACS configuration file”. Luckily this askUbuntu answer pointed me in the right direction (and worked for Debian 13)
• Once VLC could play back the BDs, turns out Handbrake could also read them!

Since this is short and sweet, here is an extra tip, courtesy of /r/linuxquestions: how to update the chapter names after encoding? Turns out ffmpeg can do it (què surprise :)):

$ ffmpeg -i movie.mp4 -f ffmetadata movie.metadata.txt
# edit movie.metadata.txt
$ ffmpeg -i movie.mp4 -i movie.metadata.txt -c copy -map_chapters 1 movie_out.mp4

(image taken from bluecinetech.co.uk with permission under a CC license)

It’s a very useful little fanless (!) machine. The DisplayPort outputs even support HDMI-CEC when connected to a TV, out of the box. Don’t forget to update the TPM chips if you get one of these nice machines.

It was fun to see

I’ve picked up a Lenovo Yoga 370 because (amongst other features) it has a removable / upgradable RAM slot (yes, two slots would have been even better :)). You can find various sources (including ChatGPT) claiming it to be 16GB, however, if we look up the processor for this particular model on the Intel website, we’ll see that it supports up to 32GB. And indeed, here is the laptop, happily passing memtest86+ with a 32GB module (specifically this one):

In the same vein, Asus claims a maximum of 2x16GB for their Q170T, however the Intel website says 64GB should work with the i5 processor that’s in the machine, and indeed, here is a machine with 64GB happily passing memtest86+:

The lesson is: processor specs are more relevant than (in)official documentation when determining the maximum supported RAM size.

(the combination is in the password manager)

At this point in my life I’m lucky enough that I have some expendable income. So here are a couple of organizations / individuals I donated to recently – maybe this will inspire you dear reader to also donate some – if you have the means to do so:

• Firefox extensions:
  • A good source for people / projects / organizations to support is people / projects / organizations I use daily. So I checked about:addons and made some donations to the following:
  • Cookie Auto Delete (donation link) – reduce the amount of tracking websites are able to do.
  • NoScript (donation link) – a good security suite, and hopefully a way to encourage developers to not use JavaScript for basic features that are already available with HTML. Using basic HTML where it suffices has many, many advantages (more performant, uses less battery, more accessible for screen readers, easier to crawl and thus find by people, etc). That said, NoScript is a tool I would only recommend advanced users.
  • SponsorBlock (donation link) – many ethical discussion here to be had about “peddling unverified claims about random products” vs. “a man has to eat”. Maybe another time.
  • Decentraleyes (donation link) – Reduces tracking potential (and maybe also speeds up websites by keeping the files locally)
  • Some more meta-level thoughts about Firefox and extensions:
    • it’s great that Firefox exists. Then again, the organization itself seems to be captured at the moment who want to push all kinds of different agenda and put the mission of an independent, trustworthy browser at risk. Also, I’m not donating to them, because apparently their CEOs argument for their compensation was “but look how much all other CEOs are making” :(.
    • It’s surprising / worrying / inspiring how these great extensions are run by a very small amount (sometimes a single) developer.
• WinRAR – not strictly a donation, but after many years of using it directly / indirectly, I purchased a license. I started using RAR back in the DOS days, where I used to marvel at their advanced user interface, features (such as splitting the archive into parts to fit on floppies!) and great compression ratio (compared to PkZIP, ARJ, LZH and the likes).
  
  (image source: archive.org)
• exiftool.org – a great piece of software whether you want to add metadata (for better organizing your collection for example) or remove it (so that random people can’t physically find me)
• IrfanView – a great little piece of software for image viewing / batch manipulation (such as resizing, format conversion, etc) developed by a single developer. Also, used the “plugin” concept, which I found (and still find) really cool. Just like in Winamp, foobar2000, FAR manager, Win(Total)Commander, etc.
• publicdomainreview.org – this site comes up on HackerNews from time to time, most recently with their “What Will Enter the Public Domain in 2025?“. I’m staunchly convinced that the current copyright regime is largely a power play to enrich the rich and does very little to actually “promote the Progress of Science and useful Arts”. So, I always celebrate when more things go into the public domain.

Somewhat related: my employer also offers a generous gift-matching program (so, anything I donate is doubled up to $10k per year – for certain “verified” organizations), and so I donate monthly to these fine organizations:

• fsfe – aka. the Free Software Foundation Europe
• Signal Technology Foundation
• the Freenet project
• the Document Foundation
• debian.ch
• Software Freedom Conservancy
• Electronic Frontier Foundation
• Internet Archive

And a bunch of other, non-technology charities that help different groups of people in need.

There are also some projects I would have liked to donate to, but couldn’t figure out how:

• 7-Zip – a great archiver (even though there are some controversies around the project lead). It was nice having to legal solution, instead relying on cracked versions of WinRAR. Unfortunately I couldn’t find a way to donate to them (I only found an outdated reference showing that it was possible at one point).
• uBlock origin – most marketing by definition is a scam (because, if the product was useful, people would actually be looking for it). And frequently it’s a much more direct scam (as in non working products, products that can actually hurt you or rouses to take your money). Ad-blocking is a must in todays world.
• Rufus – for easily creating bootable USB sticks. The author doesn’t take donations, but recommends donating to the FSF. I already donate to fsfe (see above), hopefully that counts
• Dos Navigator – after Norton/Volcov commander, DN was amazing! And I still haven’t figured out how they did some of their screensavers! (here is a recording of several of the screensavers, but it’s missing the one that I’m thinking of – the red/green/blue cylinders with gradients that mix between themselves and with the foreground – all this on a VGA card). Turns out you DN is freeware today!
• FAR Manager – is the evolution of DN for the Windows and beyond era. Long file name support! And plugins! And all of this for free and open source.

• Installing anything other than ChromeOS on it requires complex fiddling (including reflashing parts of the firmware from “some random website” on the internet) which maybe will void your warranty and has a non-trivial chance to brick your box
• With all the respect to the people creating the custom firmware: it’s a hobby for them, and it shows (again, it’s a great thing they are doing, just setting expectations here). For example, I can’t set a BIOS password. Also, even though SecureBoot is half-working (as in, when it’s enabled, it refuses to run MemTest because it’s “unsigned”), Ubuntu still can’t use the TPM to encrypt the disk.
• Finally, the hardware support is probably less than stellar. For example I couldn’t get HDMI audio out to work. It may be related to the driver (here is a tweak I didn’t try yet) or I might need to get a HDMI audio injector (or two). Oh, and the Ubuntu install just managed to corrupt itself. I didn’t have time yet to do a reinstall and try diagnosing it…

That said, here are the cliff-notes:

• Enable developer mode – this will wipe your device!!
• Shut down the machine. Disassemble it (here is my iFixit guide showing how to) and carefully short the write protection jumpers, as shown here: https://docs.mrchromebox.tech/images/wp/Duffy_wp_jumper.png
  • Make sure that the paperclip is not pushed through too much, such that it shorts to the metal shield on the bottom
  • This is also a good opportunity to do any SSD/RAM upgrade you might want to do. If you upgrade the SSD, you first need to use a recovery stick (see my iFixit guide).
  • The “remove the battery” mode didn’t work for me. Plus, the battery holder is very flimsy and easy to break! (ask how I know :/)
  • As written in the guide, you can use an USB-C (laptop)charger to temporarily power the box while it’s opened up to make the setup less awkward (because the 19V input jack is on the upper panel you just removed)
• Boot up in developer mode, log in
• Now switch to the second terminal (Ctrl+Alt+F2), login with “chronos” as instructed (doesn’t need a password). Using Ctrl+Alt+T to launch a shell does not work! It will give an error when trying to use sudo:
  The “no new privileges” flag is set, which prevents sudo from running as root.
If sudo is running in a container, you may need to adjust the container configuration to disable the flag .
  Use the second terminal! (Ctrl+Alt+F2)
• Run the commands:
  cd
curl -LO mrchromebox.tech/firmware-util.sh
sudo install -Dt /usr/local/bin -m 755 firmware-util.sh
sudo firmware-util.sh
• Yes, we need to download random scripts from the internet to make this work :(. Yes, the shell script really needs to be copied to /usr/local/bin, we can’t run it from the home directory, even if we try to set the executable bit.
• Choose option 2 (“Install/Update UEFI (Full ROM) Firmware”). On the first run it will talk about disabling software write protect and ask you to reboot. Do so.
• After rebooting log in. Even though you’re able to enter the second terminal (Ctrl+Alt+F2) without logging in, you won’t see the install script! Have a USB stick read to back up the original firmware. Confirm that you can see it in ChromeOS before switching to the terminal.
• Switch to the terminal (Ctrl+Alt+F2). Login as “chronos”. Run the install script again (sudo firmware-util.sh) and choose option 2 (“Install/Update UEFI (Full ROM) Firmware”).
• This time it should run to the end and reboot your box. You can now remove the short on the write-protect pins and re-assemble your chromebox.
• Now you should be able to use an USB stick to install your GNU/Linux distribution of choice. If the box doesn’t seem to want to boot from the USB stick, even after adjusting the boot order, select the “Boot options” (or something similar, I’m writing this from memory – it’s the first menu option) and select the USB stick directly.

That’s it folks!