Recent Posts

1601

Living Room / Re: Are your websites secure? The heartbleed bug

« Last post by Stoic Joker on April 12, 2014, 01:20 PM »

Missing link from Apps article above added here to encourage reading: What Happened When One Man Pinged the Whole Internet.

-Stoic Joker (April 12, 2014, 08:57 AM)

As best as I can tell, that article is almost a year old. And it says "In February last year" which would place the "personal census" he ran in February 2012. Why did he sit on that census for over a year before publishing his results?

Scary, either way.

-Deozaan (April 12, 2014, 12:38 PM)

His attorney probably wanted him to wait to see if any of the LEOs "complaints" turned into charges before he posted what would then be incriminating evidence to the world. Remember the security of the public is far less important than a cop with egg on their face ... Image is everything in a gang...

1602

Living Room / Re: Are your websites secure? The heartbleed bug

« Last post by Stoic Joker on April 12, 2014, 08:57 AM »

Missing link from Apps article above added here to encourage reading: What Happened When One Man Pinged the Whole Internet.

This is precisely why I've always had a dim view of encryption. All of these systems are exposed to the internet soley because people are lead to reflexively thing Encryption =   Magical   Security ... And that is just so far from the truth that it is laughable. Encryption is - or rather should be - a last ditch effort used as a fall back after all other measures have failed. It never has, nor ever will be a front line solution to jack shit.

Outside of a dire emergency requested by scheduled appointment there is no rational justification for control systems to be exposed raw on the public interface of a network. That's just ludicrous. Here's an example: When the support people at WatchGuard wanted to access a customers router to assist with an issue. They asked me to grant access to the configuration interface of the router on the public side a specific and vary narrow address range so they could log in and have a look see. Nobody kicked anything wide open, the interface went from zero allowed, to 10 allowed, and then right back to zero. This is one of many reasons I've become a fan of WatchGuard. The fact that I had zero luck Socially Engineering my way past their support staff (and I'm really good at it) was also a huge point in their favor.

1603

General Software Discussion / Re: Create Local & Cloud copy of the same files on multiple computers & stay synced

« Last post by Stoic Joker on April 11, 2014, 12:48 PM »

If you have a Windows server and Windows clients, why aren't they simply establishing a VPN connection into it? Then a nice simple batch file (example: net use E: "\\server_name\share_name" /persistent:no) or powershell script that maps the drive(s) can be invoked by the user and all should be well.

Or am I just tired and missing something obvious...

---------------------

ADDENUM: I did miss it. Right on the OP. Sorry!

-40hz (April 11, 2014, 11:23 AM)

Actually that one had me baffled out of the gate as well. How the hell is the ISP blocking port 445 inside the tunnel? Raw traffic to the web sure...I can almost understand that one ... But inside the tunnel? ...That's just mean.

Turing them loose inside the real server could be a bad idea.  I would have to lock them down to ONLY that single directory and ONLY being able to copy files from it as needed to upload to the website.  The files get uploaded in batches of 5 or 10 files to a mixtures= of areas so they still need the "middle" area.  As in copy to their drive, then upload an needed.  THEN  delete the copies.  That is the other problem.  In doing it this way, they are "forgetting" that once they have uploaded the files, they need to delete them from their "piles" and start fresh ones.  They tend to name them all kinds of weird folder names and forget what they were. 

They have been putting them everywhere.

-questorfla (April 11, 2014, 07:25 AM)

Two other handy technologies for stuff like this are the Distributed File System (DFS) and Shadow Copies/Previous Versions. DFS allows you to control access to the file system by only displaying the targets you want to see, instead of the whole drive. Granted NTFS permissions can/will keep them out of stuff too. But I find it's better to keep a users options as narrow as possible so they don't get lost/tempted/curious/etc. DFS can also provide access to discontiguous locations in a single virtual space. So even if the files were scattered across 9 different drives and servers, they could still access the allowed portions of all from a single drive mapping. I leveraged the capabilities of DFS to decommission our old file server during business hours, and while 20 people were in and out of the system all day long...nobody noticed the transition. Also the DFS roots aren't writable, which is a beautifully simply of enforcing cleanliness.

On a side note: most of the big multi function printer/copiers these days have a feature the automatically deletes files scanned from it to a share that are older than X time period. I'm wondering if there is something like that for file servers ... 40hz, ideas? I'd hate to have to write the thing myself ... But it is kind of tempting (in a sick evil fun sort of way). *Shrug* Back on Topic!

Previous Version uses/is part of the same Windows System Restore feature we all know and occasionally love or hate depending on how well it's working that day. When enabled (by default) it takes a snapshot of the drive every 12 hours. So if something gets deleted it can be restored on the fly from the Previous Versions tab of the parent folders properties dialog. The snapshot interval is configurable but it isn't recommended to take one more often than once an hour. I usually either go with the default or bump it to 3 times a day. This is also quite handy for those odd moments when somebody deleted something yesterday, so the previous nights backup media is already off site - and 20+ miles away - yet somebody important needs file X right freakin now.

1604

Living Room / Re: Are your websites secure? The heartbleed bug

« Last post by Stoic Joker on April 11, 2014, 07:07 AM »

I'm a bit torn by that techdirt article.

I'm a huge fan of techdirt, but I've also written glowingly of StartCom.

-mouser (April 10, 2014, 05:42 AM)

You sold me on StartCom back them, and I still use/like them (thanks for the tip!).

Using StartCom is a decidedly unpleasant experience -- the website is a throwback to the worst days of the web, and the entire process is frustrating and confusing.

-mouser (April 10, 2014, 05:42 AM)

I do make a point of not being in a hurry when dealing with their site for this exact reason, the site flows about as smoothly as a cement mixer.

Nevertheless, the price and service are remarkable compared to the alternatives I've found.  The ssl certificate industry as a whole feels like it's designed to leach money out of you like a vampire -- and like a club where only the rich can afford to be secure.

-mouser (April 10, 2014, 05:42 AM)

I've never been a real fan of SSL (or encryption in general for that matter). It has always struck me as a magic bullet sales gimmick that encourages bad habits.

StartCom always struck me as a little independent outfit run by one guy who was doing much of it on his own with a small margin.  If so, i think it's unfair to attack them as being corporate bigwigs profiting off the backs of tragedy -- and instead view it as a situation where they may simply not have the profit margin to provide so much help for free.

I really don't see a fundamental problem with charging people a "reasonable" amount to handle certificate revocation.  Just my 2 cents.

When these big giant corporations are ripping people off hand over fist and rolling in money, they can afford to be generous in situations like this and benefit from the public relations coup.  But if you turn to a small independent low-profit-margin ssl certificate service, i think it's unreasonable to expect them to be able to eat such costs.

-mouser (April 10, 2014, 05:42 AM)

From what I saw on a quick skim, they only want 25$ for the revoke/reissue flip ... I really don't have a problem with them covering their costs for a spike in workload. Sure superficially it sounds like an easy task...but it still takes time. And the people who's time it takes don't come cheap.

1605

General Software Discussion / Re: Create Local & Cloud copy of the same files on multiple computers & stay synced

« Last post by Stoic Joker on April 11, 2014, 06:48 AM »

Assuming you have an actual server, have you considered using the Remote Desktop Service (a.k.a. Terminal Services)? The session can connect to the local drive from the remote server, and the whole shebang connects over port 3389. This would also give everyone direct access to the same singular data set so there wouldn't be any need to fret about synchronization issues.

Also the (single purchase) TS licensing is a hell of a lot cheaper than a (reoccurring fee) business internet connection, and the hardware requirements for 4 users ain't to bad either.

1606

Living Room / Re: Robotic Ball Controlled by Anroid/iPhone/iPad

« Last post by Stoic Joker on April 10, 2014, 11:22 AM »

Oh goody, now the kids can go outside and play ball without running the risk of getting any exorcise.

Okay, it's kind of tempting...but I'm pretty sure my dogs would kill it. I'm not entirely sure how they would kill it, but I am reasonably sure they would figure it out ... And I do need the exorcise.

1607

Living Room / Re: Are your websites secure? The heartbleed bug

« Last post by Stoic Joker on April 09, 2014, 01:55 PM »

Well apparently 2008 R2/IIS 7.5 is to old for an A+, but I did get it up to an A...so that'll have to do.

1608

Living Room / Re: Are your websites secure? The heartbleed bug

« Last post by Stoic Joker on April 09, 2014, 11:37 AM »

Thanks guys!

Our 3rd party external network PCI compliance scan (last week) came back fine ...(even though the above tests said we suck)... So these tests are apparently checking much more thoroughly/deeper.

I'm currently trying to get my score above an A-.

1609

Living Room / Re: WinXP is officially dead!

« Last post by Stoic Joker on April 08, 2014, 06:51 AM »

I think these security fears about windows XP no longer being "supported" are way overblown -- keep your internet *applications* updated and don't be stupid, and I think users of XP are going to be safe indefinitely, with nothing to worry about.

-mouser (April 08, 2014, 12:43 AM)

Indefinitely seems a bit optimistic. I'll give it a year before anything really wild happens, because people will initially be trying everything to fortify their now "officially" antique systems...and it takes time to get sloppy. I think anyone out there with a currently known XP exploit will sit on it for at least 6 months - hay there's no rush now... -  to maximize its effectiveness.

MS's almost comical at times harbinger of doom EOL warnings remind my of the Blood on the Highway driver's Ed. films from the 70s. But I've always liked comparing the Information Highway to an Interstate Highway, so... much like back then...some folks get the point, and others just need a good shock to blast them out of their lethargy.

Hell I've still got a few Windows 2000 test systems that I refuse to part with either.

1610

Living Room / Re: Dead Hot Chicks Boost Weather Ratings?

« Last post by Stoic Joker on April 07, 2014, 06:33 AM »

See the bubble headed bleach blond, comes on at 5
She can tell you 'bout the plane crash with a gleam in her eye
it's interesting when people die
give us dirty laundry...

(I for get if that's the eagles, or Don Henley solo)

1611

Living Room / Re: Recommend a 64GB\128GB pendrive

« Last post by Stoic Joker on April 03, 2014, 11:47 AM »

Yes, it's horribly unscientific. But I've found in life that frequently if complex testing and calculation is necessary to decide if something is (that much) better ... The answer is generally no.

For thumb drives I look for something from a trustworthy brand with a deep cap (for protection), that is big enough (to do what I want), and cheap enough (to not break me). I once purchased a Corsair TD with a rubber case that was supposed to be "water resistant" because I was starting to take the bike to work more and rain of course is always a factor in Florida.

The problem was that the shallow cap only just covered the plug on the end. So when I shoved it into the watch pocket of my jeans for quick access, the first time I sat down it cleanly snapped the plug off of the internal board...rendering the drive quite useless. My old at the time PNY TD had a deep cap that slid down over the drive about half way. With it in the same watch pocket it would just stab me in the leg when it slipped out of position...instead of snapping in half. I still have the broken Corsair drive on my desk at home to remind myself why that was a stupid idea.

The Lexar has an excellent cap that also allows it to handle getting wet rather well. The data I keep on it is relatively static, but I do occasionally either back it up (which never takes long), or use it to quickly sneaker net an ISO or other large file to/from the office. As life would have it I frequently end up doing these types of things at the last minute, and so am in a bit of a hurry at the time. This is my version of a real world performance test. Will it take a 3GB ISO fast enough for me to get out the door in the next 10-15 minutes..?

Yes = Good Device
No = Keep it under 20min and I probably won't smash you with a hammer.
Hell No/30Min+ = Somebody (most likely the device). Is. Going. To. Die! 

1612

Living Room / Re: Recommend a 64GB\128GB pendrive

« Last post by Stoic Joker on April 03, 2014, 07:00 AM »

I've had a Lexar 32GB Thumb Drive for a year or so. While I've never bothered to check the exact speed specs, it has managed to be fast enough to not piss me off after a year of usage...and that to me is a pretty good test.

1613

Living Room / Re: silly humor - post 'em here! [warning some NSFW and adult content]

« Last post by Stoic Joker on April 03, 2014, 06:50 AM »

Go Florida! Its just got to be some sort of clue that things have gone to far when the MSM starts protesting itself.

1614

Developer's Corner / Re: How The Most Expensive Game Jam In History Crashed And Burned In A Single Day

« Last post by Stoic Joker on April 02, 2014, 04:00 PM »

That natal idea, and one of the themes central to all 11 developers agreeing to travel to Los Angeles for the shoot, was the production and filming of a game jam for a televised audience (or at least a YouTube audience) with the intent to document the ups and downs of actually developing a game – hopefully sharing that experience with a viewership likely ranging into the hundreds of thousands, possibly millions. More importantly, it would be an opportunity for the group to share the closely-knit spirit of togetherness unique to indie development, presented through the lens of popular YouTube personalities with massive, mostly younger built-in viewerships. A slam dunk, you might say, created in earnest to shine a kind of light into the often misrepresented world of creating… or at least, that's what everyone thought.

-http://indiestatik.com/2014/03/31/most-expensive-game-jam/

That is, it was originally proposed to the developers as a documentary. That's what they agreed to show up for. It wasn't until they actually arrived (or were already pretty invested in it or already agreed to do it) that it changed into the reality TV abomination that it was. Sure, at that point they still could have walked away before signing anything, but most of these people are still relatively young, inexperienced people who were probably somewhat confused and unsure what to do at that point. Just trying to figure out what to make of it all, and if it could be salvaged. And perhaps some of them felt obligated or pressured into it after making a verbal agreement, even though technically at that point they weren't contractually/legally obligated to go through with it.

-Deozaan (April 02, 2014, 02:43 PM)

  As a life lesson, I think this is called the 'Yes it can actually happen to me' factor. Which in fairness probably does fall under 40's use of the word naïve ... but that doesn't quite entirely convey the whole consumed by the machine reality of what happens in the real world's reality. I'm thinking old school carnival midway level pressure here...nobody get's to leave unless they're flat broke.

1615

Developer's Corner / Re: How The Most Expensive Game Jam In History Crashed And Burned In A Single Day

« Last post by Stoic Joker on April 02, 2014, 11:55 AM »

To me, it seemed the devs had won their battle - and had the show people groveling - but then consciously decided to let the whole thing go down in flames to hammer home their point. That seemed excessive to me.

-40hz (April 01, 2014, 05:57 PM)

So a group of people prone to and known for taking pride in their work, decide not to allow it and themselves to become a reality TV circus mockery. I'd say they didn't go far enough. But then again I get furious every time I see yet another pablemic swill of nonsense being foisted on the public in the name of reality TV. I dare say that this idiotic trend of frenzied emotional masturbation has damaged the human race by stilting its emotional development to the point that it will send ripples through generations for the next 300 years.

I think that if the production company responsible had gone bankrupt overnight it would be a fair measure and effective warning to other Reality TV types. That there really are some things in life that just do not need to be liberally seasoned with over the top bullshit drama. So stop treating the population like a bunch of high school level affirmation whores that need constant reassurance - usually by the belittlement of others - to feel O.K..

1616

General Software Discussion / Re: Help please! - Unable to install MS SQL Express 2012 on laptop.

« Last post by Stoic Joker on March 30, 2014, 08:31 AM »

from my experience, dotnet runtimes are easily broken and a repair/reinstall might help. the following links are useful and i have used them in the past.

• http://blogs.msdn.co...eshooting-guide.aspx
• http://singularlabs....osoft-net-framework/

-lanux128 (March 29, 2014, 11:06 PM)

I'm going to +1 this just to draw a bit more attention to it. I've been quietly watching this thread for awhile because I haven't had a lot of SQL installs go bad, so didn't have much to add. However I have been wondering about exactly this, as I have seen .NET flake out and cause all sorts of havoc, which necessitated ripping it out by the roots and starting over. I suspect that the removal tool - one of my favorites - is well worth exploring as it has gotten me out of several tight spots much like what is being described here.

1617

General Software Discussion / Re: Repairing Windows 7 from the recovery console

« Last post by Stoic Joker on March 29, 2014, 09:00 AM »

OEM's Self activate based on the (oversimplified short explanation) default install key matching the BIOS ID. If you use the Dell disk to install on an HP, activation will initially fail because the above won't match. However if the HP has a legible COA, or you can recover the system hive and read the key from that. Then you can enter that key and the machine will activate just fine (assuming the editions match of course).

If you move the installed and activated (on a Dell) HDD to an HP (or anything else for that matter), it will blow the activation ... So that exorcise is a bit pointless (baring time and curiosity).

1618

Living Room / Re: silly humor - post 'em here! [warning some NSFW and adult content]

« Last post by Stoic Joker on March 28, 2014, 06:53 AM »

(see attachment in previous post)

-crabby3 (March 28, 2014, 05:53 AM)

Okay, now that's funny!

1619

Living Room / Re: silly humor - post 'em here! [warning some NSFW and adult content]

« Last post by Stoic Joker on March 27, 2014, 05:51 PM »

I am not going to Google ^that^ ... Ignorance here, is truly blissful.

1620

General Software Discussion / Re: Microsoft: All your data are belong to us.

« Last post by Stoic Joker on March 27, 2014, 05:47 PM »

Last week, it was revealed that Microsoft had examined the Hotmail/Outlook.com emails of a blogger, who was NOT a Microsoft employee, in order to find who had leaked confidential information to that person.

It seems this is legal because, under Microsoft’s terms of use, the company has the right to examine any user’s data for any reason they see fit.

This is very different from data mining user data to sell advertising, and it makes me wonder why anyone in their right mind would consider using Office 365 for any reason at all.

-xtabber (March 27, 2014, 03:59 PM)

Unless you're using your own server, you're deluding yourself if you think that unencrypted e-mail isn't subject to the same things.  Even if you *are*, you're still subject to it from anyone that you've sent it to.

E-mail is an inherently insecure medium.  And any expectations of privacy are just that- expectations that the services go along with... until it's not expedient to do so.

-wraith808 (March 27, 2014, 04:32 PM)

+5 - Yepper, if you make the mistake of being interesting...you're hosed no matter what you do. Server to server transfers are - straight port 25 protocol default - never encrypted. So the last mile SSL connection placebo that sheeple keep flocking to is nothing more than a sick/sad joke. The ABCs (with ears to the backbone) know exactly what they're looking for long before anyone decides to sort though your knickers.

1621

Living Room / Re: A three drive system - the sweet spot

« Last post by Stoic Joker on March 25, 2014, 11:32 PM »

I don't have the en-erg-y for this game, but I'm dyne to try.

1622

General Software Discussion / Re: Microsoft Word under attack. Don't open RTF files!

« Last post by Stoic Joker on March 25, 2014, 10:21 PM »

Looks like all of them to me...although one mitigation they didn't clarify is that of you set the .rtf association to WordPad, you're ok (or at least appear to be so far..).

-Stoic Joker (March 25, 2014, 05:15 PM)

Or LibreOffice/Notepad2/KingsoftWriter/other?

-TaoPhoenix (March 25, 2014, 09:20 PM)

True, but I'm looking at/for something that is lite, fast, and native. WordPad is already there by default and quick enough, which is why I use it and .rtf for all the server documentation on our cloud system ... As there is no way in hell I'm installing Office on any of the host servers.

1623

General Software Discussion / Re: Microsoft Word under attack. Don't open RTF files!

« Last post by Stoic Joker on March 25, 2014, 06:56 PM »

Ya know...if they could just let wordprocessors process text, and email readers just read email, and not web-enable or otherwise implement all these ancillary capabilities into them...things might become less risky. Seriously, why does everything have to behave like a portal these days?
 

-40hz (March 25, 2014, 05:25 PM)

Damn Straight and Amen to that.

1624

General Software Discussion / Re: Microsoft Word under attack. Don't open RTF files!

« Last post by Stoic Joker on March 25, 2014, 05:15 PM »

I'll save you some time reading:

Affected Software

Microsoft Word 2003 Service Pack 3
Microsoft Word 2007 Service Pack 3
Microsoft Word 2010 Service Pack 1 (32-bit editions)
Microsoft Word 2010 Service Pack 2 (32-bit editions)
Microsoft Word 2010 Service Pack 1 (64-bit editions)
Microsoft Word 2010 Service Pack 2 (64-bit editions)
Microsoft Word 2013 (32-bit editions)
Microsoft Word 2013 (64-bit editions)
Microsoft Word 2013 RT
Microsoft Word Viewer
Microsoft Office Compatibility Pack Service Pack 3
Microsoft Office for Mac 2011
Word Automation Services on Microsoft SharePoint Server 2010 Service Pack 1
Word Automation Services on Microsoft SharePoint Server 2010 Service Pack 2
Word Automation Services on Microsoft SharePoint Server 2013
Microsoft Office Web Apps 2010 Service Pack 1
Microsoft Office Web Apps 2010 Service Pack 2
Microsoft Office Web Apps Server 2013

-Microsoft

Jesus! Mac too! ...Way to share the love MS (idiots..).

Looks like all of them to me...although one mitigation they didn't clarify is that of you set the .rtf association to WordPad, you're ok (or at least appear to be so far..).

1625

Living Room / Re: silly humor - post 'em here! [warning some NSFW and adult content]

« Last post by Stoic Joker on March 25, 2014, 05:06 PM »

I asked my boss to order us a few of these units, they will come in handy:

Computer Service Tools

-x16wda (March 24, 2014, 06:26 PM)

Why?

-Deozaan (March 25, 2014, 03:40 PM)

Because some people need to learn the hard way.