Go Away Windows 10

I ran Windows 10 on one of my laptops for awhile.  It looks nice.  It also has major problems, including privacy concerns and the inability to truly stop/delay update delivery and installation.  That laptop is now running Ubuntu Mate again.  And for those of us on pre Windows 10 machines, it’s pushy.  I get daily prods to upgrade on machines that I know good and well will either run dog slow or not at all on 10.  My goal now is to make that nag go away.  Here’s my current method. This seems to work on Windows 8.1 and Windows 7.  Your mileage may vary and, as with everything I post, this is all at your own risk.  The screenshots that follow are from Windows 8.1.

Continue reading

Tracking Protection in Firefox – let it help you

By turning on tracking protection in Firefox you’ll not only get some help in blocking sites known to track their visitors, but you’ll reduce your page load time.  Win win!

  1. In the URL/Location bar in Firefox, enter about:config and hit enter.
  2. You’ll get a friendly warning that you’re poking around under the hood.  Promise to be careful to continue.
  3. Search for privacy.trackingprotection.enabled and set it to True.

That’s it!

App Pools Gone Mad!

IIS.  I’m not a fan.  But it’s a requirement where I work, so there you go.  Occasionally one of our IIS servers will slow to a crawl or stop responding altogether.  Often it’s a application pool run amok.  An app pool is essentially a container that holds the processes of a web application.  And if your web application isn’t written well, and doesn’t have decent controls in it, it can go nuts.  If someone can, say run an open ended database query with the potential to return a bajillion records because your app doesn’t disallow this sort of irresponsible behavior, the app pool containing that process is going to fill. And fill. And fill, eventually gobbling all  your processor cycles. An easy way to discern this is if the process w3wp.exe is pegging your CPU at 99%.  Find this in Task Manager.

Continue reading

Active Directory Account Lockout – Creation – Deletion – Disable monitoring

We’ve used a variety of third party tools to monitor Active Directory domain account changes.  They’ve all either been expensive or kind of sucked (or, unfortunately, both).  But if you’re running a relatively new OS on your controller you can use the magick of Powershell to ship you alerts on account changes!  Powershell can monitor the local Security Event Log on your controller and ship you an email when events matching your description are entered.  Here’s an example Powershell script:

Continue reading

USB Game Controllers and Windows 8

Once upon a time, long ago, I had an Unreal Tournament problem. The problem was that I was playing too much Unreal Tournament. So I gave it up and, since then, haven’t played games much at all.  Recently, however, I found myself pet sitting a puppy that needed to be kept in a confined space, eg: my office, and needed company, eg: me, so I grabbed a game I’d read about: Guacamelee.  And I had some Nintendo style knockoff controllers laying around from having built a Raspberry PI MAME machine for fun.  I installed the game, plugged in the controllers, confirmed Windows saw them, and fired up the game.  It couldn’t see the controller at all.

I did two things to fix this problem.  First, I installed DirectX.  Secondly, I downloaded x360ce, unpacked it into the root directory of the game, renamed the xinput1_3.dll to xinput9_1_0.dll (which is already done for you in the download above), fired up x360ce.exe to confirm it could see the controller, killed it, and fired up the game.  Voila – controller.

Complications Of a Small Town, Pt 1

FoamHand-Skele-Shirt_large

I’m a naturalized ATLien.  I wasn’t born there, or in the south at all, but I lived there from early high school on.  Nearly 30 years, all told.  From there I moved temporarily to Phoenix, another large city.  And from there I moved to my current hometown of Bend, Oregon, population roughly 90,000.  Prior to moving here I anticipated what “small town” life would be, including its difficulties. Limited restaurants, limited stores, limited entertainment possibilities etc.  Among the things a wise person doesn’t do in Bend are purchasing a car. Cars old and new are easily 30% more here.  I’ve debated having a buddy back east flatbed me cars sought after here to resell.  Even with the cost of ‘bedding them I think a decent profit could be turned. Thrift stores here will surprise you as well.  Continue reading

TrueCrypt Open Audit

Phase 2 is done.  Read it here.  The findings summary is basically:

During the engagement, CS [Cryptography Services] identified four (4) issues, and none led to a complete bypass of confidentiality in common usage scenarios. The standard workflow of creating a volume and making use of it was reviewed, and no significant flaws were found that would impact it.

The most severe finding relates to the use of the Windows API to generate random numbers for master encryption key material among other things. While CS believes these calls will succeed in all normal scenarios, at least one unusual scenario would cause the calls to fail and rely on poor sources of entropy; it is unclear in what additional situations they may fail.

Additionally, CS identified that volume header decryption relies on improper integrity checks to detect tampering, and that the method of mixing the entropy of keyfiles was not cryptographically sound. Finally, CS identified several included AES implementations that may be vulnerable to cache-timing attacks. The most straightforward way to exploit this would be using native code, potentially delivered through NaCl in Chrome; however, the simplest method of exploitation through that attack vector was recently closed off.

So basically, unless you’re concerned about the Windows API generation of the encryption key, the last version of TC prior to the developer bailout remains an effective encryption solution.  And TCNext is out there, though they’ve got no new version as yet (7.1 is available there).

Auto Repair and The Web

One of my clients (and friends) hit me up the other day, out of the blue, asking about the value of domain names. He’d been contacted by a squatter sitting on a name relevant to his business.  He called and spoke to the squatter and ultimately agreed to purchase the rights to the name.  Immediately after the call Mr. Squatter began snarfing up any and all other domain names similar to the one he’d just sold and started mailing my friend about them.  His emails sounded technical and official:  “I managed to procure XXXXXXX.com domain name and would like to offer it to you for $150.”

I explained to my client friend that “procure” sounds fancy, but all this dude did was snatch up some domains available out there in the wild for between $8 and $15 apiece, which took him all of 3 minutes and anyone can do, and now he’s marking them up 1000%.

Domain squatting like this is a strange business to be in.  Really all a squatter is doing is making a living taking advantage of the ignorance of non-technical people.  I imagine that successful squatters fancy themselves clever.  Beats accepting the truth, which is that they’re sleazy.  I associate squatters with shitty auto mechanics and shitty home contractors.  We all know a story about a mechanic or a contractor that told someone something completely untrue to use their ignorance to try to rip them off.

My own story is this:  as a kid I owned a Datsun 310gx manual (which I dearly wish I still had, but I totaled it).  It was having trouble getting into 2nd gear so I took it to a mechanic who told me that the transmission needed replacing and it was gonna cost me somewhere around $450.  That didn’t sound right based upon my driving experience, and I didn’t have the money regardless, so I took my car back.  A friend recommended a different mechanic, who within 10 minutes diagnosed my problem and said “You need a clutch adjustment.”  Less than a half hour later my car was ready and I think I paid the guy $25 for the fix.

Domain squatters make their money being that first mechanic. And just like that first mechanic does to the second, they make all of us people trying to make an honest living on tech look bad.

Cisco VPN Command Line

I work remote, and use the Cisco VPN client to connect to the network.  There’s a timeout set on our concentrator that gives me the boot every day.  It’s a minor annoyance to be sure, but still.  It’s no fun being deep in thought on a server only to be unceremoniously kicked from the network.

So I’ve been fiddling with the command line interface of the client, to see if I can cobble together a script I can schedule to log me out and back in on my time frame rather than that of the concentrator.  Here’s what I’ve come up with so far.

"%programfiles(x86)%\Cisco Systems\VPN Client\vpnclient.exe" disconnect

@echo y | "%programfiles(x86)%\Cisco Systems\VPN Client\vpnclient.exe" connect %1 user %2 pwd %3 nocertpwd stdin

The first line disconnects the current connection (if already disconnected the script continues gracefully).  The second line needs 3 arguments fed to it in this order: profile, username and password.  the @echo y | exists because the concentrator I connect to has a disclaimer splash that requires a Y response to bypass in order to fully establish the connection.

Thus far my only problem is I’ve not found a way to suppress the client GUI window that appears when the disconnect occurs.

PCI\VEN_8086&DEV_29D4&SUBSYS_281E103C&REV_02

Rebuilding an old HP dc5800 to Windows 8.1 64 and a pesky PCI Simple Communications Controller can’t find its driver.  Its hardware id is:

PCI\VEN_8086&DEV_29D4&SUBSYS_281E103C&REV_02

Googlin’ turns up lots of dead links.  It’s the Intel Management Engine Interface, and here is the driver.

Yeah, I know the title of this post overruns the right column.  I figure by having the hardware id be the post title it will be easier for people in need to find, so I’m leaving it.