The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

    Mastodon

  • Twitter Updates

  • My Flickr Stream

    20140508-Delphi-2007--Project-Options--Cannot-Edit-Application-Title-HelpFile-Icon-Theming20140430-Fiddler-Filter-Actions-Button-Run-Filterset-now20140424-VMware-Fusion-6.0.3.-no-reclaimable
    More Photos

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 4,262 other subscribers

Archive for April 13th, 2014

More OpenSSL and certificate things (in the aftermath of Heartbleed)

Posted by jpluimers on 2014/04/13

So you think Heartbleed is over. Think again. Not only servers are affected. Clients too. And you need to tighten your security even more.

Basically it comes down to this:

Expect all sites using HTTPS to have been vulnerable, and all data you exchanged to be captured. Unless you can have hard proof they were not vulnerable, or the traffic was not captured. If you have not started changing passwords, private keys, credit card numbers, etc: do so now.

and

In layman’s terms/pictures: xkcd: Heartbleed Explanation.

If you still don’t get it: anyone with any HTTPS connection to a once vulnerable system could copy data out of that system. There is no guarantee that data did not contain your identity (username, password, public key, credit card check-digits, etc) or server identity (private and public key).

Since often you cannot prove a system was using OpenSSL, there is no way to prove your data didn’t get copied.

Here are some interesting reads from last week:  Read the rest of this entry »

Posted in OpenSSL, Power User, Security | Tagged: | 1 Comment »

Need to check this for my ThinkPad W701: How to Fix Windows 8.1 Slow Performance Issues

Posted by jpluimers on 2014/04/13

Whereas Windows 7 was really fast, Windows 8.1 on my ThinkPad W701 is very slow in an erratic way.

Need to check out this:

Windows 8.1 proves to be extremely slow on their computers, with Microsoft yet to address the problem with a workaround or a patch.

According to some posts on Microsoft’s Community forums, this is mostly happening on Lenovo laptops and the fastest way to deal with performance issues is to uninstall the “Intel Dynamic Platform and Thermal Framework” from the device manager.

In addition, you need to access the BIOS menu and in the “Configuration” screen, make sure you disable the DPIF option to turn it off completely until Microsoft comes up with a fully-working fix.

–jeroen

via: How to Fix Windows 8.1 Slow Performance Issues.

Posted in BIOS, Boot, Power User, ThinkPad, W701 | Leave a Comment »

Android 4.1.1 Devices are Vulnerable to Heartbleed

Posted by jpluimers on 2014/04/13

Whereas the OpenSSL heartbleed vulnerability investigations initially were aimed towards servers, over the last few days the client side got more attention.

Ouch. This might count for more than 30% of the Android devices out there: Android 4.1.1 Devices are Vulnerable to Heartbleed.

Time to check which Android version your device is running.

The @Lookout security firm did some statistics and published them on Twitter:

Detector app data: Germany has the most affected phones at 12.46%. Check out our geographical break down: Read the rest of this entry »

Posted in OpenSSL, Power User, Security | 1 Comment »

7zip on ESXi through p7zip

Posted by jpluimers on 2014/04/13

A while ago, I wrote about getting rsync on ESXi: ESXi 5.1 and rsync – damiendebin.net.

Now I needed [WayBack7zip on ESXi to make sure I could test unpack some 7zip archives.

This turned out much easier than I thought, thanks to [WayBack7Zip for ESXI | Vladimir Lukianov: Заметки who pointed me to the [WayBackP7ZIP project. P7ZIP actually created three things:

  • p7zip (a POSIX 7zip),
  • J7ZIP (a Java port of 7zip)
  • java_lzma (the Java port of the [WayBack7zip lzma SDK which had the first implementation of [WayBack] lzma).

Here are the full steps to get 7zip on ESXi 5.x:

Read the rest of this entry »

Posted in *nix, *nix-tools, ESXi4, ESXi5, ESXi5.1, ESXi5.5, Linux, Power User, SuSE Linux, VMware, VMware ESXi | Tagged: , | 3 Comments »