The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

    Mastodon

  • Twitter Updates

  • My Flickr Stream

    20140508-Delphi-2007--Project-Options--Cannot-Edit-Application-Title-HelpFile-Icon-Theming20140430-Fiddler-Filter-Actions-Button-Run-Filterset-now20140424-VMware-Fusion-6.0.3.-no-reclaimable
    More Photos

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 4,152 other subscribers

Archive for September, 2014

« Previous Entries

NTCore: interesting site about about system internals and software security

Posted by jpluimers on 2014/09/30

I recently bumped into the NTCore website by Daniel Pisti.

At a client without my own VMs, I wanted to create a DebugBreak like function in Delphi, which I remembered from my Turbo Pascal days to be something like Inline($CC). So searching for both Delphi and INT 3, I found an EXE injection page at NTCore.

In Delphi, you can do this with a procedure like this, which cannot be inlined because it has an asm block:

procedure DebugBreak();
asm
  int 3
end;

(Reminder to self: sort out what to do here to break on an iOS device; Xcode has an alternative)

The site has information about system internals and software security posted as articles until 2009,  when he switched to blog posts. Besides that, he has written a bunch of interesting articles at CodeProject. Read the rest of this entry »

Posted in Delphi, Development, Pascal, Power User, Software Development, Turbo Pascal, Windows, xCode/Mac/iPad/iPhone/iOS/cocoa | 3 Comments »

HTTPS blessing and curse: Security Collapse in the HTTPS Market – ACM Queue

Posted by jpluimers on 2014/09/29

Funny to discover these two articles today:

–jeroen

Posted in https, Power User, Security | Leave a Comment »

Finder: maybe the best free duplicate file finder program (via: Mac-Forums Discussions)

Posted by jpluimers on 2014/09/29

Every once in a while you’re looking for a solution to a problem, and slap yourself to the head that you’ve been overlooking a real obvious solution.

This case: finding duplicate files on Mac OS X.

pendlewitch had this great tip: use the Finder!

You can do this in Finder for free, it’s a bit time consuming but if you’ll get them all eventually.

  1. Open a new Finder window
  2. In the search field, enter the wild card asterisk symbol *
  3. Arrange by Size

I find it best in List view.

Prepare to be gobsmacked at how much duplication you do have.

I totally agree with his last sentence (:

–jeroen

via: Best Free Duplicate File Finder Program – Mac-Forums Discussions for Apple Products & Services.

Posted in Apple, Mac, Mac OS X / OS X / MacOS, Mac OS X 10.7 Lion, MacBook, MacBook Retina, MacBook-Air, MacBook-Pro, OS X 10.8 Mountain Lion, Power User | 4 Comments »

Solution for opensuse 12.2: yast “System Services (Runlevel): Services” very slow

Posted by jpluimers on 2014/09/26

Thanks to the wonderful people at the opensuse forums (especially Knurpht and wolfi323) for helping me out with opensuse 12.2: yast “System Services (Runlevel): Services” very slow: how to investigate.

The solution is to install openldap2, then reboot.

The easiest way is to perform this under sudo:

zypper install openldap2

Somehow in opensuse 12.2 yast, sendmail and apache depend on it (though the yast/zypper software installer don’t recognize the dependency).

Without the reboot, yast was still slow. Not sure why yet.

I will need to check this out in the most current opensuse release.

–jeroen

via:  opensuse 12.2: yast “System Services (Runlevel): Services” very slow: how to investigate.

Posted in *nix, Linux, openSuSE, Power User, SuSE Linux | Leave a Comment »

bash vulnerability; patch your *n*x boxes A.S.A.P. (via: CERT/NIST reveal level 10 bash alert today, 24 September 2014)

Posted by jpluimers on 2014/09/25

Unpatched bash allows for remote code execution.

Patch as soon as you can and be aware that the current patches might not be complete.

Many vendors (including Debian, Red Hat, SuSE, Ubuntu) already have patches available: CERT/NIST reveal level 10 bash alert today, 24 September 2014.

This is a long article which explains the why/how/… and has an easy check to see if you are vulnerable: What is the CVE-2014-6271 bash vulnerability and, how do I fix it.

It looks like the current patches aren’t complete yet, but do plug big parts of the hole.

Watch bash CVEs in Ubuntu and CVE-2014-7169 in Ubuntu (and maybe for other nx varieties as well).

Update:

Quote from the article:

Read the rest of this entry »

Posted in *nix, *nix-tools, bash, Development, Power User, Scripting, Software Development | Leave a Comment »

« Previous Entries
 
%d bloggers like this: