If you’ve migrated to a different Android device, and you need to move your Google Authenticator to the new piece of hardware, Jack Wallen will show you how.
Source: Move Google Authenticator from one Android device to another – TechRepublic
Archive for 2015
Move Google Authenticator from one Android device to another – TechRepublic
Posted by jpluimers on 2015/11/21
Posted in Uncategorized | Leave a Comment »
Download release version: 7-Zip 15.12 (2015-11-19)
Posted by jpluimers on 2015/11/21
After years of betas there is finally a Release version: 7-Zip 15.12 (2015-11-19).
Source: Download
Share this:
Posted in Uncategorized | Leave a Comment »
Reminder to self: verify which temporary directories really need cleanup through systemd’s tmpfile mechanism
Posted by jpluimers on 2015/11/20
Message from package aaa_base: sysconfig settings for cleaning up temporary directories are no longer supported. Some of the features are provided by systemd's tmpfile mechanism instead. Please refer to 'man tmpfiles.d' for more information. Here are the old settings for reference: MAX_DAYS_IN_TMP=0 MAX_DAYS_IN_LONG_TMP=0 OWNER_TO_KEEP_IN_TMP=root
–jeroen
Share this:
Posted in *nix, Linux, openSuSE, Power User, SuSE Linux | Leave a Comment »
Unnamed ordinal subrange of Integer type
Posted by jpluimers on 2015/11/20
Posted in Uncategorized | Leave a Comment »
StartSSL indeed offers free Class1 certificates for any subdomain
Posted by jpluimers on 2015/11/20
StartSSL does in fact offer free SSL certs for subdomains, though they are Class 1 certificates.
It works: just start the process for the domain, then when you get to the step for entering a subdomain, enter any one (of course www works, but you can do the process multiple times so register certificates for multiple subdomains).
–jeroen
via: tls – Free second-level domain SSL certificate – Information Security Stack Exchange
Share this:
Posted in *nix, *nix-tools, Apache2, https, Power User, Security | Leave a Comment »
How can I combine multiple nested Substitute functions in Excel? – Stack Overflow
Posted by jpluimers on 2015/11/20
You can’t: How can I combine multiple nested Substitute functions in Excel? – Stack Overflow.
Share this:
Posted in Excel, Office, Office 2007, Office 2010, Office 2013, Power User | Leave a Comment »
How is NSA breaking so much crypto? “weak” standard primes for Diffie-Hellman are being widely used and take NSA only ~$100 million to crack
Posted by jpluimers on 2015/11/19
Interesting: a few quotes below, read How is NSA breaking so much crypto? and the full paper Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice for details.
The key is, somewhat ironically, Diffie-Hellman key exchange, an algorithm that we and many others have advocated as a defense against mass surveillance. Diffie-Hellman is a cornerstone of modern cryptography used for VPNs, HTTPS websites, email, and many other protocols. Our paper shows that, through a confluence of number theory and bad implementation choices, many real-world users of Diffie-Hellman are likely vulnerable to state-level attackers.
.. there was a very important detail that got lost in translation between the mathematicians and the practitioners: an adversary can perform a single enormous computation to “crack” a particular prime, then easily break any individual connection that uses that prime.
How enormous a computation, you ask? … For the most common strength of Diffie-Hellman (1024 bits), it would cost a few hundred million dollars to build a machine, based on special purpose hardware, that would be able to crack one Diffie-Hellman prime every year.
Would this be worth it for an intelligence agency? Since a handful of primes are so widely reused, the payoff, in terms of connections they could decrypt, would be enormous. Breaking a single, common 1024-bit prime would allow NSA to passively decrypt connections to two-thirds of VPNs and a quarter of all SSH servers globally. Breaking a second 1024-bit prime would allow passive eavesdropping on connections to nearly 20% of the top million HTTPS websites. In other words, a one-time investment in massive computation would make it possible to eavesdrop on trillions of encrypted connections.
NSA could afford such an investment. The 2013 “black budget” request … shows that the agency’s budget is on the order of $10 billion a year, with over $1 billion dedicated to computer network exploitation, and several subprograms in the hundreds of millions a year.
… However, our proposed Diffie-Hellman break fits the known technical details about their large-scale decryption capabilities better than any competing explanation. For instance, the Snowden documents show that NSA’s VPN decryption infrastructure involves intercepting encrypted connections and passing certain data to supercomputers, which return the key. The design of the system goes to great lengths to collect particular data that would be necessary for an attack on Diffie-Hellman but not for alternative explanations, like a break in AES or other symmetric crypto.
Since weak use of Diffie-Hellman is widespread in standards and implementations, it will be many years before the problems go away, even given existing security recommendations and our new findings. In the meantime, other large governments potentially can implement similar attacks, if they haven’t already.
Our findings illuminate the tension between NSA’s two missions, gathering intelligence and defending U.S. computer security. If our hypothesis is correct, the agency has been vigorously exploiting weak Diffie-Hellman, while taking only small steps to help fix the problem. On the defensive side, NSA has recommended that implementors should transition to elliptic curve cryptography, which isn’t known to suffer from this loophole, but such recommendations tend to go unheeded absent explicit justifications or demonstrations. This problem is compounded because the security community is hesitant to take NSA recommendations at face value, following apparent efforts to backdoor cryptographic standards.
–jeroen
via:
Share this:
Posted in Algorithms, Development, Encryption, Power User, Security, Software Development | Leave a Comment »
How to aggregate (count/sum/average) cells and ignore the #div/0! ‘s – via: list of functions by Excel version
Posted by jpluimers on 2015/11/19
I bumped into a #DIV/0! result for average functions when processing large sets of data.
It is actually very easy to spot the error in small results, sets, but hard in big ones, as you cannot see the #DIV/0!
So there are average functions that can ignore certain outcomes. COUNT already does that (there is no COUNTIF), the others have a *IF equivalent, but not in all Excel versions:
- COUNT – 2003+
- COUNTIF – 2003+
- COUNTIFS – 2007+
- SUM – 2003+
- SUMIF – 2003+
- SUMIFS – 2007+
- AVERAGE – 2003+
- AVERAGEIF – 2007+
- AVERAGEIFS – 2007+
- MAX – 2003+
- MIN – 2003+
Note there is a small SUMIF/SUMIFS/AVERAGEIF/AVERAGEIFS in Excel 2010 (not in 2007, and maybe not in 2013) glitch when the criteria are in a different sheet.
The seemingly easy workaround of summing columns A and B, then doing the division fails: it returns different results as it forgets to ignore faulty rows:
SUM/AVERAGE versus SUMIF/AVERAGEIF (click to enlarge)
Leermomentje (techable moment comes close)…
–jeroen
via:
- How to sum cells and ignore the #div/0! ‘s ? – Microsoft Community.
- List of all functions (by category).
- List of ALL Excel Functions by Version – Super User.
Share this:
Posted in Development, Excel, Office, Office 2003, Office 2007, Office 2010, Office 2013, Power User, Software Development | 2 Comments »
Stack Exchange – Android Apps on Google Play
Posted by jpluimers on 2015/11/18
I missed when the StackExchange App for Android was finally launched, but I totally agree with Paul Lammertsma:
Exceeds expectations This was a long time coming, but it didn’t disappoint. It’s a great aid for a regular on Stack Overflow like me!
–jeroen
via Stack Exchange – Android Apps on Google Play.
Share this:
Posted in .NET, Delphi, Development, Pingback, Power User, Software Development, Stackoverflow | Leave a Comment »
Universal Android ADB driver for Windows – koush/UniversalAdbDriver
Posted by jpluimers on 2015/11/17
If you ever need a universal Android ADB driver for Windows, then use this one: koush/UniversalAdbDriver.
I never noticed it was there until Koushik Dutta posted about a signing trick on Google+.
Windows drivers need to be signed, so what he does is generate a self signed certificate on the fly during installation, sign the driver install it, and drop the private key of the certificate.
Each installation has its own key, Microsoft is happy, and it is proven the driver signature mechanism in Windows has a hole.
If you want to do similar things, then this commit is what you are looking for: Use a self signed, self destructing signing cert. · e8b78fe · koush/UniversalAdbDriver.
It isn’t rocket science, but not trivial C# either, so this is a great example of something that works.
–jeroen
Share this:
Posted in .NET, Android, C#, Development, Mobile Development, Software Development | Leave a Comment »
The Wiert Corner - irregular stream of stuff 