The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

    Mastodon

  • Twitter Updates

  • My Flickr Stream

    20140508-Delphi-2007--Project-Options--Cannot-Edit-Application-Title-HelpFile-Icon-Theming20140430-Fiddler-Filter-Actions-Button-Run-Filterset-now20140424-VMware-Fusion-6.0.3.-no-reclaimable
    More Photos

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,860 other subscribers

Archive for October, 2017

« Previous Entries
Next Entries »

UPS PIco HV3.0 documentation not on github: “03_0x38_W_UPS PIco HV3.0.pdf”

Posted by jpluimers on 2017/10/17

I ordered a UPS PIco HV3.0 A Stack 450 Plus and it arrived without any documentation on how to solder the parts together.

So I tried searching for them: https://www.google.com/search?q=UPS+PIco+HV3.0+A+Stack+450+Plus+installation+instructions which turned mostly github based URLs.

I learned there is a bit on github:

But despite code and documentation being there, no installation instructions on how to solder the stuff together.

Luckily, they responded quickly to my tweet So I got my “UPS PIco HV3.0 A Stack 450 Plus” @ModMyPi but no assembly instructions. Where do all the non-soldered parts go when using RPi3? and a quick respons thread revealing I needed 03_0x38_W_UPS PIco HV3.0.pdf which – TADAAAA – is on Google drive and on the forums at [WayBackUPS PIco Firmware Update & Troubleshooting : Technical Support

So despite github providing an excellent platform for discussion and storing documentation, something archaic like a forum is used to store data in a disorganised way.

Too bad, as the document itself is 100+ page of invaluable documentation.

So in case of future bit-rot, here are the links:

Read the rest of this entry »

Posted in Development, Hardware Development, Hardware Interfacing, Raspberry Pi | Leave a Comment »

TEncryptedIniFile: easy to use class for handling app settings with encryption in Delphi – TMS Software Blog

Posted by jpluimers on 2017/10/17

[WayBackTMS Software | Blog | TEncryptedIniFile: easy to use class for handling app settings with encryption

via: [WayBackA new blog has been posted:TEncryptedIniFile: easy to use class for handling app settings with encryption – Michael Thuma – Google+

I wonder how that works with encryption algorithms based on thin Delphi wrappers around proven open source encryption libraries.

–jeroen

PS: Note the G+ link died. Not sure why, but that’s why I archived the original as a WayBack link when writing this post.

Posted in Delphi, Development, Software Development | 4 Comments »

OnePlus OxygenOS built-in analytics: disable it as soon as you can

Posted by jpluimers on 2017/10/16

Remove the OnePlus Analytics service because of privacy violations:

Source: [WayBackOnePlus OxygenOS built-in analytics

We take a look at the analytics built into the OxygenOS, the flavour of Android built by phone manufacturer OnePlus.

The analytics data is sent over https, but it contains way too much information on your privacy.

This also taught me about this interesting project: [WayBack] OWASP Zed Attack Proxy Project – OWASP

These tweets describe how to disabled it:

It was also present OnePlus Five, I found it through:

  1. Settings
  2. Developer Options
  3. Running Services
  4. OnePlus System Service
  5. OnePlusAnalyticsJobService

Until removed, it restarts at every boot.

Removing the service seems more permanent than the alternative [WayBack] Dear OnePlus, please stop spying on my phone:

  1. Settings
  2. Advanced
  3. Join user experience program
  4. toggle this option to off

It is unclear to me what turned that option on in the first place.

–jeroen

via: [WayBack] Welp. As a OnePlus owner, this makes me pretty damn unhappy :/ https://www.chrisdcmoore.co.uk/post/oneplus-analytics/ +Colm Buckley – Kristian Köhntopp – Google+

 

Posted in Android Devices, OnePlus Five, OnePlus Two, Power User, Privacy | Leave a Comment »

If Beyond Compare indicates “editing disabled” after starting from SourceTree, then your integration is wrong.

Posted by jpluimers on 2017/10/16

SourceTree 2.1 still doesn't recognise that Beyond Compare is installed.

SourceTree 2.1 still doesn’t recognise that Beyond Compare is installed.

I noticed that on my Mac, Beyond Compare wasn’t able to edit diffed files when it had been started from SourceTree. This struck me as odd since on Windows this worked fine. So I did a bit of digging and found out both SourceTee and I screwed up:

Editing Disabled

Luckily [WayBackZoë Peterson (lead developer on Beyond Compare and formerly Turbo Power Abbrevia project admin) had answered this before, and all these show “Editing disabled” in the user-interface:

Beyond Compare will disable editing of a file any of the following reasons:

  • It’s one of the input files in a 3-way merge
  • The comparison was cancelled
  • The comparison encountered an error (corrupt file, invalid character encoding, out of memory, gamma rays, etc)
  • The file format’s conversion settings don’t support converting back to the original format (MS Word, PDF)
  • The file is on a read-only “filesystem” (7zip/RAR/CHM archives, CD/DVD-ROMs)
  • A file or parent folder had editing explicitly disabled by the user in the session settings or using the /ro command line switches
  • The viewer itself doesn’t support editing (eg, Hex Compare)

Source: [WayBackversion control – Beyond Compare 3 editing disabled – Stack Overflow

So the last instruction should be:

Set both Visual Diff Tool and Merge Tool to Other, then set both the Diff Command and Merge Command to the value you obtained above (in my case /usr/local/bin/bcomp) and these arguments:

  1. Diff Command Arguments
    "$LOCAL" "$REMOTE"
  2. Merge Command Arguments
    "$LOCAL" "$REMOTE" "$BASE" "$MERGED"

Note that somewhere during 2.2, SourceTree has added Beyond Compare integration and fixed some of the issues, but there are still issues left:

No Editing Disabled

There is only one occasion where the UI does not show “Editing Disabled”, but where you cannot edit the file itself (you can only edit the current line in the line diff view at the bottom of the UI). Zoë mentioned that too:

Also, the Full Edit (F2) toggle in the Text Compare View menu switches between inline editing and line-based mode. If it’s disabled you can copy/delete whole lines and type in the line details edits at the bottom of the window, but the main windows won’t have a cursor, typing is disabled, and it will always select whole lines. Unlike the above items, this doesn’t show “Editing Disabled” in the status bar.

Source: [WayBackversion control – Beyond Compare 3 editing disabled – Stack Overflow

By default this setting is bound to the F2 key on Windows, so if you accidentally press that when Beyond Compare is active, you might be in for a surprise.

Screen shots:

Read the rest of this entry »

Posted in Beyond Compare, Encoding, Power User | Leave a Comment »

RSA keys by Infineon chips or libraries can be cracked fast; Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping…

Posted by jpluimers on 2017/10/16

All of our house is wired by ethernet for a reason…

WPA2 Flawed. Once again, it turns out that designing something properly secure is really, really, REALLY hard.

[WayBack] Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping https://arstechnica.com/… – Lars Fosdal – Google+

[Archive.is] If fixes exist, third party firmware will have it in days. Most OEMs, never. I do worry a lot about unfixable flaws in the wifi standards… – Kristian Köhntopp – Google+:

Dave reminds us that there is a reason why people mod the firmware of their Wifi routers, and that reason is actually now more critical than ever.

Via [WayBack] https://www.krackattacks.com/ has a FAQ. Some interesting questions from there:… – Kristian Köhntopp – Google+:

[WayBackKRACK Attacks: Breaking WPA2 : This website presents the Key Reinstallation Attack (KRACK). It breaks the WPA2 protocol by forcing nonce reuse in encryption algorithms used by Wi-Fi.

 

Since we’re talking security, watch your RSA as it is way worse than the WPA2 one: [Archive.is]

We heard you liked the 10 WPA2 CVE’s, so »A 2nd major crypto vulnerability being disclosed… – Kristian Köhntopp – Google+ quoting

[WayBack] Dan Goodin‏ @dangoodin001: 2nd major crypto vulnerability being disclosed Monday involves millions of 1024- and 2048-bit RSA keys that are practically factorizable.

[WayBackROCA: Vulnerable RSA generation (CVE-2017-15361) [CRoCS wiki]

The time complexity and cost for the selected key lengths (Intel E5-2650 v3@3GHz Q2/2014):

  • 512 bit RSA keys – 2 CPU hours (the cost of $0.06);
  • 1024 bit RSA keys – 97 CPU days (the cost of $40-$80);
  • 2048 bit RSA keys – 140.8 CPU years, (the cost of $20,000 – $40,000).

[WayBack] New vulnerabilities found in RSA 1024 and 2048 bit keys. Estimated cost of cracking based on access to the Public key only: 1024 bit: $40 2048 bit: $20k… – Lars Fosdal – Google+

Jan Wildeboer did a nice explanation in laymen terms of both security issues published today:

 

–jeroen

Read the rest of this entry »

Posted in LifeHacker, Power User, Security, WiFi | Leave a Comment »

When you believe that you have a keylogger or some sort trojan | Official Apple Support Communities

Posted by jpluimers on 2017/10/16

We thought one of our Macs was compromised, but it wasn’t: it had too many web browsers open so it was crawling like a snake.

The below terminal commands and EtreCheck [Source: etresoft/EtreCheck: Source code for EtreCheck] helped to find out what was running:

kextstat -kl | awk '!/com\.apple/{printf "%s %s\n", $6, $7}'  

sudo launchctl list | sed 1d | awk '!/0x|com\.(apple|openssh|vix)|edu\.mit|org\.(amavis|apache|cups|isc|ntp|postfix|x)/{print $3}'  

launchctl list | sed 1d | awk '!/0x|com\.apple|edu\.mit|org\.(x|openbsd)/{print $3}'  
 
ls -1A /e*/mach* {,/}L*/{Ad,Compon,Ex,Fram,In,Keyb,La,Mail/Bu,P*P,Priv,Qu,Scripti,Servi,Spo,Sta}* L*/Fonts 2> /dev/null  

osascript -e 'tell application "System Events" to get name of every login item' 2> /dev/null

Source: [WayBackI believe that I have a keylogger or some sort … | Official Apple Support Communities

–jeroen

Posted in Apple, Mac, MacBook, MacBook-Air, Power User | Leave a Comment »

Ritjeweg: Greenwheels, ConnectCar, Car2Go, MyWheels of toch SnappCar?

Posted by jpluimers on 2017/10/13

Ontdek én vergelijk locaties en prijzen van o.a. Greenwheels, ConnectCar, Car2Go, MyWheels of SnappCar. Vergelijken was nog nooit zo makkelijk!

Handige kaart om te zien welke auto’s er bij jou in de buurt verhuurd worden.

Source: Greenwheels, ConnectCar, Car2Go, MyWheels of toch SnappCar?

–jeroen

Posted in LifeHacker, Power User | Leave a Comment »

Mac OS X – Hardware Monitor Help: remove com.bresink.driver.BRESINKx86Monitoring

Posted by jpluimers on 2017/10/13

Just in case you have this driver installed:

$ kextstat -kl | awk '!/com\.apple/{printf "%s %s\n", $6, $7}'
com.bresink.driver.BRESINKx86Monitoring (9.0)

[WayBackHardware Monitor Help shows how to remove it:

  1. Ensure you are logged in as user with administrative rights.
  2. Use the Finder to open the folder Library at the topmost level of your system volume, and inside it, the folder StartupItems. If the driver is still installed, you will see the folder BRESINKx86Monitoring at this location.
  3. Drag the folder BRESINKx86Monitoring to the Trash. OS X may ask for your administrator password.

–jeroen

Posted in Apple, Mac, Mac OS X / OS X / MacOS, MacBook, MacBook Retina, MacBook-Air, macOS 10.12 Sierra, OS X 10.10 Yosemite, OS X 10.11 El Capitan, OS X 10.9 Mavericks, Power User | Leave a Comment »

Encoding horror: Wayback Machine “Sorry.This snapshot cannot be displayed due to an internal error.”

Posted by jpluimers on 2017/10/13

Sorry.This snapshot cannot be displayed due to an internal error.

When the Wayback Machine tries to display the archived https://plus.google.com/+KristianKöhntopp/posts/2yw9QFgCdtx which is about Unicode encoding horror.

The real horror? This used to work in the past.

Luckily it’s archived on https://archive.fo/b36gn

–jeroen

Later: credit where credit is due, as they fixed it:

[WayBack] WayBack didn’t respond to me, but instead fixed the archival of +Kristian Köhntopp’s G+ posts:… – Jeroen Wiert Pluimers – Google+

https://web.archive.org/web/*/https://plus.google.com/+KristianK%C3%B6hntopp/posts/*

Posted in Development, Encoding, Internet, InternetArchive, Power User, Software Development, WayBack machine | Leave a Comment »

Napflix | Siesta Video Platform.

Posted by jpluimers on 2017/10/13

We all know the feeling of insomnia. Your body wants to sleep but your mind is still awake and active. So how can we steady up our mind. Napflix is a video platform where you can find the most silent and sleepy content selection to relax your brain and easily fall asleep. Taking siesta wherever and whenever you like.

Source: Napflix | Siesta Video Platform.

Some I like:

Some that are sooooo funny:

 

Posted in LifeHacker, Power User | Leave a Comment »

« Previous Entries
Next Entries »