The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

    Mastodon

  • Twitter Updates

  • My Flickr Stream

    20140508-Delphi-2007--Project-Options--Cannot-Edit-Application-Title-HelpFile-Icon-Theming20140430-Fiddler-Filter-Actions-Button-Run-Filterset-now20140424-VMware-Fusion-6.0.3.-no-reclaimable
    More Photos

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,860 other subscribers

Archive for February, 2023

Next Entries »

I wrote about imposter syndrome before; this diagram describes how I sometimes feel

Posted by jpluimers on 2023/02/07

Every now and then, I still find it hard to realise how what I know relates to the knowledge of others.

It has to do with imposter syndrome, which many people in IT suffer from, as the field can be so overwhelming and make us so little.

So I was glad that Jens Fudge taught a conference session on imposter syndrome fall 2021, which I mentioned a few months ago in Chris Bensen on Twitter: “I just had a notion about they cycle I go through with every project I have ever worked on so I drew this up before I forgot it. I hope everyone can read it.… “.

Earlier, my post If you think everyone has such an organised life, and you feel so lost exactly reflects how I feel sometimes when imposter syndrome kicks in.

When it does, the belowgraph posted in [Archive] Susan L. Benear on Twitter: “This is what it took me until my last year of grad school to realize. I’m still regularly overwhelmed by how much I don’t know, but I no longer suffer from the delusion that everyone else in my position knows 5x more than me. ” / Twitter very much helps me.

It also helps to realise this: [Archive] Frau Sommersprosse on Twitter: “Wir leben in einer schnellen Gesellschaft. Auch privat muss es oft “höher, schneller, weiter” und immer mehr sein. Halte inne und denk an all das Gute, das du hast. Nur weil Menschen vermeintlich mehr haben, sind sie nicht glücklicher. Dankbarkeit und Demut bringen innere Ruhe.” / Twitter which translates as

We live in a fast paced society. In private, too, it often has to be “higher, faster, further” and more and more.

Stop and think of all the good that you have.

Just because people supposedly have more doesn’t make them happier.

Gratitude and humility bring peace of mind.

To which I responded both that it is related to imposter syndrome and that [Archive] Jeroen Wiert Pluimers on Twitter: “@4Sprosse You are valid:” / Twitter.

You are valid, no matter how awful you feel (thanks [Archive] Willem Wouda on Twitter: “Goedemorgen, het is donderdag. Voor iedereen die wil en voor hen die denken er geen nodig te hebben een #ddk #DikkeDonderdagKnuffel ” / Twitter!), which I traced back to:

Read the rest of this entry »

Posted in About, Awareness, LifeHacker, Personal, Power User | Leave a Comment »

Some links on SuperMicro X10 and “PEI–Could Not Find Recovery Image…”

Posted by jpluimers on 2023/02/06

An X10 machine here hardly needs reboots, but at one point it did, and got a dreaded message “PEI--Could Not Find Recovery Image...“, so I started Googling.

  1. [Wayback/Archive] “pei” “could not find recovery image” – Google Search returned only one Russian thread: [Wayback/Archive] Восстановление BIOS на Supermicro X10SRi.
  2. Hard to read, I dug further with [Wayback/Archive] “PEI–Could Not Find Recovery Image…” – Google Search and [Wayback/Archive] “pei could not find recovery image” – Google Search, which both went for inexact matches: bummer.

The good news is that few people bump into this problem. The bad news is that the ones that do, usually do not find a way to solve it. For example:

 

What helped in retrospect, was using IPMI (which still worked), re-flash the most recent BIOS, then powered down the machine and rebooted: it worked.

Not sure if I will be so lucky next time, but via [Wayback/Archive] supermicro “could not find recovery image” – Google Search , I found the the idea from [Wayback/Archive] X9SRL-F POSTs only via BIOS recovery process | ServeTheHome Forums that might help: solder a new BIOS Flash ship. Definitely not for the fainthearted: [Wayback/Archive] Bios Recovery via Chip Reprogramming Supermicro X10SLM+-LN4F | ServeTheHome Forums.

 

I got at the BIOS programming via IPMI idea via the second set of searches above, which got me at [Wayback/Archive] Supermicro BIOS recovery – SUPER.ROM – Server Fault (thanks anonymous [Wayback/Archive] user303507):

Get mainboards with a “-F” in the product name. Then you have IPMI and can even flash a faulty BIOS. It requires a key from Supermicro to activate this feature which is not for free

The 2nd flash area can also be fully impacted by a faulty flash process, therefore the trick with Ctrl+HOME does not work.

This worked because all my SuperMicro mainboards are of the “-F” type and I had the key.

If you don’t have the key it can be generated, for instance with the bash script I published in Supermicro Bios Update – YouTube.

You can find back most letters and numbers SuperMicro uses at [Wayback/Archive1/Archive2] Motherboards (Intel UP) | Product Naming Conventions | Super Micro Computer, Inc. which has a few tables like this:

Read the rest of this entry »

Posted in Hardware, Mainboards, Power User, SAS/SATA, SuperMicro, X10SRH-CF | Leave a Comment »

If you want to connect to Twitter contacts on Mastodon, be quick: the new Twitter API changes might also break Mastodon discovery tools in a day or so. Run hemem before it’s too late!

Posted by jpluimers on 2023/02/06

If you are on Mastodon as well as Twitter, then run these tools today, as soon they will likely stop working:

Via [Wayback/Archive] Jeroen Baert on Twitter: “General reminder that Twitter API changes might also break Mastodon discovery tools. So run em before it’s too late! Movetodon: movetodon.org Debirdify: pruvisto.org/debirdify Fedifinder: fedifinder.glitch.me

–jeroen

Posted in Hardware, Power User, WiFi | Leave a Comment »

Large (hundreds) CVE-2021-21974 ESXi VMware based ESXiArgs (Nevada?) ransomware attacks

Posted by jpluimers on 2023/02/04

Shodan.io results for query html:"We hacked your company successfully" title:"How to Restore Your Files"[Wayback/Archive] Massive ESXiArgs ransomware attack targets VMware ESXi servers worldwide

Admins, hosting providers, and the French Computer Emergency Response Team (CERT-FR) warn that attackers actively target VMware ESXi servers unpatched against a two-year-old remote code execution vulnerability to deploy ransomware.
Tracked as CVE-2021-21974, the security flaw is caused by a heap overflow issue in the OpenSLP service that can be exploited by unauthenticated threat actors in low-complexity attacks.
“As current investigations, these attack campaigns appear to be exploiting the vulnerability CVE-2021-21974, for which a patch has been available since 23 February 2021,” CERT-FR said.
“The systems currently targeted would be ESXi hypervisors in version 6.x and prior to 6.7.”
To block incoming attacks, admins have to disable the vulnerable Service Location Protocol (SLP) service on ESXi hypervisors that haven’t yet been updated.
CERT-FR strongly recommends applying the patch as soon as possible but adds that systems left unpatched should also be scanned to look for signs of compromise.
CVE-2021-21974 affects the following systems:
  • ESXi versions 7.x prior to ESXi70U1c-17325551
  • ESXi versions 6.7.x prior to ESXi670-202102401-SG
  • ESXi versions 6.5.x prior to ESXi650-202102101-SG

[Wayback/Archive] Esxi Ransomware Help and Support Topic (ESXiArgs / .args extension) – Page 2 – Ransomware Help & Tech Support (there are now 4 pages, most victims OVH, likely many more pages to follow)

[Wayback/Archive] How to Disable/Enable the SLP Service on VMware ESXi (76372)

[Wayback/Archive] html:”We hacked your company successfully” title:”How to Restore Your Files” – Shodan Search which resulted in the above image (I tweeted it at [Wayback/Archive] Jeroen Wiert Pluimers @wiert@mastodon.social on Twitter: “@vmiss33”)

Commands used in [Wayback/Archive] Jeroen Wiert Pluimers @wiert@mastodon.social on Twitter: “@vmiss33 I did forget to disable SLP on a patched system, but doing that is easy as per kb.vmware.com/s/article/76372:

/etc/init.d/slpd status
/etc/init.d/slpd stop
esxcli system slp stats get
esxcli network firewall ruleset set -r CIMSLP -e 0
chkconfig slpd off
chkconfig --list | grep slpd

More links to follow, but I’m away from keyboard for most of the day.

–jeroen

Read the rest of this entry »

Posted in ESXi6, ESXi6.5, ESXi6.7, Power User, Ransomware, Security, Virtualization, VMware, VMware ESXi | Leave a Comment »

Lii-500 Charger, and review

Posted by jpluimers on 2023/02/03

Via [Wayback/Archive] Jilles🏳️‍🌈 on Twitter: “Recycling old laptop batteries ” / Twitter, I ended up at this great in depth review [Wayback/Archive] Review of Charger LiitoKala Engineer Lii-500, including graphs of behaviour with various battery types and counts.

The site has many other reviews. Not just about [Wayback/Archive] Batteries and chargers (and a great overview at [Wayback/Archive] Round cell charger index). The main page is named [Wayback/Archive] Flashlight information, but shows links to lists of articles about batteries, chargers, multimeters, flashlights, projects and more.

So this is my list of things to try: [Wayback/Archive] Lii-500 Charger:

Read the rest of this entry »

Posted in Batteries, Li-Ion, LifeHacker, Power User | Leave a Comment »

If you can read German and ever need to explain number or set theory to your kids, use this thread by isotopp…

Posted by jpluimers on 2023/02/02

Long thread at [Archive.is] Kristian Köhntopp on Twitter: “Tage im Lockdown. Heute, Diskussion mit der Frau (die das gerade dem Kind erklärt) über Brüche vs irrationale Zahlen (also keine Brüche). Wir enden bei Zahlentheorie, …”

I expanded it using [Wayback] Thread by @isotopp on Thread Reader App – Thread Reader App:

Tage im Lockdown. Heute, Diskussion mit der Frau (die das gerade dem Kind erklärt) über Brüche vs irrationale Zahlen (also keine Brüche).

Wir enden bei Zahlentheorie, … 

… und Mengenlehre. Wir machen gerade Bruchrechnung, also ℚ, und ich hatte versucht zu erklären, daß ℚ[0,1[, ℚ und ℤ nur Cosplay von ℕ sind.

Richtig ätzend ist nur ℝ, oder genauer ℝ\ℚ, also 𝕀. 

Das Ergebnis war eine Tour von Zahlentheorie (“Hier ist die leere Menge, wir machen uns ℕ = {}, {{}}, {{}, {{}}}, … durch Generierung unterscheidbarer Elemente und Bestimmung der Mächtigkeit, dann erfinden wir die Addition, dann bekommen wir … 

… kostenlos Assziativität, Kommutativität, dann erfinden wir Kettenadditionen und Multiplikation und bekommen Distributivität.

Dann erfinden wir Umkehroperationen und weil wir Algebren wollen, muß ℕ zu ℤ werden. Ist das schlimm? Nein, wir können ℕ auf ℤ abbilden. 

Ist das schlimm? Nein, es ist eine Bijektion, also sind es dieselbe Menge, ℤ ist ein Cosplay von ℕ.

Dasselbe kriegen wir mit der Umkehrung der Multiplikation, der Division, und den Brüchen, und ℚ und de.wikipedia.org/wiki/Cantors_e…

ℚ ist also auch ein Cosplay von ℕ. 

So weit war alles einfach erklärbar, auch wenn das bei mir schon 30 Jahre her ist. Aber dann kommen wir darauf, daß ℚ[0,1[ und ℚ gleich mächtig sind, und das wird zunächst mal intuitiv abgelehnt. 

Offen sind noch 𐡀-Null mächtiger als 𐡀-Eins, und daß es mehr irrationale als rationale Zahlen gibt, und de.wikipedia.org/wiki/Hilberts_….

Und ich kann diese Beweise nicht mehr aus dem Stand…

Jetzt habe ich die Aufgabe, das als verständliche Erklärung vorzubereiten. 

Eigentlich ist das alles total schön, weil die ganze Mathematik aus der leeren Menge, und dem Willen eine Algebra zu haben (also weiter rechnen zu können) zu folgern ist.

Aber manchmal ist Geekhaushalt auch anstrengend…

–jeroen

Posted in Development, LifeHacker, Mathematics, Power User, science, Software Development | Leave a Comment »

Facebook id numbers

Posted by jpluimers on 2023/02/01

Shortly after one of the many Facebook breaches, Miko from F-Secure posted this:

Mark Zuckerberg’s own data is in the Facebook leak. His Facebook ID number is 4.

There are no user IDs 0-3.

The only other single-digit user IDs in the leak seem to be:

  • ID 5: Chris Hughes
  • ID 6: Dustin Moskovitz

Other early facebook users include:

  • ID 11 Soleio Soleio
  • ID 27 Colin Kelly
  • ID 74 Daniel Mejia
  • ID 86 Jason Wen
  • ID 87 Emily Hurd
  • ID 102 Alex Lee
  • ID 104 Amy Ng
  • ID 139 Jeff Winer
  • ID 158 Teresa Grado
  • ID 185 Zach Seward
  • ID 210 Adam Levine
  • ID 287 Peter Buttigieg

And yes, they all have a phone number listed in the leak. That includes Mr. Zuckerberg.

Also, the Winklevoss brothers are not in the leak. (Source: [Wayback/Archive] https://threader.app/thread/1378694432652939264?s=09)

I wonder how you would get the Facebook ID of an account (for instance your own account).

–jeroen

PS: Since Threader died after writing this post, the above thread is now at WayBack: ThreadReaderApp, Archive: ThreadReaderApp, ThreadReaderApp, and [Archive] Twitter.

Read the rest of this entry »

Posted in Facebook, SocialMedia | Leave a Comment »

Next Entries »