The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

    Mastodon

  • Twitter Updates

  • My Flickr Stream

    20140508-Delphi-2007--Project-Options--Cannot-Edit-Application-Title-HelpFile-Icon-Theming20140430-Fiddler-Filter-Actions-Button-Run-Filterset-now20140424-VMware-Fusion-6.0.3.-no-reclaimable
    More Photos

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,861 other subscribers

Archive for the ‘Communications Development’ Category

« Previous Entries
Next Entries »

Tribal Knowledge? Getting the public keys from github and gitlab users from their username

Posted by jpluimers on 2025/04/03

Learned a while ago: if you have the username from a GitHub or GitLab user, you can download interesting that sometimes can make life easier (but not necessarily more secure):

  • github.com/username.keys gives you their public SSH keys
  • gitlab.com/username.keys gives you their public SSH keys
  • github.com/username.png gives you their profile image

And that there are tools like gh, glab and age that can make direct use of them.

I love Twitter, so thanks for these for teaching me these little tricks:

Read the rest of this entry »

Posted in *nix, *nix-tools, ArchiveTeamWarrior, Conference Topics, Conferences, Development, Event, GitHub, GitLab, Internet, InternetArchive, OpenSSH, Power User, Software Development, Source Code Management, SSH, ssh/sshd, WayBack machine | Tagged: , | Leave a Comment »

Some HTTP redirect checking sites compared

Posted by jpluimers on 2025/04/02

 

Every now and then I want to check how a URL redirect, for instance when checking out why a domain failed loading in browsers a while ago because of certificate problems:

The thing was that back then, the site officially did not have a security certificate, but somehow the provider had installed a self-signed one. Most web-browsers then auto-redirect from http to https. Luckily the archival sites can archive without redirecting:

When querying [Wayback/Archive] redirect check – Google Search, you get quite some results. These are the ones I use most in descending order of preference and why they are at that position:

Read the rest of this entry »

Posted in *nix, *nix-tools, archive.is / archive.today, Communications Development, Development, Encryption, HTTP, https, HTTPS/TLS security, Internet, Internet protocol suite, ISP, Power User, Security, Software Development, TCP, WayBack machine, Web Development, wget, xs4all | Leave a Comment »

Nartac Software – IIS Crypto

Posted by jpluimers on 2025/03/26

Not just for IIS, but for hardening any Windows system including ones running http.sys (like ADFS): [Wayback/Archive] Nartac Software – IIS Crypto

Read the rest of this entry »

Posted in .NET, Communications Development, Development, Encryption, HTTP, HTTPS/TLS security, Software Development, TCP, Web Development | Leave a Comment »

Reminder to self: re-check the Dotpe API Security Breach — bool.dev

Posted by jpluimers on 2025/03/04

Still public merchant information

Still public merchant information

It looks like some store and merchang APIs were not protected back when [Wayback/Archive] Dotpe API Security Breach — bool.dev was published.

Reminder to self: check their status now as I can’t believe their “human error” got fixed properly.

History (reverse chronological order):

  1. [Wayback/Archive] How DotPe’s ‘Human Error’ Exposed Confidential Customer API Data
  2. [Wayback/Archive] Deedy on X: “Today, Google-backed DotPe locked down their APIs by rate-limiting by IP on /external/merchant and blocking others. They sent a legal notice to the author before fixing it and haven’t publicly acknowledged the issue at all. Companies must be held accountable for poor security.…”

    [Wayback/Archive] Tweet JSON: [Wayback/Archive] GYSlTthakAEoojp.png:orig (2346×1838)

  3. Now protected private API

    Now protected private API

    [Wayback/Archive] Deedy on X: “6 hours later, the API is still very much public! …”

    [Wayback/Archive] Tweet JSON: [Wayback/Archive] GYK38dXbkAEEEs_.jpg:orig (1358×1798)

Read the rest of this entry »

Posted in Communications Development, Development, HTTP, Infosec (Information Security), Internet protocol suite, REST, Software Development, TCP, Web Development | Leave a Comment »

Mailen en communiceren zonder Musk en Trump: Cloud Kootwijk – Bert Hubert’s writings

Posted by jpluimers on 2025/02/06

Hopelijk lukt dit iemand van de grond te krijgen, maar het zal wel stranden in regelgeving (net als GPT-NL wat tegen licentieproblemen aan loopt¹ en GEITje – wat vanwege licentieproblemen uit de lucht gehaald is ²) [Wayback/Archive] Mailen en communiceren zonder Musk en Trump: Cloud Kootwijk – Bert Hubert’s writings.

Via onder meer:

Read the rest of this entry »

Posted in Cloud, Communications Development, Development, eMail, Infrastructure, SocialMedia, Software Development | Leave a Comment »

The Twelve-Factor App

Posted by jpluimers on 2024/11/21

Still relevant: [Wayback/Archive] The Twelve-Factor App and [Wayback/Archive] 12 Fractured Apps — Medium

Once Docker hit the scene the benefits of the 12 Factor App (12FA) really started to shine. For example, 12FA recommends that logging should be done to stdout and be treated as an event stream. Ever run the docker logs command? That’s 12FA in action!

Via

–jeroen

Posted in Back-End Development, Cloud Development, Communications Development, Conference Topics, Conferences, Deployment, Developing scalable systems, Development, DevOps, Distributed Computing, Event, Software Development | Leave a Comment »

crt.sh allows you to search for the history of TLS certificates for domains (example: *.wiert.me)

Posted by jpluimers on 2024/11/19

I while ago, I bumped into [Wayback/Archive] crt.sh | Certificate Search that allows searching for (the history of) TLS certificates.

One example of what it returns is [Wayback/Archive] crt.sh | wiert.me (for my blog domain and subdomains).

The basic mechanism of crt.sh is to query various Certificate Transparency logs and Certificate revocation list, terms I vaguely knew, but never fully realised the vast usefulness of (including questions like [Wayback/Archive] How does crt.sh becomes aware of certificates that are in no CT logs?).

The cool thing is that most (everything?) of it is open source in the various repositories at [Wayback/Archive] Github: crt.sh.

There is also an advanced search page [Wayback/Archive] crt.sh | Certificate Search (a=1) with many more options (including linting) I really want to try later plus a bunch of background links (including the support forum at) of which some *.crt.sh returned a http 502 while writing this blog post. Will try later to see if they have started working again:

Read the rest of this entry »

Posted in Communications Development, Development, Encryption, HTTPS/TLS security, Internet protocol suite, Power User, Security, TCP, TLS | Leave a Comment »

Attempting to stop Microsoft users sending ‘reactions’ to email from me by adding a postfix header

Posted by jpluimers on 2024/09/27

If you do not want Outlook kinds of clients spamming you, then add this header to your email messages above the Content-Type header (see [Wayback/Archive] The Message Content-Type in MIME)

x-ms-reactions: disallow

[Wayback/Archive] Attempting to stop Microsoft users sending ‘reactions’ to email from me by adding a postfix header

Via [Wayback/Archive] Kris: “x-ms-reactions: disallow http…” – chaos.social

x-ms-reactions: disallow

neilzone.co.uk/2024/07/attempt

Eine kleine Mailserver Config verhindert, daß Outlook Volldeppen meine Mailbox mit Likes spammen.

Sehr gut.

--jeroen

Posted in *nix, *nix-tools, Communications Development, Development, Internet protocol suite, Office, Outlook, postfix, Power User, SMTP | Leave a Comment »

string – Check if MyString[1] is an alphabetical character? – Stack Overflow (and how Embarcadero broke one of the product version neutral redirects)

Posted by jpluimers on 2024/09/24

Quite a while ago [Wayback/Archive] string – Check if MyString[1] is an alphabetical character? – Stack Overflow asked by [Wayback/Archive] User Jeff was answered by [Wayback/Archive] Andreas Rejbrand:

The simplest approach is

function GetAlphaSubstr(const Str: string): string;
const
  ALPHA_CHARS = ['a'..'z', 'A'..'Z'];
var
  ActualLength: integer;
  i: Integer;
begin
  SetLength(result, length(Str));
  ActualLength := 0;
  for i := 1 to length(Str) do
    if Str[i] in ALPHA_CHARS then
    begin
      inc(ActualLength);
      result[ActualLength] := Str[i];
    end;
  SetLength(Result, ActualLength);
end;

but this will only consider English letters as “alphabetical characters”. It will not even consider the extremely important Swedish letters Å, Ä, and Ö as “alphabetical characters”!

Slightly more sophisticated is

function GetAlphaSubstr2(const Str: string): string;
var
  ActualLength: integer;
  i: Integer;
begin
  SetLength(result, length(Str));
  ActualLength := 0;
  for i := 1 to length(Str) do
    if Character.IsLetter(Str[i]) then
    begin
      inc(ActualLength);
      result[ActualLength] := Str[i];
    end;
  SetLength(Result, ActualLength);
end;

Back in 2011 I added a comment that for more than a decade would redirect to the most current documentation on the IsLetter method:

+1 for using IsLetter which checks the Unicode definition for being a letter or not [Wayback] docwiki.embarcadero.com/VCL/en/Character.TCharacter.IsLetter

Back then, Delphi X2 was current, so it would redirect

  1. from [Wayback] http://docwiki.embarcadero.com/VCL/en/Character.TCharacter.IsLetter
  2. to [Wayback] http://docwiki.embarcadero.com/VCL/XE2/en/Character.TCharacter.IsLetter
  3. then to [Wayback] http://docwiki.embarcadero.com/VCL/XE2/en/Character.TCharacter.IsLetter
  4. ending at [Wayback] http://docwiki.embarcadero.com/Libraries/XE2/en/System.Character.TCharacter.IsLetter

After a long outage in 2022 (see The Delphi documentation site docwiki.embarcadero.com has been down/up oscillating for 4 days is now down for almost a day.) only the Alexandria help was restored.

This killed the above redirect.

Luckily [Wayback/Archive] George Birbilis noticed that and commented this:

@JeroenWiertPluimers the correct link now is: docwiki.embarcadero.com/Libraries/Alexandria/en/…

In order to refer to the most recent Delphi version, now you have to use [Wayback] http://docwiki.embarcadero.com/Libraries/en/System.Character.TCharacter.IsLetter.

This redirects:

  1. via [Wayback] http://docwiki.embarcadero.com/Libraries/Alexandria/en/System.Character.TCharacter.IsLetter to
  2. to [Wayback] https://docwiki.embarcadero.com/Libraries/Alexandria/en/System.Character.TCharacter.IsLetter

The above breaks the help integration from older Delphi products which is bad. It is also bad because it makes it harder to port legacy Delphi code to more modern Delphi versions.

Hopefully the above gives you a bit insight how the docwiki help system was designed and what is left of that design.

–jeroen

Posted in Communications Development, Conference Topics, Conferences, Delphi, Development, Encryption, Event, HTML, HTTP, https, HTTPS/TLS security, Internet protocol suite, Power User, Security, Software Development, TCP, TLS, Web Development | Leave a Comment »

Guess the maximum DNS Response Size… (by Jan Schaumann)

Posted by jpluimers on 2023/12/26

Every once in a while Jan Schaumann writes a long Twitter thread and saves it in a blog post. Always good ways to learn. This time it was no different: [Wayback/Archive] DNS Response Size started with

Read the rest of this entry »

Posted in Communications Development, Development, DNS, Internet, Internet protocol suite, IPv4, IPv6, Power User, TCP, tcpdump, UDP, Wireshark | Leave a Comment »

« Previous Entries
Next Entries »