The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

    Mastodon

  • Twitter Updates

  • My Flickr Stream

    20140508-Delphi-2007--Project-Options--Cannot-Edit-Application-Title-HelpFile-Icon-Theming20140430-Fiddler-Filter-Actions-Button-Run-Filterset-now20140424-VMware-Fusion-6.0.3.-no-reclaimable
    More Photos

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,862 other subscribers

Kristian Köhntopp – Google+

Posted by jpluimers on 2017/10/18

[WayBack] Kristian Köhntopp – Google+:

The S in IoT is for Security, and the U is for Update Policy.
 –jeroen

 

Posted in Development, Fun, Power User, Quotes, Software Development, WiFi | Leave a Comment »

The Software Development Process – Science, Engineering, Art, or Craft? – CodeProject

Posted by jpluimers on 2017/10/18

On the long-read list: [WayBackThe Software Development Process – Science, Engineering, Art, or Craft? – CodeProject

 

Posted in Agile, Development, Software Development | Leave a Comment »

GitHub – sinbad/spriterecolour: Sprite processor to allow dynamic recolouring

Posted by jpluimers on 2017/10/18

One day this will be extremely useful to me: [WayBackGitHub – sinbad/spriterecolour: Sprite processor to allow dynamic recolouring

Via: [WayBackSpriteRecolour, an open source sprite recolouring tool · SteveStreeting.com

TL;DR:

Read the rest of this entry »

Posted in Algorithms, Development, Software Development | Leave a Comment »

Google’s AI can create better machine-learning code than the researchers who made it

Posted by jpluimers on 2017/10/17

[WayBack] Google’s AI can create better machine-learning code than the researchers who made it:

Google’s AutoML project has yielded significant advances in the ability for machine-learning systems to replicate and improve AI code.

Via:

–jeroen

Posted in AI and ML; Artificial Intelligence & Machine Learning, Development, LifeHacker, Power User, science, Software Development | Leave a Comment »

Why Delphi users love @TMSsoftwareNews: bugfix within 2.5 hours.

Posted by jpluimers on 2017/10/17

People love @TMSSoftwareNews because of the short bug-fix turnaround. In this case 2.5 hours: [WayBack@jpluimers: @TMSsoftwareNews when entering a perfectly valid email address like word.word+tag.subtag@gmail.com: Please enter a valid Email Address.

–jeroen

Read the rest of this entry »

Posted in Delphi, Development, Software Development | Leave a Comment »

UPS PIco HV3.0 documentation not on github: “03_0x38_W_UPS PIco HV3.0.pdf”

Posted by jpluimers on 2017/10/17

I ordered a UPS PIco HV3.0 A Stack 450 Plus and it arrived without any documentation on how to solder the parts together.

So I tried searching for them: https://www.google.com/search?q=UPS+PIco+HV3.0+A+Stack+450+Plus+installation+instructions which turned mostly github based URLs.

I learned there is a bit on github:

But despite code and documentation being there, no installation instructions on how to solder the stuff together.

Luckily, they responded quickly to my tweet So I got my “UPS PIco HV3.0 A Stack 450 Plus” @ModMyPi but no assembly instructions. Where do all the non-soldered parts go when using RPi3? and a quick respons thread revealing I needed 03_0x38_W_UPS PIco HV3.0.pdf which – TADAAAA – is on Google drive and on the forums at [WayBackUPS PIco Firmware Update & Troubleshooting : Technical Support

So despite github providing an excellent platform for discussion and storing documentation, something archaic like a forum is used to store data in a disorganised way.

Too bad, as the document itself is 100+ page of invaluable documentation.

So in case of future bit-rot, here are the links:

Read the rest of this entry »

Posted in Development, Hardware Development, Hardware Interfacing, Raspberry Pi | Leave a Comment »

TEncryptedIniFile: easy to use class for handling app settings with encryption in Delphi – TMS Software Blog

Posted by jpluimers on 2017/10/17

[WayBackTMS Software | Blog | TEncryptedIniFile: easy to use class for handling app settings with encryption

via: [WayBackA new blog has been posted:TEncryptedIniFile: easy to use class for handling app settings with encryption – Michael Thuma – Google+

I wonder how that works with encryption algorithms based on thin Delphi wrappers around proven open source encryption libraries.

–jeroen

PS: Note the G+ link died. Not sure why, but that’s why I archived the original as a WayBack link when writing this post.

Posted in Delphi, Development, Software Development | 4 Comments »

OnePlus OxygenOS built-in analytics: disable it as soon as you can

Posted by jpluimers on 2017/10/16

Remove the OnePlus Analytics service because of privacy violations:

Source: [WayBackOnePlus OxygenOS built-in analytics

We take a look at the analytics built into the OxygenOS, the flavour of Android built by phone manufacturer OnePlus.

The analytics data is sent over https, but it contains way too much information on your privacy.

This also taught me about this interesting project: [WayBack] OWASP Zed Attack Proxy Project – OWASP

These tweets describe how to disabled it:

It was also present OnePlus Five, I found it through:

  1. Settings
  2. Developer Options
  3. Running Services
  4. OnePlus System Service
  5. OnePlusAnalyticsJobService

Until removed, it restarts at every boot.

Removing the service seems more permanent than the alternative [WayBack] Dear OnePlus, please stop spying on my phone:

  1. Settings
  2. Advanced
  3. Join user experience program
  4. toggle this option to off

It is unclear to me what turned that option on in the first place.

–jeroen

via: [WayBack] Welp. As a OnePlus owner, this makes me pretty damn unhappy :/ https://www.chrisdcmoore.co.uk/post/oneplus-analytics/ +Colm Buckley – Kristian Köhntopp – Google+

 

Posted in Android Devices, OnePlus Five, OnePlus Two, Power User, Privacy | Leave a Comment »

If Beyond Compare indicates “editing disabled” after starting from SourceTree, then your integration is wrong.

Posted by jpluimers on 2017/10/16

SourceTree 2.1 still doesn't recognise that Beyond Compare is installed.

SourceTree 2.1 still doesn’t recognise that Beyond Compare is installed.

I noticed that on my Mac, Beyond Compare wasn’t able to edit diffed files when it had been started from SourceTree. This struck me as odd since on Windows this worked fine. So I did a bit of digging and found out both SourceTee and I screwed up:

Editing Disabled

Luckily [WayBackZoë Peterson (lead developer on Beyond Compare and formerly Turbo Power Abbrevia project admin) had answered this before, and all these show “Editing disabled” in the user-interface:

Beyond Compare will disable editing of a file any of the following reasons:

  • It’s one of the input files in a 3-way merge
  • The comparison was cancelled
  • The comparison encountered an error (corrupt file, invalid character encoding, out of memory, gamma rays, etc)
  • The file format’s conversion settings don’t support converting back to the original format (MS Word, PDF)
  • The file is on a read-only “filesystem” (7zip/RAR/CHM archives, CD/DVD-ROMs)
  • A file or parent folder had editing explicitly disabled by the user in the session settings or using the /ro command line switches
  • The viewer itself doesn’t support editing (eg, Hex Compare)

Source: [WayBackversion control – Beyond Compare 3 editing disabled – Stack Overflow

So the last instruction should be:

Set both Visual Diff Tool and Merge Tool to Other, then set both the Diff Command and Merge Command to the value you obtained above (in my case /usr/local/bin/bcomp) and these arguments:

  1. Diff Command Arguments
    "$LOCAL" "$REMOTE"
  2. Merge Command Arguments
    "$LOCAL" "$REMOTE" "$BASE" "$MERGED"

Note that somewhere during 2.2, SourceTree has added Beyond Compare integration and fixed some of the issues, but there are still issues left:

No Editing Disabled

There is only one occasion where the UI does not show “Editing Disabled”, but where you cannot edit the file itself (you can only edit the current line in the line diff view at the bottom of the UI). Zoë mentioned that too:

Also, the Full Edit (F2) toggle in the Text Compare View menu switches between inline editing and line-based mode. If it’s disabled you can copy/delete whole lines and type in the line details edits at the bottom of the window, but the main windows won’t have a cursor, typing is disabled, and it will always select whole lines. Unlike the above items, this doesn’t show “Editing Disabled” in the status bar.

Source: [WayBackversion control – Beyond Compare 3 editing disabled – Stack Overflow

By default this setting is bound to the F2 key on Windows, so if you accidentally press that when Beyond Compare is active, you might be in for a surprise.

Screen shots:

Read the rest of this entry »

Posted in Beyond Compare, Encoding, Power User | Leave a Comment »

RSA keys by Infineon chips or libraries can be cracked fast; Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping…

Posted by jpluimers on 2017/10/16

All of our house is wired by ethernet for a reason…

WPA2 Flawed. Once again, it turns out that designing something properly secure is really, really, REALLY hard.

[WayBack] Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping https://arstechnica.com/… – Lars Fosdal – Google+

[Archive.is] If fixes exist, third party firmware will have it in days. Most OEMs, never. I do worry a lot about unfixable flaws in the wifi standards… – Kristian Köhntopp – Google+:

Dave reminds us that there is a reason why people mod the firmware of their Wifi routers, and that reason is actually now more critical than ever.

Via [WayBack] https://www.krackattacks.com/ has a FAQ. Some interesting questions from there:… – Kristian Köhntopp – Google+:

[WayBackKRACK Attacks: Breaking WPA2 : This website presents the Key Reinstallation Attack (KRACK). It breaks the WPA2 protocol by forcing nonce reuse in encryption algorithms used by Wi-Fi.

 

Since we’re talking security, watch your RSA as it is way worse than the WPA2 one: [Archive.is]

We heard you liked the 10 WPA2 CVE’s, so »A 2nd major crypto vulnerability being disclosed… – Kristian Köhntopp – Google+ quoting

[WayBack] Dan Goodin‏ @dangoodin001: 2nd major crypto vulnerability being disclosed Monday involves millions of 1024- and 2048-bit RSA keys that are practically factorizable.

[WayBackROCA: Vulnerable RSA generation (CVE-2017-15361) [CRoCS wiki]

The time complexity and cost for the selected key lengths (Intel E5-2650 v3@3GHz Q2/2014):

  • 512 bit RSA keys – 2 CPU hours (the cost of $0.06);
  • 1024 bit RSA keys – 97 CPU days (the cost of $40-$80);
  • 2048 bit RSA keys – 140.8 CPU years, (the cost of $20,000 – $40,000).

[WayBack] New vulnerabilities found in RSA 1024 and 2048 bit keys. Estimated cost of cracking based on access to the Public key only: 1024 bit: $40 2048 bit: $20k… – Lars Fosdal – Google+

Jan Wildeboer did a nice explanation in laymen terms of both security issues published today:

 

–jeroen

Read the rest of this entry »

Posted in LifeHacker, Power User, Security, WiFi | Leave a Comment »

« Previous Entries
Next Entries »