Remember when you used to only open the door when a certain pattern of knocks was heard? You can do the same with ports - the so-called “Port Knocking”. It provides another layer of security to your system as ports are not opened until the correct knocking pattern is received.

Haven’t installed or tried this myself, but may do over the weekend.

www.boynux.com/how-to-en…

en.wikipedia.org/wiki/Port…

http://www.microhowto.info/howto/implement_port_knocking_using_iptables.html

https://wiki.archlinux.org/index.php/Port_Knocking

http://www.debian-administration.org/articles/268

http://www.zeroflux.org/projects/knock/

www.youtube.com/watch

Wuaki is a streaming service like Netflix, Love Film and Amazon Prime. I found it when I was clicking through the apps on my Panasonic Viera TV, and found that the three Blender-made short films were all there. You can also access them on the web interface. Oh, and they’re free to rent and watch, so you can’t get better than that.

If you only read one article today, read this one.

Some software bugs are infinitely subtle and complicated. Others are comprehensible almost at a glance to anyone who dabbled in BASIC as a kid. The iOS 7 bug is in the latter group.

Did you see it? This function is called when a iPhone connects to an encrypted site over SSL: it’s meant to verify that the encryption key is being vouched for — digitally signed — by the operator of the website.

But notice the two “goto fail” lines, one after the other. The first one belongs there. The second is a typo. That extra, duplicative line diverts the program’s execution, like a bypass stent, right past a critical authentication check. The part where the digital signature is actually checked is dead code, never reached. Behind iPhone’s Critical Security Bug, a Single Bad ‘Goto’ | Threat Level | Wired.com.

Why Apple’s Recent Security Flaw Is So Scary.

On Friday, Apple quietly released iOS 7.0.6, explaining in a brief release note that it fixed a bug in which "an attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS." That's the understated version. Another way to put it? Update your iPhoneright now.

Oh, and by the way,OS X has the same issues—except there's no fix out yet.

I could make all manner of snarky comments on this, but I won’t.

I was playing an online game (a game which I no longer play), and that game had in-game purchases. Up to a point, I was able to use a certain e-funds provider (not PayPal, but along those lines) to pay, then it suddenly reported that it was unable to complete the transaction. So I emailed them, and they said they needed me to provide them proof of identity. So I sent them a partially blanked copy of my Driving License and bank account. They came back saying they needed the unblanked version. My response was that no-one should be sending crucial identity documents such as these over an unsecure channel such as email without first masking important details, and I would find an alternative means of paying - basically telling them to shove it - I’m taking my business elsewhere.

They came back 5 minutes later with the typical legal text saying they would process it as part of the DPA, they were a member of this security body, etc.

Nope, still going to take my business elsewhere.

This is important if you publish your own work, including CG and renders. Be wary of companies like Apple who want to sue every Tom, Dick and Harry.

Had my first encounter of Linux, or specifically, a linux-like environment in a corporate environment. The IT peops were trying to setup an environment on Xenserver, and they had setup a storage space to copy a virtual machine image onto. But they kept running out of space. It took me a while to figure out what they were doing (wrong), though.

They were trying to copy onto the PV partition, and Xenserver had setup its environment to use LVM, so the PV partition was already allocated to the LVM system, and therefore had no space to copy onto.

After figuring out which LV was the one they wanted to use, I had problems mounting, with mount saying I had to specify the filesystem. After trying various switches with mount and specifying a filesystem (only NFS, ext, ext2 and ext3 were supported by Xenserver. No vfat, ntfs or btrfs. Admittedly, however, the Xenserver version the IT people were using was an older version), I soon found out that the IT people had created the storage space, but not done anything else. Therefore, that would explain why I couldn’t mount it – it hadn’t been formatted. So a simple mkfs.ext3 (remember ext4 wasn’t supported) on the block device in /dev/mapper/ meant I could mount it without specifying filesystem. scp’ing into the server and copying into the path proved it worked.

Related articles

• Optimising Xenserver (aedwardsitblog.wordpress.com)
• Installing Citrix XenTools 6.2 on CentOS Linux release 6.0 (Final) from command line (gunnalag.com)
• Xen Launches The Mirage Cloud OS (techweekeurope.co.uk)
• Xenserver - RAID monitoring (community.spiceworks.com)
• Lvm (wiki.archlinux.org)
• Difference between ext2, ext3 and ext4 filesystem in linux (adarsh5388.wordpress.com)
• File Systems (wiki.archlinux.org)

I’ve finished studying for the first of two exams for the LPIC-1 certification, and I have found some exam questions (about 600 of them), and have started to go through them.

The first thing that struck me about these questions is either I’ve not been studying all the topics, or some topics have been removed out of the exam. For example, some of the questions reference LILO, but according to the LPI page on the 101 exam, there’s no mention of LILO (but there is mention of Grub 2 and Grub Legacy). Then again LILO and Grub Legacy are quite limited by today’s standards, so it could be that they really are removed out of the exam. Guess I’ll have to take that chance.

Related articles

• Pass the LPIC 1 Exam (razercattleya.wordpress.com)
• LPI Linux Certification in a Nutshell (razercattleya.wordpress.com)
• LPI study material (community.spiceworks.com)
• Revisiting Certifications (javacodegeeks.com)
• Lilo (wiki.archlinux.org)

Memory is a funny thing, isn’t it?

nypost.com/2013/11/3…

Had a very eventful weekend, and my entire Sunday was taking up trying to figure out a weird symptom on my linux installation.

In the weeks leading up to today, I used to get strange behaviour from my Fedora box. The behaviour resulting in an error being detected by the ABRT tool, regarding a null reference. Sunday, my laptop conked out and refused to startup. I tried reinstalling Fedora, Debian, Mint, openSUSE, and even OpenMandriva – none of them could complete the installation. They either failed with error part way through, or hung completely.

I decided to try installing Windows XP over everything. That failed with an IRQ LESS THAN OR EQUAL TO blue screen. Then I tried Windows 7. That installation succeeded, and I started running updates. Then it blue screened me again. This time MEMORY_MANAGEMENT was the message. Hmmm. So, could it be that one of my memory chips was dodgy? That would account for why it was intermittent. I have 2x 2GB chips in my laptop, so I took both out and rebooted. No splash screen. Good. That’s expected.

Put in one of the chips. Booted, BIOS showed 2GB. Good, that’s OK.

Took it out and put in the other 2GB. No splash screen. Looks like that’s the dodgy one. I dug out my 1GB from when I got my laptop originally, and put that back into the other slot, so I get a 3GB installation. Checked boot. Splash screen displayed. Good. So I then ran a BIOS memory check, and all 3GB passed.

So then I decided, maybe I should try doing a restore, in case the dodgy memory was the cause of my failure to restore previously. It worked fine, so now I’m back up with my previous setup. :D

Cause: Faulty 2GB memory

If you go blind from monitoring my internet activity, that's not my fault. It's yours for eavesdropping on my activity in the first place.

www.youtube.com/watch

Ego is a criminal’s weakness it would seem.

The line between fantasy and reality is getting ever more blurry. A CG girl manages to snare over 1000 paedophiles? Here’s another example of how close to realism CG has gone.

Related articles

• 'Virtual' 10-year-old snares 1,000 paedophiles worldwide (ndtv.com)
• Sweetie the avatar nets 20,000 online paedophiles, including 110 Britons (thetimes.co.uk)
• VIDEO: 'Sweetie' avatar traps web paedophiles (bbc.co.uk)
• How Sweetie caught 1 000 paedophiles (iol.co.za)
• Hundreds of paedophiles snared after 'virtual' 10-year-old girl used to lure them online (mirror.co.uk)
• Sweetie sting highlights online child sex exploitation (voiceofrussia.com)
• CGI girl 'Sweetie', 10, used to catch 1,000 paedophiles in internet chatrooms (metro.co.uk)
• Child Sex Sting Sees 110 Brits Caught Online (news.sky.com)
• Computer Sting with CGI 'Sweetie' Catches Online Sex Perverts (guardianlv.com)
• Dozens of Canadians among 1,000 adults who try to pay for web sex with 'virtual' 10-year-old girl (news.nationalpost.com)

FLOSS isn’t without it’s humour. It’s the only time you can say “Fork It” without getting in trouble for swearing ^_^