Your mobile number is being sent to web pages

2014
10.29

Depending on the mobile network provider you use (MTN doesn’t seem to be affected in ZA at the moment, Vodacom in ZA leaks this information), and device used, your IMEI and MSISDN (mobile number) are being sent to each web server you access via the mobile data network. In addition, tracker headers are being added.

You can see this here: http://blog.sven.co.za/sniff/ (access the page from your mobile phone on 3G/4G/GPRS or EDGE). Read the rest of this entry »

Review: The Square, The Vineyard, Cape Town

2014
10.13
RestaurantThe Square
LocationThe Vineyard Hotel, Claremont, South Africa (@Vineyard_Hotel)
Date of Visit27 September 2014

Perhaps the fact that the phone remained unanswered and was redirected to the switchboard should have been a warning. But with a Saturday morning breakfast rush, it’s possible that no-one could take the call. Having left my details, I was assured that I’d receive a call back within the hour.

That hour passed without luck. Perhaps that should have been the final warning. Unperturbed, I called The Square again, only to this time have the call answered immediately, and have a table for four confirmed. A non-smoking table at 7pm awaited, with the promise of culinary and service excellence, as expounded upon on the website.

On arrival, the faintly sketched mental images the web had created soon evaporated. Don’t trust the Internet. Ever. Read the rest of this entry »

Screenshot on a Mac (MacBook, MacBook Air or iMac)

2014
10.13

It’s so simple, it’s almost not worth typing, but for the sake of those of us who need this as a reference point, capturing the screen and saving it as a file, or to the clipboard to use the screenshot later, there are only a few steps involved on a MacBook or iMac. This works on all Apple Mac machines that aren’t tablets or phones (where you just the home and power button together – it’s saved to your Photos). On Windows, just use the PrintScr key…

Read the rest of this entry »

`Shellshock` Bash Patch update – pipe directly to sh to secure your machine

2014
10.08

Recently, I made the script to patch your BASH environment available on this site, but that meant a need to copy and paste.

Using a user with the appropriate rights, you can now pipe directly using a quiet wget to make the full recompile to most recent BASH version possible.

All you need is this line: Read the rest of this entry »

`Shellshock` bash vulnerability fix and update in case of slow or unavailable repositories

2014
09.29

Updated to latest kernel patch bash43-30

You’ve heard of ShellShock, and the bash-exploits that are currently doing the rounds, across platforms, that make use of these bugs (CVE-2014-6271 and the volumes of additional updates including CVE-2014-6277, CVE-2014-7186, CVE-2014-7187 and CVE-2014-7169, but to name a few). Proofs of Concept are being collected here… The below works as a vulnerability fix for older Ubuntu LTS and non-LTS versions, Debian (eg Squeeze) as well as Fedora and RedHat/CentOS, and applies all up-to-date patches to Bash.

bash – as a shell – is a tried and trusted component. Some legacy systems’ repositories – be they apt, yum or other – may no longer be kept up to date. Alternatively, they may not be being kept up-to-date enough for your liking. And you want to close the bash issue in the best way you know how.

Easy workaround is a recompile of the bash shell yourself:

Read the rest of this entry »

How to block or drop attacker with null route

2013
01.14

Quick note to myself, as I keep forgetting the syntax, though it is so easy — to block an incoming connection by null routing or rejecting the connection is as simple as

route add -host IP reject

To apply this to a whole subnet range, use the -net as you would with the /24 mask (or the appropriate subnet, /29 or smaller should do), eg

route add -net IP/RANGE reject

To undo this,

route delete IP

Twitter speed

2012
04.06

Repeatedly getting this error on this Twitter.com site: Read the rest of this entry »

DSL Network speed and connectivity in South Africa – Feb – Apr 2012

2012
04.06

It’s been a rocky start to the year of DSL connectivity with EASSY and SEACOM, among the major uplinks from Southern Africa, all were affected by outages.

After a network outage between Abu Talat in Egypt and Marseilles, France was reportedly cleared on Feb 8, 2012, rumours surrounding additional downtime of the SEACOM network Read the rest of this entry »

Rsync – copy file differences to third directory

2012
04.06

So you have a snapshot of data on one drive, and the current state of data on the second drive. How do you copy the difference between the two drives into a third directory?

Rync comes to the rescue here. And it doesn’t take much:

Read the rest of this entry »

Some quick updates

2012
04.06

Time for some housekeeping – WordPress, plugins etc all patched and back to where they should be (taken long enough) — some more updates on PHP, scheduler integration and large data transfer info coming up soon!

[SOLVED] Windows 7 fails after patch installation, hangs, cannot boot in safe mode

2011
07.21

Windows 7 won’t boot up, Safe Mode hangs (typically at CLASSPNP.SYS), the System Recovery can’t fix (Bad Patch and AutoFailover errors) and there are no recovery points to revert back to. Sound familiar? There’s a working solution! Read the rest of this entry »

Delete and clear POSTFIX queue in one line

2011
07.05

Oftentimes, you may need to just delete all messages in queue (for example, when your script has gone mad and generated too many messages to handle, once you’ve stopped postfix). It’s quite simple, really: Read the rest of this entry »

960 and a variety of other styling options

2011
05.24

From the provider of formalize.me (consistent styling for forms), Nathan Smith’s presentation from April 2011 about the 960 grid system (960.gs) framework, the rationale and alternatives

Microsoft drives to kill off IE6 and get you to upgrade

2011
03.05

Hurray!! Even Microsoft wants users to upgrade from IE6 to something modern Read the rest of this entry »

#Surface- and touch-based #interfacing via #mobile devices

2011
03.03

Touch surfaces and ubiquitous computing. I’m going through the exercise at the moment with portable touchscreen communicators and business enablers. I’ll relate my experiences with the Samsung Galaxy Tab, Slate etc when I’ve spent enough time with the devices to form a full picture. For now, just a short video relating to a view Read the rest of this entry »

Three Oh Five – WordPress Upgrade are out

2011
02.08

The upgrade to 3.0.5 was resleased yesterday. From the release notes:

Two moderate security issues were fixed that could have allowed a Contributor- or Author-level user to gain further access to the site.

One information disclosure issue was addressed that could have allowed an Author-level user to view contents of posts they should not be able to see, such as draft or private posts.

Two security enhancements were added. One improved the security of any plugins which were not properly leveraging our security API. The other offers additional defense in depth against a vulnerability that was fixed in previous release.

Download and upgrade now!

3G SMTP servers for MTN, Vodacom, CellC etc

2011
02.03

On 3G and outgoing mail not sending? Chances are, you need to set the SMTP server specific to your network. Here’s the list that may grow over time: Read the rest of this entry »

The Mobile Phone and Social Interaction [an advertisement]

2011
01.16

As one of the elements of modern society, family life and meeting etiquette, the mobile phone has become that always-on irritating device that, like the traditional land-line telephone, often times gets priority over even human contact Read the rest of this entry »

Expire private images to protect privacy on the Internet?

2011
01.11

A new product over at x-pire.net (which redirects to x-pire.de) was unveiled in Germany today, with the aim of embedding expiry times and information into images so that they cannot be viewed after a certain time. In that way there should be a maximum lifespan to digital images on the web to prevent future embarassment, usage etc. At this stage, the prototype is available as plug-in for Firefox (as well as some other browsers in future), and expounds the idea of a ‘forgetful internet’ so that information is not immortal on the web. Read the rest of this entry »

Upgrade to WordPress 3.0.4 – HTML Sanitation bug

2010
12.30

From the WordPress Development Blog:

Version 3.0.4 of WordPress, available immediately through the update page in your dashboard or for download here, is a very important update to apply to your sites as soon as possible because it fixes a core security bug in our HTML sanitation library, called KSES. I would rate this release as “critical.” Read the rest of this entry »