Craig Mayhew’s Blog

1. Login to your vmware server.
3. Backup your virtual machine and all snapshots (The raw files on the physical disk – particularly the vmdk files as this will be what we are modifying)
4. Login to vmware gui.
5. Power off your virtual machine (do not pause it!).
6. Delete all snapshots for this machine
7. Locate vmware-vdiskmanager.exe and adjust paths to run the following command (Change sie in GB as you require):
8. C:\Users\user>”C:\Program Files (x86)\VMware\VMware Server\vmware-vdiskmanager.exe” -x 1000GB “D:\Windows 7\Windows 7.vmdk”
9. Once that has run (it will take some time). Try powering on your virtual machine (mine crashed the first time around when I logged in via remote desktop but was fine after logging in via vmware browser plugin).
10. Once logged into the windows 7 virtual machine: Open control panel -> Administrative Tools -> Computer Management
11. In the left menu click Storage -> Disk Manager
12. You should see your drives with blue bars. Your C drive should have a block of unpartitioned space that was created by the vdiskmanager in the previous steps. Right click on C drive and click “extend volume”.
13. Follow the prompts – default values should be fine
14. Done

Researchers Thai Duong and Juliano Rizzo claim to have found a weakness in SSL encryption. It allows them to view anything that is encrypted with SSL and therefore supposedly secure. It affects TLS 1.0 and below which is just about every form of SSL currently supported by web servers and browsers. They will demo the exploit at Ekoparty security conference.

So the internet and ecommerce is now broken?

Don’t panic – there is a fix – it just hasn’t been written yet. TLS 1.1 and TLS 1.2 exist which are not vulnerable to the exploit. However they are not supported by major browsers or web server distributions. I suspect this will rapidly change and support will appear in the next month or so. Also – the exploit is not public and I expect it will be kept a secret for as long as possible.

What to do?

For internet users: Make sure your browser, email client and operating system is bang up-to-date and apply updates immediately as they become available! If your preferred browser is slower than others in getting a fix then temporarily switch to one that does have the fix.

For website owners: If your using SSL at all e.g. ecommerce or email then get onto your hosts once a fix is released and make sure they are going to implement it ASAP. If they are not going to update then move to another host.

For web hosts: Keep your customers informed and hope a fix comes soon!!

I will try to update this post with info on browsers and server software as and when they begin to support TLS 1.1

Are we finally in the age of truelly unlimited storage? It would be nice but I think the encryption issue will let it down.

Bitcasa think they can offer you unlimited storage for $10 per month. They achieve this magic by using deduplication which ensures that data is never deduplicated across any of their servers. So if I upload an mp3 and you upload the same mp3 it only exists once on their disk. Dedupe actually takes it further and breaks every file into chunks and makes sure each chunk is only saved to disk once so if we both have a document where the front two pages are the same – those two pages will only be saved to disk once and so on.

So dedupe is great – but I want to encrypt all my data before it goes onto some untrusted server(s) and so should you. Encrypted data though is rather random and doesn’t benefit at all from dedupe.

So bitcasa are using the following solution:

If you use something called Convergent Encryption – where you generate a key from the file you are encrypting. Then you can encrypt all your data with an individual encryption key for each file. To date this is as much info as they are willing to divulge. However this means you can only dedupe data on a per file basis, so my second example won’t work.

So the only possibility I can think of is that they are breaking files into chunks on the client and encrypting each chunk individually before uploading it to their servers. This will work great but does mean you need to remember an awful lot of encryption keys (millions or possibly billions depending on the chunk size). And this does mean you will need to use Bitcasa’s proprietary client. This means you won’t see any web based access and you won’t see many if any 3rd party applications for a long time.

However that last paragraph is pure speculation at this point :) I’ve signed up for the beta and hope to have more info soon!

Ubuntu versions 10.04 and 10.10 had various issues with the screen brightness on my HP EliteBook 8530w. It wasn’t possible to adjust the brightness which was a real problem if the screen dimmed while power saving.

The only fix I’ve found was to update to Ubuntu version 11.04.

If you get the following error when your upgrading:

An unresolvable problem occurred while calculating the upgrade:
Trying to install blacklisted version ‘blcr-dkms_0.8.2-13′

To fix, simply search for the package ‘blcr-dkms_0.8.2-13′ in package manager and mark for upgrade. Click apply and then try the system upgrade once again.

In a nutshell, timthumb.php is used to resize images in many wordpress themes and it doesn’t check images from remote sources to make sure they really are images and not a malicious script.

To fix you need to change $allowed sites to be an empty array.

e.g. $ALLOWED_SITES = array();

An example of what you may initially find:

$ALLOWED_SITES = array (
‘flickr.com’,
‘picasa.com’,
‘img.youtube.com’,
‘upload.wikimedia.org’,
‘photobucket.com’,
‘imgur.com’,
‘imageshack.us’,
‘tinypic.com’
);

If you have been affected then you need to clear out the infection on your server:

Search your wordpress directory for the base64_decode function and make sure you don’t have any odd looking long encoded strings anywhere.

Upgrading the turnkey vm of redmine can be painful:

Hopefully this will take away some of the pain :)

cd /var/www
mv railsapp railsappOLD
svn co http://redmine.rubyforge.org/svn/branches/1.0-stable railsapp
cp ./railsappOLD/config/database.yml ./railsapp/config/database.yml
cp ./railsappOLD/config/email.yml ./railsapp/config/email.yml
cp -r ./railsappOLD/files ./railsapp/files
sudo chown -R root:www-data /var/www/railsapp
cd /var/www/railsapp
sudo chown -R www-data:www-data files log tmp
gem install rails -v=2.3.5
gem install rack
gem install rack -v=1.0.1
rake generate_session_store
gem install -v=0.4.2 i18n
rake generate_session_store
rake db:migrate RAILS_ENV=production
sudo chown -R www-data:www-data files log tmp public/plugin_assets
rake db:migrate:upgrade_plugin_migrations RAILS_ENV=production
rake db:migrate_plugins RAILS_ENV=production
sudo chmod -R 755 files log/ tmp/ public/plugin_assets
rake tmp:cache:clear
rake tmp:sessions:clear
sudo reboot

Would like to spread the word on this as email is taking up an increasing amount of my time (and server diskspace/bandwidth!).

I already follow most of these rules but will be making more effort with number 8.

www.emailcharter.org.

Firefox 4 has added some eye candy that greys out the webpage when an alert appears. This looks nice but is very slow over a remote desktop connection as it forces the entire window to be sent again to the client.

To fix, just add this to the end of userChrome.css


tabmodalprompt {
background: transparent !important }


The file should be found here: C:\Users\$username\AppData\Roaming\Mozilla\Firefox\Profiles\$letters.default\chrome\userChrome.css

If it doesn’t exist then copy and rename userChrome-example.css to userChrome.css

When I started developing in cuda I had a bit of a nightmare setting up the development environment. This youtube video saved the day. Many thanks to Yuber Núñez for taking the time to make it.