Tag Archives: malfunctioning computers

databases

my first direct experience with databases was in the late 1980s or early 1990s, when i got a “job”, “working” for this… guy…

i don’t remember his name — possibly “henry” — but i remember his attitudes: he was always right, nothing he thought of had ever been thought of before, he was the richest, smartest, trendiest, most “on-top-of-it” dude that ever hit the face of the planet, and GAWD HELP YOU if you EVER got in his way.

needless to say, the “job” didn’t last long. it started with him demonstrating how generous he was, by buying me a disk caddy, so that i would have somewhere to keep all of the disks i was going to accumulate working for him. then he started asking me about computers. at the time, i was NOT a “computer geek”, nor did i want to be one (my father was one of the original “computer geeks” and i DID NOT want to be like my father), but i knew about computers because i had been working as a typesetter for a few years. he asked me what i didn’t know about computers, and one of the first things out of my mouth was “databases”, so he signed me up for a week of training with “FileMaker”…

what i learned was a bunch of recycled stuff from my already ample knowledge of microslut word and excel, with a bunch of “hypercard-like” stuff which i sort of vaguely understood (but nobody i knew used hypercard for anything, so i never really knew what i had missed until years later), and, at the same time i was doing this training, i was helping this… guy… clean out his house, because he was going through a divorce, or some awful shit like that, and he, basically, had to move EVERYTHING that was “his”, out of one house and into another, that was a few houses down the street…

which is where i learned that his “rich” persona was heavily financed by several HUNDRED overdrawn credit cards — he had been using one credit card to pay off another credit card, and when he ran out of credit cards, he would just start up a new one, and use it to pay off the previous ones… FOR YEARS… — at which point i decided that working for this guy might not be such a good idea, if i wanted to get paid.

quite apart from the fact that working for him was REALLY annoying…

so, ultimately, i spent a week learning really complex software that i never got to use for anything, and that was it, until i got my job at software.com, testing email servers, in 2001.

and, for all of my work with databases at software.com/openwave, i still don’t have a really solid grasp of what they are… where they “live”, what they do, how they work… anything… all i know is that, under the right set of circumstances, you can give “commands” to a database, and it will perform certain functions with a variety of different “objects”, the outcomes of which can be used in a multitude of different ways, depending on what is contained in your database.

i get the impression that databases are a lot like the world wide web, in that they both have a lot of objects (web sites) that are linked together in a somewhat-haphazard, but definitely organised way.

so, you can imagine that it was something of a surprise when, the other morning, i woke up, checked my email, and discovered two somewhat alarming notices. the first was warning me that i had used up 90% of my disk space on my server, and the other was warning me that a “table” on my main database was malfunctioning… or something… and collecting 251 GB worth of data… which, somehow, was NOT showing up in my cPanel, which says “Disk Usage 18.43 GB / 292.97 GB”…

and, of course, it happened on a sunday, when nobody’s in the office, and on mothers day, when even fewer people are in the office, and during a PANDEMIC… 😒

so, first thing this morning, after waking up to a broken heat pump, and a wife who wrenched her back, i wrote to my web designer, who said, oh yeah, we’ve seen this kind of thing before, it’ll cost between $200 and $500 to fix it…

and I DON’T EVEN KNOW WHAT’S WRONG… 😖

my wonderful pet, frank zappa the cat

my wonderful pet, Frank Zappa, the cat, innocently playing with a cat toy in a patch of sunlight, like a good kitty...
my wonderful pet, Frank Zappa, the cat, innocently playing with a cat toy in a patch of sunlight, like a good kitty…
my wonderful pet, Frank Zappa, the cat, honoured my presence (and the fact that i had just fed him) yesterday, by waiting until i had a full bottle of beer on my desk, and then jumping into my lap and doing the happy-cat-dance, which involves swirling around and waving his tail in such a way that it impacts the bottle of beer on the desk, spilling the contents into my keyboard.

😒

because of the fact that i have worked in several companies that actually, physically MADE keyboards — they really do wash partially finished keyboards in a household dishwasher before assembly — i wasn’t as upset as i could have been, but, nevertheless, i spent the entire rest of the evening taking my keyboard apart, cleaning the beer (and assorted dust, feathers, cat hair and other detritus) out of it, and re-assembling it…

only to discover that only half of the keys actually work. and not in a normal “right half works, left half doesn’t” way, but in a more random “half the keys in this line sometimes work and sometimes don’t” way, which indicates that some moisture probably got inside the four or five layers of waterproof linings — seriously, keyboards, these days, are practically impervious to spills… not like when i was a kid… — either that, or there was something that didn’t want to get bent, that got bent in the process of disassembling the keyboard: i tried to be careful and not bend any of the parts that looked like they might be upset if they got bent, but i may have bent them, anyway, without meaning to.

in any event, i have an alternate keyboard, just for such emergencies, which is the same model, but different colour keys. i have occasionally ransacked the alternate keyboard for spare parts, like when my “B” key’s spring broke, and the F2 and F3 keys died, so it doesn’t get used for anything, anyway… so i decided to make a frankenkeyboard…

in honour of my wonderful pet, Frank Zappa the cat.

frankenkeyboard
frankenkeyboard

grr update 2

akregator has taken up the task of crashing about half the time, again. i guess it just needed some time to settle, after having the debug packages installed.

i reported the bug. it was a duplicate of bug #382575, which is actually a bug with Qt (which i always thought stood for “QuickTime”, but, apparently, i’m wrong), and it was originally reported in july of 2017. it will be fixed… eventually… 😒

grr update

i installed the debugging packages for both kontact and dolphin, thinking that would help me get a better idea of what’s going on.

it’s a little difficult with dolphin, because it doesn’t actually crash, it just gives me an “unknown error” message.

with kontact/akregator, it made a considerable difference, but i’m not sure how much it helps: now, instead of crashing about half the time when i middle-click on a link (which would produce the backtrace for which i installed the debugging packages), it doesn’t crash at all… it still does nothing when i middle-click on a link — now 100% of the time — and it still works exactly as advertised when i right-click and choose “open link in external browser”… 😠

ETA: this is the primary reason why, if there was ANY other alternative, i would use that instead of linux: i looked at the URI in dolphin, after it gave me the weird “unknown error”, and it said “smb://@/” which i thought looked kind of odd… so i put the username for the drive to the left of the @ sign, and the name of the drive to the right of the @ sign…

and it worked. 😕

no clue how it got that way, no clue why it worked before, with no username in the picture, and doesn’t now, no clue what the error messages mean, i have absolutely NO CLUE why it works now and didn’t before…

but it does. 😕

grr…

i’m still having random annoying problems with bionic beaver:

when i start it up in the morning, it loads my desktop wallpaper image with a “blur” in the background, which is not what i want. i have to right-click, choose “Configure desktop”, choose “blur”, hit “apply”, choose “Solid color” and hit “apply” before it correctly shows a solid colour background around my wallpaper images. 😕

sometimes, randomly, the “Device Notifier” shows me the three USB hard disks i have inserted, and mounted, even when i am doing nothing that involves any of them. i don’t know why.

akregator randomly crashes when i try to open a link with the middle mouse button (which is normally set to “open in external browser”). it works okay if i right-click and choose “open in external browser” from the context menu, but if i middle-click, sometimes nothing happens, and sometimes akregator crashes. also, it doesn’t give me enough information in the trace to make the bug reports any good. i wrote to the KDE-PIM users list, but not with this problem, because i hadn’t figured out exacly what happened at that time. now i get the very strong impression that the response will be to upgrade to a more recent version, but that version hasn’t been added to the upgrades for bionic yet, so i’m kinda stuck.

dolphin allows me to make icons for places i go to regularly, and organise them in the left hand side of the window. i set up some network folders, by selecting “Network”, then selecting “Add Network Folder” and setting up a micro$not windows folder at smb://salamandircloud.local. it worked fine for about 3 days, but now, when i select any of the network folders at salamandircloud.local, it tells me

Internal Error
Please send a full bug report at http://bugs.kde.org
Unknown error condition in stat: Unknown error 8216

only sometimes, instead of “Unknown error 8216” it says “Unknown error” or “File exists” or “Software caused connection abort”. i went to http://bugs.kde.org and discovered a duplicate bug that says it’s “solved”, but it doesn’t give any clear indication of how it was solved. the end result is that now i no longer have access to my cloud drive from my linux machine. 👎

because of the fact that i can’t access salamandirCloud, i can’t access my music from my linux machine, but even when i could access salamandirCloud, amarok couldn’t access my music files. apparently it wants them on a local drive… and, because of the fact that, when i could access my cloud drive, it was through a SMB connection, i can’t use the standard NFS to automatically mount the drive at startup. i wrote to the amarok users list, but nobody’s home there, and i don’t expect an answer any time soon. 😠

i keep going back to the advice i was offered by Ralf Mardorf on the debian users list, back in 2012, when i was playing around with (and failing to install) a debian live disk. he said

Because I needed new hardware I couldn’t keep a stable Linux install that satisfied my needs.

Never change a winning team!

If there’s no need to update, keep a stable install, make backups and to test newer Linux versions at least have a dual-boot.

If I could use my old stable install, I still would use it. In your case I would reinstall the old Ubuntu that fit to your needs and I would install a second Linux and try to get it working, when ever I would have time to do it.

You know it yourself, I don’t need to write this words to you ;).

which, to me, means “IF IT AIN’T BROKE, DON’T FIX IT!”

except, of course, trusty was broke, it was just broke in different ways than bionic is. now all i gotta do is figure out what the fixes are. 😖

if it ain’t broke, don’t fix it

a wise old linux guru told me this, a few years ago, and i’ve found myself smack in the middle of what happens when you follow that maxim… and it doesn’t feel entirely comfortable, at this point.

i have been happily running kubuntu trusty since 2014, which means that, now, there are TWO LTS releases to bring me up to date… Bionic Beaver, and the interim release, Xenial Xerus, which had some notable problems that were notable enough that i decided that… IF IT AIN’T BROKE, DON’T FIX IT.

now, i’ve actually heard some good things about the new LTS release, and, strangely enough, Amarok broke about two weeks ago (and the amarok user list has gone quiet the past few months, which makes me wonder who to contact), so i’ve been having to resort to qmmp to play music… so i decided to upgrade.

i’ve had some AWFUL experiences upgrading operating systems, and linux is no exception. the last time i upgraded linux, it took me three days to get my computer back. in an attempt to avoid that possibility this time, i have finished uploading my ENTIRE /home directory to the cloud, and am in the process of uploading my ENTIRE music collection to the cloud.

then, on the advice of the linux gurus over at Kubuntu Forums (who have saved my ass more than once), i’m going to go out and get a 2TB SSD on which to install bionic.

the only problem is that i still am not completely sure that my email is going to transfer, because i know that kontact was one of the notable problems i read about with xenial that made me want to avoid upgrading… and i’m not sure the standard “back up everything including the hidden directories from /home” is going to work this time, because i’ve heard that bionic uses something other than akonadi, which was, apparently, the source of the problems with xenial… which would mean that potentially i could lose 7 years worth of email and contact information. 😒

so, we’ll just have to see how it goes… 😐

and so, once again…

and so, once again, the battle of (someone else’s) computer has come to an inconclusive end.

i still have one open ticket with the VPN folks: they updated the VPN software for the tablet, which means that now it’ll connect after i reboot it, but if it comes disconnected for some reason, the only way to get it to reconnect is to reboot the entire tablet… which, while better than not being able to connect at all, is still a major hassle. i’m not holding my breath that it’s going to get fixed soon, as my current tablet can’t be upgraded beyond a version that is three full versions behind the current one… 😐

my email works — or, rather, isn’t giving me timeout errors every time i send email. monique’s email is working again, although she’s lost her address book and her signature files, and the two mailing lists of which i am in charge, seem to be working, with third-party verification. i’m also paying about twice as much as i was with the old host provider, but, with the new host provider, i’m actually an “official” reseller, which means that, now, i have access to WHM, which i never have before… but i’m not sure, at this point, whether or not it’s a “good” thing. at this point, i have updated all of my domains’ MX records to the new host provider (something i was never able to do before), without knowing for sure whether or not i have done the right thing. at this point, two days later, it still works as far as i have been able to tell, nothing has broken as far as i can tell, and nobody has complained to me that their shit isn’t working, so i’m nominally calling it complete, but i wish there were some way that i could be sure…

raghr! 😠

i got back from OCF to discover that the email problem i had when i left was still there, and EZPZ had closed the ticket, because i wasn’t there to egg them on.

it’s still broken, so i decided to switch host providers… AGAIN! 😑

some day, everything will just WORK, and there won’t have to be providers that don’t know how to fix things… 😐

i’m really glad…

the computer industry has been a-twitter for the past few days, concerning a zero-day “bug” in micro$lop word, which gives an attacker full execution control of the victim’s machine — a Very Bad Thing®.

this reminds me of a couple of things that i experienced, more-or-less first-hand, while i was working at micro$lop, and is the PRIMARY REASON why i’m really glad i don’t run machines with their software on them.

there’s this, which outlines what the “bug” is, and how it allows an attacker to take control of a victim’s machine (i put the word “bug” in quotation marks because bugs are usually things that appear in the code by mistake, but it is my impression that micro$lop put this in deliberately, without realising the potential damage it could do)… which brings up the fact that they have known, particularly, about security problems with OLE (which went through a stage where they were referring to it as “ActiveX”), at least since my friend, and computer-god fred debuted The Exploder Control in 1995, which did a clean shut-down of any machine unfortunate enough to be running Windows95 — PLEASE NOTE: the Exploder Control is not harmful, and will not run correctly unless you’re running Windows95 and Internet Explorer version 3, which, by this time, presumably, you’re not. fred’s premise was, and still is, that if you have a method of excersising THAT MUCH control over a machine, it better well be FULLY AND COMPLETELY SECURE, otherwise people WILL take advantage of it.

i worked at micro$lop when the first Word Concept Virus was discovered. it was unique (at the time) because it allowed an attacker to infect a victim’s machine over email, without actually having to have physical contact with the target machine. it worked by utilising micro$lop word’s “normal.dot” template, and required the victim to have macros enabled by default. the new, most recent word problem doesn’t require macros to be enabled, and doesn’t work if the application is running in “Protected View”. so, the solution micro$lop has come up with is to recommend that you run word in “Protected View” in order to avoid this particular vulnerability.

it is significant, to me, that the primary reason we have things like active antivirus software on our computers today is because of actions taken by the micro$lop corporation when i worked there. when i was working there, they were the largest manufacturer of computer software in the world.

and it reminds me of the solution micro$lop came up with to avoid another “bug” in another one of their “excellent” programs, internet explorer: version 3 exhibited a flaw in the way that it displays URIs in the address bar, and by opening a specially crafted URI an attacker could open a page that appears to be from a different domain from the current location. the solution? “Do not click any hyperlinks that you do not trust. Type them into the address bar yourself“… despite the fact that one of the features of all web browsers is that you can get from one source of information to the next, easily, without having to type in long, unintelligible strings of code.

Rule of thumb — Every time Microsoft uses the word “smart,” be on the lookout for something dumb.
     — John Walker

A little detective work revealed that, as is usually the case when you encounter something shoddy in the vicinity of a computer, Microsoft incompetence and gratuitous incompatibility were to blame.
     — John Walker

grr…

i was going over some updates with the new web site designer. because of a couple of component updates, some of my templates were deprecated and needed to be updated. i figured i could probably update them, since all that was needed was for me to determine which templates needed to be updated, download the updates, FTP to the site and replace the old ones with the new ones. in the process of finding out which of the templates needed to be updated, i came across a random, and somewhat unexpected error with my SSL certificate. the web designer said the host provider needed to fix it. the host provider said that the web designer needed to fix it.

😑 ‽‽‽‽

it was getting really late last night, when the host provider said that the web designer needed to fix it, and he wasn’t going to be available until tomorrow. i told the geek at the host provider that it sounded to me like it was a problem that the host provider was supposed to fix, and the geek proceded to break it even more. i was blocked out of my own site, temporarily, and when i was able to log in again, instead of being able to log out, i was redirected to a page that told me i was temporarily blocked from access… regardless of which browser, or which platform i used, i was able to login successfully, but was unable to log out.

😑 ‽ 😑 ‽ 😑 ‽ 😑 ‽

today, i contacted the web site designer. i agreed to give him $150, and he agreed to fix my site, and update it with the right templates.

grr… 😕

god damn it!!!

i have an ipad, so i can keep farcebook off of my real computers.

i don’t know whether it’s the ipad itself, or whether it is farcebook, but i’m getting really pissed off at the behaviour i’m seeing:

1) it randomly crashes: the screen freezes, then goes black, and then it gives me the “desktop” screen, and then, when i restart the farcebook application, it automatically goes to my “News Feed” rather than to the “Most Recent” page, where i normally read stuff. this happens a lot more frequently when i am reading a “link” that someone posted, but it also happens when i am simply reading farcebook.

2) it takes FOR-FUCKING-EVER to load a “link” from the farcebook application, and even when it says it’s finished loading, frequently it freezes until the entire page actually loads, which is sometimes as much as two or three minutes later. this is a lot more common on links which contain videos, although YouTube links usually load fairly quickly, which makes me suspect that there’s something else that is gobbling up bandwidth.

3) in the farcebook application itself, it frequently freezes for a couple of minutes, and then goes back to “normal” behaviour.

4) frequently, when i go to a “link” in the farcebook application, it loads completely, and then the screen gets a grey tinge to it, and the entire page is overlayed with an advertisement of some kind, and unless i touch EXACTLY the right place, which changes semi-regularly, instead of getting to read the page that i intended to, i have to wait for farcebook to put another, complete, entirely unrelated page, the advertisement, on the screen, which frequently takes up to five minutes, before i can go “back” to the page i was intending to read.

4½) a related problem is that, frequently, when i touch a place that should be a link of some kind (like a URI) it doesn’t do anything at all, and other times, when i am “scrolling”, it interprets my “touch” as a “click” and loads something in which i wasn’t interested, and then gives me a lot of difficulties (involving one or more of the previously enumerated items) getting back to where i was.

to make matters worse, the specific problems outlined above don’t happen individually: they frequently come in batches of two, or three, and, frequently all four of them at the same time.

as i said, i’m not sure whether it is due to bugs in the farcebook application, or bugs in the hardware, but it’s getting to the point where i feel like throwing the device against a wall, or out the window or something.

i’m fairly sure that this is NOT the way it is supposed to work. 😠

told ya so… 8P

told ya so… 8P

it doesn’t completely work the way i want it to, yet, but it was 2% working yesterday, and today it’s back to 95%

while i’ve got my email back, it’s not completely working yet, and i’m still having to deal with peculiarities with which i’m not exactly familiar. they’re peculiar enough that, it’s my professional opinion that they may be caused by demons, and may work themself out on their own eventually… one of my email accounts apparently uses a password i don’t remember. gramps works, but it still thinks the media is on the non-existent disk… i still don’t have the fonts straightened out…

but it’s one hell of a lot closer than it was yesterday, when i didn’t have the task bar icons that i usually have, and the K-menu icons that i usually have, and my email didn’t work… and i didn’t even have to convince it to mount the big hard disk, which wasn’t even showing up as being capable of mounting until i jumped through a 3-step hoop in order to mount it, yesterday…

it’s fixed enough that i am not even worried about going to bellingharm tomorrow, but i probably won’t spend the night.

UPDATE 10:30 pm i got email working. it was a combination of trying things in a new way, and demons in the pipes. i’ve even got my sigrot working, although i don’t know whether cron is taking care of running it every 5 minutes. also i got dropbox working again. now all i gotta do is figure out where my fonts went to…

snrg

for a couple of years now the fan in my computer has been making an evil buzzing noise when i first turn on the machine. i discovered that if i take a bottle of canned air and squirt it into the fan, it stops… after a while…

fast forward a couple of years, and multiple cases of canned air from costco (i.e. at least 10), and it’s actually been taking longer and longer to get the fan to quit buzzing, and the buzzing has been getting more loud and evil sounding, especially since i re-oriented the box, so i finally decided to open it up and see if i could fix it.

i found a lot of dust… which i cleaned out outside, because i’ve had previous experience with trying to clean dust out of a computer while inside, and it results in making everything taste like the inside of a computer for a couple of weeks… πŸ˜›

but it didn’t stop the buzzing, so i broke down and bought a new fan.

it cost me $9.00. 😐

i don’t know why i don’t just put my computer in a place where it’s relatively easy to disconnect and clean, apart from general laziness and lack of caring, and i wonder about the habit i have of stacking stuff on top of the computer, and/or putting it in obscure, difficult to remove places even more when the solution to my problem ALL ALONG cost me less than $10.00… 😐

i’ve been working in the computer industry long enough that i should have known it was going to turn out that way… 😐

SHELLSHOCK UPDATE

Shellshock: ‘Larger scale attack’ on its way, warn securo-bods

Apple FINALLY patches the ‘don’t worry’ Bash Shellshock vuln

Apple Releases Patches for Shellshock Bug


Every Mac Is Vulnerable to the Shellshock Bash Exploit: Here’s How to Patch OS X
— i upgraded from v.3.2.51(1) to v.3.2.53(1) according to their directions for pre-mavericks computers, and, according to the test i posted last week the system is no longer “vulnerable”, but, because of the fact that it doesn’t actually give a response other than “this is a test”, i can’t tell for sure whether or not they’ve actually patched shellshock, or whether they have just turned off the error message… it would be really nice if i could just upgrade to the current GNU release, which is v.4.3… this is why i am no longer a mac-head… 😐

Apple patches "Shellshock" Bash bug in OS X 10.9, 10.8, and 10.7

SHELLSHOCK UPDATE

Firms BASH Bash bug with new round of Shellshock patches

Cisco splats Bash bug in busy swatting season

i’ve run three rounds of security updates in the past three days, and bash was updated in every one of ’em… eventually they’re gonna fix it for real… maybe i’ll just revert to using csh… or zsh (which was written by paul falstad, my former manager and coworker at openwave) 😐

SHELLSHOCK UPDATE

UPDATE: Bash Vulnerability AKA SHELLSHOCK

The ‘Shellshock’ Bash vulnerability and what it means for OS X

Apple: Most OS X users safe from ‘Shellshock’ exploit, patch coming quickly for advanced Unix users — which, of course, is a blatant falsehood… all macs are as much at risk as -x was, and -x had a patch yesterday… this is why i am no longer a mac-head… 😐

Apple working on “Shellshock” fix, says most users not at risk [Updated] — which includes the following information:

Mac OS X uses version 3.2.51.(1) of GNU bash, released in 2007; the current GNU release of the shell is bash 4.3. However, the current version is released under the GNU Public License version 3 (GPLv3). Apple has avoided bundling GPLv3-licensed software because of its stricter license terms, even dropping the open-source Windows networking service Samba from OS X server in 2011 because Samba had shifted to a GPLv3 license. Therefore, although patches for the vulnerability have now been pushed out for most open-source operating systems, Apple executives may feel they have to have their own developers make modifications to the bash code.

this is the explanation why i haven’t been able to get SAMBA to work on my mac… grumble, mutter… 😐

Still more vulnerabilities in bash? Shellshock becomes whack-a-mole

shellshock update: linux has been patched, mac not so much…

‘Shellshock’ Bug Spells Trouble for Web Security
140925
by Brian Krebs

The bug is being compared to the recent Heartbleed vulnerability because of its ubiquity and sheer potential for causing havoc on Internet-connected systems β€” particularly Web sites. Worse yet, experts say the official patch for the security hole is incomplete and could still let attackers seize control over vulnerable systems.

The problem resides with a weakness in the GNU Bourne Again Shell (Bash), the text-based, command-line utility on multiple Linux and Unix operating systems. Researchers discovered that if Bash is set up to be the default command line utility on these systems, it opens those systems up to specially crafted remote attacks via a range of network tools that rely on it to execute scripts, from telnet and secure shell (SSH) sessions to Web requests.

According to several security firms, attackers are already probing systems for the weakness, and that at least two computer worms are actively exploiting the flaw to install malware. Jamie Blasco, labs director at AlienVault, has been running a honeypot on the vulnerability since yesterday to emulate a vulnerable system.

“With the honeypot, we found several machines trying to exploit the Bash vulnerability,” Blasco said. “The majority of them are only probing to check if systems are vulnerable. On the other hand, we found two worms that are actively exploiting the vulnerability and installing a piece of malware on the system. This malware turns the systems into bots that connect to a C&C server where the attackers can send commands, and we have seen the main purpose of the bots is to perform distributed denial of service attacks.”

The vulnerability does not impact Microsoft Windows users (ed. for a change), but there are patches available for Linux and Unix systems. In addition, Mac users are likely vulnerable, although there is no official patch for this flaw from Apple yet. I’ll update this post if we see any patches from Apple.

The U.S.-CERT’s advisory includes a simple command line script that Mac users can run to test for the vulnerability. To check your system from a command line, type or cut and paste this text:

env x='() { :;}; echo vulnerable' bash -c "echo this is a test"

If the system is vulnerable, the output will be:

vulnerable
 this is a test

An unaffected (or patched) system will output:

 bash: warning: x: ignoring function definition attempt
 bash: error importing function definition for `x'
 this is a test

US-CERT has a list of operating systems that are vulnerable. Red Hat and several other Linux distributions have released fixes for the bug, but according to US-CERT the patch has an issue that prevents it from fully addressing the problem.

The Shellshock bug is being compared to Heartbleed because it affects so many systems; determining which are vulnerable and developing and deploying fixes to them is likely to take time. However, unlike Heartbleed, which only allows attackers to read sensitive information from vulnerable Web servers, Shellshock potentially lets attackers take control over exposed systems.

“This is going to be one that’s with us for a long time, because it’s going to be in a lot of embedded systems that won’t get updated for a long time,” said Nicholas Weaver, a researcher at the International Computer Science Institute (ICSI) and at the University California, Berkeley. “The target computer has to be accessible, but there are a lot of ways that this turns accessibility into full local code execution. For example, could easily write a scanner that would basically scan every Web site on the planet for vulnerable (Web) pages.”

Stay tuned. This one could get interesting very soon.

blood pressure through the roof… 8/

i installed the daily security updates, and it removed my ability to send and receive email. 😑

it’s getting towards time for me to re-evaluate my dependence on computers.

ETA: so i decided that it was time to upgrade distributions, because precise is coming up against its EOL in a year or so. i upgraded to trusty, and things got distinctly WORSE: i am now looking at a “system loading” screen that has had a “progress” meter (which is just an animated graphic that has 5 dots that go from one colour to a different colour, and back, one dot at a time, to show you that “something’s happening”) for about half an hour with no change…

i posted once at kubuntu forums but there has been no response yet… 😐

i wonder how long it’s gonna take this time? 😑 if it’s anything like the last couple of times, it could take as much as a week to get things back to “normal” again… 😐

smb

i figured out stumbled across the method of making my mac accessible to my linux box that doesn’t include sftp, but does include smb. theoretically, i’ve got smb running on my linux box, as well (thus the ability to access my mac), but for some reason, my linux box doesn’t show up on my mac.

it’s nothing new. my mac has always shown up on my linux box, and my linux box has never shown up on my mac. the fact that i stumbled across the method of making my mac visible on my linux box indicates to me that it should be fairly easy to make the linux box visible from the mac…

but, so far, it hasn’t happened yet… 😐