It seems I am a very special person for google: the 'Birthdays' calendar which should be filled with the birthdays of all people in your google+ circles had the option to remove it from the list of calendars or unsubscribe totally. After being on the receiving end of some rants about this it is clear a lot of people don't have the option to get rid of this calendar. I found a possible workaround: How to delete the Birthdays Calendar from your Google Calendar.
: Interesting WTF-8 breakage + html escaping
I recently took some pictures of the HF dipole antenna in our attic:
The current rainy weather is reasonably deadly for any transmitting, given the report from Digital mode reception maps at pskreporter.info which states:Monitoring PD4KH (last heard 20 hrs ago).while I am quite sure I transmitted PSK31 CQs and answers more recently than that and the 10 meter band being open according to the same site. The attic dipole is right under the roof so any rain making the roof tiles wet is probably dampening the radio signals. This may get interesting when there is snow on the roof. I imagine some raised eyebrows when there is an antenna shaped hole in the snow on the roof.
De forumthread RTV Rijnmond: zendamateur bergschenhoek stoort hele buurt - zendamateur.com deed mij denken aan een heel goed stuk wat ik eerder tegenkwam: Voor de buren - PD5WL. Een heel leesbaar verhaal voor de buren van zendamateurs wat op een leesbare manier omgaat met antennes, radio en eventuele storing. Het blijft natuurlijk vaak gaan om vooroordelen en emotie, maar deze uitleg is open en duidelijk zonder al te technisch te worden. Ik heb nog geen antenne op het dak, maar al wel eens interesse gehad van een buurman waarom ik soms een antenne uit het zolderraam stak. Omdat ik nu ook actief ben op HF heb ik wel mezelf in het antenneregister gezet ook al is er niks zichtbaar: mocht er ooit iemand in de buurt reden hebben om het Agentschap Telecom te benaderen over storing die misschien over HF uitzendingen gaat dan kunnen ze simpel vinden dat ik hier soms actief ben.
Truth in e-mail virus attempts seen (note the filename) :Subject: MDaemon Notification -- Attachment Removed ----------------------------------------- order01.zip (order01\bot_crypted10394.scr)Oh, and another one came through with attachment:Archive: order01.zip Length Date Time Name -------- ---- ---- ---- 385024 11-12-14 17:00 order01/bot_crypted10394.scr -------- ------- 385024 1 file$ md5sum order01.zip ; sha256sum order01.zip ad9cb44bb7d64a8c5b619a4d37e7eb97 order01.zip ecd0ead687314c195a8072fe46fd513b46d61688c19398ec3edbfd6f92b4aca4 order01.zip $ md5sum order01/bot_crypted10394.scr ; sha256sum order01/bot_crypted10394.scr 509670b354f356dcd38f3d47408d9910 order01/bot_crypted10394.scr 93098ab5d8827339b17e4510676c40c79f6eb09c7cbb5cf0931100fce647a64f order01/bot_crypted10394.scrLots of German text in the .scr file:Mitgemeint7 Logistiktruppe Landschaftsstreifen Blumenart7 Friedensnobelpreis Priesterausbildung Luftmotor Form C:\prestigetr chtigem\Durchmischend6\Rauchgasexplosion\VB98\VB6.OLB Exzessiverem7 Raumverschwendungen7 Artikelstammwartung1And I pasted the complete strings -a bot_crypted10394.scr into pastebin.
: A good writeup of the current state of the Rosetta project by . I kept an eye on things today during work and it was awesome.
: Ham Hijinks.. or for real?
: Recent een keer met de camera tijdens werktijd een poosje rond het Wentgebouw kunnen wandelen. Imposant hoe zo'n hoge kraan bezig is.
Interesting spam in my inbox lately, and I can't find one of the usual spamfighters writing about it. I don't know which language and the google translate auto detect thinks 'Slovak' but fails most of the translation.privet. prisoedniaytes' k moei grupe vkontakte!!!! makeup ochen' deshevo!!!!!Vkontakte (vk.com) is a social network which has most of its visitors from eastern Europe. Vkontakte just happens to look a lot like facebook. I can find Yulianna Kir makeup artist on for example Instagram with a Russian phonenumber but it doesn't explain the spam, and trying google translate with the source language set to Russian doesn't work either. So the reason of the spam and the profit model is inconclusive.
Takzhe so mnoi mozhno svyaztsya i uvidet' tekuschie raboti po
Interesting new problem: transmitting on 20 meter PSK31 causes the lightning strike detector of the Weather station Utrecht Overvecht to go slightly mad. If you look at the graphs it seems like there was a really heavy thunderstorm last Thursday but that's just the result of trying 20 meter PSK31 all day and making 11 QSOs (radio connections). Time to move the lightning detector to a better location: in the shed with the rest of the weather station. Update 2014-11-08: And another side-effect: I used a really cheap gimmick USB hub to hook up the radio to the workstation because I needed an extra USB port for something else. The next thing that happened was the USB chip in the serial cable to the radio (CAT interface) completely locking up on transmitting. I also hear buzzing on speakers when I transmit on 20 meters so this is a big hint I need to change some things. At least a balun for the attic dipole is on the way.
: Interesting opportunity for some student with a big interest in amateur satellites and in the right part of her/his education.
I tried NetworkManager again because wicd was showing downsides, such as:
I tried NetworkManager again, kicked out ages ago because it fully depended on a Gnome desktop, which I don't run. But now it has nm-connection-editor and nm-cli which should make things less impossible. But after testing I found out NetworkManager is even worse for me than wicd.
- Not dealing correctly when the laptop is resumed with the ethernet cable attached: it doesn't run dhcp on the wired lan which makes services which only have IPv4 addresses unreachable. Took a while to understand that one for obvious reasons.
- Making the wired network interface flap between connected and disconnected state when a network cable is inserted after boot. Solution: restart wicd first.
A hint came when I tried things by hand:
- NetworkManager leaves wireless up when wired is running. The solution to this problem is a script from Disable WLan if Wired/Cable Network is available - Super User.
- I noticed I was using IPv6 addresses with privacy extensions again, so I made a script in the same style as the previous script to disable that setting in case the home IPv6 network was detected and enable it for all other networks. This causes a loop in NetworkManager: it restarts the interface when it detects the change. This still on wireless.
- Stopping NetworkManager left everything in a weird state: I found out it had disabled the support for router advertisments autoconfiguration in Linux. This was fixed easily on the wired network. Back to wicd.
- The next day I booted the laptop with only wireless and network wasn't coming up at all. Even after a complete reboot the wireless wasn't operating, and the wireless disable switch was in the right position.root@machiavelli:~# ifconfig wlan0 up SIOCSIFFLAGS: Operation not possible due to RF-killI guess the script disabling wireless when wired ethernet is available does some heavier disabling than I thought. The big hint is rfkill which is installed, and listed:root@machiavelli:~# rfkill list 1: phy0: Wireless LAN Soft blocked: yes Hard blocked: no 2: dell-wifi: Wireless LAN Soft blocked: no Hard blocked: no 3: dell-bluetooth: Bluetooth Soft blocked: no Hard blocked: no 4: hci0: Bluetooth Soft blocked: no Hard blocked: noAnd the solution:root@machiavelli:~# rfkill unblock 1 root@machiavelli:~# rfkill list 1: phy0: Wireless LAN Soft blocked: no Hard blocked: no 2: dell-wifi: Wireless LAN Soft blocked: no Hard blocked: no 3: dell-bluetooth: Bluetooth Soft blocked: no Hard blocked: no 4: hci0: Bluetooth Soft blocked: no Hard blocked: noAfter that (and restarting wicd to be sure) things worked normally again. So wicd may have its downsides, but NetworkManager is worse for me.
: So it's not just what I happen to read on google+ because I follow some Australians with interests in politics.
As part of my job I write down security requirements in new projects. Those include 'connections between systems that transport non-public data need to be encrypted using up-to-date encryption'. At the same time, work is improving their testing procedures so new or upgraded applications come to production fully tested according to predefined testing scenarios. So now 'security' is also part of the test scenarios and I was asked to help build tests for our security requirements. For secure websites it is easy, I use the Qualys SSL Labs SSL Server Test. But there are a lot more ssl secured connections in use, and I would like those verified too without having to expose them to the outside world. Preferably both from Unix and Windows endpoints. And automated and/or as a scenario that can be done by the responsible system administrators. A simple websearch gave no answers but some asking around gave me SSLScan for Windows which is a windows port of SSLScan Fast SSL Scanner. It's even free, and it gives out just the reports I want:D:\sslscan win>SSLScan.exe wwwsec.cs.uu.nl:443 _ ___ ___| |___ ___ __ _ _ __ / __/ __| / __|/ __/ _` | '_ \ \__ \__ \ \__ \ (_| (_| | | | | |___/___/_|___/\___\__,_|_| |_| Version 1.8.2-win http://www.titania.co.uk Copyright Ian Ventura-Whiting 2009 Compiled against OpenSSL 0.9.8m 25 Feb 2010 Testing SSL server wwwsec.cs.uu.nl on port 443 Supported Server Cipher(s): Rejected SSLv2 168 bits DES-CBC3-MD5 Rejected SSLv2 56 bits DES-CBC-MD5 Rejected SSLv2 128 bits IDEA-CBC-MD5 Rejected SSLv2 40 bits EXP-RC2-CBC-MD5 Rejected SSLv2 128 bits RC2-CBC-MD5 Rejected SSLv2 40 bits EXP-RC4-MD5 Rejected SSLv2 128 bits RC4-MD5 Rejected SSLv3 256 bits ADH-AES256-SHA Rejected SSLv3 256 bits DHE-RSA-AES256-SHA Rejected SSLv3 256 bits DHE-DSS-AES256-SHA Rejected SSLv3 256 bits AES256-SHA Rejected SSLv3 128 bits ADH-AES128-SHA Rejected SSLv3 128 bits DHE-RSA-AES128-SHA Rejected SSLv3 128 bits DHE-DSS-AES128-SHA Rejected SSLv3 128 bits AES128-SHA Rejected SSLv3 168 bits ADH-DES-CBC3-SHA Rejected SSLv3 56 bits ADH-DES-CBC-SHA Rejected SSLv3 40 bits EXP-ADH-DES-CBC-SHA Rejected SSLv3 128 bits ADH-RC4-MD5 Rejected SSLv3 40 bits EXP-ADH-RC4-MD5 Rejected SSLv3 168 bits EDH-RSA-DES-CBC3-SHA Rejected SSLv3 56 bits EDH-RSA-DES-CBC-SHA Rejected SSLv3 40 bits EXP-EDH-RSA-DES-CBC-SHA Rejected SSLv3 168 bits EDH-DSS-DES-CBC3-SHA Rejected SSLv3 56 bits EDH-DSS-DES-CBC-SHA Rejected SSLv3 40 bits EXP-EDH-DSS-DES-CBC-SHA Rejected SSLv3 168 bits DES-CBC3-SHA Rejected SSLv3 56 bits DES-CBC-SHA Rejected SSLv3 40 bits EXP-DES-CBC-SHA Rejected SSLv3 128 bits IDEA-CBC-SHA Rejected SSLv3 40 bits EXP-RC2-CBC-MD5 Rejected SSLv3 128 bits RC4-SHA Rejected SSLv3 128 bits RC4-MD5 Rejected SSLv3 40 bits EXP-RC4-MD5 Rejected SSLv3 0 bits NULL-SHA Rejected SSLv3 0 bits NULL-MD5 Rejected TLSv1 256 bits ADH-AES256-SHA Rejected TLSv1 256 bits DHE-RSA-AES256-SHA Rejected TLSv1 256 bits DHE-DSS-AES256-SHA Accepted TLSv1 256 bits AES256-SHA Rejected TLSv1 128 bits ADH-AES128-SHA Rejected TLSv1 128 bits DHE-RSA-AES128-SHA Rejected TLSv1 128 bits DHE-DSS-AES128-SHA Accepted TLSv1 128 bits AES128-SHA Rejected TLSv1 168 bits ADH-DES-CBC3-SHA Rejected TLSv1 56 bits ADH-DES-CBC-SHA Rejected TLSv1 40 bits EXP-ADH-DES-CBC-SHA Rejected TLSv1 128 bits ADH-RC4-MD5 Rejected TLSv1 40 bits EXP-ADH-RC4-MD5 Rejected TLSv1 168 bits EDH-RSA-DES-CBC3-SHA Rejected TLSv1 56 bits EDH-RSA-DES-CBC-SHA Rejected TLSv1 40 bits EXP-EDH-RSA-DES-CBC-SHA Rejected TLSv1 168 bits EDH-DSS-DES-CBC3-SHA Rejected TLSv1 56 bits EDH-DSS-DES-CBC-SHA Rejected TLSv1 40 bits EXP-EDH-DSS-DES-CBC-SHA Accepted TLSv1 168 bits DES-CBC3-SHA Rejected TLSv1 56 bits DES-CBC-SHA Rejected TLSv1 40 bits EXP-DES-CBC-SHA Rejected TLSv1 128 bits IDEA-CBC-SHA Rejected TLSv1 40 bits EXP-RC2-CBC-MD5 Accepted TLSv1 128 bits RC4-SHA Rejected TLSv1 128 bits RC4-MD5 Rejected TLSv1 40 bits EXP-RC4-MD5 Rejected TLSv1 0 bits NULL-SHA Rejected TLSv1 0 bits NULL-MD5 Prefered Server Cipher(s): TLSv1 128 bits RC4-SHA SSL Certificate: Version: 2 Serial Number: -4294967295 Signature Algorithm: sha1WithRSAEncryption Issuer: /C=NL/O=TERENA/CN=TERENA SSL CA Not valid before: Mar 15 00:00:00 2012 GMT Not valid after: Mar 15 23:59:59 2015 GMT Subject: /C=NL/O=Universiteit Utrecht/CN=wwwsec.cs.uu.nl Public Key Algorithm: rsaEncryption RSA Public Key: (2048 bit) Modulus (2048 bit): 00:da:af:31:f2:39:f5:66:d0:d5:96:5e:1d:1e:7a: 86:ba:3f:79:79:98:da:30:79:32:39:99:47:88:ea: 6c:2e:a0:2a:9b:29:0a:48:9e:0f:9e:9d:e1:9a:32: 8d:a6:ab:7b:bb:73:62:0a:43:31:cd:78:02:14:09: 23:b7:d1:28:4a:2e:b8:c0:c9:ea:7a:9b:5c:4b:ae: 73:af:7b:82:4d:dd:e9:ec:8f:6e:13:c9:db:d4:d0: 92:9f:d3:88:69:c2:d3:61:32:76:d6:12:d0:45:d7: c2:89:fb:cb:24:b0:5e:6b:11:89:5c:3b:3e:8b:02: 9b:3a:62:ca:ac:47:d1:97:1d:02:bd:50:2b:50:e5: be:55:f5:54:5c:68:99:28:c6:ca:05:70:79:84:1a: 24:6d:02:de:16:74:8b:05:ce:f0:9c:71:27:c0:99: 22:66:2e:00:31:ca:b7:1c:9d:78:8e:6e:e0:8f:94: 4d:42:a7:89:8f:8d:d4:3a:1d:91:e6:c8:59:a1:59: 3b:b3:e7:54:21:3c:38:0b:d3:27:37:33:48:8f:f4: e0:ba:e7:33:17:9b:a2:b1:b4:f0:7a:35:b3:27:4c: 81:ad:76:91:78:52:1a:18:bf:18:c9:93:84:aa:79: 49:ec:43:fe:56:5b:cc:82:ad:44:c7:4b:79:8f:d1: 6d:9d Exponent: 65537 (0x10001) X509v3 Extensions: X509v3 Authority Key Identifier: keyid:0C:BD:93:68:0C:F3:DE:AB:A3:49:6B:2B:37:57:47:EA:90:E3:B9:ED X509v3 Subject Key Identifier: 99:E4:5C:2F:C5:E8:4F:D1:A5:91:AA:0B:28:18:F2:EF:2A:96:4B:49 X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Basic Constraints: critical CA:FALSE X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Certificate Policies: Policy: 184.108.40.206.4.1.64220.127.116.11.29 X509v3 CRL Distribution Points: URI:http://crl.tcs.terena.org/TERENASSLCA.crl Authority Information Access: CA Issuers - URI:http://crt.tcs.terena.org/TERENASSLCA.crt OCSP - URI:http://ocsp.tcs.terena.org X509v3 Subject Alternative Name: DNS:wwwsec.cs.uu.nl, DNS:wwws.cs.uu.nl Verify Certificate: self signed certificate in certificate chainAt this moment it complains about a self-signed certificate because I haven't given it a list of root certificates. I can't find out at the moment how to fix that, it doesn't seem to check the list of root certificates or not in a place I put them.
Waving to China:Oct 26 12:42:43 abaris sshd: User root from 18.104.22.168 not allowed because none of user's groups are listed in AllowGroups Oct 26 12:43:22 abaris sshd: User root from 22.214.171.124 not allowed because none of user's groups are listed in AllowGroups Oct 26 12:44:19 abaris sshd: User root from 126.96.36.199 not allowed because none of user's groups are listed in AllowGroups Oct 26 16:10:09 abaris sshd: User root from 188.8.131.52 not allowed because none of user's groups are listed in AllowGroups Oct 26 16:10:29 abaris sshd: User root from 184.108.40.206 not allowed because none of user's groups are listed in AllowGroups Oct 26 16:11:19 abaris sshd: User root from 220.127.116.11 not allowed because none of user's groups are listed in AllowGroups Oct 26 17:11:10 abaris sshd: User root from 18.104.22.168 not allowed because none of user's groups are listed in AllowGroups Oct 26 17:11:41 abaris sshd: User root from 22.214.171.124 not allowed because none of user's groups are listed in AllowGroups Oct 26 17:12:40 abaris sshd: User root from 126.96.36.199 not allowed because none of user's groups are listed in AllowGroups Oct 26 19:02:41 abaris sshd: User root from 188.8.131.52 not allowed because none of user's groups are listed in AllowGroups Oct 26 19:03:13 abaris sshd: User root from 184.108.40.206 not allowed because none of user's groups are listed in AllowGroups Oct 26 19:03:55 abaris sshd: User root from 220.127.116.11 not allowed because none of user's groups are listed in AllowGroups Oct 26 19:06:29 abaris sshd: User root from 18.104.22.168 not allowed because none of user's groups are listed in AllowGroups Oct 26 19:06:59 abaris sshd: User root from 22.214.171.124 not allowed because none of user's groups are listed in AllowGroups Oct 26 19:07:42 abaris sshd: User root from 126.96.36.199 not allowed because none of user's groups are listed in AllowGroups Oct 26 19:54:45 abaris sshd: User root from 188.8.131.52 not allowed because none of user's groups are listed in AllowGroups Oct 26 19:55:21 abaris sshd: User root from 184.108.40.206 not allowed because none of user's groups are listed in AllowGroups Oct 26 19:56:00 abaris sshd: User root from 220.127.116.11 not allowed because none of user's groups are listed in AllowGroupsI guess Shaoxing Dingqi Network Technology Co., Ltd. and WENZHOU GAOJIE TECHNOLOGY CO.LTD have a problem with intruders abusing their systems to attack third parties or they might just be very interested in attacking a certain class of systems.
: Knibbel, knabbel, knuisje, wie knabbelt daar aan mijn huisje?
Sloop #wentgebouw te volgen via http://www.projects.science.uu.nl/webcams/ met ook een timelapse.
Final part of demolishing a university building, taking out the floors and columns. Live webcam and timelapse video via url above.