Gamma Calibration/Correction In Windows 10

There's a gamma calibration tool built in to Windows 10 (it may also exist in Windows 8 and 7 as well, possibly).

Search for "calibrate display color" and it will show up. Or choose settings, system, display, advanced display settings, display adapter properties, color management, advanced, calibrate display.

For other tools and further information, check out this page.

Pokemon Go APK 0.29 Download Mega.nz Link

Here it is, just in case it is blocked in your country:

com.nianticlabs.pokemongo-2580d2687af1ffaaec16ff3b48380f76.apk

The md5sum is below:

C:\Users\setup\Downloads>md5sum --version
md5sum (PCP patchlevel 2) (GNU textutils) 1.22

C:\Users\setup\Downloads>md5sum --binary com.nianticlabs.pokemongo-2580d2687af1ffaaec16ff3b48380f76.apk
2580d2687af1ffaaec16ff3b48380f76 *com.nianticlabs.pokemongo-2580d2687af1ffaaec16ff3b48380f76.apk

If you're curious, Titanium Backup exports filenames with the md5 hash in the filename.

Why don't fair coin tosses “add up”? Or… is “gambler's fallacy” really valid?

I am posting this answer here because I just joined the Philosophy website on StackExchange even though I have posting and comment privileges on other StackExchange sites. The question is quoted below:

I have always been perplexed by a seeming paradox in probability that I'm sure has some simple, well-known explanation. We say that a "fair coin" or whatever has "no memory."
At each toss the odds are once again reset at 50:50. Hence the "gambler's fallacy." After 10 heads, the odds of another head are still said to be 50:50. The same after 20, 40, 80... heads.
Yet we also know that the series will converge upon an equilibrium of heads:tails. And indeed this is countable in fairly short order. The convergence appears pretty quickly.
How can both be true? Isn't there something in the physical series of tosses that "remembers"? Isn't there necessarily some slightly better chance of a tails after 10 heads?
How does logic resolve this absolute randomness in the particular events with a general law of convergence? I imagine this must be a well-known issue. I suppose it raises the larger issue of what sort of "causality" probability is.
Note that I do not know symbolic logic so, embarrassingly, formal demonstrations are beyond my ken.

There's a very simple answer that Marilyn Vos Savant wrote in her Parade Magazine column years ago. The answer is that each individual toss of a coin has a 50/50 probability, but these odds do not apply in aggregate!

Is There A Way To Keep Very Noisy Mailing Lists Out Of Your Gmail Inbox And Still Participate In Them?

I am trying to keep a noisy mailing list out of my Gmail inbox (and I don't want to switch to https://Inbox.google.com just yet). It's not a noisy list per-se; there's a lot of signal (good information) but I'd prefer to keep it out of my inbox, except for the few posts that I participate in. I don't see a way to do this, which might just convince me to use Google's Inbox app.

Inbox.google.com combines many similar emails, either from a mailing list but also by the type of message, eg groupon deals) into a single item in your inbox.

By the way, does anyone else have a huge Gmail inbox? Mine has 127,000 unread messages, going all the way back to 2005 when I first created it. It just got out of control and unmanageable. I do skim over all of the subject lines and read emails directly but I don't open reach one.

Clintonemail.com Server Port Scans, DiG DNS Lookups, Nmap Scan

I did these scans on March 23, 2015. I've had this saved in my blogger drafts for awhile, but I thought I would go ahead and release it. Note that there's no RDP port open, as was reported. It was probably closed soon after clintonemail.com reached the news. All ports were closed, apparently.

C:\Documents and Settings\newadmin>dig clintonemail.com any

; <<>> DiG 9.9.5 <<>> clintonemail.com any
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- 61432="" id:="" noerror="" opcode:="" p="" query="" status:="">;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;clintonemail.com.              IN      ANY

;; ANSWER SECTION:
clintonemail.com.       7199    IN      NS      ns16.worldnic.com.
clintonemail.com.       7199    IN      NS      ns15.worldnic.com.
clintonemail.com.       7199    IN      MX      10 clintonemail.com.inbound10.mxlogicmx.net.
clintonemail.com.       7199    IN      SOA     ns15.worldnic.com. namehost.worldnic.com. 114021113 10800 3600 604800 3600

clintonemail.com.       7199    IN      MX      10 clintonemail.com.inbound10.mxlogic.net.
clintonemail.com.       7199    IN      A       208.91.197.27

;; Query time: 78 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Mon Mar 23 12:31:50 Eastern Daylight Time 2015
;; MSG SIZE  rcvd: 260






C:\Documents and Settings\newadmin>nslookup -type=mx clintonemail.com
Server:  google-public-dns-a.google.com
Address:  8.8.8.8

Non-authoritative answer:
clintonemail.com        MX preference = 10, mail exchanger = clintonemail.com.inbound10.mxlogic.net
clintonemail.com        MX preference = 10, mail exchanger = clintonemail.com.inbound10.mxlogicmx.net

C:\Documents and Settings\newadmin>nmap -sT clintonemail.com.inbound10.mxlogicmx.net clintonemail.com.inbound10.mxlogic.ne
t -vv -p 443,110,25,2525,465,587,993,995

Starting Nmap 6.01 ( http://nmap.org ) at 2015-03-23 12:38 Eastern Daylight Time
Warning: Hostname clintonemail.com.inbound10.mxlogicmx.net resolves to 2 IPs. Using 208.65.145.2.
Warning: Hostname clintonemail.com.inbound10.mxlogic.net resolves to 4 IPs. Using 208.65.144.3.
Initiating Ping Scan at 12:38
Scanning 2 hosts [4 ports/host]
Completed Ping Scan at 12:38, 0.27s elapsed (2 total hosts)
Initiating Parallel DNS resolution of 2 hosts. at 12:38
Completed Parallel DNS resolution of 2 hosts. at 12:39, 11.09s elapsed
Initiating Connect Scan at 12:39
Scanning 2 hosts [8 ports/host]
Completed Connect Scan at 12:39, 3.00s elapsed (16 total ports)
Nmap scan report for clintonemail.com.inbound10.mxlogicmx.net (208.65.145.2)
Host is up (0.047s latency).
Other addresses for clintonemail.com.inbound10.mxlogicmx.net (not scanned): 208.65.144.2
rDNS record for 208.65.145.2: mxl145v2.mxlogic.net
Scanned at 2015-03-23 12:38:54 Eastern Daylight Time for 15s
PORT     STATE    SERVICE
25/tcp   filtered smtp
110/tcp  filtered pop3
443/tcp  filtered https
465/tcp  filtered smtps
587/tcp  filtered submission
993/tcp  filtered imaps
995/tcp  filtered pop3s
2525/tcp filtered ms-v-worlds

Nmap scan report for clintonemail.com.inbound10.mxlogic.net (208.65.144.3)
Host is up (0.047s latency).
Other addresses for clintonemail.com.inbound10.mxlogic.net (not scanned): 208.65.145.3 208.65.145.2 208.65.144.2
rDNS record for 208.65.144.3: mxl144v3.mxlogic.net
Scanned at 2015-03-23 12:38:54 Eastern Daylight Time for 14s
PORT     STATE    SERVICE
25/tcp   filtered smtp
110/tcp  filtered pop3
443/tcp  filtered https
465/tcp  filtered smtps
587/tcp  filtered submission
993/tcp  filtered imaps
995/tcp  filtered pop3s
2525/tcp filtered ms-v-worlds

Read data files from: C:\Program Files\Nmap
Nmap done: 2 IP addresses (2 hosts up) scanned in 14.80 seconds
           Raw packets sent: 8 (304B) | Rcvd: 2 (72B)

How To Tell Which Version Your Windows 10 DVD/ISO Is

There are a few different ways that I've found to tell you which release your build of Windows 10 DVD or ISO/UDF image is. Since we only have two major RTM and later builds, one of the below should work.

Running Grepping/Strings on sources/Setup.exe: This seems to show the most accurate version number, including an internal build number. I have yet to install this ISO, so I am not sure if the 151029 number is indicative of it being a 10.0.10586.29 build number. The command below uses Sysinternals' strings program:

> strings setup.exe | findstr -i 10\.
10.0.10586.0 (th2_release.151029-1700)

DLL Method: Once you've extracted the files from your Windows 10 .ISO file, find at any DLL file in the Sources folder. Right-click it and choose Properties. Then click the Details tab. Under Product Version or File Version, it will show the build number:

Sources/Ws.dat: This file is in the sources folder. This file is in the inf format. Open it in notepad and it shows the build in the ClientVersion field. Note that in the 10240 build this file was empty, but going forward it might be used in the future.

ClientVersion=10.0.10586.0

Sources/Idwbinfo.txt: This file is in the sources folder. Open it in notepad and it will show the major release. th1_release is for 10240 and th2_release is 10586:

BuildBranch=th2_release

Sources/schema.dat: This file is in the sources folder. It's a binary file, but you can still open it in notepad. Search it for the string version and you'll see the full build number

Sources/sxs/microsoft-windows-netfx3-ondemand-package.cab: This file is in the sources/sxs folder. Open the file with 7-zip, and the file names will show the Windows build number:

amd64_addinprocess32_b77a5c561934e089_10.0.10586.0_none_0d954895973e1712

Here's my copy of the Media Creation Tool, version 10586, which as of this post, will still download a build 10586 ISO. If you have the original July 10240 Media Creation Tool, it will download the RTM build 10240 ISO.

How To Fix Botched MS Update MS15-115 KB-3097877; Affects More Than Outlook

Microsoft released a botched update that was supposed to fix opentype vulnerabilities but has caused logon issues, blank screens, etc.... The first reported problem with this hotfix was that Outlook would crash when opening HTML email.

They have since fixed the issue with this patch and have re-released it, as Infoworld reports.

 Microsoft has since replaced the troublesome security patch with a new one by the same KB number, at least for Windows 7

Fix #1: Use Remote Desktop/MSTSC and RDP into the machine and remove the update with this command:

wusa /uninstall /quiet /norestart /kb:3097877

You will still need to go into Windows Update, click Check for updates, and right click on update 3097877, then right-click it and choose Hide this update. You will not need to hide this update anymore, as this patch has been rereleased today.

Fix #2: As reported by Ryan Seabury on Infoworld's coverage, disconnect all secondary and tertiary (extra monitors) video monitors and reboot, then you should be able to login again. Then you can remove the update, and the working update that was re-released today (Thursday, November 12) will download again through Windows Update. Be sure to upgrade video driver to latest, as this update may corrupt display drivers.


Links:

https://social.technet.microsoft.com/Forums/en-US/482486ba-a378-4dcd-bd21-08ae19760b93/crashes-since-111115-updates-in-both-outlook-2010-and-2013-when-viewing-html-emails?forum=officeitproprevious

https://social.technet.microsoft.com/Forums/windows/en-US/336eae75-b5f4-41ea-bd2b-5f0248585a66/blank-screen-after-pressing-ctrlaltdel-for-login-after-windows-updates-no-way-of-logging-in-on?s=ecym&tduid=(32295f03de2fa23337fa02ecc12bc906)(256380)(2459594)(TnL5HPStwNw-ih3ZE4nGDMdpOi4RcapOeQ)()

https://www.reddit.com/r/sysadmin/comments/3seii6/outlook_issues_after_windows_update_1111/

https://www.google.com/search?q=KB+3097877

http://www.dshield.org/forums/diary/November+2015+Microsoft+Patch+Tuesday/20359/

http://www.pcworld.com/article/3004638/business-security/patch-tuesday-windows-security-update-rendered-outlook-unusable-for-many.html

http://www.zdnet.com/article/outlook-crashing-after-windows-security-updates-you-are-not-alone/

http://www.infoworld.com/article/3004441/microsoft-windows/microsoft-surreptitiously-reissues-botched-patch-kb-3097877-for-windows-7.html

http://news.softpedia.com/news/kb3097877-update-causing-issues-on-windows-7-windows-8-1-496053.shtml


Also in some unrelated news, but still interesting, you can now test you Android for all 22 security vulnerabilities with VTS for Android by NowSecure OSS . My LG Leon LTE is vulnerable to stagefright.

Windows 10 Upgrade Install Failing With A PRE_OS Error (Something Happened)

I have seen other guides that say to fix a failed Windows 10 install by doing a clean boot among other things:

• disabling items in MSCONFIG
• run setup.exe as administrator
• ensure that a bunch of services are set to automatic and start them
• disabled all antivirus
• boot into safe mode and run delete both folders that start with $Windows at the root of the C: Drive
• change your locale settings.
• remove all previous files, settings, and applications
• Create a registry key called AllowOSUpgrade to 1

I tried all of these at the same time, and none of them worked. The upgrade to Windows 10 kept failing and it would not give any reason why other than an inexplicable error message. I did two things after this: I installed Windows 7 Service Pack 1, which was not installed before. Still no dice. So I imaged the drive to another drive, and lo and behold, Acronis True Image found some unreadable sectors. I set it to ignore read errors while cloning, then booted up into 7 and Windows 10 installed just fine!

People are also saying to do a clean install of 7 or 8 first, or run chkdsk, which could be the reason that the upgrade then proceeds, if the hard drive errors are correctable!

Hey Apple, will you be giving away OS X version 11 away for free? (Or OS XI or OS 11 or OS 10.11?)

How To Permanently Disable Windows 10 Home Edition Updates

This will also work on Windows 10 Pro or Enterprise, but on those editions you can merely disable the Windows Update service by running services.msc, finding the Windows Update services, stopping it and setting startup to Disabled.

Please note that this may also block Windows 10 from phoning home to Microsoft, and will also likely disable most Microsoft online products (OneDrive, etc...)

Disable Windows 10 Updates:

Click on Start and Run, or type the "Windows Key" and "R", then type this command:

notepad %windir%\system32\drivers\etc\hosts

or this one:

notepad c:\windows\system32\drivers\etc\hosts

Add these lines below to the hosts file and click save. If it asks you for a location to save, then launch notepad as an administrative user and then open the hosts file. You'll have to type this filename directly into the File Open box, since normally only .txt files are shown:

c:\windows\system32\drivers\etc\hosts

# Important!
0.0.0.0    0.0.0.0     # fix for network status and diagnostic tools
0.0.0.0  dns.msftncsi.com
0.0.0.0  ipv6.msftncsi.com
0.0.0.0  win10.ipv6.microsoft.com
0.0.0.0  ipv6.msftncsi.com.edgesuite.net
0.0.0.0  a978.i6g1.akamai.net
0.0.0.0  win10.ipv6.microsoft.com.nsatc.net
0.0.0.0  en-us.appex-rf.msn.com
0.0.0.0  v10.vortex-win.data.microsoft.com
0.0.0.0  client.wns.windows.com
0.0.0.0  wildcard.appex-rf.msn.com.edgesuite.net
0.0.0.0  v10.vortex-win.data.metron.life.com.nsatc.net
0.0.0.0  wns.notify.windows.com.akadns.net
0.0.0.0  americas2.notify.windows.com.akadns.net
0.0.0.0  travel.tile.appex.bing.com
0.0.0.0  any.edge.bing.com
0.0.0.0  fe3.delivery.mp.microsoft.com
0.0.0.0  fe3.delivery.dsp.mp.microsoft.com.nsatc.net
0.0.0.0  ssw.live.com
0.0.0.0  ssw.live.com.nsatc.net
0.0.0.0  login.live.com.nsatc.net
0.0.0.0  directory.services.live.com
0.0.0.0  directory.services.live.com.akadns.net
0.0.0.0  bl3302.storage.live.com
0.0.0.0  skyapi.live.net
0.0.0.0  bl3302geo.storage.dkyprod.akadns.net
0.0.0.0  skyapi.skyprod.akadns.net
0.0.0.0  skydrive.wns.windows.com
0.0.0.0  register.mesh.com
0.0.0.0  BN1WNS2011508.wns.windows.com
0.0.0.0  settings-win.data.microsoft.com
0.0.0.0  settings.data.glbdns2.microsoft.com
0.0.0.0  OneSettings-bn2.metron.live.com.nsatc.net
0.0.0.0  watson.telemetry.microsoft.com
0.0.0.0  watson.telemetry.microsoft.com.nsatc.net
0.0.0.0  vortex.data.microsoft.com
0.0.0.0  vortex-win.data.microsoft.com
0.0.0.0  telecommand.telemetry.microsoft.com
0.0.0.0  telecommand.telemetry.microsoft.com.nsatc.net
0.0.0.0  oca.telemetry.microsoft.com
0.0.0.0  oca.telemetry.microsoft.com.nsatc.net
0.0.0.0  sqm.telemetry.microsoft.com
0.0.0.0  sqm.telemetry.microsoft.com.nsatc.net
0.0.0.0  redir.metaservices.microsoft.com
0.0.0.0  choice.microsoft.com
0.0.0.0  choice.microsoft.com.nsatc.net
0.0.0.0  df.telemetry.microsoft.com
0.0.0.0  reports.wes.df.telemetry.microsoft.com
0.0.0.0  wes.df.telemetry.microsoft.com
0.0.0.0  services.wes.df.telemetry.microsoft.com
0.0.0.0  sqm.df.telemetry.microsoft.com
0.0.0.0  telemetry.microsoft.com
0.0.0.0  watson.ppe.telemetry.microsoft.com
0.0.0.0  telemetry.appex.bing.net
0.0.0.0  telemetry.urs.microsoft.com
0.0.0.0  telemetry.appex.bing.net:443
0.0.0.0  settings-sandbox.data.microsoft.com
0.0.0.0  vortex-sandbox.data.microsoft.com
0.0.0.0  survey.watson.microsoft.com
0.0.0.0  watson.live.com
0.0.0.0  watson.microsoft.com
0.0.0.0  statsfe2.ws.microsoft.com
0.0.0.0  corpext.msitadfs.glbdns2.microsoft.com
0.0.0.0  compatexchange.cloudapp.net
0.0.0.0  cs1.wpc.v0cdn.net
0.0.0.0  a-0001.a-msedge.net
0.0.0.0  statsfe2.update.microsoft.com.akadns.net
0.0.0.0  sls.update.microsoft.com.akadns.net
0.0.0.0  fe2.update.microsoft.com.akadns.net
0.0.0.0  diagnostics.support.microsoft.com
0.0.0.0  corp.sts.microsoft.com
0.0.0.0  statsfe1.ws.microsoft.com
0.0.0.0  pre.footprintpredict.com
0.0.0.0  i1.services.social.microsoft.com
0.0.0.0  i1.services.social.microsoft.com.nsatc.net
0.0.0.0  feedback.windows.com
0.0.0.0  feedback.microsoft-hohm.com
0.0.0.0  feedback.search.microsoft.com
0.0.0.0  preview.msn.com
0.0.0.0  ad.doubleclick.net
0.0.0.0  ads.msn.com
0.0.0.0  ads1.msads.net
0.0.0.0  a.ads1.msn.com
0.0.0.0  a.ads2.msn.com
0.0.0.0  adnexus.net
0.0.0.0  adnxs.com
0.0.0.0  az361816.vo.msecnd.net
0.0.0.0  az512334.vo.msecnd.net


This list came from DSLReports. If anyone has any updates on this issue, such as a more complete list, or a better way to disable updates, please post a comment below.

Server Backup 2012 Error 0x80780119 (not enough disk space to create a Shadow Copy)

Here's a working fix for this issue,

1. Open Computer.
2. Right click the C drive (the active drive that contains the Windows system folder)
3. Click the Shadow Copies tab
4. Select the EFI volume and click settings
5. Change the Maximum Size to be two or three times the size that is listed.
6. If the Maximum Size is unlimited, try setting it to different values.
7. Repeat steps 3 and 4 for the Recovery Partition.

If you are still having trouble, then change the Shadow Copies storage area from itself to the C drive or another partition (preferably on the same disk or array), for both the Recovery and the EFI boot partition. This should also work for Windows 8.

 

Another possible but untested solution is to use AOMEI Partition Assistant to resize the Recovery Partition and the EFI partition to be two to three times larger.

Here's some background links:


https://sbsland.wordpress.com/2014/08/16/windows-server-2012-r2-backup-fails/


http://serverfault.com/questions/555912/windows-server-2012-r2-vm-back-up-fails-with-insufficient-storage-available-to-c

1. Disable WinRE (Open elevated command prompt and Run: “reagentc /disable”)
2. Take system image backup
3. Enable WinRE (Open elevated command prompt and Run: “reagentc /enable”)

You can write a batch file to run these commands via the scheduler for automation,


https://social.technet.microsoft.com/Forums/en-US/7373a7b8-01c8-4e2b-aaaa-513b7dad56f4/windows-server-2012-r2-vm-back-up-fails-with-insufficient-storage-available-to-create-either-the?forum=windowsbackup

The "USN journal" fix does not work on 2012, since Windows Server 2012 does not allow you to assign the EFI or Recovery partitions a drive letter. But also I have not tinkered with diskpart to see if it's possible via the command-line.


Apparently there is an errant Windows Update that just recently came out, since many people are having this issue but there's no official hotfix.

Amazon Android App 5.2 Final Version (Before It Was Pulled From The Appstore)

This is the final version of the Amazon's Android app that allowed the downloading of Android Apps from the Amazon Appstore, right before it was pulled and added back without this functionality. It's version 5.2.

com.amazon.mShop.android-2(v5.2.0).apk

Allworx Training Prerequisite Reading List (Downloads)

As of 2013, this list is no longer on the Allworx portal, so I am posting it here for posterity. Most of these links are PDF. If this violates  copyright, please leave a comment below and I will remove the link.

Suggested Reading:

1. TCP/IP Illustrated: Volume 1 (ISBN: 0201633469)
2. SIP Demystified (2002) (ISBN: 0071373403) 
3. Allworx Networking White Paper
4. Allworx VoIP White Paper
5. Telecom for Dummies (ISBN: 0-471-77085-X)
6. The Essential Guide to Telecommunications (ISBN: 0-13-148725-6)
7. Allworx Classroom Training Manual - this was in the Allworx Portal

Chromium Pepper Flash Plugin (PPAPI) Downloads

I was looking around with different versions of Chrome's Pepper Flash plugin, and decided to upload all the versions that I had laying around my laptop's hard drive. Even though Chromium Portable comes with a Pepper Flash plugin, it does not work by default without adding this parameter:

--ppapi-flash-path="C:\PortableApps\ChromiumPortable25\App\Chromium\PepperFlash\pepflashplayer.dll"

The PortableApps.com launcher supports passing command-line parameters to the real chrome.exe. It also supports passing parameters on all other apps.

Here's the archive with all the different versions I was able to find. It has version 11.5, 13, 11.6, 11.4, 11.9, 12, and 16 beta. The Version.txt file in the downloaded archvie has the more exact version of Chrome that the Pepper Flash plugin came from.

https://mega.co.nz/#!AZZEiTaJ!4ip9bfNxf_QWsBxt6kPukXYYkMEnq51fZ4bzjzwDH98

Scanner Crashing Computer When Plugged Into USB 3.0 Port (Fujitsu Scansnap)

If you have a usb scanner that causes a computer to crash (and I have even seen them prevent the computer from booting) try plugging it into a USB 2.0 port. This should resolve the problem.

Google Fiber Might Be Coming To Atlanta!

As seen on the Atlanta Linux Enthusiasts mailing list:


https://fiber.google.com/newcities/


https://www.linkedin.com/jobs2/view/11785877

https://www.linkedin.com/jobs2/view/14348109

https://www.linkedin.com/jobs2/view/14411648

https://www.linkedin.com/jobs2/view/25071454

https://www.linkedin.com/jobs2/view/20878588

No official announcement yet, but the rumor is that they're going to Brookhaven and Smyrna.

5,000,000 Gmail Usernames (The Hack)

Wondering if your gmail password was hacked? Download the complete list, rather than checking on isleaked.com (which might be a phishing site):

https://mega.co.nz/#!5FphCSiY!geIPHZauErsJqXYWq4u_5b5ta9-CrWqpJY58yiqwJeY

Here's the original post:
https://forum.btcsec.com/index.php?/topic/9426-gmail-meniai-parol/

Translation:
Number of records:4929090 update: 2014

At the base of> 60% of valid passwords

Downloadgoogle_5000000.7z

Here is lined full database without a password, only for personal checks, do not hit if your mailbox in it.

So it appears that it was already leaked elsewhere, and this was not the original leaker, but was the first public leak.

#tvskit #hacked #gmail #isleaked

Atlanta's endless concrete jungle

I wonder what is the furthest distance that one can drive in the greater Atlanta area by staying in parking lots. I would imagine its about a mile or so, with the endless strip malls that congeal into one giant megamall.

#suburban #wasteland #concretejungle

Alternatives To Publishing And Sharing Calendars To Office.com

Use these:

iCal Exchange
http://www.icalx.com/

https://www.keepandshare.com/

Google Emu Messenger Download

Here is version 1.0b4 of the "Emu Messenger" A.I based text-messaging app before being purchased by Google. I expect it will be subsequent;y infected by the Google+ virus. The filename is is.emu.chat-3a404b3e9dc06b1c5c22a3f404a03c10.apk

https://drive.google.com/file/d/0B_myiKjl8zhZcDhrZlNoUEEyVTA/edit?usp=sharing

Media coverage:

Here is the virustotal virus scan result of the above file:

https://www.virustotal.com/en/file/d77107ae009c234e2d171a282c1b464716bdc780412ad0a3081e89a2020cadf9/analysis/

Hitachi HGST 4K Sector Alignment Tool (Acronis) Download

Here's the link:
http://web.archive.org/web/20130314211331/http://www.hgst.com/hdd/support/downloads/AcronisAlignmentTool.exe

OpenSSL Heartbleed Vulnerable Server Testing

It seems that the OpenSSL heartbeat vulnerability (heartbleed) has not caused that many issues so far, and many servers are patched already. I believe there's a lot of hype behind it. However, time will tell if it causes any impact. Also we may never know what exactly is leaked, we can only know that a hack was attempted by using snort or another IDS/IPS. The version command doesn't really say if you're running 1.0.1[a-f], but it's safe to say that if your version is 1.0.1.[anything] and it's timestamp is older than April 2014, then that version is vulnerable.

These services may be vulnerable:
Any service that runs OpenSSL and uses the STARTTLS method
The TOR client
SMTPS
IMAPS
Android OS
Postgres database
The Salt Stack cluster execution manager


Here's the original vulnerability:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160

Here's the OpenSSL patch to the vulnerable portion of code:
https://github.com/openssl/openssl/commit/731f431497f463f3a2a97236fe0187b11c44aead

Here's a google search for all mentions of heartbeat (but not heartbleed) under github.com/openssl:
https://www.google.com/search?q=site%3Agithub.com%2Fopenssl+heartbeat&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-US:official&client=firefox-a

This is a search of github.com for heartbleed:
https://www.google.com/search?safe=off&q=site%3Agithub.com+heartbleed&oq=site%3Agithub.com+heartbleed

Here is a quick tool in Python to test for the vulnerability,
http://www.exploit-db.com/exploits/32745/

There's a great writeup at heartbleed.com which goes into detail about the issue. To quote their website:

We have tested some of our own services from attacker's perspective. We attacked ourselves from outside, without leaving a trace. Without using any privileged information or credentials we were able steal from ourselves the secret keys used for our X.509 certificates, user names and passwords, instant messages, emails and business critical documents and communication.

There is a metasploit script available for use:

https://github.com/rapid7/metasploit-framework/tree/master/modules/auxiliary/scanner/ssl

You can type this OpenSSL command (tested with gnuwin32 openssl binary version 1.0.1.6, dated 1/14/2014). By the way, this version does not have the -tlsextdebug parameter, perhaps it was compiled by the gnuwin32 team without this option.

s_client -connect a23-75-248-141.deploy.static.akamaitechnologies.com:443 -debug -state

Once connected type B and you'll see on a vulnerable host and you won't be disconnected:


B

HEARTBEATING
write to 0x801c17160 [0x801cbc003] (66 bytes => 66 (0x42))
0000 - 18 03 03 00 3d 8f 6f 3c-52 11 83 20 9c a2 c0 49   ....=.o 5 (0x5))
0000 - 18 03 03 00 3d    ....=
read from 0x801c17160 [0x801cb7008] (61 bytes => 61 (0x3D))
0000 - 05 4d f5 c0 db 96 d1 f5-c7 07 e5 17 1f 3b 48 34   .M...........;H4
0010 - 6e 11 9d ba 10 0c 3a 34-eb 7b a5 7c c4 b6 c0 c0   n.....:4.{.|....
0020 - b0 75 0e fe b7 fa 9e 04-e9 4e 4a 7d 51 d3 11 1f   .u.......NJ}Q...
0030 - e2 23 16 77 cb a6 e1 8e-77 84 2b f8 7f    .#.w....w.+..
read R BLOCK

You will get a heartbeat response that looks similar to this one.


On a patched host, you will see a response similar to below and you'll be disconnected:

Enter B

HEARTBEATING
write to 0x801818160 [0x8019d5803] (101 bytes => 101 (0x65))
0000 - 18 03 03 00 60 9c a3 1e-fc 3b 3f 1f 0e 3a fe 4c   ....`....;?..:.L
0010 - a9 33 08 cc 3d 43 54 75-44 7d 2c 7b f3 47 b9 56   .3..=CTuD},{.G.V
0020 - 89 37 c1 43 1c 80 7b 87-66 ff cb 55 5f 8d 1a 95   .7.C..{.f..U_...
0030 - 1b 4c 65 14 21 a1 95 ac-7a 70 79 fc cc a0 cf 51   .Le.!...zpy....Q
0040 - 0f 7e c5 56 14 c8 37 c1-40 0b b8 cb 43 96 8a e6   .~.V..7.@...C...
0050 - 21 42 64 58 62 15 fb 51-82 e6 7f ef 21 1b 6f 87   !BdXb..Q....!.o.
0060 - b9 c2 04 c8 47    ....G

Here's my source for the OpenSSL s_client command above:

https://blog.ipredator.se/2014/04/how-to-test-if-your-openssl-heartbleeds.html

There's also these tools:

https://github.com/titanous/heartbleeder

Web based:
http://filippo.io/Heartbleed/

Test results of Alex top 1000 websites:
https://github.com/musalbas/heartbleed-masstest

Conspiracy Theory Mode
Perhaps NSA introduced this bug into OpenSSL to be able to crack users of The Onion Router?
/Conspiracy Theory Mode

Update: Here's another tool which is supposedly more accurate:
http://possible.lv/tools/hb/

Update (10:37pm est 2014/04/09)
Packetstorm's files related to the vulnerability:
http://packetstormsecurity.com/files/cve/CVE-2014-0160

Batch Files To Launch VMWare Workstation 7 and VMWare player Services And Close On Exit

I created batch files to start VMWare Workstation 7.0 and VMWare player. It starts the different VMWare services and stops them when VMWare is closed. This was tested on XP, Vista and later may be different.

Workstation batch file:

net start ufad-ws60
net start VMAuthdservice
net start vmnetdhcp
net start "vmware nat service"
net start vmusbarbservice

f:
cd "\VMWare Workstation 7"
vmware.exe

net stop ufad-ws60
net stop VMAuthdservice
net stop vmnetdhcp
net stop "vmware nat service"
net stop vmusbarbservice

Player batch file:

net start ufad-ws60
net start VMAuthdservice
net start vmnetdhcp
net start "vmware nat service"
net start vmusbarbservice

f:
cd "\VMWare Workstation 7"
vmplayer.exe

net stop ufad-ws60
net stop VMAuthdservice
net stop vmnetdhcp
net stop "vmware nat service"
net stop vmusbarbservice