Eikonal Blog

2012.06.25

More unix tools

Filed under: scripting, unix — Tags: , , , , , , — sandokan65 @ 13:32
  • Joye’s “moreutils” collection – http://joeyh.name/code/moreutils/. Contains following:

    • chronic: runs a command quietly unless it fails
    • combine: combine the lines in two files using boolean operations
    • ifdata: get network interface info without parsing ifconfig output
    • ifne: run a program if the standard input is not empty
    • isutf8: check if a file or standard input is utf-8
    • lckdo: execute a program with a lock held
    • mispipe: pipe two commands, returning the exit status of the first
    • parallel: run multiple jobs at once
    • pee: tee standard input to pipes
    • sponge: soak up standard input and write to a file
    • ts: timestamp standard input
    • vidir: edit a directory in your text editor
    • vipe: insert a text editor into a pipe
    • zrun: automatically uncompress arguments to command
  • num-utils – http://suso.suso.org/programs/num-utils/. Contains:

    • average: A program for calculating the average of numbers.
    • bound: Finds the boundary numbers (min and max) of input.
    • interval: Shows the numeric intervals between each number in a sequence.
    • normalize: Normalizes a set of numbers between 0 and 1 by default.
    • numgrep: Like normal grep, but for sets of numbers.
    • numprocess: Do mathmatical operations on numbers.
    • numsum: Add up all the numbers.
    • random: Generate a random number from a given expression.
    • range: Generate a set of numbers in a range expression.
    • round: Round each number according to it’s value.
  • Scylla and Charybdis, Tools – http://www.scylla-charybdis.com/tool.php. Contains:

    • checkrun: Program watchdog to terminate a program with starving output)
    • cmpfast: Fast compare two files binary)
    • count: Copy lines, shows progress)
    • dbm: A little tool to access gdbm files from shell.)
    • dirlist: Primitive directory lister, quicker than ls, find and echo *)
    • diskus: Disk geometry checking and repair tool)
    • getrealpath: Print realpath to stdout)
    • histogram: Count bytes in file)
    • kdmktone: Make the console beep)
    • keypressed: Nonblocking, nondestructible test for waiting data on TTYs, sockets and probably pipes)
    • killmem: Protect some memory against paging until you need free memory)
    • lockdir: Create a directory for locking purpose)
    • lockrun: Exclusively run something by placing a file lock)
    • md5chk: Create md5sums for easy shell usage)
    • minicron: This is a program which starts other programs after some time)
    • mvatom: Move files by atomic rename instead of copy.)
    • printansi: Like /bin/echo but ANSI-escapes the output)
    • printargs: Like “hello world” but dumps the argc array)
    • ptybuffer: daemonize interactive tty line driven programs with output history)
    • runningfor: Return true until the given time periode is reached.)
    • slowdown: Slowdown processes or pipes.)
    • socklinger: Execute quick hack shell scripts connected to a socket.)
    • sq: SQLITE3 query tool for shell usage)
    • timeout: Execute a command or pipe only for a given duration.)
    • timestart: Start a program N-M times in parallel by running it it each A-B seconds)
    • tinohtmlparse: Simple HTML parser to extract information from HTML files by shell)
    • tinoseq: An integer seq implementation)
    • udevraw: Dump udev events for bash usage)
    • unbuffered: Copy stdin to stdout and stderr, unbuffered)
    • watcher: A Python2.6 script to watch files, pipes or Unix domain sockets)

2012.05.21

Disabling MS Windows updaters and other unwanted features

Disabling MS Office Upload Center

Options:

  • To disable the Office 2010 Upload Center you can run msconfig, click Startup and remove the check next to “Microsoft Office 2010” that references MSOSYNC.EXE.
  • Go to C:\Program Files\Microsoft Office\Office14 (or whatever your program files folder is) and rename MSOUC.exe and MSOSYNC.exe into something non-execeutable (e.g. MSOUC.exe-original and MSOSYNC.exe-original).
  • Open regedit > Go to HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run > Delete the entry for MSOSYNC.
  • Use Autoruns to disable use of MSOSYNC (HKCU\Software|microsoft\Windows\CurrentVersion\Run\OfficeSyncProcess) at the boot time

Sources:


Other update and fast starter pests

  • Adobe:
    • Adobe updater: AdobeARM: c:\Program Files\Common Files\Adobe\arm\1.0\adobearm.exe
    • AdobeARMservice: c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe
    • Flash player update: C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10q_ActiveX.exe -update activex
    • Adobe Flash Player Updater service: c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe
  • Google:
    • Google Installer:
      • GoogleUpdateTaskMachineCore: c:\program files (x86)\google\update\googleupdate.exe
      • GoogleUpdateTaskMachineUA: c:\program files (x86)\google\update\googleupdate.exe
    • Google update service:
      • gupdate: c:\program files (x86)\google\update\googleupdate.exe
      • gupdatem: c:\program files (x86)\google\update\googleupdate.exe
  • Microsoft Office 10 Sync: BCSSync: c:\Program Files\Microsoft Office\Office 14\bcssync.exe
  • MozillaMaintenance: c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe
  • Oracle Java Update scheduler: SunJavaUpdateSched: c:\Program Files\Common Files\java\java update\jusched.exe

2012.05.16

Law-vs-technology

Sites


Related here: Information disclosure sites – https://eikonal.wordpress.com/2010/02/25/information-disclosure-sites/ | WikiLeaks – https://eikonal.wordpress.com/2010/12/29/wikileaks-2010/ | ACTA – https://eikonal.wordpress.com/2010/07/16/acta/

2012.05.05

Shell-In-A-Box

Filed under: Uncategorized — Tags: , , , — sandokan65 @ 22:19

2012.05.04

Firewalls

Filed under: firewalls, infosec — Tags: , , — sandokan65 @ 08:52

More on this blog: IpTables – https://eikonal.wordpress.com/2011/01/24/iptables/ | Personal Computer Security > Personal Firewalls – https://eikonal.wordpress.com/2011/02/28/personal-computer-security/ | Port Knocking – https://eikonal.wordpress.com/2010/10/05/port-knocking/

2012.04.27

Logon Banners

Filed under: infosec, security hardening, web security — Tags: , , , , , , — sandokan65 @ 15:06
  • On Linux systems, put pre-login banner text in the files /etc/banner, /etc/issue, and /etc/issue.net; and the after-login banner in /etc/motd.
  • For OpenSSH servers (e.g. on Linux systems), activate the banner use (by SSH/SFTP/SCP) by including following (uncommented) line in /etc/ssh/sshd_config:
    Banner /etc/banner
  • TELNET:
    • On Linux, if Kerberized TELNET is used, edit /etc/xinetd.d/krb5-telnet to add following line:
      banner = /etc/issue
    • Older versions of TELNET may be using /etc/default/telnetd containing the block:
        BANNER="\\n
        nThis should be a telnet banner\\n
        n"
        
  • FTP:
    • If gssftp is used (on Linux), edit /etc/xinetd.d/gssftp to add following line:
      banner = /etc/issue
    • If wu-ftpd is used (on Linux), edit /etc/ftpaccess to add following line:
      banner = /etc/issue
    • FTP may be using /etc/ftpd/banner.msg (or any file external to /etc/ftpd/ftpaccess) by specifying following line:
      banner /etc/ftpd/banner.msg

      in /etc/ftpd/ftpaccess.

2012.03.14

Pretty little tables

Filed under: mathematics, number theory, puzzles — Tags: , — sandokan65 @ 14:59

Recently I have seen in an math forum this:

    Wonder #1

and just a few days later this one, too:

    Wonders 1-4

Pretty little tables, aren’t they? How could they be so regular? Can they be generalized somehow?

Answers are: yes, you will see, and yes.

Wonder #1

Let’s first take a look at the first table:

Table 1
  • 1 \times 8 + 1 = 9,
  • 12 \times 8 + 2 = 98,
  • 123 \times 8 + 3 = 987,
  • 1,234 \times 8 + 4 = 9,876,
  • 12,345 \times 8 + 5 = 98,765,
  • 123,456 \times 8 + 6 = 987,654,
  • 1,234,567 \times 8 + 7 = 9,876,543,
  • 12,345,678 \times 8 + 8 = 98,765,432,
  • 123,456,789 \times 8 + 9 = 987,654,321,

In order to understand it one has to work not with the specific numbers (digits), but with their abstract representations. For this, we will work with a number system of base B (\in {\Bbb N}), which in the orginal tables is B=10. Then we can rewrite several first members of the Table 1 as follows:

  • 1 \cdot B^0 \times (B-2) + 1 = (B-1) B^0,
  • (1 \cdot B^1 + 2 B^0) \times (B-2) + 2 = (B-1) B^1 + (B-2)B^0,
  • (1 \cdot B^2 + 2 B^1 + 3 B^0) \times (B-2) + 3 = (B-1)B^2 + (B-2)B^1 + (B-3)B^0,
  • etc

Ok, we see some regularity here. To proceed further, rewrite the n^{th} row of that table in the form a mathematical equation y_n :\equiv x_n \cdot \hbox{some number} + \hbox{some other number}, transforming the first beautifully looking number (x_n) into second beautifully looking number y_n.

Here the series \{x_n\} is:

  • x_1 = 1_B = 1\times B^0,
  • x_2 = 12_B = 1\times B^1 + 2 \times B^0,
  • x_3 = 123_B = 1\times B^2 + 2 \times B^1 + 3 \times B^0,
  • x_n = 123...n_B = 1\times B^{n-1} + 2 \times B^{n-2} + \cdots + n \times B^0 = \sum_{k=1}^n k B^{n-k}.
    A side note:
    Note that x_n =  \sum_{s=0}^{n-1} (n-s) B^s. It can be explicitly summarized as follows:

      x_ n = (n- B \partial_B) \sum_{s=0}^{n-1} B^s = (n-B\partial_B) \frac{B^n-1}{B-1} = \frac{B(B^n-1)-n(B-1)}{(B-1)^2}.

    For example, for B=10 that formula yields x_n = \frac{10(10^n-1)-9n}{81}: x_1 = 1, x_2 = 12, …, x_5 = 12345, etc.

Let’s go back to the main line of discussion.

Now we are interested in the following derivative series y_n :\equiv x_n \cdot (B-2) + n. The straightforward manipulation leads to the anticipated result:

    y_ n = B^n + \sum_{s=1}^{n-1} (s+1-n)B^s - n
    = (B-1)B^{n-1} + B^{n-1} + \sum_{s=1}^{n-2} (s+1-n)B^s - n
    = (B-1)B^{n-1} + (B-2) B^{n-2} + \sum_{s=1}^{n-3} (s+1-n)B^s - n

    \cdots

    = \sum_{r=1}^{m} (B-r)B^{n-r} + B^{n-m} + \sum_{s=1}^{n-m-1} (s+1-n)B^s - n

    \cdots

    = \sum_{r=1}^{n-2} (B-r)B^{n-r} + B^{2} + \sum_{s=1}^{1} (s+1-n)B^s - n
    = \sum_{r=1}^{n-2} (B-r)B^{n-r} + B^{2} + (2-n)B^1 - n
    = \sum_{r=1}^{n-1} (B-r)B^{n-r} + B^{1} - n
    = \sum_{r=1}^{n} (B-r)B^{n-r}.

i.e. y_n = (B-1)(B-2)...(B-n+2)(B-n+1)(B-n)_B. The initial pyramid of simple results holds for every base B.

Example: for B=5 we have x_n = \frac{5(5^n-1)-4n}{16}, so x_1 = \frac{5\cdot 4 - 4 \cdot 1}{16} = 1, x_2 = \frac{5\cdot 24 - 4 \cdot 2}{16} = 7_{10} = 12_5, etc. Then, for example y_2 = x_2 \cdot 3 + 2 = 7\cdot 3 + 2 = 21 + 2 = 23_{10} = 43_5.

Wonder #2

Let’s look at the Table 2:

Table 2
  • 1 \times 9 + 2 = 11,
  • 12 \times 9 + 3 = 111,
  • 123 \times 9 + 4 = 1,111,
  • 1,234 \times 9 + 5 = 11,111,
  • 12,345 \times 9 + 6 = 111,111,
  • 123,456 \times 9 + 7 = 1,111,111,
  • 1,234,567 \times 9 + 8 = 11,111,111,
  • 12,345,678 \times 9 + 9 = 111,111,111,
  • 123,456,789 \times 9 + 10 = 1,111,111,111,

Here the first (i.e. the independent) variable x_n is the exactly same as the one used for Table 1. The second (i.e. the dependent) variable z_n is new one, determined by defining equation:

    x_n = \sum_{s=0}^{n-1}(n-s)B^s,

Then, using steps similar to these used in analysis of the Table 1, we get:

    z_n :\equiv x_b \cdot (B-1) + (n+1) =
    = \sum_{s=0}^{n-1} (n-s) B^{s+1} - \sum_{s=0}^{n-1} (n-s) B^s + (n+1) =
    = \sum_{s=1}^{n} (n+1-s) B^{s} - \sum_{s=0}^{n-1} (n-s) B^s + (n+1) =
    = B^n + \sum_{s=1}^{n-1} (n+1-s - n +s) B^{s} - n + (n+1) =
    = B^n + \sum_{s=1}^{n-1} B^{s} +1 =
    = \sum_{s=0}^{n} B^{s} =
    = 1\cdots 1_B,

where there are (n+1) copies of digit 1.

Nice. Easy.

Wonder #3

Table 3
  • 9 \times 9 + 7 = 88,
  • 98 \times 9 + 6 = 888,
  • 987 \times 9 + 5 = 8,888,
  • 9,876 \times 9 + 4 = 88,888,
  • 98,765 \times 9 + 3 = 888,888,
  • 987,654 \times 9 + 2 = 8,888,888,
  • 9,876,543 \times 9 + 1 = 88,888,888,
  • 98,765,432 \times 9 + 0 = 888,888,888,

That series of relations has form v_n = u_n \cdot 9 + (8-n) where the dependent variable is
v_n = \underbrace{8\cdots8}_{n+1} in the normal decimal system (B=10).

For general basis B this generalizes to the:
v_n = u_n \cdot (B-1) + (B - n -2). Here the independent variable u_n is

    u_n = \sum_{k=1}^n (B-k) B^{n-k} =
    = \sum_{s=0}^{n-1} (B- n -s) B^s =
    = (B - n + B \partial_B) \sum_{s=0}^{n-1}B^s =
    = (B - n + B \partial_B)\frac{B^n-1}{B-1} =
    = \frac{B(B-2)(B^n-1)+n (B-1)}{(B-1)^2}.

Now

    v_ n :\equiv u_n (B-1) + (B-n-2) =
    = (B-1) B^n - \sum_{s=1}^{n-1} B^s - 2 =
    = (B-2) B^n + (B-1) B^{n-1} - \sum_{s=1}^{n-2} B^s - 2 =
    = (B-2) B^n + (B-2) B^{n-1} + (B-1)B^{n-2} - \sum_{s=1}^{n-3} B^s - 2 =

    \cdots

    = (B-2) B^n + \cdots + (B-2) B^{n-m+1} + (B-1)B^{n-m} - \sum_{s=1}^{n-m-1} B^s - 2 =

    \cdots

    = (B-2) B^n + \cdots + (B-2) B^{3} + (B-1)B^{2} - B^1 - 2 =
    = (B-2) B^n + \cdots + (B-2) B^{3} + (B-2)B^{2} + B^2 - B^1 - 2 =
    = (B-2) B^n + \cdots + (B-2) B^{2} + (B-1)B^{1} - 2 =
    = (B-2) B^n + \cdots + (B-2) B^{1} + B - 2 =
    = \sum_{r=0}^{n} (B-2) B^r.

For B=10 that covers all examples in the Table 3.

Note: Even more, we can add two more members to it, corresponding to n=9 and n=10:

  • u_9 = 987,654,321 corresponds to v_9 = x_9 \cdot 9 + (-1) = 8,888,888,888,
  • u_{10} = 9,876,543,210 corresponds to v_{10} = x_{10} \cdot 9 + (-2) = 88,888,888,888.

Also, the u_0=0 provides one more line, which is prepended to this more complete table 3:

Table 3*
  • 0 \times 9 + 8 = 8,
  • 9 \times 9 + 7 = 88,
  • 98 \times 9 + 6 = 888,
  • 987 \times 9 + 5 = 8,888,
  • 9,876 \times 9 + 4 = 88,888,
  • 98,765 \times 9 + 3 = 888,888,
  • 987,654 \times 9 + 2 = 8,888,888,
  • 9,876,543 \times 9 + 1 = 88,888,888,
  • 98,765,432 \times 9 + 0 = 888,888,888,
  • 987,654,321 \times 9 - 1  = 8,888,888,888,
  • 9,876,543,210 \times 9 - 2  = 88,888,888,888.

Wonder #4

Table 4
  • 1^2 = 1,
  • 11^2 = 121,
  • 111^2 = 12,321,
  • 1,111^2 = 1,234,321,
  • 11,111^2 = 123,454,321,
  • 111,111^2 = 1,2345,654,321,
  • 1,111,111^2 = 1,234,567,654,321,
  • 11,111,111^2 = 123,456,787,654,321,
  • 111,111,111^2 = 12,345,678,987,654,321.

Here the independent variable is

    p_n :\equiv 1\cdot B^{n} + 1\cdot B^{n-1} + \cdots + 1\cdot B^0 = \sum_{i=0}^n B^i = \frac{B^{n+1}-1}{B-1}.

The resulting variable is

    r_n :\equiv p_n^2 = \sum_{i=0}^n \sum_{j=0}^n B^{i+j} =
    = \sum_{k=0}^{2n} (\sum_{i=0}^n \sum_{j=0}^n \delta_{i+j,k}) B^k.

Now the sum in brackets can be transformed as follows:

    \sum_{i=0}^n \sum_{j=0}^n \delta_{i+j,k} = \sum_{i=0}^n  \Theta(0 \le  k-i \le n) =
    = \sum_{i=0}^n \Theta(k-n \le i \le k) =  \sum_{i=\hbox{max}(0,k-n)}^{\hbox{min}(n,k)} 1 =
    = \hbox{min}(n,k) - \hbox{max}(0,k-n) + 1 = *

which has three posible simplifications:

  • * = k - 0 + 1 = k + 1 for k < n,
  • * = n + 1 for k = n,
  • * = n - (k-n) + 1 = 2n - k + 1 for k > n.

So, now we can write the final form for r_n as following:

    r_n = \sum_{k=0}^{n-1} (k+1) B^k + (n+1) B^n + \sum_{k=n+1}^{2n} (2n-k+1) B^k =
    = 1\cdot B^0 + 2\cdot B^1 + 3\cdot B^2 + \cdots + (n+1) B^n + \cdots 2\cdot B^{2n-1} + 1\cdot B^{2n} =
    = 123\cdots(n+1)\cdots321_B.

That is it.


Note that one can get some regularities for degrees higher than 2. For example, for degree 3 one has:

    1^3 = 1
    11^3 = 1,331
    111^3 = 135,531

    1,111^3 = 13,577,531
    11,111^3 = 1,357,997,531
    111,111^3 = 135,79b,b97,531
    1,111,111^3 = 13,579,bdd,b97,531

    \cdots

    {\underbrace{1\cdots1}_{[B'/2]+1}}^3 = 1357\cdots B'B'\cdots 7531.

up to the last member (of that series) where the two central digits are the highest single-digit number B' allowed in the number system of base B (i.e. B'=B-2 if B is odd, and B'=B-1 if B is even).

Note: Here a = 10_{10}, b = 11_{10}, c = 12_{10}, d = 13_{10}, e = 14_{10}, f = 15_{10}, g = 16_{10}, h = 17_{10}, i = 18_{10}, etc.

For the degree 4 the similar pyramid/table is:

    1^4 = 1
    11^4 = 14,641
    111^4 = 1,48a,841

    1,111^4 = 1,48a,cec,841

    \cdots

Here one can also work some more (and I did not do that work yet) to establish which is the last member of that table (as a function of the base B), and what is the innermost digit in that last member.
This could be a homework for you. 🙂

For the degree 5:

    1^5 = 1
    11^5 = 15885
    111^5 = 15ciic51

    \cdots


Similar here: More simple math wonders – https://eikonal.wordpress.com/2012/03/14/more-simple-math-wonders/ | Mental calculation of cube root of a six-digit number – https://eikonal.wordpress.com/2010/01/14/mental-calculation-of-cube-root-of-a-two-digit-number/ | Squares with just two different decimal digits – https://eikonal.wordpress.com/2010/01/05/squares-with-just-two-different-decimal-digits/ | Number theory finite concidental sums – https://eikonal.wordpress.com/2010/01/05/number-theory-finite-considental-sums/

2012.02.14

OpenSSL

  • HTTPS server banner:

      openssl s_client -connect:IPAddress:443

    after connection is established, type in “HEAD / HTTP/1.0” and press enter.

    Alternative:

      echo -e "HEAD / HTTP/1.0\n\n" | openssl s_client -quiet -connect IPAddress:443

  • NTTPS server banner

      openssl s_client -connect:IPAddress:563
      

  • IMAPS server banner:

      openssl s_client -connect:IPAddress:993
      

  • POP3S server banner:

      openssl s_client -connect:IPAddress:995
      

  • Identifying SSL cyphers:

      openssl s_client -connect website:443 -cipher EXPORT40
      openssl s_client -connect website:443 -cipher NULL
      openssl s_client -connect website:443 -cipher HIGH
      

  • Generating password hash four unix:

      openssl passwd -1 -salt QIGCa pippo
      

    output: $1$QIGCa$/ruJs8AvmrkmzKTzM2TYE.

  • Converting a PKCS12-encoded (or .pfx) certificate to PEM format:

      openssl pkcs12 -in CertFile.p12  -out NewCertFile.pem   -nodes. -cacerts
      

  • Converting a DER-encoded certificate to PEM format:

      openssl x509  -in CertFile.crt.  -inform DER  -out NewCertName.pem   -outform PEM
      

  • Download a proxy’s public certificate:

      openssl s_client-connect ProxyHostname:port   proxycert.pem
      

  • Create a key:

      openssl genrsa -des3 -out server.key 1024
      

  • Create a CSR (certificate signing request):

      openssl req -new -key server.key -out server.csr
      

  • Remove a password from a key:

      cp server.key server.key.org
      openssl rsa -in server.key.org -out server.key
      

  • Sign the CSR and create the certificate:

      openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
      cat server.crt server.key > certificate.pem
      

  • Encrypting a file:

      cat INFILE | openssl aes-256-ecb -salt -k PASSWORD > INFILE.ssl
      

  • Decrypting a file:

      cat INFILE.ssl | openssl aes-256-ecb -d -k PASSWORD > INFILE
      

2012.02.07

Excel sortIP macro

Filed under: transformers — Tags: , , — sandokan65 @ 14:39

Found this somewhere on web several months ago. Very useful for long lists of machines that one want to order by IP addresses.

Option Explicit
Sub sortIP() 'sorts IP addresses
Dim i As Long, j As Long, k As Long
Dim IP
Dim rg()
Dim RangeToSort As Range
Dim IPaddress As String
Dim IPColumn As Long

IPaddress = "#*.#*.#*.#*"

Set RangeToSort = Selection

'If just one cell selected, then expand to current region
If RangeToSort.Count = 1 Then
Set RangeToSort = RangeToSort.CurrentRegion
End If

'Check if row 1 contains an IP address. If not, it is a header row

'first find column with IP addresses. Check row 2 since row 1 might be a Header
IPColumn = 1
Do Until RangeToSort.Cells(2, IPColumn).Text Like IPaddress
If IPColumn > RangeToSort.Columns.Count Then
MsgBox ("No valid IP address found in Row 1 or Row 2")
Exit Sub
End If
IPColumn = IPColumn + 1
Loop

If Not RangeToSort(1, IPColumn).Text Like IPaddress Then
Set RangeToSort = RangeToSort.Offset(1, 0). _
Resize(RangeToSort.Rows.Count - 1, RangeToSort.Columns.Count)
End If



'one extra column for the IP sort order
ReDim rg(RangeToSort.Rows.Count - 1, RangeToSort.Columns.Count)



For i = 0 To UBound(rg)
For k = 1 To UBound(rg, 2)
rg(i, k) = RangeToSort.Cells(i + 1, k).Text
Next k
IP = Split(rg(i, IPColumn), ".")
For j = 0 To 3
rg(i, 0) = rg(i, 0) & Right("000" & IP(j), 3)
Next j

Next i

rg = BubbleSort(rg, 0)

For i = 0 To UBound(rg)
For k = 1 To UBound(rg, 2)
RangeToSort.Cells(i + 1, k) = rg(i, k)
Next k
Next i

End Sub
'-------------------------------------------
Function BubbleSort(TempArray As Variant, d As Long) 'D is dimension to sort on
Dim temp() As Variant
Dim i As Integer, j As Integer, k As Integer
Dim NoExchanges As Boolean

k = UBound(TempArray, 2)
ReDim temp(0, k)

Do
NoExchanges = True

For i = 0 To UBound(TempArray) - 1
If TempArray(i, d) > TempArray(i + 1, d) Then
NoExchanges = False
For j = 0 To k
temp(0, j) = TempArray(i, j)
TempArray(i, j) = TempArray(i + 1, j)
TempArray(i + 1, j) = temp(0, j)
Next j
End If
Next i
Loop While Not NoExchanges

BubbleSort = TempArray

End Function


Related here: Excel to text – https://eikonal.wordpress.com/2011/02/14/excel-to-text/ | Excel files processing – https://eikonal.wordpress.com/2011/02/25/excel-files-processing/ | IT tips pages – https://eikonal.wordpress.com/2010/02/08/it-tips-pages/

2012.02.06

Skills acquisition

Books


Related: On importance of practice – https://eikonal.wordpress.com/2011/01/11/on-importance-of-practice/

2012.01.27

Literary Arts

Filed under: art and fun, books, literature — Tags: , , — sandokan65 @ 10:24

2012.01.24

Quacks everywhere

Bruce Lipton

Dr. Joseph Mercola

  • “FDA Orders Dr. Joseph Mercola to Stop Illegal Claims” by Stephen Barrett, M.D. (at QuackWatch; 2012.02.01) – http://www.quackwatch.com/11Ind/mercola.html
  • “9 Reasons to Completely Ignore Joseph Mercola” by Joseph Albietz (Science-Based Medicine) – http://www.sciencebasedmedicine.org/index.php/9-reasons-to-completely-ignore-joseph-mercola-and-natural-news/
  • Postings on Dr Mercola at Science Blogs
  • “Dr. Oz defiantly embraces The Dark Side” – http://scienceblogs.com/insolence/2011/01/dr_oz_finally_unequivocally_embraces_the.php
      As 2011 dawns, there is no doubt in my mind that Dr. Oz has now inevitably crossed the Woo-bicon, gone over to the Dark Side, betrayed the cause, gone woo, or whatever you want to call it. I say again: Stick a fork in him. He’s done, as far as science-based medicine goes. That’s because he featured one of the biggest promoters of quackery on the Internet on his show in one fawning segment after another. I’m referring, of course, to Dr. Joe Mercola, who was the main guest on The Dr. Oz Show yesterday in segments entitled The Alternative Health Controversy (part 1, part 2, part 3), coupled with another segment entitled The Surprising Supplement You Need. Let’s just say that Dr. Oz’s journey to the Dark Side is now complete. He has controlled his fear but released his woo, and it is strong woo indeed.

      To give you an idea of just how bad this is, take a look at the introduction to the show before the credits. Dr. Mercola is described as a “pioneer in alternative medicine” and “a man your doctor doesn’t want you to know.” I don’t know about you, but hearing that made me think instantly of Kevin Trudeau and his now-infamous book of quackery Natural Cures “They” Don’t Want You To Know About.

2011.12.06

C|Net’s Download.Com trojans

Filed under: antimalware, antivirus, infosec — Tags: , , , , , , , , — sandokan65 @ 09:29
  • “C|Net Download.Com is now bundling Nmap with malware!” by Fyodor (nmap-hackrs email list; 2011.12.05):

    From: nmap-hackers-bounces@insecure.org On Behalf Of Fyodor
    Sent: Monday, December 2011.12.05 17:36
    To: nmap-hackers@insecure.org
    Subject: C|Net Download.Com is now bundling Nmap with malware!
    
    Hi Folks.  I've just discovered that C|Net's Download.Com site has started wrapping their
    Nmap downloads (as well as other free software like VLC) in a trojan installer which does 
    things like installing a sketchy "StartNow" toolbar, changing the user's default search 
    engine to Microsoft Bing, and changing their home page to Microsoft's MSN.
    
    The way it works is that C|Net's download page (screenshot attached) offers what they 
    claim to be Nmap's Windows installer.  They even provide the correct file size for our 
    official installer.  But users actually get a Cnet-created trojan installer.  That program 
    does the dirty work before downloading and executing Nmap's real installer.
    
    Of course the problem is that users often just click through installer screens, trusting 
    that download.com gave them the real installer and knowing that the Nmap project wouldn't 
    put malicious code in our installer.  Then the next time the user opens their browser, 
    they find that their computer is hosed with crappy toolbars, Bing searches, Microsoft as 
    their home page, and whatever other shenanigans the software performs!  The worst thing is 
    that users will think we (Nmap Project) did this to them!
    
    I took and attached a screen shot of the C|Net trojan Nmap installer in action.  Note how 
    they use our registered "Nmap" trademark in big letters right above the malware "special 
    offer" as if we somehow endorsed or allowed this.  Of course they also violated our 
    trademark by claiming this download is an Nmap installer when we have nothing to do with 
    the proprietary trojan installer.
    
    In addition to the deception and trademark violation, and potential violation of the 
    Computer Fraud and Abuse Act, this clearly violates Nmap's copyright.  This is exactly why 
    Nmap isn't under the plain GPL.
    
    Our license (http://nmap.org/book/man-legal.html) specifically adds a clause forbidding 
    software which "integrates/includes/aggregates Nmap into a proprietary executable 
    installer" unless that software itself conforms to various GPL requirements (this 
    proprietary C|Net download.com software and the toolbar don't).  We've long known that 
    malicious parties might try to distribute a trojan Nmap installer, but we never thought it 
    would be C|Net's Download.com, which is owned by CBS!  And we never thought Microsoft 
    would be sponsoring this activity!
    
    It is worth noting that C|Net's exact schemes vary.  Here is a story about their 
    shenanigans:
    
    http://www.extremetech.com/computing/93504-download-com-wraps-downloads-in-bloatware-lies-about-motivations
    
    It is interesting to compare the trojaned VLC screenshot in that article with the Nmap one 
    I've attached.  In that case, the user just clicks "Next step" to have their machine 
    infected.  And they wrote "SAFE, TRUSTED, AND SPYWARE FREE" in the trojan-VLC title bar.  
    It is telling that they decided to remove that statement in their newer trojan installer.  
    In fact, if we UPX-unpack the Trojan CNet executable and send it to VirusTotal.com, it is 
    detected as malware by Panda, McAfee, F-Secure, etc:
    
    http://bit.ly/cnet-nmap-vt
    
    According to Download.com's own stats, hundreds of people download the trojan Nmap 
    installer every week!  So the first order of business is to notify the community so that 
    nobody else falls for this scheme.
    
    Please help spread the word.
    
    Of course the next step is to go after C|Net until they stop doing this for ALL of the 
    software they distribute.  So far, the most they have offered is:
    
      "If you would like to opt out of the Download.com Installer you can
       submit a request to cnet-installer@cbsinteractive.com. All opt-out
       requests are carefully reviewed on a case-by-case basis."
    
    In other words, "we'll violate your trademarks and copyright and squandering your goodwill 
    until you tell us to stop, and then we'll consider your request 'on a case-by-case basis' 
    depending on how much money we make from infecting your users and how scary your legal 
    threat is.
    
    [...]
    

  • “Does CNET Download.com’s new installer install malware?” (HighTechReality.com blog; 2011.08.30) – http://hightechreality.com/2011/08/cnet-downloadcoms-installer-install-malware/
  • “Download.com wraps downloads in bloatware, lies about motivations” by Lee Mathews (2011.08.22) – http://www.extremetech.com/computing/93504-download-com-wraps-downloads-in-bloatware-lies-about-motivations
      There was a time long, long ago when Download.com was the place I went for software. It’s been years, however, as the site repeatedly showed signs of devolving into a site every bit as bothersome as the many third-tier software repositories that hide genuine links below clever-placed advertisements and bundle toolbars with their “certified” local downloads.
  • Download.com Caught Adding Malware to Nmap & Other Software – http://insecure.org/news/download-com-fiasco.html

Related: “SourceForge has lost its common sense” – https://eikonal.wordpress.com/2015/06/03/sourceforge-has-lost-its-common-sense/

2011.11.29

Oh well

Filed under: censorship, opression, propaganda, surveillance — Tags: — sandokan65 @ 14:11

2011.11.25

Life writing

Books

Sites, People

2011.11.21

Implementations of programming languages in other programming languages

Filed under: java, javascript, programming languages — Tags: , , , , — sandokan65 @ 10:26

Firefox GUI inside Firefox data frame

Filed under: java, javascript — Tags: , , — sandokan65 @ 10:16

This is a fun stuff. One can open another instance of FireFox GUI inside the browser area where content of web pages is displayed.

Source: “JavaScript JVM Runs Java” (SlashDot; 2011.11.21) – http://developers.slashdot.org/story/11/11/21/0454254/javascript-jvm-runs-java

2011.11.18

Reality of wave function in quantum mechanics

Filed under: physics, Quantum mechanics — Tags: , , — sandokan65 @ 15:39

Asperger’s syndrome, Autism, ASD

2011.11.15

New Facebook machinations

Filed under: FaceBook, privacy — Tags: , , , — sandokan65 @ 13:12
  • Facebook Privacy section at EPIC (Electronic Privacy Information Center) – http://epic.org/privacy/facebook/
  • “Facebook to alter privacy practices following FTC ruling” by Greg Masters (SC Magazine; 2011.11.29) – http://www.scmagazineus.com/facebook-to-alter-privacy-practices-following-ftc-ruling/article/217775/
    • Users were deceived by Facebook, and now the social media giant is paying the price.
    • “Facebook is obligated to keep the promises about privacy that it makes to its hundreds of millions of users,” Jon Leibowitz, chairman of the FTC, said in a statement. “Facebook’s innovation does not have to come at the expense of consumer privacy.”
    • The FTC charges chronicle a number of misleading or untrue assertions about privacy that Facebook made, but did not keep, including: not warning users when a change to its “Friend List” allowed private information to be exposed; stating that third-party apps would not access personal information beyond what they needed to operate; claiming that the “Verified Apps” program certified the security of participating apps; promising users it would not share personal data with advertisers; and insisting that it complied with the U.S.-European Union Safe Harbor Framework that governs data transfer between the United States and certain European nations.
  • “Facebook Settles FTC Charges That It Deceived Consumers By Failing To Keep Privacy Promises” (FTC; 2011.11.29) – http://ftc.gov/opa/2011/11/privacysettlement.shtm
    • In December 2009, Facebook changed its website so certain information that users may have designated as private – such as their Friends List – was made public. They didn’t warn users that this change was coming, or get their approval in advance.
    • Facebook represented that third-party apps that users’ installed would have access only to user information that they needed to operate. In fact, the apps could access nearly all of users’ personal data – data the apps didn’t need.
    • Facebook told users they could restrict sharing of data to limited audiences – for example with “Friends Only.” In fact, selecting “Friends Only” did not prevent their information from being shared with third-party applications their friends used.
    • Facebook had a “Verified Apps” program & claimed it certified the security of participating apps. It didn’t.
    • Facebook promised users that it would not share their personal information with advertisers. It did.
    • Facebook claimed that when users deactivated or deleted their accounts, their photos and videos would be inaccessible. But Facebook allowed access to the content, even after users had deactivated or deleted their accounts.
    • Facebook claimed that it complied with the U.S.- EU Safe Harbor Framework that governs data transfer between the U.S. and the European Union. It didn’t.
  • “24 year old student lights match: Europe versus Facebook” by Kim Cameron (Identity Weblog; 2011.10.13) – http://www.identityblog.com/?p=1201/li>
  • Europe vs Facebook – http://europe-v-facebook.org/EN/en.html
  • “Facebook Ireland accused of creating ‘shadow profiles’ on users, nonusers” by Laura Locke (CNet; 2011.10.21) – http://news.cnet.com/8301-1023_3-20123919-93/facebook-ireland-accused-of-creating-shadow-profiles-on-users-nonusers/
  • “Facebook Patent to Track Users Even When They are Not Logged In to Facebook” by Bruce Scheier (2011.10.24)- http://www.schneier.com/blog/archives/2011/10/facebook_patent.html

Related here: Facebook privacy? What Facebook privacy? – https://eikonal.wordpress.com/2010/04/30/facebook-privacy-what-facebook-privacy/ | Facebook foolies – https://eikonal.wordpress.com/2011/05/12/facebook-foolies/ | Unending stream of Facebook privacy news – https://eikonal.wordpress.com/2010/11/22/unending-stream-of-facebook-privacy-news/ | More Facebook news – https://eikonal.wordpress.com/2010/10/08/more-facebook-news/ | Facebook monkeying again with user trust model – https://eikonal.wordpress.com/2010/09/22/facebook-monkeying-again-with-user-trust-model/ | Scan for your Facebook privacy – https://eikonal.wordpress.com/2010/05/23/i-want-you-to-scan-for-facebook-privacy/ | Facebook leaks users IDs to advertisers – https://eikonal.wordpress.com/2010/05/22/facebook-leaks-user-ids-to-advertisers/ | Facebook mulls U-turn on privacy – https://eikonal.wordpress.com/2010/05/19/facebook-mulls-u-turn-on-privacy/ | Mark Zuckerberg’s birthday present: Facebook in crisis – https://eikonal.wordpress.com/2010/05/16/mark-zuckerbergs-birthday-present-facebook-in-crisis/ | Temptest in a teapot – https://eikonal.wordpress.com/2010/05/15/1202/

« Newer PostsOlder Posts »

Blog at WordPress.com.