More from: Technical

Microsoft Office exploit

How to remove fingerprints from Windows 10

From Tech Republic today: A newly discovered Microsoft Office zero day could put any machine with an Office install at risk. According to a blog post from cyber security company Sophos, the exploit can deliver remote access Trojans (RATs) without the need to run macros. There’s also not a guaranteed way to stop DDE attacks since they rely on remote access to malicious code and therefore avoid a good portion of antivirus protections.

See the article on Tech Republic


MySQL upgrade – Got error: 2002

free graphic of bed bug

Bug

If you manually control when MySQL starts on your workstation, during upgrade you get “Can’t connect to local MySQL server through socket”. The solution (login as root) that worked for me is to enable MySQL with “systemctl enable mysql”, do the upgrade, then disable again with “systemctl disable mysql”.

systemctl enable mysql

dpkg –configure mysql-server-5.7 (or apt-get dist-upgrade or whatever)

systemctl disable mysql

The error from my screen is as follows:

Setting up mysql-server-5.7 (5.7.20-0ubuntu0.16.04.1) …
insserv: warning: current start runlevel(s) (empty) of script `mysql’ overrides LSB defaults (2 3 4 5).
insserv: warning: current stop runlevel(s) (0 1 2 3 4 5 6) of script `mysql’ overrides LSB defaults (0 1 6).
mysql_upgrade: Got error: 2002: Can’t connect to local MySQL server through socket ‘/var/run/mysqld/mysqld.sock’ (2) while connecting to the MySQL server
Upgrade process encountered error and will not continue.
mysql_upgrade failed with exit status 11
dpkg: error processing package mysql-server-5.7 (–configure):
subprocess installed post-installation script returned error exit status 1
Errors were encountered while processing:
mysql-server-5.7

There were many opinions as to how to correct. The fix that worked for me was merely to enable MySQL  do the upgrade, then disable it again. Thanks to https://launchpad.net/~leszekpuzio post on https://bugs.launchpad.net/ubuntu/+source/mysql-5.7/+bug/1605948.

lpuzio (leszekpuzio) wrote : #6

Hi,

I had the same error. I solved this by one command:
sudo systemctl enable mysql

Than I had to start MySql:
sudo service mysql start

After this I was able to update:
sudo apt dist-upgrade

One could try to recreate this bug by disabling MySql before upgrade:
sudo systemctl disable mysql

I hope this helped you.

Regards,


Severe Vulnerability in All Wi-Fi Devices

This entry was posted in General Security on October 16, 2017 by Mark Maunder   22 Replies

There is apparently a major Wi-Fi vulnerability that affects all devices using Wi-Fi. The vulnerability allows attackers to decrypt WPA2 connections.

You can read more on the WordFence blog here:

https://www.wordfence.com/blog/2017/10/krack-and-roca/


The “Data Center” of the Future

A visual model of the Data Center of the Future: Coffee Maker insides after years of use.

I just read through Network World’sHow a data center works, today and tomorrow” (see https://www.networkworld.com/article/3223692/data-center/how-a-data-center-works-today-and-tomorrow.html).

They feel ‘The future of data centers will rely on cloud, hyperconverged infrastructure and more powerful components’.

I partly agree, and partly disagree.

The IT business cycle is well known: IT starts as a centralized department, becomes a bottleneck, other departments set up their own IT for operational survival, the uncoordinated small IT becomes unmanageable, policy swings back to standardizing and centralizing IT, and the cycle repeats. So “Data Centers” will be centralized, then distributed, then centralized again … likely forever at the corporate level.

The controlling force will not be commercial dominance: no one company will succeed at becoming the global “Data Center Hegemon” – grass roots, open source, widely varied people driven interests will take over IN SPITE of corporate attempts to “own” the Data Center scene. The “Data Centers” inside large organizations will be a tiny part of the planetary Data Center.

Photo of a Nest Thermostat in The Bond Building. 20 June 2013, 11:54:32 by Amanitamano

I also disagree that the Data Center of the future will be composed mostly of more powerful things, rather I feel that it will be made up of far less powerful things, redundant, error correcting, in massive numbers, using cooperative computing protocols, to become a massive unified computing power. As each cell in a human body is little by itself, coordinated together all the cells form a much more significant and powerful organism: an organism that can loose many cells, survive, heal, and grow. No single corporation, or corporate alliance, can approach this potential because of management, legal, contractual, and financial encumbrances. The Data Center’s life blood is network connectivity and its future body will be shaped accordingly.

All technologies must eventually inter-operate, and those which do not will be relegated to irrelevance, but most of this will be from non-corporate innovation, not for profit initiatives. There will likely be government attempts initiated by corporate influence to eradicate all “unauthorized” software on some pretense: any software not sold by “authorized” programmers, such as that created by programmers not under corporate control and released for the public good without mandated government “back doors” or for profit motives may even be criminalized. Public software will not only survive but it will grow and the attempts to destroy it will drive it underground, improve it, increase its sophistication, and make it harder, not easier, to oppose.

And yes, I believe some large corporations will contribute to the process, which will eventually be overwhelmed and confiscated by massive grass roots factors, gently, slowly, imperceptibly until it is too late. The surviving Corporations will be the ones which recognize this from the start and design to work together with rather than oppose global communications.

There will always be “free public cloud” ( that is, network based file and app servers), sometimes  bootlegged inside ‘secure’ corporate systems, but there will be much more storage a kilobyte at a time from mundane and ignored things such as Mom’s pacemaker or Uncle Joe’s radio all coordinated by Harriot’s thermostat. IoT device security and control will improve accordingly. Remember BitCoin. In the future, my FitBit may be harboring 1% of your favorite vacation picture for you – but don’t worry, if I upgrade my watch Harry’s fish locator and Mary’s microwave have redundant copies just in case.

The idea that people in mass will keep their most private data on a server owned by some for profit entity that will turn everything over to secret government agencies or marketers at a whim is unworkable until people have absolute confidence that their private data will remain absolutely private NO MATTER WHAT. This can never happen with any ownership of centralized “Cloud” services because government can and will seize those centralized computers if they think it necessary.

Reading, gaming, sleeping… All in Kyiv subway by teteria sonnna from Obukhiv, Ukraine

There will probably be significant human influencers wearing rags and living in dilapidated buildings or on the streets as well as those wearing jeans or tuxedos and living in middle-class homes or skyscrapers. BOT nets will no longer be merely for mafia profits, ransomware,  and spam generators but will be a means to suborn “secure” private networks or effect communications kept temporarily private from “official” corporate or government eyes.

The “Data Center” of the future will not be one place but every place. It will be connected by multiple redundant means to circumvent corporate power to use government to silence profit syphoning opposition. It will not look like a ‘Max Headroom’ dystopia but free open source software will be critical in its reliable operation even though specific corporate proprietary software will also be present.

And the one thing we can count on is that it will be constantly changing all of the time. How can for profit corporate interests survive or thrive in this new world? Easy, simply make your corporation indispensable to the victors.


Exhaust Ports

Picture of Chrysanthemum

júhuā (Chinese: 菊花) [Chrysanthemum]

There seems to be an upswing of hack attempts from one country in particular – oh, other “3rd world” nations half-heartedly try to hack, but one place in particular dishonors their ancestors with the clumsy incompetent behaviour of fools – trying to break into the homes of others who have done nothing to harm them. They disfigure their already disgraced face by attacking little Public Charities who have no money and unselfishly help old people learn skills and get jobs.

There is a nice little way to deal with those “júhuā” through IP Rules (blocking via .htaccess merely block web browser access, not for example FTP or SSH).

If you have cPanel  hosting, don’t really care if certain foreign countries have any access to your web sites, and have noticed an upswing in SQL injection or other hack attempts, you might consider using the IP Blocker functionality to deny access to all from any related IP ranges.
120.0.0.0/8 (and several others that come from the same place) can no longer access my sites. Blocking a range of IP addresses can be more effective than blocking just one IP address because the hackers typically switch addresses after hacking to get around blocking, but they normally must use another address from the same group.  I will watch for other fools and block them when they appear also.