Is Linux Secure? — Answer: NO

I find it amusing that probably the single most critical security flaw in the history of the internet (heartbleed) does not affect Windows!  

Amusing because for a long time the Linux camp has claimed how ‘secure’ it is compared to Windows, attributing open source as opposed to closed source as a major factor in that (flaws are found and fixed quickly by the community so the theory goes), yet this bug was introduced over 2 years ago, and has been affecting Linux servers on the internet for a full 2 years, before it was fixed.

  • Linux is NOT secure (there can be no disputing that fact at the moment, possibly one of the most insecure of the 3 major OSs).
  • Open Source does not guarantee security or quick fixes.

Perhaps the Linux vs OSX vs Windows security debate can finally be put to bed.  The plain and simple fact of the matter is, that each have their vulnerabilities, non of them are totally secure, and you should keep changing your passwords regularly and apply security updates regularly.

Advertisements
Posted in Uncategorized | Tagged , , , , | Leave a comment

A basic requirejs for WScript

So I like the module pattern when programming javascript.  So when I came to writing a script to process some inbound emails in an MSSQL database, I had already chosen JavaScript as my language of choice, and wanted to use the module pattern, so I wrote a crude but effective require function:-

function require(FN) {
    var cache = require.__cache = require.__cache || {};
    if (cache[FN]) return cache[FN];
    var FSO = WScript.CreateObject("Scripting.FileSystemObject");
    var T = null;
    try {
        var TS = FSO.OpenTextFile(FN,1);
        if (TS.AtEndOfStream) return "";
        T = TS.ReadAll();
        TS.Close();
        TS = null;
    } catch(e) {
        WScript.echo("ERROR! " + e.number + ", " + e.description + ", FN=" + FN);
        WScript.quit();
        return;
    }
    FSO = null;
    T = "(function(global){\n" + '"use strict";' + "\n" + T + "})(this);\n\n////@ sourceURL=" + FN;
    cache[FN] = eval(T);
    if ("VERSIONINFO" in cache[FN]) WScript.echo(cache[FN].VERSIONINFO);
    return cache[FN];
}

Use as follows:-

var interface = require("module.js");
interface.run();

Where module.js contains:-

return {
  run: function() {
  }
};

What module returns, is up to the module. It may be an object, a function, a resource. I use this in a script called app.js that takes the first argument on the command line as the name of the app to run, loads it as a module, then calls main() passing the rest of the arguments to the main function.

var arguments = WScript.arguments;
if (arguments.length > 0) {
    var args = [];
    for (var i = 0; i < arguments.length; i++) {
        args.push(WScript.arguments(i));
    }
    var name = args.shift();
    var app = require(name+".js");
    if (app) {
        var exitstatus = app.main.call(app, args);
        if (typeof exitstatus != undefined) {
            WScript.quit(exitstatus);
        }
    } else {
        WScript.echo("Error, cannot find " + name + ".js");
        WScript.quit(1);
    }
}

I can then run my application (procemail.js) as follows:-

cscript.exe app.js procemail
Posted in JavaScript, module pattern, require, WScript | Tagged , , , | Leave a comment

How to convert SQL Blob to Text in JavaScript

The problem I was facing was that I had some text in a database stored in an image field (blob data), and I wanted to get at that text in javascript.  After a lot of searching and some experimentation, I came up with the following code:-

var blob2Text = function(blobField, charset) {
        var stream = new ActiveXObject("ADODB.Stream");
        stream.Charset = charset;
        stream.Type = 1;  // binary
        stream.Open();
        stream.Write(blobField);
        stream.Position = 0;
        stream.Type = 2;  // text
        var text = stream.ReadText(-1);
        stream.Close();
        return text;
};

Use as follows:-

var rs = new ActiveXObject("ADODB.Recordset");
... code to query data ...
var text = blob2Text(rs("myBlobData"), "us-ascii");
Posted in JavaScript, WScript | Tagged , , , , | Leave a comment

TESO

Huge Fuck Up
Nuff Said

Posted in Uncategorized | Leave a comment

Leap Motion – Most useless tech 2013 (now 2014) award

At least, that’s what I award it. Has to be my worst purchase this year, the thing just does not work as promised. Controlling your PC with it is impossible to do with any amount of proficiency, its so inaccurate and unreliable, and the software is badly designed.

Some specifics:-

– The difference between moving the mouse pointer over something and clicking it, is signalled by moving your finger towards the screen across the ‘touch’ threshold. However that threshold keeps moving towards and away from your monitor it is NEVER in the same place, and so completely fails as a user interface.

– It sees your thumb/hand as a finger quite often so thinks your using two (or three) fingers when your only using one or two, which prevents the gesture recognition from working properly.

– It’s almost impossible to calibrate – I spent the best part of 5 minutes trying to get it to calibrate before I managed it (and no real confidence its properly calibrated)

– Scrolling requires this awful circular motion so your hand is moving in an out of (the ever changing) touch zone

– Gestures have to be done SSSSLLLLOOOOWWWWWLLLLLYYYY or else it just can’t recognise them (it even tells you this in the instructions).

– Lastly, its tiring to use. Your arms are aching after 10 to 15 minutes using it.

There are some other issues with it too, for instance, PC won’t boot with it plugged in it hangs at post. There was loads of trouble getting the device to be recognised by windows, in the end it would only work in one USB port, and only then after messing about updating drivers in device manager / disabling reenabling – so much messing about that I don’t remember exactly what I had to do now to get it going.

Lastly, support is non existent – I logged 3 calls, 3 separate issues on release day (weeks ago) and to date not a single one has been replied to.

Take my advice, don’t waste your money in this tech. At best its a rubbish game controller backed by an app store full of rubbish games.

https://www.leapmotion.com/

Update:

The other day I decided to give this kit another go, this time on my Win 8 media centre PC, and I have to say … ITS AS BAD AS EVER, in fact it was possibly even worse. I did manage to get calibration to work this time, but it didn’t matter much. I was trying the tutorial for controlling windows with it, and it kept telling me I was touching too fast, and I was moving so incredibly slowly it was ridiculous. Also attempting to scroll by waving in and out of the touch zone hardly worked at all, probably 1 in 10 swipes resulted in the desired action. Plus, as before the touch zone keeps moving, the finger detection is inaccurate – its just totally not fit for purpose.

So, I award this tech. Most useless tech award 2014 as well.

http://www.maplin.co.uk/p/leap-motion-controller-a28lr

Maplin’s description of it makes me laugh, how can they claim these things about this kit:-

* It accurately senses your hands and fingers up to 1/100th of a millimeter, with no latency.

Firstly it is far from accurate. Pointing with one finger is often interpreted as two fingers, and two fingers as three fingers. Rendering it USELESS as an input mechanism for controlling windows.

Secondly, no latency is clearly a lie, as that is physically not possible.

Posted in PC | Tagged , , , | 4 Comments

Chrome Issue 335248

Bit if a major booboo from google chrome dev team, they very broke chrome 32, and there seems to be no contingency for rolling back a bad commit once it hits stable.

http://code.google.com/p/chromium/issues/detail?id=335248

If you are having problems scrolling and / or seeing page not responding dialog when using a popup or app window, then you have just run into this issue.

Posted in Chrome | Tagged , , , , , , | Leave a comment

Apple Dishonest Tricksters?

In the App Store for MAC, in the Top Free category, positions 4. 5. and 6. are Keynotes, Pages and Numbers apps, all at £13.99 each!! — FUNNY DEFINITION OF THE WORD FREE

Also note, they are the ONLY paid-for apps in the Top Free section. Now if it was just a random selection of apps, I would have put it down to a bug or oversight, but specifically 3 paid-for apple apps from the same suite of apps — something fishy going on.

TopFree

Posted in Apple | Leave a comment