There is a new vulnerability out there in OpenSSL called The Heartbleed Bug, and it’s a doozy. Imagine someone compromising your network, or SSL protected website or service, stealing your private and thought secure information – all without leaving a trace that they had even been there! This is one vulnerability that is really bad, and if you have any systems that might be affected you should start updating them right away! Read more about The Heartbleed Bug here.
I have to share something with everyone now. Anybody and everybody that knows me, knows that I am a die hard UNIX and Linux fan. I made the majority of my career managing UNIX and Linux boxes, with a server to admin ratio of sometimes 100 to 1. Everyone also knows that I am a die hard Debian fan, my distro of choice for my servers and my desktops is Debian, hands down. However, that doesn’t mean that I don’t use or like other distributions, I mean every one has it’s place and purpose. I really dig Ubuntu and SuSE and I cut my teeth on Red Hat and CentOS just as an example.
That being said, the purpose of this post is to tell you about another distro that I just recently checked out called Linux Mint. I know a lot of people have found it since it is in the number one slot over at distrowatch. On the recommendation of my friend Steve, I tried it out and I have to tell you that I was absolutely blown away by it. It’s based on Ubuntu which itself based on Debian so right there is a plus in my book, it has a solid core and foundation, but that’s not what blew me away.
Here’s a quick tidbit for any and all Windows jockeys out there. Need to figure out what is chewing up all of your system resources? Need to do it quickly and easily? Have no fear, Laz and the PowerShell are here. Some of you may know this already, so let those who don’t have some air!
OK, bring up the PowerShell (*note, this is different from the DOS “like” Command Prompt and can usually be installed through Windows Update). Once the PowerShell is open, you can use the ‘ps’ command to get a list of the currently running pr0cesses, but believe you me there are a lot of them and they scroll by all unformatted and hard to read and stuff. All in all you get a bunch of info that is hard to understand!
“So, what are we doing here?” you ask. Well, this is where just like with the ‘ps’ command (and the PowerShell in and of itself too), Windows takes some inspiration from UNIX and not only adds some nifty commands to help wrangle all that information that goes scrolling by, but also the idea of “piping” commands or a more simpler analogy, a way to link commands together. Making them talk to each other, work together and share information like never before. You pipe commands together with the ‘|’ character, and it allows you to run a command and take that output and send it to the next command. You will see this in the final command we will use, take a look:
ps | sort -desc cpu | select -f 20 | ft -a;
So, let’s take a look at what this command or set of commands really, does. First off the ps command gets the current list of processes running on the machine along with certain information about each and every one of them like the ‘Process ID’, the ‘ProcessName’ and the amount of ‘CPU’ time it’s using to name just a few. We then take all of that ‘ps’ data and “pipe” or feed it into the ‘sort’ command, telling sort to … well, sort that information by the ‘CPU’ column in “Descending” order. We then take all that sorted data and use the ‘select’ command to only grab or select the top ’20’ items in the list. Last but not least, we use the ‘ft’ command to “format” the list that we have now, which has been cut down to just the top 20 processes sorted by how much of your CPU they are using starting with the most at the top of the list and then listing the top 20 going down from there.
Ultimately, you run this command just like you see it above and you will get a list of the top processes that looks like this:
PS C:\temp> ps | sort -desc cpu | select -f 20 | ft -a; Handles NPM(K) PM(K) WS(K) VM(M) CPU(s) Id ProcessName ------- ------ ----- ----- ----- ------ -- ----------- 197 14 6700 11456 92 1,008.66 2744 AODAssist 422 15 6272 11572 53 886.27 1112 svchost 2398 1032 115224 10804 420 863.37 2020 AvastSvc 827 48 253744 247248 371 641.55 1388 svchost 1132 106 86252 118472 421 575.07 3596 explorer 140 69 45028 49456 173 572.51 5012 Everything 485 47 46612 69228 284 565.83 9608 explorer 1535 90 33912 49260 433 453.93 1460 svchost 717 52 29416 27460 124 451.45 1352 svchost 363 43 41048 11472 176 370.32 4436 svchost 909 63 94836 129776 726 366.38 6388 dopus 596 54 24476 26196 248 364.06 5136 avastui 684 44 22172 23564 241 352.66 1048 svchost 140 13 119472 113980 183 328.48 6972 vmware-usbarbitrator64 300 13 9940 14796 64 306.90 6516 WmiPrvSE 346 31 35176 29280 203 302.42 4688 tlbHost 225 24 1431016 1339160 1460 263.47 1500 stacsv64 865 81 27488 36708 149 216.86 1420 svchost 202 16 7300 15020 96 215.45 1744 WHSTrayApp 110 10 7144 10368 58 200.74 3252 BitMeterCaptureService
There you go, a nice handy little list of your top offenders! If you keep a PowerShell handy, it can be a very fast way to take a quick look at what’s going on under the hood of your PC. Enjoy!
I have found one of the coolest apps ever for making lists, using a virtual whiteboard, taking and re-arranging notes, outlining and even more stuff I haven’t even figure out yet. It’s an app called ‘Trello‘ and I originally found it on my iPhone for iOS. A few days later I was sitting here at my computer wishing I had it to use on my computer too. Low and behold I went to their website and it’s a web app as well that you can use on any PC/Maz/UNIX/Linux box that has a web browser and an Internet connection! Imagine my surprise!
So, finding that I could use it on my PC and my iPhone (you can use it on Android too, BTW), I just had to share this so everyone could get the benefits of this amazing application too. Now, before you get started, just one thing to share because this irks me when I run into it most of the time, and that is that you will be asked to create an account or log in with Google. Normally, I don’t like this because I figure why do I need to create an account just to use an app, right? Then when I realized I could use it in a browser on my PC the reason became clear. That’s how I can have all of my data in both places. So, YES you can indeed work on the same set of lists, the same data, all the same stuff between your mobile device and your PC at home. Cool, huh?
I highly recommend this app and service, it’s really cool and very productive, it really does a great job of organizing my data. You can create these lists and then move the data elements around by clicking and dragging, and etc. Plus you can drill down to and within each individual element and add more data to each one. It is just amazing what it can do, and therefore what you can do with it. So go try it out … NOW!!
Check out Trello today, you will thank me!
Is Wi-Fi Sniffing Wiretapping? The (not so) Supreme Court thinks so. They seem to be looking at this from a … well, I am not sure what point of view they are seeing this from. Surely not a logical point of view, nor a technical one. How about we let someone with a brain look at this question, shall we? Good.
First of all, before we even go into the technical parts of each one, or should I say the differences, one must look at the intent behind the act. When you “wire tap” someone, or in more general term, “tap their phone”, you are specifically singling out someone and then taking measures to specifically monitor that person and their communications. In most cases you must have some type of legal paper or permission before you can do this, although we have seen that, naturally the “Government” can always find ways around that little detail. No one wants to hinder their fun, ‘eh? The point is, in the case of wire tapping, you are specifically choosing someone for some reason, one person or entity that you want to monitor. You then take action to monitor that person. You take specific action to monitor that person or entity and that one only, no one else. You don’t tap the phone at 405 West Chester Street and in the process say “Oh, hell, let’s just tap the whole damn street while we are here!” No, you focus on that one person.
Now, in the case of Wi-Fi sniffing, it is much different. In fact it couldn’t be more different. With Wi-Fi sniffing, you are simply sitting there, or you might be mobile, wandering around “sniffing” (testing the location to see if a Wi-Fi signal happens to be available) to see if something pops up. If it does, if you happen to catch hold of a signal, you take a look and see what you have found, kind of like fishing. Sometimes you get a good one, and sometimes you throw it back.
The point is, that unlike wire tapping, with Wi-Fi sniffing you are not focusing on one specific person or entity. You are not specifically taking measures to monitor any one thing, or any thing for that matter. You are simply catching whatever signals are out there to be caught. If I am sitting at home and I see that there are several Wi-Fi networks around me that I can access, am I wiretapping? Hell no!
It really comes down to the people that are responsible for that Wi-Fi network. If you are responsible you will make that network secure so no one can come along and sniff it, find it, and do anything with it in the first place. Wi-Fi sniffing and wire tapping are two very different things and that the Supreme Court can’t seem to figure that out shows just how out of touch they really are, not just with technology, but with reality as well.
OK, iOS7 is finally here after much hype and banter from all sides of the park. I went ahead and took the plunge on my iPhone 5 and installed the new OS last night. This is a bit different from my normal way of doings because usually I wait a bit to see how it all shakes out. That way if there are major issues with the launch, or the OS itself, or whatever, I can wait until all the issues are resolved before jumping in.
OK, now I have already been hearing a lot of talk from folk on the ‘net about the new OS. I have been hearing grumblings from iDevice users that installed the upgrade (mostly about the way 7 looks), from Android fanbois that just want to trash anything Apple they can, and even users that like the upgrade and have positive things to say. I’m in the latter category, although you never know, things may change as time goes on, we’ll see.
I am going to continue to learn more about iOS7 (all I can really) and I will report back with everything that I can. From my impressions and advice, to tips and tricks, and whatever else I can think of.
Now, make no mistake, this upgrade is huge, and very different in how things look, how they work and how your device does things and responds to you the user. However, after having spent a few hours with the upgrade, I like it a lot and I plan on going into why that is in more detail in subsequent posts here soon.
For now, if you feel adventurous try it out, otherwise it sure as heck won’t hurt to wait a few days or more to see what things are like after it’s been out for more than one night. Stay tuned, more to come!