Track your Java usage with my JavaUsageTracker

If you found this page, you probably know that Oracle decided to charge for Java updates. If you are using Java in a non-profit environment or for personal use, you don’t have to worry about it. On the other hand, if you are a for profit organization, you need to figure out what to do if you haven’t done so already.

Most organizations run Java, some cases Java is installed but forgotten because it was free to use and update, so no one cared. This has changed after Oracle’s announcement. Now the organizations are under pressure to figure out what to do. On the server side, things are a bit easier as the environment is much tightly controlled and OpenJDK can be leveraged.

How about the endpoints? Stale Java version at the endpoints is a security risk. So, we must patch these systems, but how many? Many organizations have inventory tools that show how many Java installations in the environment, but how many of those are actually used? You don’t want to pay for those installations that happened to be there but not used. Enter the JavaUsageTracker.

I developed this quick and dirty solution when my organization faced the same dilemma. This is an open source solution that configures the endpoints to report their usage to a simple UDP server. If your organization is facing the similar problem, go check the JavaUsageTracker. It helped my organization and I hope that it will help yours too.

JavaUsageTracker

Fix WordPress automated update has failed to complete

I decided to host one of my WordPress sites on AWS and created an Ubuntu 16 instance. However, when I wanted to update WortPress I got an error message: “The update cannot be installed because we will be unable to copy some files. This is usually due to inconsistent file permissions.: wp-admin/includes/update-core.php”

Here is how you can fix this problem:

Continue reading “Fix WordPress automated update has failed to complete”

Corrected Yara rule for the Wiper malware

Ars Technica has recently published an article about the “wiper” malware. In that article they published a Yara  rule provided by FBI. However, the rule does not work due to a syntax error. Following rule corrects the syntax error and can be used with Yara 3.2.0.
Happy hunting!

rule unknown_wiper_error_strings
{    
    meta:
        description = "unique custom error debug strings discovered in the wiper malware"

    strings:
        $IP1 = "203.131.222.102" fullword nocase
        $IP2 = "217.96.33.164" fullword nocase
        $IP3 = "88.53.215.64" fullword nocase
        $MZ = "MZ"

    condition:
        $MZ at 0 and all of them

}

Massive WordPress attacks are in progress

I see a lot of brute-force attempts made to my site lately. In fact, the unsuccessful login attempts using the “admin” user id are increased by 300 fold. My preliminary investigation showed that all of the offending systems are running Linux. Compromised systems include online retailers, academic institutions, and individuals.

Upon investigating offending hosts, I realized that they ran Parallel’s Plesk, Mysql, nginx or Exim (or combination thereof). Not surprisingly, major security vulnerabilities found on all of these systems in 2014. This goes to show that the security is still not a priority for some hosting providers and organizations. I don’t know how badly these systems are compromised, but for now they are being used to attack WordPress sites.

You can protect yourself from this type of attacks by installing iThemes Security plug-in. This plug-in would guide you how to secure your site from brute-force attacks and among others.

How to “ethically hack” an installation software

I recently bought the Contour Design ShuttlePRO along with ShuttleExpress to use it with Adobe LightRoom. The device itself is a great product, but the driver installation program didn’t work on my computer.

Upon executing the driver installation program on my Win7 x64 system, I received an error message indicating “Insufficient free disk space”. I had over 2TB (2000+ GB) of free space on my drive, so it was obvious that the disk space was not an issue. I have seen this problem in the past on an outdated WISE install system, the installation program wasn’t calculating the free space properly on large drives. So, I assumed that the same thing was happening to this installation program. Continue reading “How to “ethically hack” an installation software”

Wireless mouse + Microsoft Keyboars = Better Keyboard

Microsoft Ergonomic Keyboard Upgrade

I am a big fan of Microsoft Ergonomic Keyboards. I’ve been using them since Microsoft first released it 15+ years ago. Even though I am currently using a Goldtouch ergonomic keyboard, I like to switch things up so I bought a Microsoft Natural Ergonomic Keyboard 4000.

One feature I didn’t like about this keyboard was the zoom slider in the middle of the keyboard. I really do not get the point of it. I do not know who needs to zoom in and out of things so frequently that they would need a dedicated contraption for it. I would rather have a trackball or trackpoint kind of device in there instead.

Well, if you are a hacker and if you cannot find it, you just make it! Continue reading “Microsoft Ergonomic Keyboard Upgrade”

The ‘Microsoft.ACE.OLEDB.12.0’ provider is not registered on the local machine.

Really?

I normally do not use Access Databases, but for a pet project of mine I decided to quickly use Access 2010 Database to store some data. When I tried to add the database connection to my Windows Forms application, Visual Studio 2010 barked at me:

The ‘Microsoft.ACE.OLEDB.12.0’ provider is not registered on the local machine.

Even though it seems not logical, what fixes this problem is installing the Office 2007 System Driver: Data Connectivity Components.

Hope this helps someone…

How to “POLAR Enable” your exercise bike.

I have a Schwinn 213 Recumbent Exercise Bike and it came with a hand-grip style heart rate monitor (HRM). Unfortunately HRM died couple of years ago just after the warranty is ended. I did not like the hand-grip HRM from the beginning as it was inaccurate and required me to hold the hand-grips all the time.

I’ve been playing with Polar heart rate (HR) receiver for a while and it is really easy to use. So, I decided to open up the recumbent bike’s console and replace the hand-grip HRM system with the Polar HRM system.

Let’s start with the Polar RMCM01 HR receiver unit. Continue reading “How to “POLAR Enable” your exercise bike.”

Repairing Harmony 670 Remote

I absolutely hate waste. We are wasting a lot of resources in this country from bare necessities to entertainment items. This is even worse in the small electronics area. If a small electronics item gets broken most of us don’t even think of repairing it.  There is a better, newer version out there that we want anyway, and it doesn’t cost that much. So, we dump the broken one and got a brand new one. I struggle with that mentality as I know I can repair them most of the time. Do I have time to tackle every single broken electronics item in my house? Not all the time, and I previously had resource constraints as well. I used to have one table that I did my coding and electronics projects on. Our garage is not a useful place as it is detached and not finished inside so there is no room in there for me to setup my electronics lab. I was clearing out my desk every time I worked on an electronics project, pushing away the monitors, keyboard etc. The problem is that the next morning when I needed to code, my desk was covered with components, soldering iron etc. That meant, cleaning it again. I think you got the drift. Continue reading “Repairing Harmony 670 Remote”