Sunday, February 24, 2013

Threats, Updates, and iOS App struggles

Quick post to clear out last week’s inbound material.

Threats (and fixes/updates)


DEFT 8 Roadmap and features - DEFT Linux - Computer Forensics live cd - Coming mid April 2013

Update XORSearch V1.8.0: Shifting - Didier Stevens

USB Image Tool 1.60 - Alex’s Coding Playground - There are more than one way to image a USB drive, but this tool by Alexander Beug is IMHO one of the very, very best for ease of use and reliability. I would be lost without it. Alex has worked hard on this update and it brings auto-admin elevate request at launch, now supports non-removable USB devices such as hard-drives or card-readers, and it has a “reset” feature to overwrite the bootsector of the selected device with zeros to allow Windows to reformat the device to the original size (something USB Image tool can’t do). See the changelog for more details.  As an alternative, also consider the free OSForensics tool ImageUSB.

iOS App trials, tribulations, and tips

An iOS Byline Issue - worked around

I’ve been gushing for some time about how I think Phantom Fish’s Byline app for iOS is super great. It is really fast pulling feeds and the interface is easy to navigate. It has really helped me stay in-touch with tech goings on during the day as I can now check all my RSS feeds on my personal iPhone. Before I was having to wait to the end of the day when I got home to check my personal feeds for news updates.

So last week I ran into my first problem with it.

I normally have it set to show 2,000 items; this allows me to go back and search for past feed articles after the fact. Additionally, I manage “Caching” with “Wi-Fi” only, images “on”.  That’s pretty much it. There aren’t a lot of settings but they are enough.

So the problem was that mid-week, after the updating of the feeds occurred, the caching followed, but kept getting stuck showing “1 of 200”.  It wouldn’t ever stop or move on.

It looks like a bad feed article was causing the caching to stop.

I sent an email to the Byline help team but still haven’t seen a response.  It was super frustrating and I found a few others on the net who also had encountered the problem.

So what to do?

Eventually I figured out a workaround to allow the feeds to continue to drop and cache again without getting “frozen” so-to-speak.

I went back into the settings and changed my All Items option to “Show 200 items”.

What this let me do is to get past the stuck item by not caching it.

I’m not sure which one it is, but right now it is somewhere between the 200 and 500th feed item. If I set at “200” I’m fine. If I set at 500 (the next highest increment) it locks when it hits the bad feed.

Considering that on any given week-day, my feed count pull results in about 350 new article feeds, I project that by the end of next week I will have way-more new feeds and the bad one will have been shoved off the bottom of the stack.

It isn’t a "pretty” fix but it works and restores a level of functionality with caching of feeds in Byline in the meantime.

Recommendations to the Phantom Fish coders for the next Byline update:

  1. Code for an auto-skip of a feed if it doesn’t cache within a set/variable number of seconds; letting the user set the timeout period would be even better.
  2. Allow greater granularity of number of items to show. The stock choices of 100, 200, 500, 1000, and 2000 items may make sense, but I’d like to set my own custom number of feeds…especially if the first recommendation cannot be implemented.

That’s pretty much my only requests for an otherwise stellar application.

A Gmail App Badge notification issue - cleared

My second issue this week was when I was surprised to have my iOS Gmail App badge still showing “1” unread item, despite no unread messages showing in any of my accounts.


This really frustrated me.

Eventually I found others who have experienced this same issue and the workaround solution to clear it. Apparently it is not an unknown issue and has been present for some time.

How to reset/clear ios badge - Google Groups

Bruno O. Barros (llustreBOB) provided the “solution” to clearing it midway down in the thread:

The only solution working here is the one where I move the rogue message back to inbox, mark it as unread and then mark it as read again.

Sure enough. Since I remembered the last message I managed, in my iOS Gmail app, I moved the message back to the inbox, marked it “unread”, marked it “read” and then archived it again.

The notification message “1” cleared off my Gmail badge.

Dave Churchill --just a bit up in that same thread -- shows how to replicate the issue/fix if you want to play with it (though I don’t know why you would if the solution works).

I can reproduce this by doing this:

  1. Gmail app on iPhone has no badge.
  2. Send email to self on laptop
  3. Wait for Gmail on iPhone to receive email and show badge
  4. Read and archive the email on the laptop
  5. Open Gmail app to note there are no messages in inbox, refreshing still shows no messages, checking list of labels shows no unread messages.
  6. Press Home button to exit Gmail, badge remains at 1.
  7. Open Gmail again on iPhone.  Navigate to All Mail, open the message (which is correctly displayed as already read).  Badge still shows 1.
  8. Mark message as unread exit, badge still shows 1.
  9. Read message, exit, badge still shows 1.
  10. Move message to inbox.  Badge now cleared.


Are you an iOS user feeling a bit jealous of those sexy Samsung phone-bump-transfer features?

I spotted this new (to me) app last week. I haven’t pulled the trigger on installing as I don’t really have a need for it just yet but it does seem like a cool and handy feature. So I’m keeping it on my “watch list”. Anyone have any experience or feedback with it yet?


--Claus Valca

Monday, February 18, 2013

ForSec/Sysadmin Super Linkfest

Yes indeed. I have been super-busy at home and work of late. Though the material keeps rolling in daily, my ability to get it out has been hampered a bit with “real-life” commitments.

So I’m taking advantage of a lull in the storm to dump my link hopper for your enjoyment and my reference.

Grab some snacks, make sure your wireless mouse is fed up on batteries and cheese, and settle in for some serious linkage dumping.

The Java/Flash Patch Cycle

In a sign of just how long it has been since I posted (and the activity that has transpired since mid-January) I submit the following. Note sarcasm attached.

Java SE 6 End of Public Updates
After February 2013, Oracle will no longer post updates of Java SE 6 to its public download sites. Existing Java SE 6 downloads already posted as of February 2013 will remain accessible in the Java Archive on Oracle Technology Network. Developers and end-users are encouraged to update to more recent Java SE versions that remain available for public download

So where does that leave us?

Remove Java? I doubt it. - Malware Analysis Blog. I did!

I actually have decided to remove Java SE from our home systems. I do like to run some Java apps but that is pretty rare so I will install, run, de-install Java as needed. Small price for system security.

In a bit of irony, shortly before drafting this blog-post statement, Lavie brought me her iPhone and iPod and told me she sent me a link to a band she follows. As a hard-core fan, she was treated to a free download of some tracks from the artist’s portfolio. She needed these added to her devices. When I followed the link to download the tracks on our system, I was presented with a dialog box to install Java SE. Turns out their download manager app uses Java SE. Nice.  Install, download files, de-install Java again. I did notice it linked to the Java 7.13 bits. That’s something.

Sadly, I can’t get away with doing the same at work. We run a non-current release version of Java 6 “standard” at work. If you are running Java 7 automated auditing reports tattle on you and you either have to justify your use of Java 7 or it will be auto-uninstalled and roll-back to the standard level of Java 6.

Sweet baby Jebus.

For home users who are non-technical (or are and just don’t have the time to follow the web-browser plugin patching game) I recommend popping in once a week to the Qualys BrowserCheck on each of their installed web-browsers. Maybe that way you can catch and patch dated versions fairly easily.

Why the Patching Fuss?

Failure to patch and run current versions of Java/Flash/<insert plugin-here> (not to mention your OS) could lead the following headaches and pubic shame and liability.

And you thought having someone guess your Yahoo password and use it to send spam was a headache.

Not software-based, but Amazon users are exploited also…

Saw these links this past week. Fascinating.

For the ForSec Crew

OMG! What an amazing number of posts and material from our ForSec experts! Especially timely after all these latest Java patching dramas we have been enjoying lately.

We pause for a PSA…

Network News of Late

Tools, Utilities and Treats for the SysAdmins

Bits and Pieces


-- Claus Valca

In Setting up a new Windows 8 System…

In less than three week’s time, I have now had the opportunity to set up Windows 8 systems for home users. Both happened to be Dell systems.

One was for a family friend. The other was for Lavie who had become frustrated with display issues on her “old” Windows 7 laptop.  It appears that in the act of opening her monitor lid  over the past few years, the display had gotten flaky and started flashing red and other signal color lines from time to time.

The only reasonable home-user OS options for these Windows-only folks was to bite the bullet and move to Windows 8.

The new local-user account setup process was pretty simple. Not painful at all.

Neither was impressed by the Start interface and needed to be directed back to the “desktop” experience.

To make that simple (and solve 95% of their learning curve challenges with Windows 8) I downloaded and installed IObit StartMenu8 Free.

I set it to load the desktop immediately after boot.

Instantly they felt back at home and the anxiety passed.

I showed them how to return to the desktop if they got back to the Start.

Both wanted to continue using MS Security Essentials. OK. Although I did follow a tip on “How to Add “Scan with Windows Defender” to the Context Menu in Windows 8” I found over at How-To Geek.

I am also still running (and recommending despite the chatter (link-1 & link-2) MS-SE on my Windows 7 systems. I am trying out the Bitdefender Antivirus Free product on my virtual Windows 8 system to check performance and operation. So far so good.

Sure there were application installations, updates, user-data migration work to be done, etc. but that was pretty much it.

I did not install Java. They didn’t need it and the security issues have made it too risky for me to recommend installation on home-user systems unless they have a specific Java application they need. Neither did.

I did not install the Flash plugins. IE 10 comes with it’s own Flash plugin as does Chrome.

Lavie needed some help finding a tool to help her deep-dim her laptop display for those late-night fan-fic reading sessions. These are adjustments beyond the hardware-based brightness settings.

  • f.lux - changes the color warmth of the display automatically depending on location/time-of-day. We loaded this and she really liked it.
  • DimScreen - 1 Hour Software by Skrommel - - Loaded this one too.
  • Dimmer - Nelson Pires. We added this one also, but Lavie liked the navigation options in DimScreen a bit more.

Dell has a track-pad sensitivity manager to keep the cursor from jumping when thumbs hover over the pad, but we also tried the touchfreeze - Utility for Windows. Worked great as well as the Dell solution.

Too easy? Want more?

I’m still in no hurry to upgrade Alvis and my Windows 7 systems to Windows 8. I don’t see the need (yet).

But if a new system comes with Windows 8, it’s no biggie anymore.


--Claus V.

…and an alternative solution is confirmed

In the last post I mentioned the challenge encountered when a user set a local account password on their new Windows 8 system…and forgot it.

A factory re-image got us rolling, but in theory I should have been able to off-line boot the system with one of my WinPE USB sticks (had I had it on hand) and used a utility to blank out the password in the local user’s account.

Last night I wanted to confirm this would work.

So I booted by VMWare-hosted Windows 8 system and confirmed my local user-account did have a working account password on it.

I shut it down and tried to boot it by using one of my custom WinPE USB sticks.

Only VMWare doesn’t support booting from a physically attached USB drive.

So I had to boot from a Plop boot manager first.

Only that didn’t work too well as the VMWare BIOS booted so fast I couldn’t catch it to change my VMware boot order.

So I had to edit my Windows 8 .vmx file to increase the timeframe it allows during the BIOS boot process so I could select more options…such as boot from my mounted Plop ISO file.

That done, I was able to boot the VMWare image, select to boot from Plop, attach the bootable USB stick in VMWare, return to Plop and select the option to boot from USB, and voilà! my WinPE was running in VMware.

Once it settled down, I launched the latest version of NTPWEdit (v 0.4) released in Oct 2012 in both x32 and x64 bit versions and supports Win8.

I passed it to the SAM file location, it found my local account and I used it to blank the password.

I rebooted and let Windows 8 come up.

Sure enough, my password had been successfully removed!

I then went and restored it again.

All is well and some more confirmed techniques are filed away for future reference.


--Claus V.

…in which a problem with a new Dell system is addressed

So last week I got a call from a dear and respected senior family friend needing PC help.

His laptop had died and the local PC-repair shack in town told him his system board had fried.

He had then ordered and received a new laptop from Dell and he was immediately lost in the Windows 8 world.

I scheduled an appointment to come over this past weekend to help him set it up, give him some lessons in Windows 8 usage, and restore the data they had recovered from his (still good) old laptop’s hard-drive off the DVD’s the repair shop gave him.

So since I was in a “rolling lean” mood, I didn’t bring my personal laptop, or my IODD drive, or any of my USB sticks. It was a basic “new-user” setup of a factory-fresh Dell system, some software re-installs and a (hopefully) copy-back of a recovered user-profile folder data set. And he had DSL. Easy-peasy.


We started off good. He had done an initial setup of the laptop in the excitement of receipt and unboxing.

So we booted it and I asked him to put in the password he created during the initial Windows 8 setup process he went through on his own.

Unfortunately, after almost 30 minutes of trying, he couldn’t remember the password he used, despite also having set up a password hint that only served to tease us.


Now what?

If I had brought any of my digital tools I probably could have off-line booted the system, blanked the password and rolled on. But I didn’t and I really didn’t feel like hitting “pause” and going home to retrieve them.

Since it was a brand new system, with no user data, and a Dell, I knew it contained a system-restore-to-factory-image. He didn’t have any physical restore disks so I had to do it off the system itself.

After fussing hopeless (like others before me) to catch the BIOS/Win8 boot process mid-stream F8/shift-F8to boot to the options menu I gave it up as a futile effort.

Some Googling work on his desktop system provided the solution:

  1. Once at the user’s locked login screen I held down “Shift” while selecting the “restart” power option.
  2. A reboot got me swiftly to the advanced options pre-boot menu of Windows 8.
  3. I selected the “Troubleshoot” option.
  4. I selected the “Dell Backup and Recovery” option.
  5. I told the additional options that followed that I didn’t want to bother saving any user data…and followed through with a factory image restore.

Eventually (30-40 min later?) it was done and I went though an otherwise fairly uneventful Windows 8 system setup and user-data restoration.

Lessons learned in no significant order:

  1. With Windows 8 <shift>/restart is your new best-buddy.
  2. There is something to be said about not nuking that Dell restore partition to reclaim the relatively insignificant additional GB of data it holds. You might need that factory image sometime when you least expect it.
  3. If you own a laptop, use it with a laptop accessory that has a solid surface between the underside of the laptop and what you set it on. Otherwise you risk blocking the ventilation holes and experiencing overheating and failure if not careful.
  4. Bring your laptop/USB-drives/flash drive tools with you when visiting friends and family to help them with tech. Period. No job will be as easy as you are led to believe. Semper Paratus!
  5. Copying user-data off 4 full DVD disks sucks. Bring your SATA-USB adapter bridge and copy directly off the hard drive even if you have optical media disks. It looks cooler, it works faster, and you can make sure you are getting everything you need for the user.
  6. When done, make the user a password-recovery file and System Recovery disk under WIndows 8.
  7. DSL sucks…barely better than dial-up in today’s world. If you are getting cable…pony up for cable-broadband. DSL really sucks when you are sucking down a ton of Windows and program updates to a newly issued system. Despite recent complaints here at GSD, I would “die” without our cable broadband service. Like totally!

Additional resources:


--Claus V.

Too Many Bits, Bytes and Tech?

At the risk of the GSD blog losing its focus from being a scratch-pad/notebook for my interactions with technology and shifting to a curmudgeon's front yard, I have lately been re-considering the role technology plays in my life.

My “pay me” job is to manage technology at work both for our customers and our organization. Truth-be-told I don’t “create” technology, I just manage the consequences (good and bad) that it offers and brings. Usually that is pretty fun and rewarding when we succeed.

My “don’t pay me” job is to help friends and family understand and cope with the never-ending upward thrust of technology in their lives. What used to be calls of “can I get that family recipe for grandma’s dinner rolls” has become “hey, a new update for Java/Flash/Windows was released, we need to update your PC. By the way, made chili lately?”

When those who know me engage in “hobby talk” I share about a few books I am reading, a few movies/TV shows I follow, volunteer work doings at the church-house, and mostly about relaxing by keeping my eye out for new utilities, applications, and for/sec trends and news.  They usually just nod politely at the last one.

So recently when I read each of these these posts, the experience gave me pause.

I don’t do Netflix. I do buy DVD/BluRay movies and TV series I really, really like.  We do buy digital entertainment media - song/album downloads -- online. I still prefer to buy CD hardcopies but the writing is on the wall as even in the BigBox stores the CD section is shrinking. And that bookcase unit full of VHS tapes (mostly Disney movies) from 20 years ago stands as an accusatory judgment about investment in a technological media-delivery standard.  Sure I “own” all those wonderful movies and the delivery cassettes they come encased in, but cold-comfort when our HiQ-VCR finally dies. Should I (can I legally?) convert them to a digital file? Why bother. The quality will be sub-analog in the HD-standard world. And my time is much more valuable now than the hundreds of hours it would take to do so.

Bin them? EBay them? I don’t know.

How long until those DVD/BluRay’s will be the next VHS tapes in our house? Probably sooner that I care to admit.

Then there is that drawer of audio cassette tapes. Alvis found them a while back and used some of the “blank” cassettes (I hope) for an art-project.


I have a cassette player in my car but it only is used for the cassette adapter for me to play my iPod/iPhone/Shuffle through. That’s it.  Lavie and Alvis’s cars don’t even have one in them; just radio/CD units.

I guess an art-installation is as good as any solution I can come up with for them…probably better.

My personal digital hoarding issue seems to be centered around collecting of Windows utilities; portable ones.

I have a folder I keep these in -- as well as on my USB flash drives -- and currently it is just under 10 GB. Seriously!

Do I really need (or even use) all of them?  Not at all, but then I might need one of them; a specialized digital tool for a specialized task. So I add to the collection, watch for updated versions, etc.

A digital version of the Boy Scout’s mantra of “always prepared” gone amok perhaps.

And now that I have a wonderful, super, life-enhancing iPhone (5) with 64 GB of storage, I find it calling me to dig deep into the App Store looking for additional productivity apps, tools, and what-not to fill it with.

So over the next year I have resolved to:

  • Carefully review that 10 GB collection of utilities to honestly see if I can pare it down to a core set of tools and utilities that will allow me to accomplish what I need to do and support without all the overhead. A journey in coming to trust my skills and knowledge rather than the tools in-of-themselves to provide the solution perhaps?
  • Negotiate the clear-out of VHS tape-based media in the home…if nothing else to get the DVD/BluRay disks off the pile on the floor.
  • Get the hard-copy books I have out of storage and begin to interact with them again; to supplement the Kindles/Nooks in the house….and to make it a point to re-read them with relish. Shakespeare and Homer still are alive and relevant today for good reason. Let’s not forget that.
  • See if I can live with (and thrive) on a few choice quality cable/broadcast/radio media sources rather surf aimlessly through the hundreds I have on hand at my disposal right now.

Technology is part of our lives and a major part of the culture and experience that makes us “human,” but it should never, ever, be a balm and substitute for human “being.”

Lest we forget where having too many bits and bytes and capability can take us:

Moving on…

Claus V.

…you’re getting warmer!


“Escape” on flickr. CC 2.0 attribution: Photo © 2010 J. Ronald Lee.

In a new development that warms my heart -- much like my last post of realizing the additional rental charge for the cable broadband modem -- we have now found Comcast/Xfinity is charging us $1.99 (+tax) for each of the previously “free” basic digital adapter boxes they gave us. We have 2 units in other rooms that supplement the primary HD/DVR unit in our living room which we rent.

We got these last year when Comcast switched from carrying analog signals for many of their channels to digital-only; their “Digital Migration” project. Want to get all those cable channels that aren’t “over-the-air” broadcasts?  Too bad. You need to use our digital adapter box.  But don’t be sad. We will give it to you for free! See? No pain!

Well that was a bait-and-switch.  Comcast is now charging for those previously-issued “free” digital adapter boxes.

And the frustration is sweeping users and communities across the Comcast service area.

comcast digital adapters - Google Search

From some articles I have read, Comcast “might” be rolling out better models of these first-generation digital adapters…some with HD signal support. Bet they come with an even higher price-tag. Not sure of the accuracy of the reports as you can already rent HD set-top receivers and HD/DVR units from Comcast.

I don’t know.  I brought up the topic of just ditching all our cable services except the broadband internet (which would go up more if we stopped bundling it with other services), but was immediately out-voted by the other family members who wouldn’t be able to get all their favorite TV/movies, even over the Internet.

What is so frustrating is not so much that we need to pay for equipment usage -- that’s fair and the American Way ™ -- what doesn’t feel right is getting something for nothing (which was fair because the service delivery method was a forced change on the customers) but then having to pay for it after the rollout. What would have been more fair and probably generated customer good-will (and enthusiasm) would have been to say:

  • So sorry, we have to convert our analog signal delivery to digital to increase capacity for your benefit and to enhance signal security and delivery control for us.
  • We are giving you up to two basic digital adapter boxes for free; bear with us though the transition process. We know you have some other choices and we want you to be proud to be our customer.
  • Thanks for sticking with us through the transition to digital signal delivery! Hurray! We made it!
  • Now that we are on the other side we have some exciting options for you.
    • You can keep on using the free basic digital adapter boxes -- still no charge for our loyal existing customers! You are “grandfathered” in.
    • Or, if you would like, you can swap them out for a new next-gen basic digital adapter box that will allow you to also get HD channels for your subscription tier -- at only $4.99/ea. a month!
    • Want even more features? Check out our full lineup of HD set-top cable boxes.

That would have been brilliant!  Sign me up!  Here’s my checkbook!  More money for you and more happiness for me!

So I guess Comcast has me exactly where they want me.

Simmering in their pot paying for the privilege of keeping two “free” digital adapter boxes for with two unhappy house-mates who aren’t pleased with quality of the new digital-only signal and clamoring for HD receiver set-top boxes now. Seems like the one HD/DVR in the family room may not be enough any longer.

All hail the great Digital Revolution and the power it brings to the consumer.

Claus V.


About that image/frog; per the photographer, no frogs were harmed in the photo-shoot.

See also: Boiling frog - Wikipedia.