Sunday, December 11, 2016

Jumping from Ubuntu 14.04 Server to Ubuntu 16.04 Server w/o Planning

So this is what happens when you make this switch:
  1. PHP goes to v7.0, which means no legacy mysql procedural interface, though the mysqli procedural interface is an easy substitute, though not identical (e.g. arguments reversed in order in some calls, or additional arguments required when used in procedural mode). Check and fix errors as they are emitted, then identify similar with searches.
  2. MySQL goes to 5.7. That means some more strict mode changes, for instance I had to add an unset field in INSERT statement that error'd in 5.7, but was fine in 5.6. Or you can disable strict mode.
  3. Faster performance. PHP 7.0 claims to be 100% faster than the last major version (v6 was skipped). Figured I'd mention something good.
  4. Apache listening only on IPv6, wha?!? Or so it might appear in netstat at first. Really it is focusing on IPv6 and handling the incoming IPv4 over the IPv6 interface using mapping, from what I gather thus far. Again, I am not a server admin, I don't have time to be a one, as I am a developer. I just do it because I have to.
Generally otherwise OK. Watch out for the little things and tail the error logs constantly is my advice. Otherwise, nice to be on a build we know is supported for years from a security perspective. BUT if I had it do over again, definitely I would have stayed with 14.04, as I did not realize just how big a switch this would be!

I would NOT, under ANY circumstances, advise a do-release-upgrade on a production server! Build a new server and replace. I did that even in this case, just didn't want to rebuild to 14.04 when I'd went to 16.04.

Gripes: No HTTP 2.0 in default Apache2 package. No reboot-less kernel updates.

Thursday, November 24, 2016

Discount code - 30% off ANY Bitsum software

This would be shameless self-promotion, but I won't try to sell you - the site will do that (I hope!). However, if you need a coupon code (aka discount code) for Bitsum Technologies software like Process Lasso, ParkControl, CPUBalance, etc... then use TAKEOFF30PLZ 

Visit Bitsum

Saturday, November 19, 2016

Worst Updater Ever - Epson (yes, the printers again!)

We've all contended with terrible printer drivers wasting countless hours of technician or personal time, but now we have print systems that generally work.

As many know, other software companies like Google and Bitsum (wide spectrum there!) use a single-click no-hassle updater.

So now we get to the point.

Epson, whose hardware seems good, for whatever reason, displays a huge notice every single time it even *checks* for an update. Granted, it sure asks for permission first, but is highly annoying.

Now, this NOT only on the PC you maybe connected the printer to via USB (it is WiFi), this occurs on *every* device that you connect to the printer, as it is part of the 'printer drivers' that get installed on the client. Am I the only one?

Thursday, April 30, 2015

Using developer source code revision control tools to keep your server secure

The largest fear of any server admin is a breach. No matter how cautious you are, it can happen. (e.g. 0 day exploit)

One of the ways you can help protect your server is by making sure you keep critical files under version control systems like Git or Subversion (SVN). Then you can monitor for any file system changes, any remote access trojans inserted, etc.. Of course, limitations apply if the server is fully compromised, rootkit style.

After all, these days, a web site *is* indeed a code base.
We at Bitsum do everything we can to keep what limited data we store (basically your name and contact info) secure.

Bing adverts may direct you to malware laden copy of Google Chrome

As we'e seen with VLC and other open projects at adwords, the fraudsters love to rebundle and advertise. They've done the same with Google Chrome at Bing:



Noe that I've written about this several times in few places. Too many blogs, forums, and social networks - not sure where to post any more. Lesson here: Be careful out there!

Thursday, May 2, 2013

How installer bundle companies solicit developers

If you ever wondered how freeware/shareware developers are solicited by installer bundle companies, here's an example I received recently:

Dear Software Developer, Did you know that you could be earning money every time someone downloads your software? 
In fact, hundreds of developers just like you are already turning downloads into profits through partnership with SweetPacks. My name is Limor Garten, and I am a partnership manager at SweetPacks (www.sweetpacks.com). 
We create monetization opportunities from software installations through websites such asCNET (Download.com), Softonic.com and MetaInstaller. To find out about how you could earn money with every software download, please contact me directly at partnerships@sweetpacks.com or leave your details at http://lp.sweetim.com/Partners. Thanks very much,J******* M*****SweetPacks Team

It's long past time that companies who sign up for such abusive installer bundles start being penalized for harming the integrity, performance, and overall experience of countless PCs, and contributing to a general lack of trust for all third-party applications.

What are installer bundles?

For those that don't know, installer bundles are those deceptive, unwanted, additional pieces of software, often browser toolbars/add-ons, that present themselves in an intentionally easy to miss little checkbox during installation of some Windows software, particularly freeware and shareware. This terrible industry is so profitable that free, open source software is often repackaged with these bundles, then advertised and distributed by some random 'download site'.

Sunday, April 14, 2013

Binary Interleaving: A technique to obfuscate data structures

Binary Interleaving (or Data Interleaving) is a term I made up to reflect an idea I've been contemplating lately; interleaving the bits of a set of variables into a single binary blob. Any number and types of variables could be interleaved together. Access to variables in the interleaved blob can even be on-demand, with a controller class encoding or decoding variables on the fly.

What in the World?


Data Interleaving is the process of translating any number of variables to a single binary blob by interleaving the bits of the variables. This obfuscates the variables in memory or external storage. The entire blob need not be decoded to access member variables, though it can be for improved performance.

Why? 


This will help complicate reverse engineering of code. It will particularly deter identifying data types and variables. Plaintext is also well obfuscated with this interleave.

Interleave Map


The variables to be encoded could be defined by an array of byte sizes of those variables and, optionally, pointers to a location in memory to retrieve or store their reconstituted form. In the case of on-demand access to an interleaved blob, individual variables can be decoded and re-encoded on the fly, so buffers for reconstituted storage are optional (though they may be temporarily reconstituted by the controller class as members are modified).

The members of the bitwise interleave can be referenced in the source code via their indices. For instance, index 0 may be MY_VARIABLE_INSTANCE. By passing the variable index to an interleave blob controller class, it knows the size and, optionally, a pointer for constituted storage.

Member data types can be anything. They need not be similar. When one variable ends, it is simply ended. See a few paragraphs below for what happens when a single variable is longer than the others.
    /* member information */
    /* optional pointer to its normal, constituted storage location */
    /*  (for use in encoding and decoding the member) */
    /* and the size of the member */
    class CInterleaveMember
    {
      void *pvConstitutedStore;
      unsigned long nMemberByteSize;
    };
 
    /* INTERLEAVE MAP */
    CInterleaveMember aInterleaveMap[]
      { szSomeString, sizeof(szSomeString) },
      { &nIntegerMan, sizeof(nIntegerMan) },
      { &cMyClass , sizeof(cMyClass) };
 
    void *pBLOB;  /* interleaved data stored in a allocated blob */
The total size of the blob need not be stored, as it is the sum of all member sizes in the interleave map. The interleave map provides everything we need to know.

The Process


In case it is not clear, the process for the interleave would go something like this: The array of members is 'walked', putting or getting the current bit index from each member variable, advancing to the next bit index after the entire array has been walked. When a member variable is full of bits (exhausted), it is skipped in subsequent interleave iterations (more on long vars later).

For simplicity, let me define a few variables in bits only (not matching above):
    szSomeString 0 1 1 1 0 0 1 0
    nIntegerMan  1 1 1 0 0 0 1 1 1 0 0 1 0 0 0 1
    cMyClass     0 0 0 1

For the interleave, a bit is taken from each variable in succession.
    First iteration of the interleave, get first bit from each ...
     0 1 0
    Next iteration(s), get the next bit from each ...
     0 1 0 1 1 0
     0 1 0 1 1 0 1 1 0
     ...

When a Member is Longer than the Others


In the case where one variable is much longer than the others, thus having no pair to encode with, one could use a simple XOR, and/or toss in redundant, unused data from the prior members. Any number of strategies are possible to prevent plaintext storage in the case of an abnormally long variable not having an interleave partner for its ending bits.

Sample Code


For example, the following represents a high-level view of the calls to a fictional class facilitating Binary Interleaving:

    /* PROTECTED VARIABLES */
    /* These get stored in an bitwise interleave in the binary blob */
    char szSomeString = "Is there anybody out there?";
    unsigned long nIntegerMan = 0x9090;
    MyClass cMyClass("whoopie");
 
    class CInterleaveMember
    {
      void *pvConstitutedStore;
      unsigned long nMemberByteSize;
    };
 
    /* INTERLEAVE MAP */
    CInterleaveMember aInterleaveMap[]
      { szSomeString, sizeof(szSomeString) },
      { &nIntegerMan, sizeof(nIntegerMan) },
      { &cMyClass , sizeof(cMyClass) };
 
    /* NOTE: Total blob size is the of members of Interleave Map */
 
    /* INTERLEAVE REFS */
    typedef enum
    {
      _szSomeString=0,
      _nIntegerMan,
      _cMyClass,
    } InterleavedVariables;
 
    void *pBinaryBlob;  /* dynamically allocated blob storage */
 
    /* Fictional class constructor, passing the interleave map to it */
    /* From the interleave map, it can calculate the total blob size */
    /* then dynamically allocate storage for the blob. */
    CBitInterleaver cBitInterleave(aInterleaveMap);
 
    /* If the blob is externally loaded, or needs ext stored, we */
    /* may need to get access to the blob buffer. Fictional example: */
    /* We know the blob size from map! The input size is for safety. */
    cBitInterleave.SetBlob(pIncomingBlob, nSrcBufferSize);
 
    /* Or we can get the blob */
    nBlobSize=cBitInterleave.GetBlob(ppOutgoingBlob);
 
    /* Example to encode or decode the entire blob to constituted */
    /* storage. We already provided the map, and it decodes or encode*/
    /* to the listed pointers.
    cBitInterleave.EncodeBlob();
    cBitInterleave.DecodeBlob();
 
    /* Example call to decode a member of the array */
    /* We pass it the INDEX into the MAP, and dest buffer */
    /* From the Index of _nIntegerman, we ALREADY know the size */
    /* The out size is for safety. */
    cBitInterleave.GetVariable(_nIntegerMan, &nIntegerMan, sizeof(nIntegerMan));
 
    /* OR we can use the default storage address in interleave map */    
    cBitInterleave.GetVariable(_nIntegerMan);
    /* Example call to encode a member of the array */
    /* We pass it the INDEX into the MAP, and input reference */
    cBitInterleave.SetVariable(_szSomeString, &szSomeString, sizeof(szSomeString));