Enough people have wondered/asked/complained to me about this that I'm
posting this now as a public service.
IBM Model "M" keyboards are still available, *NEW*, today. They are
expensive, but they are the original design that you can use as a melee
weapon. The catch is that they don't say "IBM" or even "Lexmark" on
them. They are available for purchase from the manufacturer, Unicomp,
who can be found online at http://www.pckeyboard.com/.
You can also find some vintage NIB units from time …
[View More]to time at
http://www.clickykeyboards.com/.
There are also a number of other manufacturers now making similar, but
not quite as good, keyboards.
- CVT Inc., the maker of the Avant Stellar (I own two of them), which
is the direct descendant of the Northgate Omnikey, seems to have
restructured and no trace of their keyboard manufacturing operation can
be found online. However, Northgate keyboards are still available
new-in-box from (this is a horrible site, beware)
http://www.northgate-keyboard-repair.com/.
- The Happy Hacking keyboard (now owned by Fujitsu, apparently) is
equally comforting to some people despite having a totally different
feel. They, and many others, can be had from
http://www.elitekeyboards.com/
- Das Keyboard
- Anything using Cherry MX Green, Blue, or White keyswitches. The
"green" switches apparently are the closest anyone's come yet to
emulating the IBM/Lexmark/Unicomp switches... and they can be had in
MUCH cheaper keyboards, like the Rosewill RK-9000
(http://www.newegg.ca/Product/Product.aspx?Item=N82E16823201040 and
http://techreport.com/review/23405/rosewill-rk-9000-series-mechanical-ke
yboards-reviewed).
- And there are an increasing number (yes, again, after the big die-off
ca. 2009) of speciality manufacturers of "ergonomic" keyboards that are
making clicky keyswitches available as an option. One of the better
ones is a tiny shop in Ontario, but I can't find the name right now.
References:
http://en.wikipedia.org/wiki/Model_M_keyboardhttp://en.wikipedia.org/wiki/Unicomphttp://deskthority.net/wiki/Cherry_MX
-Adam Thompson
athompso(a)athompso.net
[View Less]
I mentioned this problem at the last round-table session, but didn't get
a solution, so I thought I'd post it here, just in case anyone has any
suggestions to offer.
I'm still seeing a whole bunch of false positives in SpamAssassin, since
an update was installed in mid-September on a CentOS 5.7 system, for a
rule called DATE_IN_FUTURE_96_Q, which is only supposed to be triggered
when the "Date:" header has a date that is 4 days to 4 month ahead of
the date in the "Received" header that …
[View More]has the _smallest_ difference in
date.
Here are the headers from the latest e-mail I've received with this
false-positive. (I've stripped out irrelevant headers, for the sake of
clarity and simplicity.)
From topfivestories(a)messagent.itworldcanada.com Mon Nov 14 07:50:13 2011
Received: from mail.messagent.itworldcanada.com
(mail.messagent.itworldcanada.com [207.112.10.80])
by palladium.cs.umanitoba.ca (8.13.8/8.13.8) with SMTP id
pAEDoAxV028594
for <gedetil(a)cs.umanitoba.ca>; Mon, 14 Nov 2011 07:50:12 -0600
Date: Mon, 14 Nov 2011 08:50:13 -0500
X-Spam-Status: No, score=-0.3 required=5.0
tests=BAYES_00,DATE_IN_FUTURE_96_Q,
HTML_MESSAGE,RP_MATCHES_RCVD autolearn=no version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
palladium.cs.umanitoba.ca
Note that I'm calling spamd via the spamass-milter on a system running
sendmail. Note also, that in the above example, the only "Received"
header was the one generated by my own server. (I've had other false
positives, however, with multiple "Received" headers, all of which were
within seconds of the time in the "Date" header.)
Any ideas?
--
Gilbert E. Detillieux E-mail: <gedetil(a)muug.mb.ca>
Manitoba UNIX User Group Web: http://www.muug.mb.ca/
PO Box 130 St-Boniface Phone: (204)474-8161
Winnipeg MB CANADA R2H 3B4 Fax: (204)474-7609
[View Less]
Does anyone have big (like tabloid or bigger) scanner they want to
sell? Even an ancient SCSI or parallel one might be ok. I just want
*big*.
Do they even make scanners bigger than legal or tabloid?
I'm trying to apply IDR 126546-06 to our Solaris servers. One of them
(eventually) went fine. The second one I tried failed with this message:
ERROR: IDR 126546-06 cannot be applied until all Interim
Relief/Diagnostics are backed out.
Dryrun complete.
No changes were made to the system.
Okay, so how do I find a list of IDRs I need to back out of? This is Oracle
Solaris 10 9/10 s10s_u9wos_14a SPARC (SunOS <server> 5.10 Generic_142909-17
sun4u sparc SUNW,Sun-Fire-V490).
Both …
[View More]servers show have been identically installed; how do I find out the
differences, on a package basis?
Kevin
[View Less]
Any MTS employees here, who know where to report this internally?
athompso@t5400:~$ dig @dns1.mts.net in mx mymts.ca
; <<>> DiG 9.8.1-P1 <<>> @dns1.mts.net in mx mymts.ca
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21118
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;mymts.ca. IN MX
;; …
[View More]ANSWER SECTION:
*mymts.ca. 43200 IN MX 0 localhost.*
This makes it a bit difficult to send mail to accounts @mymts.ca, which
plenty of people still (claim to) use.
--
-Adam Thompson
athompso(a)athompso.net
[View Less]
Wonderful, another day, another big bad security hole... or two.
Run your patches!
First up: bash:
$ env x='() { :;}; echo OOPS' bash -c /usr/sbin/nologin
OOPS
This account is currently not available.
http://www.openwall.com/lists/oss-security/2014/09/24/10
claims:
> In many common configurations, this vulnerability is exploitable over
> the network.
I'm trying to guess how? In what instance is some program allowing
network vectors to set env vars, especially without sterilization? …
[View More] Or
do I not want to know...
Next up, procmail has a formail buffer overflow that may or may not
allow arb code exec CVE-2014-3618. Many stock procmail recipes use
formail. It's easy to see how this one is remotely exploitable.
[View Less]
People who manage (paid for) SSL certs (for web servers, etc), don't
make the same mistake I just did.
It was renewal time and I did what I always do: blindly hit renew on my
cert provider/reseller control panel. I get the cert, install into
apache, restart, then boom:
[ssl:emerg] [pid 11648] AH02565: Certificate and private key
mydomain.blah:443:0 from /etc/pki/tls/certs/mycert.crt
and /etc/pki/tls/private/mykey.key do not match AH00016:
Configuration Failed
After a very brief WTF moment, …
[View More]it dawned on me: "heartbleed". I
regen'd my CSR/key and got a reissued cert a few months back. That is
done direct with the vendor (Thawte), and *not* through my reseller
(OpenSRS). So Thawte had my new CSR, but OpenSRS still had my old CSR
on file (the one with the possibly-compromised heartbleed key) and that
is the CSR they sent to Thawte when I renewed! Doh!
So I had to make yet a new CSR/key, and have Thawte reissue a new cert,
and then revoke the cert I (didn't) use for all of 5 seconds. Blah,
there goes half an hour. I verified this is indeed what was happening
with some openssl -modulus command line magic.
I've written to notify OpenSRS they should put up a warning on the
renewal page. This doubly sucks because OpenSRS *still* will have
cached the revoked/compromised CSR and if I forget *next* year to paste
a new CSR in, I'll be doing the exact same thing!
Maybe the moral of the story is: always regen a new CSR everytime you
renew. An extra 2 mins, and remembering some cryptic openssl commands,
but not the end of the world, but still a pain vs. just hitting
"renew". Maybe everyone else already does this and I wasn't following
"best practices", but don't we all like to keep things simple when we
can?
Exercise for the curious/pedantic/strange people who read this far: Is
there a way SRS or Thawte could have prevented this? Perhaps by
linking the CSR used to make a revoked cert and disallowing renewals
based on it? Or perhaps SRS needs an API with Thawte whereby you
reissue via SRS, not Thawte, or Thawte needs to pass back the
last-used-CSR to SRS so it can replace the stale cached copy.
[View Less]
I am in need of encryption software that would keep files encrypted on the
cloud as well as local on all machines.
Here is what I'm looking for:
Downloaded files saved to a particular folder on a Windows 7 or 8 machine
would automatically be encrypted (after a prompt for passphrase). Ideally,
this folder would be in a Dropbox or Google Drive folder, or on a thumb
drive. No record of the unencrypted file would remain on the local PC (I
am not worried about pieces of it on swap).
I would …
[View More]prefer that the files are individually encrypted with the same
passphrase, rather than added to one large file which is encrypted. I
don't want the cloud storage to have to recreate the whole folder, and I
don't want a bit error to trash all of my files. The file names do not
need to be encrypted.
Since I will be the only user in the foreseeable future, a symmetric
encryption scheme would be fine.
>From the cloud (preferably) or thumb drive folder, my ruby program running
on Mac OS X would edit the files. I would also want to be able to decrypt
the files to view in a text editor or other software, after which I would
secure erase copies of decrypted files - again, no unencrypted files on the
local machine other than in swap.
This is the ideal. An alternative would be to send the files via https to
a web server on the Mac (which could handle encryption in a local Mac
environment) and the secure erase the files on the PC. If I did this,
could I send the files unencrypted (since https will encrypt them while
they are on the internet)?
True Crypt appears to be close to what I want, but it is discontinued. I
don't know if I could use something like gpg, since I don't have admin
privileges on the PC.
-Dan
--
Dan Martin, MD
GP Hospital Practitioner
Computer Scientist
ummar143(a)shaw.ca
(204) 831-1746
answering machine always on
[View Less]
I'm passing this along in case any of you might be interested in
learning more about Oracle Linux...
I have no affiliation with MbOUG, so please respond to <info(a)mboug.org>
if you want to register or have any questions. (Please don't just reply
to this e-mail.)
Gilbert
---------- Forwarded message ----------
From: *MbOUG Info* <info(a)mboug.org>
Date: Sat, Sep 6, 2014 at 10:28 AM
Subject: MbOUG: Welcome to our next exciting event on Sep 23!
You are cordially invited to the …
[View More]next Manitoba Oracle Users Group
(MbOUG) event focused on Oracle Linux/VM/OEM12c.
Tuesday September 23, 4:15 - 7:45pm
Norwood Hotel (112 Marion St.) - Tache Room and parking is free!
More details are provided in the attached invitation or online at
http://www.mboug.org or https://www.linkedin.com/groups?home=&gid=3751612
To help entice you in attending, there is food & complimentary gifts as
well so don't miss out!
If you know of other Oracle/Linux/VM Professionals (or wannabe
professionals) who didn't receive the invitation but are interested to
come, please spread the word. We expect a great turnout so please take
advantage of the opportunity to network, exchange ideas, and share
stories with your local peers.
To register, please send an email with your name and professional
contact information to: register(a)mboug.org
Kudos to our event sponsors Oracle and networkEARTH in keeping this
event free!
Hope to see you there!
Your local MbOUG Team
"Your Participation is always needed and most welcome"
-------- End Forwarded message --------
--
Gilbert E. Detillieux E-mail: <gedetil(a)muug.mb.ca>
Manitoba UNIX User Group Web: http://www.muug.mb.ca/
PO Box 130 St-Boniface Phone: (204)474-8161
Winnipeg MB CANADA R2H 3B4 Fax: (204)474-7609
[View Less]