Profile

Cover photo
Hans Wolters
2,817 followers|1,013,190 views
AboutPostsPhotos

Stream

Hans Wolters

Shared publicly  - 
 
Do not forget to go through your privacy settings for Google. It has changed recently.
6
Miss Pineapples's profile photo
 
What changed? Just so I know where too look. :)
Add a comment...

Hans Wolters

Shared publicly  - 
 
Ok, tried it tonight, the new interface still sucks a lot.

1. No updates about comments when you are in a circle.
2. No updates about new posts in a stream.
3. Not being able to unfollow people and updating that stream.

What's next?

I am back on the old gui and will not make a switch. The above problems have been known in the past so I assume they replace the team for every new release.

So long plussums, if I am being silent you know why.
1
Add a comment...

Hans Wolters

Shared publicly  - 
 
Shouldn't we stop fooling people, ourselves included?

GRANT ALL ON dbname.* to 'compute01'@'hostname' IDENTIFIED BY 'NOVA_DBPASS' REQUIRE SSL

I had some real discussions about wordpress, drupal, joomla and other cms based systems lately. It seems those cms based systems are not the only ones that are a danger for real exploits.

Let me explain. In the early 2000 years I had a discussion with someone who worked at one of the larger isp's in the Netherlands. It was about granting privileges on mysql databases. My point was to offer them grant privileges on their own databases so they would be able to work with different ones for their visitors, their admins or even their contributors.

The lack of knowledge made them decide to simply grant privileges to a database but not grant grant rights on it. This caused people to work with one account only, this is where the problem started.

Imagine visiting a dynamic site. The web-server fork is getting data from a database using one user, in those days it was called user nobody, these days we tend to have user www-data for it.
The scripts would simply connect to a database for one user, it might have a difficult password but it grants you access to all tables, all procedures.

What would happen if we start using different users depending on what kind of user is visiting a website? Well, we could start to grant users less privileges. An example:

Grant read rights on the article table
Grant read rights on the user table
Grant read rights on the foo table

It would grant the normal visitor rights to see the content, not altering it.

Why the hell would we need something like that?

We simply need it. Why offer an ATM to change your card, why offer user nobody to access admin tables?

What worries me is software like openstack that is simply using the same privileges. Why the fuck do we grant all on foo@bar and let others connect to it? Please, fix this.

Some more issues;

GRANT ALL on dbname.* to 'compute01'@'hostname' IDENTIFIED BY 'NOVA_DBPASS' REQUIRE SUBJECT '/C=XX/ST=YYY/L=ZZZZ/O=cloudycloud/CN=compute01' AND ISSUER '/C=XX/ST=YYY/L=ZZZZ/O=cloudycloud/CN=cloud-ca';


There is no need for a grant all. I can always help you to be more secure :-)
3
Aaron Traas's profile photoJesus M. Castagnetto's profile photoHans Wolters's profile photo
4 comments
 
I am sure I will too :-) And once the Holidays are over I will start working on an idea that might help what I described :-)
Add a comment...

Hans Wolters

Shared publicly  - 
 
Don't start crying people :-)

#mcAfoo #exploit  
Date, event. June 23, 2016, Vulnerabilities reported to CERT. Public disclosure scheduled for August 23. July 19, 2016, McAfee asks for extension until September, or possibly December. September 2016, No contact from McAfee. October 2016, No contact from McAfee.
3
Eugene Dubois's profile photom fierst's profile photoHennie Willemsen's profile photoRifal Arif Rahman's profile photo
6 comments
 
Hi
Add a comment...

Hans Wolters

Shared publicly  - 
 
One news day again, sick of it already.

Tried to be news free for three weeks and I succeeded for some 20 days I think. Avoided all of the Trump madness and even made some fun by writing a proxy that would replace Trump to Schrimp (or other ones).

Today the Dutch news came in hard. Another partypooper named Jan Dijkgraaf, one of the people behind geenpijl, is starting a political party.

Geenpijl wants to change views in the political landscape. Nothing bad but the fact is that he was one of the people behind the referendum where the Dutch people would be able to sign-off a treaty with the Ukraine without even looking at the treaty and even being stupid in Interviews due to lack of knowledge about those treaties.

The Dutch political landscape has changed, a lot. If this does not stop we might end up with a landscape that will be governed by 150 individual parties. Probably fighting their asses of in the parlement.

This is NOT a good thing folks. Shit will hit the fan within a year.
5
Marc Schnau's profile photoHans Wolters's profile photo
12 comments
 
Wow, I made a joke about finding another job and all shit hit the fan? :-)
Add a comment...

Hans Wolters

General Discussion  - 
 
First bug submit for Debian :-) It seems that Gnome running on Wayland kills the keyboard of k(vm) consoles. Not a show stopper but running Gnome on Wayland does improve speed a lot.
2
Matias Costa's profile photoHans Wolters's profile photo
2 comments
 
00:02.0 VGA compatible controller: Intel Corporation Xeon E3-1200 v3/4th Gen Core Processor Integrated Graphics Controller (rev 06)

It mostly is a feeling indeed. Starting up different kind of software feels snappier.
Add a comment...

Hans Wolters

Show Your Linux Desktop  - 
 
Back to Debian after trying opensuse for a while. It simply works but we all know that. Working on setting up kvm.
19
Hans Wolters's profile photoLinux Lady05 Winter's profile photo
20 comments
 
+Hans Wolters yeah I have a 9 year old server with debian on it. It is just solid; )
Add a comment...

Hans Wolters

Shared publicly  - 
 
Hmmm, the user style somehow fucked up the javascripts?
1
Add a comment...

Hans Wolters

Shared publicly  - 
 
Doomsday finally arrived. Plus announces the new layout as mandatory on Januari 26. I did take another look to see what they changed and I can only state it's ugly.

The interface is just a copy of their mobile gui. They never even looked at desktop users. The red topbar has hidden id/classes the might indicate banners soon (beside being awfully red and large).

I've seen the decline of people since some 6 months now and I might even consider to leave the social platform.
1
m fierst's profile photoHans Wolters's profile photo
12 comments
 
+Jesus M. Castagnetto indeed, these user styles seem to be outdated. Google is really trying to push their stuff to us. Hope someone is able to fix this.
Add a comment...

Hans Wolters

General Discussion  - 
 
Funny, after an update of the firmware of my dsl router or a kernel update I wasn't able to reach security.debian.org anymore when using apt. After some research I found some articles about setting the presedence in /etc/gai.conf.

precedence ::ffff:0:0/96  100

This helped but I am wondering what triggered it to only look at ipv6. Anyone? And is there a better solution to fix this? I know I should start using ipv6 but I need some time to make the switch.
3
the8woodcutter's profile photoHans Wolters's profile photo
3 comments
 
k(vm) allows you to run a virtual machine on the  computer where kvm tools are installed.
Add a comment...

Hans Wolters

Shared publicly  - 
 
#debian #cis

Wouldn't it be nice if someone would implement the cis requirements for Jessy into the OS? Wondering what the reason might be to have bloated settings for an OS that is so important for companies.

* sysctl settings
* sshd settings
* netfilter setting
* issue settings
* ntp settings

So glad it's not hard to change it. What might be needed is an update on the cis requirements to allow ipv6 :-)
1
Add a comment...

Hans Wolters

Shared publicly  - 
 
Very appropiate in these days
3
Kees Hiemstra's profile photo
 
Mooi nummer en de tekst is heel sterk.
 ·  Translate
Add a comment...
Story
Introduction
Enjoying life et al, why not :-)




Basic Information
Gender
Male
Looking for
Friends, Networking
Relationship
Married
Work
Occupation
Meeting hater
Links