Apple OS X 10.13.2 High Sierra latest update has defaulted to 2048 key length and SHA256 algorithm. This breaks all existing SSH keys that are lower e.g. 1024 or in PEM format. The error thrown by the SSH client is “Invalid key length”.
None. Generate a new key pair with ssh-keygen and update remote servers with the public key.
A common problem is sending form letter mails to a small number of recipients individually. Mail merge is over kill. It would have been nice to select an email pre-filled with the content, subject and other parameters where you just fill in the “To” field and send.
Well it turns out that the Mac Mail app has just this feature but to use it needs the template message to be saved in any folder other than the default Draft.
The short version is to draft a message and save it. Then move it from the Drafts to another folder e.g. Templates. Now right-click this message in the Templates folder and select “Send Again”. That’s it.
Mail > Mailbox > Click the (+) sign next to the mailbox name > Create a “Templates” folder
Draft a new message and save > Go to Drafts folder > Move this message to the “Templates” folder
Go to the “Templates” folder > Right-click message > Click “Send Again”
Two major educational institutions in India have a major security issue with their website (that contains student information) which has now been exposed to any roaming cyber-shark, This information was released rather irresponsibly on Twitter today.
This post is about the difficulty that I faced while trying to contact these organisations. None of the phones mentioned on their site contact page worked and the only listed email was a gmail based address.
Since these sites have exposed almost all their student contact information and other details I thought of contacting them so that they quick block access. But sadly all efforts to connect via phone have failed. Last recourse was to email their listed gmail address. Which I am sure is inundated with spam and so is not monitored regularly or even ignored.
Any organisation with a web site that is hosting student, patient, customer or private information behind an authentication framework should expect to get compromised, or as in this case affected by bad software design that allowed admin login that can access all student records. When such a compromise is detected by the white-hats, pen testers and other cyber security outfits they generally tend to post it on their site and social network. A security report section should be made part of a standard website framework along with the existing home, about, contact and blog sections. This makes is very easy to be informed about any security problems and resolution can be that much faster.
The Security Vulnerability Reporting section should contain the following:
A dedicated email address e.g. firstname.lastname@example.org
A Security Vulnerability Reporting policy that defines the cyber warriors code of conduct;
Don’t steal, corrupt or delete data
Don’t disrupt or degrade service
Disclose the vulnerability with technical details and proof-of-concept if necessary.
Provide a reasonable amount of time before public disclosure.
Of course, once this problem has been reported and fixed, then it’s the organisations responsibility to inform all the people whose data has been compromised. A general rule of thumb is that if the exposed data is likely to affect the person then they must be informed about the data breach. Email id, password and phone number are all valid candidates to trigger the “likely to be affected” alert. Especially passwords are very sensitive as its a common practice to repeat passwords for various services like email, Facebook, Twitter, Instagram etc.
Got stuck recently during a remote gig installing CentOS. Vanilla install failed due to a hardware error and had to be reinstalled but unlike the earlier versions there wasn’t a clearly defined path to delete existing partitions. So here is what we did;
Custom partitoning, create automatic partitions will prompt that there is not enough free space
Click Done to go back
Select Automatic partition, click Done
Click the recover free space option on the Error prompt window
Delete all exiting partitions (or as needed)
Click preserve to save changes
Click Done to go back
The Disk free space displayed near the bottom has increased
That’s it. You can now proceed with the usual installation steps.