pmeerw's blog
total garbage comes to mind
https://pmeerw.net/blog/index.atomPeter Meerwald-Stadlerhttps://pmeerw.net/blog/index.atompmeerw@pmeerw.netCopyright 2007-2018 Peter Meerwald-Stadler
Pyblosxom hhttp://pyblosxom.github.com/ 1.5.3
2024-03-06T12:12:17ZC++ - WTF user literals?!https://pmeerw.net/blog/2024/03/06/c++-wtf2024-03-06T12:12:17Z2024-03-06T12:12:17Z
<p>
<a href="https://en.cppreference.com/w/cpp/language/user_literal">user literals</a>:
"Since
the introduction of user-defined literals, the code that uses format
macro constants for fixed-width integer types with no space after the
preceding string literal became invalid:
<code>std::printf("%"PRId64"\n",INT64_MIN);</code> has to be replaced by
<code>std::printf("%" PRId64"\n",INT64_MIN);</code>" </p>
<p>
So you want me to insert a space now?
</p>
Phishing awareness? Received from!https://pmeerw.net/blog/2024/02/05/phishing2024-02-05T21:00:00Z2024-02-05T21:00:00Z
<p>
Does your organization ask to look for phishing cues as part
of security awareness training?
</p>
<p>
Find misspelled domain names in the <code>From:</code> line, etc?
(that can easily be faked)
</p>
<p>
<img src="/blog/images/phishing-hook-small.jpg" width=300px>
</p>
<p>
It's pathetic to blame users for the phishing misery, which by and large
stems from the IT industry's failure to deploy secure software and safe communication solutions.
</p>
<p>
Here's a more reliable and (easy) check of the email's "header lines" to see if
the sender's email address matches the sending email server (SMTP server, specified in <a href="https://datatracker.ietf.org/doc/html/rfc5321">RFC 5321</a>).
</p>
<p>
Look for the first <code>Received: from</code> line. Here's an abridged example (<code>pmeerw@gmail.com</code> is messaging <code>pmeerw@pmeerw.net</code>):
<pre>
X-Original-To: pmeerw@pmeerw.net
Delivered-To: pmeerw@pmeerw.net
Received: from mail-ot1-x32e.google.com (mail-ot1-x32e.google.com [IPv6:2607:f8b0:4864:20::32e])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256
client-signature RSA-PSS (2048 bits) client-digest SHA256)
(Client CN "smtp.gmail.com", Issuer "GTS CA 1D4" (not verified))
by ns.pmeerw.net (Postfix) with ESMTPS id F1252E02CD
for <pmeerw@pmeerw.net>; Tue, 5 Mar 2024 16:32:48 +0100 (CET)
Received: by mail-ot1-x32e.google.com with SMTP id 46e09a7af769-6e2b466d213so1283153a34.0
for <pmeerw@pmeerw.net>; Tue, 05 Mar 2024 07:32:48 -0800 (PST)
MIME-Version: 1.0
From: Peter Meerwald-Stadler <pmeerw@gmail.com>
Date: Tue, 5 Mar 2024 16:32:36 +0100
Message-ID: <CAOeUeDJvaYSdykz2FVDg8Xm9feQ373A5TpX8btq1NmZUTnfxtA@mail.gmail.com>
Subject: bla
To: Peter Meerwald-Stadler <pmeerw@pmeerw.net>
blub
</pre>
So the SMTP server contacting pmeerw.net's SMTP is mail-ot1-x32e.google.com. Hence it's plausible that it's Gmail that is delivering an email (from a Gmail address).
The "Received: from" line is put there by the receiving SMTP server, a trusted machine.
On the other hand, the sender may put arbitrary things in the <code>From:</code> and <code>To:</code> lines, these values do not affect the delivery of the email and hence cannot be trusted.
</p>
<p>
Need to wait for some plausible spam/phishing email to have a more interesting example... :-)<br>
Update (March 6, 2024): Didn't take long, here's an example using <b>ovhcloud.com</b>:
<pre>
Received: from vps2361714.servdiscount-customer.com (vm4945647.1nvme.had.wf [45.88.77.100])
by ns.pmeerw.net (Postfix) with ESMTP id C6A5FE0177
From: =?UTF-8?B?T1ZIY2xvdWQ=?=<info@news.ovhcloud.com>
To: pmeerw@pmeerw.net
Subject: =?UTF-8?B?Vm90cmUgbm9tIGRlIGRvbWFpbmU=?= "pmeerw.net" =?UTF-8?B?ZXN0IHRlbXBvcmFpcmVtZW50IHN1c3BlbmR1?=
Message-ID: <20240306031559.DA8051C773833DB1@news.ovhcloud.com>
</pre>
I doubt ovhcloud sends their emails using vps2361714.servdiscount-customer.com (vm4945647.1nvme.had.wf [45.88.77.100]) and if they do I don't want to receive their sh*t anyway...
</p>
<p>
Email clients make it notoriously difficult to see this information (in Outlook it is hidded under <em>... / View / View Message details</em>).
</p>
GitLab, srly?!https://pmeerw.net/blog/2024/01/31/gitlab2024-01-31T13:15:09Z2024-01-31T13:15:09Z
<p> GitLab is a popular git repo platform with integrated CI and whatnot. It can be self-hosted.
</p>
<p>
Annoying limitations:
<ul>
<li>Limited to 50 tags per runner (<a href="https://gitlab.com/gitlab-org/gitlab/-/issues/364104">issue</a>)
<li>Constant breakage, no stable interfaces, e.g. CI_BUILD_TOKEN removal, see <a href="https://docs.gitlab.com/ee/update/deprecations.html#ci_build_-predefined-variables">docs</a>
<li>Random deprecation of stuff, e.g. CMD shell to be replaced by PowerShell
<li>Requires constant patching, I'd NOT recommended to host a publically available GitLab
instance.
<li>Support, is there support? So far all customer issues that would be relevant to me are simply not addressed
</ul>
<p>
How do people cope with these things?
</p>
No newline before EOFhttps://pmeerw.net/blog/2024/01/17/no-newline2024-01-17T22:13:21Z2024-01-17T22:13:21Z
<p>
Configuring editors to not append a newline at the end (before the end-of-file, EOF):
<ul>
<li> nano: start with <code>nano -L</code> or put <code>set nonewlines</code> in <code>~/.nanorc</code>
<li> gedit: run <code>gsettings set org.gnome.gedit.preferences.editor ensure-trailing-newline false</code>
</ul>
</p>
<p>
(see <a href="https://askubuntu.com/questions/13317/how-to-stop-gedit-gvim-vim-nano-from-adding-end-of-file-newline-char">here</a> also)
</p>
Windows 10 update KB5034441 fails to install - 0x80070643https://pmeerw.net/blog/2024/01/13/win-upd-repart2024-01-13T12:07:15Z2024-01-13T12:07:15Z
<p>
This will probably the only post I do for Windows ever, happened to do support for a PC over Christman holiday season.
</p>
<p>Thing is, security update KB5034441 fails to install with code 0x80070643. Of course, there can be multiple reason, but this
<a href="https://www.golem.de/news/windows-10-sicherheitsupdate-kb5034441-bricht-mit-fehler-0x80070643-ab-2401-181060.html">Golen article</a> (German) was spot on: the Windows recovery partition needs to be increased.
</p>
<p>
It refers to a <a href="https://support.microsoft.com/de-de/topic/kb5028997-anweisungen-zum-manuellen-%C3%A4ndern-der-partitionsgr%C3%B6%C3%9Fe-zum-installieren-des-winre-updates-400faa27-9343-461c-ada9-24c8229763bf">Microsoft support page</a> which has instructions for the command-line how to shrink the system partition and grow the recovery partition. Very nice incarnations :-)
</p>
<p>
A appreciate the user friendlyness of tools I've never heard of: <code>reagentc</code>, <code>diskpart</code>.
After that (no reboot necessary), the update completes installation within seconds, very nice!
</p>