2009

There were 163 posts published in 2009 (this is page 4 of 9).

Alert to All Mac OS X Users: Protect Yourself from CVE-2008-5353!

Update: TidBITS writes that Apple has released a patched version of Java that fixes this issue. It is available through Software Update.

CVE-2008-5353 is a critical Java vulnerability that was discovered back in August 2008 and patched by Sun Microsystems a few months later. However, Apple has failed to release a patched version of Java, even in the latest 10.5.7 update! CVE-2008-5353 is described as follows:

Unspecified vulnerability in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows untrusted applets and applications to gain privileges via unknown vectors related to "deserializing calendar objects."

Since Apple failed fix this vulnerability in the latest update to OS X (10.5.7), Landon Fuller, a programmer and former Apple Engineer, released a proof-of-concept demonstrating the exploit. The demonstration is done by launching a Java applet in your web browser and using the exploit to run the /usr/bin/say command on your Mac to "speak" some words through your speakers. This may not sound very dangerous, but this same exploit could be used to run malicious code on your Mac without your even knowing it!

So, how can I protect myself?

For now, all you can do is entirely disable Java in your browsers to ensure no Java applets are allowed to run. The good news is that chances are you probably don't depend on Java anyway (remember, Java is not JavaScript). And if you find yourself needing to run something that does require Java (the browser will alert you with a message saying the Java plugin isn't installed), you can always re-enable Java in your browser while you're using the applet, and then disable it again when you're done. Inconvenient, yes, but worth it. This is one nasty vulnerability, and with all the publicity it's been getting lately, there's bound to be more malicious code in the wild just waiting to hijack your system.

Disabling Java in Firefox

In Firefox, choose from the menu, Firefox -> Preferences. Then select the Content tab and un-check the Use Java option:

Firefox Content Preferences, Use Java option

Disabling Java in Safari

(applies to both Safari 3 and Safari 4 Beta)

In Safari, choose from the menu, Safari -> Preferences. Then select the Security tab and un-check the Enable Java option:

Safari 4 Beta Security Preferences, Enable Java option

Update: TidBITS writes that Apple has released a patched version of Java that fixes this issue. It is available through Software Update.

Changes at 40,000 ft

Lots of things have been changing for me lately, mostly by my choosing. While I believe this is a good thing, I feel an increasing sense of disarray. My life, my goals, my plans, and even my thoughts, are beginning to feel more and more like the seemingly endless, and increasingly disorganized list of projects and tasks in OmniFocus (the application I use for managing tasks/projects).

Maybe I'm just trying to do too much at once. Maybe I need to slow down, define a few short-term reachable goals and stick with them until they're met. Or, maybe, it's time to take another 40,000 ft look at my life.

Rock Climbing

I spent three hours today taking the Skilled Top Rope climber course at MetroRock in Everett, an indoor rock climbing gym. I took this same class last year (and even bought a harness, climbing shoes, ATC, and carbiner) but never did anything with it because I had no one to climb with. This year I'm serious about climbing (and bouldering) even if that means making new friends. I've already signed up for The Rumney Tour in June.

Started playing volleyball again

I played volleyball at my brother-in-law's house today after work and it was a great workout. The muscles in my hands are extremely sore (even my typing coordination is off), but I love it. We're going to try playing as much as possible after work, weather and time permitting.

More Yoga

With the new workout routines I began recently, my muscles (especially the hams, quads, lower-back, and hip flexor muscles) have become extremely tight. I've started doing more yoga in the morning and the evening and I can already feel my body loosening up. My mind also feels more relaxed and focused. It takes a lot of time out of my already tight schedule, but it's definitely worth it!

An Inspirational Story of Freedom

Imagine living with nothing but the contents of two backpacks. Imagine the freedom that would bring. The places you could go. The simplistic lifestyle you would live. Well Amber Zuckswert has done just that. Traveling the world and living a mobile lifestyle has been a dream of mine for as long as I can remember and Amber's story is amazingly inspirational. She went from working 15-18 hour days and living in San Francisco with a big apartment that was bursting with "stuff", to selling almost everything (including her iPhone!) and moving to Australia with only two backpacks to claim as her own.

Saving Files as root From Inside VIM

Oftentimes I will be editing a Linux configuration file using vim only to discover that I cannot save it because the file requires root permission to write to it. This ends up looking something like this:

[sourcecode lang="bash"]
vi /path/to/some/file.conf
[make some edits]
:w
VIM Message: E45: 'readonly' option is set (add ! to override)
:q!
$ sudo vi /path/to/some/file.conf
[make all my edits AGAIN]
:w
[/sourcecode]

I have gone through this process so many times that I knew there must be an easy fix for it. (I know about sudo !! for running the previous command, but I only recently started developing the habit of using it.) After forgetting to use sudo while editing a configuration file yet again this morning, I finally decided to search Google and find a solution. Here it is:

[sourcecode lang="bash"]
vi /path/to/some/file.conf
[make some edits]
:w
VIM Message: E45: 'readonly' option is set (add ! to override)
:w !sudo tee %
[/sourcecode]

The :w !sudo tee % command tells VIM to write the file (w) but run the sudo command first (!sudo) and read the writing of the file from standard input to standard output (tee) using the same filename as the one we're editing (%).

After saving the file as root, you'll get this message: "W12: Warning: File "/private/etc/smb.conf" has changed and the buffer was changed in Vim as well". You'll be given the option to reload it, but since you were already looking at the new version it doesn't much matter which option you choose (OK or Reload).

And last but not least, if you don't want to remember the syntax for this command, you can map the command in your ~/.vimrc file:

[sourcecode lang="bash"]
cmap w!! w !sudo tee % >/dev/null
[/sourcecode]

Now, if you forget to edit a file with sudo, you can simply type :w!! to fix the problem!

Swollen Shins as a Result of Muscular Imbalances

Over the course of the past 27 years, my posture has suffered greatly from the sedentary nature of my career. The extreme muscular imbalances have created a very dysfunctional body and those dysfunctions become more and more apparent the further I push myself physically.

For example while running, more pressure is exerted on my lower shins than is normal and as a result they've become swollen (and even bruised). They're in pain constantly, even when walking. My hip flexor muscles are locked into flexion, causing my torso to lean slightly forward. Extremely tight calves and quads also prevent full extension of the legs when running.

The past few months I've been doing more running than ever before and I've broken several personal records along the way (dropped my 4 mile run time from 41 min to 30 min in 3 months). Since noticing my swollen shins, I've eased up slightly on the length of my runs (3 miles instead of 4+) and started icing and stretching.

I seriously need to commit more time (i.e., daily) to fixing the muscle imbalances in my body. For the past 6 months or so, I've been using (on and off) Pete Egocsue's excellent postural therapy program, as outlined in two books, Pain Free and Pain Free at your PC. In the long run, fixing the muscular imbalances is more important than any other physical training since exercising a dysfunctional body will only strengthen the imbalances and prevent me from reaching my full physical potential!

To sleep or not to sleep?

Everything I've read about fitness and sleep during the past ten years has talked about the major importance sleep plays in rejuvenating our body -- lack of sleep can be as harmful as eating unhealthy foods! While I've been trying to change my schedule to wake up earlier, I often find myself waking up extremely tired. I justify going back to sleep because I tell myself it's probably healthier than waking up early. But then if I don't deal with lack of sleep for a few nights in a row, I'll never adjust my sleeping pattern.

Internet Explorer: Incorrect Password During Certificate Import

While importing a P12 certificate into Internet Explorer today, I got a message saying "The password you entered is incorrect.":

Internet Explorer - Incorrect certificate password

However, I successfully imported this same certificate, using the same password, on Firefox and Safari. But Internet Explorer (both IE7 and IE8) continued to tell me I was using the wrong password. After checking, double-checking, and quadruple-checking the password, I was 1000% sure the private key password that I was using was correct and that Internet Explorer itself was to blame.

After much trial and error, I discovered the problem: Internet Explorer has a maximum private key password length! The password I was using (modified for security purposes, but identical in length) was as follows:

603979ba15c2097f8f7fy35ec0ucfbeb

That's 32 characters, the same length as an MD5. However, Internet Explorer appears to have a problem with that! I changed the password to the following 26 character password and the certificate imported with no complaints from IE!

ae869d263e267593286188b638

If you're having the same problem, you may be wondering how to change the password on your P12 file. To do this, you'll need access to OpenSSL. If you have a Mac, you might be able to find OpenSSL in /opt/local/bin/openssl. But more likely you're on Windows and you will need to download and install the OpenSSL binary for Windows.

You can use the OpenSSL program to convert the P12 file to PEM format, and then convert the PEM certificate back into a P12 file, using a shorter 26-character password when prompted. Here's how:

First, convert the original P12 file to PEM format:

[sourcecode lang="bash"]
openssl pkcs12 -in my-original.p12 -out certkey.pem -nodes -clcerts
[/sourcecode]

This should give you a file called certkey.pem. This file contains both the certificate and the private key. However, the next command requires that the key be contained in a separate key.pem file, so you'll want to edit certkey.pem with a text editor and extract the private key portion (it should be the bottom half of the file). The key.pem file should look somewhat like this:

[sourcecode lang="bash"]
Bag Attributes
localKeyID: EE 35 CB 41 81 23 4C 89 FF 43 42 E0 3C 3B FF 93 9E 0E B7 AA
Key Attributes:
-----BEGIN RSA PRIVATE KEY-----
MIIoOwLBAAJBANSdWgmhySZsCD/koC6nST/JzH/Uqjm6NXsQwtTwx493rhM/90BB
JyfdkfDQCHR/XP0szI1LqS/AXfSx1q25/3MCAwEAAQJBAM0Iu+Mm7zJTT7nqDgfv
VW+4RaRVp05JHaWQdeerpBnWJI+2NDsiKrovyrvYjglJcdpXHhoM95T5qm8x65XP
MhkCIQD5vQ2dNGoFGn0yL0ELDU39PrVvfZyJV3wXedjrQm9utwIhAN0FRk/qIWzz
p9ZP9DjIpIRj6BdWLRrZmLqxdnUXifSlAiBy6fb1u0RJjK7HBM9dPK7+NHiQEJCS
8dp7wZl5d1xnCSIhANLoF6pmnyLil4QwgVlOTv9ufqjSZ+w5GD7a3Vj678RpAiAV
6rTJ3mAZAeQiaRHhgRP7SuvQS6EDWDPxbMBMwYklfA==
-----END RSA PRIVATE KEY-----
[/sourcecode]

With these files in place, you can run the following command to convert the PEM certificate back into a P12 format, providing a new password (maximum 26 characters) when prompted for the Export Password:

[sourcecode lang="bash"]
$ openssl pkcs12 -export -in certkey.pem -inkey key.pem -out my-new-certificate.p12 -rand /dev/random
2048 semi-random bytes loaded
Enter Export Password:
Verifying - Enter Export Password:
[/sourcecode]

That's it! Now you should be able to install the certificate in Internet Explorer without any "incorrect password" complaints.

Started a New Upper Back Workout for the Month of May

I started a new workout for the month of May. It's an upper back workout designed to work the smaller supportive muscles required to build bigger arms and shoulders. It's part of the Men's Health 2009 Poster Series, so I want to wait until the next issue before posting full details of the workout. I'm also keeping up with my running routine. Although I haven't been keeping a regular schedule, I'm trying to run as much as possible (I'm teetering on the edge of shin splints).

Fourth April Camping Trip

The weather was beautiful this weekend (temperatures in the 80's during the day, and the upper 50's at night) and I spent most of the day on Saturday lifting logs, running, and working out around the camping area (yes, that's my idea of relaxing!). In my previous post I mentioned there would be bugs, ticks, and mosquito's in a few weeks and that it was nice camping without them. Well I was wrong; they're already there! Within a few minutes of arriving, I found ticks crawling on me around the area where I camped last weekend, so I decided to just pick a random spot in the forest near the stream.

The night was so warm that I didn't even need a fire for heat, but I built one anyway (a camping ritual, or something). I pulled stones from the stream to build a small fire pit and used birch bark to start the fire. During the night I heard something moving around the leaves outside the tent and I kept getting up to look around with the flashlight. Finally I discovered a tiny frog was periodically jumping through the leaves making all the noise.

The weather didn't call for rain and the sky was clear when I went to sleep, so I assumed I wouldn't have to worry about rain. Stupid me. I've lived in New England long enough not to assume that. I woke up around 7AM to the sound of rain drops. The front of my tent was open, and a small puddle of water had already formed inside the tent. My pack, which also wasn't covered, got wet too. Oh well, it was still warm (50 degrees) so the water wasn't that uncomfortable. While it drizzled on and off, I started a fire just to see how difficult it would be while everything was soaked -- it was easy (birch bark is amazing, even in the rain!). After eating a breakfast of oatmeal, dried pineapple, a banana, and peppermint tea, I packed up and headed home.

I didn't take many pictures this time, but here are a few anyway.

Third April Camping Trip

This camping trip took place last weekend so this post is about a week late, but I wanted to stick with writing a post for each camping trip in April, so here goes (from memory). I took a better camera with me (an Olympus 770SW) and the pictures from the trip can be found here.

I decided not to camp down by the river this time, but instead camp in a clearing about 1/4 mile from the river. The wind blowing off the water made the previous two trips very, very cold and it made keeping the fire going difficult. This trip was much warmer than the previous two, at least during the day. The temperatures reached the upper 60's on both Saturday and Sunday, but the thermometer I brought with me measured a low of 24.4 degrees Fahrenheit during the evening, and it definitely felt it.

On Saturday afternoon I hiked down to the river to see how much ice had melted. I found what looked to be a wolf print (although on second thought, it looks more like a large raccoon print), and after taking a few pictures and walking around, I returned to camp to spend the evening practicing various knots, keeping the fire going, and reading Ender's Game.

I awoke around 3AM Sunday morning with freezing cold feet and needing to pee. There was no way I was getting up and losing the small amount of heat that remained inside my sleeping bag, so I toughed it out. It's amazingly difficult to fall asleep when your feet are cold and your bowls are telling you to get the hell up.

I finally got up around 6AM to relieve myself and decided that dealing with the early morning cold and getting the fire started was, in the long run, a better idea than trying to go back to sleep and generate my own heat. There were still some hot coals in the fire from the night before and I managed to use them to get the fire started again.

I watched the sun rise and waited desperately for it to come up over the trees to heat the surrounding air. When it finally did, I spent some time exercising and and laying in the clearing relaxing in the sun. It's early enough in the season that there are almost no bugs. A few more weeks and the mosquito's, ticks, black flies, ants, and all the other bugs will be out in full-force.

Convert any Website into a PDF!

HTML to PDF Converter is a service that allows you to provide the URL of any website and promptly get a PDF version of the website in return. This is incredibly useful. I've always wanted a way to backup sites that contain really useful information for fear that they may disappear. It's dangerous to always rely on a site being just a Google-search away.

Wild Envy

Is it right to feel, while I'm driving to work one sunny seventy-degree day, a sense of envy upon seeing two Canadian geese grazing in the grass? Am I really so sick of being indoors that I feel envious of wild animals? I have all the power to change my lifestyle -- is my sense of responsibility preventing me from taking action? Surely there is more to life than sitting in front of an electronic device, moving around bits of electrons, and solving problems that, in the grand scale of things, mean absolutely nothing.