IT

Information on information technology. Mostly a collection of how-to — or, how-I-did — articles.

Spam from kingex.io (Kingex Crypto and Cash exchange)

Comments are off for this post

Spam is frustrating. It is for me on many levels, not least of which because I run a mail server for a few thousand users. This is especially true since my company is a small hosting provider, so we have almost no leverage with the “big boys”, Google, Microsoft/Hotmail/Outlook (however they want to be known today), Yahoo, etc. The one that can’t make up their mind what they’re called has a programme called “Smart Network Data Services” but which used to be called “Postmaster Live”, but it’s as useless as tits on a bull. I’ve jumped through all of the hoops, but I still get just infuriating auto-replies and ignored when I try to interact with their system and the people behind their system. Google’s system is completely worthless and unworkable, as in order for my company to be a part of it, I’d have to create a new account for every domain we host! I can’t just sign up my mail servers’ IP addresses and deal with them that way! It’s stupid beyond belief.

But the point of these programmes/systems is for, as in the “old days” of the Internet, service providers — particularly the postmasters of said service providers — to interact and resolve issues. But the “big boys” don’t actually make any effort to “interact and resolve” anything; they just dictate how the rest of the world is supposed to interact with them, even when they’re operating outside of the RFCs, which are, essentially, the laws of the Internet.

One day I’ll write a more comprehensive post about how I think that all of said “big boys” are colluding to ensure that only they provide email service in the future, and companies like NinerNet Communications — with whom people are currently free to contract! — are shunted to the side, and encouraged to become their resellers.

But on a personal level, I myself get hardly any spam. Seriously! (Seventeen since 2021.) But when I do, I go through the roof, especially if it’s sent to one of my personal addresses, which I never give to anyone but close friends and family (I just don’t!), other than my “personal company” address, which I use to communicate with clients as well, of course. And I never enter it into a form on a website either! I have a system of rotating email addresses, and addresses I set up for individual suppliers and for specific purposes. For example, if I sign up for a Twitter account, the email address I give them is twitter123@myspecial.subdomain.com. That makes is easy to filter messages from them, and also makes it clear to me who leaked my email address if that address is spammed.

And if I’m going on a trip (as I just did), I set up an “alias” for the trip; that way I can use it for everything from plane tickets, to hotels, to entry tickets … the works! After the trip, I delete it. All of those airlines and hotels and theatres can spam me all they want — and they do! — but at the flick of a switch when I get home, all of that spam stops. Ahhhh, peace!

So after five paragraphs I should address the spam I received on Thursday from a company called Kingex, who bill themselves as a “crypto and cash exchange”. Years ago I gave up reporting spam to the email service providers from where the spam originated, and the hosts of the spamvertised websites. I used to have a very sophisticated and in-depth system for doing so — as good as if not better than Spamcop’s — but I eventually realised that it was a complete waste of time to do so … and it was a significant amount of time to do so, looking up the owners and contacts for multiple IP addresses and domains. It was a waste of time because my reports were completely ignored, and in some cases the hosts justified the spam, questioned my intelligence (“You probably just forgot you signed up for the spam”) and/or defended the spammers.

Anyway, this spam from kingex.io was sent to my personal company email address, not to one of my rotating or supplier email addresses. (I have a “personal company” email address, and a “personal personal” email address, both on their own domains, neither of which are the domain of this website.) Ironically the message included a request and a link: “Please leave us some feedback https://www.trustpilot.com/review/kingex.io”. So I thought, “What the hell, I won’t be reporting this, but I’ll give them some appropriate feedback.” And I did:

Never heard of these guys until I received spam from them a few minutes ago asking to be reviewed. So I am. Never deal with spammers.

I also perused a few of the other reviews, most of which were five (of five) stars, of course, as is typical on review websites where customers are coerced or otherwise strongly motivated into leaving reviews. But there were a few negative ones (read them yourself) where (a) Kingex representatice(s) was/were very aggressive in putting down the reviewer … which, as everyone knows, is Customer Service 101, put down any criticism with aggression.

In that vein my review received this response:

Dear customer,

We do not send unsolicited emails and do not promote our exchange services via email marketing. If you believe you received a message claiming to be from us, please provide the email address in question or contact us directly at support@kingex.io — we will be happy to investigate the matter thoroughly.

Until any evidence is presented, we consider this review an attempt to discredit our exchange service without basis.

Best regards,
Kingex Team

Because, as everyone knows, every negative review is quite clearly “an attempt to discredit our [company/]service without basis.” Yup, I’ve got nothing better to do all day than find new companies and leave them negative reviews.

Anyway, I’ve posted this here so that when I send these morons the copy of the spam I received, I will send it along with a link to this post, because on the Trust Pilot website there doesn’t seem to be a possibility of engaging in any back-and-forth, so my blog is where I will make this back-and-forth possible because Kingex will probably do all they can to have my Trust Pilot review removed. But, you know, when someone accuses you right off the bat with lying, there’s not much chance of any constructive back-and-forth. (Ironically, I see they now have another one-star review from someone else they spammed, with the same copied-and-pasted aggressive reply; see screenshot.) Here, the review cannot and will not be removed.

Oh, and their domain has been blocked on my company’s mail servers, so any future spam from them will not be delivered to our users’ mail boxes.

Kingex review and reply.

Kingex spam complaints.

And here’s the spam:

Return-Path: <dumbass@kingex.io> Delivered-To: xxxxx@xxxxx.xxx Received: from nc036.ninernet.net (nc036.ninernet.net [127.0.0.1]) by nc036.ninernet.net (Postfix) with ESMTP id DD920C540C3 for <xxxxx@xxxxx.xxx>; Fri, 25 Apr 2025 00:54:25 +0000 (UTC) X-Virus-Scanned: amavisd-new at nc036.ninernet.net X-Spam-Flag: NO X-Spam-Score: 2.787 X-Spam-Level: ** X-Spam-Status: No, score=2.787 tagged_above=-100 required=3.5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, MISSING_HEADERS=1.021, RCVD_IN_BL_SPAMCOP_NET=1.347, RCVD_IN_MSPIKE_BL=0.001, RCVD_IN_MSPIKE_ZBI=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, RDNS_NONE=0.793, SPF_HELO_FAIL=0.001, SPF_SOFTFAIL=0.665, TVD_SPACE_RATIO=0.001, TVD_SPACE_RATIO_MINFP=0.85, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no Received: from nc036.ninernet.net ([127.0.0.1]) by nc036.ninernet.net (nc036.ninernet.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id X-fluxj0TjIf for <xxxxx@xxxxx.xxx>; Fri, 25 Apr 2025 00:54:24 +0000 (UTC) Received: from domain.com (unknown [94.26.90.29]) by nc036.ninernet.net (Postfix) with ESMTP id D05C2C540C1 for <xxxxx@xxxxx.xxx>; Fri, 25 Apr 2025 00:54:24 +0000 (UTC) Message-ID: <252444ef1bdff5fed9e3aa01f5012a2fb46c4b@kingex.io> From: Kingex <dumbass@kingex.io> Subject: Best exchange Date: Thu, 24 Apr 2025 17:54:02 -0700 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="2b81c86397537de6c56f26bd48820a7ce3" X-Evolution-Source: 0ff2745c15978e92c527518f51fd77983813ec4b

–2b81c86397537de6c56f26bd48820a7ce3
Content-Type: text/plain; charset=”utf-8″
Content-Transfer-Encoding: quoted-printable

A BUNCH OF LINKS REMOVED

Please leave us some feedback https://www.trustpilot.com/review/kingex.io

–2b81c86397537de6c56f26bd48820a7ce3
Content-Type: text/html; charset=”utf-8″
Content-Transfer-Encoding: quoted-printable

A BUNCH OF LINKS REMOVED

–2b81c86397537de6c56f26bd48820a7ce3–

Updated, 2025-04-28: Firefox turns a bare Tiktok link into a tracking warning. I am not tracking anything.

Updated, 2025-04-28: Actually, removed most of the body of the spam message, as WordPress (Word-press?) just makes a mess of it, and all I was doing was helping to promote the spammer. Ain’t WYSIWYG great?!

Do you load the embedded images in email messages you receive?

Dec 22nd, 2024

by Craig.

Comments are off for this post

In my daily emails I invariably receive HTML messages with embedded images that are remotely hosted. I’m not talking about attached images that may or may not be displayed in-line, I’m referring to images that are hosted elsewhere and are pulled in over an Internet connection.

Every email client I’ve ever used — which is only two, Eudora and Evolution (I miss Eudora!), not counting the few I have tried temporarily — has given me the option to display these automatically or not. I always choose not to display them. Why? Because invariably one or all of the images are intended to track whether or not the person at my email address has opened the message and (presumably) read, understood and agreed to it. No thanks. There’s no benefit in that to me the receiver, so why would I do that?

Example of poorly designed HTML email message displayed in Evolution

Where I really notice this is in marketing messages, of course. One in particular that I receive daily (at left) lists a number of products in which I might be interested. There are six of them on the page, and it used to be that three of them displayed above the fold — i.e., where the screen ended before I am forced to scroll. I didn’t see the images due to the default settings in my email clients that do not display the images, but there were textual descriptions that were enough to make me decide whether or not to click to go to the website for more details. Sometimes I would click, but often not. The point is though that some months ago they changed the layout of the messages, and now there are none above the fold, and no visible text descriptions without scrolling. As a result, I don’t even remember the last time I clicked for more information.

And then there are messages where the header image seems to take up so much space that you have to scroll down fourteen screens to see any text! I’m not sure which is worse; that, or messages where the whole message is contained in one embedded image!

There are even companies that provide a service where you place an image bug in normal, everyday emails, usually in your email signature. These companies must be on the decline though, as I haven’t seen any in a while. When I do come across them I block their domains using my machine’s “hosts” file, so that they never achieve their purpose, even if I do load the images in the email.

To answer my own question, I almost never load the images. It’s an immediate turn-off if you can’t explain what you’re communicating about without pictures.

One weird trick to avoid scams and spam

Jan 26th, 2024

by Craig.

Comments are off for this post

Forgive my clickbait title, but everyone and their dog has this one rule you must follow to avoid scams and spam … or some variation of it. Maybe it’s a top-ten list or something. They’re all valuable, to some extent, and yet every day people are duped. And now that scams are being written by AI, you can’t even count on spotting scams with broken English (or whatever your language is) and poor grammar.

But every time I read about the latest data breach I think to myself, “Thank god they don’t have my email address or phone number.” Wait, what?! How do I open accounts without giving that information?! Oh, I do, but it’s not the one email address and phone number that 99.99999% of the world give out. For that reason as well no connection can be made between accounts because each account has a different email address!

For many years I’ve operated a system of what I call “supplier addresses”. If I’m dealing with Twitter, for example — not that I use their name because they were mentioned in recent news about a data leak — I create the email address “twitter@mydomain.com”, and I only give that address to Twitter, nobody else. (I can do this, of course, because I own my own domain and use it to its potential. Here’s a clue: Stop using Gmail for everything and register your own domain!) Yes, I have the email address craig@mydomain.com (umm, that’s not the real email address, in case you’re stupid), but the only people who get that email address are my family (the ones I talk to, anyway) and friends. Nobody else on the planet gets that address, and I certainly don’t enter it into a form field on a web page and I don’t post it on the Web! This is why it drove me nuts, back in the 20th century, when people sent jokes out to everyone they knew and exposed all the email addresses in the “to” and “cc” fields! Some people still do that!

So if Twitter (in this example) sells my email address or is hacked, I know exactly who let my email address into the wild. To be frank, that hasn’t happened to me many times, but I quickly realised that it does happen, so the email addresses I create now all include a number (e.g., twitter123@mydomain.com). If the email address is compromised I just change the number and inform Twitter by changing it in my account with them and kill the old address. My numbering follows a system, but you can make your own rules.

I also use a system of rotating email addresses that change every month. I use those addresses for short-term relationships, like when you have to provide an email address to download some white paper or connect to free wifi or something like that. No problem, bud, have this address. If it does get spammed, it will only be for a few weeks, but the reality is that I almost never receive any spam that I don’t expect on those addresses because they don’t last long enough for spammers to sell, circulate and use.

For the last couple of years I’ve been doing the same with phone numbers. Well, almost the same, as I can’t create ad hoc telephone numbers on my domain. (I’m aware of ENUM, but I’m not nearly as knowledgeable about it as I’d like to be and society isn’t ready yet for phone numbers that look like 12345@mydomain.com.) I first started using VoIP (long term) in 2011 (if I remember correctly), but only in 2022 did I switch to a company where I have full control over setting up new phone numbers in multiple geographic locations as and when I please. Now I don’t give out my personal phone number to anyone except the aforementioned family and friends, I give out one of my junk phone numbers. (Actually, I make one other exception, for medical contacts.)

Do I still receive spam and attempts to scam me? OMG, of course I do! But my email and phone are not beeping every five seconds with a new one, and none of my thousands of grandchildren have called me to ask for bail money. In fact, because of my system I hardly ever have to deal with either. I know that if the email address I first used to register a domain in 1996 (now owned by AOL) was active I’d be inundated! But it doesn’t so I’m not. 🙂

There you go, my “one weird trick” that everyone can and should use to avoid spam email and scam phone calls. Maybe one of these days I’ll write a more comprehensive document on all the actions I’ve taken over the years and the nuances to protect myself. Here’s a hint though: It’s work, but it’s simple, and it’s way less work and aggro than deleting all the spam from your email and voice-mail accounts.

Motorola for the win

Jan 8th, 2024

by Craig.

Comments are off for this post

As you’re aware if you follow this blog — all two of you — I recently broke my cell/mobile phone and needed to replace it. I know, this is stunning news that you just never hear and likely haven’t experienced yourself, but bear with me. 🙂 Although I had a cell/mobile phone long before many people did, I essentially gave up on them and stopped owning one for many years due to the way that the Canadian cell phone oligopoly rapes their customers.

In 2017 I decided to buy a phone from an American supplier — Ting, who operated based on paying only for the services you wanted and used — even though I was in Canada. Ting was a mobile virtual network operator owned by Tucows (before they sold it), a Canadian company who also own OpenSRS, a domain registrar who operate based on the reseller model. One of these days I will write more about them and why I left them after almost twenty years, but it should suffice to say that they didn’t (and don’t) live up to their own hype. Tucows never opened Ting in Canada because of how fucked-up the Canadian cell phone market is, and they essentially said that to their Canadian clients … without using the four-letter word I used. 🙂

However, Ting was awesome for the approximately two years I used them. (They actually did live up to their hype!) They’re not any more, sadly, because they now operate based on the plan system like just about everyone else, rather than actually charging you for what you need and use. (Tucows sold Ting Mobile.)

Through Ting I bought a phone that was adequate for my needs, a US$60 smartphone. Why didn’t I spend a thousand dollars on an Iphone? Because I don’t give a fuck about fads like owning the latest and greatest tracking device. Simply put, I just needed a portable computer in my hands that would tell me when I had email that may or may not need my immediate attention. I roamed in Canada, of course, but that was still cheaper in the long run than owning a Canadian cell phone. Bizarre, but true! I also wasn’t scrolling through Facebook endlessly and watching videos on it; all it did, essentially, was check my email. (In January 2024, after Rogers and Bell coincidentally raised their rates at the same time by about the same amount — after Rogers bought Shaw and promised that being allowed to do that would cause rates to be lowered! — I’m again hearing other Canadians talking about getting a non-Canadian phone and roaming! With VoIP and Internet-based messengers like Signal, why not?! Welcome to the 21st century!)

I still have that $60 cell phone! I occasionally use it on wifi, but I suspect it wouldn’t be welcome on any cell networks in 2024, or be able to download the latest apps.

In 2019 I was enticed to join Freedom Mobile, to whom I refer as Troublesome Mobile. I am not generally someone who looks for the cheapest, nastiest deals around — quality is not cheap, but quality isn’t to be found in this industry at any price! — but considering the extent to which the Canadian cell industry, as I say, rapes the Canadian population, the deal was good for what I needed, a portable computer that let’s me check my business email when I’m out. I don’t know anyone who pays $15 a month (before taxes) to be connected wherever they go.

Troublesome Mobile offered a Motorola phone at a reasonable price, so I went for it. I had bought a Samsung tablet a few years before but, as I said at the time, “In a nutshell, I am mightily disappointed in my Samsung/Android tablet.” So there was no way I was gong to acquire a Samsung phone, and I never will seeing as they have become the Apple of the Android world. When looking for a new phone late last year, I decided on another cheap, unlocked phone from an electronics retailer. I mean, smartphones have been around for years now, right? Apple is up to the Iphone 132 now or something, I believe, and each iteration is a vast improvement over the one before, right?! Well, apparently not. I was well aware that my old Motorola had Motorola apps on it that imparted more functionality on the phone than what comes with Android the operating system, but I naïvely figured that by 2024 those things would be standard in the OS. Ha! They aren’t, but I knew I’d adapt … until my new Cat Phone wouldn’t play nicely with my network of (limited) choice.

So I returned it and, as I said, walked into the trap of the Canadian cell phone oligopoly and crawled back to Troublesome Mobile on my hands and knees and handed over a couple of hundred dollars for another, low-end Motorola. Now, with my new phone, I can again karate chop my torch on. Yippee. Sadly, I learned that the feature of my old phone whereby I could do a double wrist twist to turn on the camera doesn’t work any more. As I said, new versions of software don’t imply improvement.

I readily admit that my vast experience will all of three brands of smartphones doesn’t hold a candle to the experience of selfie queen Kim Kardashian, who can afford to buy (or is probably given) a new phone every week, but Motorola is one company that I’m reasonably content with … except for the fact that it’s owned by Lenovo, who are based in the hostage-taking PRC. Now all I need is a Motorola sponsorship so that I can get paid for my effusive words of high praise! 🙂

Out of range or no pwr at base: VTech cordless phone

Feb 15th, 2021

by Craig.

Comments are off for this post

VTech model CS6649-3 cordless phone and “digital answering system”.

After a power failure, the cordless handsets on my VTech CS6649-3 cordless phone and “digital answering system” stopped working and displayed “Out of range or no pwr at base” on their screens. This system is at least ten years old, so I figured I’d be buying a new system. However, I did a web search and came across a couple of pages that didn’t quite help me solve my problem, but got me started.

The least helpful, of course, was the first result from VTech themselves: “What should I do if Out of range OR No pwr at base appears on my cordless handset?” I did briefly consider the possibility of third-party interference, but this seemed highly unlikely all of a sudden.

Further help was available at the following links:

The latter also led me to the video by Andrew Calvet, which is cut off suddenly at the end. (The “*7890#” code in this video works on my phone, but the “*331734#” code mentioned in other search results, including the two above, does not.) I got the same result as in the video, and then just hit “off/cancel” key several times to get back to the home screen. However, my screen still stated “Out of range or no pwr at base”, so I was no further ahead. So I decided to disconnect the battery, wait a few seconds, then reconnect it. (I needed to gently use pliers.) It then stated, “To register HS see manual”. Great. So I started to look for the physical manual, then remembered I had it saved on my computer.

I haven’t done a page-by-page comparison, but page 61 of this manual has the instructions “to register a handset”:

Press and hold FIND HANDSET on the telephone base for about four seconds until the IN USE light turns on and it shows Registering…
Press QUIET# on the handset. The handset shows Registering… Both the telephone base and cordless handset show Registered, and you hear a beep from the handset when the registration process completes. The registration process takes about 60 seconds.

I had to set the date and time the first time I did this on the first handset, but didn’t have to for the other two handsets. At the end of it all, all three remote handsets are working. The base was always working.

Not sure if just disconnecting and reconnecting the batteries in the handsets (and re-registering) would have done the trick; perhaps entering the “*7890#” code wasn’t actually a necessary part of the process.

Hope this helps you.

Updated, 2021-07-27: This happened again less than six months later. I can therefore confirm that simply disconnecting and reconnecting the battery does not work. You still need to enter the code as instructed in the video, then disconnect and reconnect the battery. The cause of the current failure is unknown, as we did not have another power failure.

Updated, 2021-08-30: OK, it seems that I’m having to do this almost regularly now, although the most recent time happened after I pulled the plug on everything in my office while I went away for a couple of weeks. So, for my own benefit, rather than making you (or myself) watch the video and read the manual, here are the steps:

On a/the handset, press MENU/SELECT.
Scroll up to Settings.
Press MENU/SELECT.
Enter *7890#.
Scroll to TEST HANDSET.
Press MENU/SELECT.
Scroll up to NEXT PAGE ….
Press MENU/SELECT.
Next menu option displaying should be REGSTR CLEAR. Press MENU/SELECT.
The phone will ask you to confirm “REG CLEAR ?“. Press MENU/SELECT. Phone will display “OK“.
Disconnect and reconnect the battery in the handset. It’s my habit to wait a few seconds in between. The handset will now display “To register HS See manual”.
On the base, press and hold FIND HANDSET for about four seconds until the IN USE light turns on and it shows Registering….
Press QUIET# on the handset. The handset shows Registering…. Both the telephone base and cordless handset show Registered, and you hear a beep from the handset when the registration process completes. The length of the registration process varies, but it usually takes fewer than 60 seconds.

You’re done.

Updated, 2025-05-11: It blows me away how many websites are out there claiming to tell you how how to fix this problem, and how many of them are completely wrong. But is it because they’re deluded and just trying to get advertising clicks, or because VTech has so many models that behave so differently? While I suspect some are the former, I suspect it’s more the latter.

My latest problem — again after leaving for a few days and unplugging everything — could not be solved by the above steps. I now have only two active handsets — not three, because we moved into a smaller place — but I could not for the life of me get the second handset registered. Every time I held down the “find handset” button (step 12), all it did was page the one registered handset. So in desperation I went looking online again. Nope, just the same plethora of that same old instructions, including mine.

But then my eyes flicked over a snippet that I can no longer find or link to that simply said, “Press and hold the ‘find handset’ button to register the handset” (not just for four seconds), or words to that effect. So that’s what I did, not expecting anything miraculous. To my surprise I heard a single beep from the general direction of the problem handset, not the usual ringing from the one registered handset. So I retrieved the handset, pressed and held the “find handset” button again, and step 13 above happened! Bizarre. Now both handsets are registered and working again.

Situations like this make me wonder how many people with more dollars than sense just give up immediately, throw the whole system away, and head for the shops to buy a brand new system when the old system does still actually work.

man page humour

Aug 28th, 2017

by Craig.

Comments are off for this post

Found this little nugget in the “find” man page recently:

A ‘%’ character followed by any other character is discarded, but the other character is printed (don’t rely on this, as further format characters may be introduced). A ‘%’ at the end of the format argument causes undefined behaviour since there is no following character. In some locales, it may hide your door keys, while in others it may remove the final page from the novel you are reading.

Reminds me of a T-shirt I have:

$> man woman
$> Segmentation fault (core dumped)

HeidiSQL and MySQL: Can’t connect to MySQL server on ‘127.0.0.1’ (10061)

Aug 21st, 2016

by Craig.

Comments are off for this post

HeidiSQL can’t connect to MySQL

I installed XAMPP and HeidiSQL (the latter running under Wine) on my local Xubuntu 14.04 (LTS) system sometime in the last year or two. I’d used both before when I used to use Windows, and have had no problem using HeidiSQL to connect to external MySQL servers. However, I have had no success connecting to my local installation of MySQL. Not having time to deal with the issue (what seemingly inexplicable computer issue is ever resolved in a matter of minutes?!) I just left it and used phpMyAdmin that comes bundled with XAMPP, which is up to the job but which is a pain to use once you’re used to a native application like HeidiSQL.

Well, yesterday was the day to get to the bottom of the problem, and predictably it took me several hours to figure out.

I found a number of articles that referred to user privileges, client bugs, binding MySQL to the localhost IP address, some guy who was doing it wrong, another guy who must have been using machine translation to try to get his point across (I don’t envy the poor guy), and a guy who seemed to have the same problem as me (but didn’t).

I found the clue that solved my problem in the Navicat knowledge base (“2003 – Can’t connect to MySQL server on xxx (10061)“) that linked to the MySQL reference manual (“B.5.2.2 Can’t connect to [local] MySQL server“). Looking at the default XAMPP MySQL configuration file at /opt/lampp/etc/my.cnf I noticed the following:

# commented in by xampp security
#skip-networking
skip-networking

I’m guessing that the XAMPP-provided script that I recall XAMPP suggesting you run after installation to plug a few security holes put that there. After I once again commented out “skip-networking” and restarted MySQL, HeidiSQL was able to connect. Considering I generally only run the local MySQL server for brief periods I don’t expect this to be a major security issue.

I am a happy camper once again. Hope this helps you too.

Android issues

Nov 16th, 2015

by Craig.

Comments are off for this post

Google+ has stopped, which is very unfortunate.

Google+ has crashed, burned and died, which is terribly unfortunate

As I’ve alluded to before, my disappointment with the Android operating system created by Google is mighty. However, it reached a new low last week.

Suddenly I kept being presented with “Unfortunately, Google+ has stopped” errors that prevented me from doing anything until I tapped either “Report” or “OK”. I tapped “OK” the first few times, but then I thought, “Well, maybe I should be a good user and report this problem.” At first my reports were polite, but after being presented with this error every few seconds, sometimes one on top of the other while I was still trying to report the previous instance, I started to use four-letter words, usually two per report. Then I just gave up, and hit a few random letters before sending my report. I figured that after a few dozen reports something might be done. I am so naive!

Anyway, after a day or two of not being able to do anything on my tablet without constant interruption by the Google Plus app apparently crashing, I decided to take matters into my own hands. First of all, I don’t use Google Plus in any shape or form, but (of course) it’s a “system app” that you are forced to keep, so I rolled back the updates and disabled it. Then I went and disabled every single Google app I could identify except the six that I’m actually using:

Chrome,
Gmail,
Google Play service,
Google Play Store,
(Google) Maps, and
Youtube.

I have no doubt that there are more Google services on my tablet “phoning home” at every opportunity, but I probably can’t do much about those. As for the six that are left, short of “rooting” my device I probably can’t operate without the two “Play” apps, Gmail is on my list of things that I won’t need in the near future (and will disable) as I work diligently to stop using all Google services (I’ll be writing about that when I have some time), Chrome I’m keeping for now as I think it’s a good idea to have a second web browser on any machine (even if one of them is Google crap), Google Maps I will replace if or when I find something as good (in the meantime I’m fine using it with location services turned off), and Youtube … well, since it’s the world’s video sharing service, I won’t be disabling that any time soon, I suppose.

Speaking of rooting, I’m now way more inclined to do that than I was a couple of years ago when I bought this tablet. The only issue is that I don’t have the time to spend managing all of my computing resources. Technology was supposed to save us time, allowing us to frolic in fields of green with our friends and families while the computers did all the work. Instead we’re chained to them like slaves. How bloody ironic! Anyway, my tablet doesn’t seem to be on a list of supported devices for which there are instructions and software for rooting. Further digging reveals that I could probably work on it but … here we are back at the time excuse in this circular argument.

But here’s some further irony in this story: Once I had disabled all of the Google apps I could get my hands on, suddenly I could multitask again! Well, as well as you can on a tablet, I suppose. Where once I couldn’t switch to another app without it completely reloading from scratch, now I can get back to where I was mid-session with some of them. Firefox is the exception, which annoyingly reloads tabs from scratch every single time they’re re-selected.

Update, 29 November 2015: Having got on a roll and removed or (if it’s a “system app”) disabled any app that I’m not using, I was left with Samsung WatchON, which (after rolling back all of the updates) I can neither disable nor remove nor even stop. And yet, according to its Wikipedia article (as much research as I am willing to waste my time with), “App is discontinued on December 31, 2014 worldwide except US and Korea, and June 15, 2015 in those remaining two countries.” (The wording of that is not the only problem with the Wikipedia article.) When I try to run the app I’m told that it won’t run because the time on my device is wrong. Well, actually Samsung, it’s not. And so, having rolled back all of the updates so that I could disable this “system (cr)app”, I’m now running an out-of-date and possibly vulnerable app that I can neither stop, disable nor remove, and I keep being prompted to update it. Well, I guess I’d better update it then to stop the annoyance! Now when I try to run it I get an error message about not being able “to retrieve data from the server.” It helpfully suggest that I “Try again later. (1) [sic]”

Thanks, Samsung, you useless bastards.

Submission to GNSO Privacy & Proxy Services Accreditation Issues Working Group

Jul 4th, 2015

by Craig.

Comments are off for this post

My submission today to the ICANN forum addressing the GNSO Privacy & Proxy Services Accreditation Issues Working Group Initial Report:

While I can’t understand why some businesses hide their contact information — it seems counter-intuitive — I emphatically support the legitimate use of WHOIS privacy and proxy services.

To state my bias up front, I am the registrant of 120 domains for business and personal use. None of my 44 business domains are protected by a privacy or proxy service. Of the remaining 76 domains, 8 (11%) use a privacy or proxy service. I’m not doing anything illegal with those 8 domains (you’ll have to trust me on that), but it’s controversial enough with some people that I wish to make it that much more difficult for those people to identify and/or find me. If the cops need to find me for any reason — which they don’t — including related to my domain registrations, it would take them all of five minutes with their legal powers (and, ironically, finding me probably wouldn’t even involve using WHOIS!), and that is sufficient for the greater good of society.

In my mind “legitimate use” of WHOIS privacy and proxy services includes hiding from people who would like to make it easier to track down people they disagree with (including using some legal pretext to do so), which includes even people with a legitimate reason to want that information. If someone with a legitimate intellectual property interest in the content of a particular website is motivated enough to contact the owner of that website, then they should be prepared to do some work to do so.

It should not be any easier to track down the owner of a domain than it is to track down the owner of a phone number or vehicle licence plate — which is not easy in my part of the world — if the domain owner does not want to be found by casual curiosity, even the professional curiosity of lawyers.

While I give ICANN lukewarm support for verifying WHOIS information provided by domain registrants (it might as well be accurate), the fact is that the WHOIS database is more useful for spammers than it is for any legitimate use. For that reason it is a far more negative effort than it is positive, and any effort to restrict the use of privacy and proxy services only makes the public perception of the WHOIS even more negative.

Archived on ICANN website.

Update, 13 August 2015: Removed the link to my submission on the ICANN website, as the URL keeps changing.

Deleting files under Linux/Unix

Nov 26th, 2014

by Craig.

Comments are off for this post

Today I came across a comment on a blog post related to deleting files on a Unix/Linux system that was a clear case of bullshit. I tried to post a comment to that effect on the blog in question, but the comment feature was broken. So, since I had already gone to the trouble of writing my response, and since I don’t post nearly as much to my own blog as I would like, I’ll just post it here instead.

To PoorMe, who claimed to have “just lost all of [his/her] files and folders on [his/her] server in just 2 seconds” by running the suggested command, I call bullshit!

I actually intentionally tried this a few years ago on a server that I was decommissioning. First of all, you have to be in the root directory for the dreaded “rm -rf *” command to try and remove everything (unless you craft the command explicitly to remove everything under the root directory), and you’re almost never in the root directory unless you place yourself there for some specific and very unusual reason.

Secondly, in my test (which I did run as root) I ran into many files and directories that threw up errors and interrupted the process, even though I used the “-f” flag. In fact, I ended up having to delete individual directories off of the root to do what I was trying to achieve, and even then I gave up trying to remove anything but directories I knew contained user data.

Thirdly, even without those errors the process would have taken minutes, if not hours, not “2 seconds”. Anyone who thinks it takes two seconds has obviously never tried it. Besides, assuming you’re connecting over SSH, how are you still connected if you deleted everything, including the SSH server?

Bottom line, don’t run commands on your system that you find on the Internet without first understanding and checking them. But even if you don’t take that advice, the chances of you erasing every file and directory on your server in the blink of an eye are close to zero. Sure, you might erase a whole lot of stuff you didn’t want to erase that you may never get back and which may destabilise your system requiring you to reinstall the operating system (and it may happen in as few as two seconds), but what PoorMe claims happened almost certainly didn’t happen.

IT

Spam from kingex.io (Kingex Crypto and Cash exchange)

Do you load the embedded images in email messages you receive?

One weird trick to avoid scams and spam

Motorola for the win

Out of range or no pwr at base: VTech cordless phone

man page humour

HeidiSQL and MySQL: Can’t connect to MySQL server on ‘127.0.0.1’ (10061)

Android issues

Submission to GNSO Privacy & Proxy Services Accreditation Issues Working Group

Deleting files under Linux/Unix

Categories

Calendar

Bogroll

IT

Tags

Categories

Calendar

Bogroll