Expected:
I've not been here for a week - and I know there are notifications.
Actual:
One notification listed.
route is: https://what.thedailywtf.com/notifications
where I am looking for ALL notifications and there is only 1. See below:
Expected:
I've not been here for a week - and I know there are notifications.
Actual:
One notification listed.
route is: https://what.thedailywtf.com/notifications
where I am looking for ALL notifications and there is only 1. See below:
@anotherusername said in How will you deal with the coming Firefox apocalypse?:
@rad131304 I found the source for it a while back... I'll repost it:
Firefox tries to contact Mozilla once a day to check for security updates. This is called the “updater ping”. The ADI number is the aggregate number of these pings that were seen on a given day and can be understood as the number of running Firefox installs on that day.
@anotherusername Thanks.
@anotherusername Ah ok. Active Daily Installs sounded like a measure of people downloading the installer to me.
@anotherusername Ok - then can you elaborate?
@anotherusername No I get that - it's tracking YOY installs by day. I still don't see how this is a useful metric since it's a relative year to year comparison that has tons of factors not tracked by this information. What was happening last year that might have spiked installs? Is there a reason installs might be depressed relative to baseline now? Without long term data or decent error information this graph is not particularly helpful.
@el_heffe said in How will you deal with the coming Firefox apocalypse?:
Looks like the 7 people still using Firefox are going to be pissed
Firefox Active Daily Installations:
So you're telling me that YOY installs might have not been in sync?
I hate Firefox but this graph still seems not really helpful.
Full Disclosure: I"m only about 6 posts into the thread
EDIT: I'm also done trying to read the between messages ... it's dumb even for this place
@blek said in Kind of a cool app ...:
Also why does any link generated by NodeBB to any app I try have Arabic (or something) words in it when the whole page is in English?
2nd! I was curious about that as well
@accalia crap didn't realize it was doing that. We use google chat at work so I'm always logged in.
Basically it's an app that detects the bluetooth signal of some credit card skimmers.
@tsaukpaetra This more looks like it's supposed to be a policy that AWS has by default but is missing for us - it exists as a pre-defined add-able policy type during the role creation step of the function creation.
Though, yeah, bad AWS tutorials are everywhere which doesn't help much.
Nevermind; I solved it.
AWS has/had some sort of issue and no decryption policy was actually bound to my service account. The policy seems to not exist, so I created the following User Managed Policy and bound it to the role:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"kms:Encrypt",
"kms:Decrypt",
"kms:ReEncrypt*",
"kms:GenerateDataKey*",
"kms:DescribeKey"
],
"Resource": "*"
}
]
}
Here's the Key Policy for the encryption key (the lambda IAM user is one of the AWS principals that can read the key):
{
"Version": "2012-10-17",
"Id": "key-consolepolicy-3",
"Statement": [
{
"Sid": "Enable IAM User Permissions",
"Effect": "Allow",
"Principal": {
"AWS": "[REDACTED]"
},
"Action": "kms:*",
"Resource": "*"
},
{
"Sid": "Allow access for Key Administrators",
"Effect": "Allow",
"Principal": {
"AWS": "[REDACTED]"
},
"Action": [
"kms:Create*",
"kms:Describe*",
"kms:Enable*",
"kms:List*",
"kms:Put*",
"kms:Update*",
"kms:Revoke*",
"kms:Disable*",
"kms:Get*",
"kms:Delete*",
"kms:TagResource",
"kms:UntagResource",
"kms:ScheduleKeyDeletion",
"kms:CancelKeyDeletion"
],
"Resource": "*"
},
{
"Sid": "Allow use of the key",
"Effect": "Allow",
"Principal": {
"AWS": "[REDACTED]"
},
"Action": [
"kms:Encrypt",
"kms:Decrypt",
"kms:ReEncrypt*",
"kms:GenerateDataKey*",
"kms:DescribeKey"
],
"Resource": "*"
},
{
"Sid": "Allow attachment of persistent resources",
"Effect": "Allow",
"Principal": {
"AWS": "[REDACTED]"
},
"Action": [
"kms:CreateGrant",
"kms:ListGrants",
"kms:RevokeGrant"
],
"Resource": "*",
"Condition": {
"Bool": {
"kms:GrantIsForAWSResource": "true"
}
}
}
]
}
I'm having issues setting access policies properly in AWS to allow my service user to decrypt encrypted env vars.
lambda function (nodejs 6.10):
'use strict';
const AWS = require('aws-sdk');
const ekeys = [process.env['var1'], process.env['var2']];
let dkeys = {};
exports.handler = (event, context, callback) => {
Promise.all(ekeys.map(decryptKMS))
.then(([var1, var2]) => {
dkeys.var1 = var1;
dkeys.var2 = var2;
handle(event, context, callback);
})
.catch(console.log);
};
function handle (event, context, callback) {
console.log(JSON.stringify(dkeys));
callback(null, 'Hello from Lambda');
}
function decryptKMS(key) {
return new Promise((resolve, reject) => {
const kms = new AWS.KMS()
kms.decrypt({ CiphertextBlob: new Buffer(key, 'base64') }, (err, data) => {
if (err) {
reject(err)
}
else {
resolve(data.Plaintext.toString('ascii'))
}
})
})
}
Cloudwatch Logs:
START RequestId: 1333cc77-9973-11e7-82ee-df1685ee811f Version: $LATEST
2017-09-14T17:35:18.374Z 1333cc77-9973-11e7-82ee-df1685ee811f { AccessDeniedException: The ciphertext refers to a customer master key that does not exist, does not exist in this region, or you are not allowed to access.
at Request.extractError (/var/runtime/node_modules/aws-sdk/lib/protocol/json.js:48:27)
at Request.callListeners (/var/runtime/node_modules/aws-sdk/lib/sequential_executor.js:105:20)
at Request.emit (/var/runtime/node_modules/aws-sdk/lib/sequential_executor.js:77:10)
at Request.emit (/var/runtime/node_modules/aws-sdk/lib/request.js:683:14)
at Request.transition (/var/runtime/node_modules/aws-sdk/lib/request.js:22:10)
at AcceptorStateMachine.runTo (/var/runtime/node_modules/aws-sdk/lib/state_machine.js:14:12)
at /var/runtime/node_modules/aws-sdk/lib/state_machine.js:26:10
at Request.<anonymous> (/var/runtime/node_modules/aws-sdk/lib/request.js:38:9)
at Request.<anonymous> (/var/runtime/node_modules/aws-sdk/lib/request.js:685:12)
at Request.callListeners (/var/runtime/node_modules/aws-sdk/lib/sequential_executor.js:115:18)
message: 'The ciphertext refers to a customer master key that does not exist, does not exist in this region, or you are not allowed to access.',
code: 'AccessDeniedException',
time: 2017-09-14T17:35:18.374Z,
requestId: '136515f5-9973-11e7-a6a0-bf9d40e78864',
statusCode: 400,
retryable: false,
retryDelay: 36.392640096935345 }
END RequestId: 1333cc77-9973-11e7-82ee-df1685ee811f
REPORT RequestId: 1333cc77-9973-11e7-82ee-df1685ee811f Duration: 319.12 ms Billed Duration: 400 ms Memory Size: 128 MB Max Memory Used: 33 MB
I can't seem to figure out what specific permission is missing; I've granted KMS:Decrypt to the user and granted access to the resource. The lambda function and the resource are also both in the same region.
Any suggestions would be most appreciated.
cc4f9c96-ed6f-416f-b8ae-86af07ee27a8
e2e0431e-3ee4-4b6a-a92b-1bc5acefbaf6
99f9a7a2-b80a-4582-82bd-2a2c9662d6ef
... I can do this all day ...
@Tsaukpaetra This is actually just Webroot, and not a Trojan ... unless Dell is selling infected computers. It's a brand new PC.
Whenever old people ask me about computers, I:
Since they know me as the "computer young person", I'd at least like to know where the computer started (and capture an image of it).
@Tsaukpaetra Removing webroot is easy in Safe Mode ... but, somehow, impossible - from a UI sense - if you don't hold the original user* and password* that installed the crapware. It's my first time purging this program from OOBE (or SysPrep if you prefer, or whatever, fuck off @blakeyrat ) - if I could escape the boot loop and force a full, normal boot, I could actually fix the problem ....
* held on their website, because raisins
@blakeyrat said in Windows 10 OOBE Stuck in a Boot Loop:
@flabdablet I dunno. I just get that nagging feeling I get when a lot of problems people have with Windows are due to them using it like idiots. Like the people who complain about too many UAC prompts, and it turns out when you talk to them it's because they want to keep all their apps in C:\my_apps_dont_touch instead of Program Files.
If a piece of software requires you to go into Safe Mode to remove it, you're probably:
- Doing legit driver development, in which case you have to just expect that, or
- Doing something horribly grossly wrong, or using software that does something horribly grossly wrong, or
- You have a virus and need Safe Mode to prevent it from locking itself on boot but you don't want to admit it here.
No I get where you're coming from. This is just me trying to remove Webroot.
@blakeyrat OOBE = Out Of Box Experience. You hit Ctrl+Shift+F3 and you can boot as the root, normally locked out Administrator and modify the OS.
It's usually used for producing images for corporations; but I use it when I help someone buy a PC to pre-install software and uninstall the crapware.
@flabdablet I've noticed. I'm about to nuke from orbit. It probably would be quicker than trying to "fix this problem".
I can USB boot to Linux, grab the files from the machine, and just flush this bjorked config down the toilet with my Win10 USB.
@rad131304 Spoke too soon ... stuck at 22% of Reset.
@LB_ I can't actually say I've ever tried to use a text box on another site in Edge ... I rarely use it.
@ben_lubar I no can haz repro on Chrome/stable either.
Looks like an Edge issue.
@ben_lubar Yetti no movez 2 bugz ... I no can haz likez.
OOOOOOH Scrolling up and down causes the problem.
It's like a dumbass made it a toggle.
Edit: not implying you @ben_lubar - but IDK how you actually fuck up that bad to make that happen....
Type the following:
```
```
When you get to the bottom of the second set of
``` go to "home" and press the up arrow key. You ain't going nowhere.
@sloosecannon It's a Dell with a readable service tag; I can always acquire the original drivers (thankfully).
Kind of concerned that this mini nuke + upgrade is going to make me find drivers ... which sounds like work
I'm mostly just shocked I didn't need to do a full nuke and pave ... brave new world of Windows I guess? I was doing precautionary reformats even in Windows 8.
And it even offered me the option to not purge all the things!
@sloosecannon Ah, that's right kick the "failed boot" number to 11. I might have a Linux USB that can help with that ....
power kill did not work - there is a way to kick the forced msconfig boot issue ... I just forget what it is ....
@Tsaukpaetra Like W10 icon shows, briefly flashes a safe mode desktop sometimes, and repeat.
@sloosecannon said in Windows 10 OOBE Stuck in a Boot Loop:
@rad131304 said in Windows 10 OOBE Stuck in a Boot Loop:
@sloosecannon Not gotten to "remove the app" yet.
Oh... uh... so the upgrade borked. Ouch.
Clean reinstall from scratch?
No, upgrade worked fine, I just toggled Safe Mode from msconfig and asked for a reboot while in root Administrator OOBE
@rad131304 So I pushed "Safe Mode" on OOBE from msconfig ... and it doesn't seem to like that.
@sloosecannon Not gotten to "remove the app" yet.
@fbmac Close. "Out Of Box Experience"
I have a Windows 7 laptop that I upgraded to Windows 10 (reasons are not germaine to this discussion).
I needed to uninstall an application from the computer. That application was buried in boot, and requires a "Safe Mode" removal.
I made the mistake of pushing the computer to Windows 10 before the Safe Mode push.
I'm currently at boot # 62.
This is clearly not working.
Does anyone know how to escape OOBE boot loops?
@Captain said in In Which @Captain asks C# Beginner Questions:
I guess I want to be able to write PowerShell scripts, and have the IDE do all the scaffolding, and have Intellisense for PowerShell functions. Ideally within VS so I don't have to learn yet another shitty Windows text editor. VisualStudio is fairly nice anyway.
Why not just use Powershell ISE?
UPDATE:
Much of the problem seems to stem from 2 issues:
I fixed #2 by deploying a Fedora VM instead of trying to use a container ... now trying to figure out what tools I'm missing to get the build to work. Might go with @dse's suggestion of Aboriginal and see if that helps since the error messages are pretty useless.
@ben_lubar Possibly not; but I re-ran it, and it didn't help.
O shit, wait, /opt/[stuff]/bin isn't in my path ... WTF?!?!
or, so why wouldn't:
[root@machine dir]#source ./setupenv
commit to env for root?
@Polygeekery I'm usually not either, but 6.5 only had "container visibility" by extension. My home farm was acting like a schizophrenic gerbil regarding stats, and I finally decided to rebuild it a week ago, and saw 7 was out, so I just said "fuck it" and rebuilt on it.
Edit: Everything spun down and up like a dream, which was awesome.
@Polygeekery said in Tracking down makefile problems:
@rad131304 said in Tracking down makefile problems:
I assume Docker is the offending item here. Xen 7 offers container visibility - you can't yet just run a container on their kernel build. It's a CoreOS VM.
In all fairness, I did not even realize that XenServer was at 7.0 until this post. Adjust appropriately.
It came out like ... 2 weeks ago?
@Polygeekery said in Tracking down makefile problems:
I have nothing constructive to add except that you are double-fucked. I say that as a person who works with XenServer a lot.
I work with Xen every day at work. It's our virtualization infrastructure. It's why I use it at home ... fewer skills to learn.
I assume Docker is the offending item here. Xen 7 offers container visibility - you can't yet just run a container on their kernel build. It's a CoreOS VM.