While playing with my iPhone I uncovered a security hole which allows unmasking any password which is persisted and can be edited.
This hack is verified to work on software version 3.0 and 3.0.1. The example below explains how to unmask an email password one character at a time.
1. Navigate to the password field in the email settings.
2. Delete the last masked character
3. Shake the phone for the undo function and select undo
4. Write down the unmasked character iPhone shows when the delete is undone
5. Delete the character again (password is 1 shorter then before)
6. Hit the home button
7. Goto step 1 and repeat until all characters are unmasked
After unmasking all of the password, place it back in so the owner is none the wiser.
Given the above, I would suggest always using the Passcode Lock feature to prevent a 3rd party from unmasking your passwords. Also it would be nice if Apple fixes this in the next software release.
2009/09/05
2009/06/19
Struts2 and Tomcat security on Ubuntu 9.04.
Errors using Struts2 and Tomcat Security on Ubuntu 9.04.
Here is a sample error:
java.security.AccessControlException: access denied (java.io.FilePermission /var/lib/tomcat6/webapps/struts2-mailreader-2.1.6/WEB-INF/database.xml.new write)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
Easy Answer:
Turn off Tomcats security manger. Change TOMCAT6_SECURITY=yes to TOMCAT6_SECURITY=no in /etc/init.d/tomcat6
Long Answer:
http://tomcat.apache.org/tomcat-6.0-doc/securityanager-howto.html
Here is a sample error:
java.security.AccessControlException: access denied (java.io.FilePermission /var/lib/tomcat6/webapps/struts2-mailreader-2.1.6/WEB-INF/database.xml.new write)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
Easy Answer:
Turn off Tomcats security manger. Change TOMCAT6_SECURITY=yes to TOMCAT6_SECURITY=no in /etc/init.d/tomcat6
Long Answer:
http://tomcat.apache.org/tomcat-6.0-doc/securityanager-howto.html
2009/05/12
Installing Apache2 and Tomcat6 on Ubuntu 9.04
I've had quite a few issues getting Apache to Tomcat to work together on Ubuntu. Finally I've figured out the little differences you need to know when using ubuntu apache and tomcat packages.
1) sudo apt-get install apache2 tomcat6 libapache2-mod-jk
2) sudo vim /etc/apache2/workers.properties
and type/past in:
# Define 1 real worker using ajp13
worker.list=worker1
# Set properties for worker1 (ajp13)
worker.worker1.type=ajp13
worker.worker1.host=localhost
worker.worker1.port=8009
3) sudo vim /etc/apache2/apache2.conf
and type/past in:
# Load mod_jk module
# Update this path to match your modules location
LoadModule jk_module /usr/lib/apache2/modules/mod_jk.so
# Declare the module for (remove this line on Apache 2.x)
#AddModule mod_jk.c
# Where to find workers.properties
# Update this path to match your conf directory location (put workers.properties next to httpd.conf)
JkWorkersFile /etc/apache2/workers.properties
# Where to put jk shared memory
# Update this path to match your local state directory or logs directory
JkShmFile /var/log/apache2/mod_jk.shm
# Where to put jk logs
# Update this path to match your logs directory location (put mod_jk.log next to access_log)
JkLogFile /var/log/apache2/mod_jk.log
# Set the jk log level [debug/error/info]
JkLogLevel info
# Select the timestamp log format
JkLogStampFormat "[%a %b %d %H:%M:%S %Y] "
6) sudo vim /etc/apache2/sites-enabled/000-default
Delete "DocumentRoot /var/www"
And type in
JkMount / worker1
JkMount /* worker1
note, you can use JkUnMount to define directories you want apache to serve
7) Enable port 8009 on tomcat
sudo vim /etc/tomcat6/server.xml
remove the "<!--" that is a line above and the "-->" that is a line below
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
8) restart tomcat
sudo /etc/init.d/tomcat6 restart
9) restart apache
sudo /etc/init.d/apache2 restart
10) wget localhost
You should see the default tomcat page
1) sudo apt-get install apache2 tomcat6 libapache2-mod-jk
2) sudo vim /etc/apache2/workers.properties
and type/past in:
# Define 1 real worker using ajp13
worker.list=worker1
# Set properties for worker1 (ajp13)
worker.worker1.type=ajp13
worker.worker1.host=localhost
worker.worker1.port=8009
3) sudo vim /etc/apache2/apache2.conf
and type/past in:
# Load mod_jk module
# Update this path to match your modules location
LoadModule jk_module /usr/lib/apache2/modules/mod_jk.so
# Declare the module for
#AddModule mod_jk.c
# Where to find workers.properties
# Update this path to match your conf directory location (put workers.properties next to httpd.conf)
JkWorkersFile /etc/apache2/workers.properties
# Where to put jk shared memory
# Update this path to match your local state directory or logs directory
JkShmFile /var/log/apache2/mod_jk.shm
# Where to put jk logs
# Update this path to match your logs directory location (put mod_jk.log next to access_log)
JkLogFile /var/log/apache2/mod_jk.log
# Set the jk log level [debug/error/info]
JkLogLevel info
# Select the timestamp log format
JkLogStampFormat "[%a %b %d %H:%M:%S %Y] "
6) sudo vim /etc/apache2/sites-enabled/000-default
Delete "DocumentRoot /var/www"
And type in
JkMount / worker1
JkMount /* worker1
note, you can use JkUnMount to define directories you want apache to serve
7) Enable port 8009 on tomcat
sudo vim /etc/tomcat6/server.xml
remove the "<!--" that is a line above and the "-->" that is a line below
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
8) restart tomcat
sudo /etc/init.d/tomcat6 restart
9) restart apache
sudo /etc/init.d/apache2 restart
10) wget localhost
You should see the default tomcat page
back but mostly for me
So I'm going to start posting again, however most is likely to be computer stuff for work/fun. I just want to document issues/solution I've had, so others can avoid spending to much time on them.
2007/04/13
Sail, peddle and Kayaking.
Time for more crazy Rob ideas. I really want to purchase a Hobie sailing, peddle kayak. Guess I can't wait to get out on the water this summer and have some fun.
Here is a good review. I only need to solve a few problems:
1) affording the whole kit
2) transporting by miata or finding affordable storage
2007/02/02
TO DIE GAME
With my upcome trip to North Carolina I decided find a book about some of it's local history on Amazon. I couldn't be more delighted by digging up To Die Game: The Story of the Lowry Band, Indian Guerrillas of Reconstruction. What a cover, which by you would never guess it's professional work by a Cal Poly Pomona professor and published by Syracuse University Press. You can't roll your eyes at this one ladies, it's a product of serious academic research :-)
2007/01/25
Tagged
I thought this IM converstaion was quite cute:
(10:25:52 AM) e#######: tagged you to come up with five random things on your blog
(10:25:56 AM) e#######: you have to do it
(10:25:58 AM) e#######: :)
(10:26:04 AM) R######: humm
(10:26:21 AM) R######: 1. I blog sporadically
(10:26:56 AM) R######: 2. I'm a #######, who's primary ########### is a #####
(10:28:56 AM) R######: 3 Not only did I lived out of a ### ### ######, but I had a "####" #####
(10:30:12 AM) R######: 4 ####### ### ## #######, but currently make more ##### than any of my ####### #####, in their ######
(10:30:27 AM) R######: “#####” ###### (OJ Simpson)
(10:30:55 AM) R######: 5 I own the address ##########@##########.###
(10:31:00 AM) e#######: Ummmm....how about five things that don't make you sound like a whacko :)
(10:31:09 AM) R######: humm.....now do you really want me to blog?
(10:31:14 AM) e#######: booo
(10:31:26 AM) R######: sorry
(10:31:56 AM) e#######: here are five nice things you could say:
(10:32:14 AM) e#######: 1. Worked on a ranch breaking race horses in my youth
(10:32:28 AM) e#######: 2. Was once a full time rock-climber in the sierras
(10:32:39 AM) e#######: 3. I have a birthmark on my chin
(10:33:38 AM) e#######: 4. I enjoy medium format photography
(10:33:51 AM) e#######: 5. I don't like to eat leftovers
(10:33:59 AM) e#######: ta daaa!
It's quite nice have Emily remind me I'm not a complete wacko :-)
(10:25:52 AM) e#######: tagged you to come up with five random things on your blog
(10:25:56 AM) e#######: you have to do it
(10:25:58 AM) e#######: :)
(10:26:04 AM) R######: humm
(10:26:21 AM) R######: 1. I blog sporadically
(10:26:56 AM) R######: 2. I'm a #######, who's primary ########### is a #####
(10:28:56 AM) R######: 3 Not only did I lived out of a ### ### ######, but I had a "####" #####
(10:30:12 AM) R######: 4 ####### ### ## #######, but currently make more ##### than any of my ####### #####, in their ######
(10:30:27 AM) R######: “#####” ###### (OJ Simpson)
(10:30:55 AM) R######: 5 I own the address ##########@##########.###
(10:31:00 AM) e#######: Ummmm....how about five things that don't make you sound like a whacko :)
(10:31:09 AM) R######: humm.....now do you really want me to blog?
(10:31:14 AM) e#######: booo
(10:31:26 AM) R######: sorry
(10:31:56 AM) e#######: here are five nice things you could say:
(10:32:14 AM) e#######: 1. Worked on a ranch breaking race horses in my youth
(10:32:28 AM) e#######: 2. Was once a full time rock-climber in the sierras
(10:32:39 AM) e#######: 3. I have a birthmark on my chin
(10:33:38 AM) e#######: 4. I enjoy medium format photography
(10:33:51 AM) e#######: 5. I don't like to eat leftovers
(10:33:59 AM) e#######: ta daaa!
It's quite nice have Emily remind me I'm not a complete wacko :-)
2006/12/05
Rainbow Six Vegas
I've enjoyed the tactical first person video games in the past and the thought of taking down terrorist in Vegas was just to much to resist. Last night I broke down and bought a xbox 360 :-)
I suspect women everywhere might be happier if Tom Clancey wasn't so good at marketing war based books and video games.
2006/11/26
Advent Pro
Picked up this 2450 cubic inch pack for some ultra lightweight backpacking that’s been on closeout at several places including mgear.com. Being an adventure race pack it’s designed to quick packing and lashing, which really means too many zippers, bungee and mesh pockets to be a true ultra lightweight backpack. Despite all the extras Gregory was able to keep the weight down to 2lb 8 oz using a super lightweight pack material. After loading up the pack with 2 sleeping bags and two gallons of water, a stove and a few extra clothes pieces of clothing I pretty sure I could make it work for up to a week. Lack of an easy to reach water bottle pocket is the only real annoyance I’ve had so far. So I’m forced to use a hydration system. The newer version of this pack does away with the sleeping bag zipper and is 1 oz heavier, so pick up the closeout model if you think you might want one for backpacking.
2006/11/21
2006/11/13
Evernew Titanium Teapot
Decided It was time I owned a titanium pot for backpacking. Ended up getting a Teapot, that would double as a bowl. Now I have to figure our what kind of fleece would make a good cozy? Any suggestions?
2006/11/08
Crabby Critic
2006/11/07
VX-7R
So what was it that motivated me to get my Amateur Radio license? After dragging out my cheap shortwave radio and not able being able to tune even local FM stations well, I started looking at a few high end shortwave radios. Seeing how much they could run I decided that for a little more money I could get a radio that could also work as a Ham radio and if I threw in just a little more I could also have a hand held marine radio. Well if I'm going to spend all that money I might as will get a license to use it ;-)
For the supper teck geeks I'll post some of the selling points of my new radio:
The VX-7r features a rugged magnesium case with rubber bumpers and gaskets. It clearly sets the standard in ruggedness, versatility and water resistance. It is actually submersible (3 feet for 30 minutes).
Utilizing a reliable FET power amplifier circuit, the VX-7R provides a full 5 Watts of power output on the 50, 144, and 430 MHz Amateur bands, with bonus coverage of the 222 MHz band at 300 mW (USA version Only) of power output. And for 6-meter. AM enthusiasts, you also get 1 Watt of carrier power on the 50 MHz band! Four power levels may be selected, for optimum battery life.
The VX-7R is capable of four modes of Dual Receive, including simultaneous reception on (1) two VHF frequencies; (2) two UHF frequencies; (3) one VHF and one UHF frequency; or (4) one General Coverage frequency and one Ham frequency. And when a call is received on the Main band, you can set up the VX7R to reduce the audio level on the Sub band, if you like!
With continuous AM/FM reception coverage of 500 kHz to 999 MHz (cellular frequencies are blocked and non-restorable), the VX-7R is ideal for monitoring HF shortwave broadcasts, the AM and FM Broadcast bands, plus a wide variety of Marine, Public Safety, and Government bands. And special memory banks for the Weather, Marine, and Shortwave bands make station selection effortless!
-- Whew that was a lot tech speak!
2006/11/06
KI6GFR
Two weeks ago I decided to earn my amateur radio license. Last night Rich Greenwood was driving out of San Francisco and decided to see if I could actually put my license to work. Well after about a minute of fiddling with my little 5 watt radio and trying different repeaters I managed to make contact with his mobile rigg about 10 miles away. Thanks for helping Rich! Tomorrow I'll blog about my radio and also explain why I decided to geek out.
2006/10/18
AlertSF
AlertSF will send tsunami alerts, severe weather/flooding notifications and post-disaster information to your registered wireless devices and email accounts. AlertSF lets one register work email, home email and cell phones. Also allowing you to choose multiple zip codes for to receive alerts for places you work, live and commonly play hang out.
If you live in SF it would be silly not to sign up. For those outside of SF you should suggest your local municipals look to AlertSF and 72hours.org as models for community emergency preparedness.
2006/10/12
Pump-Kin!
I thought a few of the ladies might enjoy reading about 30 ways to eat a pumpkin. Note to the boys #30 is pumpkin beer :-)
2006/10/10
Dreaming of dream homes
I'm feeling sick today and rather be hanging out at home instead of working. However work pays the bills and might let me afford a place like this someday:
http://www.treehugger.com/files/2006/10/optimal_green_m_2.php
2006/10/05
Generation Adventure
Trent has reanimated his blog Generation Adventure:
http://generation-adventure.blogspot.com/. Take a chance and check it out.
2006/10/04
Lost
Many reviewers have been wondering if Lost would have the staying power for a third season. After seeing the third season opener I’m hooked, fish line and sinker.
2006/10/03
Moots goes crazy for adventure specialist Mike Curiak
Trent was kind enough to send along this link. Half
way down the page is a bike with a integrated 1.5 liter fuel bottle top tube. Not a shabby idea for
500 mile solo Alaskan ride. For the rest of us, I wouldn’t mind seeing a top tube that held compressed air for refilling tires. Sure would make getting home on my epic 25 mile bike rides easier :-)
Subscribe to:
Posts (Atom)
