Miscellaneous Tech News
-
@NerdyDad said in Miscellaneous Tech News:
@wrx7m said in Miscellaneous Tech News:
FYI - I ran into this last week -
When starting Veeam Backup and Replication console, you get an error "Failed to check certificate expiration date"
Fix is to create a new certificate.
Recent email from Veeam states that they are going to implement a 10-year certificate in Update 4.
The first bug is very annoying, because it will impact everyone who's using the default self-signed certificates, which is unfortunately the majority. As a reminder, we use those certificates to implement secure communication between backup infrastructure components, as well as with managed backup agents. And while we do provide the ability to select or import your own certificate, most don't worry about this and just keep the default certificate that is automatically generated when you install Veeam Backup & Replication. This certificate is set to expire in 1 year from its creation date, and due to some bugs you will see artifacts of its expiration 1 year after your Update 3 installation date. Which means, this will hit many of you in the next few weeks, and may make it a not very merry Christmas, unless you act now!
Assuming you have Update 3a installed, first thing you will see at 11 months after Update 3 installation time will be the "Failed to check certificate expiration date" error message upon opening the backup console. The UI is trying to tell you that the certificate is about to expire, but the logic of this falls through to the universal message for all unhandled exceptions (which is why it does not make much sense). If you ignore this message, everything will continue to work fine for another month, after which the agent management functionality, as well as all granular restores will start failing. Luckily, the issue is super easy to fix by simply generating a new certificate, which takes just a few clicks. So don't wait, and do it at your earliest convenience. Needless to say, we've fixed the related bugs in the Update 4 (and also bumped the self-signed certificate expiration date to 10 years). Here's the official Veeam support KB article for this issue > KB2806
-
@NerdyDad Yes sir. I saw that last night. They didn't have that KB article when I experienced the issue. I saw on their forums that someone had been advised by tech support to create a new cert. Then I saw the email and the explanation behind what had happened. It all makes sense.
Per the email update:
"The first bug is very annoying, because it will impact everyone who's using the default self-signed certificates, which is unfortunately the majority. As a reminder, we use those certificates to implement secure communication between backup infrastructure components, as well as with managed backup agents. And while we do provide the ability to select or import your own certificate, most don't worry about this and just keep the default certificate that is automatically generated when you install Veeam Backup & Replication. This certificate is set to expire in 1 year from its creation date, and due to some bugs you will see artifacts of its expiration 1 year after your Update 3 installation date. Which means, this will hit many of you in the next few weeks, and may make it a not very merry Christmas, unless you act now!
Assuming you have Update 3a installed, first thing you will see at 11 months after Update 3 installation time will be the "Failed to check certificate expiration date" error message upon opening the backup console. The UI is trying to tell you that the certificate is about to expire, but the logic of this falls through to the universal message for all unhandled exceptions (which is why it does not make much sense). If you ignore this message, everything will continue to work fine for another month, after which the agent management functionality, as well as all granular restores will start failing. Luckily, the issue is super easy to fix by simply generating a new certificate, which takes just a few clicks. So don't wait, and do it at your earliest convenience. Needless to say, we've fixed the related bugs in the Update 4 (and also bumped the self-signed certificate expiration date to 10 years). Here's the official Veeam support KB article for this issue > KB2806
" -
@NerdyDad LOL - You beat me to posting the the email excerpt. I had to reboot the server to get agent for windows to backup after changing the cert. Just figured that out after a week of troubleshooting the agent from the client side.
-
Google expands eSIM support on the Pixel 3 to Sprint and several international carriers
Google became the first smartphone company to support built-in eSIMs with its Project Fi (now Google Fi) network last year. Now, it’s expanding that even further with the announcement of several new carriers around the world that will support the feature.
In addition to Google Fi, Google is adding support for Sprint in the US, EE in the UK, Airtel and Reliance Jio in India, and Truphone and Gigsky in various other countries over the next few months. In Germany, Deutsche Telekom and Vodafone will actually join Fi in offering the option to buy a Pixel 3 with an eSIM for those carriers sometime “soon.”
-
Linux Mint 19 Beta 1
https://www.omgubuntu.co.uk/2018/12/linux-mint-19-1-beta-download -
-
Hackers breach Quora.com and steal password data for 100 million users
Other stolen personal data includes names, email addresses, and direct messages.
Brace yourself for yet another massive data breach. Quora.com, a site where people ask and answer questions on a range of topics, said hackers breached its computer network and accessed a variety of potentially sensitive personal data for about 100 million users.
-
iOS apps used Touch ID feature to trick users into paying hefty fees
Apple gives two scam apps the boot after they come to light.
The offending “Fitness Balance app” and “Calories Tracker app” promised to calculate body mass index, monitor calorie intake, and provide other health-related services. With no advanced warning, according to Reddit posts here and here, the apps charged users fees of $99.99, $119, or 139 Euros, depending on the country of the user. Users who had a credit or debit card connected to their Apple account were immediately billed.
The scam worked by displaying a message as soon as the app was opened. It told users to scan their fingerprint to view a calorie tracker or receive another personal service. When users complied, the apps displayed a popup window that said they had been charged a fee. Less than two seconds later, the popup disappeared, but by then it was too late for many users. Anyone with a card linked to their Apple account was already charged.
“So what it does is ask you to keep your finger at the fingerprint, and then the popup for paying for the app shows up,” a Reddit user with the handle kristikoroveshi94 reported. “Since you have already your finger there, the payment continues. And damn what a price this shitty app has. Luckily I don’t have a linked card or paying account.”
-
AT&T makes it more expensive to cancel DirecTV or Internet service
AT&T: No more prorated final bills when you cancel DirecTV, Internet, or phone.
-
-
CentOS Linux 7 (1810)
-
@black3dynamite said in Miscellaneous Tech News:
Proxmox 5.3
https://www.proxmox.com/en/news/press-releases/proxmox-ve-5-3They're still going? Makes me wonder about their customers sometimes.
-
@travisdh1 said in Miscellaneous Tech News:
@black3dynamite said in Miscellaneous Tech News:
Proxmox 5.3
https://www.proxmox.com/en/news/press-releases/proxmox-ve-5-3They're still going? Makes me wonder about their customers sometimes.
I was reading this blog post and they gloat about having something like 230,000 installations, and over 13,000 customers.
Seems like an odd thing to gloat about as that is less than 1% of 1% of the market.
-
@mlnews said in Miscellaneous Tech News:
Hackers breach Quora.com and steal password data for 100 million users
Other stolen personal data includes names, email addresses, and direct messages.
Brace yourself for yet another massive data breach. Quora.com, a site where people ask and answer questions on a range of topics, said hackers breached its computer network and accessed a variety of potentially sensitive personal data for about 100 million users.
Man - we really need to move to a system that doesn't require websites to have any private data on them, or at least very little.
I really hope SQRL takes hold - getting rid of at least the password would be a great start.
-
Necuno is a New Open Source Smartphone Running KDE
It’s been more than two years since Ubuntu’s dream of creating a Linux smartphone was shattered. But it hasn’t discouraged others from trying their own hands on a Linux-based smartphone. Librem 5, the privacy-focused Linux-based smartphone, should be arriving in 2019. Even Pine64 is aiming for a budget Linux smartphone. And now one more player has joined the party.
Finland based Necuno Solutions has announced that it is collaborating with KDE to bring Plasma Mobile to the Necuno Mobile.
-
@DustinB3403 said in Miscellaneous Tech News:
@travisdh1 said in Miscellaneous Tech News:
@black3dynamite said in Miscellaneous Tech News:
Proxmox 5.3
https://www.proxmox.com/en/news/press-releases/proxmox-ve-5-3They're still going? Makes me wonder about their customers sometimes.
I was reading this blog post and they gloat about having something like 230,000 installations, and over 13,000 customers.
Seems like an odd thing to gloat about as that is less than 1% of 1% of the market.
I did use ProxMox at one time. That was before XenServer was made open source. Was very not impressed with them at the time. They insisted that software RAID is always bad, and tried to remove the option from their installer. Thankfully, there was no possible way for them to remove it from the kernel!
-
@Dashrender said in Miscellaneous Tech News:
@mlnews said in Miscellaneous Tech News:
Hackers breach Quora.com and steal password data for 100 million users
Other stolen personal data includes names, email addresses, and direct messages.
Brace yourself for yet another massive data breach. Quora.com, a site where people ask and answer questions on a range of topics, said hackers breached its computer network and accessed a variety of potentially sensitive personal data for about 100 million users.
Man - we really need to move to a system that doesn't require websites to have any private data on them, or at least very little.
I really hope SQRL takes hold - getting rid of at least the password would be a great start.
I've heard of SQRL before. It's an interesting concept if nothing else...
https://www.grc.com/sqrl/sqrl.htm has a good explanation of it. -
@dafyre said in Miscellaneous Tech News:
@Dashrender said in Miscellaneous Tech News:
@mlnews said in Miscellaneous Tech News:
Hackers breach Quora.com and steal password data for 100 million users
Other stolen personal data includes names, email addresses, and direct messages.
Brace yourself for yet another massive data breach. Quora.com, a site where people ask and answer questions on a range of topics, said hackers breached its computer network and accessed a variety of potentially sensitive personal data for about 100 million users.
Man - we really need to move to a system that doesn't require websites to have any private data on them, or at least very little.
I really hope SQRL takes hold - getting rid of at least the password would be a great start.
I've heard of SQRL before. It's an interesting concept if nothing else...
https://www.grc.com/sqrl/sqrl.htm has a good explanation of it.Steve Gibson has been working on it for I don't know how many years now. While he's not the greatest person to take security advice from, he's an excellent programmer with a large support base which should eventually release a great tool in SQRL.
-
@travisdh1 said in Miscellaneous Tech News:
@dafyre said in Miscellaneous Tech News:
@Dashrender said in Miscellaneous Tech News:
@mlnews said in Miscellaneous Tech News:
Hackers breach Quora.com and steal password data for 100 million users
Other stolen personal data includes names, email addresses, and direct messages.
Brace yourself for yet another massive data breach. Quora.com, a site where people ask and answer questions on a range of topics, said hackers breached its computer network and accessed a variety of potentially sensitive personal data for about 100 million users.
Man - we really need to move to a system that doesn't require websites to have any private data on them, or at least very little.
I really hope SQRL takes hold - getting rid of at least the password would be a great start.
I've heard of SQRL before. It's an interesting concept if nothing else...
https://www.grc.com/sqrl/sqrl.htm has a good explanation of it.Steve Gibson has been working on it for I don't know how many years now. While he's not the greatest person to take security advice from, he's an excellent programmer with a large support base which should eventually release a great tool in SQRL.
Purely out of curiosity, what makes us feel he is a great programmer? That's pretty hard to judge even when a programmer works for you, let alone from the outside. Have you been to his website? Doesn't give a "real programmer" feel to it.
Dont' get me wrong, he might be amazing. But just from looking at his career and what his company has produced, none of it is necessarily tied to him. It's hard to tell if he's even been a programmer himself post 1980. He owns a company that makes software. Or at least founded it. But you can't tell if he's programming it.
-
@scottalanmiller said in Miscellaneous Tech News:
@travisdh1 said in Miscellaneous Tech News:
@dafyre said in Miscellaneous Tech News:
@Dashrender said in Miscellaneous Tech News:
@mlnews said in Miscellaneous Tech News:
Hackers breach Quora.com and steal password data for 100 million users
Other stolen personal data includes names, email addresses, and direct messages.
Brace yourself for yet another massive data breach. Quora.com, a site where people ask and answer questions on a range of topics, said hackers breached its computer network and accessed a variety of potentially sensitive personal data for about 100 million users.
Man - we really need to move to a system that doesn't require websites to have any private data on them, or at least very little.
I really hope SQRL takes hold - getting rid of at least the password would be a great start.
I've heard of SQRL before. It's an interesting concept if nothing else...
https://www.grc.com/sqrl/sqrl.htm has a good explanation of it.Steve Gibson has been working on it for I don't know how many years now. While he's not the greatest person to take security advice from, he's an excellent programmer with a large support base which should eventually release a great tool in SQRL.
Purely out of curiosity, what makes us feel he is a great programmer? That's pretty hard to judge even when a programmer works for you, let alone from the outside. Have you been to his website? Doesn't give a "real programmer" feel to it.
He's had lots of code freely available for longer than I can remember, go review it.
Ah, the website. Being a good programmer doesn't mean you're a good designer/artist. I'm with you on the website, it's just sad.