Reading, I was, about a web site security tool from Mozilla, so I had to try it. My site, the one you are on now, rated “D-“. It was no consolation that most sites rate “F”. Within the rating there was this criteria called “Content Security Policy” (CSP) that tweaked my interest.
Content Security Policy: Purpose
A CSP is a policy that you put into the head section of your page that whitelists all the sites that contribute to your page. If someone tries to add something to your page’s content but is not on you CSP, your browser will not load it. This stops a nasty infection of something called “cross site scripting” or XSS.
Yep, very popular hacking tools! Metasploit
Took the install from Rapid7’s site. It all went very well.
To start they had the command “./msfconsole”, which did not work for me. It started with “msfconsole”. The initial run created the initial database. The “db_status” command also worked.
I did not seem to need to do the “service postgresql start” command. I did a search and received a message: Module database cache not built yet, using slow search. To build the cache do “db_rebuild_cache”. This worked, link. Now my searches work.
I started to receive these WordPress URIs after someone read one of my WordPress posts. This confused me. These are connected to WordPress Failure Notices, but not quite.
Playing, I am, with the Nikto web server scanning package. I scanned my own site, just for fun. While it does take some time, it did finish. I wondered how it would look from my site’s raw access log viewpoint. In summary, Nikto is not stealthy at all. It is also easily detected and banned mid-scan, as it takes a long time to complete.
Essentially you start a Terminal, and type “nikto -h “. There are lots of options, such as output to a log. The Nikto output highlights web site vulnerabilities and cross references these with a database of known hacks. Using this tool you can highlight the site’s weaknesses and then strengthen your site from hackers.
I have been playing around with my dropcaps and came upon this reference:
The demos used here are very functional, but imagine the doors to decorative typography this could open up! In principle we’ll be free to use many familiar properties on the initial letter, including:
All familiar font properties
Color and opacity
Text-shadow and other text decoration
Transform properties
and how about some background-clip action?
This got me thinking about using css for movement in general. Which got me thinking about how movement using css, in the wrong hands, could really ruin the user experience.
Due, I was, for a theme change. Ribosome seemed the trick. Here are my very simple theme changes.
Default Enhanced, my last theme from 2009, appealed to my simplicity, but let me down in some ways. I did add to the css for a dropcap and paragraph indent, and did correct the list issues. Otherwise the theme stood the test of time. The change agent was that it lacked responsiveness and was difficult on mobile devices. It was time.
The entertainment space in the world is getting larger and larger. We dropped cable a couple of years ago and use Over the Air (OTA) digital tv. We are not supplementing this with internet video streaming. Yes, you can go directly to Youtube and stream whatever, but there is also another way: the Kodi Media Player. Using Kodi I can now stream live Chinese tv to Canada, when I want.
Kodi: Chinese Language Mandarin Broadcast Status: 2017 July 06
CNTV Live / CCTV, China
Asus Zenfone 2 Z00ADA ZE551ML, camera circuit board, black body of the round selfie camera connector is cracked. This is unrepairable. Photo 8 by Don Tai
Our Asus Zenfone 2 Z00ADA ZE551ML smartphone has a broken camera. The selfie camera simply does not initialize in the camera app, which says it is not there. We wondered why. There are a lot of complaints about this broken camera, so the problem seems common. We decided to take the phone apart, to take a look and ensure that all the electrical connections were tight. What we found was that the electrical socket that connects to the selfie camera was very cracked. The socket is so small as to be irreparable. This socket could not have been damaged by wear and tear, as all the other components around the selfie camera, including the forward facing camera, are in pristine condition.
In my Drupal 8 install I was getting an error about not setting the trusted_host_patterns variable not being enabled, in settings.php. This setting is not under D8 admin control. You need to directly edit the settings.php file. Ok, not difficult.
Unfortunately I was getting a permissions error every time i tried to edit the file. I tried changing the permissions but to no avail. It seems like permissions for the folder above was set too low, so I had to change that first, before I was able to save my changes to settings.php. So I then log in to D8 to see if the change cleared the error. At this point it looks like D8, or my host, reset the folder and settings.php permissions to default. For me, permissions need to be reset every time I need to do a change.
