Made to Order Software Corporation Logo

Alexis Wilke's blog

Massive Bug in Intel, AMD, ARM and other Processors in Handling VM Memory

In the last few days, we started hearing about a massive bug in the implementation of the VM memory handling.

Intel has been frantically working on fixing host machines kernels in order to prevent one VM from accessing the memory of other VMs that run on the same machine.

Of course, most users are not going to attempt to read someone else memory so in that sense, most of us are relatively safe. But all of those who are not so lucky and have uninvited guests on their systems are running at very high risk. The information available from Intel says the memory is accessible only in Read mode. ...

Avoid automatic translation of Facebook posts

Once more today my French friend's post was translated.

French is my mother tongue so I sure don't need the automatic translation for French on my Facebook wall. I also like to read a couple other languages, even if I'm not at the best level I only need a little help with a few words here and there, so I like to have those in the original language to improve. The more you read a language the more you learn about it. Same if you live in a country and start talking with people there. You're going to learn a lot more that way than staying at home and not talking to anyone any ...

PHP eFax requires "ssl://" on RedHat EL7

We found out today that RedHat LE7 requires the use of the "ssl://" protocol instead of the default we use of "tls://".

If you have a RedHat server, please make sure to edit the http_request.php file and search for "tls:". Then replace it with "ssl:".

The TLS protocol is defined in RedHat, but somehow it looks like PHP does not define it. The stream_socket_client() function returns immediately with an $errno = 0 and $errstr = "" and absolutely no other indications to what is wrong when that happens.

So in our PHP eFax, you need to do that ...

The set_fax_id() function PHP e-Fax must be given unique IDs, each time.

Fax button on an old type of fax machine

The PHP eFax system uses a class that ease the communication between your software and eFax. The developer system is not too complicated, but there are tricks to it and the class hides most of them.

Today a customer contacted us as they just purchased a copy of our PHP library and had problems sending faxes. The fact is that they used the set_fax_id() function with a hard coded string. Imagine doing something like:

$efax->set_fax_id("Test Fax");

This looks pretty good, only after the second time the sending of the fax will fail because eFax considers that it was already ...

PHP e-Fax requires valid SSL certificates (failed with code 1)

As e-Fax is updating their systems further to be compliant with various security systems, some new problems may arise on your servers.

The main one is an SSL error that is quite unclear.

Warning: stream_socket_client(): SSL operation failed with code 1. OpenSSL Error messages: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed in /path-to-php-efax/http_request.php on line 294

As we can see, the error mentions a server certificate function and says it could not verify a certificate.

If your server is not 100% up to date with newest SSL versions or your web ...

Make sure your Thunderbird does not use SSL to avoid POODLE attack

A few days ago the news that SSLv3 was no good came out. The protocol allows for patterns that can be used by a hacker to decipher an encrypted message without the need for the private key. In other words, encryption using SSLv3 is no good (anymore--it never was, but we know this only now.)

We fixed our Apache2 settings, for those interested, you just have to turn off SSLv3 with the following setting:

SSLProtocol all -SSLv2 -SSLv3

Although to really remove all the encryption methods that are not that secure (can easily be cracked) you also want to change the list of ciphers with:

 ...

Another reason to like SeaMonkey!

As I mentioned before, I like to use SeaMonkey. In general, browsing wise, it is very much like Firefox so that's good for those people who like Firefox, they can switch without losing much else than the location where the toolbar buttons are (Quite a few are in different places).

The thing I discovered today, though, is really cool. I put a path to an email saved on my disk to see whether the HTML in that email was valid or not and it loaded at once. Just before hitting Enter I though, wait... I probably should remove the email header. Nope. No need. It actually recognized the data and ...

CAPTCHA is not working against all robots anymore but...

Also many reCAPTCHAs are being bypassed, it still work against robots.

The main reason for the bypass is the fact that some people get paid to resolve those reCAPTCHAs. In other words, some people are offered a job to do just that! They go to a computer, resolve many reCAPTCHAs and get paid something like 2 cents per successful resolutions. The result is that websites with reCAPTCHAs still receive a lot of spam!

Yet, when a stupid robot (opposed to a person) access the site, the robot tries again and again from the same computer. This means we'll get many failures from the same IP ...

US Zip Code overlay on Google Maps

Today I had a need to find out a set of zip codes that would match a delivery area for one of my customers. I was wondering how could I find out all the zip codes over a given area...

Searching a little bit I found a website named zipmap which actually does just that. The entire US is covered and you can navigate it just like you navigate a regular Google Map view. Very practical!

You can easily move around, zoom in and out, and you even see the map with street names in the background.

Bad Google Indexing "Secure" Pages...

About a week ago I got a customer who started having their website appear in Google with HTTPS (the secure version of the site.) The pages are served securily, but it uses our website certificate so you get a big bad error saying that everything is broken and if you proceed you'll know what hell is like.

"This Connection is Untrusted" by FireFoxThe fact is that this customer never had a secure certificate. In other words, there is no reason for the site to have been referenced with HTTPS unless someone typed a link to their site and inadvertendly entered https://... instead of http://...

I checked a few of the pages where there ...

Syndicate content Syndicate content