Made to Order Software Corporation Logo

available

HP Color LaserJet Pro Multifunction M479fdn Laser Printer

My new M479nfd printer, scanner, fax

Click to get this printer on Amazon.com where I'm an affiliate.

Not too long ago, I ordered a new color drump for my old printer and replaced it. Not very long after that the print simply decided to not print at all anymore. Literally, it would pass the page through just fine but it had nothing on the page. I know it was working since it was printinA picture of my old dinosaur printer, also from HP (an L2550 color laser printer)g just fine the day before and there was still plenty of black ink (it would have had the light on if the black was not enough.)

I'm thinking that may have been a ploy by the manufacturer to push me to buy a new printer...

In any event, ...

Safely Processing a Queue of Jobs

What is a Queue

In software a queue is a container which is used to add items on one side and remove them on the other in a very efficient manner.

Sorted Queues

When used by a Journal, a queue is often going to support some kind of sorted order. Some jobs are more important than others and these should be built sooner. In other words, we give those jobs a higher priority and we sort the queue by priority first then using the time at which the job gets inserted.

Note that the C++ std::queue and std::unque containers do not offer anyway to support a priority. Instead you have to use ...

Docker, an advanced chroot utility

Chasm—just like a Docker creates a chasm between two sets of software

SECURITY WARNING

Before installing Docker and containers with services on your Linux system, make sure to read and understand the risks as mentioned on this Docker and iptables page. Especially, Docker will make all your containers visible to the entire world through your Internet connection. This is great if you want to indeed share that service with the rest of the world, it's very dangerous if you are working on that container service since it could have security issues that need patching and such. Docker documents a way to prevent that behavior by adding the following rule to your firewall:

iptables -I DOCKER-USER -i eth0 ! -s 192.168.1.0/24 -j DROP

This means that unless the IP address matches 192.168.1.0/24, the access is refused. The `eth0` interface name should be replaced with the interface name you use as the external ethernet connection. During development, you should always have such a rule.

That has not worked at all for me because my local network includes many other computers on my LAN and this rule blocks them all. So really not a useful idea.

Instead, I created my own entries based on some other characteristics. That includes the following lines in my firewall file:

*filter
:DOCKER-USER - [0:0]

-A DOCKER-USER -j early_forward
-A DOCKER-USER -i eno1 -p tcp -m conntrack --ctorigdstport 80 --ctdir ORIGINAL -j DROP
-A DOCKER-USER -i eno1 -p tcp -m conntrack --ctorigdstport 8080 --ctdir ORIGINAL -j DROP
-A DOCKER-USER -i eno1 -p tcp -m conntrack --ctorigdstport 8081 --ctdir ORIGINAL -j DROP

My early_forward allows my LAN to continue to work. These are my firewall rules that allow my LAN computers to have their traffic forwarded as expected.

Then I have three rules that block port 80, 8080, and 8081 from Docker.

Docker will add new rules that will appear after (albeit not within the DOCKER-USER list) and will open ports for whatever necessary service you install in your Dockers.

Note that the only ports you have to block are ports that Docker will share and that you have otherwise open on your main server. If Docker opens port 5000 and your firewall does not allow connections to port 5000 from the outside, then you're already safe. On my end I have Apache running so as a result I block quite usual HTTP ports from Docker.

Docker

As we are helping various customers, we encounter new technologies.

In the old days, we used chroot to create a separate environment where you could have your own installation and prevent the software from within that environment access to everything on your computer. This is particularly useful for publicly facing services liek Apache, Bind, etc.

Help with version 0.1.7 of Zipios (CVE-2019-13453)

Here is yet another example of why opensource is a really good way of getting things fixed.

Assuming you have a project that is getting used by many, you are likely to see people post issues about bugs and possible enhancements. Your software is even very likely to get improved on its own by enthousiast users. On Github, for example, it is very easy to fork a project (make a copy) and then work on your version of the software. You can then offer a fix to the main authors of the project with a near one to one copy of the project.

In our case, a security professional, Mike Salvatore, was asked ...

Best C++ Books

Once in a while someone will ask me which book is best to start learning programming. The fact is that I do not know because I'm already an advanced programmer and it's rather difficult for me to get back to the basics (it feels like a waste of my time, sorry...)

That being said, at Made to Order Software, we've mainly been a C++ shop. We also do a lot of C, PHP, JavaScript and touch many other languages as required by the tasks we perform (bash, cmake, perl, C#, Java, etc.)

That being said, I wanted to underline some of the best C++ books available today. Especially, in the last ...

Put the label of an HTML Input inside the Input element

Reflection of trees in a mountain lake.

Update:

With HTML5 running on pretty much all platforms, you want to use the placeholder attribute instead of any sort of tricks to place a label inside your input widgets.

This is done like this:

<input type="text" placeholder="Phone Number"/>

This example will show "Phone Number" inside the input box until the user types some text in that box.

You can test with the box right here. This is just that one <input .../> tag I placed in my page HTML. (It is not in a form, but the widget itself will work as expected.)

For additional details, I ...

Brief Overview of CRISC Certification Exam

The CRISC, also known as Certified in Risk and Information Systems Control, is a vendor-neutral certification that validates a professional’s knowledge and experience in the fields of information system control & risk management. The certificate is developed and administered by ISACA and designed for the individuals who work with organizations in mitigating business risks and implement information system controls.

Organizations in today’s world must consistently enhance their infrastructure so that they can survive and thrive in today’s competitive environment. It is a ...

Massive Bug in Intel, AMD, ARM and other Processors in Handling VM Memory

In the last few days, we started hearing about a massive bug in the implementation of the VM memory handling.

Intel has been frantically working on fixing host machines kernels in order to prevent one VM from accessing the memory of other VMs that run on the same machine.

Of course, most users are not going to attempt to read someone else memory so in that sense, most of us are relatively safe. But all of those who are not so lucky and have uninvited guests on their systems are running at very high risk. The information available from Intel says the memory is accessible only in Read mode. ...

Domains For Sale

Once in a while Made to Order Software Corporation has a domains for sale. You will find here the list of such domains when some are available. Click on the links to contact us in regard to such and such domain.

http://www.freehardwarefoundation.org/

http://www.valleyseo.net/

http://www.faxnowonline.com/

http://smsfromme.com/

If you have any question in that regard, feel free to contact us.

Protected Node Rules Support

The following features are available only when installing the Rules extension of protected nodes. This extension requires the thrid party Rules extension for Drupal.

Protected Node Rules Conditions

When handling a Node, it is possible to check whether the node is currently protected or locked.

Protected Nodes

A node is said protected when the node was protected by a password using the Protected node module.

Whether the user can view that node is irrevelant in this case. Only the fact that the node requires a password to be viewed is what this condition checks.

Locked Nodes

A ...