table td.shrink {

white-space:nowrap

}

New hosts

There were no new hosts this month.

Last Month's Shows

Id

Day

Date

Title

Host

3803

Wed

2023-03-01

Chatbot hallucination

dnt

3804

Thu

2023-03-02

2022-2023 New Years Show Episode 2

HPR Volunteers

3805

Fri

2023-03-03

Document File Formats on Wikipedia

Archer72

3806

Mon

2023-03-06

HPR Community News for February 2023

HPR Volunteers

3807

Tue

2023-03-07

PeePaw builds a computer

Brian in Ohio

3808

Wed

2023-03-08

Funkwhale A social platform to enjoy and share music

Ken Fallon

3809

Thu

2023-03-09

The Abominable Post Apocalyptic Podcast Player

Mechatroniac

3810

Fri

2023-03-10

Clifton, Arizona

Ahuka

3811

Mon

2023-03-13

mkfifo and named pipes

Klaatu

3812

Tue

2023-03-14

An alternative method to the big box store way of setting up an

aquarium.

You don't need a bunch of equipment, chemicals, or experience to have

a balanced thriving aquarium that not only runs itself after a period of

time, but is a healthier environment for your aquatic creatures and will

be a great conversation piece.

Learn how to emulate nature so that everything works together in its

own ecosystem from the bottom up. Only a little bit of patience is

needed.

Episode #4

Massachusetts Comprehensive Assessment System

https://www.mass.gov/parents-guide-to-the-mcas

https://en.wikipedia.org/wiki/Massachusetts_Comprehensive_Assessment_System

Standardized Testing Was Invented In Massachusetts

https://ed.lehigh.edu/news-events/news/history-standardized-testing

GED Exam

https://ged.com/about_test/test_subjects/

https://en.wikipedia.org/wiki/General_Educational_Development

Alternative High Schools

https://blog.prepscholar.com/alternative-high-schools

Umbrella Revolution

https://time.com/3471366/hong-kong-umbrella-revolution-occupy-central-democracy-explainer-6-questions/

https://en.wikipedia.org/wiki/Umbrella_Movement

Learning the Finnish Language

https://finland.fi/life-society/how-the-heck-do-you-learn-finnish-part-1/

https://herfinland.com/finnish-language-learning/

France Bans Google Drive In Schools

https://www.theregister.com/2022/11/22/france_no_windows_google/

https://gettotext.com/office-365-and-google-drive-are-not-welcome-in-french-schools-even-if-they-are-free/

Windows Me (Windows Millennium Edition)

https://en.wikipedia.org/wiki/Windows_Me

https://www.howtogeek.com/688861/windows-me-20-years-later-was-it-really-that-bad/

Windows 2000

https://en.wikipedia.org/wiki/Windows_2000

Windows 95

https://en.wikipedia.org/wiki/Windows_95

FreeDOS

https://www.freedos.org/

BOX 86

https://box86.org/

React OS

https://reactos.org/

WINE

https://www.winehq.org/

Proton

https://github.com/ValveSoftware/Proton

https://www.tomshardware.com/how-to/game-with-steam-on-linux

https://www.protondb.com/

Windows XP

https://en.wikipedia.org/wiki/Windows_XP

Windows 7

h

How it works

https://docs.gitlab.com/ee/user/project/pages/

GitLab always deploys your website from a specific folder called

public in your repository. To deploy your site, GitLab uses its built-in

tool called GitLab CI/CD to build your site and publish it to the GitLab

Pages server. The sequence of scripts that GitLab CI/CD runs to

accomplish this task is created from a file named .gitlab-ci.yml, which

you can create and modify. A specific job called pages in the

configuration file makes GitLab aware that you're deploying a GitLab

Pages website.

Overview of Steps

The end state has to be a directory named public that contains the

site contents

Optionally, run a build process in a container to create the

contents of the public directory

There has to be a pages declaration in

.gitlab-ci.yml

Example 1

simple demo

Create the Git repo and site content

Go to gitlab and create new Gitlab repo

Clone it to your workstation

Add public folder with site files

add .gitlab-ci.yml

Commit and push

git clone [email protected]:norrist/simple_pages_demo.git

cd simple_pages_demo/

mkdir public

echo "Hello World" > public/index.html

git add public/

vim .gitlab-ci.yml

git add .gitlab-ci.yml

git commit -am "new page"

git push

.gitlab-ci.yml

pages:

stage: deploy

script:

- echo

artifacts:

paths:

- public

Pages settings

Menu on left, Settings, Pages

Your pages are served under:

Example 2

docs.norrist.xyz

Combine my HPR show notes into a single page

Custom Domain

Verified with TXT record

.gitlab-ci.yml

image: "debian"

before_script:

- apt-get update

- apt-get install -y pandoc

stages:

- build

pages:

stage: build

script:

- bash build_html.sh

artifacts:

paths:

- public

set -euo pipefail

IFS=$'nt'

mkdir -pv public

for MD in $(ls *md)

do

echo

# echo "---"

# echo

# echo "#" $MD

echo

echo "---"

echo

cat $MD

done

|pandoc

-H markdown.header

-B body.header

--toc

--toc-depth=1

-f gfm

-t html

-o public/index.html

Example 3

HPR static

Build the new HPR static site

.gitlab-ci.yml

services:

- mariadb

variables:

MYSQL_DATABASE: hpr_hpr

MYSQL_ROOT_PASSWORD: mysql

connect:

stage: .pre

image: mysql

script:

- echo "SELECT 'OK';" | mysql --user=root --password="$MYSQL_ROOT_PASSWORD" --host=mariadb "$MYSQL_DATABASE"

pages:

image: debian

before_script:

- apt update

- apt -y install libgetopt-complete-perl libmemory-usage-perl libconfig-std-perl libtemplate-perl libtemplate-plugin-dbi-perl libclass-dbi-perl libtie-dbi-perl libdbd-mysql-perl libdate-calc-perl

- apt -y install curl mariadb-client git

- curl -o hpr.sql http://hackerpublicradio.org/hpr.sql

- mysql --user=root --host=mariadb "$MYSQL_DATABASE" --password="$MYSQL_ROOT_PASSWORD" < hpr.sql

stage: build

script:

- git clone https://gitlab.com/roan.horning/hpr_generator.git

- cd hpr_generator

- git apply ../mysql_settings.patch

- grep "database|user|driver|password" site.cfg

In December of 2022, I traveled to Hong Kong, at some point en-route

or in-country, I contracted covid.

Backing up a step in preparation for

the trip I was required to have a negative PCR before I could board

the plane from the US as well as proof of vaccination and at least

one booster shot.

HKSAR Department of Health - Health Declaration Form

(https://hdf.chp.gov.hk/dhehd/hdf.jsp?lang=en-us)

Upon arrival, I was required to quarantine for 3 days as well as take a home test (referred to as RAT: Rapid Antigen Test, by the locals) every day for the first 7 days

On the 2nd full day in HK, I was required to take another clinical PCR provided at a health center, free of charge.

On the third day I received my PCR and RAT tests as Covid Positive.

By law I was now required to quarantine in my hotel until I tested negative on 2 consecutive days. Since my symptoms were very mild, a sniffle and low grade temp, merely 2-3 deg above normal, I could stay in the hotel and was not required to

transfer to a public health center.

I was also required to register the positive results with a government website. This registration kicked off a series of events, including a visit from a health representative. (he stood in the hall, I was not permitted to leave the room) I was Required to install an app on my phone called "Stay Home Safe'' and to wear a wristband that I presume was a GPS and possibly temp/pulse tracking device that connected to my phone by bluetooth. The agent installed the app, and synced the watch to it.

The complete shownotes are available downloaded from http://bookewyrmm.42web.io/covid.html

The Oh No! news.

Oh No! News, is Good

News.

Threat analysis; your attack surface.

TAGS: Malware, Phishing, Security Breach

GoDaddy, a Web Hosting Provider Hit Multiple Times by the

Same Group.

This month, GoDaddy, a leading web hosting provider, revealed that

it had experienced a major security breach over several years, resulting

in the theft of company source code, customer and employee login

credentials, and the introduction of malware onto customer

websites.

Major Security Breach: Spanning several years.

Data Breach:

Employee login credentials & customer data.

10-k

form Filled with the U.S. Securities and Exchange Commission.

sec:

GoDaddy Announces Security Incident Affecting Managed WordPress

Service.

Malware:

Compromising customer websites managed by GoDaddy.

Phishing Attacks: Exposed customer data including login credentials,

email addresses, and SSL private keys.

Chick-Fil-A Customers are Victims of a Data Breach.

Fast-food chain Chick-fil-A has issued a warning to customers

regarding a recent data security breach. The incident occurred between

Dec. 18, 2022 and Feb. 12, 2023, during which unauthorized parties

gained access to customer information, according to a statement posted

on the California Attorney General’s website on Tuesday.

Data Breach:

membership numbers, mobile pay numbers, QR codes, last 4 digits of

credit/debit card numbers, credits on Chick-fil-A accounts, birthdays,

phone numbers, and addresses.

New phishing campaign uses fake ChatGPT platform to scam

eager investors.

Bitdefender Antispam Labs confirmed that these scams initiate with

an email containing a link that directs users to a copycat version of

ChatGPT. The goal of this copycat version is to convince users that they

can earn as much as $10,000 per month on the duplicate ChatGPT

platform.

Phishing: Email

based scam.

LassPass Security Incident Update and Recommended

Actions.

Major Security Breach: Spanning multiple years.

Data Breach:

Employee login credentials, source code & other intellectual

property, customer data.

Malware:

Attackers exploited third-party software to compromise company systems

by delivering a keylogger type malware.

InfoSec; the language of security.

TAGS: Information Security, Monitoring

Bitwarden flaw can let hackers steal passwords using

iframes.

Bitwarden highlights that the autofill feature is a potential risk

and even includes a prominent warning in its documentation,

specifically mentioning the likelihood of compromised sites abusing the

autofill feature to steal credentials.

Phishing: Sniff

credentials from a webpage HTML inline frame.

wikipedia:

An inline frame places another HTML document in a frame. Unlike an

&l

This starts out the series on Computer Strategy Games, and we begin

with the game that got me hooked, the first Civilization game created by

Sid Meier and published by Microprose. Though it is pretty old now, it

is still fond in my heart, and in the hearts of so many other gamers. If

this comes across as a love letter, so be it. We will also in this

series look at where you can obtain old games, and where you can find

more information about the games I cover.

Links:

https://en.wikipedia.org/wiki/Civilization_(series)

https://en.wikipedia.org/wiki/4X

http://flashofsteel.com/index.php/2006/09/18/gamers-bookshelf-civilization-or-rome-on-640k-a-day/

https://www.amazon.com/Sid-Meiers-Civilization-Chronicles-PC/dp/B000IU1PQA

https://playclassic.games/

https://www.myabandonware.com/

https://www.myabandonware.com/game/sid-meier-s-civilization-1nj

https://www.civfanatics.com/civ1/manual/civ1_man.htm

https://www.civfanatics.com/civ1/cia/

https://forums.civfanatics.com/media/categories/civilization-gallery.16/

https://www.youtube.com/watch?v=CkmHeepmjEc

https://www.youtube.com/watch?v=VF8Ribe5AFU

https://www.youtube.com/watch?v=L7GkX4h-TP8

https://www.youtube.com/watch?v=3UuXa3PRSGo

https://www.youtube.com/watch?v=Q1d08T8_wI4

https://www.youtube.com/watch?v=AJ-auWfJTts

https://www.amazon.com/Sid-Meiers-Memoir-Computer-Games/dp/B08MNG8VX8/

https://www.palain.com/gaming/sid-meiers-civilization/

Remapping Mouse Buttons with XBindKeys on Linux

After a really long time of not bothering to figure out how to do this, I finally did some research and found out how to remap the extra buttons on my Kensington Expert mouse and my Logitech marble trackball mouse in a Linux environment. The tools it needed were xvkbd, xdotool, and xbindkeys. I already had the first two installed, but had never used xbindkeys before. I also used xev to identify the button numbers and key numbers.

The Kensington Expert Mouse is one that I've had for about 15 years, and it was fairly expensive when I bought it, something like $75 or $80. It has four large buttons with a large trackball in the middle and a scroll wheel going around the track ball. I bought it at a time when I was doing a lot of graphic work that required clicking and dragging and double-clicking and stuff like that. If you're using it in a Mac or Windows environment, there is a special configuration tool that you can use to set it up just how you want. I had always configured it so that the upper left and upper right buttons were used for double-clicking and click dragging. This helped reduce a lot of strain on my hands. I have never gotten this to work on Linux, though, until today.

If you want to do this yourself, the first thing to do is make sure you have these packages installed: xvkbd, xdotool, and xbindkeys.

Then create a configuration file in your home directory:

~/.xbindkeysrc

In order to map the upper left button to "double click," and the upper right button to "click and drag," I added these lines to the configuration file:

# Double-click assigned to button 2 (upper left)

"xdotool sleep 0.2 click 1 ; xdotool click 1"

b:2

# Click and Drag assigned to button 8 (upper right)

"xdotool sleep 0.2 mousedown 1"

b:8

To test the settings, simply kill the xbindkeys process and restart it by typing xbindkeys:

user@hostname:~$ pkill -f xbindkeys

user@hostname:~$ xbindkeys

On my desktop computer I have a Logitech marble trackball mouse, and it has two small keys that are assigned to back and forward by default. This can be handy for navigating file managers and web pages, but I wanted them to be assigned to "page up" and "page down" (to make up for the lack of a scroll wheel on the mouse). Here is the configuration file for that machine:

"xvkbd -text "[Page_Down]""

b:8

"xvkbd -text "[Page_Up]""

b:9

I suppose I could have used xdotool for this configuration file as well, but for reasons I can't remember now, I tried xvkbd first and it worked, so I did not experiment further. I used xdotool for the Kensington because xvkbd did not have a way to perform virtual mouse clicks.

Links

xev

XBindKeys

xvkbd

xdotool

nop redux

This is the updated code

-logicprobe

marker -logicprobe

variable Compare

variable Count

$23 constant PINB

$24 constant DDRB

$25 constant PORTB

$100 constant PINH

$101 constant DDRH

$102 constant PORTH

$a0 constant TCCR4A

$a1 constant TCCR4B

$a8 constant OCR4A

$b0 constant TCCR2A

$b1 constant TCCR2B

$b3 constant OCR2A

$2c constant PINE

$2d constant DDRE

$2e constant PORTE

$6a constant EICRB

$3d constant EIMSK

: ext4.irq ( -- ) Count @ 1+ Count ! ;i

: logicprobe.init ( -- )

tone generatoed through timer2

%0001.0000 DDRB mset d10, pb4

%0100.0010 TCCR2A c! use OC2A, ctc mode

$ff OCR2A c! compare falue

%0 DDRE c! e input

%0000.0010 EICRB mset falling edge

['] ext4.irq #6 int! attach interrupt

;

helper words

: open.gate ( -- ) 0 Count ! %0001.0000 EIMSK mset ;

: close.gate ( -- ) %0001.0000 EIMSK mclr ;

tone stuff

: high.tone ( -- ) %0000.0100 TCCR2B c! 750 ms 0 TCCR2B c! ;

: low.tone ( -- ) %0000.0110 TCCR2B c! 750 ms 0 TCCR2B c! ;

: alt.tone ( -- )

3 for

%0000.0100 TCCR2B c! 150 ms 0 TCCR2B c!

150 ms

%0000.0110 TCCR2B c! 150 ms 0 TCCR2B c!

150 ms

next

;

: process.data ( -- )

Count @ 1-

Count !

Count @ 0 > if

cr ." freq=" 10 * .

cr ." pulse"

alt.tone sound output

else

%0001.0000 PINE mtst if

cr ." high"

high.tone sound output

else

cr ." low"

low.tone sound output

then then

;

: wait 100 ms ;

: sample ( -- ) open.gate wait close.gate process.data ;

words called at the forth command line to do the test

demo tones

low.tone

high.tone

alt.tone

the test

sample a stop clocked

start.clock

sample

a0 line

sample

stop.clock and sample a0

stop.clock

sample

reset the z80 and single step probing the m1 signal

reset

step

step

step

step

step

step

run

step sample

step sample

step sample

step sample

sample

if its jammed hit it, if it breaks it needed replacing anyway

The Oh No! news.

Oh No! News is Good News.

firewalltimes:

Recent Data Breaches – 2023.

sec:

On January 5, 2023, - T-Mobile Discloses Data Breach Affecting 37

Million Customers.

On January 5, 2023, T-Mobile US, Inc. identified that a bad actor

was obtaining data through a single Application Programming Interface

(“API”) without authorization.

bleepingcomputer:

TruthFinder, Instant Checkmate confirm data breach affecting 20M

customers.

instantcheckmate:

2019 Account List Data Security Incident.

truthfinder:

2019 Account List Data Security Incident.

"We learned recently that a list, including name, email, telephone

number in some instances, as well as securely encrypted passwords and

expired and inactive password reset tokens, of Instant Checkmate

subscribers was being discussed and made available in an online forum.

We have confirmed that the list was created several years ago and

appears to include all customer accounts created between 2011 and 2019.

The published list originated inside our company."

sec:

SEC Charges NBA Hall of Famer Paul Pierce for Unlawfully Touting and

Making Misleading Statements about Crypto Security.

The Securities and Exchange Commission today announced charges

against former NBA player Paul Pierce for touting EMAX tokens, crypto

asset securities offered and sold by EthereumMax, on social media

without disclosing the payment he received for the promotion and for

making false and misleading promotional statements about the same crypto

asset. Pierce agreed to settle the charges and pay $1.409 million in

penalties, disgorgement, and interest.

sec:

SEC Charges Terraform and CEO Do Kwon with Defrauding Investors in

Crypto Schemes.

The Securities and Exchange Commission today charged Singapore-based

Terraform Labs PTE Ltd and Do Hyeong Kwon with orchestrating a

multi-billion dollar crypto asset securities fraud involving an

algorithmic stablecoin and other crypto asset securities.

discourse.ubuntu:

Ubuntu Flavor Packaging Defaults.

To maintain this focus while also providing user choice, Ubuntu and

its flavors consider debs and snaps the default experience. Users have

the freedom of choice to get their software from other sources,

including Flatpak. A way to install these alternatives is, and will

continue to be, available for installation from the Ubuntu archive with

a simple command.

References (APA format).

Heiligenstein,

M. X. (2023, January 27). Recent Data Breaches - 2023.

Firewalltimes. https://firewalltimes.com/recent-data-breaches/

U.S. Securities and Exchange Commission (2023, January 19). Form 8-K

[T-Moble data breach]. SEC. https://www.sec.gov/ix?doc=/Archives/edgar/data/0001283699/000119312523010949/d641142d8k.htm

Abrams, L. (2023, February 3) TruthFinder, Instant Checkmate confirm

d