@edps
Forum Replies Created
-
AuthorPosts
-
Researchers at Bleeping Computer have discovered that 98% of Wannacry victims were using Windows 7! So I’m afraid I’ll contradict Dave and say that you should disable smb1. Few if any programs should now require this – the only ones that may are obsolete streaming devices. It is easy to switch off smb1 and very easy to turn it on in the unlikely event you need it.
You cannot use the Control Panel to turn off smb1 on a Win7 machine. People report confusion on following Microsoft’s instructions so I’ll give a cut-down version. Use the following method.
Switch to an Administrator account (important) then run cmd as an Administrator (you will find it in Accessories, right-click and choose to run as Administrator). This gives you a sort of super admin access to the command line.
Once you have the command line program running carefully enter the following – one line at a time: (you cannot copy and paste in Windows 7 cmd.exe)
sc.exe config lanmanworkstation depend= bowser/mrxsmb20/nsi
note that there is a space between = and bowser (important). Let it run, it should report success
sc.exe config mrxsmb10 start= disabled
note the space after equals.! Let it run, it should report success
Thats it smb1 is switched off
In the unlikely event you need it back, just follow the same procedure to get a super-admin cmd, and enter this:
sc.exe config mrxsmb10 start= auto
You are now vulnerable again
That’s cos Britain do everything half arsed Jason. I even notice that doctors have to grab a conversion chart when they ask your weight. We are a strange country. Anyone have a good idea or tale while the US imperial gallon is less than a real one? I’ve heard a few tales, but no one seems to know.
The story I heard was that the US gallon was stuck in a pre-Independence time warp, whereas the Imperial gallon was changed under a Georgian Weights & Measures act. This latter made it ‘easy’ for Inspectors to calibrate/check gallons using weights (10 pounds of water=1 gallon) rather than the Inspector having to carry a standard jug and slop stuff around.
[edit] there are reminiscences of the earlier times in Asia but this is in weights katis which is one and a half pounds (imperial). You find it still in use in one form or another across Asia – I was told it was a hang-over from the days when the UK was the world’s biggest drug pusher (opium).
Being able to handle different measures does still have value and is best illustrated by not finding it at all difficult to think and manipulate in base8 (byte) or base sixteen (hex) values. It is a piece of cake for someone brought up in base ten, twelve, sixteen or twenty!
Joking aside there is one thing I was taught at school that I have found invaluable throughout my life, and one that is rarely taught today. That is the art or skill of approximating by rounding to ‘easy’ numbers. If you have it you can very easily rough-out the answer to a complex bit of arithmetic and tell if you have had decimal point finger trouble with a calculator entry. If you do not have it then doing a Diane Abbott is always a risk. :wacko:
Not disagreeing with Dave – just wanted to tout the Portable Version. There are times when this can come in handy.
Lego is a bit like Marmite, some kids love it and some just reject it. I agree that those who take to it learn a lot, though things like technical Lego have changed over the years. They can now build much better looking models, but I’m not convinced that the contents of the Technical Lego sets are better overall in the context of learning by doing.
… people are on average smarter, it’s a very fast rate of evolution. Things like steam engines, once not long ago they was the pinnacle of science, which craft to the average Joe. Now I reckon one brief hour lesson to the average 14 year old, and they would grasp the concept, no problems. Withing in a few months could probably build one. …
You are quoting Flynn’s observation. Unfortunately on the same measure British kids are stagnating and maybe even regressing. There are also views that using different measures, Victorians were smarter than us! link
Its probably impossible to ensure that the measurements are equivalent as context changes and people are far more familiar with IQ tests today. IQ is of course a contentious issue and if you really want to get Jason going just mention the research on genetics and IQ.
Even ‘smarter’ is hard to define as context is everything. A few years ago there was a Beeb program that took modern A* 16 year olds and gave them a 1960s O-Level Physics paper. In theory they should all have been capable of passing in practice most (all?) failed. Context is everything – the students had been taught a very wide range of concepts but problem solving was not something on which they had been taught ( doesn’t fit with multiple choice questions and no-one fails ethos?).
With respect to actually building a steam engine – not a hope in hell. Restricted school budgets, Nanny State and ‘Elf & Safety’ keeps kids well away from sharp objects and rotating machinery. Subjects like chemistry where things may actually go bang are even more nannified and restricted. I doubt more than one in a hundred could get close to building a steam engine even if they were given a box containing all the parts.
Today’s youngsters just have a very different world-view and skill sets from old pharts like me.
Yes sorry, the link is written for cli minded folk. As you say, the control panel method is a lot easier.
“Open Control Panel (just start typing Control in the search box to find its shortcut quickly). Click Programs, and then click Turn Windows features on or off (under the Programs heading). Clear the check box for SMB 1.0/CIFS File Sharing Support, as shown here. That’s it; you’re protected.”
It reads as though it is a Sandbox (like Sandboxie) . If so use the options that let as little as possible out into your normal user space, but most definitely go into your Windows control panel before hand and disable smb1 link
Whether you allow the other samba tools to run really depends on your usage. Nothing (should) need smb1 today, but some things almost certainly will use the other flavours of Samba. Disable them one at a time and suck it and see. If you can totally disable samba it might be a good idea as it certainly reduces your attack space.
You can normally get similar free protection by using Ubuntu inside VirtualBox for all your on-line stuff. Most (perhaps all) Ransomeware programs switch themselves off if they detect they are running in a virtual machine as it makes attempts to break their encryption a lot easier. So far Ransomeware and Trojans etc leave virtual machines alone for that reason, but I’m afraid all that may change if the NSA/GCHQ ring-3 mobo malware becomes publicly available to script kiddies. :negative:
I must admit I thought the OP used Linux, but I see I was wrong. Mozbackup doesn’t work for Linux but is a good choice for his Win7
PROFILE links to a hidden folder. I think you use Ubuntu or Mint and the mail folder for these is in:
(show hidden files)
your Home folder->.thunderbird->some weird folder e.g. xz7feqqz.default. (just look for a folder some name.default. You can open this folder and only copy Mail if you like but I do not recommend this approach)
you need this plus another file in
your Home folder->.thunderbird->profiles.ini
Copy both the folder and the profiles.ini file to a thumbdrive. When you want to restore just install TBird, run it once and fill out your mail details (important), then shutdown TBird and overwrite the .thunderbird files with the contents of your thumbdrive (you can ignore the crash reports stuff).
Simple quick warts and all backup – backup for Windows is similar but I cannot remember where ‘profiles.ini’ is kept.
Fair point Jason.
SI was not even mandated when I was at uni, we dealt in good old BTUs and English horsepower or human-scale units – none of your fancy French stuff! It started to come in vogue as I started work, and there were even ‘transition’ units that mixed Imperial and Frog units e.g. Centigrade Heat Units (CHUs). IIRC SI was not really in common use until the 70s.
It probably would not surprise you to learn that British Engineers are adept at handling a multiplicity of different units and scales. It is only Yank scientists such as those at NASA that get confused as they normally only deal in US units (i.e. Imperial).
The entry vector has been pinned down to an attack via smb1 directly onto networks. i.e. no stupid browsing or silly email opening by any NHS personnel, just an NSA/GCHQ style smash through security and a dump of Trojans.
“the first iteration of the malware – the one that got into the railways, telcos, universities, the UK’s NHS, and so on – required no such interaction. According to research by boffins at Malwarebytes, email attachments weren’t used. Instead, the malware’s operators searched the public internet for systems running vulnerable SMB services, and infected them using the NSA’s leaked EternalBlue and DoublePulsar cyber-weapons. Once on those machines, Wannacry could be installed and move through internal networks of computers, again using EternalBlue and DoublePulsar” El Reg link
While all this could have been averted by software upgrades or the sort of network isolation we all referred to, the next sales tranche of NSA/GCHQ Trojans and viruses provides far more worrying scenarios as they cover apparently unknown zero day vulnerabilities in most operating systems (including Linux). I suspect that one of these may well be the Intel Mobo/NIC backdoors that have at last been admitted by Intel.
Unfortunately if the even more sensitive router and network hacks are sold off then no-one will be invulnerable. I certainly would not want to rely solely on Cloud servers as I’m sure that servers were top of the NSA/GCHQ target list.
Make sure your off-line backups are up to date!
Looks like some folks without backups may have been let off the hook with respect to paying the ransom. link
Pity really as people/companies like that deserve a hard lesson.
As Dave says, but to prevent a red face thoroughly check all connections before the engineer arrives (Ethernet, broadband and electrical). I would also check that the position of the router is not going to result in overheating.
While I accept your point on wasted money Dave, I have some sympathy for the Administrators who looked at perfectly serviceable $1million MRI machines and shuddered at the thought of throwing them away just because they had an obsolete SGI workstation integrated into them.
It is a great shame that someone cannot produce a simple black-box that acts as a secure wired interface with insecure expensive hardware. In principle it should not be hard to interface with machines that only produce limited acceptable file types (dicom format I guess for an mri) and throw away everything else except perhaps text, then batch out sanitized files. Equally it should be easy to have such a machine only interface with the blackbox on a fixed oddball port and act as a very restricted firewall. Even a raspberry pi could do all that but getting it medically certified would be something else!
Your spelling was a bit amiss it is ‘mole‘ which is probably why you could not find it. It is just a convenient way of expressing the weights of components that in a perfect world all react together to form an equivalent weight of a finished product. The wiki referenced above gives the standard definitions:
“The mole is widely used in chemistry as a convenient way to express amounts of reactants and products of chemical reactions. For example, the chemical equation 2 H2 + O2 → 2 H2O implies that 2 moles of dihydrogen (H2) and 1 mole of dioxygen (O2) react to form 2 moles of water (H2O). The mole may also be used to express the number of atoms, ions, or other elementary entities in a given sample of any substance. The concentration of a solution is commonly expressed by its molarity, defined as the number of moles of the dissolved substance per litre of solution.
The number of molecules per mole is known as Avogadro’s constant, and is defined such that the mass of one mole of a substance, expressed in grams, is equal to the mean relative molecular mass of the substance. For example, the mean relative molecular mass of natural water is about 18.015, therefore, one mole of water has a mass of about 18.015 grams.”
In reality a perfect combination of components does not occur, and there is often a kinetic interplay between the reactants and the finished product, but for simple GCSE science the wiki definition of the world is good enough.
I checked out Wayne Wickelgren’s later book. link Essentially it has very similar content to the older book I first gave as a link. It is also on Kindle.
Ed. What course was that ? Quantum mechanics is pretty heavy stuff. The book you recomend sounds like the sort of thing I was looking for years ago. You can’t invent an understanding of a problem by yourself every time without a few hints.
It was my first degree course in Chemistry. I would guess that QM and Statistical Mechanics were in the course as they could (in theory) be used to explain things like why the periodic table works to predict behaviours and lead to an understanding of organic chemistry and perhaps topics like hydrogen bonding for anomalous materials like water. In practice the best part of fifty years has elapsed before the techniques for ‘seeing’ bonds became viable. AFAIK the computing horsepower to ‘solve’ the QM equations for molecules such as benzene is still not available.
Although I had an interest in this stuff, money was even more of an attraction so I went to the dark-side. I flirted for a bit with biochemical engineering, but I was told by some Pfitzer employees that their pay and prospects were diabolical, so I went totally to the dark-side and transitioned across with a post-graduate course in full-blown Chemical Engineering.
Brilliant mathematicians unfortunately have a mental ‘tic’ that results in them looking at the world in a very different way from us common mortals. I’ll confess I used to get totally lost in some areas of mathematics during my Quantum Mechanics course – the book that actually clarified it all to me a few years later did not even cover things like ‘Hermitian Symmetric Space’ (how about that for a piece of jargon!), instead it taught me to look at problems in a very different way.
The author Wayne Wickelgren covers the objectives of his little book “How to Solve Problems” in his intro:
“In the mathematics and science courses I took in college, I was enormously irritated by the hundreds of hours that I wasted staring at problems without any good idea about what approach to try next in solving them . . .”
I’ve linked to his original book, but I see that he now has some newer maths related titles. I would thoroughly recommend this book to any teenager just starting his maths or science A-Levels, or entering Uni for a science or engineering degree. In the book he teaches a way systematizing the basic methods of solving mathematical problems – he reveals the secrets of the ‘mathematician’s tic’ to us mere mortals!
LOL!
-
AuthorPosts