Windows Insider – new features

Today’s Windows Insider email included a few new cool features, here are my Top 3

Do more at once with the new Compact Overlay window. Keep watching a movie or video chat on one corner of your screen — even when switching apps to check email or browse the web. When an app window enters compact overlay mode, it’ll be shown above other windows so it won’t get blocked. Look for updates to the Movies & TV app and Skype Preview app to take advantage of this feature in the near future.

A smart way to lock your PC. Dynamic Lock automatically locks your Windows 10 PC when you’re not around, based on the proximity of your Bluetooth-paired phone. If your Bluetooth-paired phone is not found near your PC, Windows turns off the screen and locks the PC after 30 seconds.

Public Preview of Windows Analytics: Update Compliance. Update Compliance is a free service that provides you with a holistic view of Windows 10 update compliance for the devices in your organisation, including installation status for both monthly quality updates and new feature updates. Click here for details on how to set up the service for your organisation.

Rosetta@Home DNS Issue

If you ever need a lesson in the importance of picking a good domain registrar, then read about Rosetta@Home recent problems.

Dear Rosetta@Home participants,

We — like many of you who have contacted us — have been extremely
frustrated by the long project downtime. We (bakerlab.org) had a domain
name registration verification lapse, and our registrar (dotster.com)
and ICANN turned off DNS for bakerlab.org. We went through the steps to
getting it verified again Monday afternoon. What should have been a
quick procedure is now stretching into 4 days. We apologize for the mass
emailing which we have tried to keep to a minimum throughout the course
of the project, but this is an extraordinary situation and we have no
other way of reaching all of you now.

Since being down we estimate that we have lost a total of around 3.1
million computing hours and continue to lose around 540 computing hours
per minute.

We greatly appreciate your help and contributions!  With your help, we
have been making rapid progress in our research which has been
attracting considerable attention, for example:

NOVA:
http://www.pbs.org/wgbh/nova/physics/origami-revolution.html (the 8
minute segment on our work starts at 20:30)

The Economist:
http://www.economist.com/news/science-and-technology/21716603-only-quarter-known-protein-structures-are-human-how-determine-proteins

The Atlantic:
https://www.theatlantic.com/science/archive/2017/01/unravelling-lifes-origami/513638

Geekwire:
http://www.geekwire.com/2017/big-data-rosetta-protein-puzzles
which is titled “Big data (and volunteers) help scientists solve
hundreds of protein puzzles”

Thank you very much for your continued contributions to and support of
Rosetta@Home!

David Baker

More info: http://boinc.bakerlab.org/rah_technical_news.php

Automating WordPress maintenance

WordPress is an amazing blogging platform. However it does require a fair amount of love. Despite Mythic Beasts managing a large portion of my stack (hardware, OS, Apache, PHP, MySQL) and WordPress having automatic background updates I still find myself logging in and finding pending updates for WordPress.

The solution was WP-CLI. With the shell add-on, I SSH onto my account, then

What the above script does is download WP-CLI, grant it execute permission, then downloads my script and again, gives it execute permission.

Then its question of create a cron job using crontab, this can be done by running crontab -e then doing something like: (this runs the script every 15mins and redirects the output to a log file that gets overwrite each time it runs*)

Note:

> overwrites the file. >> Appends. I’ve not used append as I don’t want to deal with it growing and really I only want the last run details. Still your mileage may vary.

Below is the final script that executes WP-CLI

 

MSSQL server failed on Ubuntu on Windows 10

I’ve been getting errors with MSSQL server on Ubuntu on Windows 10. The error,

Failed to connect to bus: No such file or directory
dpkg: error processing package mssql-server (–remove):
subprocess installed post-removal script returned error exit status 1
Processing triggers for libc-bin (2.23-0ubuntu5) …
E: Sub-process /usr/bin/dpkg returned an error code (1)

I managed to fix it in the end by

Of course, you should try uninstalling correctly first, which is latter of the two

I’ve included remove Microsoft GPG key and un-register the Microsoft SQL Server Ubuntu repository. For more read Microsoft doc.

Resident parking

Been trying to find out the following from my local council:

  1. How many resident parking permits have been issued
  2. How many resident parking bays are available
  3. What exactly has the money been spent on in terms of fines issued.

To say they are being evasive is an understatement.

So far, I’ve got, the response of:

  1. This info is fluid as it is not only static residents who can apply for waivers within a given zone but also agencies who provide medical needs and other statutory services.At this time we have no plans to publish this level of information on our website
  2. We don’t hold this information, we don’t have defined bays, just areas – which I followed up with, well you must have a min size. FYI normally 5m is allowed per vehicle parked at the end of a bay and 6 m for those inside. Still waiting for them to A) publish the map so I can do the math, B) do the math and give me a number
  3. (A) making good deficits
    (B) paying for the provision or maintenance of off street parking
    (C) If (B) is considered unnecessary  then the provision or operation of facilities for public passenger transport services, highway or road improvement projects within the local authority area or environmental improvements in the local authority area.

Clear as mud. So if its been in place for 10 years and they bring in £400,000 a year in fines that’s £4 million been spent on? What? I assume the cost they charge for issuing the permits to residents counters A and B. Please Lord let it not be those stupid Real Time Passenger information*.

 

* I like the idea Real Time Passenger information, just not the solution SCC purchased. It runs on an out-of-date operating system that crashes. If it was me, I’d got the Uni to build something using a Raspberry Pi and got the local schools involved (would have looked pretty cool on the children’s CV)

 

Cloudflare parser bug

So once again we have another major security leak. You can read about it, here and below is the email CEO Matthew Prince wrote to customers:

Dear Cloudflare Customer:

Thursday afternoon, we published a blog post describing a memory leak caused by a serious bug that impacted Cloudflare’s systems. If you haven’t yet, I encourage you to read that post on the bug:

https://blog.cloudflare.com/incident-report-on-memory-leak-caused-by-cloudflare-parser-bug/

While we resolved the bug within hours of it being reported to us, there was an ongoing risk that some of our customers’ sensitive information could still be available through third party caches, such as the Google search cache.

Over the last week, we’ve worked with these caches to discover what customers may have had sensitive information exposed and ensure that the caches are purged. We waited to disclose the bug publicly until after these caches could be cleared in order to mitigate the ability of malicious individuals to exploit any exposed data.

In our review of these third party caches, we discovered data that had been exposed from approximately 150 of Cloudflare’s customers across our Free, Pro, Business, and Enterprise plans. We have reached out to these customers directly to provide them with a copy of the data that was exposed, help them understand its impact, and help them mitigate that impact.

Fortunately, your domain is not one of the domains where we have discovered exposed data in any third party caches. The bug has been patched so it is no longer leaking data. However, we continue to work with these caches to review their records and help them purge any exposed data we find. If we discover any data leaked about your domains during this search, we will reach out to you directly and provide you full details of what we have found.

To date, we have yet to find any instance of the bug being exploited, but we recommend if you are concerned that you invalidate and reissue any persistent secrets, such as long lived session identifiers, tokens or keys. Due to the nature of the bug, customer SSL keys were not exposed and do not need to be rotated.

Again, if we discover new information that impacts you, we will reach out to you directly. In the meantime, if you have any questions or concerns, please don’t hesitate to reach out.

Matthew Prince
Cloudflare, Inc.
Co-founder and CEO

So lets be clear

  • …the greatest period of impact was from February 13 and February 18 with around 1 in every 3,300,000 HTTP requests through Cloudflare potentially resulting in memory leakage (that’s about 0.00003% of requests).
  • Only customers who use Automatic HTTPS Rewrites, Server-Side Excludes and Email Obfuscation were affected.
  • …data that had been exposed from approximately 150 of Cloudflare’s customers across Free, Pro, Business, and Enterprise plans
  • CloudFlare is SaaS
  • Security hole was completely closed in 7hrs 11mins from being Tweeted about an issue
  • Security hole was mostly closed off in 1 hr 8mins
  • Production fix and service restored in 3 days 10 hrs 9mins
  • People are jumping on the problem making it sound worse then it was (don’t get me wrong it was bad, but no where as bad as Heartbleed, Heartbleed, still IS a problem)
  • CloudFlare have been very transparent

…And this is why I review code I take on-board, regardless if it works and advise others to review my code

 

Caching woes

Caching always seems to cause problems, still, we can’t have it all. Today’s caching problem was to do with Redgate SQL Prompt, a really amazing plugin that helps you write better SQL code. The problem with it is the cache of database object metadata was out-of-date. I had updated a table so when I typed select * then press TAB to expand the * into a list of columns, I got the old names. Luckily the fix is easy. Refresh suggestions.

As the screenshot shows, its either SQL Prompt > Refresh suggestions or just Ctrl + Shift +D.

Date Format

I’ve had a problem recently when it can to formatting a datetime as just date where FormatDateTime didn’t work

The fix was to change it to Format.

Oddly, despite the parameter being a datetime, I found I still had to cast it as a date.

FormatDateTime was introduced in Vs 2008. I’m not 100% sure why this didn’t work.

TextBoxImpl

Another error I hit

Warning               1

[rsRuntimeErrorInExpression]

The Value expression for the textrun ‘Textbox28.Paragraphs[0].TextRuns[0]’

contains an error: Overload resolution failed because no Public ‘/’ can be called with these arguments:

‘Public Shared Operator /(d1 As Decimal, d2 As Decimal) As Decimal’:

Argument matching parameter ‘d2’ cannot convert from ‘TextBoxImpl’ to ‘Decimal’.

C:\Projects\Reports\1. Report.rdl

Thankfully Google found Qiuyun answer. I was missing the .Value at the end.

So (wrong)

=ReportItems!Textbox1

Fixed (working)

=ReportItems!Textbox1.Value

SSRS copy and paste fail

In case you haven’t heard, I’ve started a new job and one of my first tasks was to speed up a SSRS report. One of the first issues I stumbled across was this:

An error occurred during local report processing.

The definition of the report ‘/1. Report’ is invalid.

The Value expression for the textrun ‘Tx412.Paragraphs[0].TextRuns[0]’ contains an error: [BC30456] ‘RdlObjectModel’ is not a member of ‘ReportingServices’

Looking into it the issue it appears its expanded expressions when it got copied – it’s basically making the it fully qualified.

So

Cint

becomes:

Microsoft.ReportingServices.RdlObjectModel.ExpressionParser.VBFunctions.Cint

The fix was to just edit to code then do a find and replace, replacing the added reference with nothing. Simple.