Saturday, January 20, 2018

cannot verify's certificate, issued by 'CN=GlobalSign Organization Validation CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE'

So Drupal modules and releases are behind https these days. That is great for security!

But trying to download anything with wget leads to:
WARNING: cannot verify's certificate, issued by 'CN=GlobalSign Organization Validation CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE':
  Unable to locally verify the issuer's authority.

Unfortunately when, for reason or another, you are stuck with an older distribution that hasn't updated their CA certificates for a while you will hit the above when trying to download something with wget.

Annoying isn't it ?

And googling around about it leads to nothing. There is no Real(tm) upstream distribution of CAs and it is very poorly documented how you are supposed to do that manually, IMHO.

The problem is that you are missing "GlobalSign_Root_CA_-_R3.pem" and of course the relevant hash symlink to it "/etc/ssl/certs/062cdee6.0"

To fix the issues you can copy over the "GlobalSign_Root_CA_-_R3.pem" from a more up to date system (usually in /usr/share/ca-certificates or in /etc/ssl/certs) into /etc/ssl/certs/ and then run c_rehash and the you should have:

root@xxxxx:/etc/ssl/certs # ls -l /etc/ssl/certs/062cdee6.0
lrwxrwxrwx 1 root root 27 Jan 20 13:14 /etc/ssl/certs/062cdee6.0 -> GlobalSign_Root_CA_-_R3.pem

Now it should work!

Friday, December 01, 2017

On Teosto and YouTube block in Finland

The whole of Finland was just about to strangle Teosto yesterday as YouTube blocked almost all music videos. Teosto is the umbrella copyright mafia here and collects money in different odd ways to the "starving" artists... (and collects a nice 4.2 Million for their own salaries...)

Anyway, what is interesting to think about is what artists are using YouTube for. They have their own channels for promoting their stuff, music videos. These days, as MTV is just playing reality TV and other shite, YouTube is probably the primary place to show these videos.

Now what is interesting is that YouTube is totally Free, anyone can create a channel and share their stuff. Good quality. Full HD. 4K. 60fps.

Seeing what I'm getting at ? They get a platform, for free, to distribute high bandwidth content that takes up plenty of space, plenty of bandwidth, power and servers in the thousands. For Free. For marketing their own content. For free.

Think about that for a second. Even some crappy Finnish artist video with 3-4 million views in Full HD, fully streamed, say a conservative 300MB/view takes a nice ~900TB on bandwidth. And they get this FOR FREE.

And the fuckers demand money ???!!


Tuesday, August 01, 2017

A couple of cheap Macintosh SE's

A friend found a bunch of Macintosh SE's at at recycling center a while ago (year?) and I was finally able to go and pick them up a couple of weeks ago.

Two Macintosh SE FDHD models and three dual DD floppy drive models.

One of the FDHD has been used as a server, and digging around the drive I was able to find out that they had been used at a school in Lahti in the 1990s.

Documents where dated around 1994 and some log files said 1996 so they have probably been unused for 20 years or so.

Apple Macintosh SE
I picked them up on the way to our summer cottage, so to be able to test them I grabbed, what I thought to be, a SCSI box with Mac System on it with me.

Unfortunately my memory had failed me and I took some other systems SCSI disk so I didn't have anything to boot from until I got back home. The server did boot up but directly into AppleShare. And obviously I didn't have any administrator password codes so I couldn't disable it.

Back home I got the right SCSI disk box connected and everything seems to work just fine.

You can see the price in the above picture, 10€ :) (And luckily for me I didn't need to pay anything for them, all free :)

Thursday, February 23, 2017

Coding don'ts: enourmous if blocks

When wading trough other peoples code I find these annoyingly large if structures, especially used inside while/foreach loops that check if some item is ok to process or not.

Especially in PHP code for some reason or another. It's like people don't know about continue.

Don't do this!

foreach ($something as $item) {
 if ($item) {
   .. screenfull of code ..

Do this instead

foreach ($something as $item) {
 if (!$item)

 .. screenfull of code ..

Thursday, November 03, 2016

A bit of progress on ScummVM for BB10

Got it building and running, there where some funny business with C++ libraries and alsa that for some reason didn't happen under the PlayBook SDK.

Indiana Jones and the Fate of Atlantis on BB10
Still, needs bit of work on the control side, especially on this small screen trying to point with a finger is quite hard.

Video of ScummVM running Indiana Jones and the Fate of Atlantis on running on a DevAlpha C (Q10)

Onkyo receivers, very insecure networked devices

I've been working now awhile on my Onkyo Qt ISCP library and there is one not so funny thing about the protocol. There is no authentication or authorization whatsoever. So basically if you happen to be on the same network as a networked Onkyo you can do whatever you like.

From the not-too-bad: Change radio channel, switch input
To the not-so-nice: Turn the volume up as high as it goes, stream something nasty

Even the device setup web interface is open to everyone.

So don't put a networked Onkyo on a public IP and keep it on a private network that no outsiders can access.

Sunday, August 14, 2016

Gotchas in Drupal, part 1. Date field storage formats.

I've been working with Drupal now for about 3 years now. From time to time there are things that are just strange design decisions or just plain stupid.

One such thing is Date fields, there are a couple of them with no clear documentation (on the Field management page that is, there are if you Google, but who does that?). Anyway, I needed a Date field. The ISO sounded good, pretty much assumed it was just related to the data entry as I was going to feed in a 170000 nodes with date & time field in a easy for machines to parse format.


Drupal uses, obviously, a SQL database. Meaning that dates, should, obviously be stored in a SQL a DATE, TIME, DATETIME type right ? Oh, no no no.

What does Drupal do ? Use a varchar.

No wonder searching, by date ranges, on my collection of 170000 nodes was just a tiny bit slow.