Illinois Statewide Terrorism and Intelligence Center has disclosed a water plant SCADA (supervisory control and data acquisition) system hack that caused a water pump failure.
More here: US Water System Hacked: A Community-Wide Issue
And here: Foreign hackers targeted U.S. water plant in apparent malicious cyber attack, expert says
Welcome
Friday, November 18, 2011
Saturday, October 29, 2011
Drupal Forms API
Doing some forms development in Drupal. I'm compiling some notes here.
If this is a topic of interest check back once in a while, I'll be adding notes and updates as a go through this particular project.
Development Goals: capture some data from A, pass to B for approval, pass approval to A and C or rejection to A. Confirm the workflow history.
Drupal modules use associative arrays and the form engine generates the HTML. Forms are processed in three phases: validation, submission, and redirection.
Function:
drupal_get_form()
Variables:
$form_id : a string to identify the form
$form : structured array describing the form
$form_state : information about the form, values
$form_state['redirect'] to a Drupal path to redirect the user. The last function to set this property wins. If not set the user is returned to the form.
See #redirect property below...
$_POST['form_id'] : present if form being processed has been submitted with data
Properties:
#submit : can contain an array of functions to process on submit
#redirect : set in $form_state['redirect'] or $form['#redirect']
example: $form['#redirect'] = 'node/1'
Requirements (particularly for your own form module):
.info : found in sites/all/modules/custom/[formname]/[formname.info]
.module : found in sites/all/modules/custom/[formname]/[formname.module]
References:
VanDyk, John K. "Pro Drupal Development, Second Edition"
http://www.apress.com/9781430209898
Sample email code: http://drupal.org/node/197122
VI editor commands: http://www.cs.rit.edu/~cslab/vi.html
If this is a topic of interest check back once in a while, I'll be adding notes and updates as a go through this particular project.
Development Goals: capture some data from A, pass to B for approval, pass approval to A and C or rejection to A. Confirm the workflow history.
Drupal modules use associative arrays and the form engine generates the HTML. Forms are processed in three phases: validation, submission, and redirection.
Function:
drupal_get_form()
Variables:
$form_id : a string to identify the form
$form : structured array describing the form
$form_state : information about the form, values
$form_state['redirect'] to a Drupal path to redirect the user. The last function to set this property wins. If not set the user is returned to the form.
See #redirect property below...
$_POST['form_id'] : present if form being processed has been submitted with data
Properties:
#submit : can contain an array of functions to process on submit
#redirect : set in $form_state['redirect'] or $form['#redirect']
example: $form['#redirect'] = 'node/1'
Requirements (particularly for your own form module):
.info : found in sites/all/modules/custom/[formname]/[formname.info]
.module : found in sites/all/modules/custom/[formname]/[formname.module]
References:
VanDyk, John K. "Pro Drupal Development, Second Edition"
http://www.apress.com/9781430209898
Sample email code: http://drupal.org/node/197122
VI editor commands: http://www.cs.rit.edu/~cslab/vi.html
Friday, October 21, 2011
Tomboy Notes in Windows 7
Tomboy Notes is "THE" note taking and organizing tool! In my humble opinion.
Typically used in Linux systems, but recently using on Windows XP and Windows 7 development workstations.
Came across an error where the "Search All Notes" dialogue window would not open... well, it would open but not be visible on the Windows 7 system.
I found this fix:
Just wanted to share the love with other Tomboy Notes users!
Typically used in Linux systems, but recently using on Windows XP and Windows 7 development workstations.
Came across an error where the "Search All Notes" dialogue window would not open... well, it would open but not be visible on the Windows 7 system.
I found this fix:
- I regularly dock and undock my laptop...so it regularly goes from using dual screens to using the laptops monitor.
- When I booted back up at home, undocked, my prefs.xml went back to:
[search_window_x_pos]-32000[/search_window_x_pos]
[search_window_y_pos]-3200[/search_window_y_pos]
- As a workaround, I picked an x and y location that works for both my dual monitor setup, and my laptop monitor, and then I made the prefs.xml read-only (on a Windows 7 machine, right click on the prefs.xml file, click Properties, check the "Read-only" box, and then click "Apply").
[search_window_x_pos]-250[/search_window_x_pos]
[search_window_y_pos]-250[/search_window_y_pos]
Note: The ramifications of this workaround (I would think) are that I can no longer make changes to my preferences. If I want changes to take effect, I would have to deselect the Read-only box, and then proceed to make those changes.
'Search All Notes' dialog not working in Windows 7
Just wanted to share the love with other Tomboy Notes users!
Thursday, June 9, 2011
Converged Networking
Doing some research for a network upgrade project and thought I would share.
Converged Networking/Infrastructure
Finally really coming of age. I have built custom solutions, in fact I'm operating on one now, but now the vendors are really supporting this at the physical, logical, and application layers.
I always frowned at having to keep two parallel networks operating: one for the LAN (ethernet), and one for the SAN (Fibre Channel). I had started to move to one network, with seperate subnets and vlans. Which was finally supported by FCoE (fiber channel over ethernet), if you didn't want to just use NAS.
Two offerings that I have researched recently now flatten or converge the network even further: Cisco Unified Fabric, and HP FlexFabric. And now with 10GE LAN speeds... yeah, major ROI savings and network reliability.
Any way, I enjoyed some high level business analytical reading and thought I would share. Enjoy the white papers linked above.
Converged Networking/Infrastructure
Finally really coming of age. I have built custom solutions, in fact I'm operating on one now, but now the vendors are really supporting this at the physical, logical, and application layers.
I always frowned at having to keep two parallel networks operating: one for the LAN (ethernet), and one for the SAN (Fibre Channel). I had started to move to one network, with seperate subnets and vlans. Which was finally supported by FCoE (fiber channel over ethernet), if you didn't want to just use NAS.
Two offerings that I have researched recently now flatten or converge the network even further: Cisco Unified Fabric, and HP FlexFabric. And now with 10GE LAN speeds... yeah, major ROI savings and network reliability.
Any way, I enjoyed some high level business analytical reading and thought I would share. Enjoy the white papers linked above.
Tuesday, June 7, 2011
Phishing Emails - Don't Take the Bait!
The DefenseTech.org blog has a great post about the phishing emails from China that were used to penetrate the U.S. State Department.
There is a good lesson here. If you follow the link to the post "you’ll see a screen grab showing what’s apparently the text of one of the phony phishing emails sent to senior U.S. government officials’ Gmail, Hotmail and Yahoo mail accounts by hackers in China." They were very well done! Very legitimate looking! It would be hard to blame the user in a small corporate environment for getting fooled.
("What Those Chinese Phishing Emails Look Like" defensetech.org)
Here is the moral of the story:
- Do Not open attachments from unknown or unverified sources!
If you are not sure who it is from, or if it is legitimate:
- forward the message (don't reply) to the supposed sender after removing any attachments, and ask them if they really sent it.
- or pick of that old tech, the phone, and call the supposed sender and ask them.
Don't take the bait!
More:
Cyber-Attacks on Gmail, Defense Industries Linked to China: Investigators
There is a good lesson here. If you follow the link to the post "you’ll see a screen grab showing what’s apparently the text of one of the phony phishing emails sent to senior U.S. government officials’ Gmail, Hotmail and Yahoo mail accounts by hackers in China." They were very well done! Very legitimate looking! It would be hard to blame the user in a small corporate environment for getting fooled.
("What Those Chinese Phishing Emails Look Like" defensetech.org)
Here is the moral of the story:
- Do Not open attachments from unknown or unverified sources!
If you are not sure who it is from, or if it is legitimate:
- forward the message (don't reply) to the supposed sender after removing any attachments, and ask them if they really sent it.
- or pick of that old tech, the phone, and call the supposed sender and ask them.
Don't take the bait!
More:
Cyber-Attacks on Gmail, Defense Industries Linked to China: Investigators
Tuesday, May 31, 2011
PBS Web Servers Hacked
PBS Web Servers Hacked - fake news story and user login information published!
I share these security breach stories to inform and teach. My hope is that business leaders will give more thought, priority, and budget to security measures. The threat is real, and "black hats are honing in on lower-tier business targets—organizations with less savvy, maturity and investment in countermeasures." (Verizon Report: Hackers Target Small Businesses)
More Security Stories:
Think you safe on Mac? "And Mac users, for all their pretensions otherwise, are as fallible as the next person." Everything you need to know about Mac scareware
7 questions about the Mac malware scare
Lockheed Martin acknowledges 'significant' cyberattack
I share these security breach stories to inform and teach. My hope is that business leaders will give more thought, priority, and budget to security measures. The threat is real, and "black hats are honing in on lower-tier business targets—organizations with less savvy, maturity and investment in countermeasures." (Verizon Report: Hackers Target Small Businesses)
Late Sunday night, hackers gained access to several areas of PBS Web servers and were able publish a fake news story on a PBS news blog. The hackers also published PBS internal user login information that they were able to siphon from PBS databases.
PBS Sites Hacked: Attackers Publish False News Story and Login Data
More Security Stories:
Think you safe on Mac? "And Mac users, for all their pretensions otherwise, are as fallible as the next person." Everything you need to know about Mac scareware
7 questions about the Mac malware scare
Lockheed Martin acknowledges 'significant' cyberattack
Friday, May 13, 2011
Blogger Down!
Sorry folks. Blogger has been down for a little while, and recent blogspot blog posts had to be removed. They are supposed to be restored soon.
"What a frustrating day. We’re very sorry that you’ve been unable to publish to Blogger for the past 20.5 hours... We rolled back to a version of Blogger as of Wednesday May 11th, so your posts since then were temporarily removed. Those are the posts that we’re in the progress of restoring."
Blogger Buzz
"What a frustrating day. We’re very sorry that you’ve been unable to publish to Blogger for the past 20.5 hours... We rolled back to a version of Blogger as of Wednesday May 11th, so your posts since then were temporarily removed. Those are the posts that we’re in the progress of restoring."
Blogger Buzz
Thursday, May 12, 2011
Change Your Facebook Password! Facebook Leaks Personal Information!
Change your facebook password today!
... Facebook applications have been inadvertently handing advertisers access tokens -- strings of numbers and letters that can be used by a browser to access Facebook accounts over the Web. "Access tokens are like the 'spare keys' granted by you to the Facebook applications," Symantec said in a blog post. "Each token or 'spare key' is associated with a select set of permissions, like reading your wall, accessing your friend's profile, posting to your wall, etc." ...Symantec says Facebook applications leaked information
One of these access tokens will keep working until the Facebook user changes his password, so Symantec said that concerned users should change their Facebook passwords, like "changing the lock" on their Facebook account.
Thursday, May 5, 2011
Teachers failing cybersecurity - Parents Responsibility
According to a Microsoft-sponsored survey by the National Cyber Security Alliance (NCSA) teachers are failing to adequately train students on online safety and security. ("Teachers get failing grade in cybersecurity education" 04 May 2011)
Well, that may be so, but concerning matters of childhood education, I always throw the ball back in the parents court. Schools, tutors, and teachers are tools to educate our children, but it is our responsibility as parents. We are solely responsible.
Ok, so back to the tech! Parents, among your other plans for teaching, leading, and nurturing your children, teach them safe cyber habits!
A good place to start might be with the NSA Home Network Security Guide, the Bin Laden Cyberscam Alert, and the Sony Playstation Network Hack I posted about recently. Also, just like stranger danger in your neighborhood and public places, we need to be discussing online dangers with our kids. That's assuming, of course, that we understand them ourselves. We do, don't we?
Well, that may be so, but concerning matters of childhood education, I always throw the ball back in the parents court. Schools, tutors, and teachers are tools to educate our children, but it is our responsibility as parents. We are solely responsible.
Ok, so back to the tech! Parents, among your other plans for teaching, leading, and nurturing your children, teach them safe cyber habits!
A good place to start might be with the NSA Home Network Security Guide, the Bin Laden Cyberscam Alert, and the Sony Playstation Network Hack I posted about recently. Also, just like stranger danger in your neighborhood and public places, we need to be discussing online dangers with our kids. That's assuming, of course, that we understand them ourselves. We do, don't we?
Subscribe to:
Posts (Atom)