Lojax

Standard

Malware die sich ins UEFI BIOS lädt. Na damit konnte nun wirklich niemand rechnen, dass das mal passieren wird….

Wie würde Fefe sagen: Hätte uns doch nur jemand davor gewarnt.

Identify from where an AD account was locked out

Standard

After enabling password lockouts in our company AD, my account got locked out from time to time. After some searching I finally found out that on a Windows Server 2012 the magic event ID to check is “4625”. It will tell you from which IP the login request, that lead to the lockout, originally came from.

BTW: In my case it was an unused but configured Nextcloud app on my mobile.

 

 

Apps können Mails aus GMail lesen

Standard

No shit Sherlock! Ich werde als Nutzer gefragt, ob $App oder $Service auf mein Google Account zugreifen darf. Ich bekomme einen Google Consent Dialog angezeigt, wo für jeden der lesen kann beschrieben steht, wer worauf zugreifen will.

Das geht theoretisch auch mit jedem anderen Mail-Account. Warum treiben die Medien jetzt wieder eine Google-ist-böse Sau durchs Netz!?

1. Wenn eine nicht-Email-App Mails lesen will, dann frage dich, warum sie das Recht dazu will.

2. Installiere Apps oder nutze Dienste, die vertrauenswürdig erscheinen, oder denen Privacy am Herzen liegt. Dann ist es eher unwahrscheinlich, dass sich die Entwickler im Hintergrund Zugriff verschaffen.

Screw you Microsoft

Standard

On a scale from 0 to North Korea how much did Microsoft just fuck it up:

Got “We were unable to establish the connection because it is configured for user dweuthen@example.com but you attempted to connect using user DWeuthen@example.com. To connect as a different user perform a switch user operation. To connect with the configured identity just attempt the last operation again.” while trying to re-active my VS license trough ADFS.

Running a limited number of scripts in parallel from Bash

Standard

Imagine you have a text file with a single parameter for another script on each line, but you want to speed things up. Instead of writing an overly complicated wrapper script, as I did a few times in the past, you could just use xargs. It comes equipped with everything needed for this task. The following example assumes, that for each parameter in parameters.txt the command MyFancyScript.py should be executed, with no more than 20 processes at the same time:

cat parameters.txt | xargs -n 1 -P 20 MyFancyScript.py

I guess it’s not hard to figure out that -P is the magic switch to allow multiple instances to be executed at the same time.