Many Intel CPUs contain Management Engine vulnerability to remote execution, here's sample outputs of the new INTEL-SA-00086 Detection Tool

You may have read about the Intel Management Engine Flaw, earlier this year, along with yesterday and today's wave of new articles about an Intel portable tool to check if your Windows or Linux system is vulnerable, with a step-by-step look below. You can read up on the Intel Management Engine in…

Nov 22 2017

TinkerTry's .htaccess file for no www, no trailing slashes, and all https

I make no claims to be an expert in .htaccess syntax. Back on March 22, 2015, I quietly: changed from http to https (and dropped the www and trailing slashes) changed from WordPress CMS to Kirby Flat-File CMS changed web hosting providers for TinkerTry.com This article focuses is on that first…

Jun 27 2015

Experiences paying for stuff with cash or credit in Europe, and with Apple Pay back in the USA

I learned a lot about money lately, the hard way. Here's 4 money tips that'll help you make payments, the easy way. I feel like 2014 has been a big year for payments systems. Change is in the wind, not in my pocket. For me, there's four recent tales to tell here: How to survive with just an…

Nov 4 2014

Presenting at New York City VMUG July 24 2014, “Insecure about using public WiFi? Connect to your home’s OpenVPN appliance, for free.”

.PDF version of presentation: Connect to your home's OpenVPN appliance, for free - NYC VMUG Jul24 2014.pdf See also step by step guide: Using your home network’s ESXi or Hyper-V OpenVPN appliance to safely use public WiFi Living in Southern New England, specifically, in scenic Central…

Jul 21 2014

Insecure about using public WiFi? Connect to your home's OpenVPN appliance, for free.

Last year, I was pondering new ways to remotely surf the web securely, privately, from my home's IP address, even when far away from my home. The concern wasn't so much about my internet provider, Cox Communications, from knowing what I'm doing. It was more about securing in-the-clear…

Jul 5 2014

Password-less secure login with SQRL, disk recovery with SpinRite, and data obliteration with Beyond Recall

Steve Gibson is on quite a roll lately. Over the past few months, I've had the pleasure of witnessing the evolution of his thinking, with the unfolding of his thought process expertly explained to his listeners. His thoughts and ideas eventually become realities. He has a way of engaging his…

May 22 2014

CrowdStrike Heartbleed Scanner finds my vulnerable VMware ESXi 5.5 U1 host, I patch, then rescan

Yes, Heartbleed is still hanging in there for the IT pro, continuing to demand our attention. Earlier today, during a long drive to a virtualization user group meeting here in New Hampshire, I had the opportunity to catch up on some podcasts, including yesterday's Security Now Podcast 452. Steve…

Apr 23 2014

As webmaster, how I cleaned up after Heartbleed, including SSL certificate handling

Illustration above by Randall Munroe, with the full comic strip at xkcd.com/1354. See also preorders for his What If? book. April 9th 2014 got off to a rough start, with my phone alerting me about TinkerTry.com downtime overnight. Turns out my CentOS instance ran its usual overnight chron job to…

Apr 16 2014