A here document is a block of text or code which is redirected to an interactive program or a command.

 #!/bin/bash
 Command <<MyUniqueLimitString
 some text
 some more text
 MyUniqueLimitString

The above is equivalent to Command < tempfile.txt where the tempfile contains the text required.

EOF and END are often chosen as the MyUniqueLimitString but any string can be used as long as it does not appear within the here document text.

The - option to mark a here document limit string (<<-LimitString) will suppress leading tabs (but not spaces) in the output. This allows the use of indentation (with tabs) when writing here-documents in shell scripts making them more readable.

Here documents can also be used to supply values to variables or functions.

Understanding Linux file permissions (how to find them, read them, and change them) is an important part of maintaining and securing your systems.

Getting permissions in Linux can sometimes be a 'sticky' situation. Learn how to set the appropriate permissions, even in special circumstances.

chmod changes the permissions of each given file according to mode, where mode describes the permissions to modify.
Mode can be specified with octal numbers or with letters. //

Equivalent Windows command: CACLS - Change file permissions.

quoting the Foundation for the Defense of Democracies.

The Hamas-run Gaza Ministry of Health said on April 6 that it had “incomplete data” for 11,371 of the 33,091 Palestinian fatalities it claims to have documented. In a statistical report, the ministry notes that it considers an individual record to be incomplete if it is missing any of the following key data points: identity number, full name, date of birth, or date of death. The health ministry also released a report on April 3 that acknowledged the presence of incomplete data but did not define what it meant by “incomplete.” In that earlier report, the ministry acknowledged the incompleteness of 12,263 records. It is unclear why, after just three more days, the number fell to 11,371 — a decrease of more than 900 records.

Prior to its admissions of incomplete data, the health ministry, asserted that the information in more than 15,000 fatality records had stemmed from “reliable media sources.” However, the ministry never identified the sources in question and Gaza has no independent media.

FDD @FDD
·
.@adesnik: "The sudden shifts in the ministry’s reporting methods suggest it is scrambling to prevent exposure of its shoddy work. For months, U.S. media have taken for granted that the ministry’s top-line figure for casualties was reliable enough to include in daily updates on… Show more

FDD @FDD
Hamas-Run Gaza Health Ministry Admits to Flaws in Casualty Data

@adesnik and @JoeTruzman weigh in:
https://fdd.org/analysis/2024/04/09/hamas-run-gaza-health-ministry-admits-to-flaws-in-casualty-data/

11:35 AM · Apr 9, 2024

No patch yet for unauthenticated code-execution bug in Palo Alto Networks firewall. //

beheadedstraw Ars Centurion 8y 373

cyberfunk said:
I find this article quite difficult to comprehend, we go from rooting firewalls to somehow magically obtaining Microsoft active directory secrets?

There’s no logical flow to how attackers are jumping around the network here and it just feels like bits and pieces of the security reports are copy and pasted here into the article without explanation. I think a better job needs to be done explaining the logical flow events here

The vast majority of firewalls have service accounts with full read access to AD for authentication, usually for VPN's. Microsoft still uses NTLM/NTLMv2 to encrypt their passwords, which is highly susceptible to simple brute force attacks because they don't use salts.

Regardless this is basically the worst of the worst case scenarios for a shitload of Fortune 500 companies, which is what Palo Alto caters to. //

fsck! Ars Centurion
12y
242

Having gone through the Ivanti ordeal as well, I can say AD integration isnt to be taken lightly. From a recovery standpoint, you are now not only looking at VPN remediation but also your entire AD... //

Focher Ars Scholae Palatinae
17y
1,054

KingKrayola said:
We're neither using a PAN firewall nor a blue-chip company.

Does using RADIUS for VPN auth provide a level of protection vs direct AD Access, or is it just a case of choosing one's poison?

That depends. RADIUS has a fully configurable authentication mechanism, but if you’re using a flavor of Active Directory then you’re subject to much of the same. Why certificates aren’t a required layer in environments continues to surprise me. I’m not suggesting other laypersons should have it but even I use it on my own network so it’s definitely manageable. //

pnellesen Ars Scholae Palatinae
12y
1,035
Subscriptor++
This kind of news never comes out on a Monday morning, does it? //

Glistening in the dry expanses of the Nevada desert is an unusual kind of power plant that harnesses energy not from the sun or wind, but from the Earth itself.

Known as Project Red, it pumps water [8000] feet into the ground, down where rocks are hot enough to roast a turkey [380F]. Around the clock, the plant sucks the heated water back up to power generators [3.5 MW]. Since last November, this carbon-free, Earth-borne power has been flowing onto a local grid in Nevada. //

But geothermal enthusiasts have dreamed of sourcing Earth power in places without such specific geological conditions—like Project Red’s Nevada site, developed by energy startup Fervo Energy.

Such next-generation geothermal systems have been in the works for decades, but they’ve proved expensive and technologically difficult, and have sometimes even triggered earthquakes. Some experts hope that newer efforts like Project Red may now, finally, signal a turning point, by leveraging techniques that were honed in oil and gas extraction to improve reliability and cost-efficiency.

The advances have garnered hopes that with enough time and money, geothermal power—which currently generates less than 1 percent of the world’s electricity, and 0.4 percent of electricity in the United States—could become a mainstream energy source. Some posit that geothermal could be a valuable tool in transitioning the energy system off of fossil fuels, because it can provide a continuous backup to intermittent energy sources like solar and wind.

As it stands now, the law, which is set to expire April 19, allows U.S. intelligence agencies to spy on foreign nationals based overseas, but it also lets the FBI comb through the massive amounts of data the intelligence community collects and gather information about American citizens. These are known as “backdoor searches,” //

they want to require that the FBI obtain a warrant before searching Section 702 data for information about Americans — a reasonable reform. The intelligence community, and the members of the House Intelligence Committee over whom they have influence, oppose this. //

Whatever the original justification of Section 702 was — in the wake of 9/11, the intelligence community argued that massive government surveillance capabilities were necessary to keep Americans safe from terrorist attacks — the purpose of it now is to enable the FBI to surveil Americans, especially Americans who express views and opinions the government deems to be a threat. //

But the intelligence community and the lawmakers on the Intelligence Committee dug in their heels, rejecting multiple compromise reform bills. These bills, wrote Goitein, “would have passed if IC/intel committees were willing to concede that Section 702 should not be used as a means of warrantlessly accessing Americans’ communications.” //

How bad is warrantless spying by our government? Pretty bad. In April 2022, the Office of the Director of National Intelligence released its annual report that showed the FBI made more than 3.4 million search queries of the NSA database in 2021 on U.S. citizens. About a third of these were “non-compliant searches,” which means they fell outside the normal rules and regulations. In other words, they were illegal.

But that’s not all. As the X account @TheLastRefuge noted, from November 2015 to May 2016, the FBI and contractors for the DOJ/FBI conducted more than 1,000 illegal searches targeting Republican primary candidates.

TheLastRefuge @TheLastRefuge2
·
10) Although the number of the illegal search queries were redacted, we know the number is four digits from the size of the redacted text. More than 1,000 and less than 9,999.
6:20 PM · Apr 10, 2024. //

It’s time for ordinary Americans to wake up and realize what our government is doing to us. Under the pretext of keeping us safe from foreign terrorists, the intelligence community has erected a vast surveillance apparatus that targets American citizens — and it will not under any circumstances allow that apparatus to be reformed.

Which is why it should be dismantled completely.

The GOP-controlled House failed to add an amendment proposed by Rep. Andy Biggs, R-Ariz., that would have altered Section 702 of the Foreign Intelligence Surveillance Act (FISA) to mandate that federal authorities obtain a warrant before surveilling American citizens. Johnson and 85 Republicans joined Democrats in killing Biggs’ proposal through a tied House vote. //

The House passed the bill 273-147 to re-authorize the government’s use of FISA for the next two years, with 126 Republicans and 147 Democrats voting in favor. The bill must clear the Senate before it hits President Joe Biden’s desk for signature. //

the White House’s Jake Sullivan and U.S. Attorney General Merrick Garland “call[ed] members on the Hill” this morning to pressure them into squashing Biggs’ amendment.

Jake Sherman @JakeSherman
·
VERY intense W.H. lobbying effort on the warrant issue.

• Jake Sullivan/Merrick Garland made calls
• NSC attorney Josh Geltzer and Deputy homeland security adviser Jen Daskal were right outside the floor with representatives from DOJ/CIA to talk to members

The Washington Post published a story Wednesday about a 26-year-old black man in Chicago killed following a shootout with police last month. Readers have to scan eight paragraphs under the headline, “Police fire 96 shots in 41 seconds, killing Black man during traffic stop,” before learning bodycam footage indicates Dexter Reed fired first, wounding an officer. //

Neither CNN, USA Today, nor the Washington Post noted that Reed fired 11 rounds at the officers. His shots “almost kill[ed] an officer,” said Chicago Fraternal Order of Police President John Catanzara. The police shot back. Reed “continued to fire at the officers while they were firing those 90 rounds,” Catanzara noted.

As Lincoln understood about slavery back in the 1850s, the eventual political consequences of tolerating abortion in some states will be the acceptance of it in all the states. (We’ve already seen this with the abortion referendums in Kansas and Ohio, with more referendums on the way.) Moral neutrality on abortion — Trump’s “popular sovereignty” approach — will weaken the foundation for legal prohibition and open the way to tolerance and eventually political acceptance. //

Because of the first principles at stake here, the logic of America’s antebellum slavery debate applies entirely to the abortion debate of our time. Indeed, the two issues are closer than even most pro-lifers realize. Today’s Democrats view abortion just as antebellum Democrats viewed slavery. They think the constitutional rights of an entire class of people (women) depend for their vindication on the denial of all rights to another class of people (the unborn). This is precisely what southern Democrats believed about blacks and slavery, and why they were so adamantly against emancipation.

But the two issues are alike in another way as well: They both represent a grave danger to freedom itself and the survival of our republic. //

Abortion is more than that, though. It cuts right to the heart of our understanding of democracy and self-government — which, as Lincoln said, must have limits, or it becomes despotism. If one person can snuff out the life of another, and no third person is allowed to object, then in what sense do we have self-government? Democratic practice, after all, must be rooted in the principle of human equality. There are some things even a majority cannot justly decide to do, and to deny that is to open the way to tyranny. //

Trump, using the same flawed logic, thinks he can compromise with the pro-abortion power.

He’d be better off following Lincoln, who knew that America could not continue forever divided between slave states and free states, that we would “become all one thing or all the other.”

the 1906 Antiquities Act. The century-plus-old law allows the commander-in-chief to unilaterally place additional public lands under enhanced federal protections by executive order.

While a national park is a large swath of land protected by an act of Congress, land with a “national monument” designation protects a “specific natural, cultural or historic feature.” The 1906 law, however, requires that the area preserved must be “the smallest area compatible with the proper care and management of the objects to be protected.”

President Obama had a habit of violating the law’s mandates to establish quasi-national parks without congressional approval. President Biden is carrying on the tradition. //

Designating public lands under monument status strips the multiple-use mandate that allows residents to capitalize and more freely recreate on public property.

Garner Products, a data elimination firm, has a machine that it claims can process 500 hard drives (the HDD kind) per day in a way that leaves a drive separated into those useful components. And the DiskMantler does this by shaking the thing to death (video).

The DiskMantler, using "shock, harmonics, and vibration," vibrates most drives into pieces in between 8–90 seconds, depending on how much separation you want. Welded helium drives take about two minutes. The basic science for how this works came from Gerhard Junker, the perfectly named German scientist who fully explored the power of vibrations, or "shear loading perpendicular to the fastener axis," to loosen screws and other fasteners.

As Garner's chief global development officer, Michael Harstrick, told E-Scrap News, the device came about when a client needed a way to extract circuit boards from drives fastened with proprietary screw heads. Prying or other destruction would have been too disruptive and potentially damaging. After testing different power levels and durations, Garner arrived at a harmonic vibration device that can take apart pretty much any drive, even those with more welding than screws. "They still come apart," Harstrick told E-Scrap News. "It just takes a little bit."

Pretty much every day, SpaceX is either launching a rocket or rolling one out of the hangar to the launch pad. At this pace, SpaceX is redefining what is routine in the space industry, but the rapid-fire launch rate also means the company is continually breaking records, mostly its own.

Friday night's launch will break another one of those records. This first-stage booster, designated by the tail number B1062, has flown 19 times since its first flight in November 2020. The booster will now be the first in SpaceX's inventory to go for a 20th flight, breaking a tie with three other rockets as the company's fleet leader.

When SpaceX debuted the latest version of its Falcon 9 rocket, the Falcon 9 Block 5, officials said the reusable first stage could fly 10 times with minimal refurbishment and perhaps additional flights with a more extensive overhaul. Now, SpaceX is certifying Falcon 9 boosters for 40 flights.

This particular rocket has not undergone any extended maintenance or long-term grounding. It has flown an average of once every two months since debuting three-and-a-half years ago. So the 20-flight milestone SpaceX will achieve Friday night means this rocket has doubled its original design life and, at the same time, has reached the halfway point of its extended service life.

In its career, this booster has launched eight people and 530 spacecraft, mostly Starlinks. [260+ tons into orbit] //

Remarkably, this will be the sixth Falcon 9 launch in less than eight days, more flights than SpaceX's main US rival, United Launch Alliance, has launched in 17 months.

It will be the 38th Falcon 9 launch of the year and the 111th flight of a Falcon 9 or Falcon Heavy rocket—the 114th launch by SpaceX overall—in the last 365 days. More than a third of SpaceX's Falcon 9 or Falcon Heavy missions, a number that will stand at 332 after Friday night's flight, have launched in the past year.

A new energy bill passed by the Florida legislature, which DeSantis is certain to sign, bans offshore wind turbines and prioritizes reliable, affordable electricity over utopian renewable fantasies. According to experts at the Energy Research Institute, this bold move represents a reasoned pushback against the climate activist agenda that has destabilized power grids across America. //

Institute for Energy Research
@IERenergy
·
Follow
Texas and California produce more renewable energy than all other states, but they also lead the nation in power outages.
instituteforenergyresearch.org
https://t.co/2c8kn8dGX8
As Renewable Energy Increases in the Generation Mix, Power Outages Grow
3:10 PM · Mar 25, 2024

Design solar systems

the salt spray chamber pumps a 5% salt fog solution into its atmosphere for the duration of the test, which rapidly accelerates corrosion. //

• The salt spray environment is much more aggressive and concentrated than even a marine setting (the salt concentration of the ocean is roughly 3%).
• Salt spray tests for many common platings and coatings can last multiple days – with some tests lasting 500 hours or more before the parts begin to rust – while stainless steel parts can begin to exhibit signs of rust in as little as a few hours of exposure. Per ASTM A967 and A380, stainless parts are shown to be properly passivated if they resist corrosion in salt spray for just 2 hours.
• Stainless steel performs relatively poorly in salt spray because the constant exposure to a harsh environment rapidly erodes the passivation layer and prevents it from reforming. With the passivation layer inhibited, the base material is exposed and the part quickly begins to corrode.

The copper sulfate test is a visual method of determining the existence of free iron in specifically stainless steel. In many cases, the copper sulfate test is used as a pass/fail examination of a passivation process on a part or stock material, but it can also be used as a test to determine if passivation is necessary in the first place. //

http://everyspec.com/MIL-STD/MIL-STD-0700-0799/MIL_STD_753C_1117/

The method is specifically designed to work with stainless steel alloys with a minimum of 16% chromium as stated in the document.

The procedure is as follows:

1. Prepare test solution – Dissolve 8 grams of copper sulfate in 500 ml of distilled water in which 2 – 3 ml of sulfuric acid has been added.

This will take approximately 5 minutes and should be mixed completely before using. It is noted in the documentation that solutions older than 2 weeks shall not be used for the test. The dilution by weight of the test is 1.6% which is on the lower end of the copper sulfate solution dilution.

2. Swab the surface to be inspected with test solution – keep surface wet for a period of 6 minutes.

3. Carefully rinse and dry the surface such that no copper deposits are removed.

4. Copper deposits indicate the presence of metallic iron.

• Multiply the volume in cubic feet by 62.44 to obtain total pounds of water
• 2 ppm is 0.000002 for maintenance
• 4 ppm is 0.000004 for shock reduction

Therefore, to calculate the amount of Copper Sulfate Pentahydrate to treat 1 acre-foot of water (43,560 cu ft) with 2 ppm Copper Sulfate, the calculation would be:

 43,560 * 62.44 = 2,719,886.4 * 0.000002 = 5.44 lbs. Copper Sulfate

Waterscapes & Fountains:

Dissolve 1/4lb CuSO4 in one gallon of water for every 7500 gallons

Swimming Pools:

2lbs (4ppm) per 60,000 gals (8,000 cu ft) to reduce algae, 1lb (2ppm) for maintenance

If you have a secret police force threatening people, spying on them, and working secretly the levers of political power, then you don’t have a democracy. You have no control over really anything as a voter. //

If you have the power to spy on someone and then to leak the information that you gather or manipulated and then leak it in order to control that person, that’s a major power. In fact, that’s a bigger power than any voter in this country has. And so he’s acting on their behalf when he lies to you. And so it shouldn’t surprise you that they want to keep that power.