Re: Off topic security updates and XP
Risks-Forum Digest Saturday 13 May 2017 Volume 30 : Issue 29 Date: Fri, 12 May 2017 16:27:31 -0700 From: Lauren Weinstein Subject: Today's Massive Ransomware Attack Was Mostly Preventable -- Here's How To Avoid It (Gizmodo) NNSquad http://gizmodo.com/today-s-massive-ransomware-attack-was-mostly-preventabl-1795179984 Here's what happened: Unknown attackers deployed a virus targeting Microsoft servers running the file sharing protocol Server Message Block (SMB). Only servers that weren't updated after March 14 with the MS17-010 patch were affected; this patch resolved an exploit known as ExternalBlue, once a closely guarded secret of the National Security Agent, which was leaked last month by ShadowBrokers, a hacker group that first revealed itself last summer. The ransomware, aptly named WannaCry, did not spread because of people clicking on bad links. The only way to prevent this attack was to have already installed the update. CJB On 14/05/2017, Dave Widgerywrote: > Hi a bit off topic but in view of the recent malware attack and some > of us still using windows XP I thought I would share this tip if > anyone was not previously aware. > > An addition of a registry key that enables a continuation of security > updates on XP see pcworld article below. I did this a year or so ago > and regularly receive updates. > > But if you haven't already done this I would ensure that you have a > good backup as you are likely to receive a large number of updates > with the potential of causing a few problems depending on your system > configuration, I also haven't checked if there is a security update > for this particular malware, so I would also recommend a good > antivirus. > > > Dave > > http://www.pcworld.com/article/2310301/windows-xp-registry-hack-keeps-the-security-updates-rolling.html > > > > href="https://www.avast.com/sig-email?utm_medium=email_source=link_campaign=sig-email_content=webmail; > target="_blank"> src="https://ipmcdn.avast.com/images/icons/icon-envelope-tick-round-orange-animated-no-repeat-v1.gif; > alt="" width="46" height="29" style="width: 46px; height: 29px;" > /> > Virus-free. href="https://www.avast.com/sig-email?utm_medium=email_source=link_campaign=sig-email_content=webmail; > target="_blank" style="color: #4453ea;">www.avast.com > > > height="1"> > > ___ > get_iplayer mailing list > get_iplayer@lists.infradead.org > http://lists.infradead.org/mailman/listinfo/get_iplayer > ___ get_iplayer mailing list get_iplayer@lists.infradead.org http://lists.infradead.org/mailman/listinfo/get_iplayer
Re: Off topic security updates and XP
Yes, it's off-topic so I shouldn't reply, but as the (3 year old) link has been posted, just a note from that article that: “The security updates that could be installed are intended for Windows Embedded and Windows Server 2003 customers and *do not fully protect Windows XP customers*,” the company said in a statement to ZDNet. “Windows XP customers also run a significant risk of functionality issues with their machines if they install these updates". Not going to engage in OT debate, but as I'm here now... I'd be looking for some pretty high level sackings from whichever company provides IT to the NHS. ANY IT manager who insists on using a 16 year old operating system which has been on a worldwide "DO NOT USE" list for 2 years is not fit to sweep the floor in the server room as far as I am concerned! XP is fun for home hobby use maybe, but absolutely lethal for anything business or security critical. People were warned for years an attack like this would hit XP - now it has, they have no excuse! Any IT director who allows an XP machine with ANY kind of personal data connected to the internet might as well leave the front door unlocked, shout their pin number from the rooftops and hand out copies of their email and address book! Except, it won't even be their own data - it'll be customers or patient data. And don't tell me "but no data was stolen" - if they can get malware in, they can get data out. Running XP is a bit like not wearing a seat belt because you're "going to drive carefully" and then being surprised when the fire service are scraping you off the dashboard. "But it never happened before - sure, they warned me, but I thought it would be fine". (Sorry, rant over - don't reply, you won't change my mind on this. Mind you, people who run obsolete OS or turn off Windows updates provide an excellent and reliable source of income for both Russian hacking gangs AND computer repair people ;) ) On 14 May 2017 at 15:33, Dave Widgerywrote: > Hi a bit off topic but in view of the recent malware attack and some > of us still using windows XP I thought I would share this tip if > anyone was not previously aware. > > An addition of a registry key that enables a continuation of security > updates on XP see pcworld article below. I did this a year or so ago > and regularly receive updates. > > But if you haven't already done this I would ensure that you have a > good backup as you are likely to receive a large number of updates > with the potential of causing a few problems depending on your system > configuration, I also haven't checked if there is a security update > for this particular malware, so I would also recommend a good > antivirus. > > > Dave > > http://www.pcworld.com/article/2310301/windows-xp-registry-hack-keeps-the-security-updates-rolling.html > > > > href="https://www.avast.com/sig-email?utm_medium=email_source=link_campaign=sig-email_content=webmail; > target="_blank"> src="https://ipmcdn.avast.com/images/icons/icon-envelope-tick-round-orange-animated-no-repeat-v1.gif; > alt="" width="46" height="29" style="width: 46px; height: 29px;" > /> > Virus-free. href="https://www.avast.com/sig-email?utm_medium=email_source=link_campaign=sig-email_content=webmail; > target="_blank" style="color: #4453ea;">www.avast.com > > > height="1"> > > ___ > get_iplayer mailing list > get_iplayer@lists.infradead.org > http://lists.infradead.org/mailman/listinfo/get_iplayer ___ get_iplayer mailing list get_iplayer@lists.infradead.org http://lists.infradead.org/mailman/listinfo/get_iplayer
Re: Off topic security updates and XP
On 14 May 2017, Dave Widgery wrote: > I also haven't checked if there is a security update for this > particular malware There is: https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/ -- Mark ___ get_iplayer mailing list get_iplayer@lists.infradead.org http://lists.infradead.org/mailman/listinfo/get_iplayer
Off topic security updates and XP
Hi a bit off topic but in view of the recent malware attack and some of us still using windows XP I thought I would share this tip if anyone was not previously aware. An addition of a registry key that enables a continuation of security updates on XP see pcworld article below. I did this a year or so ago and regularly receive updates. But if you haven't already done this I would ensure that you have a good backup as you are likely to receive a large number of updates with the potential of causing a few problems depending on your system configuration, I also haven't checked if there is a security update for this particular malware, so I would also recommend a good antivirus. Dave http://www.pcworld.com/article/2310301/windows-xp-registry-hack-keeps-the-security-updates-rolling.html https://www.avast.com/sig-email?utm_medium=email_source=link_campaign=sig-email_content=webmail; target="_blank">https://ipmcdn.avast.com/images/icons/icon-envelope-tick-round-orange-animated-no-repeat-v1.gif; alt="" width="46" height="29" style="width: 46px; height: 29px;" /> Virus-free. https://www.avast.com/sig-email?utm_medium=email_source=link_campaign=sig-email_content=webmail; target="_blank" style="color: #4453ea;">www.avast.com ___ get_iplayer mailing list get_iplayer@lists.infradead.org http://lists.infradead.org/mailman/listinfo/get_iplayer
Re: Legacy Low-Res tvmodes removed
Yes, I reported a week or so ago that low-res modes were no longer available as HLS for the majority of programmes. Fortunately, they are still available with the "hvfx" modes. I download everything with "hvfxhigh", which produces a file similar in size to that of the "hlsstd" mode which has now mostly disappeared. Chris -Original Message- From: Vangelis forthnet Sent: Saturday, May 13, 2017 9:09 PM To: get_iplayer@lists.infradead.org Subject: Legacy Low-Res tvmodes removed "--info"-ing yesterday's --pid=b08qlg9p perl get_iplayer-301.pl --type=tv --pid=b08qlg9p -i | findstr hls one can see that only hlshd1,hlshd2,hlsvhigh1,hlsvhigh2 are now offered from the group of the legacy (non Video Factory, aka hvf*) AppleHLS tvmodes. Actually, both "1" variants are identical to their "2" counterparts and served from Akamai CDN, they only differ in the protocol used (1=HTTPS, 2= HTTP). So that leaves us with only 2 quality variants from the legacy AppleHLS streams: hlshd => 1280x720p @25FPS hlsvhigh => 832x468p @25FPS If you're still (or can use) previous versions of GiP that come with RTMP stream support, you'll find the same to be true for the (legacy) flash tvmodes. To re-enable detection of flash modes you'll have to apply the patch I posted in the second part of http://lists.infradead.org/pipermail/get_iplayer/2017-May/010720.html In GiP 2.99 (last version with flash support), perl get_iplayer-299.pl --type=tv --pid=b08qlg9p -i will reveal that now only flashhd1,flashvhigh1,flashvhigh2 modes are offered. flashhd => 1280x720p @25FPS flashvhigh => 832x468p @25FPS (1= Akamai CDN, 2= Limelight CDN). If it's anything to go by (obviously I haven't tested many PIDs), this displays a trend... V. ___ get_iplayer mailing list get_iplayer@lists.infradead.org http://lists.infradead.org/mailman/listinfo/get_iplayer ___ get_iplayer mailing list get_iplayer@lists.infradead.org http://lists.infradead.org/mailman/listinfo/get_iplayer
Re: Cache no-refresh and regexes
Hi Howard, > I use --refreshexclude .* on the command line to suppress automatic > cache refreshes. It works very well. This still has get_iplayer go through the motions of refreshing the cache, it's just there are never any channels to update when it gets to the `for every channel...' point. And Unix users should quote the `.*' as otherwise it will first be expanded by the shell to directory entries starting with a dot, e.g. `.' and `..'. --refreshexclude '.*' `.*' when seen by get_iplayer is a regexp for any character, the dot, zero or more times, the star. `.*' when seen by the shell is a glob for a literal dot followed by zero or more of anything. -- Cheers, Ralph. https://plus.google.com/+RalphCorderoy ___ get_iplayer mailing list get_iplayer@lists.infradead.org http://lists.infradead.org/mailman/listinfo/get_iplayer
Re: Cache no-refresh and regexes
On 14 May 2017, Howard Orgel wrote: > On Fri, 12 May 2017 22:22:13 +0100, Mark Carroll wrote: > >> Is there an antonym for --refresh? I wonder what's the cleanest way to >> tell get_iplayer not to refresh the cache. I thought about trying to >> exclude everything but the manpage doesn't seem to say what /kind/ of >> regex is supported -- maybe it takes Perl-style regexes? I feel like I >> am probably missing the obvious. > > Yep! An antonym for --refresh is --refresh-exclude=, but you > know this? I use --refreshexclude .* on the command line to suppress > automatic cache refreshes. It works very well. (snip) Ha, thank you! Yes, it was being minded to try this kind of thing that had me wondering what /kind/ of regex is supported. Also, though, "no refresh" seems like such an simple and useful option that I wondered if I were simply missing the obvious direct way to say it. (-: -- Mark ___ get_iplayer mailing list get_iplayer@lists.infradead.org http://lists.infradead.org/mailman/listinfo/get_iplayer