Categories
Windows

Have GWX showed up on your PCs yet?

同一記事の日本語版
Update information      Edit(Jun.11)

   Hey guys! Have GWX (Get Windows 10) showed up on your PCs yet? I have a Windows 8.1 Pro PC and two Windows 7 HP PCs. On Win8 I already had GWX. But I have nothing on Win7 PCs.

   Anyway, all I need is to wait July 29. And of course, “To upgrade or not to upgrade, that is the question.” (^_^;)

Edit(Jun.11):
   Yesterday, GWX showed up one of the Win7 PCs after Windows Update, that is a Let’snote ― a Panasonic product and a kind of Toughbook ― as my mobile PC. CF-J10TYAHR.

Categories
Vulnerability

Although belated, about Logjam.

同一記事の日本語版
Update information      Edit   Edit2(Jul.7)   Edit3(Sep.2)

   Yesterday, I came home around 8 pm and saw the first fireflies of this year in my garden. Wow!

Server Test1   By the way, I read the article “TLSに脆弱性「Logjam」 – 国家レベルなら1024ビットまで盗聴可能” on May 21. Then I went to Guide to Deploying Diffie-Hellman for TLS and did Server Test. I got the result like the right image. Before the test, despite I didn’t do anything else more than I had done until 2014.Oct.28 (= A self-sighed certificate with SANs and SHA256 by OpenSSL).

   And that night, I had a comment from くりくりさん on my Japanese blog. He let me know about Logjam. I wrote back him that I tried writing about Logjam and I’m writing it now, ha-ha.

   When I tested my server at the first time, the server supported the following Cipher Suites.

  • ECDHE-RSA-AES256-GCM-SHA384
  • ECDHE-RSA-AES128-GCM-SHA256
  • ECDHE-RSA-AES256-CBC-SHA384
  • ECDHE-RSA-AES128-CBC-SHA256
  • ECDHE-RSA-AES256-CBC-SHA
  • ECDHE-RSA-AES128-CBC-SHA
  • DHE-RSA-AES256-GCM-SHA384
  • DHE-RSA-AES256-CBC-SHA256
  • DHE-RSA-AES256-CBC-SHA
  • DHE-RSA-CAMELLIA256-CBC-SHA
  • DHE-RSA-AES128-GCM-SHA256
  • DHE-RSA-AES128-CBC-SHA256
  • DHE-RSA-AES128-CBC-SHA
  • DHE-RSA-SEED-CBC-SHA
  • DHE-RSA-CAMELLIA128-CBC-SHA

   But actually I don’t need most of them. Because the user of my SSL server is only me and I usually use the latest version Web Browsers as I always say. I only use ECDHE-RSA-AES128-GCM-SHA256 suite at my access. So I changed SSLCipherSuite directive on my ssl.conf like this.
SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256
   This configuration is not useful for other servers. If you want to know a realistic configuration, see Guide to Deploying Diffie-Hellman for TLS. If your server is in newer versions of Apache (2.4.8 and newer) and OpenSSL 1.0.2 or later, you can directly specify your DH params file. But even if your server isn’t, you can use SSLCipherSuite and SSLProtocol instead of SSLOpenSSLConfCmd and can make your server safe from Logjam attack.

Sever Test2   Actually, ApacheLounge version HTTPD is still built with OpenSSL 1.0.1 branch. So I could not use SSLOpenSSLConfCmd directive. But after changing my SSLCipherSuite, I got the result like right image.

Another Test   Another Logjam Attack Checker gave me the right result.

   In addition, when using Apache 2.4 with OpenSSL 1.0.1 and later, SSLProtocol all means +SSLv3 +TLSv1 +TLSv1.1 +TLSv1.2. When using Apache 2.4.7 or later, aNULL, eNULL and EXP ciphers are always disabled.

Edit:
   According to the The Logjam Attack page, Google Chrome (including Android Browser), Mozilla Firefox, Microsoft Internet Explorer, and Apple Safari are all deploying fixes for the Logjam attack. But still now (9:45 am JST), I have Warning! Your web browser is vulnerable to Logjam and can be tricked into using weak encryption. You should update your browser when I access the page by FireFox 38.0.1, Google Chrome 43.0.2357.65 or SeaMonkey 2.33.1. Only Internet Explorer 11.0.19 gives Good News! Your browser is safe against the Logjam attack.
Note) I don’t check this with other browsers and versions.

Edit2(Jul.7):
   Yesterday, FireFox 39.0 came. Now I have Good News! Your browser is safe against the Logjam attack by it.

Edit3(Sep.2):
   I’ve not checked it for a while. Today, Google Chrome ver. 45.0.2454.85 has come, so I check just now. The site gives Good News! Your browser is safe against the Logjam attack. When was Chrome deploying fixes for it? I have no idea!!

Edit(Sep.5):
   Now 1:00a.m. SeaMonkey’s new version 2.35 has come after long interval. And, I’ve finally had Good News! Your browser is safe against the Logjam attack by it.

Categories
Uncategorized

Memorandum #11.

同一記事の日本語版
Update information      Edit(2016.Jun.1)

   I’ve updated some server software on my Web server (The server OS is Win7 HP SP1 x86).

  • MariaDB 10.0.17 —->> MariaDB 10.0.19 (Changelog)
  • PHP 5.6.8 —->> PHP 5.6.9 (Changelog)
  • phpMyAdmin 4.4.6 —->> phpMyAdmin 4.4.7 (Changelog)
  • sc_serv2_win32_09_09_2014.exe —->> sc_serv2_win32-latest.exe (Ver. 2.4.7)
    shoutcast-dsp-2-3-4-windows.exe —->> shoutcast-dsp-2-3-5-windows.exe
    Note) To download the files you need a valid email address. Even if you want free version of SHOUTcast DNAS software, to download the files from the official site you need a personal data registration now, like this. (2016.Jun.1)
Categories
WordPress

Grrr, I forgot to write A dot on the .htaccess file.

同一記事の日本語版

   In my town, we will have a firefly season around the next two or three weeks again. So I checked my blog when I wrote about fireflies last year and found I wasn’t able to see the video on the article. What happened?

   I changed the tags in the article from <object> to <video> and I became to see the video. But after that I found more problems. All flv video files on my blog weren’t loaded. Why?

   I suspect BPS of the flv file problem, he-he. On the .htaccess file, as expected, I found I forgot to write A dot. At the line I need flvplayer.swf, but I wrote flvplayerswf. Oof!

   Now all flv video files on my blog are loaded. Ha-ha.

Categories
everyday life

All of them are Tsutsuji (ツツジ).

同一記事の日本語版

   Now we have an armful of Spring in my town ha-ha. I took pictures of the flowers all of which are Tsutsuji (ツツジ) and some of them are already dead, but please laugh and forgive them for me (~_^). I saw them around my neighborhood. I’ll show you them though my photo skill isn’t so good. How about them?

  • CIMG4860
  • CIMG4861
  • CIMG4862
  • CIMG4863
  • CIMG4864
  • CIMG4865
  • CIMG4866
  • CIMG4867
  • CIMG4868
  • CIMG4869
  • CIMG4870
  • CIMG4871
  • CIMG4873
  • CIMG4874
  • CIMG4879
  • CIMG4880
  • CIMG4882
  • CIMG4883
  • CIMG4884
  • CIMG4885
  • CIMG4886
  • CIMG4887
  • CIMG4888
  • CIMG4889
  • CIMG4890
  • CIMG4891
  • CIMG4892
Categories
WordPress

About utf8mb4 on WordPress.

同一記事の日本語版

   Yesterday, WordPress 4.2 came. I updated to it from the WordPress Updates page. After it, I need Upgrade Network because my WordPress is a multisite type. But I use a self-signed certificate, so I must to add my CA cert data to wp-includes/certificates/ca-bundle.crt before Upgrade Network. I also need to add the following lines to wp-includes/class-http.php because I use client authentication.

  • curl_setopt( $handle, CURLOPT_SSLCERT, 'the exact path of clientcert.pem' );
    curl_setopt( $handle, CURLOPT_SSLKEY, 'the exact path of clientkey.pem' );

   See The solution of “SSL3_READ_BYTES:sslv3 alert handshake failure” on WordPress.

   By the way, according to WordPress 4.2, WordPress supports utf8mb4 now. So you can use following 4-byte kanjis on your WordPress articles though I couldn’t use them when I checked it on 2013‎.5‎.22‎. emoji are also available in WordPress! Wow! These kanjis are included by level 3 and 4 in JIS X 0213.
𠀋 𡈽 𡌛 𡑮 𡢽 𠮟 𡚴 𡸴 𣇄 𣗄 𣜿 𣝣 𣳾 𤟱 𥒎 𥔎 𥝱 𥧄 𥶡 𦫿 𦹀 𧃴 𧚄 𨉷 𨏍 𪆐 𠂉 𠂢 𠂤 𠆢 𠈓 𠌫 𠎁 𠍱 𠏹 𠑊 𠔉 𠗖 𠘨 𠝏 𠠇 𠠺 𠢹 𠥼 𠦝 𠫓 𠬝 𠵅 𠷡 𠺕 𠹭 𠹤 𠽟 𡈁 𡉕 𡉻 𡉴 𡋤 𡋗 𡋽 𡌶 𡍄 𡏄 𡑭 𡗗 𦰩 𡙇 𡜆 𡝂 𡧃 𡱖 𡴭 𡵅 𡵸 𡵢 𡶡 𡶜 𡶒 𡶷 𡷠 𡸳 𡼞 𡽶 𡿺 𢅻 𢌞 𢎭 𢛳 𢡛 𢢫 𢦏 𢪸 𢭏 𢭐 𢭆 𢰝 𢮦 𢰤 𢷡 𣇃 𣇵 𣆶 𣍲 𣏓 𣏒 𣏐 𣏤 𣏕 𣏚 𣏟 𣑊 𣑑 𣑋 𣑥 𣓤 𣕚 𣖔 𣘹 𣙇 𣘸 𣘺 𣜜 𣜌 𣝤 𣟿 𣟧 𣠤 𣠽 𣪘 𣱿 𣴀 𣵀 𣷺 𣷹 𣷓 𣽾 𤂖 𤄃 𤇆 𤇾 𤎼 𤘩 𤚥 𤢖 𤩍 𤭖 𤭯 𤰖 𤴔 𤸎 𤸷 𤹪 𤺋 𥁊 𥁕 𥄢 𥆩 𥇥 𥇍 𥈞 𥉌 𥐮 𥓙 𥖧 𥞩 𥞴 𥧔 𥫤 𥫣 𥫱 𥮲 𥱋 𥱤 𥸮 𥹖 𥹥 𥹢 𥻘 𥻂 𥻨 𥼣 𥽜 𥿠 𥿔 𦀌 𥿻 𦀗 𦁠 𦃭 𦉰 𦊆 𦍌 𣴎 𦐂 𦙾 𦚰 𦜝 𦣝 𦣪 𦥑 𦥯 𦧝 𦨞 𦩘 𦪌 𦪷 𦱳 𦳝 𦹥 𦾔 𦿸 𦿶 𦿷 𧄍 𧄹 𧏛 𧏚 𧏾 𧐐 𧑉 𧘕 𧘔 𧘱 𧚓 𧜎 𧜣 𧝒 𧦅 𧪄 𧮳 𧮾 𧯇 𧲸 𧶠 𧸐 𧾷 𨂊 𨂻 𨊂 𨋳 𨐌 𨑕 𨕫 𨗈 𨗉 𨛗 𨛺 𨥉 𨥆 𨥫 𨦇 𨦈 𨦺 𨦻 𨨞 𨨩 𨩱 𨩃 𨪙 𨫍 𨫤 𨫝 𨯁 𨯯 𨴐 𨵱 𨷻 𨸟 𨸶 𨺉 𨻫 𨼲 𨿸 𩊠 𩊱 𩒐 𩗏 𩙿 𩛰 𩜙 𩝐 𩣆 𩩲 𩷛 𩸽 𩸕 𩺊 𩹉 𩻄 𩻩 𩻛 𩿎 𪀯 𪀚 𪃹 𪂂 𢈘 𪎌 𪐷 𪗱 𪘂 𪘚 𪚲

   So I can write 「私,𩸽の開きを焼いたのが大好きなのよ」 on WordPress now, ha-ha. I almost forgot to write. Of course, your SQL Server needs utf8mb4 support.

Categories
Uncategorized

Memorandum #10.

同一記事の日本語版

   I’ve updated some server software on my Web server (The server OS is Win7 HP SP1 x86).

  • MariaDB 10.0.16 —->> MariaDB 10.0.17 (Changelog)
  • PHP 5.6.7 —->> PHP 5.6.8 (Changelog)
    Note) They created new directory lib under <php_root>. This is related to the bug #65406.
  • phpMyAdmin 4.3.10 —->> phpMyAdmin 4.4.3 (Changelog)
    Note) They deleted the following lines from the new config.sample.inc.php.

    • * default display direction (horizontal|vertical|horizontalflipped)
      */
      //$cfg[‘DefaultDisplay’] = ‘vertical’;
      /**
  • ActivePerl 5.20.1.2000 —->> ActivePerl 5.20.2.2001
  • WordPress 4.1.1 —->> WordPress 4.1.2
    Note) This was updated automatically.
Categories
translation

Qualified Contributor on viki.com…hmm.

同一記事の日本語版

   Since the beginning of this year my real life style has very changed. I have a greater opportunity to go out due to some reasons. My time is into small pieces, nevertheless, each time I am waiting long. So I began to watch dramas on Web for kill-time. In the meantime, I got sucked into a Korean drama by someone introduction, which is ‘God’s quiz (신의 퀴즈)’. The program has four seasons. First I watched Season 4 with Japanese subtitles. And then, I wanted to watch other seasons. I found all of them on Web he-he, but they don’t have Japanese subtitles. If I want English subtitles, I can find them on Subscene or other, but Japanese ones are not much. I can understand TV dramas with English subtitles or Chinese subtitles. Actually with Chinese subtitles maybe 70% understanding, ha-ha. But off course with Japanese subtitles is the best for me.

   When you search for free Japanese subtitles, you can find out there are not a lot of them on the Net. And even if you find them out, most of their quality is not good. But I found some good subtitles about very new Korean drama. The drama was ‘Kill Me, Heal Me (킬미힐미)’. I heard the subtitles came from Viki. The page about ‘Kill Me, Heal Me (킬미힐미)’ on Viki is this.

   I went to Viki and found out ‘God’s quiz (신의 퀴즈)’ series page ( s1 s2 s3 s4 ). But on Viki I found again only Season 4 had Japanese subtitles, besides I could not reach the contents I wanted to watch because of my region. Grrrr.

   When you cannot watch contents due to your region, Viki gives you the message ‘Sorry, this content is not available in your region. Add to Favorites to get notified once this content is available. Learn how you can watch this show!’.

   I clicked the message link and read the page (Viki U: Learn How to Subtitle!) carefully. Then I understood that I would have Global video viewing if I become a Qualified Contributor (QC) on Viki. Wow!!

   Then my interest was taken by from finding Japanese subtitles to becoming QC on Viki (^_^;). For becoming a QC I need one of the followings.

  1. Subtitle at least 3,000 sentences or complete 2,000 segments.
  2. Be nominated by a Channel Manager or Moderator.
  3. Act as a role model to new community members; advocate Viki Community Guidelines.

   For me, the easiest of these three is 1. So I decided to create Japanese subtitles for ‘God’s quiz (신의 퀴즈)’ series by myself (^_^;) x2.

   On Viki, you can make subtitles for videos easily by using Subtitle Editor. But, there is still the region problem. Because of that, I could not use Subtitle Editor at that time, either.
   For a solution of this, I have to change my address to a region where I can watch the video. Just kidding. This is just not realistic, ha-ha.
   Another solution of this is IP address impersonation. For this we have a few methods and I used one of free VPN sevices, FlyVPN. This free trial version has some limitation, but for IP address limitation I could avoid. Because my mobile router IP address is changed per my access.

   Finally I could use the Subtitle Editor, and kept to create Japanese subtitles. On March 30, the number of subtitles reached more than 3000, so I filled out and submitted Qualified Contributor (QC) Application Form.

   On April 14, I had an email that they gave me QC status. Wow!

   By the way, on Viki I can’t find a lot of Japanese subtitles and they don’t have all good quality. But I can, at least, watch Global videos in almost real time \(^o^)/.

   Until now, I finished making Japanese subtitles about Ep.1-Ep.5 of God’s quiz Season 2. Actually, I want to translate God’s quiz Season 1, but I still have the region problem for it in spite of the QC status. Why does this happen? *sigh*

Categories
everyday life

Today’s bird – 3 photos & a video of Hakusekirei.

同一記事の日本語版

   It’s very windy today. Besides, raining but spring rain, indeed. It’s warm.

   I took pictures of Hakusekirei (M. a. lugens). They are very active in spite of rain and wind. Cute!!

Hakusekirei#1 Hakusekirei#2 Hakusekirei#3 Hakusekirei#4
Categories
Windows

Updating to PHP5.6.7.

同一記事の日本語版
Update information      Edit(Apr.14)

   They released PHP5.6.7 Windows version on Mar-19 23:50:34UTC. It fixes several bugs as well as CVE-2015-0231 (bug #68976), CVE-2015-2305 (bug #69248) and CVE-2015-2331 (bug #69253). The previous version (PHP5.6.5) has a bug fix for CVE-2015-0231, so this bug fix is second time. I wonder if some unfixed issues still remain for this vulnerability. Anyway I updated my PHP from 5.6.6 to 5.6.7 on my Web server (Windows7HP+SP1(x86)).

   By the way, the new version includes some fixes for OPcache. But I have no new report on the page Bug #67937. So, nothing might change about it, but I enabled OPcache on my server again (Mar-29@6:55JST). What results will I have? I feel nervous about it.

   If you need more information for the configuration, see the post “Migrating from PHP 5.5.16 to PHP 5.6.0 on Windows”.

Edit(Apr.14):
   The OPcache on my Windows server has worked well for more than two weeks. I don’t know why. But I am happy!!