Another Linux lie: we have a shell

Another Linux lie: we have a shell

Truth is, you kind of do, to a degree. Or genius is as genius does, always as a degenerate.

# cd /
/# cd ~
~# pwd
/root
~# cd /
/# ls /root
'a b'
/# cd "~/a b"
-bash: cd: ~/a b: No such file or directory

Huh? You are unwilling to resolve the home directory tilde short-hand when it is wrapped in double quotes? How else are we supposed to use directories with spaces under the home directory then? Ah, this thought has never occurred to you, terminally genius ivory tower dwellers? How typical of you!

Posted by: LinuxLies at 11:21 AM | No Comments | Add Comment
Post contains 113 words, total size 1 kb.

Dear hCaptcha, we do not have time for you shit

Dear hCaptcha, we do not have time for you shit

Fear backlash, dudes. When I, a human, check off every fucking fire hydrant and bicycle on your pop-up, you have to let me in, not bounce me off to more of the same, and yet again. Cease and desist. We come to login pages, to do work, not to entertain your AI cravings. When enough of us are pissed off by not being able to log in, we will find a way to deal with you.

Their head office is situated at 1 Bluxome St, San Francisco, CA 94107, and their phone numbers are not disclosed unless you pay $46 ransom to Crunchbase, so here is their parent company's info: Intuition Machines Information ; Address, 350 Alabama St 10, San Francisco, California 94110, US ; Phone, (781) 771-6931. If enough of us voice our displeasure with the bullying by hCaptcha, then they will have to listen and act.

Posted by: LinuxLies at 12:28 PM | No Comments | Add Comment
Post contains 168 words, total size 1 kb.

Sendmail: dumb as fuck

Sendmail: dumb as fuck

Why are we still using this 50 year old POS that hasn't changed? It fails because it does not want to obey the admin's clear and direct order to send an email to a given address. Instead it prepends that address with the currently logged in user name!!!

WTF is going on? I am instructing you to send to name@domain.suffix, but you add myusername@ in front of it!!! Huh? What are you thinking?

Well, you are clearly a cowardly and sneaky piece of software, so once this crap fails you also try to send to myusername@domain.suffix but of course you also fail. What a circus!

Posted by: LinuxLies at 05:53 PM | No Comments | Add Comment
Post contains 113 words, total size 1 kb.

White screen of death is the new answer 42: throw it and go play golf

White screen of death is the new answer 42: throw it and go play golf

Was contracted to migrate Zen Cart store from Windows to Linux. Piece of cake said I and quoted one day of work. Boy was I wrong!

So to run on modern PHP 8.2, Zen Cart has to be version 1.5.7 or higher but we did not know that. They were on 1.5.5 and have to agree to additional hours to upgrade. I went 1 minor release at a time, skipping their countless alphas and betas. At 2.0.0 the client told me to stop and do the migration. And it worked on Windows but broke on Linux. After a while we figured out that the client had old payment and shipping modules that simply had to be deleted, but by that time the client decided that they want to go only to 1.5.7, just far enough for the store to still be fast, and I do not blame them: 2.0.0 was horribly slower, like 10x.

Once we moved the 1.5.7 to the new Linux box, it stopped working, throwing the proverbial white screen of death. The client sighed but agreed to an investigation, which is another $500.

So I went through the PHP files that the admin UI loads and found that on line 97 of /admin/includes/header.php it tries to dial home for the current version:

$versionServer = new VersionServer();
$newinfo = $versionServer->getProjectVersion();

There it dies and bails out silently. The object VersionServer contains the endpoints that it wants to reach out to:

VersionServer Object
(
    [projectVersionServer:protected] => https://ping.zen-cart.com/zcversioncheck
    [pluginVersionServer:protected] => https://ping.zen-cart.com/plugincheck
)

So you, inconsiderate, arrogant SOBs, will leave your user stranded, without a clue as to what the fuck is going on, simply because you do not even fathom a possibility that your POS FOSS is running behind a secure firewall. How typical of the enlightened, terminally genius ivory-tower-dwelling FOSS "community" with their anything goes, fuck all attitude! This investigation costs this small business $500 simply because you twits are incapable of thinking of ways of informing the user of what you intend to do.

Plot thickens! My client no longer uses some payment method, so I was instructed to delete it from the site. I did, and they can no longer edit orders placed with that payment method. Why in the hell do you prevent the order details from displaying on screen if the payment module is no longer there? Just don't display the parts that you get from the module but display the rest, for crying out loud! But no, they create another WSOD. Genius is as genius does: always as a degenerate.

Posted by: LinuxLies at 01:55 PM | No Comments | Add Comment
Post contains 454 words, total size 3 kb.

How do you sign an unsigned assembly, in 2025

How do you sign an unsigned assembly, in 2025

Developers who put their creations on Nuget but do not sign them deserve shaming and lots of. Dudes, it is effortless but saves your users from a lot of headaches. Just do it! Google how and do it! If you don't then here is how anyone can fix their shit for them. Create a CMD file:

"C:\Program Files (x86)\Microsoft SDKs\Windows\v10.0A\bin\NETFX 4.8 Tools\x64\ildasm.exe" /all /typelist /out=%1.il %1.dll /nobar
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ilasm.exe /dll /key=%2.snk %1.il

Its command-line arguments will be the name (without extension) of the original DLL and the name (without extension) of your own SNK file that you will be signing the DLL with.

Example: resign.cmd MyAssembly MyKey

Your next question will be how do you obtain an SNK key if all of your projects are signed with a PFX? Good question! You will have to convert it, keeping the private key in. Microsoft is hell bent on making trouble and causing damage, so sn.exe is unwilling to assist. Programming to the rescue! Create a new command-line project and paste this code into the main method of Program.cs:

var pfxData = File.ReadAllBytes(args[0]);
string password;
if (args.Length > 1)
{
    password = args[1];
}
else
{
    Console.Write("Password: ");
    password = Console.ReadLine();
}

var cert = new X509Certificate2(pfxData, password, X509KeyStorageFlags.Exportable);
var privateKey = (RSACryptoServiceProvider)cert.PrivateKey;

if (args.Length > 2 && (Directory.Exists(args[2]) || Directory.Exists(Path.GetDirectoryName(args[2]))))
{
    File.WriteAllBytes(args[2], privateKey.ExportCspBlob(true));
}
else
{
    File.WriteAllBytes(Path.ChangeExtension(args[0], "snk"), privateKey.ExportCspBlob(true));
}

No fancy async/await shit that you do not need. Build and run it with the PFX file name as the only command-line argument. The output will be the SNK file. Enjoy, and screw the bastards.

Posted by: LinuxLies at 06:36 PM | No Comments | Add Comment
Post contains 281 words, total size 2 kb.

What the hell is wrong with XMPP?

What the hell is wrong with XMPP?

As always, this shit is touted as the next best thing by the terminally genius ivory tower dwellers who populate FOSS projects, but what it really is is a piece of stinking crap.

For 25 years now, none, I repeat, none of the servers or clients, be it the hugely overrated OpenFire or modest Jabberd and its clones, on the server side, or Jitsi, Pidgin, Gajim, Dino, Conversation, ConverseJS, yada, yada, yada, are able to do anything more than to send plain-text messages.

For 25 fucking years their enormously arrogant teams berate users for not being able to make sense of their monstrosities, other than in the ideal environment which means widely open to all hackers of the world, ideally from a CDN or when using their own server, they only mimic the success of the 35 now year old ICQ, and this is the best they can do.

Lots of lies are being circulated about XMPP: that it can offer rich content such as voice, video, or desktop sharing. No, it can't. It can't even reliably send an encrypted message, whether with OTR or OMEMO. It can't even reliably send a file. It can't even reliably send a screenshot.

Its commercial competition be it Skype, Teams, Telegram, Zoom, Watsapp or whatever have zero problems doing all of the above, but the terminally genius FOSS community is stuck on stupid: barks at users and puffs its cheeks.

Dare to tell them that their stuff does not work, and bear consequences: berating, shaming, abusive behavior, cancellation.

Dudes! You demand respect. Respect can be only earned. It cannot be forced. Yes, we do not respect you because you claim lots but deliver zilch. All you can do with this is learn a lesson and deliver. Until then you are nobody but anonymous Internet failures.

Posted by: LinuxLies at 11:19 AM | No Comments | Add Comment
Post contains 316 words, total size 2 kb.

Is this racket or genius is as genius does?

Is this racket or genius is as genius does?

Enter Let's Encrypt free TLS certificate service. They publicize their user's certs online. What can possibly go wrong?

Well, by having a central repository of all certs that they issue, they create a shopping list for hackers. I have evidence that this is exactly how it is being used because as soon as I expanded my cert to cover a service endpoint that had previously used a self-signed cert, that endpoint immediately got hit by hackers from all over the world. I can see in the logs that whereas previously only an odd corporate port scanner used to hit it, now it is being hit by everyone and his sister. The only change between before and after was the act of my having expanded the cert.

So, they are either doing this for the purpose of racketeering, in order to force us to buy DigiCert or GlobalSign, or they intentionally create a vector of attack on our infrastructures. You choose the option that you like.

Posted by: LinuxLies at 11:38 AM | No Comments | Add Comment
Post contains 183 words, total size 1 kb.