Facebook – LIKES on posts and sites reveal personality traits

This study shares an awareness to be careful in this highly public environment to safeguard privacy:



Researchers at the University of Cambridge and Stanford University recently conducted a study to determine how well Facebook knows you. They released the results this week, and what they found is eye-opening. It turns out that the computer model the researchers built to analyze Facebook users could predict their personality better than their own friends and family members.

The researchers gathered their information by asking over 86,000 Facebook users to conduct a personality survey. Then they analyzed those users’ Facebook Likes to determine what interests aligned with what personality types. The more Facebook Likes a user had, the easier it was for the computer model to guess their personality. For instance, the computer could make better guesses about a user than their human friend after 70 likes, and could even outperform a family member after 150.

Facebook – implements Place Tips features

Facecrooks Security documents a new Facebook feature surfacing this week



In a somewhat surprising release, Facebook launched a new feature called Place Tips for New York City users this week. If your location services are turned on, the Facebook mobile app will bring tips, photos and posts that pertain to your location to your News Feed.

“News Feed today is a pretty good tool at connecting you to friends and news,” wrote product manager Mike LeBeau in a blog post. “but if we’re Facebook and our job is to connect the world, what else do we want to connect you to?”

Early reports indicate that the feature is a fairly unobtrusive notification at the top of users’ News Feeds that offers them the option to click into it to find out more about a well-known nearby location. Even though the feature can’t post to your page and won’t show your friends where you are, the fact that Facebook can analyze data to figure out your exact location will likely put off some users. Thankfully, you can easily opt out of the feature. Simply go to “Settings,” then “Location,” and then “Place Tip Settings.” You can then turn the feature on and off. You can also turn off your location services for your entire phone under “Settings,” too.

Microsoft Azure: Virtuelle Konferenz 2015

Ich möchte euch heute nochmals auf die zweitägige, kostenfreie Onlinekonferenz zu Microsoft Azure aufmerksam machen, die kommende Woche am 5. und 6. Februar abgehalten wird. Am 4. Februar gibt es einen zusätzlichen “Business-Pre-Day”.

Zwei Tage lang gibt es von 09:00 bis 17:00 Uhr durchgehend Vorträge, die ihr euch live online ansehen könnt. Natürlich könnt ihr auch eine Session auslassen, falls ihr wichtigeres zu tun habt. Aber ich denke, das ist eine interessante Sache! Kostenfrei und keine Anreise.

Der erste Tag der Konferenz steht ganz im Zeichen von “Open Source”:


Der Schwerpunkt am zweiten Tag der Konferenz liegt auf hybriden Lösungen:


Weitere Infos und Anmeldung:

Viel Spaß dabei!

Viele Grüße

Dieter Rauscher
MVP Enterprise Security

Leadership – Marks of a successful leader

Another excellent leadership article


QUOTE: Legacies that matter are connected with people. A hundred years from now all that will matter is the people that you connected with in such a way that you added value and meaning to their lives. Political commentator Walter Lippmann said, “The final test of a leader is that he leaves behind in others the conviction and will to carry on.” Ultimately, if your people can’t do it without you, you haven’t been successful in raising up other leaders.

I believe the greatest legacy a leader can leave is having developed other leaders. Develop them as widely and as deeply as you can. I’ve spent more than thirty years teaching leadership to leaders from every walk of life and nearly a hundred countries. My organizations have trained millions of leaders in nearly every country. In the last few years, I’ve begun to personally invest in coaches and speakers who are actively teaching to others the values and principles I embrace. And I’m investing deeply in a handful of leaders in my inner circle.

Modifying text

I needed to modify some text somewhere in a file. The file looks like this

##  start file
This is some text.


I want to change something.


But not this.
##  end file


I was playing around with various options.  The simplest I found was this:

£> $txt = Get-Content .test.txt
£> $txt = $txt.Replace("I want", "I need")
£> Set-Content -Value $txt -Path C:Testtest.txt
£> Get-Content .test.txt
##  start file
This is some text.


I need to change something.


But not this.
##  end file


You could simplify to

£> $txt = (Get-Content .test.txt).Replace("I want", "I need")
£> Set-Content -Value $txt -Path C:Testtest.txt -PassThru

##  start file
This is some text.


I need to change something.


But not this.
##  end file


The passthru parameter displays the file contents you’ve set.


Or if you are a fan of convoluted one liners

£> Set-Content -Value ((Get-Content .test.txt).Replace("I want", "I need")) -Path C:Testtest.txt -PassThru
##  start file
This is some text.


I need to change something.


But not this.
##  end file


If you take this approach just make sure your text is uniquely identified otherwise you may change more than you thought.

Weekend reading

Testing for a hotfix

KB3000850 – the November roll up for Windows 2012 R2 contains some very useful updates.

I’ve installed it on some machines in my lab but not all. The update is huge so I’m installing it manually rather than through WSUS.


I need to test a remote machine to determine if the update  is installed.

If it is installed you get a this back

£> Get-HotFix -Id KB3000850 -ComputerName w12r2dsc

Source        Description             HotFixID         InstalledBy      
——          ———–                ——–          ———–      
W12R2DSC      Update           KB3000850      MANTICORERichard


But if its not installed you get this

£> Get-HotFix -Id KB3000850 -ComputerName w12r2od01
Get-HotFix : Cannot find the requested hotfix on the ‘w12r2od01′ computer. Verify the input and run the command again.
At line:1 char:1
+ Get-HotFix -Id KB3000850 -ComputerName w12r2od01
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ObjectNotFound: (:) [Get-HotFix], ArgumentException
    + FullyQualifiedErrorId : GetHotFixNoEntriesFound,Microsoft.PowerShell.Commands.GetHotFixCommand

Get-Hotfix actually uses the Win32_QuickFixEngineering CIM class so you need to have DCOM open on the remote system otherwise you get a

Get-HotFix : The RPC server is unavailable. (Exception from HRESULT: 0x800706BA)



You need to wrap the call to Get-Hotfix in a try catch. You only need to know if the update is installed so creating a specialised output object manages that for you

Get-VM |
where State -eq ‘Running’ |
foreach {
$props = @{
   Machine = $($psitem.Name)
   Present = $false
try {
   $hf = Get-HotFix -Id KB3000850 -ComputerName $psitem.Name -ErrorAction Stop
   $props.Present = $true
catch {
   $props.Present = $false
New-Object -TypeName PSObject -Property $props


Substitute any other method of getting a list of computer names, for my call to Get-VM, to match your environment.

El valor de TDD (2)

Anterior Post

En el anterior post comentaba que una de las ventajas de TDD (Test-Driven Development) es que facilita cambiar nuestro código, ya sea para mejorarlo o para adaptarlo a nuevos casos de uso. Quería comentar hoy algunas experiencias (me temo que sobre proyectos no públicos, así que no tengo un repo para mostrar) donde descubrí ese valor de TDD.

Por ejemplo, en un proyecto ya terminado y entregado, el cliente pide despues de un tiempo un cambio: un nuevo caso de uso. El proyecto contenía un “parser” de expresiones de consulta, tipo SQL, sobre un modelo de dominio en memoria, y en en lenguaje consulta que se había implementado había filtros como

where Year = 2013

Donde se admiten otros operadores que el igual, pero donde la expresión de la derecha era siempre una constante. Para el nuevo caso de uso el cliente pedía extender este lenguaje de consulta (tanto el “parser” como la ejecución de la consulta, para tener expresiones como

where Year = @today – 10

donde @today es el año actual, donde la expresión de arriba es “dame los datos de hace diez años”. Bien, como tanto el “parser” como el ejecutor de comandos estuvieron hechos con TDD, estaba todo preparado para probarlos, y se escribieron los nuevos tests a pasar. Al principio no compilaba (en C#), y luego comenzó a compilar, pero dando las pruebas nuevas en rojo. Se agregó el código necesario para que pasen a verde, se corrieron todas las pruebas para ver si había algún “side effect”, efecto colateral, que rompiera algo, pero todo anduvo bien. Se entregó el resultado al cliente, lo probó, y hasta el día de hoy no ha reportado un solo “bug” sobre el tema. Lo está usando sin problema. ¿Cuánto se tardó en modificar el código? Pues:


Tardé otra hora explicando lo que había hecho (en inglés, que no es un tema que domino mucho ;-).

Pero no es solamente el tiempo, sino que la forma de trabajo (TDD antes, TDD ahora), permitió:

- Apenas gastar tiempo mínimo en depuración
- No romper nada de lo anterior (porque TODO LO IMPORTANTE que anda de lo ANTERIOR, se implementó siguiendo el flujo de trabajo de TDD, no con simple “test-after”; entonces si los tests de ahora dan en verde, es ALTAMENTE PROBLABLE que el sistema en conjunto siga funcionando)
- Dejar todo preparado para que otro equipo pueda hacer lo mismo (adaptar el sistema a un nuevo caso de uso) más adelante.

Pongamos un ejemplo negativo. En un proyecto, había una lógica que, dado un usuario y un tema, devolvía una lista de documentos de ese tema y accesibles por el usuario (no era exactamente así, pero basta en este post esa descripción para el ejemplo). Obtener esa lista no era simple: había una gran cantidad de lógica, no siempre directa (un documento podría heredar de otro, y heredar entonces su accesibilidad o innaccesibilidad por un usuario; había distintas accesibilidades (para ver, para modificar, etc)…). Y además, en la implementación del anterior equipo de desarrollo, alguien había decidido algo como “si lo ponemos en un Stored Procedure va a andar más rápido” (sin hacer ninguna prueba que corrobere esa afirmación). Conclusión: todo estaba en un stored procedure de decenas de líneas.

Llegó el momento de, ante un caso de uso nuevo, hubo que refactorizar esa lógica: en el caso de uso nuevo, en algunas ocasiones, obtener esa lista llevaba un par de decenas de minutos (jeje… si, la “magia” de poner todo en el stored procedure ;-). Eso en sí no es problema: no siempre la primera implementación es “la mejor” (en parte, porque no hay “la mejor”, sino que quizás hay “la mejor para los actuales casos de uso, pero tal vez hay que cambiarla cuando aparezcan nuevos casos”), y la original implementación que ya estaba en producción había cumplido con su cometido, y el sistema estaba funcionando sin mayor problema. Pero al hacerlo sin TDD, una consecuencia es: FUE DIFICIL agregar un caso de uso, y reimplementar la lógica, porque no había forma de saber, por pruebas automáticas, qué casos eran cumplidos por la nueva implementación (un modelo en memoria fue la nueva implementación, mucho más rápido), y cuáles no. Conclusión: hubo que implementar pruebas con casos de uso más frecuentes, y como no estaba claro qué tenía que devolver en cada caso, la prueba comparaba el resultado DE LA NUEVA implementación, con el resultado que daba la VIEJA implementación. No es la mejor solución.

¿Lección aprendida? Hacer TDD, paga, nos da beneficios, en especial al cliente final, y a todo equipo que venga a mantener el sistema. Sin TDD: horas o días para reproducir y arreglar un bug, interminables sesiones de depuración, costo mayor para el cliente final, desgaste y poco avance diario. Con TDD: todos felices, y dedicando el tiempo a agregar valor y no a remar en un río de mermelada ;-)

Tengo más casos para comentar, pero espero que lo de arriba sirva para aportar agua para el molino de TDD.

Nos leemos!

Angel “Java” Lopez

RansomeWeb Malware – encrypts and holds vulnerable websites hostage

RansomeWeb is a new malicious treat that encrypts and holds vulnerable websites hostage via sophisticated targeted attacks.


QUOTE: More and more people become victims of ransomware, a malware that encrypts your data and demands money to decrypt them. A new trend on the market shows that cybercriminals will now target your website as well to get a ransom payment from you.

In December 2014, our security experts discovered a very interesting case of a financial company website compromise: the website was out of service displaying a database error, while the website owner got an email asking for a ransom to “decrypt the database”. Web application in question was pretty simple and small, but very important for business of the company that could not afford to suspend it, neither to announce its compromise.

Key research on how this new attack works:

1. The web application was compromised six months ago, several server scripts were modified to encrypt data before inserting it into the database, and to decrypt after getting data from the database. A sort of “on-fly” patching invisible to web application users.

2. Only the most critical fields of the database tables were encrypted (probably not to impact web application performance a lot). All previously existing database records were encrypted accordingly.

3. Encryption key was stored on a remote web server accessible only via HTTPS (probably to avoid key interception by various traffic monitoring systems).

4. During six months, hackers were silently waiting, while backups were being overwritten by the recent versions of the database.

5. At the day X, hackers removed the key from the remote server. Database became unusable, website went out of service, and hackers demanded a ransom for the encryption key

Security Awareness – Personal User safety tips for 2015

PC Magazine offers excellent advice and safely tips for the coming year: 



Before looking at my 2015 resolutions, I took a look at the list from 2014 to figure out how well I stuck to my goals. For my password I security, I resolved to use strong and complex passwords for everything, to adopt two-factor authentication where available, and to turn on protective features for mobile devices and networking gear. For networking security, I promised to download and install updates when they are ready and to run security software and tools. For my data security, I decided to encrypt my data while in transit as well as on my hard drive, and to back up data files regularly. And finally, I pledged to be careful about what kind of information I post online on social media platforms and what I save on cloud services.

I know where I have to improve, but I also have some promises for 2015. First of all, I will delete software and apps I am not using. There is no need to keep software on my machine which are outdated or vulnerable. This ties into my second goal—to audit myself so that I know what I have. Experts regularly advise businesses to make sure they know what machines are on the network, what kind of software is on each one, and to understand who has access to them. Why shouldn’t I do the same for my personal devices?


Desde el pasado día 26/01/15 tenemos disponible la versión estable de Microframework en su versión QFE2 que aporta el esperado soporte para las versiones de Visual Studio 2013 además de importantes mejoras en la estabilidad del lwIP, pwm, analog outputs y los drivers para WinUsb.

Se puede descargar de codeplex  : “NET MF SDK 4.3QFE2”

Avanzando con lo mas pequeñito.

Browsers – Major products evaluated by PC Magazine 2014

Features, performance, design and other factors were evaluted recently in this PC Magazine article:



In the biggest shakeup in the browser industry since Microsoft was forced to uncouple Internet Explorer from Windows, Google’s Chrome burst on the scene in 2008, forcing new standards in browser speed, streamlined design, and rapidly iterating software, forcing all the other players to overhaul their own sluggish software as they played catch up to the nimble newcomer. Chrome spent several years as PCMag Editor’s Choice, but it’s been surpassed in speed and features, and it has sunk to a three-way tie for second place as former favorite Firefox has reasserted its lead. With a beautifully redesigned interface, excellent performance, thrifty memory use, helpful browsing tools, and leading customizability, the independent open-source browser has reclaimed PCMag.com’s Editors’ Choice for browsers.

While Firefox is our favorite browser of the moment, there are still other excellent choices that, depending on your priorities, will server your Web browsing needs admirably, including Internet Explorer, Opera, and Maxthon. All of the browsers now provide more-than-adequate support for the new HTML5 standard for website coding—even Internet Explorer has been acknowledged by Google as now being among the ranks of “modern” Web browsers. The search kingpin did this when it withdrew its Chrome Frame product, which inserted Chrome’s page renderer inside IE.

dobe Flash – Rare Yellow alert by ISC for users to update

During January, the Internet Storm Center declared a yellow alert to highlight the importance of updating Adobe Flash Player. Users should use a PATCH NOW approach to ensure they are up-to-date




We have decided to change the Infocon to yellow in order to bring attention to the multiple recent Adobe Flash Player vulnerabilities that are being actively exploited. There have been patched vulnerabilities that have an update and applying them is highly recommended. 1 of the vulnerabilities has not yet been patched, and is expected to be released as an OOB (Out of Band) next week by Adobe 3.

Our reasoning is that the Adobe Flash Player is very widely installed, the vulnerability affects multiple platforms, remote code execution gives the attacker complete control of the system, the patch is not yet available, it affects both organizational IT systems as well as home or soho users, a crimeware kit is actively exploiting the vulnerabilities, people might mistakenly believe that the patch from yesterday fixes all of the issues, and last but not least mitigation through the use of EMET or other tools/means is not normally feasible for home users or quick deployment in enterprise environments without testing. In short, the high impact of these vulnerabilities being exploited warrants raising the Infocon from now until Monday.

AV Product Testing – Best Security product for 2014

Independent software testing firm AV-Comparative shares their study as follows:



An antivirus testing researchers’ work is never done. As soon as the research team finishes and report on one series of tests, it’s time to start another. Once a year, though, the team at AV-Comparatives takes a moment to sit back, review the previous year’s results, and name a Product of the Year. They also flag other products for overall outstanding achievement, specifically for excellent results in specific test areas. 2014’s product of the year is Bitdefender Internet Security 2015.

That’s not to say Bitdefender totally outperformed all of the other products tested by AV-Comparatives. In fact, there was a tie for the top spot, as Kaspersky Internet Security (2015) scored just as well as Bitdefender. In a case like that, the honor goes to whichever product had not won before, or, as in this case, the product that hadn’t won as recently. With Kaspersky, AVG, Avira, Emsisoft, F-secure, and Fortinet also made the cut-off for top rated products.

Adobe Flash – Multiple security releases during JAN2015

Multiple zero day and other attacks led to expedient patching by Adobe to improve Flash security.  All home and corporate users should update and ensure they are on latest builds.  Abobe Flash often detects security updates and prompts users to install them.  Additional details regarding these releases are noted below


Bulletins and Advisories from this month
APSB15-03 Security updates available for Adobe Flash Player 1/27/2015 1/27/2015
APSA15-01 Security Advisory for Adobe Flash Player 1/22/2015 1/24/2015
APSB15-02 Security updates available for Adobe Flash Player 1/22/2015 1/22/2015
APSB15-01 Security updates available for Adobe Flash Player

Data Breach – Marriott strengthens customer security

Marriott quickly strengthened controls after discovery of a security design weaknesses in an Android based application.



The issue, patched last week, made it simple for attackers to access the reservation and personal details of Marriott customers via its web services, exposing check-in dates, victims’ last names, and victims’ contact information including physical address, email address and partial payment card data.

It turned out that Marriott’s Android app didn’t need to use any authentication to query Marriott’s web services for reservation information. All it required was a Membership ID. Which meant that if Westergren, or someone malicious, wanted to access the details of many Marriott Rewards members all he would have to do is change the Membership ID data being used to query the web server.

Leadership – Goal setting Quotes from history

Several past historical leaders share the importance of vision and goal setting in this excellent post



As we approach the end of January, a time when you might begin to feel discouraged about lack of progress toward your New Year’s Resolutions, I’d like to share some of my favorite quotes on goals and planning. If we want to succeed with our resolutions, we need to make them measurable and attainable. Breaking them down into specific goals allows us to do that. If you haven’t already broken your big dreams down into small goals, take some time to do that this week. Create manageable steps. Give yourself deadlines. And don’t let discouragement derail your dreams.

Windows 10 – New Security Features in Preview version


A senior reseacher at Kaspersky Labs highlights some of the improved features and strategies for Windows 10:




Microsoft is attempting to better tighten down the new version of Windows the operating system by disallowing untrusted applications from installing and verifying their trustworthiness with their digital signature. This trusted signing model is an improvement, however, this active handling is not perfect. APT like Winnti’s attacks on major development shops and their multiple, other significant ongoing attack projects demonstrate that digital certificates are readily stolen and re-used in attacks. Not just their core group’s winnti attacks, but the certificates are distributed throughout multiple APT actors, sharing these highly valued assets, breaking the trust model itself to further their espionage efforts.

Variable select

I was working on some code that  accesses a SQL database this afternoon. I only needed to pull back a single column from a single row but which column to pull back is variable depending on other data.

That’s OK

$query = “SELECT $colname FROM tablename WHERE x = ‘y’”

Invoke-SQLcmd –server <server> –database <database> –query $query


Now the problem hit me as I need to get the actual value from the object that invoke-sqlcmd returns

I normally do this:

Invoke-SQLcmd –server <server> –database <database> –query $query | select –expandproperty <columnname>


And then it dawned on me that I have the column name in $colname so this works

Invoke-SQLcmd –server <server> –database <database> –query $query | select –expandproperty $colname


I got so used to explicitly stating the properties I need that I forgot you could use a variable.  If you want an example to try on any system

Get-Service | select -First 1 | select -ExpandProperty $p1


or you could try

$p1 = ‘Status’
Get-Service | select Name, $p1


and change to

$p1 = ‘DisplayName’
Get-Service | select Name, $p1


Not something you want to do every day but a useful trick when you need it

AV Product Testing – Best Windows 7 Protection DEC2014


Independent software testing firm AV-TEST shares their study as follows:



Which one should you choose to protect your own PCs? If you were choosing between different cars, you could take test drives, see how each suits your needs. But you wouldn’t want to test drive an antivirus using live malware! Fortunately, independent labs like AV-Test Institute do the necessary research for you. The latest report from this lab helps identify the best antivirus products

Recent Comments