Dreamhost HeartBleed – infected?

 Dreamhost Forum

Hello There, We can confidently let you know that our shared servers and VPS guests are NOT vulnerable to it since they run Debian Lenny and/or Squeeze . The most common version of OpenSSL on our network is 0.9.8o-4squeeze14. “HeartBleed” vulnerability in OpenSSL’s heartbeat module in versions 1.0.1 and 1.0.2-beta

Cheers!
Matt C

From https://discussion.dreamhost.com/thread-140702-post-174286.html#pid174286

Dreamhost Status

As soon as we learned of the “Heartbleed” OpenSSL vulnerability, we began to patch any and all systems that it may have affected. Fortunately this was a very small subset of our systems and was mostly isolated to a small group of mail machines. As of early yesterday, all of our systems are patched. As a preventative measure, we are also re-keying the certificates on any systems with that bug. We have no reason to believe that any of those machines have been compromised, but in the interest of proactive security, we feel that changing SSL certificates is the best option.

DreamHost.com was not vulnerable, but the machines that redirected traffic to our actual site were. This was corrected quickly and those machines will also have their certificates re-keyed.

We can confidently say that our shared servers, VPS guests, and dedicated machines are NOT vulnerable to this issue because they run Debian “Lenny” and/or “Squeeze”. The most common version of OpenSSL on our network is 0.9.8o-4squeeze14, and the “HeartBleed” vulnerability in OpenSSL’s heartbeat module exists in versions 1.0.1 and 1.0.2-beta.

If you have any questions or concerns, please don’t hesitate to contact our support team.

 

OpenSSL Security Advisory [07 Apr 2014] – TLS heartbeat read overrun

 

OpenSSL Security Advisory [07 Apr 2014]
========================================

TLS heartbeat read overrun (CVE-2014-0160)
==========================================

A missing bounds check in the handling of the TLS heartbeat extension can be
used to reveal up to 64k of memory to a connected client or server.

Only 1.0.1 and 1.0.2-beta releases of OpenSSL are affected including
1.0.1f and 1.0.2-beta1.

Thanks for Neel Mehta of Google Security for discovering this bug and to
Adam Langley <[email protected]> and Bodo Moeller <[email protected]> for
preparing the fix.

Affected users should upgrade to OpenSSL 1.0.1g. Users unable to immediately
upgrade can alternatively recompile OpenSSL with -DOPENSSL_NO_HEARTBEATS.

1.0.2 will be fixed in 1.0.2-beta2.

How to test server speed in your console/terminal

This is how!

wget -O speedtest-cli https://raw.github.com/sivel/speedtest-cli/master/speedtest_cli.py
chmod +x speedtest-cli
./speedtest-cli

This are what results might look like

[root@stream4 ~]# ./speedtest-cli
Retrieving speedtest.net configuration...
Retrieving speedtest.net server list...
Testing from Fundacao para a Ciencia e a Tecnologia (193.137.171.XX)...
Selecting best server based on ping...
Hosted by Vodafone PT (Porto) [56.28 km]: 12.239 ms
Testing download speed........................................
Download: 80.28 Mbit/s
Testing upload speed..................................................
Upload: 80.26 Mbit/s

MySQL: delete a row ignoring foreign key constraint

Cannot delete or update a parent row: a foreign key constraint fails 
DELETE IGNORE FROM `database`.`table` WHERE `table`.`tableId` = 16 LIMIT 1;

The IGNORE keyword causes MySQL to ignore all errors during the process of deleting rows. (Errors encountered during the parsing stage are processed in the usual manner.) Errors that are ignored due to the use of IGNORE are returned as warnings.

http://dev.mysql.com/doc/refman/5.0/en/delete.html

masonry – images stacked/overlapped on each other

Masonry is a JavaScript grid layout library. It works by placing elements in optimal position based on available vertical space, sort of like a mason fitting stones in a wall. You’ve probably seen it in use all over the Internet.

I had to use imagesLoaded to solve my problem

jquery.imagesloaded
//cdnjs.cloudflare.com/ajax/libs/jquery.imagesloaded/3.0.4/jquery.imagesloaded.min.js

$('.gallery-masonry').imagesLoaded( function(){
 $('.gallery-masonry').masonry({
 itemSelector: '.item',
 isAnimated: true,
 isFitWidth: true
 });
 });

Continuing Public/Private Surveillance Partnership

The Continuing Public/Private Surveillance Partnership

If you’ve been reading the news recently, you might think that corporate America is doing its best to thwart NSA surveillance.

Google just announced that it is encrypting Gmail when you access it from your computer or phone, and between data centers. Last week, Mark Zuckerberg personally called President Obama to complain about the NSA using Facebook as a means to hack computers, and Facebook’s Chief Security Officer explained to reporters that the attack technique has not worked since last summer. Yahoo, Google, Microsoft, and others are now regularly publishing “transparency reports,” listing approximately how many government data requests the companies have received and complied with.

Read more at
 
https://www.schneier.com/blog/archives/2014/03/the_continuing_.html

 

Google Add to Calendar link

This is how

<a href="http://www.google.com/calendar/event?
action=TEMPLATE
&text=[event-title]
&dates=[start-custom format='Ymd\\THi00\\Z']/[end-custom format='Ymd\\THi00\\Z']
&ctz=America/New_York
&details=[description]
&location=[location]
&trp=false
&sprop=
&sprop=name:"
target="_blank" rel="nofollow">Add to Google Calendar</a>