Web Optimizing

[et_pb_section][et_pb_row][et_pb_column type=”4_4″][et_pb_text]

Secure websites: httpS:// (not http://) like this one used to be a curiosity and a minority-
Now there are no pages that should NOT use https,  also known in general as “SSL” or Secure Socket Layer protocol.
Whether or not you Take Payments nor even have Forms to Fill.. It ensures that ALL traffic to and from your Browser (Chrome, etc) to the final intended destination are properly obfuscated so none of the hundreds of machines and networks along the way can, even with sophisticated technology, snoop what is going on between the two of you.
Right now, you are reading these words off my own Web Server into your own Browser without any
person in the middle seeing anything more than a binary mishmash of unintelligible  data.
Someone  Human might look over your shoulder.

They might install software on your machine to ‘record’ what’s going on
But, at least in the transport- Not
EVEN IF you are connected to a passwordless WIFI this remains true. It actually does not matter, security-wise, whether your WIFI has a password or not, because your data camnnot be snooped between the endpoints.
Why does a WIFI password matter?
It prevents Strangers sneaking in when you do not want them to and using up all your speed and incriminating you in Criminal Activities.
Despite “SSl” (httpS://, your IP address usage may be tracked, by the way.

It’s up for grabs the opinion that the NSA could unobfuscate it- But we are mainly concerned with Daily Life, not the Dark Web here.

For historical reasons, most websites respond to BOTH types of request- secure & insecure- with exactly thr same appearance- But once is insecure, the other not. 
Why not simply turn off the Insecure pages? For historical reasons, that’s why.. in case sites still exist that ONLY reply to the OLD insecure standard and are not set use the new one- Yet. 
So! On YOUR website, make sure it DOES respond on the OLD (http://) insecure protocol but immediately gets redirected to the PROPER and SECURE site https://

HEre is the Code to do that in the root folder of your web server in a configuration fiel that controls how Apache, the Web Server, behaves:

RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301,NE]
Header always set Content-Security-Policy "upgrade-insecure-requests;"

Ill write more on this a bit later- But i wanted to get this Out There to Remind Myself!

 

[/et_pb_text][/et_pb_column][/et_pb_row][/et_pb_section]

Fix HL-5470DW Laser Printer with B512342-5 controller

This is a nice 600DPI PostScript laser printer from 2012- 10 years ago. 
* WIFI can be joined, USB recognizes its name on a MAC computer, Also Linux
Ethernet Cable registers on the 16 character LCD screen as Connected, With Address.
* Self-test Printing works fine from front panel delivering a nice report
BUT– It refuses to print through any interface  No BUSY light or anything
Bit o’ Research shows it has a primary circuit board to manage all this, I have to guess that’s (ir)responsible for this Problem.
I did spend some time monkeying around with the cursor keys and LCD display to reset the ROM, reset factory defaults et cetera et cetera… To No Avail.
Looking back now I might have considered trying to upgrade the firmware to see if that made any difference – I doubt it but only realised a firmware upgrade was available after replacing the motherboard. “maybe try that next time Paule”

My subjective impression was that there was no association between the printing part of the machinery and the outside interfaces.
I took the side panels off the checked the many cable connections for loose fit, burned chips, etc. and All seemed fine.
Nowthen– Curiosity aside, what is it worth spending to fix this? Surprised to learn on Ebay that these things come in at least $150+shipping. 
Refurb Toner Cartridges, if needed,  are not prohibitive– $17.00
Found a free return refurbished spare controller board on eBay (warranted) for $40- the upper limit of what seemed worthwhile.. 
the part happened to be labelled: 
B512342-5
I did find a dealership service manual online with excruciating detail about screw torques, Wire color coding, even a section on attaching a debugging port to the main circuit. 
Interesting: But Helpful?
Nothing of the surface mounted components would I try replacing. I have had dismal failure own that front, before….
Why look for Problems one has no direct solution for?

First thing to do was a Google Image Search for the card ID: to see whereabouts this thing shows up- Well several versions did show up- the -5 suffix is some kind of versioning because lower numbered revisions actually used some real estate on board for a Centronix Parallel Port- My circuit board only had the solder pads for that, But with USB and Networking, who needs parallel? It woudl have been easy to cut the case to match but… No, Paule.
Yes, by 2012 that was all Over, but the design obviously went further back.

Cuts a long story Short- 
– Before removing a circuit board I always label it OLD with a Sharpie
– The NEW or rather Refurbished one was so very similar I knew I was likely to screw up!
– Several zoomed photos to show plug color, location and wiring, though in this case nothing could be mis matched.
– two ribbon connecters made me think they might be the type that has a ‘captive’ clasp on the plug. The ribbon had a hard blue plastic card end-backing it seems in order to allow push and pull insertion and removal (AKA: Interference Fit) without whacking the cable.
– I usually pop out the white connectors with a screwdriver blade prying each side in turn Could fin no ‘retainer’ — some such plugs have a tint patch that needs to be pushed to release the connector. Not these.


Alright so the Printer is back together- It DOES take some puzzling to do this, but it’s OK.
On power the LCD showed ready but griped about the Electrostatic Drum being ‘End of Life’ which it never said before. I think this was an ‘ancestral memory’ of the Printer it came from. My Guess: That whoever recycled the printer this board came from gave up ion that Message on seeing the Brother price for a Fuser/Elctrostatic Toner unit was $80-$90
NOT worth it fro them! the LCD does allow resetting this to 0, and No More COmplaints

The former Page Count had been 80,000, it now dropped to 55,000 as the NVRAM on the board ‘remembers’ its old life

Also, the serial number label on back of this printer is now WRONG

Stats page
Stats page

and YES it DID take a Firmware Upgrade to 1.25- Wish I had tried this first with the Old Board though I suspect it was un revivable. AQt 10 years old it seems Brother is still happily supporting these units, and even successfully upgrade the Forward from a very modern MacBook M1!- also the Printer Preferences Found and Used this printer without further intervention

I. can see the high price of this laser printer comes from its ability to handle Postscript, lots of internal fonts an compatibility with several other Printer Standards from HP (Laserjet) its ability to be used in Windows Workgroups etc. It dod NOT seem to have AFP (Apple Networking) however.. 

Log4j

Log4j security Issues have come up and then been (ab)used a lot since October 2021 due to defects in its design that affect a lot of other products

It is a 20-year-old open source project Meaning that it is essentially a free software Library that may be used inside any number of a very large number of other pieces of software out there

Its purpose is to create a log file reporting what the main software is doing.

There is a small chance you may be aware that your piece of software uses this.

There’s a bigger chance you use some software that has got this embedded in it That will cause your security problems- And you may not even be aware of it.

The game software “Minecraft” is the most prominent example, but exists elsewhere.

The probability exists that in fact problems will arise from websites and web hosts who are more likely to use this software meaning that they could be issues securely accessing certain websites,

I will add more items here as I learn about it

By that I mean, you cannot be sure that Facebook, Twitter, your bank, PayPal etc. don’t in some form use this in their infrastructure – being 20 years old, quite often software infrastructure is incompletely documented and it’s not realized this is being used

Companies do have to be motivated to go look for it, and in the worst case they wait for something to fail then run 🏃‍♀️ and jump on it – the problem is, nothing may go wrong but it could be used as a way to steal passwords & credentials

If you were someone that is abusing the service in order to steal passwords and credentials, it behooves you to not damage the website so that nobody would notice… Just remember that.

More as we learn of it



Interface design

I did not design this therefore I am not supposed to criticize this,
am I?
But I did pay for this Device so does that give me Some Rights about Complaining?
How about if I am borrowing someone else’s stuff?
Here we go:



This above describes ONE button which affects a tiny display area of display on a remote concerning… well, you tell me.
That’s all you really need to know.
If you think I am not being helpful saying what the other seven controls are in the instructions, believe me, you don’t want to know. the only one that’s straightforward is the ‘On/Off” button which even so has a layer of qualifications about what exactly that means..
The symbology/synology is truly obscure even given that the Design is obviously from China and would better have been presented in Kana or actual ideograms
</RANT>, as they ‘Say’.