Archive for February, 2019

Follow-up questions…

Wednesday, February 13th, 2019

This weekend, I had another one of these slumps… where staying at home seems a waste of time but going out is not much better because it isn’t really comfortable anywhere (at least in winter).

The problem was compounded by this dreaded feeling of “I should be doing something instead of nothing” and “I wish things were different”.
Steve Vai, in one of the many youtube interviews he gave, once went on record saying “he only felt bored one afternoon” which he seems to remember vividly as it was so unusual for him.

Great for him. Me on the other hand feel pretty limited in what I can do at my present location so I was lying in bed thinking “I wish things were different” – as a somewhat responsible adult with working experience, such a statement is not really useful though. The inevitable follow-up question thus is “how should things be different”?

I became aware of the requirement to ask a follow-up question thanks to age, wisdom and training (be it professional or as a result of bringing up kids).

Unfortunately, the answer to that is not really simple. Every decision results in some consquences with which you will have to live. How far you want to go is up to you.

Books I’m reading at the moment (February 2019)

Tuesday, February 5th, 2019

The Chronicles of Thomas Covenant part VII by Stephen R. Donaldson (https://en.wikipedia.org/wiki/The_Chronicles_of_Thomas_Covenant)

星空を願った狼の by Shiina Takasato (https://ja.wikipedia.org/wiki/%E9%AB%98%E9%87%8C%E6%A4%8E%E5%A5%88)
http://iss.ndl.go.jp/books/R100000002-I026521234-00
Still 50 more pages to go….

Desperation by Stephen King
(https://en.wikipedia.org/wiki/Desperation_(novel)) – Gardens of the Moon by Steven Erikson is such a good read, I put this on the backburner…

红豚 by a friend of a co-worker but it has a low priority at the moment

PADI Tec Deep Diver Manual
Not sure if I will ever do this… but it’s interesting to read about it, at least at the moment.

限りなく透明に近いブルー (https://en.wikipedia.org/wiki/Almost_Transparent_Blue)

Getting there….

anti-mining malware measures

Tuesday, February 5th, 2019

A recent article on heise (https://www.heise.de/ratgeber/Mining-Parasiten-erkennen-und-loswerden-4198965.html) outlined how one can investigate a possible infection of a mining trojan on one’s computer. Typical symptoms of such an infection include a high CPU usage (usually resulting in the fan spinning despite running no high-load applications).

The general way to go on about this is to identify the process causing the high load and terminating it. On Windows, the OS-included application to use for that is TaskManager, on MacOS it’s Activity Monitor. On Windows platform, one other freely available tool is ProcessExplorer by Sysinternals.
Using those tools, it’s easy to list the running processes, sort them by CPU percentage and terminating them.

There is a serious limiting factor to this solution, however.

As malware creators are also getting more proficient, some of them include checks in the malware binaries which terminate the mining processes as soon as tools resp. their process names such as Taskmgr.exe, Activity Monitor or procexp64.exe are detected running.

The article therefor recommends to rename the binaries and running them again. This way, the malware will not suspend its activity and can easily be identified and subsequently be terminated.

On earlier Windows platforms, copying taskmgr.exe and renaming it was straightforward. On Windows 10 however, a renamed Task Manager binary does not display any data – I’m still trying to figure this one out.

Renaming procexp64.exe however is straight-forward. Extract the binary from the downloaded zip file, rename it and off you go.

On macOS Mojave (10.14.x) and High Sierra (10.13.x), Activiy Monitor can be renamed as follows:
Open the Utilities folder
Copy and paste Activity Monitor (provide an administrator password if asked)
From the context menu of the copied item, select “Rename”
From the context menu of the renamed item, select “Show Package Contents”
In the subfolder MacOS, rename Activity Monitor
In the Contents folder, open Info.plist
Change the following strings to the name you chose: Executable file, Bundle name, Bundle display name

Run the renamed Activity Monitor binary by running the Unix executable in the folder MacOS