Wiring a Lionel KW transformer

Wiring a Lionel KW transformer

When it comes to wiring a Lionel KW transformer, there’s more to consider than just which posts to use. The size of the wires also matters. If you derail a train 8 amps of power can run through the wire for 10-15 seconds before the circuit breaker kicks in. You don’t want the insulation to melt and catch fire.

Proper wiring for the KW transformer is a bit of a safety issue.

Read more

SQL injection explained

I’ve never seen SQL injection explained really well, until one of my coworkers did just that. I’m going to try to repeat his explanation here, because SQL injection is something that everyone seems to expect everyone else to just know.

SQL injection (sometimes abbreviated SQLi) is the technical term for getting a form in a web site to run SQL commands when it shouldn’t. Here’s what it is and how and why it works.

Read more

Spot phishing e-mails with Outlook

I got e-mail the other day from Turbotax saying someone had filed my taxes for me. Obviously a cause for concern, right? Here’s how I determined the message was fake in about three minutes. You can spot phishing e-mails with Outlook the same way.

Some people will tell you not to even open a message like this, but if you’re a computer professional, at some point someone is going to want you to prove the message was fake. I think this is something every e-mail administrator, desktop support professional, security professional, and frankly, every helpdesk professional ought to be able to do.

So here’s how you can get the proof. And generally speaking, Outlook 2010’s default configuration is paranoid enough that this procedure will be safe to do. If you want an extra layer of protection, make sure you have EMET installed and protecting Outlook.

Read more

I got hacked. I did it to teach you a lesson, and I’m sure you believe it.

The other day, this showed up in my e-mail:

A file change was detected on your system for site URL https://dfarq.homeip.net. Scan was generated on Tuesday, November 3rd, 2015 at 5:25 am

A summary of the scan results is shown below:

The following files were removed from your host:

/var/www/wordpress/wp-content/cache/supercache/dfarq.homeip.net/wordpress/index.html (modified on: 2015-11-03 03:23:52)
======================================

The following files were changed on your host:

/var/www/wp-content/themes/twentyfourteen/functions.php (modified on: 2015-08-19 22:24:04)
/var/www/wp-content/themes/twentyfourteen/header.php (modified on: 2015-08-19 22:24:04)
======================================

Login to your site to view the scan details.

I didn’t make those changes. Fortunately fixing it when changes appear in functions.php and header.php that you didn’t make is pretty easy.

Read more

The best e-book site I’ve found

The best ebooks site I’ve found, by far, is the archive at the University of Adelaide in Australia. The selection is outstanding, but the presentation is even better.

Steve Thomas, the curator, takes tremendous care to ensure Adelaide’s e-books display their best on any device. Most e-books, even commercial books, pay little to no attention to formatting, and the result all too often is books that are difficult to read.

Read more

Expect a rough road ahead for Flash

Adobe has patched Flash twice in two weeks now. The reason for this was due to Hacking Team, an Italian company that sells hacking tools to government agencies, getting hacked. Hacking Team, it turns out, knew of at least three unpatched vulnerabilities (also known as “zero-days” or “0days”) in Flash, and exploits for these vulnerabilities were among the things that got breached.

That’s why Adobe is having a bad month.

Read more

What cross-site scripting is and how to recognize it

In many security job interviews, the interviewer will ask about cross-site scripting, also known as XSS. Most descriptions of it are overly complex, however. The best description of it that I’ve ever heard is just five words long: Code execution in the browser.

That succinctly sums up the problem: You don’t want someone to be able to inject their code into your site.

Read more

How to maximize a Computer Science degree

Yesterday an interesting question popped up on Slashdot, asking for an alternative to a computer science degree for an aspiring web developer. He complained that what he’s learning in class doesn’t relate to what he wants to do in the field.

Assuming that by “web developer” he means someone who can code stuff in ASP and/or PHP with a database backend and do stuff in Javascript–as opposed to a designer who just does HTML and CSS–I think he’s best off staying where he is and asking better questions.
Read more

WordPress Appliance - Powered by TurnKey Linux