267 Lotus blogs updated hourly. Who will post next? Home | Blogs | Search | About 
 
Latest 7 Posts
A Special Day in Baseball -- For Those Who Appreciate Any Sport
Mon, Jun 29th 2015 11
Security Alert: IBM Java 6 SR16FP3 IF1 Contains Vulnerabilities Impacting Domino - Get the Fix
Wed, Jun 3rd 2015 19
"Let’s Get Ready to Logjam!" -- The Need to Know About This New Exploit
Fri, May 22nd 2015 20
Train Tips for European Traveling -- Chapter III
Wed, Apr 22nd 2015 11
Ten Behaviors That Could Kill Your Career
Mon, Apr 13th 2015 15
How To Kill a GHOST: The Next Vulnerability
Fri, Apr 10th 2015 14
Flying SWISS? Avoid Selecting These Seats
Mon, Apr 6th 2015 14
Top 10
Linux Bash Bug - Shellshock - is Real: Get Patched (Mac Too)
Thu, Sep 25th 2014 27
New SSL3 Exploit: The POODLE Is Here and Lifting Its Leg
Wed, Oct 15th 2014 24
How To Receive Ubuntu 12.04 Kernel Updates After 7 August 2014
Wed, Jul 16th 2014 20
Linux Bash Bug - Shellshock - FINAL FIX RELEASED: Get Patched (AIX, Mac Too)
Mon, Sep 29th 2014 20
"Let’s Get Ready to Logjam!" -- The Need to Know About This New Exploit
Fri, May 22nd 2015 20
Security Alert: IBM Java 6 SR16FP3 IF1 Contains Vulnerabilities Impacting Domino - Get the Fix
Wed, Jun 3rd 2015 19
Skype 4.3 on Linux Crashing? Here’s a Fix.
Tue, Aug 5th 2014 17
The 2015 Linux Jobs Report Is Out -- Strong Demand Continues
Thu, Mar 5th 2015 16
IBM Protector for Mail Security POODLE Fix
Wed, Oct 22nd 2014 15
Running Traveler 9.0.1? Hold off on that Upgrade for Now
Fri, Apr 3rd 2015 15


Bill Malchisky Jr.
Blog Title BillMal Your Lotus Pal
Blog Description ICS/Lotus (mostly), Linux, Travel, Skiing, Mixology, and Random Musing of Interest
Blog URL http://www.BillMal.com
RSS Feed http://www.billmal.com/billmal/billmal.nsf/feed.rss
Validate Feed feedvalidator.org or validator.w3.org
Feed Last Checked Jun 29, 2015 1:28:42 AM EST. Realtime Update:
Location Fairfield, CT, USA


Recent Blog Posts
11
A Special Day in Baseball -- For Those Who Appreciate Any Sport
Mon, Jun 29th 2015 1:28a   Bill Malchisky Jr.
I make no grand illusions about being a professional baseball fan (which is short for fanatic), I leave that to my friends like Curious Mitch and Chris Whisonant for example, who love their respective teams. I like the game, listen to radio broadcasts when I can and that is enough for me. Today though, was something of a dream for any child who seeks to play professional sports. That special event occurred in New York City, on Citi Field, with the Mets on Sunday, 28 June 2015. Today, a young St
19
Security Alert: IBM Java 6 SR16FP3 IF1 Contains Vulnerabilities Impacting Domino - Get the Fix
Wed, Jun 3rd 2015 5:38p   Bill Malchisky Jr.
IBM Security released a new bulletin today, entitled, "Security Bulletin: Multiple vulnerabilities in IBM Java 6 SR16FP3 IF1 affect IBM Notes and Domino" describing the latest reported vulnerabilities by Oracle. Know that IBM Java 6 SR16FP3 IF2 resolves the issues and is suggested that you install it on your production Domino servers as soon as you can. Multiple Vulnerabilities Addressed The IBM security bulletin provides detailed descriptions and links for each of the 13 vulnerabilities
20
"Let’s Get Ready to Logjam!" -- The Need to Know About This New Exploit
Fri, May 22nd 2015 2:35a   Bill Malchisky Jr.
Logjam (CVE-2015-4000) is the latest server exploit hitting the nation (world). In scope are 8.4x10**3 of the top 1x10**6 websites and 14.8% of mail servers in the IPv4 address space as per weakdh.org. The cause is a weakness identified in the Diffie-Hellman key exchange (explained here and here), with the exploit reported early by Ars Technica. The root cause goes back to the 1990's. Recall when products like Lotus Notes had a North American encryption flavor and an International encryptio
11
Train Tips for European Traveling -- Chapter III
Wed, Apr 22nd 2015 2:30a   Bill Malchisky Jr.
This year I needed to travel from Zurich, Switzerland to Ghent, Belgium by rail. In contrasting the route through Paris two years ago, I decided to take a chance and transfer instead in Cologne, Germany. This post describes the lessons learned and useful tips to make your next rail experience even better. As I needed to work and needed to increase the chances for power, I chose first class end-to-end on this trip. The rates were reasonable enough that the service upgrade proved cost-effecti
15
Ten Behaviors That Could Kill Your Career
Mon, Apr 13th 2015 1:30a   Bill Malchisky Jr.
A few weeks ago, Jack Welch wrote an article for the Daily Mail covering common pitfalls stalling one's career. Many items listed were taught to me when I worked as an employee or through customers along the way, thus, I appreciated his wisdom. If you have not read the piece, I wanted to share it. Perhaps you know someone that can use the information to better himself or herself in their current job, or apply an item below to your own aspirations. I find point three is particularly important
14
How To Kill a GHOST: The Next Vulnerability
Fri, Apr 10th 2015 2:10a   Bill Malchisky Jr.
The first big vulnerability for 2015 launched during IBM ConnectED. With conference and presentation prep the past several weeks, I checked Planet Lotus to see if GHOST was previously covered. Not seeing any posts, I wanted to write about it now. In my opinion, this vulnerability gained less traction than POODLE and Shellshock due to the limited scope. GHOST (CVE-2015-0235) impacts the glibc gethostbyname() and gethostbyname2() calls. Applications using DNS resolution are primarily impacted,
14
Flying SWISS? Avoid Selecting These Seats
Mon, Apr 6th 2015 2:30a   Bill Malchisky Jr.
Just providing a perspective to those that travel, based upon my recent experience. If this helps someone have a more comfortable flight in the future, than I am happy to write about my trip. Airbus A330-300 Trouble Seats The SWISS Airbus A330-300 configuration is losing its luster, included in that is seat 24B--completely substandard. As SWISS decided to place the entertainment system controls inside rectilinear solid cases below every seat in the main cabin, some aisle seats have signifi
15
Running Traveler 9.0.1? Hold off on that Upgrade for Now
Fri, Apr 3rd 2015 9:54a   Bill Malchisky Jr.
Saw a few colleagues communicating on a recent upgrade issue with Traveler 9.0.1.3. Once resolved, one may choose to author a more detailed blog post, but I wanted to at least offer a place holder hopefully to save you time and keep your end users happy. If you are running Traveler on Windows 2008 R2/64bit with Domino 9.0.1 FP3 HF241 underneath, you might want to delay holding off til resolved. Traveler can crash every few minutes in this configuration (as of this writing). (Other hot fix lev
13
Engage 2015 was Exceptional -- Plus New Domino Script Released
Fri, Apr 3rd 2015 4:30a   Bill Malchisky Jr.
This year, the Engage 2015 crew accepted my abstract to present at their conference in Ghent, Belgium, for which i am grateful. The experience overall proved gratifying on many levels. First, the top-notch planning and execution by Theo Heselmans and his team proved quite exceptional. From the amazing city and venue to the flow of the event. Details properly covered and enhancements seen throughout the event all proved to be well received. With 30 sponsors this year, Theo's Engage by BLUG b
16
The 2015 Linux Jobs Report Is Out -- Strong Demand Continues
Thu, Mar 5th 2015 7:42p   Bill Malchisky Jr.
"Unstoppable Linux Job Market Shows No Signs of Slowing Down" The Linux Foundation in cooperation with Dice released their March 2015 Linux Jobs report. In a phrase, growth for Linux professionals remains strong once again and is growing stronger. If you are looking for a new opportunity, or to expand your existing skill set, Linux is a great way to do that. As I reported in 2013, the trend line for Linux talent progressed upward from 2012 through 2013 and that remains true today. Cloud ser
11
"Age is Just a Number..." -- George Jedenoff; 97.5 Year Old Skier In Another Inspriational Interview
Thu, Feb 19th 2015 1:00a   Bill Malchisky Jr.
Last year, I commented on George Jedenoff and how much he loves to ski. Well, the passionate 97 -1/2 year old skier returned for another year of carving at Alta, Utah and did another interview with the Ski Utah crew. The adventurous Mr. Jedenoff skis trees, has a great relaxed form, and loves Wasatch powder. This year, he answered several questions from Ski Utah readers and provided fun candid answers, on longevity, diet, how he preps for each ski season, and how he finds ski buddies. An inspira
11
IBM ConnectED (LS15) Saturday Community Events Time Changes
Sat, Jan 24th 2015 4:10a   Bill Malchisky Jr.
Due to the overnight and morning rain, I started working on logistical changes to get the day's Community events included with minimal overlap to other already scheduled Saturday events. This should serve as the Master Schedule for now... as due to traveling to this event, the wonderful teams for the Totally Unsupported IBM Notes Session Database and the AngularJS and Domino demo site. by Mark Roden and Mark Leusink, will not be able to get their sites updated in-time, which is completely
10
My IBM ConnectED Speaking Schedule -- With My First ChalkTalk
Wed, Jan 21st 2015 11:11p   Bill Malchisky Jr.
In just a few short days, the next iteration of our annual January conference commences. With all of the other ICS related activities I am doing this year outside of IC15 (LS15), I am happy to take a bit of a back seat with the speaking and run my first ChalkTalk session (formerly Birds Of a Feather (BOF)), plus Linuxfest VI on Wednesday. For my ChalkTalk session, I am co-presenting with the wonderful fellow IBM Champion, Ms. Femke Goedhart. We are covering the Personal Privacy Paradigm. A ti
13
IBM ConnectED -- Get your Linux Fix at Linuxfest VI
Wed, Jan 21st 2015 5:10a   Bill Malchisky Jr.
After several months of planning, I can officially announce that Linuxfest will return to Orlando, for IC15 for its sixth consecutive year. With the compressed schedule this year and the organizing team working diligently to make the event memorable for all the speakers and attendees, we had to schedule this unofficial session differently. Thus, we are in the Swan and one-half hour after the CGS (Closing General Session). We are listed in the Totally Unsupported IBM Notes Session Database as
10
Get Access -- Voice of the Partner is Live
Wed, Dec 17th 2014 5:10a   Bill Malchisky Jr.
It is with great pleasure that I announce Voice of the Partner is in production! This tool provides IBM Collaboration Solutions business partners a new feedback continuity site to interface directly with IBM. As alluded to within my beta launch blog post, the past three months proved quite busy, culminating in this promised mid-December launch. Please understand this is a volunteer effort for me and the scope of BPs in good standing is massive. Thus, I am breaking the overall group down into
7
IBM Mobile Connect POODLE Fix
Mon, Nov 3rd 2014 5:16a   Bill Malchisky Jr.
IBM just announced a couple of Technotes dealing with IBM Mobile Connect and POODLE. As this product is quite secure by design and a product that I enjoy as customers have a great track record with it in the field, the option to use TLS 1.0 - 1.2 is supported. The new SSL v3 security changes are implemented under APAR IV66131 -- available for IMC 6.1.5 and 6.1.5.1. Thus, if you have not upgraded IMC in the past ten days, then read below and plan your upgrade as appropriate. Here Are The Tec
15
IBM Protector for Mail Security POODLE Fix
Wed, Oct 22nd 2014 2:20p   Bill Malchisky Jr.
A day after providing two Technotes on SHA-2, TLS, and POODLE for Domino, IBM released two documents to cover their Protector product. The bulletin covers three vulnerabilities and provides details on each. For the workaround document, mind the side effect mentioned at the bottom, as with some sites, this may introduce a risk assessment against delivery versus the exploit's vulnerability. 1. Bulletin - Security Bulletin: Vulnerabilities in OpenSSL may cause weak cyphers to be used over SSLv
6
Silent No More: IBM Makes Security Announcements on SHA-2, TLS, POODLE
Tue, Oct 21st 2014 9:12a   Bill Malchisky Jr.
Today (21 Oct 14), IBM created a set of Technotes covering what appears to be a first step in helping soothe the customer and partner concern on the lack of offered direction and plan for resolving the SHA-1, TLS, and POODLE exploits that exist from years of community support and a yet to be implemented capability for increased security. I offer first step as no date for the patch is provided, just that they are stating their intentions and scope with a solution by year-end, which is my conjectu
24
New SSL3 Exploit: The POODLE Is Here and Lifting Its Leg
Wed, Oct 15th 2014 3:38a   Bill Malchisky Jr.
Here we go again... another blockbuster security exploit with another clever code name is announced. POODLE (Padding Oracle On Downgraded Legacy Encryption) CVE-2014-3566 specifically allows a man-in-the-middle style attack utilizing an SSL3 connection. Once again, Red Hat does a stellar job offering full details on background, technical specifics, and testing. Google's Online Security Blog post is exceedingly terse when contrasting. Here is what you need to know. What is It? CVE-2014-356
20
Linux Bash Bug - Shellshock - FINAL FIX RELEASED: Get Patched (AIX, Mac Too)
Mon, Sep 29th 2014 6:13a   Bill Malchisky Jr.
Author's Note: Thank you to the ICS community for their tremendous support of my first Shellshock post. For those that read it early, you received critical information 14-72 hours before many sites released their stories. Several readers were fully patched before big names tweeted the issue. You were well ahead of the curve. Shellshock stories released over the weekend proved outdated and incomplete. This post provides better information faster. I am grateful for your support. As I mentione
27
Linux Bash Bug - Shellshock - is Real: Get Patched (Mac Too)
Thu, Sep 25th 2014 6:13a   Bill Malchisky Jr.
This is ugly, but fortunately you just have to update to a fixed Bash version and your fine (for now). No need to reboot your system either. Red Hat is out early on this and escalated this appropriately. Their first round of updates got all but one exploit permutation, so they re-issued another bug identifier and are working to close it soon. Their initial timeline: Red Hat announced the bug on 14 Sep, had a proposed upstream patch seven hours later (0500h 15 Sep), backported it to Bash 3.0,
10
Ryder Cup Skype Chat Announced
Wed, Sep 24th 2014 9:12p   Bill Malchisky Jr.
It is that time again when the best pro golfers in The United States of America take on the best pro golfers in Europe for the coveted Ryder Cup. This year, it is played at the beautiful Gleneagles course in Scotland designed by pro golf legend Jack Nicklaus, who describes his course hole by hole. Play commences Friday, Saturday at 7:35am local time, or 2:35am EDT, with a more respectable Sunday start at 11:36a local time, or 6:36a EDT for singles play. I will open a Skype chat for the event.
3
Big News for ICS Partners!
Wed, Sep 17th 2014 10:15p   Bill Malchisky Jr.
After three years of working with IBM, I am proud to make the first public announcement of the beta milestone of a new IBM community feedback continuity tool entitled, Voice of the Partner. ICS is behind this at the highest levels and there is a strong desire within IBM to make this a success. Imagine that as a partner you have a tool where you can input ideas and concerns to IBM and receive a response in a meaningful way, that also ensures continuity of feedback throughout the issue's life
7
Using Sametime Mobile? Avoid iOS 8 for Now
Tue, Sep 16th 2014 6:12a   Bill Malchisky Jr.
IBM released a Technote yesterday on the issues with their Sametime Mobile applications on iPhones and iPads running iOS 8 -- due for release on Wednesday, 17 September 2014. My friends Gabriella Davis and Matteo Bisi both blogged on the Technote. Beyond that, there exists a post on The Sametime Blog offering a behind-the-scenes look as to the challenges therein, written by the on-premises Sametime Product Manager - Marlon Machado. In meeting Marlon previously, I can tell you he is a good guy an
6
I AM Speaking at ICON UK
Thu, Sep 11th 2014 11:13a   Bill Malchisky Jr.
Long story short, I will be speaking this Friday, 12 September in London, for the ICON UK renaissance. You can find me acting as emcee for the Ask IBM session at 2:00pm (1400h) and then again at 3:45pm (1545h) presenting The Headless Collaborator: Sametime 9 Command Line Install. If you are in London for this wonderful event, please do say, "Hi," or better yet, attend one of my sessions. See you Friday!
8
iNotes Users -- Chrome 37 Creates Compatibility Issues
Fri, Sep 5th 2014 2:12p   Bill Malchisky Jr.
IBM released today, a new Technote for iNotes users, entitled, "Some iNotes operations fail to work correctly in Chrome browsers upgraded to Chrome version 37" and is available here. These five key areas introducing concern stem from Google deprecating the showModalDialog API. 1. Create/Edit Mail rule 2. Contacts Form and the Print action 3. Calendar view and results window displayed when using the "Import Holidays" action (off the "More" menu) 4. Preferences (Select
12
Ubuntu: Clearing GPG -- BADSIG Errors During Update
Wed, Sep 3rd 2014 9:13a   Bill Malchisky Jr.
In updating my Ubuntu LTS host OS caused me to receive several GPG BADSIG errors, visually captured in the following Update Manager error message. You can see the errors more closely via a terminal window. malchw@san-domino:~$ sudo apt-get update W: A error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://extras.ubuntu.com precise Release: The following signatures were invalid: BADSIG 16126D3A3E5
9
Fixing Public Key Repository Errors on Ubuntu
Tue, Sep 2nd 2014 12:15a   Bill Malchisky Jr.
Most of have seen at one point of another a error when updating packages, stemming from an untrusted repository. W: GPG error: http://security.ubuntu.com precise-security Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 40976EAF437D05B5 Here is one fix that works reliably well. Perhaps it will save you some time. 1. Syntax: sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 2. $ sudo apt-get update Repeat for




Created and Maintained by Yancy Lent - About - Planet Lotus Blog - Advertising - Mobile Edition