Home About Meetings FOSS

April 13 2021 Wireshark, adb, Cordova, MariaDB authentication

Posted on April 17, 2021
( 7 minute read )

Brian showed a device he had which measures particulates, in particular the PM2.5 particulates which are particularly dangerous. They had recently experienced sand being blown onshore from the Sahara but there had been none of usual cases of people being affected by the sand particles because people were wearing masks because of the pandemic. Bernard said that he had once experienced sand particles on snow when skiing; when snow later fell on the sand, it turned orange.

Brian went on to share a problem he was having getting Wireshark to recognise bluetooth connections. While demonstrating this problem, he was also able to demonstrate showing an Android screen on a computer screen using adb (Android Debug Bridge).

Finally he drew attention to the new Raspberry Pi installer.

Darren said that the OU were trying to teach the students to write programs once which don’t need debugging using Apache Cordova to try and write and debug an Android app. The course is taking them through design patterns to identifying tasks and leads on to considering microservices.

John shared what he had learned about the changes to MariaDB authentication. These can be summarised as:

  1. mysql.user is now a read only table which offers a human readable list of users.
  2. Privileges are stored in mysql.global_priv which can be edited by using ALTER USER.
  3. Unless you have never upgraded your passwords since MySQL 3, you have at least five options:
    1. mysql_native_password which uses SHA-1
    2. unix_socket which relies on a Linux user having logged in using their user password
    3. named_pipe which relies on a Windows user having logged in using their user password
    4. ed25519 which uses the same authentication as OpenSSH
    5. gssapi which is primarily intended for use with Kerberos on both Linux and Windows
    6. pam which relies on PAM authentication being installed.
  4. There is a SHA-2 option for MariaDB Connector/C and MariaDB Connector J but no support for this option with ODBC or Node.js.
  5. In other words, you only have to supply a (second) password with mysql_native_password and ed25519 which I am guessing has been introduced as a more secure alternative to mysql_native_password.
  6. In each of the other three cases, unix_socket or named_pipe, gssapi and pam, MariaDB relies on you having already used a password to gain access.
  7. To edit the authentication options for a user to unix_socket, enter
    ALTER USER foo2@test IDENTIFIED VIA unix_socket;
  8. At creation you can allow someone to use more than one authentication option:
    CREATE USER root@localhost IDENTIFIED VIA unix_socket OR mysql_native_password USING PASSWORD("verysecret");
  9. In some cases you can add further information to the authentication such as a service name in pam:
    ALTER USER foo2@test IDENTIFIED VIA pam USING ’mariadb’;

Darren wondered how soon we would get back to face-to-face meetings and Brain shared some of his dilemmas about coming back to the UK.

Bernard mentioned that he had found a right of way which appeared to link to Oakenshaw across the motorway but had found that it simply terminated on both sides of the motorway with no link between the two sections. He had later found that it is relatively easy to terminate a right of way, for example, to build a motorway, but very difficult to remove it. So the local authority had decided not to bother to remove it.

David mentioned that his DSL connection had dropped out twice since the meeting started, perhaps because of some interference, and showed his router log listing the status of the connection.

Bernard shared some more videos of the hedgehogs which visit the feeding station and a brief glimpse of a fox investigating the feeding station. He is now using a proper wildlife camera obtained from the RSPB which needs fewer LEDs rather than the Raspberry Pi camera. In practice, the PIR (Passive infrared sensor) which turns on the camera and LEDs uses a lot of batteries.

David mentioned that, after the discussion at the previous meeting about RealVNC and TigerVNC, he had installed TightVNC which worked perfectly once but subsequently would not work at all. John commented that he had queried the RealVNC command which Bernard had shared at the previous meeting and Bernard had given him the link to ReadVNC which turned out to use completely different commands from TigerVNC. Bernard commented that he used Remmina but David said he needed to generate a webpage.

David also mentioned that the National Rail website had turned black and white in commemoration of Prince Philip, which made it unreadable and it took eight hours after complaints for them to restore it. The London website has been changed similarly. John commented that turning a website black and white can actually reduce the contrast which is required for accessibility.

Brian mentioned another Excel spreadsheet disaster, this time in Spain, where statistics regarding the pandemic suggested that high proportions of children were being vaccinated because everyone with ages over 100 were being recorded as age minus 100.

This prompted mentions of the software upgrade in which all passengers on a plane listed as Miss were assumed to be children resulting in an incorrect entry on the load sheet and a recommendation to look at The Oatmeal.

Following a discussion about cats and their predatory behaviour, Bernard asked if anyone had read any of the books by Jim Corbett who had made a speciality of dealing with man-eating tigers in India.

We ended by exploring some of the features of the new Jitsi UI.