Showing posts from July, 2020

FTC Sues California Marketer of $23,000 COVID-19 “Treatment” Plan

Company falsely claimed its “Emergency D-Virus” treatment is “FDA accepted” The Federal Trade Commission charged a California-based company called Golden Sunrise Nutraceutical, Inc. with deceptively advertising a $23,000 treatment plan as a scientifically proven way to treat COVID-19, the disease caused by coronavirus. According to the FTC’s complaint , Golden Sunrise began marketing its Emergency D-Virus plan as a treatment for COVID-19 in March 2020. Advertising on billboards, their websites, and social media, Golden Sunrise falsely claims that the company’s supplements—ImunStem, Aktiffvate, and AnterFeerons—are “uniquely qualified to treat and modify the course of the Coronavirus epidemic in CHINA and other countries,” and that users can expect the “disappearance of viral symptoms within two to four days,” the FTC alleged. The FTC sent Golden Sunrise a letter in April 2020 , warning that it should immediately remove all advertising claims that the products could prevent, treat,

FTC Announces Staff Reports on Car Buying and Financing Experience, Results of Auto Buyers Study

Reports highlight potential issues for consumers Two new staff reports from the Federal Trade Commission highlight some of the challenges and confusion consumers can face in buying and financing a car, particularly relating to charges for add-on items after the initial price negotiation that can lead to them paying more than expected. The reports are based, in part, on a study of auto buyers conducted by the FTC that consisted of in-depth interviews with 38 consumers about the car buying and financing process. A staff report from the FTC’s Bureau of Consumer Protection   (BCP) notes a number of issues that arose in the study, from the advertising that draws consumers in through the entire car buying experience. The BCP report notes that consumers were sometimes not aware of key terms of sales and financing contracts, and it points in particular to issues that potentially keep them from having an accurate picture of the amount they are paying. One issue noted was focusing on monthly pa

FTC Acts to Stop Deceptive Insulation and Energy-Savings Claims

Actions brought against four companies target claims made for architectural coatings applied to houses and other buildings The Federal Trade Commission sued four companies that sell paint products used to coat buildings and homes, alleging that they deceived consumers about their products’ insulation and energy-savings capabilities. In complaints filed in federal court, the FTC charged that the companies falsely overstated the R-value ratings of the coatings, making deceptive statements about heat flow and insulating power. “Companies touting the energy-saving properties of their products must have scientific support for their claims,” said Andrew Smith, Director of the FTC’s Bureau of Consumer Protection. “When they don’t, the FTC will step in to make sure they do.” A product’s R-value is a measure of its resistance to heat flow: the higher the R-value, the greater the insulating power. Using R-value and other product information, consumers can improve the energy efficiency of their

Orders of approximation

In computer science, big O notation is used to classify algorithms according to how their run time or space requirements grow as the input size grows. In analytic number theory, big O notation is often used to express a bound on the difference between an arithmetical function and a better understood approximation.

Git force-pushing will overwrite the remote branch with the state of your local one

If there are commits on the git remote branch that you don't have in your local branch, you will lose those commits.

Amending the most recent git commit message

git commit --amend will open your editor, allowing you to change the commit message of the most recent commit.  If your commit message is short, you can set the commit message directly in the command line with: git commit --amend -m "New commit message"

In Final Court Summary, FTC Reports Volkswagen Repaid More Than $9.5 Billion To Car Buyers Who Were Deceived by “Clean Diesel” Ad Campaign

More than 86 percent chose to return their car for compensation In a final summary filed in federal court today, the Federal Trade Commission reported that Volkswagen and Porsche repaid a total of more than $9.5 billion since 2016 to car buyers under the FTC’s orders stemming from the companies’ deceptive “clean diesel” advertising of VWs and Audis fitted with illegal emission defeat devices. Given a choice between returning their vehicle to VW or Porsche in exchange for compensation, or having the car modified to comply with clean-air rules, more than 86 percent of those who concluded the claims process chose to return their car through a buyback or early lease termination, the FTC noted in a Final Status Report  filed with the U.S. District Court for the Northern District of California.  “Most important, the FTC orders and related private class settlements provided redress sufficient to compensate consumers fully,” the FTC said in the report. The FTC’s final report to the court mark

Microsoft will no longer produce official PHP builds for Windows beginning with PHP 8.0

And will no longer deliver support for PHP 7.2, PHP 7.3, and PHP 7.4.

Sometimes it's better to use dynamic size arrays.

 Java's Arraylist can provide you this feature.

Avoid the 100 most-used passwords.

List of the most common passwords

Install Ansible AWX on Ubuntu

git clone --depth 50 cd awx/installer/ Change  secret_key inside inventory file. Execute playbook ansible-playbook -i inventory install.yml Use the docker ps command to get a list of running containers. $  docker ps CONTAINER ID        IMAGE                COMMAND                  CREATED             STATUS              PORTS                  NAMES a2acc6628459        ansible/awx:13.0.0   "tini -- /usr/bin/la…"   3 minutes ago       Up 3 minutes        8052/tcp               awx_task 33999b021c10        ansible/awx:13.0.0   "tini -- /bin/sh -c …"   3 minutes ago       Up 3 minutes>8052/tcp   awx_web a545cf8abb82        postgres:10          "docker-entrypoint.s…"   3 minutes ago       Up 3 minutes        5432/tcp               awx_postgres bd8517f2fe80        redis                "docker-entrypoint.s…"   3 minutes ago       Up 3 minutes        6379/tcp               awx_redis Access Ansib

Install Docker SDK for Python

pip install docker

AWX provides a web-based user interface, REST API, and task engine built on top of Ansible.

AWX can assist with auditing Ansible automation

AWX can provide a complete audit trail to help you find out what happened and when.  AWX can also help with ensuring version control of Ansible playbooks.

The block editor lets you create pages and posts with ease, and the newest updates make it more intuitive than ever.

The Updated Block Editor is Here to Make Your Life Easier  Improvements based on user feedback simplify the editing experience so you can focus on creating quality content for your audience.

Pull Requests are the heart of collaboration on GitHub.

When you open a pull request, you’re proposing your changes and requesting that someone review and pull in your contribution and merge them into their branch.  Pull requests show diffs, or differences, of the content from both branches. The changes, additions, and subtractions are shown in green and red.

A template contains variables which are replaced by the values which are passed in when the template is rendered.

There are less of static data and more of dynamic data being requested from clients in the modern web world Variables are helpful with the dynamic data.

Ansible Vault stores variable data encrypted using AES256

Ansible encrypted vaults can be referenced by any playbook, provided the vault password is passed to the playbook when it is run. see 

Ansible Gathering Facts populates a wide array of variables with useful key system data

Run the following code from the command line to Gather Facts: $ ansible -m setup localhost

Install a role from Ansible Galaxy

$ ansible-galaxy install -p roles/

Ansible running user

You can use the --user (or -u) flag with ansible-playbook to specify a user to be used across all hosts in the inventory, or you can even use the ansible_user host variable within the inventory itself to specify user accounts on a per-host basis.

tmux maximize pane

Ctrl + b (prefix) + z works to zoom into a particular pane in tmux 2.1. It you press Ctrl + b + z again, it zoom pane back to original size. It doesn't create a new pane.

Ansible Module documentation

Ansible Module documentation can be found on the official Ansible website, or as part of the installed Ansible package.  For example: $ ansible-doc shell

Split, Create and Close Tmux Screen In Linux

Split Tmux Screen Horizontally CTRL+B % Split Tmux Screen Vertically CTRL+B " Navigate To The Previous Window We can navigate with p and n keys CTRL+B p     will naviagte to previous windows CTRL+B n     will navigate to next window Kill Pane To kill a tmux pane CTRL+B x key combination is used.

tmux move between panes

To move from one pane to another, press Ctrl+B, and then either the Up, Down, Left, or Right Arrow. If you press Ctrl+B, and then the percentage sign ( %) it splits the current pane vertically. Press Ctrl+B, and then Q to make tmux briefly flash the number of each pane.

Dry-run a Linux history command

Using verification ( p ) is generally a good idea if you're new to using the  history  command in production. If you want to verify the command you're about to modify and run, you can use the p modifier at the tail end of a history modification. $ !!:p history The command you see as a result is the expanded item from history, but it hasn't been run yet. You can run it manually, by pressing the Up arrow or Ctrl+P.

Linux History Command Word Designators

0 (Zero) – returns the zeroth word, which is typically the command n – returns the nth word of the selected command ^ – returns the first argument for the command $ – returns the last word, usually an argument * – returns all words except for the zeroth word of the command

Removing old content can help your SEO.

Providing accuracy, relevancy, and quality – as well as timeliness in information is the key to SEO Content pruning involves removing low-performing, obsolete content from your website’s archives.

Ignore Ansible SSH authenticity checking

Inside ansible.cfg  [defaults] host_key_checking = False

Use Ansible setup module to gather facts

Display gathered facts Display gathered facts about your inventory hosts using the following command: $ ansible all -i hosts -m setup | less Display all facts about all the hosts in your inventory $ ansible all -m setup 

Installing Ansible with pip

$ curl -o $ python3 --user $ pip install --user ansible

Fixed: Ubuntu networkmanager device strickly unmanaged

By default, NetworkManager does not manage interfaces that appear in /etc/network/interfaces. You can change this behaviour. sudo vim /etc/NetworkManager/NetworkManager.conf Change the line managed=false to managed= true $ sudo systemctl restart NetworkManager Another way: Remove the interface from /etc/network/interfaces. Only keep the following inside /etc/network/interfaces: auto lo iface lo inet loopback $ sudo systemctl restart NetworkManager

FTC and Missouri Attorney General Warn Hearing Aid Sellers About Deceptive Stimulus Payment Claims

The Federal Trade Commission and Missouri Attorney General have sent warning letters  to two companies that sent mailers to consumers that suggested that they could provide government stimulus money to customers to purchase their hearing aids. The letters highlight claims included in the mailers that implied that consumers were eligible for a government stimulus benefit specifically for the use of buying hearing aids, and that the companies were able to provide that benefit. The mailers included language like “Call Today to Secure Your Stimulus Money. For Stimulus Voucher Appointments, Call Today!” and “CORONA-VIRUS (sic) PANDEMIC HEARING AID STIMULUS PACKAGE ANNOUNCED FOR MISSOURI.” The mailers also included a document designed to look like a $1,000 check made out to the consumer labeled “OFFICIAL AUTHORIZED VOUCHER” and with instructions to endorse it on the back. The letters warn the recipients to cease making all deceptive claims and also instruct them to notify the FTC and State

Fired Fox News Host Ed Henry and More Accused of Sexual Misconduct in Graphic Lawsuit - E! Online - AU

Ed Henry, who was recently fired from Fox News, and other talent from the conservative cable news network were accused of sexual misconduct in a new lawsuit filed on Monday.

ClamAV is an Opensource Antivirus option for Linux/Unix O/S and protects your system against Trojans, malware and other security threats.

Galaxy provides pre-packaged units of work known to Ansible as roles.

Git is a tool to perform version control.

One major feature of Git is its distributed structure so that the developers can work with an offline copy of the code base. Developers can use Git to manage their code versions over time.  Changes made to the code will incrementally stack up to the existing code creating a new version.  

The default username for RHEL on AWS is ec2-user.

Ansible comes with two different modules

All these modules are idempotent. Core modules: Core modules play a much greater role than extra modules. They always come with the software. Extra modules: Ansible community maintains such modules. Besides, the modules are reusable. Even though they are the parts of Ansible, you can separate them whenever you need.

Ansible collects a lot of the information about the remote hosts as it runs a playbook.

The task of collecting this remote system information is called as Gathering Facts by ansible and the details collected are generally known as facts or variables. ansible playbooks call this setup module by default to perform Gathering Facts task. Run the ansible all -m setup command against any host group. ansible all -m setup | tee ansible-facts.txt

FTC to Host Virtual PrivacyCon 2020 on July 21

WHAT: The Federal Trade Commission will host PrivacyCon 2020 to examine the latest research and trends related to consumer privacy and data security. WHEN: Tuesday, July 21, 2020, 9 a.m. - 5 p.m. ET WHERE: The event will be held online. A link to view PrivacyCon will be posted the morning of the event to and the event page . WHO: The event will feature opening remarks by FTC Bureau of Consumer Protection Director Andrew Smith, as well as presentations and discussions on a variety of privacy and data security research. TWITTER: The event will be tweeted live from the FTC’s Twitter page (@FTC) using the hashtag #PrivacyCon20.

Ansible shell example

  - name: This command will show ip     shell:       cmd: ip a

To invest is to allocate money in the expectation of some benefit in the future.

In finance, the benefit from an investment is called a return.  The return may consist of a gain (or loss) realized from the sale of a property or an investment, unrealized capital appreciation (or depreciation), or investment income such as dividends, interest, rental income etc., or a combination of capital gain and income. The return may also include currency gains or losses due to changes in the foreign currency exchange rates.

To help or how to use ansible-playbook command, use -h option

ansible-playbook -h $ ansible-playbook -h usage: ansible-playbook [-h] [--version] [-v] [-k]                         [--private-key PRIVATE_KEY_FILE] [-u REMOTE_USER]                         [-c CONNECTION] [-T TIMEOUT]                         [--ssh-common-args SSH_COMMON_ARGS]                         [--sftp-extra-args SFTP_EXTRA_ARGS]                         [--scp-extra-args SCP_EXTRA_ARGS]                         [--ssh-extra-args SSH_EXTRA_ARGS] [--force-handlers]                         [--flush-cache] [-b] [--become-method BECOME_METHOD]                         [--become-user BECOME_USER] [-K] [-t TAGS]                         [--skip-tags SKIP_TAGS] [-C] [--syntax-check] [-D]                         [-i INVENTORY] [--list-hosts] [-l SUBSET]                         [-e EXTRA_VARS] [--vault-id VAULT_IDS]                         [--ask-vault-pass | --vault-password-file VAULT_PASSWORD_FILES]                         [-f FORKS] [-M MODULE_PATH] [--list-tasks]                    

Ansible: Default IP address of the remote host

--- - hosts: all   tasks:     - debug: var=hostvars[inventory_hostname]['ansible_default_ipv4']['address']     - debug: var=hostvars[inventory_hostname]['ansible_default_ipv6']['address']

If you add --ask-become-pass or -K, Ansible prompts you for the password to use for privilege escalation (sudo/su/pfexec/doas/etc).

Test SSH connection with the Ansible ping module

--- ### ## First play: Dynamically configure SSH user based on test ## - hosts: "{{ host_group }}"   gather_facts: false  # don't try to ssh yet!!   vars:     ansible_ssh_user: "{{ username }}"   tasks:     - name: "Test SSH connection"       ping:  # <-- no args needed       ignore_unreachable: true       ignore_errors: true       changed_when: false       register: ssh_test     - name: "Fall back to root user?"       when: ssh_test.unreachable is defined       connection: local       set_fact:         ansible_ssh_user: root ### ## Next play: Do something  ### - hosts: "{{ host_group }}"   tasks:     - name: your task here       # ...

Enabling or disabling check mode for Ansible tasks

There are two options: Force a task to  run in check mode , even when the playbook is called  without   --check . This is called  check_mode:   yes . Force a task to  run in normal mode  and make changes to the system, even when the playbook is called  with   --check . This is called  check_mode:   no .

Missing sudo password in Ansible

Solution: Method 1: Add a file to the /etc/sudoers.d directory on the target machine called goyun with the following contents: goyun ALL=(ALL) NOPASSWD:ALL Method 2: Run Ansible playbook with -k -K (uppercase). The playbook will prompt for password. ansible-playbook -k -K 

Ansible become is a method to run a particular task in a playbook with Special Privileges like root user or some other user.

Ansible become and become_user both have to be used in a playbook in certain cases where you want your remote user to be is more like doing sudo -u someuser before running a task. When you are not defining the become_user and just use become. Ansible will perform the basic sudo and it will execute the corresponding task as root user

Create SHA512 password hashes on command line

$ mkpasswd -m help Available methods: sha512crypt     SHA-512 sha256crypt     SHA-256 md5crypt        MD5 descrypt        standard 56 bit DES-based crypt(3) $ mkpasswd --method= sha-512 Password: $6$waLKhgmBiz1$cbiCevU1WKDlL9jRua0UrALelysyhvH8pW9Xh1z.2g4BN3rk/wtoE/Ol/paWIHoOw6Je0NHM0.K6.ckpOFBet0

Ansible ad-hoc commands can be considered as shell commands and a playbook be considered as a shell script.

Linux password cryptographic hash algorithm method

The password is using the $type$salt$hashed format. $type is the method cryptographic hash algorithm and can have the following values: $1$ – MD5 $2a$ – Blowfish $2y$ – Eksblowfish $5$ – SHA-256 $6$ – SHA-512

The /etc/shadow file contains one entry per line, each representing a user account.

/etc/shadow is a text file that contains information about the system’s users’ passwords.  It is owned by user root and group shadow, and has 640 permissions.

Enable Password Login for Connecting to EC2 Instance

To enable a password authentication, you create a password, update the /etc/ssh/sshd_config file, and then restart the SSH service.

Fixed ansible Syntax Error while loading YAML.

If you encounter error like this: $ ansible-playbook debug.yml --syntax-check ERROR! We were unable to read either as JSON nor YAML, these are the errors we got from each: JSON: No JSON object could be decoded Syntax Error while loading YAML.   mapping values are not allowed in this context The error appears to be in '/home/ec2-user/ansible/debug.yml': line 8, column 14, but may be elsewhere in the file depending on the exact syntax problem. The offending line appears to be:     - name: This command will show ip         shell:              ^ here It is likely an indentation error, Yaml is very strict about the indentations and the spacing. You need to make sure that you have two spaces as indentation for the error of your playbook.

Install Ansible on Amazon Linux(EC2)

Update your EC2 Amazon Linux Box  $ sudo yum update -y Use the yum command to install ansible.   $ sudo yum install ansible  -y

Ansible YML Playbook Syntax Check

$ ansible-playbook debug.yml --syntax-check ERROR! We were unable to read either as JSON nor YAML, these are the errors we got from each: JSON: No JSON object could be decoded Syntax Error while loading YAML.   mapping values are not allowed in this context The error appears to be in '/home/ec2-user/ansible/debug.yml': line 8, column 14, but may be elsewhere in the file depending on the exact syntax problem. The offending line appears to be:     - name: This command will show ip         shell:              ^ here

FTC, Florida Attorney General Obtain Court Order Temporarily Halting Bogus Orlando-Based Credit Card Interest Rate Reduction Operation

At the request of the Federal Trade Commission and the Florida Office of the Attorney General, a federal court has temporarily halted an alleged sham credit card interest rate reduction operation that often targeted financially distressed consumers and older adults. The court’s order temporarily halts the Orlando-based operation, freezes its assets, and appoints a receiver over the businesses. In a joint complaint, the FTC and Florida Attorney General’s Office are seeking to permanently stop the conduct and secure money for consumer refunds.  “If you’re one of the many Americans now dealing with rising debt, steer clear of companies promising to reduce your credit card interest rate after you pay them,” said Andrew Smith, Director of the FTC’s Bureau of Consumer Protection. “The FTC is proud to partner again with the Florida Attorney General to stamp out these bogus offers.” “Consumers who find themselves living with debt can feel like they are trapped in a downward spiral, strugglin

Installing mkpasswd on EC2/CentOS

The command mkpasswd is actually part of the expect package, and should probably be avoided. You can find out what package it belongs to with either of these commands. $ yum whatprovides "*/mkpasswd" $ sudo yum -y install expect

Begin a new line in vim/vi

o Begin a new line below the cursor O Begin a new line above the cursor

Ansible Installation on Amazon Linux(EC2)

$ sudo yum update -y $ sudo yum install ansible  -y  Check Ansible Version

Adduser vs Useradd

The difference between adduser and useradd is that adduser is used to add users with setting up account’s home folder and other settings while useradd is a low-level utility command to add users.

Set hostname on CentOS

# hostnamectl set-hostname your-new-hostname Check new host name: $ hostnamectl 

FTC Sends More Than $16 Million in Refunds to Victims of Bogus Debt Relief Operation

The Federal Trade Commission is sending more than $16 million to individuals who lost money to a debt relief scam that targeted tens of thousands of consumers facing financial difficulty. The FTC and the Florida Office of the Attorney General alleged that a group of defendants known as Helping America Group got people to pay hundreds or thousands of dollars a month by falsely promising to pay, settle, or obtain dismissal of their debts and improve their credit scores. Over time, victims found their debts unpaid, their accounts in default, and their credit scores severely damaged—some were sued by their creditors, and some were forced into bankruptcy. The FTC is providing 27,083 refund checks to victims of the scam. The FTC expects to collect additional money in this case, and plans to send a second round of checks at that time. Recipients should deposit or cash their checks within 90 days. The FTC never requires people to pay money or provide account information to cash a refu

Add an local entry in Ansible Inventory

Inside hosts file: localhost ansible_connection=local Or your-own-instance-alias ansible_connection=local

Ansible facts or variables

Ansible collects information about the remote hosts as it runs a playbook. The task of collecting this remote system information is called as Gathering Facts by Ansible and the details collected are generally known as facts or variables.

Get CPU information on Linux

lscpu cat /proc/cpuinfo

How to get system-product-name on Linux

$ dmidecode -s system-product-name

FTC Launches New Online Tool for Exploring Military Consumer Data

The Federal Trade Commission launched a new tool that explores data about problems military consumers may experience in the marketplace. For the first time, data about reports the FTC has received from active duty service members and veterans will be available online in an interactive dashboard at data . The military dashboard , which is updated quarterly, has a drop-down feature that shows data for “active duty,” “veterans and retirees,” and “all military.”  From 2015 through the first two quarters of 2020, reports received by the Consumer Sentinel Network showed the median fraud losses for veterans and retirees were $750. For active duty military, the top reported scam type was government imposters, followed by unwanted telemarketing calls. In addition, for “all military”—which includes military families and reservists—65.5 percent of people who reported online shopping problems reported losing money. Many online shopping reports are about merchandise ordered on

Linux chage command - change user password expiry information.

To view current password expiry date info for a user, use the -l command-line option. chage -l [USERNAME] $ chage -l ec2-user Last password change                                    : May 31, 2020 Password expires                                        : never Password inactive                                       : never Account expires                                         : never Minimum number of days between password change          : 0 Maximum number of days between password change          : 99999 Number of days of warning before password expires       : 7        If none of the options are selected, chage operates in an interactive        fashion, prompting the user with the current values for all of the        fields. Enter the new value to change the field, or leave the line        blank to use the current value. The current value is displayed between        a pair of [ ] marks. $ chage --help Usage: chage [options] LOGIN Options:   -d, --lastday LAST_

Ansible can manage anything with an SSH interface or an API

Java HashSet class is a member of Java collections framework.

Java HashSet implements the Set interface. HashSets are used to store a collection of unique elements.

How to fix: redirected you too many times.

If you encountered the following error: And you have cleared your cache, cookie, or tried private/incognito mode, tried different browser/computer, then you can try the following: In the browsers URL type in And then choose to "Go to  NEWS FEED".

Your child's teeth can fall out in any order

Baby teeth are often lost in the same order they arrived. If your child's baby teeth came in later than his peers, he may lose them later too.

Most children lose their baby teeth in this order

Baby teeth ordinarily are shed first at about age 6 when the incisors, the middle teeth in front, become loose. Molars, in the back, are usually shed between ages 10 and 12, and are replaced with permanent teeth by about age 13.

Running Ansible against localhost

Run commands against the Ansible control node by using “localhost” or “” for the server name: $ ansible localhost -m ping -e 'ansible_python_interpreter="/usr/bin/env python"' Or specify localhost explicitly by adding this to your inventory file: localhost ansible_connection=local ansible_python_interpreter="/usr/bin/env python"

Ansible ssh key per host using ansible_ssh_private_key_file

## Ansible with multiple SSH key pair as per server hosting ## [] www1 ansible_ssh_private_key_file=/path/to/file www2 ansible_ssh_private_key_file=/path/to/file

How to set up SSH agent to avoid retyping passwords

$ ssh-agent bash $ ssh-add ~/.ssh/id_rsa or $ ssh-add #to add default keys  You can also add the private key file: $ ssh-agent bash $ ssh-add ~/.ssh/goyun.inof.keypair.pem

By default Ansible uses native OpenSSH

Ansible supports ControlPersist, Kerberos, and options in ~/.ssh/config such as Jump Host setup.  If your control machine uses an older version of OpenSSH that does not support ControlPersist, Ansible will fallback to a Python implementation of OpenSSH called 'paramiko'.