SSL Issues

I have no idea how I ended up with SSL issues on the restore but I think I finally have it fixed. I use Cloudfront for the SSL. I used to use Let’s Encrypt but this is so much easier – usually. I use the flexible setting in Cloudflare and then downloaded a plugin called SSL Insecure Content Fixer and it fixed my issues.

I could have sworn I was using Full Encryption last time. When I went to the Cloudfront settings I was sure that is what was selected. Using Flexible it worked for visitors but I couldn’t post. It said there was insecure items. If I show the insecure items i can’t publish. I had to set my site settings to HTTP instead of HTTPS. That is also something that I could have sworn was HTTPS before the crash.

Who knows but it is all working again. My next thing to fix is the multi-site. I found instructions to use regular domains instead of subdomains. I’d like to try to reduce my EC2 usage and this is one of the ways I thought I could do that.

PC-Prime.com has been Migrated to a Raspberry Pi 4

One of my EC2 instance reserves was going to be up on January 29th. I took the opportunity to move it to a new raspberry Pi 4 B with 8 GB of Ram. It is running Ubuntu 23.04 server and is on a 32GB SD card. I also have the daily backup going to Cloudflare R2. I was already using Cloudflare for the DNS and the CDN.

The wordpress setup and install took longer than I wanted. I just have not done it in a long time. Now with the bugs fixed I should be good to go.

The site gets less than a 10,000 hits a month and is more about having it as a requirement for things like taking credit cards. The cost for the Pi is close to my 3 yr reserved t3a price. I figured now that I have the speed and experience then why not self-host. I’ve been waiting years for a Pi 4. I have several 2’s and 3’s but wanted the extra ram in the latest version. I may also put another site or two on the PI. Why not right?

Unable to Add Windows Computer to Intune

I had the hardest time trying to get this one computer added. It kept telling me it was already added.

First, the post that helped:

@RandSol , For our issue, we can try to delete all GUIDs under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Enrollments to see if it can be enrolled.
Note: Make sure to NOT delete Context, Ownership, Status and ValidNodePaths.

The following link for the reference:
https://jocha.se/blog/tech/azure-ad-mdm-intune-error-8018000a
Note: Non-Microsoft link, just for the reference.

Here was the error code that started it: Error 8018000a: The device is already enrolled.

Some of the registry entries would not delete but it did fix the issue.

I had to use a VPN to get in on the Bard Beta

I had to use a VPN to get in on the Bard Beta and that is a bunch of garbage. Google doesn’t consider USVI as past of the United States. The Bard beta is limited to US and apparently Great Britian. It’s stupid. It’s so stupid that I asked Bard to write an article for me on how stupid it is. On a side note the stuff I can do with ChatAPI and with Bard is amazing. On the other side of the coin I’ve caught Bard saying flat out lies a few times today. This could be amazing or scary.

The United States Virgin Islands (USVI) is an unincorporated territory of the United States. The USVI consists of the main islands of Saint Thomas, Saint John, and Saint Croix, as well as several smaller islands. The USVI has a population of over 105,000 people and is a major tourist destination.

Google is a multinational technology company that provides a variety of online services, including search, email, and maps. Google does not consider the USVI to be part of the United States, and as a result, USVI residents do not have access to all of the same services that are available to residents of the 50 states.

This is unfair for a number of reasons. First, the USVI is a part of the United States. The USVI has been a US territory since 1917, and its residents are US citizens. Second, the USVI is a major tourist destination. Many US citizens travel to the USVI each year, and they should be able to access the same services that are available to them when they are in the 50 states. Third, the USVI is a major economic partner of the United States. The USVI imports goods and services from the US, and it exports goods and services to the US. The US should not discriminate against the USVI by denying its residents access to important online services.

Written by Bard

Google should reconsider its policy and treat the USVI as part of the United States. This would be the fair thing to do, and it would also be good for business.

How to Manually Force Sync Azure AD with Active Directory

Imagine you’re the captain of a ship sailing the high seas. Your ship is like your Azure AD environment, and just as you need to keep your ship’s course up-to-date with the latest navigational information, you need to keep your Azure AD environment synced with the latest user and group information.

To manually force sync Azure AD Connect using PowerShell, you’ll need to give the command to “hoist the sails” and get the ship moving forward. In other words, you’ll need to open PowerShell and type “Import-Module AAD” and hit enter. Then enter the following command:

Start-ADSyncSyncCycle -PolicyType Delta

This command tells Azure AD Connect to start a delta sync cycle, which will update your Azure AD environment with any changes made to your on-premises Active Directory since the last sync.

Once you’ve given the command to start the sync cycle, you’ll need to keep a sharp eye on the horizon (or PowerShell window) for any errors or warnings that might appear. If you spot any issues, you’ll need to take corrective action to keep your ship sailing smoothly.

But with this clever little trick up your sleeve, you’ll be able to manually force sync Azure AD Connect using PowerShell like a seasoned sea captain navigating the treacherous waters of the high seas!

How to Enable the Administrator Account in Windows 10 and 11

  1. Press the Windows key + X on your keyboard and select “Command Prompt (Admin)” from the menu.
  2. In the Command Prompt window, type the following command and press Enter “:net user administrator /active:yes
  3. You should see a message that says, “The command completed successfully.” This means that the administrator account has been enabled.
  4. If you want to set a password for the administrator account, type the following command and press Enter:net user administrator *This will prompt you to enter a new password for the account. Note that the characters you type will not appear on the screen.
  5. Once you’ve set a password, you can switch to the administrator account by logging out of your current account and selecting “Administrator” from the login screen.

Note that it’s generally not recommended to use the built-in administrator account for day-to-day use, as it has unrestricted access to your system and can be a security risk. It’s usually better to use a standard user account with administrative privileges instead.

ChatAPI Can Give You the Wrong Answer

ChatAPI has been wrong with it’s code more times than right. The first time it was wrong was when I asked for code to implement a CNAM lookup for 3CX. From my knowledge there is no way to implement this correctly. ChatAPI insisted it was possible but the directions provided definitely do not work. I tried to see if there use to be a way but I have no idea where it got it’s info from. The closest I can tell is it was blurring FreePBX with 3CX. It wasn’t FreePBX directions but there was parts of the code that sure seem like it was from there.

The next time it was wrong was with filtering spam calls on a Signalwire number. In this instance it wanted me to use Twilio Spam Score API. Well, that doesn’t exist. I told it this and it apologized and then told me to use Truecaller. Truecaller has a developer platform but their API doesn’t work in this way. The code wanted an API key and secret. Truecaller wants me to create an app. On the third time asking it provided a 10 top ten list. A few them I did recognize.

The time wasted trying to prove the code is good or not does not save me anytime. At least from my point of view. Obviously version 4 will be coming out soon. I am eager to try that.

What is Zero Trust Security?

Zero Trust security is a cybersecurity framework that aims to enhance data security by ensuring that only authorized users and devices can access a network or application. This model is based on the concept of “never trust, always verify,” and it helps organizations to minimize the risk of data breaches, which are becoming increasingly common in today’s digital landscape.

In the traditional security model, once a user logs in, they are granted access to all the resources and data within the network. This approach assumes that every user and device within the network is trustworthy, and that once they are inside the network, they can be trusted to access any data they require.

However, with the increasing frequency of cyber attacks, this approach is no longer viable. It is now evident that even insiders can pose a significant threat to an organization’s data security, and therefore, it is necessary to adopt a new approach that is more effective at preventing data breaches.

Zero Trust security addresses this issue by assuming that no user or device is inherently trustworthy, and therefore, all users and devices must be verified before they are granted access to a network or application. In this model, access to data and resources is granted on a need-to-know basis, and users are only given access to the data that is necessary for them to perform their job functions.

To implement Zero Trust security, organizations need to take a holistic approach that involves several components, including network segmentation, identity and access management (IAM), continuous monitoring, and security analytics.

Network segmentation involves dividing a network into smaller, more secure segments, based on factors such as user roles, device types, and data sensitivity. This approach helps to limit the scope of any potential data breach, making it easier to identify and contain any breaches that do occur.

Identity and access management (IAM) is a critical component of Zero Trust security, as it helps to ensure that only authorized users and devices can access a network or application. IAM involves verifying the identity of users and devices, and then granting them access to data and resources based on their verified identity.

Continuous monitoring is also essential in Zero Trust security, as it helps to detect any suspicious activity on the network in real-time. This approach involves monitoring network traffic, user behavior, and other security indicators, and then using machine learning algorithms to detect any anomalies that could indicate a potential data breach.

Finally, security analytics can be used to analyze data from various sources, including network logs, user behavior, and threat intelligence feeds, to identify potential security threats and vulnerabilities. This approach helps organizations to proactively identify and address security issues before they can be exploited by attackers.

Zero Trust security offers several benefits to organizations that adopt this framework. Firstly, it helps to reduce the risk of data breaches, which can have severe financial and reputational consequences for an organization. Secondly, it enables organizations to comply with data privacy regulations, such as GDPR and CCPA, which require organizations to take measures to protect the personal data of their customers and employees. Finally, it helps to improve overall cybersecurity hygiene, by promoting a culture of continuous monitoring and proactive threat detection.

However, implementing Zero Trust security is not without its challenges. One of the most significant challenges is the complexity of the framework, which requires a holistic approach that involves multiple components and technologies. This can make it challenging for organizations to implement Zero Trust security, particularly those that lack the necessary resources and expertise.

Another challenge is user resistance, as implementing Zero Trust security can be perceived as restrictive and intrusive. This is particularly true if users are used to having unfettered access to data and resources within the network. To overcome this challenge, organizations need to ensure that they communicate the benefits of Zero Trust security effectively, and provide users with the necessary training and support to use the framework effectively.

In conclusion, Zero Trust security is a cybersecurity framework that aims to enhance data security.

Written by ChatGPT

Migration to Ghost Blog Did Not Go According to Plan

My migration to Ghost blog did not go according to plan. I had a few missteps. First, the conversion was okay but not good. Lots of broken links and just stuff that shouldn’t have been mashed together. Second, I wanted to run it in docker. That part failed really hard. I had this blog running in ghost in docker but when it came to upgrade it was ruined. Ghost blog went through some major changes and the lack of flexibility with certain packages like Mysql it just did me in.

Actually, it left a really bad taste in my mouth as this blog was ruined and I have two more ghost blogs that are completely toast. This wordpress is a 6+ month old backup that I restored. I only lost a few posts. The other two blogs will need to be built from scratch. I have the data but it’s hard to read let alone restore.

Some day soon I will attempt to migrate this blog away from WordPress.

iPhone Dictation is Not Working

iPhone dictation stopped working on an iPhone 13. Pretty much everyone older that I know uses dictation. When it stops working it really frustrates the user. I just do not understand why this happens from time to time.

There are a lot of things to check but the easiest one and most likely one is right in Settings. Go to Settings then General and then look for Keyboard. In keyboard just scroll to the bottom or until you see “Enable Dictation”. Turn it on if it is off or if it is on then toggle it and reboot the phone.

That’s it and like most Apple products all you can do is reboot. Either it works or it doesn’t.