How GitHub Advanced Security for Azure DevOps Saves the Day (and Your Reputation)

Let's face it, developers: we've all accidentally committed a secret (or two) to our code repository at some point. Maybe it was an API key, a database password, or that super-secret encryption key you swore you'd never forget. ‍♂️

The problem?  Those exposed secrets can be a hacker's dream come true. A leaked secret can bring your entire application crashing down, wreaking havoc on your data and reputation. Shuddersville.  Many good developers do not pay attention to this critical aspect while working on the code, behaviour which most of the time becomes very costly and painful.

That's where GitHub Advanced Security for Azure DevOps swoops in like a superhero with a cape (well, maybe more like a shield, but you get the idea). This powerful integration brings the muscle of GitHub's security features into your Azure DevOps workflow, so you can identify and squash those secret leaks before they become a disaster.

Here's how GitHub Advanced Security for Azure DevOps saves your bacon:

• Secret Scanning: It acts like a super-sleuth, scouring your code for any exposed secrets like passwords, tokens, and keys. No more accidental oopsies making it past your commit.
• Dependency Scanning: Those third-party libraries you love? They can have hidden vulnerabilities. Advanced Security scans your dependencies to expose any weak spots so you can patch them up before they get exploited.
• CodeQL Code Scanning: This built-in code analysis tool is like a security X-ray for your codebase. It hunts for potential vulnerabilities and coding errors, so you can fix them before they become a problem.

The best part? This security suite integrates seamlessly into your Azure DevOps workflow. No need to jump through hoops or learn a whole new platform. You can find, fix, and prevent security issues all within your familiar Azure DevOps environment. Win-win!

So, ditch the stress of exposed secrets and vulnerable code. Embrace the power of GitHub Advanced Security for Azure DevOps. Your future self (and your security team) will thank you for it.

P.S. Looking for more info? Check out the official documentation to see how to get started with GitHub Advanced Security for Azure DevOps and start building more secure software today!

How do You Install XvidCap on uBuntu 12.04 Distro

Xvidcap is a small tool to capture things going on on an X-Windows display to either individual frames or an MPEG video. This software is not present in the Ubuntu 12.04 repository by default. You can get a copy of the distributed binary in the form of a .deb package at the following link.

https://launchpad.net/ubuntu/precise/amd64/xvidcap/

Once you download this package, go ahead and install the package with the following command. The amd64 package given as example is for 64 bit machine.

$ sudo dpkg -i xvidcap_1.1.7-0.2ubuntu12_amd64

In case if the above command fails giving out errors, please note that Xvidcap depends on libavdevice-extra-53 package. So go ahead and install this package first with the following command.

$ sudo  apt-get install libavdevice-extra-53

By default, the Ubuntu 12.04 comes with libavcodec53 package. This conflicts with the  libavdevice-extra-53. In such a case, feel free to go ahead and replace the libavcodec53 package with libavdevice-extra-53. This satisfies the dependency requirement for Xvidcap.

Once done with setting dependencies, you can then install the Xvidcap package.

This is another posting showing "how to do computing" for everyday computer usages... For a general public 

Got files separed from norm HTML

After meet up with team members we decide to migrate the site from norm HTML to PHP, the all projetc will take quite a while to finish, but so far the foundations, of the project are already laid down.. Quite interesting to see how this process is unfolding down ...

• Cut all the code and past in a separated document
• Save the new document with a different header name with .php file extension.
• Then import the content of the heading document into the main html document using the include* function - [ include is part of php library ]

Seems like all gone as we were expecting, but bear in mind that we faced some bugs when we tried to apply this approach the first time  ... Here it goes the output still getting the original content but keeping all the information rendered on server..

Here follows a screen shoot of the file the way it was before it been changed .. All the HTML markup in just one page ..

VMware on Linux : Running in Permiscuous Mode

 VMware on Linux: Promiscuous Mode

When VMware Workstation is hosted under Linux, by default it doesn't allow VM Guests to access the network in Promiscuous mode.  There's an easy fix for this...

If you run something like Wireshark from a VM Guest, you'll see VMware display an error message.

The problem lies with the permissions on the Host.  When VMware is started without root privileges, it doesn't have the permissions necessary to access the /dev/vmnet0 device.

A quick temporary bodge is to use chgrp and chmod on the Host, to tweak the permissions on /dev/vmnet* until the next reboot (where yourgroup is a group that your user account is in - typically admin on my Ubuntu machines):
   chgrp yourgroup /dev/vmnet*
   chmod g+rw /dev/vmnet*

A more permanent fix is to edit /etc/init.d/vmware on the Host, and tweak the ownership and permissions when the device is created, by adding the lines in red:
  # Start the virtual ethernet kernel service
   vmwareStartVmnet() {
      vmwareLoadModule $vnet
      "$BINDIR"/vmware-networks --start >> $VNETLIB_LOG 2>&1
      chgrp yourgroup  /dev/vmnet*
      chmod g+rw /dev/vmnet*

After you restart the Host's VMware daemon ...

   /etc/init.d/vmware stop
   /etc/init.d/vmware start

you'll be able to boot your Guest VM, and use Wireshark or whatever in the Guest.  Just Remember!   Your VM Guest's Network Adapter must be set to BRIDGED (connected directly to the physical network), not NAT (used to share the host's IP address).

Aside: I did think it ought be possible to achieve the same effect a little more cleanly, by creating a file in /etc/udev/rules.d to set the desired ownership and permission modes for /dev/vmnet*.  But nothing I've tried has worked.  Anyone?

Code - breaking ( PHP programming ) Warming up

For some time I've developing stuff in PHP .. Like experimenting stuff Its a very interesting language
to experiment with .. As it is the same with Java, Python, PHP, C++ and Ruby&Rails ....


Today, I felt like talking about php .. One, think there is one important think to say to anyone willing to learn and programm in PHP, for you to run and develop php on your computer, its  necessary to have a server running on the machine that will be used to develop and write the php code ..


It might sound quite complicated but its very simple ...To setup a server on your own computer just download Xampp for Windows, LAMP for Linux, or MAMP for Mac OS (Apple).

After your download it and install it and run properly the server you will able to see you php files via-localhost on your browser. This post isn't about how to install your server and run the localhost .. But I can explain it on another post .. For now, lets just focus on PHP coding.

 The simple and first thing on any programming language is the

 "Hello World"

 "
<html>
<head>
<title> Test PHP </title>
</head>
<body>
<?php
echo " Hello World ! ";
?>"
</body>
</html>
"
That's it simple ....

O Browser will see somethink like this;

The First Digital Weapon Ever Made .. All build in Code