Friday, April 30, 2021

The quest to beautify broken and/or incomplete SQL

If you like me readability of code is extremely important regardless of what language it is in. I was try to find a way to beautify SQL, but ran into a problem. If the SQL is broken, impartial or has incorrect syntax it won't beautify.  The very popular, free and open source  MySQL Workbench is an example. Many online sites fail to produce the correct result as well. Doing a quick Google search, i took the 1st result and got Instant SQL Formatter (dpriver.com) which does not work. Many site are not language aware and format poorly, such as https://www.freeformatter.com/sql-formatter.html, number 2 on results page.

Therefore I built my own tool, called Plain SQL Formatter.  

Below SQL has missing SELECT and misspell  FROM statement

1
schemas.name AS SchemaName, tables.name AS TableName, columns.name AS ColumnName, types.name AS DataTypeName, columns.max_length, columns.precision, columns.scale, columns.is_nullable FRO M sys.tables INNER JOIN sys.columns ON tables.object_id = columns.object_id INNER JOIN sys.types ON types.user_type_id = columns.user_type_id INNER JOIN sys.schemas ON schemas.schema_id = tables.schema_id WHERE tables.is_ms_shipped = 0;

In MySQL Workbench, you cannot beautify because the SQL has errors.
To beautify choose Edit->Format->Beautify Query












SSMS works but is 635Mb, and does it install local sql server as well? 

Or Plain SQL Formatter, is only 10Mb, and works with any SQL. 












You can get Plain SQL Formatter is not built-into myClipboard PlainText PowerTool, and there are 20+ such PowerTools. It's a boon to the developer, you be blown away at the list of 120 plus functions.

Top 7 Functions for Programmer

  1. Remove comments from 50 languages. The most popular in last 10 yrs.
  2. Convert words into double quoted or single quoted array "" array
  3. Pre/post smart append entered text, preserves spacing when adding 
  4. //Mon 11-Jan-21 9:25pm  MetadataConsulting.ca <- a timestamp custom comment signature
  5. Split & Join lines, on enter delimiter ■   (square represents entering input)
  6. Flip terms 'if (a!=b)'->'if (b!=a)' !!! 
  7. Pick a range [-3,5-7,9-] of lines ■ (square represents entering input)

Top 5 Functions for Information Worker

  1. Excelerator a program that check's excel formulas for formula and syntactical mistakes!!!
  2. Escape characters for Excel Formula!
  3. Dedup lines - remove all duplicate lines 
  4. NEW - Diff lines - get different between lines, using last 2 clips
  5. Thousands place format add and remove ie 1000000.00 to 1,000,000.00.00





Wednesday, April 28, 2021

StackOverflow monitors copying and pasting for 2 weeks stats released

 


Stack Overflow released there April Fools joke on the world, by monitoring cut and pastes from there site. This brings copy and paste coding to whole new level for coders. Here's some fun facts.


  • One out of every four users who visits a Stack Overflow question copies something within five minutes of hitting the page. 
  • That adds up to 40,623,987 copies across 7,305,042 posts and comments between March 26th and April 9th. 
  • People copy from answers about 10 * as often as they do from questions.
  • People copy 35 * as often as they do from comments. 
  • People copy from code blocks more than 10 * as often as they do from the surrounding text, and surprisingly, we see more copies being made on questions without accepted answers than we do on questions which are accepted. 




Copy and paste like a master get Clipboard PlainText PowerTool with 120+ functions (many for developers) and 20+ PowerTools. 

Top 6 Functions for Programmer
  • Flip terms 'if (a!=b)'->'if (b!=a)' !!! 
  • Pre/post smart append entered text, preserves spacing when adding 
  • //Mon 11-Jan-21 9:25pm  MetadataConsulting.ca - timestamp comment, customizable
  • Split & Join lines, on enter delimiter ■   (square represents entering input)
  • Remove comments from any language (50 of most popular languages in past 10yrs)
  • Convert words into JSON array {" ":" "}
  • Pick a range [-3,5-7,9-] of lines ■
    This can mimic UNIX tail and head commands, but is even more expressive because repeats are allowed. So you can have [1,1,1,1,1,2-5,10+] which repeats line 1, 5 times!

Tuesday, April 27, 2021

Researcher gets banned for stress testing Linux supply chain by easily adding backdoors to Linux kernel


I guess, even in the intelligent coding/open source community, whistle blowers are not revered but are cast outs. Linux open source team decided to ban University of Minnesota outright for research how easy it is to introduce a Linux kernel backdoor vulnerability into the delivery supply chain. Opps, to close to comfort. Really a sophomoric/moronic response. 


However you feel about what these researchers did (Chris Gaun, for example, argued, "A researcher showed how vulnerabilities can EASILY make it through [the] approval process"), this isn't really about Linux, or open source, security. It's always been the case that it's possible to get bad code into good open source projects. Open source software isn't inherently secure. Rather, it's the open source process that is secure, and while that process kicks in during development, it's arguably most potent after vulnerabilities are discovered.

Source : Greg Kroah-Hartman bans University of Minnesota from Linux development for deliberately buggy patches | ZDNet

Research Paper : qiushiwu.github.io/OpenSourceInsecurity.pdf at main · QiushiWu/qiushiwu.github.io


Tuesday, April 20, 2021

UPS Phishing Email with subject Please note: UPS 2021 | Schedule Confirmation Process | Item no.xxxxxxx

For the record, this is UPS phishing email attempt that is recently going around, with subject "Please note: UPS 2021 | Schedule Confirmation Process | Item no.xxxxxxx"

What to do?  Report them, goto bottom of page. 


From : UPS-Canada Schedule Confirm®<atiliofranzoni@hotmail.com>
Subject : 
Please note: UPS-{country} 2021 | Schedule Confirmation Process | Item no.xxxxxxx {date}



                 If you mistakenly click any link, it brings you to a very convincing fake page.







PHISHING LINKs;

Click image by mistake
1. https://difpt.org/.activate/serverxxxxxxUPS.html

How to tell this is a Phishing email ?

  1. Check email address in full, if it's not from originating company then it's phishing.
  2. Hover over all links in email, if it's not from the  company's website then forget it.
  3. The best way is to 

How to examine Email Message Source ?

Now lets look at message source
  1. Outlook.com->Actions->View Message Source. 
  2. Gmail.com->More (down arrow to top right)->Show original.
Check for suspicious links, anything that does not originate from apple.com.


Report Phishing Email (not as Spam)

  1. Outlook.com->Junk (at Top)->Phishing Scam
  2. Gmail.com->More (down-arrow to top right)->Report Phishing 

Report Phishing

If you have received this email take further 

  1. https://www.google.com/safebrowsing/report_phish/


Report phishing at Microsoft and government agencies

  1. http://www.microsoft.com/security/online-privacy/phishing-faq.aspx

Sunday, April 11, 2021

Amazon Phishing Email with subject Re: Amazon has a surprise for you

For the record, this is Amazon phishing email attempt that is recently going around, with subject "Re: Amazon has a surprise for you"

What to do?  Report them, goto bottom of page. 


From : Welcome <contact@smartlinkshare.com>
Subject : 
Re: Re: A.m.a.z.o.n has a surprise for you











PHISHING LINKs;

Click image by mistake
1. http://masterymail.com/xxxxx.shtml?xxxxxxxxxxxxxxx

How to tell this is a Phishing email ?

  1. Check email address in full, if it's not from originating company then it's phishing.
  2. Hover over all links in email, if it's not from the  company's website then forget it.
  3. The best way is to 

How to examine Email Message Source ?

Now lets look at message source
  1. Outlook.com->Actions->View Message Source. 
  2. Gmail.com->More (down arrow to top right)->Show original.
Check for suspicious links, anything that does not originate from apple.com.


Report Phishing Email (not as Spam)

  1. Outlook.com->Junk (at Top)->Phishing Scam
  2. Gmail.com->More (down-arrow to top right)->Report Phishing 

Report Phishing

If you have received this email take further 

  1. https://www.google.com/safebrowsing/report_phish/


Report phishing at Microsoft and government agencies

  1. http://www.microsoft.com/security/online-privacy/phishing-faq.aspx

Wednesday, April 7, 2021

How to check if your info is part of the Facebook 500M+ data leak April 2021














In the biggest April Fools joke, Facebook hackers re-released the personal information for 500M+ Facebook users on a hacking forum, including mobile numbers, name, gender, location, relationship status, occupation, date of birth, and email addresses.

This data was originally sold in private sales after being collected in 2019 using a bug in the 'Add Friend' feature on Facebook. Facebook had closed this vulnerability soon after it was discovered, but threat actors continued to circulate the data until it was finally released practically for free ($2.19) yesterday.

You can check you account with Have I Been Pwned: Check if your email has been compromised in a data breach (https://haveibeenpwned.com/) service which has been updated this hacked info.