Why pay for $0.63/cap when you can pay $0.16/cap?

We’ve all been there, having a network gear die on you prematurely for no reason or it starts to give into random packet loss or where the switch can’t seem to switch into a faster transmission speed for no apparent reason.

This was the culprit in my 8-port Netgear consumer gigabit switch:

Taking a closer look at the bulge, it does appear to be a capacitor that’s been blown. As always, I went out to my local electronic components store and bought new caps to replace the blown cap. This time specifically asking for low ESR and good quality capacitors made by a reputable company. They knew what I was talking about and handed them to me at $0.63 a pop in quantities of 5:

Yes, they are Panasonic FM series low ESR capacitors. From what I can comprehend on Google, it seems like these capacitors are quite popular with the Hi-Fi audio community because of the electrical characteristics.

Anyhow, a pair of 1000ยตF capacitors that blew and things started to go downhill from there. That bad capacitor costed them 30-50 cents less than the good quality one, but imagine if a bunch of customers claiming warranty or worse launching a class action lawsuit because of these faulty capacitors being on their board. They’d probably lose that 30-40 cents of savings per cap in the long run than actually realizing the cost savings.

Also, only having a 40W iron available doesn’t make things any better on removing the old and soldering in the new capacitors. What’s even worse is the solder they used is the new lead free stuff – yuck!

Making WordPress Domain Name Agnostic

When I was migrating this blog over to my own server at home reverse proxied at a VPS sitting somewhere, I ran into an issue where I could not figure out how the heck does one force the WordPress administration page to have a different subdomain from the where the site was installed to. Gave up on fixing it for a month or so and therefore, blog posts became… somewhat limited… Well it was limited anyways to start off with ๐Ÿ˜›

After trying out various solutions that mostly ended up in breaking the site, I’ve came across this idea:


The thread’s OP wanted a few different domains to point to his site regardless and not have WordPress further molest the URI’s being generated on the page. TL;DR the main idea was to use this:

$url = "http://".$_SERVER["HTTP_HOST"];

…inside the wp-config.php file.

And in turn:


Dang, lesson learned here – wp-config.php can be treated like a PHP script where you can call all sorts of variables, including the $_SERVER ones.

Of course, additional work is required on the nginx side to have the proxy to pass on the HTTP Host value as-is to the said internal site.

KB2750149 and the Failover Cluster GUI… Ouch

Last Patch Tuseday’s round had an update (KB2750149) for the .NET Framework on Windows 8/2012 systems that broke the Failover Cluster management UI. It’s a known issue for Microsoft as reported on their blog below:


Unfortunately as of writing, Microsoft hasn’t pushed an update for fixing what they broke. However what they broke should not affect the functionality of the Failover Cluster itself. As the blog post stated above, the Failover Cluster will still function as normal and can still be managed using the PowerShell cmdlets or the command line tools.

To fix the issue you’ll probably have to either use DISM or the Windows Image Servicing PowerShell cmdlets to remove the .NET Framework Update. By performing a dism /online /get-packages or Get-WindowsPackage -Online and searching for the string ‘KB2750149’ should be sufficient enough to start the removal process.

Again before removing the patch, consult with the documentation. I can’t be responsible if you break your own system when you remove that patch mentioned above ๐Ÿ˜‰

Lesson of the Day: Do Not Steal A Hacker’s Computer, Especially If You’re “Someone Who’s Less Competent Than a Keyboard Chimp”

This piece might sound old in the DEFCON/hacker community, but a hacker by the name Zoz had his Mac G4 desktop stolen back in 2008 or so. 2 years later a person by the name Melvin Guzman somehow got the machine online on a non-NATted IPv4 address, opening the window for Zoz to start his expedition on recovering his stolen desktop. The slides he presents might not be so work safe, although he clearly makes some effort on censoring the not work safe parts. Language is also present, so just don’t turn the speakers up if you’re at work.

If you’re an IT professional or something similar, you’ll find this video to be quite humorous in nature. For anyone else, the moral is: Don’t steal or mess around with a hacker’s computer. He also mentions that due to his poor security practices, he was able to use his “high tech” skills against “someone who’s less competent than a keyboard chimp”. So… If you’re one of those people who are in fact IT pros and recently had their laptops/desktops stolen, follow his examples and you’ll probably get it back… Eventually…

If you’re interested, the slides in high resolution detail are somewhere stashed in Google. Just go find them ๐Ÿ˜‰