Prevent QEMU/virt-manager sending escape key twice? - virtual-machine

I'm using qemu and virt-manager for a lot of my development and use the escape key a lot. Something in the stack sends the escape key twice and it's becoming very frustrating.
I've searched the web, read the man pages and changed every possible setting trying to figure out what does it and if there's a solution but no luck.
So now I turn here, is it possible to prevent this functionality?

Related

Is there a way of using the <prosody> tag in SSML to adjust individual words without a pause (without using a post-processor)

When using the prosody tag in SSML with Google Cloud TTS, I cannot adjust the attributes of individual words without creating an unwanted pause.
The code below creates a lag between 'New' and 'Video'. It has been suggested that a postprocessor can remove these pauses, but I'd like to know if there's a way of doing it directly within the code itself?
<speak>
Hello, and welcome to this<prosody pitch="+3st">New</prosody>Video Tutorial.
</speak>
After testing, it appears there isn't a way of doing this using Google Cloud TTS. You can manually edit the sound file after generating it, but thay defeats the object of the exercise.
I don't have the cleanest answer, as what you are asking is not very supported. Prosody's pitch contour let's you change the tone of voice at different parts of the sentence.
Example of Prosody contour
<speak><prosody contour="(0%, +20Hz) (20%, +30%) (100%, +20%)"> Hello friends! </prosody></speak>
I am still playing around with this, but it seems like a tedious way of getting what you want done.
Using contour
contour takes a string of tuples "(%position in sentence, pitch adjustment) (..., ...)
I hope this helped and best of luck on your work!

libtls: select() and tls_read() working together

I want to add an ssl support to an old chat application I wrote years ago. I did a lot of reading on OpenSSL and LibreSSL and I decided to try a new libtls API. I think developers did a really great job on this one.
I found it to be very easy to use - almost no changes to my existing code where required. But here is one thing I need to figure out now:
Back in a day, I was using select() to monitor sockets and recv() to read a data. This was easy, because both of those functions are working on file descriptors.
Now, with libtls, function tls_read() requires a tls context as a first argument. This means I need to search the list of clients to get an appropriate tls context every time I have a descriptor ready to be read. This is not that hard but maybe someone knows a better solution? I will appreciate all comments and code samples.
Unless I'm misreading the documentation, it seems to me that if you create the sockets yourself, and then use tls_connect_fds/tls_connect_socket/tls_accept_fds/tls_accept_socket afterwards, you'll have normal file handles available you can trivially use with select()/poll()/etc. You'd still need to keep around some sort of file descriptor to context mapping to actually issue the tls_read/tls_write once you were ready, but that's just your choice of linked list or hashtable, depending on what language you're using and what stdlib you have available.

How do you fix the occasional blank page when submitting a form?

The most troublesome bug is the occasional one; there is no definite way to reproduce it.
I've searched a lot on this topic,
and the most probable reason is the charset,
and I've taken some actions by setting the default charset as utf8 in .htaccess (I'm using Apache),
but it still happens, again occasionally!
Have you guys any tips other than setting the default charset to fix it?
As a side note that according to my own experience it happens mostly when the form is submitted from IE, if not all.
Are you using PHP?
Usually any time I hit a blank page, it's because there's an elusive bug in php someplace and errors are turned off.
Just an alternative path you might investigate.

is it possible to automatically purge a Word document of all scripts and other malicious threats?

reputedly, it is possible to make a "malicious" Word document. Maybe using embedded VB script? Anyway, not sure. My question is, is it possible to make an app that safely scrubs all such insertions from a .doc file? Of course, preferably this app should work without actually opening that file in Word application since presumably that may be sufficient for the machine to get damaged.
Is there something like that out there already? Is this even a problem worthy of discussion or in reality there is nothing really malicious that can be done using the Word documents distributed online?
ADDED LATER: johnnyArt, yes, and when you get dirt on your clothes, make sure to go to mommy and tell her about it. Mommy knows best! As a computer programmer, I am interested in learning more about how the world works, including how the world of .doc files and their embedded malicious scripts works. As for using the antivirus and anti-spyware, I will handle these issues without your precious advice. As will, probably, most other users of this forum.
You should scan the file with your antivirus/spyware of choice.
My advice is, if it has malware in it, it's not worth "cleaning" it for use.
Get yourself a clean copy somewhere else.

Encrypt resources in Cocoa app?

I have a shell script stored in the resources folder of my Cocoa app. If used improperly it could be dangerous (even though I have taken precautions to reduce exploits, such as using the absolute path to commands) so is there any way to encrypt the script in binary format, then decrypt it when it needs to be used?
Thanks
It seems as if your concern is about people getting write access to the script and modifying it to run arbitrary code. You could keep a checksum for the script in the binary and compare that with the checksum of the script before you run it. Now, how do you stop people from editing the binary too? Code signing. In fact, if you keep the shell script in the app bundle then editing the script will break the signature of the bundle anyway.
This does not make a lot of sense. If an attacker has access to edit this script file, then they likely have access to edit any number of files, your application is less likely to be a security risk than any number of other things would be attacker could do.
No. If the user will decrypt it to use it, then she can see (and intercept) the clear text at some point. If you think you have "shell-like" things to do, do them in C/ObjC... This can be your friend.
What you're asking for is essentially DRM. A different purpose (“security” instead of thwarting copyright infringement), but the same approach, with the same problems.
In order for the user to be able to normally use the (music|video|script), they must be able to decrypt it. You would do this for them under only the right conditions in your (player|app), but that doesn't matter: no matter how well you hide it, you still have to provide the user with all the technology and keys necessary to decrypt the (music|video|script), so that your (player|app) can do that.
And then, since the user has all the technology and keys necessary to decrypt it, an attacker can and eventually will uncover them all and decrypt the (music|video|script) on their own.
I second Massa's suggestion of switching away from a shell script. This doesn't completely eliminate risk: If an attacker can gain access to write to your shell script, they can gain access to write to a Mach-O executable just as easily. But editing a Mach-O executable is not nearly as easy, so you are at least raising the bar that way.