Trixology

WeatherCat => WeatherCat General Discussion => Topic started by: Blicj11 on July 29, 2016, 12:05:40 AM

Title: SSL Encryption
Post by: Blicj11 on July 29, 2016, 12:05:40 AM

My website got hacked and I just finished 36 hours of upgrading the theme, installing a stronger firewall and eliminating malware snippets from the code. I think I am back in business, but I have a question. If I convert my site to SSL encryption, will that impact any WeatherCat uploads, FTP, etc.? If anyone has any any insights or experience, I would appreciate it. I assume at least one WeatherCatter out there is using SSL (HTTPS) on their site. 

Thanks.

Title: Re: SSL Encryption
Post by: xairbusdriver on July 29, 2016, 02:02:39 AM

Too sad! And so frustrating! I keep two complete backups of my site on two different machines which might help get things back to normal with a mass upload. But that wouldn't really stop it from happening within minutes. [banghead]

Do you are using an .htaccess file?

Title: HTTPS more for privacy than security. (Re: SSL Encryption)
Post by: elagache on July 29, 2016, 11:05:01 PM

Dear Blick, X-Air, and WeatherCat victims of trying times,

Quote from: Blicj11 on July 29, 2016, 12:05:40 AM

My website got hacked

Wow!  That is extremely disappointing.  :(  Did the hacker appear to target your website for any particular reason?  I suppose these guys can be really bored, but that's really demonstrating a low self-esteem by hacker standards.

Quote from: Blicj11 on July 29, 2016, 12:05:40 AM

If I convert my site to SSL encryption, will that impact any WeatherCat uploads, FTP, etc.?

I haven't switched.  As far as I know, it will cost you extra and while people are taunting it as better security, I don't think it make your website less vulnerable to attack.  All it does is make it impossible for someone to view the contents of your website if they were ease-dropping on somebody who was viewing your website.  HTTPS is more to protect the privacy of your visitors than to protect your website.

If you want to make the switch the only ones effected will be people who have a link to your existing website.  You can solve any broken bookmarks by having a redirect from the HTTP version of the site to HTTPS.  That might be provided automatically when you upgrade the service.

I hope that is some help.

Edouard

Title: Re: SSL Encryption
Post by: xairbusdriver on July 29, 2016, 11:17:29 PM

I forgot to mention it yesterday, but I hope you've changed your password at your hosting service, especially the FTP password, if it's different. [tup]

Title: Re: SSL Encryption
Post by: Blicj11 on July 29, 2016, 11:40:47 PM

I'm pretty sure my hack was by bot rather than directly by a human. I certainly did change my password and now have a full blown firewall enabled, which is showing me who is trying to do what and it is amazing. Bots from China, Russia, Brazil and the US and been hammering at the site all day, searching for non-existant files, which I suspect are malware snippets inserted into the PHP. It's been pretty interesting to see the bot traffic hammering away. i would never have guessed my site would be the recipient of all this. I've also had someone trying to login to to the site (although that is probably just Xair trying to prove it can be done).

Edouard, thanks for your comments. I will take that into consideration.

I have installed a firewall that is in learning mode for 1 week to determine what happens with the site and who accesses it. After the week of learning mode, it will kick into a more aggressive protection mode. So far so good.

Is anyone actually using SSL encryption on their site?

Title: Re: SSL Encryption
Post by: xairbusdriver on July 30, 2016, 01:19:25 AM

Another tack is to be sure any PHP/us/etc code used on your site has up-to-date security built in. Bots are simply ways to give hackers more free time. [lol] The bot does the hard work and sends a text back to its 'creator' when it finds a hackable site. Sounds like you've done your homework well. Makes me take a better look at what I have set up at my hosting company. [blush]

Title: Re: SSL Encryption
Post by: Bull Winkus on July 30, 2016, 03:47:01 AM

Sorry to hear that you got hacked, Blick. Maybe that firewall will shore things up a bit, and keep the blood suckers out.

I don't operate a site, so I can't help with your question. I did have something strange happen today, though. Thought I'd share it with you, though it has nothing to do with operating a site. I was playing with the screen maximized in Minecraft. There were no other programs running. Suddenly, the Minecraft workspace slid to the side and iTunes launched. It appeared as though someone was using it for a few seconds, as some things would move. Not knowing why it was going on, and having just installed 10.11.6, I immediately thought it might be related. I quit iTunes, and switched back to the Minecraft screen. Less than a minute later, the same thing happened again, and I was staring at my iTunes screen.

"OK? I can fix this." I thought. So, I did a menu restart of the computer immediately after quitting iTunes. After it had restarted, I logged in and went to the System Preferences / Users and Groups, and changed my password. Then I went to the Sharing panel and found that Remote Login was enabled, so I killed that. Haven't had any more issues.

First time having any issue with Internet pests. I hope it's my last.

 [cheers1]

Title: Re: SSL Encryption
Post by: Blicj11 on July 30, 2016, 03:26:52 PM

Weird interaction Herb. Steve Jobs having a little fun?

Title: Re: SSL Encryption
Post by: xairbusdriver on July 30, 2016, 05:16:32 PM

Do you have a WiFi network? If so, do you require passwords to access it? WPA/WPA2? Do you allow "guests"?

Is that a interweb-connected game?

Do you have a dog or cat?

If "No" to all the above, try wrapping your Mac with aluminum foil (including the screen)! [runoff] :o

Title: Re: SSL Encryption
Post by: Bull Winkus on July 30, 2016, 06:21:13 PM

Lol! You guys!

I guess if it was Steve Jobs, I should feel honored, huh?

I've got a cat. He's an outside cat. He's really not mine. Somebody didn't like him, so he was transplanted to my neighborhood. I'm pretty sure that he doesn't use a PDA of any kind. My router allows guest networks, which are not connected to by the computer. The main network has a very secure password. The game has a multiplayer component, but I was playing solo with no Internet connection or path through the router.

I suspect the Remote Login, though I've no idea how someone could find me and connect. I'm not even sure how that works.

 [cheers1]

Title: Re: SSL Encryption
Post by: xairbusdriver on July 30, 2016, 08:17:09 PM

Quote

My router allows guest networks, which are not connected to by the computer.

But the network is connected to your Mac, right?

Quote

I was playing solo with no Internet connection or path through the router.

You had disconnected from the router and thus, the Internet?

Enquiring minds...

Is your Mac connected directly to the (Cable/Satellite/DSL) modem
OR
to the WiFi router (which is connected to the incoming Internet connection [modem]).

Title: Check your console logs (Re: SSL Encryption)
Post by: elagache on July 30, 2016, 10:33:41 PM

Dear Herb, Blick, X-Air, and WeatherCat "communicators with those from beyond" . . . . .

Quote from: Bull Winkus on July 30, 2016, 06:21:13 PM

I guess if it was Steve Jobs, I should feel honored, huh?

 [wink] . . . As long as it was Steve Jobs, why didn't you ask him something useful, like whether or not Tim Cook should be sacked! . . .  [lol2]

Seriously, sorry to see that happen to your Mac Herb.  :(

Quote from: Bull Winkus on July 30, 2016, 06:21:13 PM

I suspect the Remote Login, though I've no idea how someone could find me and connect. I'm not even sure how that works.

Check the Console application and look for logged messages from the time this happened to you.  You should see something in the system.log file if there was somebody remotely logging in.

Cheers, Edouard  [cheers1]

Title: Re: SSL Encryption
Post by: Bull Winkus on July 31, 2016, 07:49:40 AM

Geeze guys! I didn't want to hijack Blick's thread. I just thought this was a quick and amusing incident loosely related. Blick's the one with an issue. My incident was over in less than 5 minutes with no loss.

X-Air, the router is connected to the DSL modem. Connected to the router are 2 computers and a VOIP device from Vonage. Oh, and WiFi, with 2 computers, 1 iPhone and 1 iPod and 2 Apple TV devices. A guest network is a completely separate network from the network shared by the computers, devices, and WiFi. It ports directly to the WAN. The game program has WAN abilities, but separate. During log-in, it registers with the developer's server, and sends updates on what kind of play is done, but the multiplayer online playing is served remotely and interacted with in a different part of the software package from what I was using. I wasn't connected to that (logically), however I was still connected to the LAN (physically), and the LAN was connected through a firewall to the WAN. But the game that I was using was local to the computer only. It wasn't even using the LAN, except for its spy reporter that I allowed in the preferences. In short, the ports used by the game during multiplay were not open.

Edouard, Steve and I haven't been on speaking terms since he quit and left me hanging with a lot of concern for my stock. Lol! Though if he wanted to break the silence, I'd be open to listening to his excuses.

On your suggestion, I combed the System Log for something that would help me identify the time that it happened. I found where I had started Minecraft, where iTunes popped out, the shutdown, restart and where I started Minecraft again. I don't really understand the rest of the stuff, but there was some remote action, I think. I'll attach the log, if anyone wants to translate. I tried my best to only get the pertinent part of the log, so it's not too long. My first time trying to get anything out of one of these long log files.

 [cheers1]

Title: Some strange process termination. (Was: SSL Encryption)
Post by: elagache on July 31, 2016, 11:20:16 PM

Dear Herb, and WeatherCat cyber sleuths . . . . (http://www.canebas.org/WeatherCat/Forum_support_documents/Custom_emoticons/detective_emoticon.png)

Quote from: Bull Winkus on July 31, 2016, 07:49:40 AM

On your suggestion, I combed the System Log for something that would help me identify the time that it happened. I found where I had started Minecraft, where iTunes popped out, the shutdown, restart and where I started Minecraft again. I don't really understand the rest of the stuff, but there was some remote action, I think. I'll attach the log, if anyone wants to translate. I tried my best to only get the pertinent part of the log, so it's not too long. My first time trying to get anything out of one of these long log files.

I looked through the log files and nothing jumped out at me indicating that someone had connected to your machine.  It is sad to see the amount of errors that are being dumped into the system.log file.  Given the amount of errors being spewed out during "normal operation," it is amazing our computers run as well as they do!

The only think that bothered me was a few statements like this one:

Code: [Select]

7/29/16 4:59:11.844 PM com.apple.xpc.launchd[1] (com.apple.preferences.users.remoteservice[452]) Service exited due to signal: Killed: 9
Do you recall if you caused remoteservices to terminate?  The other log also has some messages from launchd indicating processes were terminated.  I just checked my Console and I don't have messages like that at all.  So it doesn't seem that common.

Sorry, that's all I come up with.

Edouard

Title: Re: SSL Encryption
Post by: Bull Winkus on August 01, 2016, 02:51:56 PM

I had the same thoughts about the many errors reporting.

Re: Service exited due to signal: Killed: 9 -- I was thinking that might have been due to my disabling Remote Login. Remember, I was in Minecraft, and without warning or action on my part, the screen switched to iTunes (presumably on launch). The first time, I quit iTunes and resumed playing. The second time. I quit iTunes, quit Minecraft, and rebooted, then went straight to System Preferences/Sharing/ and disabled Remote Login.

 [cheers1]

Title: Re: SSL Encryption
Post by: Bull Winkus on August 01, 2016, 04:46:02 PM

It happened again. This time I was using Safari and iTunes started with music playing. I didn't have the Safari window maximized, so it remained on top. I exited iTunes. It restarted immediately. I exited again. It restarted again. I selected restart from the Apple menu. After rebooting, iTunes did not restart.

Attached is a log. iTunes first appears at 9:30:57, and again at 9:31:39, and again at 9:32:07. From 9:32:18 on, seems to be the restart sequence.

Below is a copy/paste of the sequence from one iTunes appearance to the next. It appears to be my iPod, which is the only USB device connected that would have a relationship with iTunes. This started happening with the installation of 10.11.6 and may be a bug or an issue with having had to restore from Time Machine during the issues I had with this Mac OS upgrade.

8/1/16 9:30:57.147 AM   iTunes[2983]   Entered:_AMMuxedVersion2DeviceConnected, mux-device:20
8/1/16 9:30:57.159 AM   iTunes[2983]   tid:907 - unable to query device capabilities
8/1/16 9:30:57.533 AM   iTunes[2983]   ApplePushService: APSConnection being used without a delegate queue
8/1/16 9:30:57.886 AM   com.apple.xpc.launchd[1]   (com.apple.xpc.launchd.domain.pid.MediaLibraryService.2985) Path not allowed in target domain: type = pid, path = /Library/Frameworks/iTunesLibrary.framework/Versions/A/XPCServices/com.apple.iTunesLibraryService.xpc error = 147: The specified service did not ship in the requestor's bundle, origin = /System/Library/Frameworks/MediaLibrary.framework/Versions/A/XPCServices/com.apple.MediaLibraryService.xpc
8/1/16 9:30:57.887 AM   com.apple.xpc.launchd[1]   (com.apple.xpc.launchd.domain.pid.MediaLibraryService.2985) Path not allowed in target domain: type = pid, path = /Library/Frameworks/iTunesLibrary.framework/Versions/A/XPCServices/com.apple.iTunesLibraryService.xpc error = 147: The specified service did not ship in the requestor's bundle, origin = /System/Library/Frameworks/MediaLibrary.framework/Versions/A/XPCServices/com.apple.MediaLibraryService.xpc
8/1/16 9:30:57.896 AM   com.apple.SecurityServer[76]   Session 100109 created
8/1/16 9:30:57.928 AM   com.apple.usbmuxd[75]   LOCKDOWN_V2_BONJOUR_SERVICE_NAME is _apple-mobdev2._tcp,91ca07d3
8/1/16 9:30:58.048 AM   photolibraryd[441]   Failed to open library Photos Library.photoslibrary Error: Error Domain=com.apple.lithium Code=325 "LiErrorLibraryRestoredFromTimeMachine" UserInfo={NSURL=file:///Users/herbvic/Pictures/Photos%20Library.photoslibrary/, NSLocalizedDescription=LiErrorLibraryRestoredFromTimeMachine}
8/1/16 9:30:58.049 AM   com.apple.MediaLibraryService[2985]   Unable to open system photo library. Error: Error Domain=com.apple.reddwarf Code=505 "RDErrorLibraryRestoredFromTimeMachine" UserInfo={NSURL=file:///Users/herbvic/Pictures/Photos%20Library.photoslibrary/, NSLocalizedDescription=RDErrorLibraryRestoredFromTimeMachine, NSUnderlyingError=0x7f934070c040 {Error Domain=com.apple.lithium Code=325 "LiErrorLibraryRestoredFromTimeMachine" UserInfo={NSURL=file:///Users/herbvic/Pictures/Photos%20Library.photoslibrary/, NSLocalizedDescription=LiErrorLibraryRestoredFromTimeMachine}}}
8/1/16 9:30:58.299 AM   com.apple.usbmuxd[75]   _SendAttachNotification Device 48:e9:f1:1f:91:59@fe80::4ae9:f1ff:fe1f:9159._apple-mobdev2._tcp.local. has already appeared on interface 4. Suppressing duplicate attach notification.
8/1/16 9:30:58.785 AM   photolibraryd[441]   Failed to open library Photos Library.photoslibrary Error: Error Domain=com.apple.lithium Code=325 "LiErrorLibraryRestoredFromTimeMachine" UserInfo={NSURL=file:///Users/herbvic/Pictures/Photos%20Library.photoslibrary/, NSLocalizedDescription=LiErrorLibraryRestoredFromTimeMachine}
8/1/16 9:30:58.786 AM   com.apple.MediaLibraryService[2985]   Unable to open system photo library. Error: Error Domain=com.apple.reddwarf Code=505 "RDErrorLibraryRestoredFromTimeMachine" UserInfo={NSURL=file:///Users/herbvic/Pictures/Photos%20Library.photoslibrary/, NSLocalizedDescription=RDErrorLibraryRestoredFromTimeMachine, NSUnderlyingError=0x7f93433296d0 {Error Domain=com.apple.lithium Code=325 "LiErrorLibraryRestoredFromTimeMachine" UserInfo={NSURL=file:///Users/herbvic/Pictures/Photos%20Library.photoslibrary/, NSLocalizedDescription=LiErrorLibraryRestoredFromTimeMachine}}}
8/1/16 9:30:59.347 AM   com.apple.usbmuxd[75]   _SendAttachNotification Device 48:e9:f1:1f:91:59@fe80::4ae9:f1ff:fe1f:9159._apple-mobdev2._tcp.local. has already appeared on interface 4. Suppressing duplicate attach notification.
8/1/16 9:30:59.347 AM   com.apple.usbmuxd[75]   _SendAttachNotification Device 48:e9:f1:1f:91:59@fe80::4ae9:f1ff:fe1f:9159._apple-mobdev2._tcp.local. has already appeared on interface 4. Suppressing duplicate attach notification.
8/1/16 9:31:34.658 AM   WindowServer[172]   _CGXRemoveWindowFromWindowMovementGroup: window 0x91d is not attached to window 0x91e
8/1/16 9:31:39.037 AM   iTunes[2990]   Entered:_AMMuxedVersion2DeviceConnected, mux-device:20

I think this one is solved. I'm not sure what to do about it, but at least I wasn't hacked.
 [cheers1]

Title: Re: SSL Encryption
Post by: Blicj11 on August 01, 2016, 06:16:12 PM

Hope you guys don't mind if I pop back into my thread.  :)

Herb, have you tried the time-honoured Apple fix of running First Aid on your HD in Disk Utility (formerly known as Repair Disk) to repair permissions?

Also, relative to the OP, apparently no WeatherCatters are running SSL on their website and I haven't found a compelling argument to do so on mine, yet. 

Cheers.

Title: Re: SSL Encryption
Post by: xairbusdriver on August 01, 2016, 08:25:28 PM

iTunes Shenanigans
I missed that Bull had an iDevice connected when these events occurred. While I use iTunes for nothing more than interaction with my iDevices, I have noticed that iTunes is particularly sensitive to things happening on the iPhone. Simply connecting the iPhone with the USB cord for charging causes iTunes to open. I'm sure there is a setting in it somewhere to prevent that, but I generally only connect it when I want to sync or download something to it, so it saves be a couple of mouse clicks to let it open automatically.

However, even if I Quit iTunes, the mere presence of the iPhone on the USB cable can cause iTunes to re-Open. I have assumed it is simply some activity on the iPhone; fluctuating charge state, a browser updating a page, Location Services being used (my wife likes to know when I'm home ... or not!). So, if Bull is convinced that he or the game (and its stated connections to its developer's site(s) and his computers ) Then it may be nothing more than iTunes 'thinking' that it is needed. I assume it can also start playing songs that might have been playing when it was last Quit? In other words, iTunes just wants a bit of attention! It just wants to know it's still 'needed'! [lol]

SSL
I doubt that any WeatherCaters are selling anything on our sites. SSL can be a help in protecting both parties in that situation. Other than that, it won't protect your site a bit from hackers. The main purpose of SSL is to encrypt the data while it's being transmitted through the interweb pipes. It does nothing to protect the data storage at either end.

There's probably not any sensitive, financial, or personal info going or coming from our sites. The protection needed to make hacking more difficult needs to reside on the server (or its web-facing entry point) where our sites are housed. And our own computers, also, of course. In both cases, strong, l o n g passwords. [banghead] With the availability of really good password managers, there's no excuse for not having good passwords that are also changed quite frequently. [tup]

So far, I've not found a firewall system for those servers that is not rather expensive. :o

Title: See if you can replicate it? (Re: SSL Encryption)
Post by: elagache on August 01, 2016, 10:45:30 PM

Dear Herb and WeatherCat troubleshooters,

Quote from: Bull Winkus on August 01, 2016, 02:51:56 PM

Remember, I was in Minecraft, and without warning or action on my part, the screen switched to iTunes (presumably on launch). The first time, I quit iTunes and resumed playing. The second time. I quit iTunes, quit Minecraft, and rebooted, then went straight to System Preferences/Sharing/ and disabled Remote Login.

Unfortunately, we can't know how sloppy Apple has gotten, but the log entries aren't the sort of thing you would expect if the controls for Remote Login were handled "gracefully."  Do you think you could enable Remote Login and then disable it - then look in the log files for any messages?  I can't be sure, but I'm suspicious those aren't related to disabling Remote Login.  Normally those sorts of log messages are for something unusual.

If you can do that, let us know what you uncover.

Cheers, Edouard

Title: Re: SSL Encryption
Post by: Bull Winkus on August 02, 2016, 05:50:33 AM

As you wish, Edouard. No entries upon launching System Preferences. The following entries were made upon launching the Sharing pane of System Preferences. I did it twice just to make sure it wasn't random.

8/1/16 11:41:30.818 PM authd[125]: copy_rights: _server_authorize failed
8/1/16 11:41:30.819 PM authd[125]: copy_rights: _server_authorize failed
8/1/16 11:41:51.518 PM com.apple.preferences.sharing.remoteservice[1333]: CoreAnimation: warning, deleted thread with uncommitted CATransaction; set CA_DEBUG_TRANSACTIONS=1 in environment to log backtraces.

The following entries were made upon enabling Remote Login. The CalendarAgent entries may be random.

8/1/16 11:44:58.426 PM com.apple.xpc.launchd[1]: (com.openssh.sshd) Unknown key for Boolean: ForceEnableHack
8/1/16 11:44:58.426 PM com.apple.xpc.launchd[1]: (com.openssh.sshd) Unknown key for string: SHAuthorizationRight
8/1/16 11:45:00.000 PM syslogd[40]: ASL Sender Statistics
8/1/16 11:45:02.398 PM CalendarAgent[308]: [com.apple.calendar.store.log.caldav.coredav] [Refusing to parse response to PROPPATCH because of content-type: [text/html; charset=UTF-8].]
8/1/16 11:45:02.509 PM CalendarAgent[308]: [com.apple.calendar.store.log.caldav.coredav] [Refusing to parse response to PROPPATCH because of content-type: [text/html; charset=UTF-8].]

No entries were made upon disabling Remote Login, or upon closing the Sharing Pane or upon closing System Preferences.

The only remedy I've employed at this point is to update both devices to the latest iOS and to Sync them both to iTunes. I had disconnected the iPod from the USB connection, but as of this morning during the update and sync, they are both attached to the USB dock again.

Thanks for checking in, Blick! No on the First Aid. I didn't think of it, and the MacOS 10.11.6 had just been installed. Don't know if that makes any difference, but everything (else) was working nicely.

 [cheers1]

Title: Ask on the Apple Support forum? (Re: SSL Encryption)
Post by: elagache on August 02, 2016, 10:19:53 PM

Dear Herb and WeatherCat system admins,

Quote from: Bull Winkus on August 02, 2016, 05:50:33 AM

As you wish, Edouard. No entries upon launching System Preferences. The following entries were made upon launching the Sharing pane of System Preferences. I did it twice just to make sure it wasn't random.

Bummer dude . . . .  :(

That's a fairly clear indication that when you disabled Remote Access you kicked off somebody who was using the service.  That would explain the need for killing processes.

Perhaps you should post those log entries on the Apple Support Forum:

https://discussions.apple.com/welcome (https://discussions.apple.com/welcome)

Perhaps someone can tell you more about what they mean in that community.

Oh well, . . . . Edouard

Title: Re: SSL Encryption
Post by: Bull Winkus on August 03, 2016, 03:42:26 PM

I don't see how you can draw that inference from those log entries. "? when you disabled Remote Access you kicked off somebody who was using the service. ?" These entries into the log were observed upon launching the Sharing pane. Not enabling or disabling. No entries were observed when disabling.

8/1/16 11:41:30.818 PM authd[125]: copy_rights: _server_authorize failed
8/1/16 11:41:30.819 PM authd[125]: copy_rights: _server_authorize failed
8/1/16 11:41:51.518 PM com.apple.preferences.sharing.remoteservice[1333]: CoreAnimation: warning, deleted thread with uncommitted CATransaction; set CA_DEBUG_TRANSACTIONS=1 in environment to log backtraces.

I posited that Apple used to invoke links to copy_rights servers upon the launch of the Sharing pane of System Preferences, as part of their commitment to the music industry. I presume that these remnants are harmless, and haven't been removed due to the potential that they might be invoked again in a future release, for as yet unknown reasons.

 [cheers1]

Title: Nothing certain - just fishy (Re: SSL Encryption)
Post by: elagache on August 03, 2016, 11:53:49 PM

Dear Herb and WeatherCat security troubleshooters,

Quote from: Bull Winkus on August 03, 2016, 03:42:26 PM

I don't see how you can draw that inference from those log entries.

This stuff is way over my head at this point, so I can't be sure.  However, there is something rather odd going on in these log entries:

Code: [Select]

7/29/16 4:54:25.142 PM ChronoSync Scheduler[313] ChronoSync Scheduler v4.6.5 has terminated.
7/29/16 4:54:25.150 PM com.apple.xpc.launchd[1] (com.apple.rcd[1080]) Service exited due to signal: Killed: 9
7/29/16 4:54:25.151 PM com.apple.xpc.launchd[1] (fr.madrau.switchresx.daemon.661472[320]) Service exited due to signal: Killed: 9
7/29/16 4:54:25.167 PM com.apple.xpc.launchd[1] (com.apple.AirPlayUIAgent[286]) Service exited due to signal: Killed: 9
7/29/16 4:54:25.173 PM com.apple.xpc.launchd[1] (com.apple.lateragent[416]) Service exited due to signal: Killed: 9
7/29/16 4:54:25.182 PM appleeventsd[47] SecTaskLoadEntitlements failed error=3
7/29/16 4:54:25.187 PM appleeventsd[47] SecTaskLoadEntitlements failed error=3
7/29/16 4:54:25.188 PM appleeventsd[47] SecTaskLoadEntitlements failed error=3
7/29/16 4:54:25.188 PM appleeventsd[47] SecTaskLoadEntitlements failed error=3
7/29/16 4:54:25.188 PM appleeventsd[47] SecTaskLoadEntitlements failed error=3
7/29/16 4:54:25.189 PM appleeventsd[47] SecTaskLoadEntitlements failed error=3
7/29/16 4:54:25.189 PM loginwindow[89] ERROR | -[SessionLogoutManager allPrivateProcesses] | No LS dictionary found for LSASN: LSASN:{hi=0x0;lo=0x24024}
7/29/16 4:54:25.190 PM appleeventsd[47] SecTaskLoadEntitlements failed error=3
7/29/16 4:54:25.190 PM appleeventsd[47] SecTaskLoadEntitlements failed error=3
7/29/16 4:54:25.190 PM appleeventsd[47] SecTaskLoadEntitlements failed error=3
7/29/16 4:54:25.191 PM appleeventsd[47] SecTaskLoadEntitlements failed error=3
7/29/16 4:54:25.194 PM com.apple.xpc.launchd[1] (com.apple.BezelUIServer[518]) Service exited due to signal: Killed: 9
7/29/16 4:54:25.195 PM com.apple.xpc.launchd[1] (com.apple.speech.speechsynthesisd[570]) Service exited due to signal: Killed: 9
7/29/16 4:54:25.195 PM com.apple.xpc.launchd[1] (com.apple.coreservices.uiagent[421]) Service exited due to signal: Killed: 9
7/29/16 4:54:25.195 PM com.apple.xpc.launchd[1] (com.apple.ImageCaptureExtension2.112992[399]) Service exited due to signal: Terminated: 15
7/29/16 4:54:25.197 PM appleeventsd[47] SecTaskLoadEntitlements failed error=3
7/29/16 4:54:25.198 PM appleeventsd[47] SecTaskLoadEntitlements failed error=3
7/29/16 4:54:25.200 PM com.apple.xpc.launchd[1] (com.apple.noticeboard.agent[747]) Service exited due to signal: Killed: 9
7/29/16 4:54:25.200 PM com.apple.xpc.launchd[1] (com.apple.EscrowSecurityAlert[620]) Service exited due to signal: Killed: 9
7/29/16 4:54:25.204 PM com.apple.xpc.launchd[1] (com.apple.storeuid[593]) Service exited due to signal: Killed: 9
7/29/16 4:54:25.205 PM com.apple.xpc.launchd[1] (com.apple.cloudphotosd[324]) Service exited due to signal: Killed: 9
7/29/16 4:54:25.205 PM com.apple.xpc.launchd[1] (com.apple.wifi.WiFiAgent[291]) Service exited due to signal: Killed: 9
7/29/16 4:54:25.207 PM com.apple.xpc.launchd[1] (com.apple.ViewBridgeAuxiliary[583]) Service exited due to signal: Killed: 9
7/29/16 4:54:25.208 PM com.apple.xpc.launchd[1] (com.apple.FolderActionsDispatcher[264]) Service exited due to signal: Killed: 9
I'm puzzled by the need to terminate these services with a -9 signal.  Normally processes should be terminated more gracefully.  One reason to use the UNIX kill -9 signal is if they aren't responding to the normal operating system request to quit.  That could be an indication that these processes weren't owned by you and it took root permission to kill them.

So as I say, I can't be sure but I'm surprised to see them here.

Sorry, that's as far as my rusty UNIX sysadmin understanding takes me, . . . . Edouard

Title: Re: SSL Encryption
Post by: Blicj11 on August 04, 2016, 03:12:03 AM

Last year on a tech support call with Apple, I mentioned an error message I was getting in the console and the young whippersnapper said, "We don't encourage people to open that app. It just confuses them. Ha ha ha. I told him the only person who is confused on this call is you.

Title: Re: SSL Encryption
Post by: Bull Winkus on August 04, 2016, 04:45:17 AM

LOL! Good for you, Blick! He probably just got off a call from me. JK  [lol]

~~~

Edouard, I'll keep that in mind. I spent a little time trying to see if I could find anything on it, using Google. Nothing panned out. If anything further happens, with Blick's permission I'll add it to the thread's content.

 [cheers1]

Title: Re: SSL Encryption
Post by: Blicj11 on August 06, 2016, 02:23:31 PM

My thread is your thread.  :)