Lymans.Net - Home of the Lyman Family

National Museum of the US Air Force

I passed by Wright-Patt Air Force base many times over the years with all the trips between Oklahoma and Pennsylvania or New York and always wanted to stop at the National Museum of the United States Air Force. I’m in Columbus, OH for work and Wright-Patt just over an hour away so I headed down there for the day. Get collection of warbirds and lots of good nose art there. Here are the better shots of the planes I took today.

Fokker D.VII

0-2A Skymaster

Fokker Dr.1

B-26C Invader

A-20G Havoc

P-36A Hawk

HH-3D Jolly Green Giant

A1E Skyraider

DH 98 Mosquito

YH-5A Dragonfly

Wright 1909 Military Flyer

F-111A Aardvark

RB-47H Stratojet

P=61 Black Widow

F-105 Thunderchief “Thud”

P-36A Apache

CH-21B Workhorse

B-26C Invader

F-94A Starfire

P12E

MiG-15bis

P23A Peashooter

OA-10 Catalina (Army Air Force version of the PBY)

P-47D

P-63E King Cobra

B-2

MC.200 Saetta

FW 190D-9

Beaufighter MK.Ic

MiG-15bis

OV-10A Bronco

OA-10 Catalina (Army Air Force version of the PBY)

B-17G

Spad XIII C.1

A-10

F-82G Twin Mustang

Hawker Hurricane Mk.IIa

F-4C Phantom II

P-51D

B-26K Counter Invader

F-86A Sabre

MiG-21

B-26C Invader

BF 109

A-20G Havoc

B-26K Counter Invader

F-105G Thunderchief Wild Weasel

ME 262a

UH-19B Chickasaw

A-24 (Army Air Force version of the SBD-3 Dauntless)

OA-10 Catalina (Army Air Force version of the PBY)

Sopwith F.1 Camel

Nieuport 28

P-38L

JU 88D-1 TROP

A-7D Corsair II

Wright R-1820

BF 109

Waco CG4A Hadrian

B-24

B-17G

P-36Q Airacobra

MXY7-K1 Trainer

F-119

F-80C Shooting Star

F-94A Starfire

Air Force Nose Art

I hit the National Museum of the United States Air Force today over at Wright-Patt Air Force Base. Lots of pictures of their amazing collection of birds. I’ll post the aircraft later but I also focused a lot on just the nose art decorating the planes.

B-52 Nose Art

P-47D

B-29

B-29

F-94A Starfire

B-52 Nose Art

B-26 Invader

B-52 Nose Art

A-20G Havoc

F-86D Sabre

P-47

B-36J Peacemaker

B-26 Invader

B-17G

P-51D

B-24

B-52 Nose Art

AC-130

OA-10 Catalina (Army Air Force version of the PBY)

B-24

B-52 Nose Art

P-61 Black Widow

F-82 Twin Mustang

DH 98 Mosquito

B-52 Nose Art

B-26G Marauder

B-52 Nose Art

B-52 Nose Art

Angels and Butterflies at Ballet Warm-ups

Long exposures during ballet warm-ups can create some beautiful images. You get a lot of duds along the way but when things go right…

Fixing an Acronis True Image 2016 Hang During Backup – Another Solution

Since posting my solution to the backup hanging Slava from Acronis posted another, more directly solution I’d not seen anywhere else. You can modify the backup’s config file and set use_vss=false to avoid the issue.

See details on the Acronis forum.

How To Avoid the Blind Spot In Static Analysis Tools Caused By Frameworks

Excerpt from my latest blog post at Cigital…

More and more organizations are using static analysis tools to find security bugs and other quality issues in software long before the code is tested and released. This is a good thing, and despite their well-known frustrations like high false positive rates and relatively slow speeds, these tools are helping improve the overall security of software. Unfortunately, these known frustrations may also introduce a dangerous blind spot in these tools which do not know modern frameworks as well as they know the base languages.

The blind spot

Frameworks are doing more and more of the basic work—providing common functionality of an application. This is a fantastic leap forward in terms of productivity and the ability to release software faster and faster. This frees up more time to focus on the core business functionality of applications.

Sometimes these frameworks are clearly separate things (like Spring, for example) and sometimes they are a mix of basic functionality and advanced features (like the .Net Framework where the tools understand some features but not others). These frameworks are virtually exploding around us, offering many options to take care of the basic drudge work of application writing.

This explosion is happening fast and it seems to be accelerating. New versions and even new frameworks are appearing faster than most can keep up with. Static analysis tools are doing a decent job keeping up with basic languages. However, there is almost no way they can keep up with all these frameworks and handle even a few of them well, let alone all of them. As these frameworks take care of more and more of the plumbing within applications, this inability to understand what they are doing creates a blind spot in which code gets scanned and nothing gets reported.

Frameworks create data flows that the static analysis tools may be blind to. They introduce sources of tainted data that the static analysis tools know nothing about. Therefore, there is nothing to trace to the sinks created in code where problems could occur. These frameworks may introduce new sinks, but since the tools do not know of them, the sources in code cannot be traced to them. They also provide functionality behind the scenes that the static analysis tools do not see at all.

If the static analysis tools cannot see it, they cannot report it. If they do not report it, organizations are left feeling secure when they are not.

False positives are annoying. False negatives are dangerous.

Read more at the Cigital blog

Fixing an Acronis True Image 2016 Hang During Backup

Update:

There’s a more direct solution available but the original solution I found is below.

The Problem

In the last month or so, my copy of Acronis True Image 2016 has been hanging during the scheduled backup every night. It hangs while showing the calculating remaining time status. Seems to fit the description talked about in the Acronis forums. The posted solution that seem to make the most sense was the problem with Microsoft’s Volume Shadow Copy (the VSS service) features but I didn’t want to just disable that service as suggested.

Looking for the Solution

Being a techie and knowing Windows pretty well I knew services could be enabled and disabled from the command line using the SC commands. I figured combining that with True Image’s ability to run commands before and after a backup I could disable and reenable VSS and fix the problem. The problem with that is the SC commands require admin level privileges to run. Trying to automate that without causing a User Access Control (UAC) prompt was something to overcome. I didn’t know that this would be a problem while the backup was being run but I knew I didn’t want it to be one.

While looking for a way around that I found this post at How-To Geek and another at TechRepublic. They talk about using an on demand scheduled task set to use elevated privileges and then calling that task from a lower privilege session via the schtask command. Seemed to fit my needs nicely. Continue reading “Fixing an Acronis True Image 2016 Hang During Backup”