Outdated Medical Software

Ask questions and give answers about computers, mobile devices, game boxes, PC security and all manner of geeky stuff.
User avatar
Kellemora
Posts: 6497
Joined: 16 Feb 2015, 17:54

Re: Outdated Medical Software

Post by Kellemora »

Sorry, by Black Screen, I meant your NEW background for this site. Not the Black Screen of Death, hi hi.

I normally don't log out, I just jump back to Google Search.
If I do it that way, I think I get right back in for the day.
Let me try logging out and I'll get back to you in a couple of minutes.
User avatar
Kellemora
Posts: 6497
Joined: 16 Feb 2015, 17:54

Re: Outdated Medical Software

Post by Kellemora »

OK, If I only go to Google Chrome, Close Chrome, Open Chrome, and come back, I am logged in.
If I log Out it takes me to the black log-in screen.
I came back and got the black log-in screen, which is what I expected since I did log out.

If I just leave by going to Google's Search engine page, I can always come back without having to log-in, at least until the next day. I've not checked to see if I'm dropped after an hour, 2 hours, 5 hours or whatever.
Just that if I leave, I can come back within the hour and I'm still logged in.

Strange I know, hi hi.

Maybe you have a program running that automatically logs users out after a certain amount of time?
User avatar
Kellemora
Posts: 6497
Joined: 16 Feb 2015, 17:54

Re: Outdated Medical Software

Post by Kellemora »

OK, I waited two hours and when I came back I had to log-in again.
So it must be your end logging me out after an hour or so.
User avatar
yogi
Posts: 8942
Joined: 14 Feb 2015, 21:49

Re: Outdated Medical Software

Post by yogi »

CONTINUED from the previous thread: https://bfchat.brainformation.com/viewt ... 717#p41717
Gary wrote:Hi Yogi
I'm on the Silver Yogi running Debian Stretch with the Mate desktop.
Using Google Chrome version 80.0.3987.149, which is the latest version.

It could be Chrome doing it, but it is not affecting any other website.

Ghostery is turned off for this website. Even so, I put this site in the whitelist.
I'm not blocking cookies with the Google Chrome app either, have it set to allow all cookies.

I DO click on the Remember Me button before I hit the log-in button, and it seems it does not remember it.

It's not a big deal, I don't mind having to log-in each day.

If I get a chance later, or tomorrow, I'll try logging in with Firefox to see if that makes a difference, but then I won't know until I try to log-in the following day.
User avatar
yogi
Posts: 8942
Joined: 14 Feb 2015, 21:49

Re: Outdated Medical Software

Post by yogi »

Thanks for all the information about the auto-logout problem you are experiencing. I don't have a definitive answer yet, but I can say you are not the only person experiencing this phenomena. I don't know if I have a fix, but I will explain what I did.

The board settings are such that the "Remember Me" function is valid for 90 days. Over the years I have had reports of this function never expiring as well as reports similar to yours wherein it doesn't function at all. Be that all as it may, you should expect to be required to login to this site every 90 days when you have the "Remember Me" box checked (enabled).

Activity on this website is session based for logged in users. The setting is for 3600 seconds (1 hour), which means your session ID will expire 3600 seconds after there is no activity on your end. This simply releases the server from keeping track of your browser session. When you are logged in you should be able to come back to whatever you are doing without loss of data. After the session expires, you will need to resubmit the page you left unattended in order to get a new session ID from the server. It's all done for bookkeeping purposes and has no bearing whatsoever on your login status. However, I did take note that you seem to be kicked out when your session expires, i.e., after 3600 seconds of inactivity on the site.

Cookies are set as being secure now that I am using SSL on all our websites. You will not be able to login at all if that setting was incorrect. However, I also must note that your problem manifested about the same time I changed the cookie setting to be secure. Some comments in the support forums make vague references to problem being related to Google Analytics. They didn't post a fix but tied the two things together. No Google Analytics = no problems staying logged in. We are all cursed with the presence of Google Analytics and I cannot identify a reason why it would affect you but not me. At any rate, the point here is that the auto-logout problem you note began about the time we switched to SSL.

This site's security settings has, among other things, a Session IP validation setting. The granularity of the check is settable and I had it set for pretty strict verification. Normally your IP address should not change while you are conducting a session on this website. If it does change, voila. You will be logged out. My guess is that you are not on a dedicated hosting ISP server which means your IP address is not static. I have you down for four IP addresses:
  • 73.108.21.206 (Look up IP) 3240
    50.147.33.20 (Look up IP) 342
    50.147.4.140 (Look up IP) 255
    50.147.32.236 (Look up IP)
All I know is what you see there, but I am very confident that your IP address does not change while you are in session here. However, if it does change when you leave this site, that could explain why you must log in. We remember the initial IP address but cannot track any changes made off site. Be that all as it may, I changed the validation setting to "none" which probably won't hurt us given we don't have a lot of people active.

I did a lot of research and can't come up with a positive absolutely guaranteed fix. I did up the security by switching to SSL but didn't change anything else until today. Hopefully turning off the IP check helps you stay logged in.


I would be very interested in knowing if you note different results while using Firefox. I use Waterfox, which is a stripped down version of Firefox, all based on the Mozilla engine. I also use Google Chrome for administration purposes. However, when I do that I never check the "Remember Me" box. I do not want to stay logged in as administrator. I do indeed stay logged in for that 3600 seconds that defines a session's length, and that's all I need for admin purposes. As a side benefit I know with certainty that the session timing works fine. I have not been logged out of my Waterrfox session automatically. And Opera works fine when I use it here, but that's only on rare occasion. You are being very tolerant with the login requirements as you see them, but it bothers me that such a thing should be happening at all. I'll try to set up a Debian session in a virtual box to see what it does here. I never had much success with Debian previously, but I will try not to let that interfere with any objective judgments. :mrgreen:
User avatar
yogi
Posts: 8942
Joined: 14 Feb 2015, 21:49

Grrrrr

Post by yogi »

Debian is ... being Debian. LOL The Stretch version has been replaced by Buster so that it's not as available as the current version. However, I did find a couple places to download Debian 9.6, and one of them even offered the Mate desktop. The download, however, requires access to my Google Drive account. I refuse to give an unknown website access to anything like that. So ... if you have a link for the Debian Stretch you are using, and it does not require me to give away account information, I would greatly appreciate you passing it along.
User avatar
Kellemora
Posts: 6497
Joined: 16 Feb 2015, 17:54

Re: Outdated Medical Software

Post by Kellemora »

Hi Yogi
I am on Firefox today, so naturally have to log-in fresh.
I know about websites closing account log-ins every 3 months, so 4 times a year I have to log into all of them again.

I did a quick web search for Log-in Not Remembering Me.
There were several hits under this topic, and several them had some advice I will try.
The main thing is, I use a Saved Link to come to BF, and that link stores a whole string of data.
It depends if you created the Link before or after you logged in on how long the link data is.
So, one thing I will try is to go into my link edit table and delete everything behind .com to get in, then save a new link and delete the old link.
Heck, never hurts to try, especially since so many suggested this.

I will check back in after a couple of hours using Firefox, only to see if the new link I added here makes a difference.
If it does, I will change my Google Links next.

I install whatever version of Debian is the Newest at the time I install it.
What is on the Silver Yogi was the Newest at the time I installed it.
I do keep it upgraded, but I never do a distribution upgrade because it always breaks things.
What I normally do is install the latest version on a new partition, but usually only after the version I'm using passes it's support stage, which this one possibly may have. I hate setting up a new OS from scratch, hi hi.
I've also been using Linux Mint on the other computers, it has features I like that are not in Debian, without going out of Debian's own repository. I stick with Debian mainly because it is what I'm used to, and know how to do everything I need to on it.
Mint is built on Ubuntu, which is built on Debian, and uses Ubuntu's repositories.
I used to use Ubuntu early on when I started using Linux again, but found Debian to be faster, cleaner, and a lot less bloat.
And for me, it worked without problems! That was the key right there.

Does those log-in IP addresses have dates?
I used to use whatever computer I was on at the time before I got the Silver Yogi, and since my previous computer I used to use on-line died, I use the Silver Yogi for nearly everything now, except accounting, which is done on an old computer not connected to the Internet.

I wouldn't worry about why I'm not getting Remembered until I see if I am tomorrow on Firefox.
And if so, then I will change the Google Links to see if that makes a difference.
Now that I know there is a 1 hour time out, I won't have to wait till tomorrow to give it a test.

For now, I wouldn't worry about it, until I try a few things at this end.

Have a great day Yogi!
User avatar
Kellemora
Posts: 6497
Joined: 16 Feb 2015, 17:54

Re: Outdated Medical Software

Post by Kellemora »

Quick Note: I checked my Google Chrome log-in and it was still using http. I changed it to https, that might be what was doing it.
User avatar
yogi
Posts: 8942
Joined: 14 Feb 2015, 21:49

Re: Outdated Medical Software

Post by yogi »

Unless you manually type in the URL to your browser's address box, you will always use a bookmark to get here. I suppose you could keep the web page open forever and not need a bookmark, but that gets messy. The conventional way is to use links, bookmarks, favorites or whatever your OS browser wants to call Universal Resource Locators.

As I mentioned in my previous explanation, the sessions here have a unique ID. That ID becomes part of the URL after you log into the site. If you are just doing a drive-by and not logged in, you won't see anything after the .com designation. Should you happen to create a link after you are logged in, then the session ID is appended to the domain information. When you use that link you will get an error because that specific session (ID) expires after 3600 seconds. You can still log in, but it would require extra steps. So, the moral of this story is to create all your links to Brainformation while you are NOT logged in.

Our server is now checking certificates because it is running in the SSL mode. All that certificate information is transparent and only needed by the server so that it can apply encryption, or not. Thus if I disable the certificate security check, and we are running in the SSL mode, the server doesn't know what to do. So it does nothing and you don't get into the site. And, of course, if we do check, the handshake completes successfully and you are in.

Before I turned on https we didn't check because we didn't send encrypted data. I'm not sure what you are doing in your Chrome browser to turn on https. My understanding was that it's a server side function. All the encryption and security tables occur after you request our web page from the server. The server then does it's thing. It delivers the web page (encrypted I presume) and your browser decodes it. I'm not aware of any mechanism wherein the browser has to be set to send https requests. It's probably a bad idea to sent it if the server isn't running it to begin with.

You are at least one generation behind the nouveau Debian crowd. There is nothing wrong with you running old software until you try to do something it cannot do. I don't believe you are in that situation. I want to use the version of Debian you have, the 9.x series, and try to duplicate the error. However, I cannot download Debian without giving up some login credentials I don't want to give away to an unknown (to me) website. Thus, my question to you is how can I download Debian directly and not via my Google Cloud Drive? I want to do it for this experiment, but I also have thought about testing Debian on a stick. I have some suspicions that it won't install on a stick and it may not run on my nVidia based computer. It's only a theory at this point derived from all those Debian based OS's that fail to install and/or run. I want to try the mother of all Debians to see what the heck they re up to.
User avatar
Kellemora
Posts: 6497
Joined: 16 Feb 2015, 17:54

Re: Outdated Medical Software

Post by Kellemora »

Hi Yogi - here is the release I have, it's on the Official Debian Website under Releases.

https://www.debian.org/releases/stretch/

Here is the main releases page

https://www.debian.org/releases/

Looks like only Debian 7 has become obsolete. I have Debian 8 on another computer, the one that overheats and shuts down on me, and although old, looks like it is still supported.

OH, I jumped in on Google Chrome using the https link I set up.
You asked how I do this. If you go into Bookmarks, then select Edit Bookmarks, it shows you the full link name path.
I noticed when I created the Firefox new Link it showed https, and when I checked Google it still showed http.
So rather than create a new link, I simply changed it to https, and got rid of all trailing info after .com
I'll try to check later before dinner and see if it now saves my log-in info.
User avatar
Kellemora
Posts: 6497
Joined: 16 Feb 2015, 17:54

Re: Outdated Medical Software

Post by Kellemora »

OK, it's 4pm.
I was NOT logged out using Firefox. I was logged out using Google Chrome.
I'm using the exact same log-in string on both.
However, that being said, I haven't logged back in yet using Google Chrome, so let me go do that.
And to make sure, I will log-out on Firefox this time.
User avatar
Kellemora
Posts: 6497
Joined: 16 Feb 2015, 17:54

Re: Outdated Medical Software

Post by Kellemora »

OK, I logged out in Firefox, and Logged in on Google Chrome, and told it to remember me.
I'll have to wait until tomorrow to see what happens.
User avatar
Kellemora
Posts: 6497
Joined: 16 Feb 2015, 17:54

Re: Outdated Medical Software

Post by Kellemora »

I just added this site to the google chrome ALLOW cookies list, even though I did not have any cookies blocked on chrome.
OK, till tomorrow and we'll see.
User avatar
Kellemora
Posts: 6497
Joined: 16 Feb 2015, 17:54

Re: Outdated Medical Software

Post by Kellemora »

Hmm. Google Chrome let me get in without logging in this morning.
But nobody is here, and no new posts.
You OK out there Yogi?
User avatar
yogi
Posts: 8942
Joined: 14 Feb 2015, 21:49

Sitns Of The TImes

Post by yogi »

I didn't realize until today that a young girl and her family live two doors down from me. Today there were signs on front of that house announcing the birthday. People have done this before on the day of a big party. It makes it easier for folks not familiar with the neighborhood to find the party house. I was here at the computer when a ruckus on the street got my attention. It was a small parade of cars, maybe 15 or 20, with signs and kids that were all reminiscent of the infamous Group W bench. The parade halted in front of the birthday girl's house and a few kids got out of the cars, one at a time, to drop off presents on the front porch. They all returned to their cars and the birthday girl herself appeared on the porch to wave at everyone.

Oh My Gods ... what an amazing time we are living in
User avatar
yogi
Posts: 8942
Joined: 14 Feb 2015, 21:49

Re: Outdated Medical Software

Post by yogi »

Meanwhile, back in the real world ...

I apologize for causing you any undue stress by my absence. Events around the house, plus an investigation into the current technical topic, took up a lot of my time this morning. I also decided I needed more cream for my coffee and would venture out to Target in pursuit of 38% butterfat whipping cream. I've been shopping online lately and running into more brick walls that the president is building along the border. Quite a few of the shops noted that what I wanted is in "limited supply" in the store. Come and get it because they aren't going to deliver it. That seemed contrary to the spirit of things these days, but I figured I would test out the system and see if Target actually has things that can't be found at Schuncks nor Dierbergs. It so happens my wife of many years has a Target Card that gives us a 5% discount on all purchases. Thus she was invited to come along and gladly accepted the invitation.

Target came through as promised on the hand soap, Puffs Tissues, and whipping cream. To my amazement they failed to provide me with a jar of fennel seeds and no Chex snacks are even stocked in good times. Well, I got the important stuff and considered the trip well worth it. Unfortunately my dear beloved wife didn't bring her card with her. :rolleyes:


Moving on to Debian 9.6 Stretch...

I had two goals in mind when I began my search for components to duplicate your login problem. One goal was the obvious, to replicate your problem. The other goal was to evaluate Debian as an OS. I've tinkered with a dozen Debian derivatives, and each one of them gave me an assortment of problems. I thought this would be a good time to determine if it's Debian itself, or are the hacks who think they are practicing FOSS to blame for my misery.

The version of Debian you are using 9.6 is not obsolete, but it has been replaced by the new and improved Buster version 10.xx. Because of this upgrade finding what you have in .iso form was not easy. Amazing as it is, the 8.x series was readily available as was the current version. But Stretch was elusive. I have no idea how you came up with those links for the distribution list because they never showed up in my Google searches. I did find Stretch eventually but could only download it via the cloud. This seemed like the dumbest option Debian could ever come up with, but several of the links I followed ended up with this freaking cloud download routine.

That was yesterday. This morning I found Stretch, and all the versions of it. The possibilities are mind boggling. It's not just the number of desktops they offer, but also the format. Obviously Debian is catering to the well informed aficionado of Linux and not to the guy who is willing to learn like me. Being the clever guy that I am, I managed to pick out the version with a Mate DE and in iso format. It downloaded too without forcing me to give up my cloud server credentials.

With Stretch in hand, more precisely with Stretch in RAM disk, I began to create Debian on a stick. I use Virtual Box for this because I learned my lesson with Ubuntu. Never ever give any version of Linux the option to interact with Windows lest you want to spend a few days reconstructing the Windows Boot Manager that the Ubuntu installer destroys. Well, Debian isn't Ubuntu and I must confess to actually liking the installer Debian uses. It's clean, clear, and user friendly. I only had a 16GB stick at my disposal but apparently Debian can run in that confined space. That is, if you don't install all the software that can be installed.

With Debian on a Stick completed I plugged it into the laptop. You know the one. The laptop with Windows, Mageia, and Ubuntu installed on it already. Well, this is the USB stick version of Debian and it has it's own ESP partition for UEFI; what could go wrong? The answer to that is ... EVERYTHING.

All my working Linux OS on a stick boot immediately of their own. They bypass the Windows Boot Manager without me having to tell it to do so. Not so with Debian Stretch. The initial boot required me to fetch the Windows Boot Manager manually and select a device from which to boot. The stick was on the menu, so that is what I chose to boot from. It all recycled but whatever is in that Stretch ESP boot partition didn't make sense to my laptop. Thus it booted right back into Windows.

No problem, although it's an irritation. I have a way to bypass the Windows Boot Loader. It's called reFINd; also a choice in the Windows Boot Manager menu. reFINDd is pretty clever in that it lists all the possible ways to boot. This is what I like about it. Not only could I choose to boot via the ESP partition (with Grub) but I could also boot directly from the /boot directory in Debian by calling the kernel from there. I chose Grub, because, well, that's how Linux is supposed to work. Grub picks the boot device. Well it gave me the Debian Grub menu with three choices: to boot Debian, to boot Debian with advanced options, and to boot into system setup (BIOS). Obviously, the first choice is the correct choice. Or is it? Booting directly into Debian results in failures to mount the USB stick. Says no such device, which is odd because it's the stick generating the error message. Well it tried a few other alternatives automatically, but ultimately failed and kicked me into the built-in shell (initramfs).

As a side note I will tell you that I found this problem discussed in the Debian forums for the first release of Debian 9.0. They went on and on about how the bootloader is broken in all the versions of Debian and were emotionally distraught that the developers didn't catch this. By the time I got to the end of that thread 9.1 was released and the problem fixed. The very last post was by somebody who complained that it's been more than a year now and the problem still exists. I can agree with that dude.

My last option was to use reFINd to call up the kernel directly and bypass Grub and whatever kernel commands it has. Finally booted to what looked like a desktop but the page was blank except for the background image. There was nothing to click and no sign of Mate anywhere. At this point I figured Debian was just doing what I have known it to do since day #1; it is breaking the desktop because it refuses to recognize nVidia.

The solution to THAT is to place the kernel instruction nouveau.modeset=0 in the Grub menu, which does not work and is why I was bypassing it in the first place. Fortunately, reFINd has a way to add those kernel commands, which I did. At last, I was taken to a pseudo desktop environment that had three icons: Computer, Home, Trash. Also a blank panel bar appeared at the top. This would be the point at which nVidia gets installed, but there is no way to call up any programs from any menu. Not even a terminal was available. Nothing. Just three icons, which seemed to work fine by the way.

After much wailing and gnashing of teeth I discovered that items could be added to the panel if you were fortunate enough to know exactly how to do that, plus if you were fortunate enough to see what you wanted in the options menu. I never did find a terminal that could be called. I found timedate, system monitor, and a launcher which didn't launch anything. Synaptic was there, but, of course, it would not display no matter how many times I begged Master Debian to have mercy on me.

At that point a memory of your defense for Debian came to mind. You like Debian because you can do whatever you want with it. In fact you MUST do something because it will not work right out of the box. And, of course, since I was clever enough to figure out how to get this far, the gods of Debian assumed I knew what had to be done to actually make the OS workable.

Well, as you can guess, I am not happy with this experience and will not consider Debian to be a viable operating system. It's possible that things are better in Buster, but I'll wait until those pigs learn how to fly before I test that out. I will end this rant by telling you how much admiration I have for your creativity an ingenuity. You got Debian all figured out and are actually doing some useful work on it to earn a living. You are to be congratulated my friend. I honestly can see why you like this operating system. I don't understand for the life of me why it is popular anywhere outside your garage office. It's just not worth the trouble.
User avatar
yogi
Posts: 8942
Joined: 14 Feb 2015, 21:49

Re: Outdated Medical Software

Post by yogi »

Getting back to your login problem, I'm going to assume that the problem doesn't exist anymore. You do indeed need cookies to post on this site. It has to do with that session ID that is part of the cookies. Some browsers will allow you to edit cookies individually as opposed to sorting them by white or black lists. There should be a handful of cookies identified with brainformation. If you can't see them in your list of cookies, that is the problem. If they are there but you still can't log in ... I don't know what to do for you on this end. Should you still be getting kicked out after the 1 hour off line interval, I'll go back to the phpBB forums and actually post a question. We are not the only ones seeing this happen.
User avatar
yogi
Posts: 8942
Joined: 14 Feb 2015, 21:49

Re: Outdated Medical Software

Post by yogi »

https://bfchat.brainformation.com/ucp.p ... login_keys

I'm very embarrassed to have to tell you this Gary, but, there is a new feature to this site that I didn't realize existed. I don't even know when it was added. If you go to edit your profile, you will find an option in the left hand column to "Manage Remember Me login keys." It lists all the keys from unique login sessions and it looks like the only option you have is to delete them. You might be interested in simply seeing if a key exists. You should have at least one for each unique IP address and each unique machine. I honestly don't know much about that setting. It's news to me.
User avatar
Kellemora
Posts: 6497
Joined: 16 Feb 2015, 17:54

Re: Outdated Medical Software

Post by Kellemora »

From post 2:11pm - You don't want to try Buster, technically it is still buggy and not considered stable yet.
I have Debian 8 on one computer, now obsolete but works, along with Windows XP and an older Ubuntu I never use.
Debian 9 on this computer, along with Windows XP Pro MCE, Ubuntu 14 and Ubuntu 15, and Debian 8.
I think Debian 8 was upgraded to Debian 9, but I decided to do a clean install of Debian 9.
And Debian 10 on another computer as a test, along with Linux Mint 19.3. The Win10 computer reformatted.
I don't know why you have so many problems with Linux?
Debian is NOT a turn-key system like Ubuntu or Mint, it's bare bones and only a few essentials.
However, it is what I like the best of all of them.

From the 2:19pm post
I could get in without using log-in yesterday evening.
But this morning I had to log in again.
I would have to from Firefox too since I purposely logged out there.

From the 8:23pm Post
After I send this I will go and check to see what it shows.
I also Installed the latest version of Google Chrome which appeared in my upgrade notice last night.
Any time I upgrade Chrome, I have to log-in again everywhere.
User avatar
Kellemora
Posts: 6497
Joined: 16 Feb 2015, 17:54

Re: Outdated Medical Software

Post by Kellemora »

I took a look at the list, and it looks to me like I get a new key each time I visit.
The list I see goes back to January, and I didn't log in with any computer except this one until I tried Firefox the other day, and that too was from this computer.

The IP address is the same all the way down the line, but I don't recognize it, must be Comcast's IP for my account?

I'm going to delete every single one of those lines, including today's so the table is empty.
Then I'll see what happens when I try to log-in right away, then after a couple of hours.
Post Reply