* Posts by Ben Tasker

1112 posts • joined 23 Oct 2007

Page:

Musk: 'It's BS for ex-Vulture to claim I forced employee to miss sprog's birth'

Ben Tasker
Silver badge

Re: Big moments vs the small...

> each of those moments more precious to me than that initial birth thing.

Agreed - I'm glad I didn't miss littlun's birth (though I should have said no when told I could see him crown :( ) but it's the times since that stick in mind.

0
0

Lightbulbs of the future will come with wireless extenders and speakers

Ben Tasker
Silver badge

Re: And unless the security is up to scratch...

And all so you don't have to get off your arse to let them in - I don't get the problem with going and opening the door personally....

5
0

'Use 1 capital' password prompts make them too predictable – study

Ben Tasker
Silver badge

Re: Password generators

Max lengths piss me off, given the things should be salted and hashed in the database anyway (long passwords are all reduced to the same length as short passwords in terms of DB storage). So why limit me to 8 characters??

I can understand having some kind of a limit so I don't try and set a 10KB string as a password, but low character limits are just stupid.

10
0
Ben Tasker
Silver badge

Re: Password rage

Yup, VbV is a complete waste of time.

I actually made the effort to try and remember the phrase I used a while back (rather than setting a random string knowing I'd just reset next time). Got one, ONE character incorrect the next time I tried to use it, and as a result of that single borked attempt they made me reset and wouldn't let me reset to the phrase I'd bother to remember.

So I'm back to 'forgot my password' -> set to a random string -> make no attempt to remember it

Which means it, once again, provides bugger all value whatsoever.

8
0

This open-source personal crypto-key vault wants two things: To make the web safer ... and your donations

Ben Tasker
Silver badge

Just guessing, but:

I'd hope the thing was thoroughly audited by someone else before shipping - finding that someone will cost something.

Getting set up to manufacture, even with limited runs can be an expensive proposition. You might be able to design and build a rough prototype for 50, but good luck getting any manufacturing plants interested without

a) a high cost small run

b) a lower cost, guaranteed run of a given quantity

It's not like they're planning on building these hsms in their garage, is it?

The other option is to not raise so much upfront, and hold orders until the manufacturers minimum run size is achieved. IME that's insanely frustrating when you're wanting to get your hands on the thing.

1
0

Self preservation is AWS security's biggest worry, says gros fromage

Ben Tasker
Silver badge

Re: Wrong priority

To an extent you're right, but also wrong.

They need to insulate customer B from nefarious customer A as far as possible, that's true.

But if customer A gets pwnd and the attacker ultimately manages to get a block of IPs added to a RBL then, even if customer A leaves, that may effect customer C (who's been unlucky enough to be allocated one of those IPs).

Would I lose sleep? No. But there is definitely some worth in trying to educate customers not to be complete tools when it comes to security.

2
0

Because the server room is certainly no place for pets

Ben Tasker
Silver badge

Re: Tape and VM? - LMFTFY

This is a pointless article with baseless scaremongering

'Toxic IT'? Seriously?

Not everything can be efficiently virtualised. JIRA is a (reasonably) popular enterprise app, and it _can_ be virtualised (in the sense that it's not impossible), but the problems you invite by doing so can be potentially myriad (especially if you've got vmotion set up). If your business relies on a tool being available, why take that risk?

Virtualisation is a tool, it's important to understand when to use it and when it's not appropriate to do so - that's going to change on a case by case basis, so there aren't really any blanket rules on what should be virtualised.

It's also equally important to ensure non-technical managers understand that just because you could run all those 'toxic' servers as VMs on a single host (to reduce costs), it's not necessarily a good idea.

The phrase 'Toxic IT' sounds like the garbage you might hear come from a marketing dept, not from an educated professional.

For the record, I definitely wouldn't fall into the 'old' category either.

33
1

Google sticks anti-SQL injection vaccine into MySQL MariaDB fork

Ben Tasker
Silver badge

So in case anyone's still wondering (or y'know, wants to make the article factually correct).

The Anti-SQLi measures are implemented by sending your queries to the Database Firewall Filter (called MaxScale) rather than direct to MariaDB itself.

Maxscale appears to support a wide range of filters (including things like requiring a WHERE within delete queries), including time based one's (no delete's outside of working hours for example).

There's not a huge amount of documentation on the anti-SQL side of things at the moment (it just says block specific queries) so I'd guess it's using simple pattern matching rather than fingerprinting (which is what this script for MySQL does).

There's a public repo for Maxscale here but I'm guessing the anti-SQLi filter has yet to make it into there as I don't see any commits that stand out as obviously related (and nothing referring to it in the release notes).

0
0
Ben Tasker
Silver badge

I'm completely guessing here, though if I get time I'll probably go and have a read of a more reliable source than TFA.

As the SQL Injection protection seems to be within a query firewall (rather than related to the encryption as El Reg claimed), I'm going to hazard a guess that it does simple query interpretation, looking for things like a UNION within a query that, every time it's run previously, has not included a UNION.

i.e if the query is normally

SELECT title,content FROM articles where id=1;

And the following comes through

SELECT title,content FROM articles where id=1 UNION SELECT username,plaintextpass from users

Then it'd be blocked.

It's only a guess mind, but given Google's propensity for behavioural analysis, I wouldn't be surprised if there's some profiling of queries received and then anything outside of the 'normal' profile gets additional filtering to try and identify whether it's an SQLi attempt.

Still better to fix/avoid SQLi at the application though

0
0

Aw, snap! How huge HTML links can crash Chrome tabs in one click

Ben Tasker
Silver badge

On the upside, the pre-fetching is relatively easy to disable, though the naming is a bit flakey - "Predict network actions to improve performance".

I'm not sure what benefit it really gives, even on a slow connection I tend to find DNS resolution is often the fastest element of accessing a new site.

The page pre-loading functionality is potentially fucking scary too (disabled by the same checkbox) - Chrome will try and work out which link on a site you're likely to click on next and then pre-load in the background.

You can drop meta-tags into a page to tell Chrome what to prefetch (so presumably link rel='dns-prefetch' href='lorem ipsum.......' would also cause a crash) - so can do link rel="prerender" href="myevilpage.htm"

Google's docs note that pre-rendering is resource heavy, so in theory (at least) you could probably also create a page that just spams the browser with prerender.

0
0

You want disruption? Try this: Uber office raided again, staff cuffed

Ben Tasker
Silver badge

There's no barrier except that Uber are supposed to... you know.... comply with local legislation and get a license.

Whether or not there's protectionism going on doesn't really factor in to that. If local laws specify that Uber need to do something, they have 2 options

- comply

- challenge the legislation

What they can't do, is pretend that the legislation doesn't apply to them and operate any way.

Unfortunately, that's what they seem to have been doing.

We don't tolerate the likes of Kraft coming over here and saying "well the food standards requirements are lower in the US, so we're going to ignore the UK standards". Why would this be any different?

To operate in a country, you need to comply with their laws, even if you think the laws are backwards

9
0
Ben Tasker
Silver badge

Re: illegal software...

@ac

Whilst you might be right about the existing industry being overprotected dinosaurs, it should be pretty clear by now that Uber make a pretty crap poster child.

They may be challenging the existing models, but the company is clearly a walking nightmare.

From security to data-mining, they don't seem capable of operating in a manner that is in the interest of consumers.

The appears to be a bunch of incompetent, over-litigous data-sucking assholes, but hey they're challenging the status quo so it's all forgiven right?

The enemy of your enemy is not always your friend.....

10
0

Dot-sucks sucks, say lawyers: ICANN urged to kill 'shakedown' now

Ben Tasker
Silver badge
Joke

Re: Who the hell cares about domain names? It's just an address!

>The Human language name is NOT the IP address... snip...The Human Language name(s) have

> NOTHING to do with the IP address, except in the minds of the technologically incompetent ...

What about

seventy-two-dot-six.ty-one-dot-fourty-three-dot-eig.ht

That could also be the IP (72.61.43.8), in which case it'd also have quite a lot to do with the IP - though I suspect the technologically incompetent _would_ fail to make the association.

EDIT: Reduced label length by adding a subdomain

Sorry.... feeling ever so slightly argumentative today, does it show?

1
1

Assange™ lawyers demand Swedish prosecution files or no London interview

Ben Tasker
Silver badge

>If he refused to meet them, then hopefully the prosecution could use that to make a case for waiving the statute of limitations? The fact that he makes a new demand everytime he gets a concession should be going into the building of a case

It's quite possible it is - the prosecution have to show diligence, so it may well be that they go to a court, and use his 'evasiveness' to have the statute waived.

Aside from perhaps arguing points of law, there's not much his defence could do about that if it's Julian that's been unreasonably causing the delay (and demanding changes in laid down process would be unreasonable I think).

0
0
Ben Tasker
Silver badge

It's an interesting question, Assange has been given asylum to protect his physical person, not so that he can do and say whatever he feels like after all.

Ecuador would probably have a harder time (diplomatically) refusing to allow a 'harmless' interview. On the other hand, that's assuming that no spin is applied to it at all.

Asking to have the prosecutors papers at an earlier stage than it would normally occur sounds very much like a stalling tactic to me. If it's not a stalling tactic, it's pure arrogance in thinking that a country's legal system should willing jump through the hoops put in place by a suspect.

5
0

Shock development: Darkweb drug n' gun dealers are untrustworthy

Ben Tasker
Silver badge

Re: Stealing from crooks is never a good idea.....

I heard from a friend of a friend that, erm, Justin Beiber did it.

A comment like that can only lead to this - https://www.youtube.com/watch?v=7Dci1iet9kc

0
0
Ben Tasker
Silver badge

Re: Important distinction

They might have a dollar value on some dodgy market somewhere but that doesn't mean you can do anything economically worthwhile with them.

That's likely part of the problem they now face. The dollar value of the BTC may be high, but there are going to be some very pissed off people watching the blockchain trying to work out where that money has gone.

Cashing that amount out, even in small amounts is going to be pretty risky for a while (given you don't know exactly who you've pissed off, or how well connected they may or may not be).

After a theft a while back, one guy was even dedicated enough to follow transactions through a tumbler, so tumbling the coins (and it's likely no tumbler has that amount spare anyway, so you'll poison your tumbling pool pretty quickly) isn't necessarily a defence.

1
0

Microsoft scrambles to kill Live.fi man-in-the-middle diddle

Ben Tasker
Silver badge

suggests that attackers had their fingers in the admin@live.fi pie before asking Comodo for a certificate

Nope, it sounds like the guy realised he could add 'hostmaster' as an alias for his account, told Microsoft and the Finnish authorities and nothing happened.

Eventually MS woke up, and froze his account completely.

What isn't entirely clear, is whether he told MS and then registered the cert to prove his point, or whether he registered the cert and then told MS.

Either way, registering the certificate was probably an overstep IMO

http://arstechnica.com/security/2015/03/man-who-obtained-windows-live-cert-said-his-warnings-went-unanswered/

1
0

Princeton boffins sniff Tor users' IDs from TCP ACKs and server sweat

Ben Tasker
Silver badge

Re: "Boffins confirm what Tor has said all along"

Yup. Whilst it's good to see research still being aimed at Tor, the headline makes it sound like a brand new attack vector has been achieved, rather than further confirmation of a known threat.

1
0

Linux kernel devs adopt Bill and Ted's excellent code of conduct

Ben Tasker
Silver badge

Every time I have read about Linus addressing mails to someone before, it was for his absolutely unacceptable attitude as far as professional communication is concerned.

Do you follow the kernel dev mailing lists? There's some interesting reading, but most of it isn't news worthy. The stuff that makes the news is normally a flame, but the majority of the emails you'll see over there don't even come close.

It's like judging an entire (small) country based on what you've seen about it in the news. You'll likely only have seen the very best (or worst) of what someone else has judged news-worthy.

Generally speaking, making _a_ mistake isn't enough to get flamed. It's continually making the same mistake, or arguing that you're right and everybody else needs to change that gets you flamed.

I'm not saying it's the right way to approach it, but it's hardly as black and white as you've painted it

2
0
Ben Tasker
Silver badge
Joke

Re: Code reviews

That sounds like middle management waffle, but it's still better than standing on a chair/desk and screaming at people telling them how useless they are.

You're doing it wrong. How are you supposed to throw the chair if you're stood on the thing?

7
0
Ben Tasker
Silver badge

Begging your pardon, but I do not where the withering attack on his intelligence is. Nor do I see any overt contempt of coding skills. Finally, there is no invitation to become a pizza deliverer.

He may well have gone that route, verbally, seeing as the object of his ire (himself) was in the same room as the one expressing that ire (himself).

It'd be kind of weird if he emailed a huge flame, addressed to himself, into lkml. That he didn't doesn't mean there was no brimstone, just that he didn't need email to communicate it (which he does with other contributors).

Not saying that the way Linus behaves is necessarily right, simply that what you're saying is wrong as it misses a few logistical points.

6
0

Fareit trojan pwns punters with devious DNS devilry

Ben Tasker
Silver badge

The latest variants of Fareit are infecting systems via malicious DNS servers, Finnish security firm F-Secure warns.

These servers push bogus Flash updates that actually come packed with malicious code

Now, that's not exactly true is it?

The malicious DNS server is ensuring that your query for facebook.com resolves to a malicious webserver. The DNS server itself isn't pushing the bogus flash updates, that's the job of the malicious web server (which may or may not be the same physical box).

The means of payload delivery has nothing to do with DNS, DNS is simply being used to get browsers to the server that worries about that delivery.

What's happened to El Reg lately?

5
0

Don't pay for the BBC? Then no Doctor Who for you, I'm afraid

Ben Tasker
Silver badge

"And while they are at it, could they add road fund license, and 3rd party car insurance to the cost of fuel - no avoidance, no collection required, no enforcement costs."

You've got people complaining about having to pay the license fee already, what do you think it's going to be like when they start complaining that they shouldn't need to pay road tax/insurance whenever they need to refill their lawnmower/generator/chainsaw?

0
0
Ben Tasker
Silver badge

Re: We should pay for TV we dont want

So how does "The Discovery Channel" and "The Disney Channel" survive?

By catering to the lowest common denominator, which may or may not (in the viewers opinion) lead to lower quality programming. In my view, it generally does, though it's not like I don't criticise some of the crap that the BBC churns out (Strictly, some of the 'science' shows) they do sometimes put a real investment into some high quality shows

Someone mentioned ITV and it being free, presumably they haven't looked at the garbage that ITV have resorted to airing. Most of it is utter shite.

0
1
Ben Tasker
Silver badge

Re: Well

My experience of people who complain that the BBC is biased is usually that they're talking about a specific episode/series rather than looking at the whole offering. So you get 'the Beeb is biased' as a result of a documentary specifically looking at one side of the argument, whilst ignoring the fact that other programs look at the other side (or both sides).

I don't watch it much anymore, but I think the Beeb is pretty good value. Look at what the commercial broadcasters do with things like nature documentaries and you soon realise the BBC is a step ahead. Personally, I would rather they'd scrap Strictly Come Dancing (as I think that's something a commercial broadcaster would happily make) but I try not to whinge about it and claim the licensing fee should be scrapped.

1
1

NO ONE is making money from YouTube, even Google – report

Ben Tasker
Silver badge

Re: No one making money from YouTube

My littlun seems rather taken with the videos she makes, I dare say he'd be making her a nice amount if the ads weren't blocked.

1
0

'If someone in Australia says lick my toad, it's not a euphemism'

Ben Tasker
Silver badge

Re: Marmite?

instead of washing it down the drain where it belongs

You can't do that with Marmite! Subjecting anyone working in the sewers to something so unimaginably gross is inhumane.

Probably better to burn it, or maybe throw big globs of it at politicians.

2
0

Wham, bam... premium rate scam: Grindr users hit with fun-killing charges

Ben Tasker
Silver badge
Joke

Re: Are we talking about a parallel universe I'd like to live in?

I am anti-gay in the sense that I am anti-avocado. I don't like avocado and so I don't have it.

So you don't like fruits?

Sorry......

0
0

I ain't afraid of no GHOST – securo-bods

Ben Tasker
Silver badge

Definitely well worth a read :)

0
0

Sly peers attempt to thrust hated Snoopers' Charter into counter-terror and security bill

Ben Tasker
Silver badge

Feckin hell, I had to double check that wasn't on The Onion.

That's a pretty big leap in utility from a system sold as being used for detecting terrorists. Can't say I'm surprised to see Council Tax listed as one of the things they'll stop you leaving the country for, given they already charge you council tax for the period that you're in prison for failing to pay said council tax....

2
0

China 'upgrades' Great Firewall. Oh SNAP! There goes VPN access

Ben Tasker
Silver badge

It only looks like https at a casual glance, and even then that's dependant on what's traversing the tunnel (we're of course talking volume).

It's certainly more expensive to block (as you'd need to do some analysis), but it's certainly doable.

1
0

YOU. Your women are mine. Give them to me. I want to sell them

Ben Tasker
Silver badge

Re: "In no way am I suggesting that INgrooves is an evil bunch of bastards"

The DMCA can be particularly harsh when a copyright holder crosses the line, however, that's only IF the copyright holder manages to do the one thing that the DMCA provides punishment for - KNOWINGLY filing a notice for which you are not the copyright holder (or authorised on behalf of).

In other words, if a company files a shitload of correct ones and accidentally includes half-a-shitload of incorrect ones, they're safe. They have to have known they didn't have the rights, and proceeded anyway for there to be any chance of them getting slapped.

So when a company accidentally gets Github projects unlisted from Google, or 'accidentally' monetizes someones videos, that's apparently fine as they didn't deliberately set out to file a notice against something they had no claim to.

The cynic in me wonders whether this is part of the reason they use bots. Bot's are great for dealing with the huge amount of content which may need reviewing, but are also a way to avoid having a human review the notice before it's sent - anything wrongfully submitted is accidental, so you don't get raped by the DMCA's counter provisions

6
0

'Linus Torvalds is UNFIT for the WORKPLACE!' And you've given the world what, exactly?

Ben Tasker
Silver badge

Re: How bad is Torvalds?

Regular people may prefer to spend money on Windows, but from what I hear, Fox News is also quite popular in the US.

Popularity is a terrible measure of quality.

Although, I've personally never understood why some people were so bothered about Desktop dominance. As long as I can run what I choose, frankly you're free to run MSDOS if that's what you prefer.

30
2

Which of UK's major ISPs will let you have exotic p0rn? NONE OF THEM

Ben Tasker
Silver badge

Yup, it's the first time that I've felt both that an article is worth sharing, but also that the headline is so unrelated and clickbaity that I've had to edit it before hitting 'Tweet'.

Especially given that the reference to porn in the article refers to Child Porn, which isn't exactly what I think of if someone mentions exotic porn......

9
0

Scary code of the week: Valve Steam CLEANS Linux PCs (if you're not careful)

Ben Tasker
Silver badge
Joke

Re: Classic

Do a 'safe' test run first

ssh root@someonelesesbox "rm -rf $DIRECTORY"

The best advice, really, is to always carefully think about what you're actually running (not what you think you're running), though mistakes can happen.

1
0

You'll get sick of that iPad. And guess who'll be waiting? Big daddy Linux...

Ben Tasker
Silver badge

Re: Hmmmn, I've found linux in a right state...

I've found Gentoo has stayed reasonably stable in that respect over the years, and Slack always deserves a mention for that too.

Mind you, I'm reasonably easily pleased, as long as there's a terminal and browser I can do most of what I need to do (and enjoy doing).

Do have a Kubuntu install (for Wifey) and will admit I've been getting increasingly frustrated within it with each 'upgrade'.

2
0
Ben Tasker
Silver badge

Re: Lee D Laptop/convertible+smart phone

@Matt

Canonical also nominally provide support (through Ubuntu Advantage) though I've not heard much about it, and what I have had hasn't been entirely endearing.

1
0

US drug squad cops: We snooped on innocent Americans' phone calls too!

Ben Tasker
Silver badge

Re: The agency is no longer collecting bulk telephony metadata from US service providers.

I suspect the last quote may have been stripped too

It has not been active nor searchable since September 2013, and all of the information has been deleted... from our servers.

Suspect there's likely a 'backup' elsewhere, even if only to allow comparison against the NSA's database.

8
1

'American soldiers, we are coming...' US CENTCOM military in Twitter hijack shame

Ben Tasker
Silver badge

Got beaten to it...

..on Twitter of all places, but this seems appropriate given the breathless reporting elsewhere - http://xkcd.com/932/

9
0

Pastebin: The remote backdoor server for the cheap and lazy

Ben Tasker
Silver badge

Re: Uhm.

Firstly you'll note wordpress is the actual issue here (as described) - if you want to be worried about something be worried about the insecurity of your actual app. What happened there might not be relevant to your problems (it's extremely likely it isn't)

Does seem odd doesn't it? The attacker has managed to execute arbitrary code in order to retrieve some other arbitrary code and execute it and the solution is block pastebin?

There may be some logic to blocking it if you've absolutely no need for it - as it's (apparently) currently being commonly used as a low tech C&C you do at least block that route, but if enough people do block pastebin it's use as a C&C will drop and the blocking becomes worthless.

0
0

Dread Pirate Roberts suspect's defence holed below the waterline

Ben Tasker
Silver badge

I promise that wasn't there when I posted earlier - or at least I'm pretty certain it wasn't...........

0
0
Ben Tasker
Silver badge
FAIL

The judge has now explained in detail why she comprehensively smacked down the requests, and in doing so has provided a hugely detailed outline of the evidence the Feds hope will put Ulbricht behind bars.

And yet the article doesn't even drop a hint of what the reasons were............. Given the title is that the title is that his defence is essentially sunk, some additional info might have been nice - sure I can click the link and read the ruling, but I thought the whole point was El Reg wanted to keep our eyes on theregister.co.uk (and by extension, the ads).

5
1

BAN email footers – they WASTE my INK, wails Ctrl+P MP

Ben Tasker
Silver badge

Re: HEAR HEAR!!!

Due to the last two points, I would suspect they have next to no legal value. Pretty sure for a legal document to stand, the person has to see it and agree to it first before it becomes binding.

Yup, pretty much. As it accompanies the email it's has no power over you what-so-ever, the sender opted to send you that information (quite possibly without having ever communicated with you before hand) and therefore you've not been able to negotiate terms/agree a consideration etc.

Although they're often written to look like a contract, no legal contract has been created, so they serve to do nothing but make those who don't know any better feel warm and fuzzy.

10
1

UKIP website TAKES A KIP, but for why?

Ben Tasker
Silver badge

would be allowing budget surpluses in government departments to be retained for the next year without having next year's budget slashed, eliminating the annual glut of wasteful spending that so often occurs.

It's a nice idea, but it'd take years to take effect. If they brought it in, no department would trust that it wasn't just a temporary thing, and so would still spunk the cash in case failing to do so might lead to budgets being cut a few years down the line instead (as a result of a change in Government, policies whatever).

Thanks for your opinion, but most of the rest of the world is outside the EU and it's not dangerous for them.

I don't know exactly what the OP meant, but my interpretation was that it's dangerous because UKIP seem to have no clue on a wide range of issues. Their strong focus on key areas, within a (relatively) small party comes at the cost of some of other (potentially more important) issues.

Personally, I'd hate to see UKIP get into power. I had hoped their surge in popularity might make Cameron and chums rethink a few things, but aside from small hat tips, that doesn't seem to have happened.

1
3

Dev put AWS keys on Github. Then BAD THINGS happened

Ben Tasker
Silver badge

Bang on the mark, in fact there are (at least) two different sets of API keys in his commit history, spread across 4 different commits.

Note - are, not were - it's all still there. So the bot had much more than a 5 minute window to purloin them.

2
0
Ben Tasker
Silver badge

Re: What about pre-payment?

To be fair, if you're that determined to 'Pre-Pay' your Amazon account, it's fairly straight forward.

Buy £50 of Amazon gift cards

Apply them to your account

Don't register a card against the account

Whenever your bill comes out they'll subtract from the credit, though you can probably expect some shitty emails if you do go over.

0
1
Ben Tasker
Silver badge

Re: What about pre-payment?

Yup hadn't purged them fully (though he's now revoked) - https://github.com/andhof-mt/shriek/commit/799a62ed075954eac673322b9f69963ad815c4d0

@bigtimehustler

Looking at his post, I'm not sure they were just S3 keys, though it's hard to say for sure. Certainly can't find any reference (based on a _very_ quick google) to being able to fire up EC2 instances through the S3 API - though if it is true, that's some spectacularly bad design by Amazon.

But yes, either way, they definitely had too many privileges. Mind you, if you look at the average S3 tutorial online, the various authors all seem to think that creating limited privileges in IAM is too complex and skip over it.

2
0
Ben Tasker
Silver badge

Re: What about pre-payment?

Aside from the obvious issue of storing credentials securely

And, as appears to be relevant here - actually bothering to set up non-privileged keys. If they were spinning up EC2 instances (and the dev seems surprised by it) then either he was using a key with permission to do so (i.e. it's been configured in IAM) or more likely was using his root keys, granting the attacker unlimited access.

Wonder whether he remembered to purge the keys from his commit history, a 5 minute window is pretty short...

1
0

UFOs in the '50s skies? CIA admits: 'IT WAS US'

Ben Tasker
Silver badge
Joke

Re: Who else?

FWIW, the standard alien "experiences" tend to follow movies of similar themes - showing that most people involved are fairly suggestible. They may _believe_ they were abducted by aliens, but it's more likely to have been a particularly vivid dream, possibly years after seeing Close Encounters, etc

To pile conspiracy on top of conspiracy, as you said

The CIA and several other organisations spent a long time planting people in various tinfoil hat brigades to keep them paranoid

Let's accept that's true - the ultimate way for the CIA to keep the paranoia (and outward appearance of such) would be to do a few 'alien' abductions themselves. Slip the targets a few drugs and then wear rubberised suits whilst brandishing a certain medical instrument related to the bottom, lots of light's etc.

Mind you, if it came out, I guess an anal-probe could be seen as state sanctioned anal rape....

2
0

Page:

Forums