* Posts by Justin Clift

64 posts • joined 1 May 2007

Page:

What Ashley Madison did and did NOT delete if you paid $19 – and why it may cost it $5m+

Justin Clift

Re: Greasy

In the UK there is such a thing as the Telephone Preference Service. It's a list of phone numbers that shouldn't be called. If a telephone sales organisation is using the telephone book they should filter it against that list..

Really wished that worked over here in the UK. In Australia, there is a (national?) "Do Not Call Register", which is easy to add your phone number to online. It's enforced well, and marketers really don't screw with it.

Nothing over here in UK seems to work though. :(

Extremely sick of robodialers and similar ringing during the day, when I've been working through the night (am not a morning person!), so I got rid of my landline, and I no longer live in a mobile service area. Problem solved so far. (Hope I don't need to make any emergency calls!)

0
0
Justin Clift

Re: Hmmm...

If the encryption had been made at the application level (that is, it is decrypted by the application itself, but stored encrypted in the DB), it wouldn't have been in cleartext in those dumps. Because they were made with mysqldump.

Sure. (Note - I have not looked at the AM data set at all, as it's not of any interest to me.) The attackers had full root/superuser/admin level access though, so encrypting the data in the application instead of in the database just means they would have proceeded slightly differently to get the end result.

So after using mysqldump, they would have then decrypted that using the same key/password/whatever that the application is unlocking it with. (This is pretty straightforward stuff, and not hard to do.)

0
0
Justin Clift

Hmmm...

"This massive data breach could have been prevented had Defendants taken the necessary and reasonable precautions to protect its users' information by, for example, encrypting the data entrusted to it by its users on a database level so that any information hacked and downloaded appeared in the encrypted format," the complaint reads.

The hackers seemed to pretty much have root/superuser/admin access to the entire AM IT infrastructure, and "the database" mentioned there is a live/running one. So, it's pretty safe to say encrypting the data at rest wouldn't have stopped them gaining access to it, since they could access it via the running application.

That being said, encrypting the data at rest isn't a bad approach for stopping other attacks. ;)

11
0

Your smartphone can be a 3D scanner, say boffins

Justin Clift

Hopefully they Open Source the software

This sounds like it would be useful software to look through and adapt into other scenarios. eg using a webcam attached to (fast GPU) computer, it might be possible to create some pretty accurate 3d models of things at hand, body parts, etc. :)

0
0

SourceForge staggers to feet after lengthy STORAGE FAIL outage

Justin Clift

Hopefully...

Hopefully this motivates more projects to move. :)

4
0

Server storage slips on robes, grabs scythe, stalks legacy SANs

Justin Clift

Re: No spam

I'm not affiliated with the companies, I just like the products.

It's a box. You can put any hardware you want in the box. Got 100GbE CNAs? 12x EDR Infiniband? 128 GFC engineering samples magically appeared? If your software supports it knock yourself out.

Got it. Wasn't clear from their website, as even with their "Custom" builds they're only giving choices of 10GbE. Seemed very limited.

0
0

SourceForge goes TITSUP thanks to storage fault

Justin Clift

Good

I hope they don't recover. Really.

0
0

The Great Barrier Relief – Inside London's heavy metal and concrete defence act

Justin Clift

Re: +10 for the article, -100 for the noisy advert

Why do you have flash set to auto play on any site?

Doing that is a security hole, as most places get their ads through brokers and don't control them directly. This has been a successful exploit vector in the past, and still likely is.

0
0

Surviving Hurricane Katrina: A sysadmin's epic DR (as in Didn't Realise) odyssey

Justin Clift

DR is like backups...

Back when this happened, not only didn't you have reasonable DR in place... you also didn't have reasonable backups in place. :(

Saying that because you point out several times you weren't sure what info your company needed, so therefore weren't sure what should be transferred to the remote site.

Figuring out what info is needed by your company is the Foundation of a backup regime (let alone DR). If you had a solid backup plan in place, there's no way you could be unsure about what was needed. :(

"Solid backup plan" also means "one that gets tested" (preferably well documented) so that when Shit Hits The Fan there's minimal guesswork to be done.

---

That being said... we all have learning experiences. If you still do important SysAdmin stuff to this day, hopefully you verify/test your backups (and any DR) you do these days. :)

2
0

MAC address privacy inches towards standardisation

Justin Clift

Re: Randomising MAC address

"If you randomise a MAC address connecting to an access point, how am I supposed to ... keep tabs on which machine is which ..."

Yeah, I think that's the whole point. :)

Note though, I do agree that in workplace settings this could be a real pita.

0
0

Apple's iPhone 7 to come loaded with depth-sensing camera, supply chain spies claim

Justin Clift
Boffin

RealSense camera?

Any hint as to whether the 2nd camera will be a standard camera, or something infrared like used in the recent Intel RealSense camera's?

https://software.intel.com/en-us/realsense/home

0
0

Mellanox wants to prise OEMs loose from Broadcom

Justin Clift

Re: Meanwhile... I'm still waiting

At the consumer level, it still seems to be cheapest to look for second hand Infiniband gear. eg:

http://www.ebay.co.uk/itm/181773723154

Note - I don't have any relationship to that seller. It's just the cheapest MHGH28-XTC that showed up on Ebay when looking now. ;)

0
0

One bit to rule them all? Forget it – old storage types never die

Justin Clift

10m files?

"File systems also allow for lots of increased features around security of the individual files, with the downside being that they're largely useless for storing more than 10m files."

That doesn't sound right at all. There are a *lot* of factors which significantly influence the performance of file access.

10m though just sounds plain wrong. Maybe if they're all in the root directory and you're doing Weird Shit to the filesystem on purpose... that would probably barf on 10m files.

2
0

Makerbot axes 'scores of staff' – 3D printing just doesn't pay the bills

Justin Clift
Thumb Up

Re: Home 3D printing...

That's a well thought out commentary. :)

The FDM printers (like mine)... yeah, useful for some stuff, but they're definitely not where I'd them to be either. The current generation of "slicer" software - which turns physical models into actions for the printer to perform - are very limited as well (eg can't easily create density gradients in a part to adjust the physical characteristics of it in different areas). In part I think it's due to the primitive nature of the printers so far... but also it's just the software needs more time to mature and be adapted to more use-cases.

The non-bureau stereo-lithographic printers available do seem to have the quality/fine-detail aspect sorted... but the (toxic) materials they use really limit the products they can be used for. eg I wouldn't be making something with them that's for long-term skin contact.

0
0
Justin Clift
Happy

F**k them and the horse they rode in on

My knock-off FlashForge Creator Pro is really good. :)

If MakerBot hadn't switched mid-stride to closed-source-only pricks, then I may have bought one of theirs instead.

However, since they've decided to fuck over everyone who helped them get up and running - purely to line their own pockets - fuck them. Hopefully they go bankrupt. :D

18
0

Need speed? Then PCIe it is – server power without the politics

Justin Clift

IB tech...?

"You see, in the HPC world, applications just don't fit into the RAM you can cram into a single node. Many HPC setups are hundreds, if not thousands of nodes lashed together into a single supercomputer, with each node being able to address the memory of each remote node as though it were local.

Our existing networks – for example Ethernet, Infiniband and so on – simply weren't designed for this. Believe it or not, this is not a new problem."

Um, isn't this exactly what Infiniband *was* designed for? Expressly for interfacing CPUs and peripherals in lots of computers together (HPC audience). Back then, it wasn't using PCI-E, and was more intended to interface with things directly.

Intel's purchase of QLogic's IB tech a while back is interesting, as they don't seem to have put the people onto developing new IB versions. Instead they seem to be integrating the IB concepts into other parts of their tech and going in a different direction (Omni-Path). It sort of seems like they'll try to integrate it directly onto Xeon cpu's, and not have the PCI-E bus be in the way (unsure though).

0
0

THOUSANDS of alleged pirates' addresses to be handed to Dallas Buyers Club

Justin Clift

@james 51

"Otherwise you run the risk of someone's WiFi router being hacked and used (unlikely but possible)."

It's not that unlikely. When I used to live in Australia, a friend used to boast about using his neighbours internet (Wifi) for downloading stuff. Mostly to get around bandwidth quotas at the time I think. (it was a while ago)

Here in the UK on unlimited broadband, people with a hacked Wifi router probably wouldn't even notice if their connection was being used in this way. :(

2
0

In-depth: Supermicro's youngest Twin is a real silent ice maiden

Justin Clift

Re: Supermicro

The SuperMicro kit I've used has always been very reliable, and pretty well made.

Be aware that in general 1U systems are _very_ loud though (all brands). If noise is an issue, a 2U system with the same general specs will be much quieter. All generalising, but keep it in mind if needed. :)

0
0
Justin Clift

The Bleeding Edge...

"By now, there's more than a little of my blood inside those nodes."

Something like this might help:

http://www.magidglove.com/Ansell-SafeKnit-72025-Ultralight-LightDuty-Seamless-Gloves-1-720256.aspx

They're made of spectra, so shouldn't be too thick/bulky to be able to feel anything.

1
0

Big Data high priest Stonebraker anointed with Turing Award

Justin Clift

Awesome

PostgreSQL is going strong and growing well too. :)

1
0

Apple boots Windows 7 out of Boot Camp

Justin Clift

@Tim Almond - Re: An odd decision by Apple

You can still download Xcode for OSX 10.6 from Apple.

You don't get it through the Apple store though, you need to grab it from https://developer.apple.com.

Once you're signed in there (you'll need an id), the full download URL is:

http://adcdownload.apple.com/Developer_Tools/xcode_3.2.6_and_ios_sdk_4.3__final/xcode_3.2.6_and_ios_sdk_4.3.dmg

[hmmm, that address isn't showing above correctly. the href in it is fine though]

You can find the Xcode download in the list yourself once on the site, but it's a few pages in. ;)

Oh, and use Safari when you go to the developer.apple.com site. It seems to reliably load the page better, whereas Firefox / Opera / Chrome can be a bit hit and miss. (for me anyway)

0
0

The storage is alive? Flash lives longer than expected – report

Justin Clift

Which manufacturers?

It'd be useful to know who to avoid.

0
0

Air gaps: Happy gas for infosec or a noble but inert idea?

Justin Clift

Re: Timing is everything

Well, if the once-off writing is done on the external "internet connected" side of the air gap, that's a source of new commands for the malware. The reading would then take place on the "disconnected" side of the air gap, and do the passing of those commands to the malware.

Same in reverse too... if the once-off writing is done on the "disconnected" side of the air gap, that's when the exfiltrated data get written to the USB stick, ready to be sent off to the attacker when the USB stick is plugged into the internet connected side.

So, not good.

0
0

LOHAN unleashes 'waiting for the FAA' collector mug

Justin Clift

Hmmm...

Perhaps shipping the kit which backers were promised first, before trying to flog more stuff?

0
0

Fake antivirus scams: It's a $120m business – and alleged ringleaders have just been frozen

Justin Clift

Re: Now let's clean up download sites.

Agreed. These people are scum.

Some friends and I release updates to our (decently popular) Open Source program every 6-8 weeks (up 1/4 million downloads sometimes).

CNET has decided to distribute it (ugh)... using our work and effort to spread their malware/crap.

There needs to be a version of the GNU license that forbids this kind of stuff being done to Open Source Software.

5
0

Scale out sister: Open sorcerer pulls v3 Gluster cluster out of Red Hat

Justin Clift

Looking for testers for GlusterFS 3.6.0 native OSX client bits...

For anyone with some spare time over the next few days, we're (upstream GlusterFS Community) looking for testers for the recent 3.6.0 beta3 release.

This is the first release with native MacOS X FUSE client support. OSX users can access GlusterFS volumes directly now, without needing to use NFS, Samba, etc.

MacOS X Homebrew formula for it:

https://github.com/justinclift/homebrew/blob/glusterfs360/Library/Formula/glusterfs.rb

To test it, setup GlusterFS 3.6.0 beta3 on Linux or BSD, create some volumes, then use the OSX FUSE client to work with files on them. Let us know via the mailing lists if any weirdness happens for you. (in theory, it shouldn't) :)

0
0

GitHub.io killed the distro star: Why are people so bored with the top Linux makers?

Justin Clift

@AC - re Community spirit

"Getting into Linux development is not only technically challenging, but dominated by corporate, salaried developers who are (rightfully) protective of their domains. There's little of the old community spirit there."

If you're interested in the storage side of things, you'd be welcome in the GlusterFS Community. Many of us are salaried developers (paid by Red Hat), but many people aren't, and we're very _not protective_ of our domains. We take a "the more the merrier" approach, and are very newbie friendly. :)

1
0

London commuter hell will soon include 'one card to rule them all'

Justin Clift

So basically a credit/debit card with NFC?

Credit/debit cards with NFC already work on London buses and taxi. Haven't tried trains though.

How is it this new group are inventing anything new/worthwhile? Credit/debit cards already have massive user base, industry acceptance, etc.

6
0

'Behold my creation: Postgres-XL' bellows TransLattice

Justin Clift

Interesting...

Hopefully this goes well, and impartial benchmarks show good results.

1
0

Firefox, is that you? Version 29 looks rather like a certain shiny rival

Justin Clift

Re: yes but...

Yeah. I switched to Opera a few weeks ago after Chrome started inserting ads into my "New Tabs" page. (I'd had a near ad free experience with it until then thanks to Adblock and similar)

0
0

Toshiba opens curtains, reveals air-cushioned 5-terabyte terror

Justin Clift

Re: Instant Erase

Unless you've been able to extract the key from the HDD flash/cpu/etc prior to the "erase". (not impossible by a long shot)

In which case the "erase" is useless, as all of the data is still recoverable.

0
0

Mind-melded rats could herald organic BRAIN-COMPUTERS

Justin Clift
Meh

Profitable...

I'll be more interesting when they can record, translate, and play back the experiences of Subject A for Subject B.

The translation layer could be tricky at first. Would likely need some intermediary (generic) way to represent experiences, which are re-encoded at playback time for each target individual.

Wouldn't be too surprising if this becomes a world of patent hurt. :/

1
0

Uncle Sam buys 20 petaflops BlueGene super

Justin Clift
Heart

Wonder how many solar panels it would take to power this?

Wonder how many solar panels it would take to power this, and how much desert space would be needed?

0
0

Boffins offer plastic printing service

Justin Clift
Joke

Escher...

Go on... someone upload one of those 3D Escher models.... the infinity loop type... :)

0
0

AMD claims 'fastest graphics supercomputer ever'

Justin Clift
Happy

Folding@Home

Sweet. If the unused GPU capacity is put towards something like Folding@Home, they'd almost double the present amount of ATI GPU units in use. (1007 at the time of posting):

http://fah-web.stanford.edu/cgi-bin/main.py?qtype=osstats

0
0
Justin Clift
Happy

Oops...

Oops, read the wrong column at the Folding@Home website. They've already got over 9,000 ATI GPU's in use. (No idea of model though). Oh, and 16,000 NVIDIA ones too. Still, an extra thousand Very High End ones probably wouldn't hurt. :)

0
0

Sun to support AMP plus Linux

Justin Clift
Happy

Re: MySQL

Easy. They each have strong/better points going for them than the competing options, depending upon the environment and workload(s).

Horses for courses kind of thing.

0
0

AMD loses $1.19bn and CEO Ruiz

Justin Clift
Boffin

Intel to buy ATI?

Heh, it would be interesting if Intel made an offer to AMD for ATI.

:)

0
0

Fasthosts brings down Edugeek - and leaves it there

Justin Clift
Happy

Re: who do you suggest?

I've used ThePlanet before, and found them pretty decent:

http://www.theplanet.com

Though they're not perfect (they recently had a fire in a data centre, covered on here), their support was always first rate. i.e. generally clueful about *nix and responsive within a few minutes. (a *real* 24 x 7 operation)

However, last used them in depth over 18 months ago, so it wouldn't hurt to double check. :)

0
0

Foldable sports plane gives Everyman a chance at crashing

Justin Clift
Happy

Needs to fit 2 people, and a docking station...

Docking station (not the PC type) for one of those rocket wing things that was also on here recently. :)

0
0

Battle of the SSD strategies: Sun vs. EMC

Justin Clift
Boffin

It doesn't have to be one vs the other

i.e. Think of a Sun server (with it's local SSD), connecting to an EMC SAN (with it's tiered flash/disk/etc storage).

Provides complimentary speedups at both layers, and should work well. :)

0
0

Verizon sends text messages to the big screen

Justin Clift
Happy

Heh, that's my website. :)

Heh... "Digital Distribution". That's my website (really).

www.digitaldistribution.com

:)

0
0

US bank loses unencrypted data on 4.5m people

Justin Clift
Boffin

@Why are Banks so F'ing stupid, still ?

Because all of the practical encryption options for backup media are *expensive*.

There's:

+ licensing

ie Encryption option for NetBackup isn't cheap

+ implementation

new tape drives [for hw encryption rather than sw encryption]

key management software plus associated new processes/procedures

impact on restoration/recovery times of encrypted data vs unencrypted

+ legal compliance

+ data expiration considerations

+ and DR can become further complicated

Most places seem to get their backup and recovery strategy "working ok", without then going and getting the next step of securing it properly.

Personally, I'd feel a bit safer if the encryption of *sensitive* data on backup media was legally mandatory AND part of the auditing that's done of financial institutions (i.e. by APRA here in Australia)

0
0
Justin Clift
Happy

@ Not really a problem

Me too.

I use an LTO tape library even at home. Just keeps things nice and simple.

0
0

Outback hack suspect denied bail

Justin Clift
Thumb Down

Er.... backups?

Sure, restoration of multiple complex systems is going to be a pain... but what they're describing is as if they have to rebuild the lot.

Would be *really* surprised if that's the case. (not impossible, but unlikely)

0
0

Swiss birdman in Alpine backpack-jetplane stunt flight

Justin Clift
Alert

Heck yeah!

Heh, stuff the motorbike off... this looks fun! :)

Hmmm, wonder if they'll allow them in the Red Bull Air Race at some point?

0
0

Barclays Capital slashes contractor rates by 10%

Justin Clift
Thumb Up

As a professional contractor...

The choice is easy -> Move on.

Quality staff do not have a problem finding well paid work.

If some place can't afford quality staff, that's their own problem.

They need to be careful though, as they'll get to keep the staff they can afford. :)

0
0

Adobe lifts Flash and AIR development restrictions

Justin Clift
Happy

Cool!

Hopefully this means I can add full desktop recording as an flv video stream to my OSS eLearning project (www.salasaga.org). :)

Though, if they're truly going royalty free with this, maybe Adobe should consider using something like theora (www.theora.org) for future video streaming...?

0
0

Utah boffins in terahertz spybeam infra-computing quest

Justin Clift
Alert

Hmmmm.... hidden weaponry?

So, after all the airport security systems have deployed T-Ray based weapon detectors... people (with enough $$$) will be able to buy weapons/items covered with stuff based on this tech and thereby avoid the detection anyway.

0
0

Page:

Forums