Posts by Voland's right hand

It's at rest - it will annoy the hell out of anyone trying to riffle through the web cache on your machine to see what did you browse. Police, Best Buy's bounty hunters, etc.

Re: Not only missing 2FA

But does this mean it's one rule for us, and a different one for them?

I thought Animal Farm is part of the national curriculum.

Remember? All Animals are equal, but some are more equal than others.

Re: If it did not have 2FA or certs it was asking to be hacked

"determined and sustained" search for "weak passwords" sounds like a bog-standard brute force to me.

It sounds like "a day in the strife" for me - there is a constant trickle of brute force attempts in my logs. The current fashion is to try SMTP auth for that.

Re: ugh

I have a laptop given to me by IT sitting in the corner. As anything handed out by corporate IT it is an Intel. To be more exact Hell with Skylake. I do not recall a "hyperthreading off" toggle in the BIOS though...

I had to put it on extended leave because it was showing some seriously weird behavior with Java coredumping. I suspect it is the same bug. Based on its behavior I would say - every couple of hours under heavy load.

You never know whom to blame for what. Virgin is an investor in this thing.

Re: " both sides must mutually agree and abide by the rules of engagement, "

Good luck with that.

Indeed. On BOTH sides.

Re: instead, they upload malicious code from a USB stick

This is precisely why I refuse to program in "Home" on any of my GPS devices.

I do not enter it either. The miscreants can still get to within 3 houses of yours if they open the route logbook. All it takes for them to determine which one is yours after that is 5 minutes of pretending to be evangelicals.

Re: In effect "traffic analysis" applied at the bus level.

Basically you need to keep a constant(ish) power level in the system

Not even that - your power level should not correlate with the encryption task. That will actually be the case if the system is doing enough other things. Makes up for an interesting argument against dedicated hardware.

Also, I've seen what seemed to be implausible bargains on Amazon

There is both that and putting ridiculous prices on items like 1200 grand for a bag of bolts. Both are done specifically to skew other people's pricing algos and amazon pricing assistance tools (there is a nice cottage industry brewing which helps your determine and alter pricing based on what other people are selling their goods for).

Theoretically - you can complain to Amazon about it. Practically - it is a wild East (not even West) environment.

Re: Who watches the watchers?

How do you know what they have been up to,

I know more than I would have preferred to know. I have multiple granduncles who have worked for one of the "firms" and I know about some of their older "handywork" which is now past its classification "window" (lots of it is still not published, it officially does not exist, just no criminal penalty if you happen to know about it without having the relevant clearance).

As far as the morals of the staff employed by the CIA, GRU, MI6, Mossad, etc, you get both sides of the coin. People who do it for their country and people who you would rather not meet in a dark alley. Both of them have little respect for the law as their job is to break the law to get the work done.

It is the job of the political control of the agency and whoever gives orders to ensure that the subject of their interests is the enemy and not their own population. Unfortunately, the 20th and the 21st century (so far) are a litany of failures as far as that is concerned. Pretty much all governments have taken a leaf out of the Stalin and Hitler's book and have deployed the secret services (along with their long list of dirty methods) against internal targets.

Re: What do Netflix staff do that requires all these not-brilliant stars?

Scaling while staying with a well defined metrics envelope for jitter, latency, etc.

It is quite tough actually. In fact, extremely tough. If it was not that tough everyone and their dog would be able to run a video service.

Re: Rule #2

Rule #2

That is rule #0 - it goes before any other rules.

Re: Some rough edges

but I upgraded several server systems already in under 20 minutes each.

dpkg-query -l | wc -l

Development + office + day-to-day use desktop : 4338

Web, VPN + Mail Hosted Server with a fully blown catalyst env and a gazillion perl modules dragged in by foswiki dependencies: 858.

Single purpose server: < 400

There is nothing "wrong" to what I am doing, just a server is an easy upgrade. Very easy. Piece of cake compared to a desktop you develop on. 2.5-3h to upgrade that is actually not a very bad score.

just plain opening your mouth

Yes. Have a look at the history of convictions for sedition.

Re: That's not hot. This is hot.

his is a temperate climate we're talking about, 29C is hot.

No it is not. Temperate can be continental temperate like Hungary, Romania, Russia or Bulgaria (depending on the year - it is straddling the border between temperate and subtropical). 40C+ is quite common. The saving grace is that humidity is usually < 50%.

It can also be coastal temperate like the British isles or Belgium where 29C is a big deal. It actually is as it comes with 70%+ humidity.

The difference humidity makes is two-fold. First it is easier to tolerate heat during the day if it is lower.

Second, low humidity equates to significant radiation cooling at night so you can sleep. Even if it was 35C a few hours ago, it happily drops to 18C by 10pm making it quite tolerable (especially out in the countryside). That does not happen during a heatwave in places like Belgium or UK. It stays at 24C at night and is throughly disgusting.

Re: Unintended consequences

Indeed. Frankly, the "we promote https" crusade for plain old content by the ones like Google is mostly about ad revenue preservation and prevention of injecting/removing ads. Privacy? Security? Who cares.

In any case, IMHO both the parliamentarians and the Eu ministers are in the wrong here. The issue is very plain, simple and it has been known for nearly a century - long before the days of the internet. It is called legal intercept.

If you are running a revenue generating communications service, you have to provide legal intercept facilities. So the law says in pretty much all countries. What has been happening is that Internet companies have been skipping on this in the USA for a while by using an old SCOTUS decision that they are running information services, not communication services. That is bollocks. It is used to communicate. They have also transplanted the same services worldwide (and other copied the designs from them).

Legal intercept != mass surveillance. It is used (in most countries) via a court order which in some places (Germany, Swiss) is actually hellishly difficult to obtain. It is used on an individual basis and does not cost in for the police to use en-masse, because it is CHARGED for by the provider. It costs money.

IMHO, the fight against legal intercept as a service component is both stupid and wrong. It is a legitimate ask and if it is not provided and backed up by appropriate legal constraints we will get encryption backdoors and mass surveillance instead.

Re: To Constitute or not to Constitute...

Yes, normally in a field.

Not always, sometimes it was against a bullet pock-marked wall painted in institutional green.

Re: "Because you can"

The issue US has with paper voting systems is direct democracy prevalent in several states - f.e. California. They sometimes end up with 20 + items to vote for on election day.

Adding "yet another proposition" to a paper ballot is not cheap.

Re: What about spaces *and* tabs?

The result of this style is Dog's breakfast in the SCCM and patches fail half of the time.

This is why it is prohibited by every project I can think of.

Do not think so.

If it is "via access to device" that is only on individual subjects and most likely authorized by court order or an equivalent procedure as required by the local legal intercept laws. This is not breaking encryption in general and mass surveillance. So it does not do anything to Internet banking, etc.

It is what it is: mandate phone vendors to support legal intercept. It also makes technical sense - the phones now are so smart that they are a component of the network in itself. If implemented correctly it can be locked down so it can be accessed only via the carrier device provisioning system.

It is also fairly easy to circumvent - just get a foreign phone and enjoy the abolishment of roaming fees in the Eu.

Re: Impact will be on expensive phones

Canadian telcos will find it increasingly difficult to subsidize expensive phones, since the phone

might just up and disappear.

That is exactly what contracts are for.

Re: There are fundamental technical reasons for it

Your problem no.2 has been solved

Correct. However, when you listen to the high priests of v6 preaching us the goodness of the v6 e2e principle you will never hear the word firewall. It is not part of the holy e2e paradise. The fact that some of them also have high security clearance and consult 3 letter agencies should not surprise you either.

In any case - there is nothing wrong with v6 purely for address depletion purposes if it is obsoleted as it is today, all of the IP address autoconfig crap removed while fixing DHCP so that v6 config can be dished over v4. Some revision of the flow label semantics so they are usable would also be nice but not essential.

The problem is that the v6 fanatics insist that there is nothing wrong with the crazy mix of v6 autoconfig + v6 DHCP as well as crippling the v6/v4 DHCP interop. They perfectly understand that dealing with that is one of the "v6 way or the highway" moments for an organization and they refuse to budge on it to achieve a personal goal - promotion of v6. At everybody's else expense. Obsoleting this aspect and doing an errata on all relevant v6 RFCs is so overdue, we might as well do v7.

Ditto for the v6 aspects and the mandatory v6 support in HNCP and HOMENET (where this thread started).

Re: I think we need to know...

None. At least here... Looking again at the noscript console. DEFINITELY NONE.

Re: Another transformation movement...

But the problem is does paying some far eastern company to put Intel chips in boxes and stick an HP label on the box really count as manufacturing?

Sorta - if:

1. The company designed it

2. Holds copyright on the designs

3. The designs are innovative and not just rearranging the Intel reference design

4. There are specific differentiators which are unique to company

This is valid for any value of company. Contract manufacturing is as old as the industrial age if not older. There is NOTHING wrong with it.

The WRONG becomes when you bring in a cretin with no understanding of engineering (and the differentiators provided by it) freshly from a business school which replaces 1, 2, 3 and 4 with branding sticker on a rebadged reference design and hands off the design to the same company which does contract manufacturing. While this gives you a short term margin and operating income boost it is the best way to "package the demise of your business" in the long term.

HP has been in the WRONG since mid-2000 when it started handing off designing its servers to Asus and the like. There is no easy and short term fix for this and more importantly there is no fix which will please the shareholders as this requires to make the operating parameters significantly worse for anything up to 5 years ahead. The short-termist nature of the USA stock markets will simply not allow a company which has gone the "Branding as a replacement for Engineering" route once to recover back. They will have a set of disassemblers on the board in short order instead.

Re: Bunch of metalheads at Chez Ammabamma

Same here. With slightly different ordering and the addition of Alice Cooper to hold the poll position.