1507 posts • joined 14 Jun 2007
"Researchers Rob Ragan and Oscar Salazar have build a free LiteCoin-mining botnet that generates $US1750 a week /using free cloud signup promotions.
The pair will outline the exploit at Black Hat next month, but have blabbed to Wired about how they used automatic tools and processes to spread a currency-mining botnet across some 150 popular free services that each generated about 25 cents a day -- all on the providers' electricity bill."
Um... 150 * 0.25 * 7 != 1750
I didn't downvote you, but I don't agree.
Granted they may have broken contracts, but can't see anything illegal here.
Re: Um, so how does that work then?
Can you read?
1) I never said there wasn't congestion.
2) I never blamed anyone else for the problem.
3) Nothing to do with routing. Unfortunately, capitalism get's in the way of your blinkered utopian view on how the internet works. You can't blindly reroute via every available route - some links are contracted for specific routes only.
An actual real-case example.
I used to work for a large International tech company. We had fast internet connectivity, although it was often unreliable.
At one stage we bought out another company, and as their network already used an IP address range that didn't clash with ours, their network was soon fully absorbed and routable to/from ours.
For the time being at least, they continued to run as a separate company with their own budget and management structure and accounts.
They also had their own internet link, which although wasn't as beefy as ours, was far more reliable.
Technically , our network could be configured to route to the internet via their link (the non-private addresses that didn't need NAT, at least)
Indeed, if our link was down, some of us would bounce our SSH connections through them, but there would have been hell to play if the main connections automatically routed to the internet this way.
As I (and others) have continually repeated in this thread, the issue was that from the evidence given, YOU CAN NOT DEDUCE THAT VERIZON ARE SPECIFICALLY THROTTLING PACKETS FROM NETFLIX.
That is the ONLY thing we've said on the matter, and can''t be said any clearer.
You are therefore either trolling, or incredibly stupid - stupid of the worst kind - the kind who blindly believes they understand something which is actually totally beyond them; the type of person who ends up making monumental cockups because 'they know best'.
Not understanding something is fine - we can't all be experts in every field. What defines the stupid like you is you don't have a clue, but think you do. You then proceed to embarrass yourself with stupid postings - at least, you would be embarrassed if you weren't living in your stupid fantasy ego created world in which there is any merit in your anal dribblings.
Or maybe you *are* beginning to realise, which is why you're posting anonymously. If that is the case, then congratulations! Baby steps etc.
If not, don't worry there kiddo, you'll be perfect for management.
Re: Um, so how does that work then?
No-one is defending Netflix - we're just pointing out that it's *not necessarily* specific throttling. And, it has nothing to do with encrypted packets - just that someone is bouncing via an alternate route.
Re: Probably, but not necessarily ...
Yep!! Good ideas!
Actually, you could probably do it just by testing to somewhere that also peers through the same L3 link, just in case Verizon were allegedly throttling everything to the Netflix addresses.
I'd love a shell account on a Verizon connected host right now!
Re: Probably, but not necessarily ...
Cheers for the downvote.
Your reply says nothing to contradict what I wrote.
Either you have comprehension difficulties, or you just don't understand.
I said nothing to suggest that their link to Level 3 wasn't a problem. I was explaining that the fact he gets faster access via a VPN doesn't necessarily mean Verizon are specifically throttling Netflix packets.
And yes, traceroutes would be relevant to help determine this.
Please come back when you've acquired a clue.
Re: Probably, but not necessarily ...
" The route the traffic takes it not a factor and here is why. It is Verizon that has stated the congestion is not in the Verizon network, but the companies that Netflix uses. If the link that is congested is from Level-3 to Verizon, then the congestion is right at the front door on Verizon itself which is why Level-3 has stated that they are willing to hook a few more cables up. "
No. As I said, not necessarily.
It is established that the main route for Netflix to Verizon is via level3.
They may, however have a link via (say) Hurricane Electric which happens to be the route used by the ISP the VPN runs under.
If this link isn't saturated, and the VPNs ISPs link to Netflix isn't saturated, then he will get the faster speeds as he will no longer be using the Level3 link. (netflix -> vpn -> Hurricane Electric -> Verizon) without it meaning that Verizon is specifically throttling Netflix.
If he names his VPN provider and/or provides traceroutes, it will be clear. If his VPN also goes via the same Level3 route, then, yes, throttling is being intentionally done. If not, we simply can't be sure based on the evidence so far provided.
Probably, but not necessarily ...
Not defending Verizon, who should not be dragging their feet over this issue, but this VPN situation could occur 'accidentally' if the guys VPN goes via another route not usually congested with Netflix traffic.
Just checked his blog. He basically said this himself:
My hypothesis here was that by connecting to a VPN, my traffic might end up getting routed through uncongested tubes. Basically, if Verizon is not upgrading the tubes that go to Netflix, maybe I can connect to a different location (via VPN) first where Verizon will have good performance and there will be no congestion between location 2 and and Netflix.
.... but then later seems to forget that this could be incidental rather than intentional throttling.
Re: Polar Bear
" I think we need to get some elephants out on the ice in a seal sniffing competition with a couple of Polar Bears."
Polar bears? Not to be sniffed at!
Re: Browser Wars
You may be joking, but 'w3m' works great for 'El Reg' - especially for long comments as you can use 'vi' or any other editor of choice.
If anyone knows a way to spawn vi under android browsers (I have a terminal emulator, I have 'vi') let me know and you can have my babies!
" Hence, I'm going LINUX... already started migrating. PS4 will be my gaming system and Linux to do desktop work."
If you're going Linux, you'll have to change your gaming system to SteamOS, as PS4 is FreeBSD based.
(Icon is closest we have to the FreeBSD icon... I think I'll start a repurposing campaign!)
People just don't have the sort of important stuff on their phones that they might on their PC (at least, not without backups)
Even some of the most careless users will tend to have uploaded their photos to their PC's for viewing on a larger screen, or have auto backups via Google etc.
Generally people assume their phone is a lot less safe than their computer (theft, loss, damage etc.)
I'm not saying that there aren't many out there that are vulnerable, but compared to PC users, it will be considerably less, and who'd pay $300 for a few photos taken over the last few months?
Indeed, the short replacement cycle for phones adds to this - people won't have important archives on their phones that go back years...
Re: training? you were lucky....
" youve been fortunate to get any kind of training. 20 years I've been at this and it seems that the 3 employers in that time consider training as something that will make me get a better job elsewhere."
Ouch. I've worked with people who expect to be sent on training courses, and whinge if they haven't : "I can't do that problem. I haven't been on the course."
They didn't last long.
" "The reason I make fun of MCSEs is that they can't format a floppy disk in order to update the BIOS" bloody hell, thats a tall order!
I once bumped into one that asked me how to map a network drive from the command line."
I totally agree with both of you.
I never considered myself a Windows expert, just 'someone that knows a bit', but the number of times I've ended up fixing something the self proclaimed gurus (with MCSE qualification) couldn't it's beyond funny.
To most, after a cursory look around, their conclusion of 'you have to reinstall the OS' is a valid solution!
Some have even said there is no way to recover anything because it won't boot (though obviously if it's just the OS that is buggered there is nothing stopping you retrieving user files with a rescue disk / dual boot etc.)
But even that aside, on many occasions that their proposed solution has been 'have to reinstall', I've managed to locate a corrupted boot config etc., fix/restore it, and get the system running again without any loss, after which I start preaching about backing up important files!
It's little wonder MS installs are often insecure - the cowboys give the decent MS gurus a bad name.
On another note, how is it fair to make a qualification harder without changing it's name? Are people with the harder qualification going to be known as MSCE++ (or, as it's MS, MSCE# !)
Re: Don't blame Blair ...
" There was a time when we accepted that the IRA would exploit the benefits of living in a free society to perpetrate acts of terror. We didn't think that the answer was to stop living in a free society. Today ..."
Re: When did Britain lose its way?
" Lets go back a sec and look. The majority of terrorism that we've encountered in the UK was due to The Troubles, and the government response to that was.... to give military intelligence to the "good" Protestant terrorists so they could go kill the "bad" Catholic terrorists (and deal drugs and run criminal enterprises)."
I'm not disputing that at all, but the public weren't whipped up into a frenzy - in fact, it was the 'British Way' not to be intimidated. The only restriction I can recall was the BT (post office tower) being closed to the public unless using the restaurant, and my Irish friends often being treated as terrorists, (especially at airports) but that's another story..
When did Britain lose its way?
The terrorist hysteria was more expected in America, as it was generally a new phenomenon.
Here in Britland, we've had to deal with proper terrorism for years, and everyone has dealt with it with rational perspective.
Back then we were tough and dealt with things - we didn't have the Matt Bryant / Daily Mail paranoia that we have now.
I know it's due to governments wanting to keep us scared to make us easier to manipulate but still... If those who survived the Blitz were aware of things now, they'd be turning in their graves.
Re: The definition of terrorism is too broad
But you're a potential terrorist too!
Direct Messaging failure reasons
Don't they realise their users are in the wrong demographic?
A typical twitter user is a narcissistic attention whore who thinks their anal dribblings are worthy of attention. They'd sooner' direct message' in public if it meant their list of stalkers went up.
Re: Bang bang!
" "Europeans have no guns" is only true if "Europeans" are English, Welsh or Scottish."
Not even then.
Plenty of British civilians legally own firearms
" Europeans have no guns, but our children go around pointing their finger and saying “bang, bang” all the time."
We did that back in my day too. Cowboy films are hardly a new phenomena
What am I missing here? From the linked 'Treehouse' site, 'responsive design' seems to be basically how HTML has always worked (except during the dark periods when idiots designed everything with fixed with tables, 1X1 spacing gifs, and the inevitable footer 'Best viewed in Internet Explorer at 800x600 resolution")
The site goes on to say:
What is responsive design?
Let’s just get right into it: Believe it or not, the Treehouse blog that you’re reading this article on is actually a responsive design! To see it in action, open this article on a desktop browser and slowly make the browser thinner and wider. You should see the layout magically adjust itself to more comfortably fit the new width of the browser, even if you make the page as skinny as the resolution
Apart from the image rescaling (which anyway could often be achieved by [admittedly a bit of a hack] using a %age dimension) what is new here?
http://blog.teamtreehouse.com/beginners-guide-to-responsive-web-design - A site that is full of pingback comment spam, and incidentally does not 'magically adjust' as they claim on my tablet.
" nearly 12 hours since Auntie updated its users about the outage."
I was going to post a rant about 'First World Problems' etc. , but at the last moment, realised you'd written 'outage' not 'outrage'
Just as well, I'd noticed. It would have been embarrassing if I'd revealed my poor comprehension skills!
Re: Poor Bug Fixing
What is the 2nd law?
Is that the one that says all complex programs evolve to the point where they can read mail?
Re: Of Google software and battery drain
I find that Googles own Android apps are the worst offenders.
Only today I had to kill G+ because it was sucking CPU and I/O. Maps was also running - I've used neither in months.
Android is my tablet OS of choice, but I'd be pretty pissed off at it if I didn't have the ability to keep it under control.
Re: Tired admin
I was once followed for about 2 weeks by someone who downvoted all my posts, however innocent they were.
And 'Matt Bryant' seems to have had a few downvoting groupies for quite some time!
As for this case, well, it wasn't me, but maybe someone didn't like your implied assumption they'd be running Ubuntu? Or that your post dealt with OS related stuff, (thus implying - *gasp* - that Linux has some issues, whilst clearly this is a dumb app/admin issue)
" Maybe after this the penguin lovers will stop looking so bloody smug with their "my OS is virus-proof" arguments."
Obvious troll etc.
But just in case, unlike you, I assume the penguin lovers know the difference between the OS and its applications - the latter which may have bugs or be configured incorrectly.
Here's a clue: This malware needs to be downloaded to a server and be executed. We aren't talking about fooling the OS into running it - no, it has to be run by a user (I.e. a process which could be a dæmon - not necessarily a human user)
I'm sure that if a user executed 'del/s \*.*' in a dos prompt on a windows machine, not even the most fanatical Linux fanboi would blame windows for those files being deleted.
The real issue
The real issue here is the stupid applications that have bugs that allow arbitrary files to be uploaded and executed in the first place - and morons who type 'chmod 777' on files/directories that they install.
Furthermore, attacks like these can be mitigated with common sense by *using* standard features of a Unix operating system:
- NEVER have a dæmon run under the same user as that which owns the code files.
- Don't enable cron facilities for a dæmon that doesn't need them (or again, run cronjobs via a different user than the one the dæmon runs as)
- Never blindly run 'chmod 777' on anything [ this particular piece of malware attempts to write to the file /etc/rc.local - *anyone* who runs a machine where that would work should be forced to listen to Justin Bieber non-stop for a week ]
- Consider running unaudited dæmons in a jailed subsystem (or at least a chroot) - and if your system supports it, use sandboxing/process-restrictions to disable any functions that will never be legitimately needed)
" So happy to see stereotypes about 'computer geeks' are still going strong. Because generalisations about large groups of people are always correct."
Spoken like a true fat, spotty, nerdy twat in his faded t-shirt that smells like a sweaty pillow!
Re: Fraudulent fishermen
Re: the Greek alternative
Haha, nice catch!
"When is an 'Ε' not an 'E' ? :-)
Microsoft to the rescue!
I presume Microsoft is now going to attempt to take control of AWS now?
After all, they aren't just running DNS services, but the actual malware!
What more evidence does an idiot judge need to hand the keys over to a private company that
thinks it's the World police has no mandate for law enforcement whatsoever?
If that's the case, she should run for Parliament.
I'd vote for her!
You must be fun at parties!
I've entered an El Reg parallel universe ..
I came here to agree with Microsoft, only to find most other commentards do so also!
I remember one place I worked - they insisted the root passwords for the servers were unique, random character, with 4 servers passwords changed a day (with approx 100 servers, each password had a lifespan of more or less 25 days)
If I never needed to get into a server out of hours it was easy - all the support staff had their password sheets in their draw or more likely on their desk.
Not to mention these machines had more holes than Justin Baeber before a firing squad - but no, the PHB were happy because the machines were protected with root passwords such as "Ed3tx6gAUz3Q"
Re: everybody wants a faster Web, but everybody wants to stick with the formats they're using now.
" Running AdblockPlus and NoScript, my web is extremely nice. On the tablet, where such options don't exist - and would really be appreciated - the difference in speed is notable."
I use mitmproxy ( mitmproxy.org ) on my router to let me control the pages my tablet sees.....
I basicslly use it as a server-based 'greasemonkey' - ad block and noscript are doable too.
..... blaming the wrong thing, in their own self-important style.
...reminds me of the idiot who recently claimed BTs DNS servers were down, even though it was a routing issue, posting "I KNOW HOW THE INTERNET WORKS."
Yep, if uninformed comment from unimportant people is your thing, then twitter is for you! (Yes, yes, or all my El Reg posts.... I preempted that one!)
Re: clueless script, excessive CGI, teen nonsense, banal humour, you know the sort
Yep, if the market wasn't there, they wouldn't be made..
No idea why you got all the downvotes...
Re: BBC and YouTube without Flash?
" Whilst I agree with you about get_iplayer the poster was asking about BBC news videos, presumably from their web-pages.Those are flash."
Ah yes, sorry, I misread the post.
But when he said 'view video on YouTube and BBC news', just in case he meant :
(view video on YouTube), and BBC news
view (video on YouTube and BBC news)
(ahhhh, the ambiguous wonders or the English language!) get_iplayer can be used to view or record the live channels too.
Re: BBC and YouTube without Flash?
To legitimately access BBC iplayer without flash, google 'get_iplayer'
To legitimately access it when it appears you are not in the UK when really you are, (e.g. the multinational you work for peers outside the UK) a cheap UK proxy/vpn (or even set one up on your home machine) would work fine, because the actual raw rtmp streams are not regionally restricted, so can be accessed directly (courtesy of your local akamai or limelight CDN) once you know the stream rtmp url. (But why such content can be accessed in California [just tried it and it worked - rtmp server 1ms ping from my server there] is anybodys guess, though I assume it's cache on request at least)
Re: PC's down the swanee?
"Well, to prove I pissed in the toilet and not the garden, I took my oother half into the bathroom, showed her the toilet, and said: 'There's the pee, see?'"
/gets coat too - see you at the taxi rank!
PC's down the swanee?
"Thought PCs were in the toilet?"
Shouldn't that be 'PC sales'?
Re: Nothing wrong with Macs
" Plus, I am a real BSD bigot when it comes to my opinion of Linux."
Me too, but I'm not as wise as you - very sensible to post that sort of comment anonymously around these here parts!
Re: Not everyone works in an office
Um....As he said: " no touching the screen (keyboards are a necessary evil that are cheap enough to be replaced).."
Re: Too Much Clickbait
@Stuart.... ah, sorry, I didn't see that one.
@Chris, the Outbrain headlines seem to be behaving themselves at the moment too!
Re: Seems she sued them back in 2012 for a million dollars...
Thanks for the reply.
However, I thought this case involved suing both TOR and pinkmeth?
Re: Analogy defect!
Errr, what? So you're saying that TOR was designed to allow people to post naked pics of others anonymously?
Besides, crappy car analogies are a requirement on techie forums!
errrm, when you posted that, there were only 2 other commentards apart from you, and neither of us advocated any such thing
Re: "If you want to listen to great-sounding music"
But unless you have teenagers, the queue for the bathroom is usually longer at a live show!
"You can make a diode out of a piece of coal and a wire."
I'm sure the 'hipster wearable brigade' will find that bit of information most useful!
- Vid Antarctic ice THICKER than first feared – penguin-bot boffins
- Antique Code Show World of Warcraft then and now: From Orcs and Humans to Warlords of Draenor
- iPhone sales set to PLUMMET: Bleak times ahead for Apple
- Regin: The super-spyware the security industry has been silent about
- New Snapchat Snapcash service inspires amateur PORN STARS