Probably just a bunch of penetration testers gone rogue.
84 posts • joined 16 Feb 2013
Probably just a bunch of penetration testers gone rogue.
I'm on Virgin Media, but for years have run a DNS server at home. No DNS forwarders, just go straight to the root servers. You could run that on a Raspberry Pi with very little cost. Haven't had a DNS related snafu hit me in all that time.
Where VMware host a good part of their cloud offering and I had to get an ExpressRoute link to Azure, up and running.
I think they'll be keen to keep a hold of a few of their data centres.
10 Mbps by 2020?
In 2020, 10 Mbps will be equivalent to today's 512 Kbps. Usual load of hot air Cameron's trotting out there.
I worked at a PC World in the mid nineties and this was standard practice. If you nipped out for a ciggy you were searched, but that was obviously in company time. The search at the end of the shift was always in your own time as you were expected to be working right up to the bell. Mind you, customers leaving with trolleys that had PCs or anything looking remotely expensive also had their receipts checked against what was on their trolley.
Then again, hardware crime was in fashion at the time. This was when offices were being burgled for the CPUs and RAM, with the rest of the computer being left behind.
As pointed out by the AC above, I read the article and immediately thought about the "Hail Mary Cloud" approach to cyber-bullying, which then opened up the "but what if..." floodgates of my mind.
Whilst I agree that if something is illegal in the physical world then it should also be illegal in the online world, I can't even begin to imagine how this could actually be imposed and policed, on a global scale, without it being useless due to open interpretation and also represent a serious risk of abuse by corporations and governments.
Something should be done, the shape of how it might look isn't a million miles away, but the practicalities of implementing, administering and effecting these laws isn't even a vapour right now, let alone something tangibly solid.
Stunning visuals and well chosen soundtrack.
Worst Dad-pun ever! Have an up vote.
I know, that trunking is a bit off, isn't it?
Well played DrewC.
I wish I could upvote your response more.
Whilst I don't necessarily agree with you, the concise, blunt response, first in the queue of real commentards, just made me crack up. Thank you Mr Hartley. :-D
I'm not all that struck on the top nav menu and all that blurts over the page from it, but to be honest, I think I quite like the new layout. It feels quite natural to use for me. I only ever use it on desktop and iPad, which I haven't tried it on as yet, but I will do. I'm not sure how that menu will feel on a tablet. hmm
To be fair though, I have rarely forayed into the nav menu in all the years that I have been reading here. I usually just skim the main page for articles of interest, poke around the comments and I'm off again. Sadly that's a few times each day, on average. So really, for me, it's the main content area of the page that gets my attention, nothing much around the edges. Apart from being really "appealed to" by the always relevant advertising on this site. ;) In fact, it's the only site throughout the entire web that actively makes me just spunk money galore as a direct result of advertising. *
* Just doing my bit to help. Feel free to use it as a testimonial of sorts when talking with your advertising peeps. :-D
Am I the only person to have ripped the outro to an mp3?
I use GA to provide TFA on SSH connections into my home LAN from the dirty internets. I've allowed for a pad of a strong mix of characters, unlimited really but currently using 10 characters.
Fairly simple to script up and combined with enforced key authentication and some adaptive firewall rules, has kept out a hell of a lot of attempts. It's attracted a few Hail Mary Clouds the most recent of which lasted 24 hours and saw over 400 unique IPs from 50+ countries added to the block table. This is my home VM broadband connection!
TFA is a good extra authentication step, but I wouldn't entirely entrust it to any given entity ie Google, hence the custom pad.
After praising VM to colleagues on Monday, on grounds of stability and reliability, I have lost two and a half days of service over two incidents. 4 hours on Tuesday and then a full 2 solid days from Thursday lunchtime. I was working from home on Thursday, so yes, it really was very inconvenient.
They were able to get the SuperHubs synching after about 9 hours, but with consistent 20-30% packet loss from then until the problem was officially fixed around late Saturday morning, I wouldn't say they could call it usable or fit for purpose, during that time.
Almost feels like an exercise in managing ongoing customer expectations. Please don't do this to VirginMedia customers,VM and Vodafone! My VM broadband service is one of the few things in life that I am happy to pay for and feel that I get good value for money.
Apples and oranges there....
You say that Microsoft is good at issuing patches that don't break anything.
Then to slag off Linux, you use a complete dist-upgrade as an example?
You've described two completely different and not at all comparable scenarios.
+1 for pfSense, although I prefer the up-to-date 'native' pf that started in and still comes as standard in OpenBSD. Now that's a cracking OS and packet filter to be protecting yours from them.
From what I can gather, the pf that gets packaged up for FreeBSD, as in pfSense, is always a version or two, maybe three, behind OpenBSD's current.
Get on OpenBSD. The simplicity it offers makes FreeBSD look like a big complicated beast, at least to me anyway.
Same here. On my vSphere HV, behind a hand built OpenBSD firewall / router. It's as "clean" as I can hope to make it.
"concerned that VMware's pride in deeper customer engagements could also mean longer sales cycles and in turn slower growth."
Does this translate to, taking longer than we'd like to scope out customer requirements and integration/installation considerations.
I hope not, as this to me suggests they're actively suggesting rushing sales and projects through to raise the tempo on the "Ker-ching" rhythm.
Focus on sales over service to meet parasitical investors needs. Is that what it means?
I've had to enable ABP for the whole ElReg site now, after "block element" appeared not to work with the site/domain as a whole being exempted. As I don't seem to be the only one finding it ridiculously annoying, I'd imagine that there's some loss of revenue, thanks to one pointless gif being forced onto readers' screens.
Ridiculous gif that I'd expect to see on some teenage forum. Not here. Really disappointing from ElReg.
Thing is, to allow ElReg some advertising income, I exempt the site from ABP.
I've added that ridiculous gif as an individual filter, but it just shows up after a refresh. That's sticking a wildcard on the end to allow for the post "?" parameters.
ABP being switched on for the whole site now. Very disappointed with ElReg on this.
"rowing the Atlantic single-handed"
Wouldn't you just end up going around in circles? ;) /pedantry
I've recently had this one, hence why I'm sceptical about accepting a 50% rise to move from the charity sector to the financial sector.
Life is too short to have artificial aspirations and what really matters to the individual, should always be happiness and contentment.
On an economic slant, surely if the populus is happier, then their wallets might prove to be looser?
Edit: These ToughBook keyboards are a bit crap.
You have to be kidding Aunty, surely?
DAB is a sound idea, really badly implemented and supported. They focused too much on the "added value" like text streams to scroll across the display and nowhere near enough on th ebasics, like signal coverage, stability of reception etc, etc.
I won't be getting any phone that has DAB built in. For a start you can wave bye-bye to your battery life and considering the low actual usage of FM radio on phones, do you really think that DAB is going to be any more popular?
Absolute idiots! However, because the governments PR department, aka the BBC, are backing this, you just know it will be given some artificial traction.
Who is to say that it's not corruption dressed up as incompetence?
I run a couple of WatchBot IP cameras on my home LAN. Despite turning everything off in the settings, that might justify a call out to the outside world, they try it over and over.
However, mine are well marshalled behind an OpenBSD pf firewall, with an nginx instance providing reverse proxy.
I've a whole bunch of rules in place to allow me access to the devices from the outside world, as well as stopping the things from calling out / home, of their own volition.
I'm certainly keen to put together some kit (motors, IR leds, camera, microphone etc) on a Raspberry Pi, or two, to allow me to recreate the full functionality of the WatchBots, but on a platform that I have proper control over.
It's a shame, as the WatchBots are decent, well featured little units, but all of the calling out to the internet gives me a natural distrust of them.
I've been running an ownCloud7 instance from home, for a month or so now. I have it running in a VM on my home hypervisor. It takes very little resources and I've yet to have a problem with it. It is geared up for home users, an example being that it'll create you a self-signed SSL certificate and then whilst it will warn you, when you go to synch a client to it, it offers a straight forward option to accept the self signed cert.
I'm considering implementing it for the charity that I work for, which was the main reason that I created my home instance as a test. However, I'm that impressed with it, that I'll be keeping mine going and just stop using dropbox as a matter of course. I'll likely only keep dropbox around to be able to share with others who only use dropbox.
I have heard of WiFi and where ever possible, I avoid it like the plague. If it isn't a ball-ache to run a cable, then that's always my preferred choice.
I've three Pi - Model B units. One is the original 256MB model, the other two have 512MB.
They're nice little devices to have on the LAN for playing about with, but just need that little bit extra to make it really useful. I appreciate that they are intended to be educational devices and to that end, they're excellent and offer excellent value for money.
My next buy will be a Banana Pi, for its slightly faster CPU, double the RAM, gigabit ethernet and on-board SATA. Much better bang for buck, making the Banana Pi a lot more useful, for the extra 60-70% in cost.
However, it's the Minnowboard Max, dual core / 2GB that I'm waiting for. That's a real low voltage SBC with all the versatility of a larger, more power-hungry unit.
I've got a slightly ridiculous home LAN / lab, using 30-odd internal IP addresses, including physical devices and a load of virtual hosts on a dedicated vSphere hypervisor. Don't want the 100Mbit ethernet Pi's taking up more switch ports, it's the Banana Pi and Minnowboard Max units that will be getting added to it from here on in.
Although I've been a Linux user for about 12 years now, I didn't realise it was 'born' read release announcement on August 25th.
I thought sharing a birthday with Sean Connery was kind of cool, but to also share it with Tux is an honour! :-)
All this story needed was some involvement by Marissa Mayer and I'd have closed the curtains and "worked" from home today.
Deep, in this thread, the cynicism is.
You have won my heart, commentards.
Yours forever more.
Does anybody expect any of this tripe to be believed? Trust is not something that can be turned on and off easily. What they say is never what they actually do, in these cases.
I already stipulate that we do not embark on agreements with any service providers who are based in the USA or have any of their hardware, that we make use of, based there. I am also phasing out any existing providers who do not fit the bill.
However, we're really no better over here in the UK, to be fair.
I despair of the human race at times, I really do.
Trevor, as always you talk a lot of sense that very few want to hear. Keep up the great work that you do in trying to open people's eyes so that they can see beyond the shiny-shiny.
Just what Firefox needs, more unnecessary bloat that only a minority of end users will actually use. This is more akin to the Microsoft way, where a word processor is used to render HTML based emails.
THIS is why I use Unix and Linux wherever possible, because it is based around tool-chains and applications with a specific remit, which they do well.
This is not a veiled swipe at Microsoft, just a rant at the majority of the popular, mainstream software industry, where everything seems to have to be all singing, all dancing.
Remember KISS? Keep It Simple Stupid!
You have to enjoy what you do. No point of trying to make coders out of those who don't enjoy it.
However, to paraphrase a clip from my son's favourite film, Ratatouille, not everybody can be a great coder to, but a great coder could be found in anybody.
On that basis, programming should be taught in schools at an early age. Thos who have a talent or interest can be nurtured, the others can go do sport, woodworking, home economics or whatever they do have a talent for or interest in.
I get my ranges from a few web resources and drop them in as tables.
As well as China, I also block Ukraine, Russia, Latvia, North Korea & Vietnam. Seeing any patterns here?
Apart from the occasional oddity, which I set an early rule for, I don't find myself missing out on a single thing and I'm seeing totals on par with yours.
Wow! That is a mighty, mighty thing for China to be saying. However, it does warrant a closer look to see if Windows 8 is forcing the storage of the private data mentioned on US based servers outside of any safe harbour agreements. This could have really serious implications obviously, if there is a grain of truth to that.
That said, there is a lot of hypocrisy in this, as China are the biggest source of attempts to get into my home network. It's got so bad I've had to block access to and from the whole country at the firewall. Statistically we'll always see that though, given the size of their population.
I can roll with that. Makes perfect sense to me and it's good to know that Mars has a quantifiable population of sluts. Billy Shatner is our only hope!
It is always sad to see somebody lose, or feel forced to resign from, their job.
I wish her well for the future.
Doesn't she look a bit like Jen from the IT Crowd.
I wonder if she can do the voice?
It would be nice to see her back in gainful employment soon.
If she can do the voice and doesn't mind a bit of role-play, maybe involving some 'dressing up', then I have a position that she might want to consider taking up..... ;-)
Have an upvote.
Personally, I like Google a lot. I use their search and gmail products mostly, but also put the charity I work for onto Google's Grants, now Google for non profits, scheme to get free google adwords ads. Yeah, I'd imagine Google get a lovely tax break for this, but it also opens up advertising for us, where we otherwise couldn't afford to. This is one example of a genuinely good thing they do, that their competitors, namely Bing, categorically do not do. I know, I've enquired.
Regarding my gmail use, I own numerous domains of my own, one or two of which I use for 'serious' emails. The gmail account is used for the trivial stuff that has no financial or career ties or anything I would regard as serious. I wouldn't imagine Google can get much of a profile on me from what passes through that account and if they can, then good luck to them and it makes even bigger suckers of those willing to pay for that information for marketing purposes.
Yeah, they're frighteningly huge and minted now and have the potential to have grave effects on society, mainly in the online / digital arena, but maybe naively, I don't see that happening in mine or my children's lifetimes. Not from Google, at least.
Am I missing something big here? Why do so many have such a dark and grave view of the chocolate factory? I'm really rather keen on them and feel we have a lot to thank the company for. I genuinely feel it would be a poorer world if Google had never been conceived, if not for what they have given us themselves, but for the innovation and competition that they have created, directly and indirectly.
I would love to hear why my view on them is so wrong, if that be the case.
... of shoes.
Can you point me in the direction of anything that shows OpenBSD being the base for Citrix NetScaler? I've built firewalls/routers/web-filters/gateways using OpenBSD for several years now, it being the very best tool for the job, in my opinion.
I'd be very interested to read about it being used in such high end kit. I believe Checkpoint's Firewall 1 was built on an OpenBSD base, also.
OpenBSD intentionally doesn't play well on a virtual platform, mainly for security reasons. It's the same in reverse, OpenBSD makes a terrible host for VMs.
Get OpenBSD on bare metal, configure it right and you've got one hell of a secure, stable server. A lot of that security is thanks to its comparably simplified architecture. Putting it into a virtual environment where it doesn't have direct control of physical hardware is maybe seen as just the top of a long, very slippery downward slope away from the project's fundamental principles.
So they make, what at least I see as, significant progress towards making electric vehicles really viable and you respond with a yawn?
There really is no pleasing some people.
In order of the number and severity of probes and attacks that I see on my home firewall, I have blocked the following countries by IP ranges.
Okay it's not an exact science but it has decreased the number of IP addresses appearing in my adaptive bruteforce block tables by 90-odd percent.
So, I have little sympathy for the "citizens" of these countries.
The other frequenters of the aformentioned bruteforce block tables are generally Amazon AWS instances. AWS lets any dodgy so-and-so rent compute power with bent credit cards, it seems.